ACPM Transfer Validation and Stress Testing Proof of Concept

This C program is a controlled stress-testing proof of concept designed to evaluate robustness, parameter validation, and stability of the acpmdoxfer interface under repeated high-volume calls and intentionally oversized transfer descriptors...

CVE-2026-41051

CVE-2026-41051 affects csync2 and is due to the use of insecure temporary directories when csync2 is compiled with C99 or later, enabling TOCTOU-style issues in temporary paths. Public records indicate the vulnerability impacts openSUSE Tumbleweed’s csync2 package in the 2.0+git.1600444747.83b364...

编号撤回

R is a statistical computing software from The R Foundation. fe is a lightweight, embeddable ANSI C scripting language developed by rxi. This CVE number has been withdrawn...

GNU Transport Layer Security Library 3.8.13

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS 12, OpenPGP, and other...

EUVD-2019-15703

Malware in sbrugna...

sslscan

This is a tool for scanning SSL/TLS protocols and ciphers on a target server. The tool is called sslscan and is written in C. It is designed to be a command-line interface for scanning SSL/TLS protocols and ciphers on a target server. The tool can be built on various platforms, including Linux an...

GNU Transport Layer Security Library 3.8.10

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS 12, OpenPGP, and other...

CVE-2024-38443

C/sorting/binaryinsertionsort.c in The Algorithms - C through e5dad3f has a segmentation fault for deep recursion, which may affect common use cases such as sorting an array of 50 elements...

CVE-2022-49927

CVE-2022-49927: Linux kernel NFSv4 kmemleak when allocating a slot failed. If a slot allocation fails, previously allocated slots must be cleaned up; otherwise, the allocated slots leak (example: unreferenced object 0xffff8881115aa100, size 64). The fix ensures cleanup of all allocated slots on f...

[SECURITY] Fedora 41 Update: expat-2.7.0-1.fc41

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

Open5GS nas_eps_send_emm_to_esm function denial of service vulnerability

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. A denial of service vulnerability exists in Open5GS version 2.6.4 and earlier, which originates from a reachable assertion in the nasepssendemmtoesm function, and can be...

A Bag of RATs: VenomRAT vs. AsyncRAT

Introduction Remote access tools RATs have long been a favorite tool for cyber attackers, since they enable remote control over compromised systems and facilitate data theft, espionage, and continuous monitoring of victims. Among the well-known RATs are VenomRAT and AsyncRAT. These are open-sourc...

OESA-2024-2286 libarchive security update

is an open-source BSD-licensed C programming library that provides streaming access to a variety of different archive formats, including tar, cpio, pax, zip, and ISO9660 images. The distribution also includes bsdtar and bsdcpio, full-featured implementations of tar and cpio that use . Security...

The vulnerability of the software development package Azure IoT SDK for C lies in its memory management after memory is released. This allows a malicious actor to execute arbitrary code.

The vulnerability of the Azure IoT SDK for C development software package lies in the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

CVE-2023-52854

In the Linux kernel, the following vulnerability has been resolved: padata: Fix refcnt handling in padatafreeshell In a high-load arm64 environment, the pcryptaead01 test in LTP can lead to system UAF Use-After-Free issues. Due to the lengthy analysis of the pcryptaead01 function call, I'll...

The vulnerability of the C language library for interacting with Azure services via uAMQP, related to integer overflow, allows attackers to execute arbitrary code.

The vulnerability of the C language library for interacting with Azure services via uAMQP is related to a numerical overflow condition. Exploiting this vulnerability allows an attacker to execute arbitrary code using specially created data...

LummaC2 Malware Deploys New Trigonometry-Based Anti-Sandbox Technique

The stealer malware known as LummaC2 aka Lumma Stealer now features a new anti-sandbox technique that leverages the mathematical principle of trigonometry to evade detection and exfiltrate valuable information from infected hosts. The method is designed to "delay detonation of the sample until...

[SECURITY] Fedora 38 Update: wangle-2023.10.16.00-1.fc38

Wangle is a library that makes it easy to build protocols, application client s, and application servers. It's like Netty + Finagle smooshed together, but in C++...

Exploit for Out-of-bounds Write in Linux Linux_Kernel

CVE-2021-22555 This repo hosts TUKRU's Linux Privilege Escalat...

New SOHO Router Botnet AVrecon Spreads to 70,000 Devices Across 20 Countries

A new malware strain has been found covertly targeting small office/home office SOHO routers for more than two years, infiltrating over 70,000 devices and creating a botnet with 40,000 nodes spanning 20 countries. Lumen Black Lotus Labs has dubbed the malware AVrecon, making it the third such...