Exploit for Use After Free in Debian Debian_Linux

This is a PoC exploit for CVE-2013-2857, a use-after-free vulnerability in the 3DS browser. The exploit is implemented in JavaScript and uses the UaF3 function to create a use-after-free condition, leading to a crash. The exploit is designed to be used on the 3DS browser, specifically on firmware...

A Rust-based Buer Malware Variant Has Been Spotted in the Wild

Cybersecurity researchers on Monday disclosed a new malspam campaign distributing a fresh variant of a malware loader called "Buer" written in Rust, illustrating how adversaries are constantly honing their malware toolsets to evade analysis. Dubbed "RustyBuer," the malware is propagated via email...

Insecure Usage Of Boot Loader Addresses

Das U-Boot has an insecure usage of addresses in boot loader. The boot loader in Das U-Boot mishandles the use of unit addresses in a FIT...

Arbitrary Code Execution

u-boot is vulnerable to arbitrary ry code execution. The boot loader in Das U-Boot mishandles a modified FIT and allows an attacker to execute arbitrary code on the host OS...

openSUSE: Security Advisory for librsvg (openSUSE-SU-2021:0634-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

net.hasor:cobble-bytebuf (>=4.5.0 <=4.6.1), net.hasor:cobble-dynamic (>=4.4.1 <=4.6.2) +2 more potentially affected by CVE-2021-29425 via net.hasor:cobble-lang (>=4.4.1 <=4.6.2)

net.hasor:cobble-lang MAVEN version =4.4.1, =4.5.0, =4.4.1, =4.4.2, =4.4.1, =4.6.2 Source cves: CVE-2021-29425 Source advisory: OSV:GHSA-GWRP-PVRQ-JMWV...

Exploit for Improper Input Validation in Google Chrome

This is a PoC exploit for CVE-2020-16040, a vulnerability in the WebAssembly WASM module loader. The exploit targets the WASM module loader's ability to load and execute WASM code, which can lead to arbitrary code execution. The exploit is implemented in JavaScript and uses the WebAssembly API to...

GHSA-6757-JP84-GXFX Improper Input Validation in PyYAML

A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the fullload method or with the FullLoader loader. Applications that use the library to process untrusted input may be...

Lazarus APT Hackers are now using BMP images to hide RAT malware

A spear-phishing attack operated by a North Korean threat actor targeting its southern counterpart has been found to conceal its malicious code within a bitmap .BMP image file to drop a remote access trojan RAT capable of stealing sensitive information. Attributing the attack to the Lazarus Group...

SUSE: Security Advisory (SUSE-SU-2016:0473-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for fluidsynth (important)

openSUSE Security Update: Security update for fluidsynth Announcement ID: openSUSE-SU-2021:0570-1 Rating: important References: 1184705 Cross-References: CVE-2021-28421 CVSS scores: CVE-2021-28421 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports...

OPENSUSE-SU-2021:0553-1 Security update for fluidsynth

This update for fluidsynth fixes the following issues: - CVE-2021-28421: Fix use after free vulnerability in file loader boo1184705...

Exploit for Improper Input Validation in Google Chrome

PoC exploit for CVE-2020-16040, an out-of-bounds read vulnerability in the WebAssembly WASM module loader. The exploit targets the WASM module loader's handling of WebAssembly code, specifically the wasmcode array, which is used to load and execute WASM modules. The vulnerability allows an attack...

IcedID Circulates Via Web Forms, Google URLs

Website contact forms and Google URLs are being used to spread the IcedID trojan, according to researchers at Microsoft. Attackers are using “contact us” forms on websites to send emails targeting organizations with trumped-up legal threats, researchers said. The messages consistently mention a...

APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign

Why is the campaign called A41APT? In 2019, we observed an APT campaign targeting multiple industries, including the Japanese manufacturing industry and its overseas operations, that was designed to steal information. We named the campaign A41APT not APT41 which is derived from the host name...

CallObfuscator - Obfuscate Specific Windows Apis With Different APIs

Obfuscate hide the PE imports from static/dynamic analysis tools. Theory This's pretty forward, let's say I've used VirtualProtect and I want to obfuscate it with Sleep, the tool will manipulate the IAT so that the thunk that points to VirtualProtect will point instead to Sleep, now at executing...

PT-2026-3946

Name of the Vulnerable Software and Affected Versions Docling Core versions 2.21.0 through 2.48.3 Description Docling Core, a library for document processing, contains a Remote Code Execution RCE issue related to PyYAML. This issue, identified as CVE-2020-14343, arises when the application uses...

Unspecified Vulnerability in Das U-Boot (CNVD-2021-18393)

Das U-Boot is a boot loader program mainly for embedded systems. The program supports many different computer system architectures such as PPC, ARM, AVR32, MIPS, x86, 68k, Nios and MicroBlaze. A security vulnerability exists in versions prior to Das U-Boot 2021.04-rc2, which stems from the loader...

Unspecified Vulnerability in Das U-Boot (CNVD-2021-18392)

Das U-Boot is a boot loader program mainly for embedded systems. The program supports many different computer system architectures such as PPC, ARM, AVR32, MIPS, x86, 68k, Nios and MicroBlaze. A security vulnerability exists in versions prior to Das U-Boot 2021.04-rc2 that stems from the bootload...

The vulnerability of the rom_copy function in hw/core/loader.c of the QEMU hardware emulation software allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the romcopy function in hw/core/loader.c of the QEMU hardware emulation software is related to the execution of operations within the acceptable data buffer boundaries. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data, compromise i...