Malicious code in calc_a1zajwr9k7 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5b8834b52380a3a687a3ce8e2a03778ff24e1b8a678f9dfa432ea867eb8193f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5022 Malicious code in odesk.bpa-tsf-calc-bundle (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 913d44e6393e1a341f574267f3a31fb22effca6602c910ed05a2274faf14437a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in calc_testing (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e35f3e7bc8f28b26fd87344b7a088da9c2671c09f477a41a852a650626a7c5ad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

new packages: perl-Date-Calc

An update is available for perl-Date-Calc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

Backdoor.Win32.Chubo.c Remote Command Execution

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/c16b04a9879896ef453a6deb13528087.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Chubo.c Vulnerability: Unauthenticated Remote Command Execution Family: Chubo Type:...

Tianocore Edk2 缓冲区错误漏洞

Tianocore Edk2 is a cross-platform firmware development environment from the Tianocore community that follows the UEFI and PI specifications.A buffer overflow vulnerability exists in Tianocore Edk2, which stems from an existing CommBuffer check in SmmEntryPoint that does not catch underflow when...

libreoffice trust management issue vulnerability (CNVD-2022-55626)

LibreOffice is an open source office software suite from The Document Foundation tdf. The product includes applications such as Writer text documents, Calc spreadsheets and Impress presentations. A trust management issue vulnerability exists in libreoffice, which stems from libreoffice: signature...

unbound: integer overflow in a size calculation in respip/respip.c

A flaw was found in unbound. An integer overflow in ubpackedrrsetkey function may lead to a buffer overflow of the allocated buffer if the size can be controlled by an attacker. The highest threat from this vulnerability is to data confidentiality and integrity as well as service availability...

Exploit for Path Traversal in Microsoft

CVE-2021-40444 PoC Malicious docx generator to exploit CVE-20...

Exploit for Path Traversal in Microsoft

This repository is an exploit module for CVE-2021-40444, a remote code execution vulnerability in Microsoft Office Word. The repository contains a Python script exploit.py that generates a malicious docx document, a Windows DLL calc.dll that pops a calc.exe when executed, and a server script...

CVE-2020-21830

A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bitcalcCRC ../../src/bits.c:2213...

Exploit for Incorrect Authorization in Apache Solr

Apache Solr RCE CVE-2020-13957 Docker Demo !docker-demo...

kernel: out-of-bounds access in function hclge_tm_schd_mode_vnet_base_cfg

An out-of-bounds access flaw was found in the hclgeshaperparacalc driver in the Linux kernel. Access to an array with an index higher than its maximum index will lead to an out-of-bounds access vulnerability. This could affect both data confidentiality and integrity as well as system availability...

ASX To MP3 Converter 3.1.3.7.2010.11.05 Buffer Overflow

Exploit Title: ASX to MP3 converter 3.1.3.7.2010.11.05 - '.wax' Local Buffer Overflow DEP,ASLR Bypass PoC Software Link Download: https://github.com/x00x00x00x00/ASXtoMP3Converter3.1.3.7.2010.11.05/blob/master/ASXtoMP3Converter3.1.3.7.2010.11.05.exe?raw=true Exploit Author: Paras Bhatia Discovery...

GNU LibreDWG Denial of Service Vulnerability

GNU LibreDWG is a GNU Project C library for working with DWG files. A security vulnerability exists in the bitcalcCRC of the bits.c file in GNU LibreDWG version 0.9.3 and earlier. An attacker could exploit this vulnerability to cause a denial of service...

StreamRipper32 2.6 - Buffer Overflow

StreamRipper32 version 2.6 buffer overflow proof of concept exploit. Exploit Title: StreamRipper32 2.6 - Buffer Overflow PoC Date: 2020-05-14 Exploit Author: Andy Bowden Tested On: Win10 x64 Download Link: http://streamripper.sourceforge.net/sr32/StreamRipper3226.exe Vendor Page:...

StreamRipper32 2.6 - Buffer Overflow (PoC)

Exploit Title: StreamRipper32 2.6 - Buffer Overflow PoC Date: 2020-05-14 Exploit Author: Andy Bowden Tested On: Win10 x64 Download Link: http://streamripper.sourceforge.net/sr32/StreamRipper3226.exe Vendor Page: http://streamripper.sourceforge.net/ Version: 2.6 Steps To Reproduce: Double click on...

Triologic Media Player 8 Buffer Overflow

Exploit Title: Triologic Media Player 8 - '.m3l' Local Buffer Overflow Unicode SEH Date: 04/04/2020 Author: Felipe Winsnes Software Link: http://download.cnet.com/Triologic-Media-Player/3000-21394-10691520.html Version: 8 Tested on: Windows 7 x86 Proof of Concept: 1.- Run the python script, it wi...

Torrent 3GP Converter 1.51 - Stack Overflow (SEH) Exploit

Exploit Title: Torrent 3GP Converter 1.51 - Stack Overflow SEH Exploit Author: boku Software Vendor: torrentrockyou Vendor Homepage: http://www.torrentrockyou.com Software Link: http://www.torrentrockyou.com/download/tr3gpconverter.exe Version: Torrent 3GP Converter Version 1.51 Build 116 Tested...

CVE-2019-19624

An out-of-bounds read was discovered in OpenCV before 4.1.1. Specifically, variable coarsestscale is assumed to be greater than or equal to finestscale within the calc/oclcalc functions in disflow.cpp. However, this is not true when dealing with small images, leading to an out-of-bounds read of t...