EUVD-2021-8638

Malicious code in bioql PyPI...

CVE-2025-38605

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Pass ab pointer directly to ath12kdptxgetencaptype In ath12kdptxgetencaptype, the arvif parameter is only used to retrieve the ab pointer. In vdev delete sequence the arvif-ar could become NULL and that would trigge...

CVE-2021-21257

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. The RPL-Classic and RPL-Lite implementations in the Contiki-NG operating system versions prior to 4.6 do not validate the address pointer in the RPL source routing header This makes it possible for an...

EulerOS 2.0 SP9 : uboot-tools (EulerOS-SA-2022-2306)

According to the versions of the uboot-tools package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the 'i2c md' command enables the...

SUSE SLES12 Security Update : u-boot (SUSE-SU-2022:2712-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:2712-1 advisory. - In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the i2c md command enables the corruption...

CVE-2022-34835

In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the doi2cmd function...

CVE-2022-34835

CVE-2022-34835 affects U-Boot up to 2022.07-rc5, where an integer signedness error in the i2c md command can overflow a stack buffer and corrupt the return address pointer in do_i2c_md. This vulnerability could enable tampering with control flow; exploitation details are not provided in the conne...

`Frame::copy_from_raw_parts` can lead to segfault without `unsafe`

fn Frame::copyfromrawparts is a safe API that can take a raw pointer and dereference it. It is possible to read arbitrary memory address with an arbitrarily fed pointer. This allows the safe API to access & read arbitrary address in memory. Feeding an invalid memory address pointer to the API may...

WebRTC usrsctp Incorrect Call Vulnerability

WebRTC: usrsctp is called with pointer as network address When usrsctp is used with a custom transport, an address must be provided to usrsctpconninput be used as the source and destination address of the incoming packet. WebRTC uses the address of the SctpTransport instance for this value...

Google Chrome 72 / 73 Array.map Corruption

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Google Chrome 72 and 73 Array.map exploit', 'Description' = %q This module exploits an issue in Chrome 73.0.3683.86 64 bit. The exploit corrupts...

Sam Lantinga splitvt 1.6.3 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1346/info A buffer overflow condition that could be exploited to obtain root exists in splitvt 1.6.3 and earlier. Splitvt is distributed with several Linux distributions. / Local exploit for Debian splitvt 1.6.3-4 - by...

Exploit Linux 3.4+ Arbitrary write with CONFIG_X86_X32

CVE: 2014-0038 Author: saelo Published: 2014-02-02 / Local root exploit for CVE-2014-0038. https://raw.github.com/saelo/cve-2014-0038/master/timeoutpwn.c Bug: The X86X32 recvmmsg syscall does not properly sanitize the timeout pointer passed from userspace. Exploit primitive: Pass a pointer to a...

MySQL COM_TABLE_DUMP Information Leakage and Arbitrary Command Execution

No description provided by source. / April 21.st 2006 myexploit.c MySql COMTABLEDUMP Memory Leak & MySql remote B0f MySql = 5.0.20 MySql COMTABLEDUMP Memory Leak MySql = 4.x.x copyright 2006 Stefano Di Paola stefano.dipaolaatwisec.it GPL 2.0 Disclaimer: In no event shall the author be liable for...