WebRTC - VP9 Missing Frame Processing Out-of-Bounds Memory Access

WebRTC - VP9 Missing Frame Processing Out-of-Bounds Memory Access There is a missing check in VP9 frame processing that could lead to memory corruption. In the file videocoding/rtpframereferencefinder.cc, the function RtpFrameReferenceFinder::MissingRequiredFrameVp9 contains the following code:...

Inteno IOPSYS 2.0 - 4.2.0 p910nd - Remote Command Execution Exploit

Exploit for hardware platform in category remote exploits ''' Any authenticated user can modify the configuration for it in a way which allows them to read and append to any file as root. This leads to information disclosure and remote code execution. This vulnerability has been assigned the CVE...

Inteno IOPSYS 2.0 - 4.2.0 p910nd Remote Command Execution

''' Any authenticated user can modify the configuration for it in a way which allows them to read and append to any file as root. This leads to information disclosure and remote code execution. This vulnerability has been assigned the CVE ID: CVE-2018-10123. This PoC requires Python 3.6 and a...

Inteno IOPSYS 2.0 4.2.0 - p910nd Remote Command Execution

Inteno IOPSYS 2.0 4.2.0 - p910nd Remote Command Execution ''' Any authenticated user can modify the configuration for it in a way which allows them to read and append to any file as root. This leads to information disclosure and remote code execution. This vulnerability has been assigned the CVE...

Inteno IOPSYS 2.0 < 4.2.0 - 'p910nd' Remote Command Execution

''' Any authenticated user can modify the configuration for it in a way which allows them to read and append to any file as root. This leads to information disclosure and remote code execution. This vulnerability has been assigned the CVE ID: CVE-2018-10123. This PoC requires Python 3.6 and a...

Popular Pentesting Scanner: v3n0m

v3n0m is a free and open source scanner. Evolved from baltazar’s scanner, it has adapted several new features that improve functionality and usability. It is mostly experimental software. This program is for finding and executing various vulnerabilities. It scavenges the web using dorks and...

AWSBucketDump - Security Tool to Look For Interesting Files in S3 Buckets

AWSBucketDump is a tool to quickly enumerate AWS S3 buckets to look for loot. It's similar to a subdomain bruteforcer but is made specifically for S3 buckets and also has some extra features that allow you to grep for delicious files as well as download interesting files if you're not afraid to...

Mobile Security Framework: MobSF

Mobile Security Framework is an intelligent, all-in-one open source mobile application Android/iOS automated pen-testing framework capable of performing static and dynamic analysis. We’ve been depending on multiple tools to carry out reversing, decoding, debugging, code review, and pen-test and...

Python Steganography Tool: Stegosaurus

Python Steganography Tool A steganography tool for embedding payloads within Python bytecode. Stegosaurus is a steganography tool that allows embedding arbitrary payloads in Python bytecode pyc or pyo files. The embedding process does not alter the runtime behavior or file size of the carrier fil...

Internet Bug Bounty: Integer overflow in _json_encode_unicode leads to crash

http://bugs.python.org/issue24522 static PyObject escapeunicodePyObject pystr / Take a PyUnicode pystr and return a new escaped PyUnicode / Pyssizet i; Pyssizet inputchars; Pyssizet outputsize; Pyssizet chars; PyObject rval; void input; int kind; PyUCS4 maxchar; if PyUnicodeREADYpystr == -1 retur...