27 matches found
EUVD-2020-4168
Malware in sbrugna...
CVE-2024-3708
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2024-3708
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2024-3708
Summary : Multiple connected sources describe a lighttpd vulnerability (CVE-2024-3708) affecting versions prior to 1.4.51. The root cause is a condition in handling remote HTTP requests that can access freed memory, causing process termination or non-deterministic behavior, and potentially enabli...
CVE-2024-3708
Removed by vendor...
in bfabiszewski/libmobi
✍️ Description Overview This vulnerability is the use of out-of-range pointer offset, which lets attackers read memory information beyond the buffer size. Possibly, attackers can use this to do DOS Denial of Service attack or ALSR bypass by reading sensitive memory address information to all...
in bfabiszewski/libmobi
✍️ Description Overview This vulnerability is of out-of-bound read, which lets attackers read memory information beyond the buffer size. Possibly, attackers can use this to do DOS Denial of Service attack or ALSR bypass by reading sensitive memory address information to all applications which use...
SYS.1.3.A4
Um die Ausnutzung von Schwachstellen in Anwendungen zu erschweren, MUSS ASLR und DEP/NX im Kernel aktiviert und von den Anwendungen genutzt werden. Sicherheitsfunktionen des Kernels und der Standardbibliotheken, wie z. B. Heap- und Stackschutz, DUERFEN NICHT deaktiviert werden. Copyright C 2021...
VUPlayer 2.49 .m3u - Local Buffer Overflow (DEP,ASLR)
Exploit title: VUPlayer 2.49 .m3u - Local Buffer Overflow DEP,ASLR Date: 2020-05-22 Exploit Author: Gobinathan L Vendor Homepage: http://www.vuplayer.com/ Version: v2.49 Tested on: Windows 7 Professional with ALSR and Full DEP Turned ON. Usage : $ python .py ===================================...
VUPlayer 2.49 .m3u - Local Buffer Overflow (DEP,ASLR) Exploit
Exploit title: VUPlayer 2.49 .m3u - Local Buffer Overflow DEP,ASLR Exploit Author: Gobinathan L Vendor Homepage: http://www.vuplayer.com/ Version: v2.49 Tested on: Windows 7 Professional with ALSR and Full DEP Turned ON. Usage : $ python .py =================================== VUPlayer 2.49 Explo...
VUPlayer 2.49 .m3u Local Buffer Overflow
Exploit title: VUPlayer 2.49 .m3u - Local Buffer Overflow DEP,ASLR Date: 2020-05-22 Exploit Author: Gobinathan L Vendor Homepage: http://www.vuplayer.com/ Version: v2.49 Tested on: Windows 7 Professional with ALSR and Full DEP Turned ON. Usage : $ python .py ===================================...
OPPO ColorOS Information Disclosure Vulnerability
OPPO ColorOS is a suite of Android-based operating systems for mobile devices from China's OPPO Guangdong Mobile Communications OPPO. An information disclosure vulnerability exists in the AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP file in OPPO ColorOS. The...
Design/Logic Flaw
In ColorOS oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP, RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the...
CVE-2020-11828
In ColorOS oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP, RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the...
CVE-2020-11828
CVE-2020-11828 concerns ColorOS (Android-based OS by OPPO) where RGB is defined on the stack in surfaceflinger.CPP and remains uninitialized. The screenShot RGB assignment may return uninitialized values, causing stack information leakage and enabling a bypass of address space layout randomizatio...
BlazeDVD-Pro-7.0---(.plf)
BlazeDVD Pro v7.0 - .plf Stack Based Buffer Overflow direct RET - ALSR/DEP bypass on Win8.1 Pro Date: Mon, Aug 11 2014 12:58:06 GMT Exploit Author: Giovanni Bartolomucci Vendor Homepage: http://www.blazevideo.com/ Software Link: http://www.blazevideo.com/download/BlazeDVDProSetup.exe Version:...
BlazeDVD Pro 7.0 - (.plf) Stack Based Buffer Overflow (Direct RET)
No description provided by source. BlazeDVD Pro v7.0 - .plf Stack Based Buffer Overflow direct RET - ALSR/DEP bypass on Win8.1 Pro Date: Mon, Aug 11 2014 12:58:06 GMT Exploit Author: Giovanni Bartolomucci Vendor Homepage: http://www.blazevideo.com/ Software Link:...
BlazeDVD Pro 7.0 - (.plf) Stack Based Buffer Overflow (Direct RET)
Exploit for windows platform in category local exploits BlazeDVD Pro v7.0 - .plf Stack Based Buffer Overflow direct RET - ALSR/DEP bypass on Win8.1 Pro Date: Mon, Aug 11 2014 12:58:06 GMT Exploit Author: Giovanni Bartolomucci Vendor Homepage: http://www.blazevideo.com/ Software Link:...
BlazeDVD Pro Player 7.0 - .plf Direct RET Local Stack Buffer Overflow
BlazeDVD Pro Player 7.0 - .plf Direct RET Local Stack Buffer Overflow BlazeDVD Pro v7.0 - .plf Stack Based Buffer Overflow direct RET - ALSR/DEP bypass on Win8.1 Pro Date: Mon, Aug 11 2014 12:58:06 GMT Exploit Author: Giovanni Bartolomucci Vendor Homepage: http://www.blazevideo.com/ Software Link...
CVE-2 0 1 2-0 4 9 7 exploit study notes-vulnerability warning-the black bar safety net
Previous article learn how to use the ClassName or the title to be a placeholder, now learn how to exploit the vulnerability For UAF exploits, the most simple is by Heap Spary to achieve, abroad I also made a Heap Spary directly construct an object to use the method Now learn about the two method...