pwntools

This is an offensive tool for exploit development and CTF Capture The Flag framework. The tool is called pwntools and is used for exploit development and CTF challenges. It provides a set of tools and libraries for exploiting vulnerabilities and solving CTF challenges. The tool is written in Pyth...

pwn-collection

This repository contains a collection of CTF Capture The Flag challenges with writeups and exploit scripts. The challenges are categorized into three main areas: fmtstr32, heapchunkoverlap64, and pwn300. The fmtstr32 category contains challenges related to format string vulnerabilities, which all...

The vulnerability of the Varrcvr service in the PAN-OS operating system allows a perpetrator to trigger a service failure or execute arbitrary code with root privileges.

The vulnerability of the Varrcvr service in the PAN-OS operating system is related to the use of an uncontrolled format string. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures or execute arbitrary code with root privileges...

NETGEAR R6700 Remote Code Execution Vulnerability

The NETGEAR R6700 is an AC1750 Smart WiFi Router. A remote code execution vulnerability exists in the handling of string table file uploads in the NETGEAR R6700 versions prior to 1.0.4.98. The vulnerability stems from a failure to properly validate user-supplied strings before using them as forma...

NETGEAR R6700 httpd strtblupgrade Format String Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of string table file uploads. The issue results from the la...

The vulnerability of the logd daemon in the PAN-OS operating system allows a perpetrator to execute arbitrary code and increase their privileges.

The vulnerability of logd daemon in the PAN-OS operating system is related to the use of an uncontrolled format string. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely and gain elevated privileges...

FreeBSD : Anydesk -- Multiple Vulnerabilities (4344861a-be0b-11ea-9172-4c72b94353b5)

Anydesk reports : AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-20...

AnyDesk GUI Format String Write Exploit

The AnyDesk GUI is vulnerable to a remotely exploitable format string vulnerability. By sending a specially crafted discovery packet, an attacker can corrupt the frontend process when it loads or refreshes. While the discovery service is always running, the GUI frontend must be started to trigger...

AnyDesk GUI Format String Write

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AnyDesk GUI Format String Write', 'Description' = %q The AnyDesk GUI is vulnerable to a remotely exploitable format string vulnerability. By...

AnyDesk GUI Format String Write

The AnyDesk GUI is vulnerable to a remotely exploitable format string vulnerability. By sending a specially crafted discovery packet, an attacker can corrupt the frontend process when it loads or refreshes. While the discovery service is always running, the GUI frontend must be started to trigger...

AnyDesk Formatting String Error Vulnerability

FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A format string error vulnerability exists in AnyDesk versions prior to 5.5.3 Linux and FreeBSD platforms. A remote attacker could exploit this vulnerability to execute code...

Anydesk -- Multiple Vulnerabilities

Anydesk reports: AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution...

CVE-2020-13160

AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution...

CVE-2020-13160

AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution...

Format string

AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution...

CVE-2020-13160

AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution...

CVE-2020-13160

CVE-2020-13160 – AnyDesk GUI (Linux/FreeBSD) Affected: AnyDesk GUI on Linux and FreeBSD prior to version 5.5.3.Root cause: A format string vulnerability in the GUI/discovery path that can be triggered remotely.Impact: Remote code execution (RCE) with the privileges of the user running the AnyDesk...

CVE-2020-13160

AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution. Recent assessments: zeroSteiner at June 17, 2020 7:54pm UTC reported: The AnyDesk GUI is vulnerable to a remotely exploitable format string vulnerability. By sending a...

Security update for axel (moderate)

openSUSE Security Update: Security update for axel Announcement ID: openSUSE-SU-2020:0778-1 Rating: moderate References: 1172159 Cross-References: CVE-2020-13614 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for axel fixes...

Huawei Data Communication: Two Vulnerabilities of License Module in Some Huawei Products (huawei-sa-20171206-01-license)

There is a uncontrolled format string vulnerability when the license module of some Huawei products output the log information. This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced...