Bug-Project-Framework

It is an offensive tool for bug exploitation. The repository contains a framework for exploiting vulnerabilities, specifically a module sharing repository. The primary CVE ID is not explicitly mentioned, but the description translates to "Vulnerability exploitation framework module sharing...

Update now! Apple releases patch for zero-day vulnerability

Apple has released new security updates for several products, including a patch for a zero-day vulnerability that could impact iPhones, iPad, Macs, and Apple TVs. Apple says it’s aware of a report that the bug may have been exploited already. Further details about the nature of the vulnerability...

Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops

Google’s Threat Analysis Group TAG has provided a rare look inside the operations of a cybercriminal dubbed “Exotic Lily,” that appears to serve as an initial-access broker for both Conti and Diavol ransomware gangs. Researchers’ analysis exposes the business-like approach the group takes to...

Top Black Hat USA Sessions for Qualys Customers

Black Hat USA is known for cutting-edge security research, and this year’s conference is no different. If you’re a Qualys customer, here are some Black Hat sessions we think youll find relevant. Next-Gen DFIR: Mass Exploits & Supplier Compromise An investigation of real “next-gen” digital forensi...

DEBIAN-CVE-2021-26676

gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp...

CVE-2020-11631

An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. An error state can be generated in the CA UI by a malicious user. This, in turn, allows exploitation of other bugs. This follow-on exploitation can lead to privilege escalation and remote code execution. This is exploitable...

ClamAV 0.102.0 - bytecode_vm Code Execution

ClamAV 0.102.0 - bytecodevm Code Execution !/usr/bin/python ''' Finished : 22/07/2019 Pu8lished : 31/10/2019 Versi0n : Current ./exploit.py clambc --debug exploit SNIP $ ''' names = 'test1', 'read', 'write', 'seek', 'setvirusname',...

Microsoft Patches Actively Exploited Bug as Part of Patch Tuesday

UPDATE Microsoft has patched an elevation-of-privilege vulnerability it said is actively being exploited by hackers. The fix was part of Microsoft’s scheduled September Patch Tuesday release, which also included fixes for two other bugs found being used in the wild, including the zero-day found i...

Hackers Take Down Reader, Safari, Edge, Ubuntu Linux at Pwn2Own 2017

Hackers took down Adobe Reader, Apple Safari, Microsoft Edge, and Ubuntu Linux over the course of 11 hours on Wednesday, the first day of Pwn2Own, the annual hacking competition held in tandem with the CanSecWest conference in Vancouver. Contestants with the Chinese security firm Qihoo 360 were t...

CORE-2009-0803: Virtual PC Hypervisor Memory Protection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Virtual PC Hypervisor Memory Protection Vulnerability 1. Advisory Information Title: Virtual PC Hypervisor Memory Protection Vulnerability Advisory Id: CORE-2009-0803...

DoS Exploit

I found a new bug in 0irc client v1345 build20060823 that is: NULL pointer derefrencing resulting in a DoS Exploit. vendor site: http://dev0.de Bug Discovered By: DiGitalX Exploit Coded By: DiGitalX Contact E-mail: [email protected] My Site: http://DiGitalX.I.am PoC is provided as attachment...

Infostring crash and shutdown in the Quake 3 engine

Luigi Auriemma Application: Quake 3 engine http://www.idsoftware.com Games: - Call of Duty = 1.5 - Call of Duty: United Offensive = 1.51 - Heavy Metal: F.A.K.K.2 = 1.02 - Quake III Arena = 1.32 - Return to Castle Wolfenstein = 1.41 - Soldier of Fortune II: Double Helix = 1.03 - Star Trek Voyager:...

[Full-Disclosure] Players overflow in Serious engine UDP (was Alpha Black Zero, 29 Sep 2004)

Luigi Auriemma Application: Serious engine http://www.seriousengine.com Games: all the games based on this engine and using the UDP protocol: - Alpha Black Zero - Nitro family - Serious Sam Second Encounter 1.07 Platforms: Windows, Linux and Mac Bug: crash Exploitation: remote, versus server Date...

openbsd-select-bug.txt

Hi there, Recently a bug in the select syscall of openbsd was published. This text describes the details and the eventual exploitation of this bug. First of all let us look at the definition of select: int selectint nfds, fdset readfds, fdset writefds, fdset exceptfds, struct timeval timeout; The...

psyBNC 2.3 DoS / bug

psyBNC 2.3 DoS / bug :: Description psyBNC http://www.psychoid.lam3rz.de/psybnc.html has a problem dealing with oversized passwords, making it possible to tie up all the connection slots and consume alot of CPU on the server. :: Exploit Create a program to do the following: 1. connect to the psyB...

More on Ultimate Bullering Board

In response to Scott Ashman's post about UBB. After i discovered this bug last week i tried to contact infopop on 3 email adresses from their contact page i finally managed to find one that didn't bounce, but i haven't recieved any response yet. Anyway, Scott describes a way to retrieve other...

unixware.pkg.txt

Greetings, OVERVIEW Any user may read any file on the system. BACKGROUND Only UnixWare 7.1 has been tested. DETAILS As previously stated, UnixWare binaries gain additional privileges via standard suid/sgid AND /etc/security/tcb/privs. The majority of the UnixWare "pkg" command, such as pkginfo,...