17 matches found
UBUNTU-CVE-2026-54900
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in usual mode with createid enabled, Oj::Parserparse is vulnerable to heap corruption via a negative-size memcpy. When a JSON object key is exactly 65,535 bytes long, an integer...
CVE-2026-54900
CVE-2026-54900 (Oj Gem) affects the Ruby gem Oj (Optimized JSON). In versions before 3.17.2, when running in usual mode with create_id enabled, Oj::Parser#parse is vulnerable to heap corruption via a negative-size memcpy. Specifically, if a JSON object key is exactly 65,535 bytes, an integer trun...
CVE-2026-54900 Oj: Negative-Size memcpy in Oj::Parser create_id Attribute Handling
Oj Optimized JSON is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in usual mode with createid enabled, Oj::Parserparse is vulnerable to heap corruption via a negative-size memcpy. When a JSON object key is exactly 65,535 bytes long, an integer...
GHSA-9CV6-QCJW-4GRX Oj: Negative-Size memcpy in Oj::Parser create_id Attribute Handling
Summary Oj::Parserparse in usual mode with createid enabled is vulnerable to heap corruption via a negative-size memcpy. When a JSON object key is exactly 65,535 bytes long, an integer truncation in formattr usual.c:63 converts the length to -1 before passing it to memcpy. This causes memcpy to...
EUVD-2026-35477
Issue Summary: The PKCS12 file processing fails to perform sufficient input validation for files that use Password-Based Message Authentication Code 1 PBMAC1 integrity mechanism allowing a certificate and private key forgery. Impact Summary: An attacker impersonating a user can cause a service...
EUVD-2019-20147
BlueAuditor 1.7.2.0 contains a buffer overflow vulnerability in the registration key field that allows local attackers to crash the application by submitting an oversized key value. Attackers can trigger a denial of service by entering a 256-byte buffer of repeated characters in the Key...
EUVD-2026-12534
A flaw was found in libucl. A remote attacker could exploit this by providing a specially crafted Universal Configuration Language UCL input that contains a key with an embedded null byte. This can cause a segmentation fault SEGV fault in the uclobjectemit function when parsing and emitting the...
CVE-2026-0708
A flaw was found in libucl. A remote attacker could exploit this by providing a specially crafted Universal Configuration Language UCL input that contains a key with an embedded null byte. This can cause a segmentation fault SEGV fault in the uclobjectemit function when parsing and emitting the...
CVE-2026-0708
A flaw was found in libucl. A remote attacker could exploit this by providing a specially crafted Universal Configuration Language UCL input that contains a key with an embedded null byte. This can cause a segmentation fault SEGV fault in the uclobjectemit function when parsing and emitting the...
EUVD-2025-178052
Malicious code in load-integer-wind-byte-key npm...
📄 Microsoft Windows Server Update Services Remote Code Execution
This is a proof of concept exploit for Microsoft Windows Server Update Services that leverages an unsafe deserialization of untrusted data in WSUS's AuthorizationCookie handling. This file demonstrates payload generation in C. using System; using System.IO; using System.Security.Cryptography; usi...
EUVD-2008-7027
Malware in sbrugna...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check the size of the encryption key for incoming connections, which could lead to a bypass of the...
Saflok - Key Derication Function Exploit
// Exploit Title: Saflok KDF // Exploit Author: a51199deefa2c2520cea24f746d899ce // Vendor Homepage: https://www.dormakaba.com/ // Version: System 6000 // Tested on: Dormakaba Saflok cards // CVE: N/A include include define MAGICTABLESIZE 192 define KEYLENGTH 6 define UIDLENGTH 4 int mainint argc...
Duplicate Advisory: EVE Has Partially Predetermined Vault Key
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-wc42-fcjp-v8vq. This link is maintained to preserve external references. Original Description Due to the implementation of "deriveVaultKey", prior to version 7.10, the generated vault key would always have the...
Linux/x64 - XANAX Decoder Shellcode (127 bytes)
Linux/x64 - XANAX Decoder Shellcode 127 bytes ; Date: 08/04/2019 ; XANAX Decoder ; Author: Alan Vivona ; Description: Reverts the xor-add-not-add-xor sequence using the same 4 byte key and executes the encoded payload. ; Tested on: x86-x64 GNU/Linux global start section .text keys.xor1 equ 0x29...
Petya of Salsa: a modified algorithm to bring the defect-vulnerability warning-the black bar safety net
Previously the Hubble analysis of the system describes about the modified MBR for disk encryption extortion Trojan Petya's. Recently Leo Stone gives crack Petya key full blasting code and decrypt tool, and noted that Petya author is using a variant of the Salsa20 algorithm to perform key...