Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the bz2.BZ2Decompressor objects. An attacker can cause out-of-bounds writes to a stack buffer by reusing a decompressor object after a decompression error and providing crafted input. This can result in...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability, which stems from the reuse of objects released by InterestGroups...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability that stems from the reuse of objects after their release...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability that stems from the reuse of objects after their release...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a security vulnerability that stems from the reuse of objects after their release...

Apple多款产品 安全漏洞

Apple iOS and other products are owned by the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple tvOS is an operating system for smart TVs. Apple watchOS is an operating system for smart watches. Several Apple products have security vulnerabilities; these...

PowerDNS DNSdist 安全漏洞

PowerDNS DNSdist is a proxy software provided by PowerDNS, which offers capabilities for DNS traffic load balancing and security protection. PowerDNS DNSdist has a security vulnerability that stems from the use of the DNSQuestion:getEDNSOptions method, where objects are reclaimed and reused,...

Apple多款产品 安全漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

EUVD-2014-9657

Malware in sbrugna...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the reuse of a working object after its release...

USN-7562-1 tomcat vulnerabilities

It was discovered that Tomcat did not include the secure attribute for session cookies when using the RemoteIpFilter with requests from a reverse proxy. An attacker could possibly use this issue to leak sensitive information. This issue was fixed for tomcat8 on Ubuntu 18.04 LTS and for tomcat9 on...

Security Bulletin: Vulnerabilities in Apache Tomcat affect watsonx.data

Summary Apache Tomcat is vulnerable to an unchecked error condition attack and to incorrect object re-cycling and re-use attack. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2024-52316 DESCRIPTION: Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured...

Foxit PDF Reader 安全漏洞

Foxit PDF Reader is a PDF reader from the Chinese company Foxit. A security vulnerability exists in Foxit PDF Reader, which originates from a remote code execution vulnerability in the AcroForm Doc object reuse after release...

Linux kernel 资源管理错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a denial of service vulnerability that can be exploited by an attacker to cause mdev-addrs object to be reused and denied service after release...

CVE-2023-26495

An issue was discovered in Open Design Alliance Drawings SDK before 2024.1. A crafted DWG file can force the SDK to reuse an object that has been freed. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code...

SUSE CVE-2014-9852

distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors...

io_uring Same Type Object Reuse Priv Esc

This module exploits a bug in iouring leading to an additional putcred that can be exploited to hijack credentials of other processes. We spawn SUID programs to get the free'd cred object reallocated by a privileged process and abuse them to create a SUID root binary ourselves that'll pop a shell...

io_uring Same Type Object Reuse Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'iouring Same Type Object Reuse Priv Esc', 'Description' = %q This module exploits a bug in iouring leading to an additional putcred that can be...

vmwgfx Driver File Descriptor Handling Privilege Escalation Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'vmwgfx Driver File Descriptor Handling Priv Esc', 'Description' = %q If the vmwgfx driver fails to copy the 'fencerep' object to userland, it tri...