15 matches found
Exploit for Use After Free in Redis
CVE-2025-49844 RediShell AI-made Revshell PoC Untested comple...
EUVD-2025-208413
GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debugrnglists data. A logic flaw in the DWARF parsing path causes readelf to repeatedly print the same warning message without making forward progress, resulting in a...
AZL-79571 CVE-2025-69649 affecting package binutils 2.41-10
GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...
CVE-2025-69652
GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort SIGABRT when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in processdebuginfo, an invalid debuginfop state may propagate into DWARF attribute parsing...
CVE-2025-69649
GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into displayrelocations, resulting in a segmentation fault SIGSEGV and...
📄 CAREL Boss / Boss Mini 1.4.0 Path Traversal
Proof of concept for an older vulnerability in 2023 where CAREL Boss and Boss Mini version 1.4.0 suffer from a path traversal vulnerability. ============================================================================================================================================= | Title : Boss...
libreswan: Regression of CVE-2023-30570 fixes in the Red Hat Enterprise Linux
A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...
SUSE CVE-2021-41990
The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
CVE-2021-44228 checker This is the repository for checking fo...
Business-Dna Solution GmbH TopEase 跨站脚本漏洞
Business-Dna Solution GmbH TopEase is a "Transformational Risk" solution from Business-Dna Solution GmbH, Switzerland. It is used to manage complex projects and initiatives comprehensively, simply, quickly and securely. A code injection vulnerability exists in Business-Dna Solution GmbH TopEase,...
CVE-2020-16938
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on ...
Windows GDI+ Information Disclosure Vulnerability
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus GDI+ handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it...
PT-2020-4253 · Microsoft · Windows Kernelstream +1
Name of the Vulnerable Software and Affected Versions: Windows KernelStream affected versions not specified Description: An information disclosure issue exists due to the Windows KernelStream's improper handling of objects in memory. This could allow an attacker to obtain information that could b...
PT-2019-3027 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: A denial of service issue exists due to improper handling of objects in memory by Windows. An attacker could exploit this by running a specially crafted application on an affected system,...
PT-2019-2998 · Symantec +1 · Symcrypt +1
Name of the Vulnerable Software and Affected Versions: SymCrypt affected versions not specified Description: An information disclosure issue exists in SymCrypt during the OAEP decryption stage, allowing an attacker to obtain information that could be used to further compromise the user's system. ...