Samsung S24 VC1 Decoder Out-Of-Bounds Write

There is an out-of-bounds write to a heap buffer in the Samsung S24 VC1 decoder. The function svc1drrfrm can write outside of the allocated frame buffers in several locations due to incorrect calculations of buffer offsets...

CVE-2024-5171

Integer overflow in libaom internal function imgallochelper can lead to heap buffer overflow. This function can be reached via 3 callers: Calling aomimgalloc with a large value of the dw, dh, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and so...

Linux kernel memory leak vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a program's failure to properly keep buffer offsets and lengths synchronized after an atomic read failure. ...

Kolibri-Server

Kolibri v2.0 is vulnerable to a remote buffer overflow attack. By sending a malformed HEAD request, we are able to overwrite both the return address and an SEH handler. Null bytes terminate the request though, but we are able to partially overwrite with a pointer to a POP + POP + RET instruction...

facebook-overflow.txt

FaceBook PhotoUploader Buffer Overflow Exploit function Check var buf = unescape"%u4141"; while buf.length = 261 buf = buf + unescape"%u4141"; // win32exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378 Encoder=Alpha2 http://metasploit.com var shellcode1 =...

FaceBook PhotoUploader - 'ImageUploader4.ocx 4.5.57.0' Remote Buffer Overflow

FaceBook PhotoUploader Buffer Overflow Exploit function Check var buf = unescape"%u4141"; while buf.length = 261 buf = buf + unescape"%u4141"; // win32exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378 Encoder=Alpha2 http://metasploit.com var shellcode1 =...