EUVD-2019-2944

Malware in sbrugna...

EUVD-2018-2480

Malware in sbrugna...

EUVD-2017-8047

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-9762

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The cmdinfo function in libr/core/cmdinfo.c in radare2 1.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a...

Linux Distros Unpatched Vulnerability : CVE-2018-11382

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The inststs function in radare2 2.5.0 allows remote attackers to cause a denial of service heap- based out-of-bounds read and application crash via a crafted...

CVE-2021-30359

The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during the installation. Because the MS Installer allows regular users to repair their installation, an attacker running an installer before 90.08.7405 can start the installation...

PT-2025-7538 · Dell · Dell Recoverpoint For Virtual Machines

Name of the Vulnerable Software and Affected Versions: Dell RecoverPoint for Virtual Machines version 6.0.X Description: A command execution vulnerability exists, allowing a low-privileged malicious user with local access to potentially exploit it by running a specific binary. This could result i...

CVE-2022-36041 Rizin Out-of-bounds Write vulnerability in Mach-O binary plugin

Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when parsing Mach-O files. A user opening a malicious Mach-O file could be affected by this vulnerability, allowing an attacker to execute code on the...

Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021

A vulnerability in the command line parameter parsing code of Sudo could allow an authenticated, local attacker to execute commands or binaries with root privileges. The vulnerability is due to improper parsing of command line parameters that may result in a heap-based buffer overflow. An attacke...

My-PWN-Life

This repository is an exploit for a buffer overflow vulnerability in a binary called "bof". The exploit is written in Python and uses the pwntools library to interact with the binary. The binary is a simple program that takes user input and stores it in a buffer. The buffer is not properly...

No-IP-Dynamic-Update-Client-

This exploit covers a stack-based overflow present in -i parameter, IPaddress variable name in source code. It is probably the most basic parameter, as this is the way to say the client that our IP has changed import os binary = "./noip-2.1.9-1/binaries/noip2-i686" shellcode =...

ZBServer Pro 1.5 - Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/889/info ZBSoft ZBServer Pro is an Internet and Intranet server that supports HTTP, Gopher, FTP and Chat Services. ZBServer is available for Microsoft Windows operating systems. ZBServer Pro 1.5 has an unchecked buffer in...

linux/x86-64 execve/bin/sh 33 bytes

linux/x86-64 execve/bin/sh 33 bytes. Shellcode exploit for linx86-64 platform Linux/X86-64 Dummy for shellcode: execve"/bin/sh", "/bin/sh", NULL hophet at gmail.com .text .globl start start: xorq %rdx, %rdx movq $0x68732f6e69622fff,%rbx shr $0x8, %rbx push %rbx movq %rsp,%rdi xorq %rax,%rax pushq...

Linux Kernel 2.6.13 < 2.6.17.4 - 'sys_prctl()' Local Privilege Escalation (4)

!/bin/sh PRCTL local root exp By: Sunix + effected systems 2.6.13 /tmp/getsuid.c include include include include include include include char payload="\nSHELL=/bin/sh\nPATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n root chown root.root /tmp/s ; chmod 4777 /tmp/s ; rm -f...

Re: [Full-Disclosure] Re: [Full-Disclosure] iDEFENSE Security Advisory 07.01.03: Caché Insecure Installation File and Directory Permissions

Here are more details of my research... Vuln1 Local attackers can exploit this to manipulate directories and binaries inside the installation tree. This may be used by a local malicious user to gain root access. The content in /cachesys/csp/user is executed as root through the web interface. user...

File 3.x - Local Stack Overflow Code Execution (1)

File 3.x - Local Stack Overflow Code Execution 1 // source: https://www.securityfocus.com/bid/7008/info It has been reported that a stack overflow exists in the file program. Although details of this issue are currently unavailable, it is likely that this issue could be exploited to execute code ...

sudo.bin - NLSPATH Privilege Escalation

sudo.bin - NLSPATH Privilege Escalation include include include include include define PATHSUDO "/usr/bin/sudo.bin" define BUFFERSIZE 1024 define DEFAULTOFFSET 50 ulong getesp asm"movl %esp, %eax"; mainint argc, char argv uchar execshell =...