arm-64-exploit-demo

ARM64 Buffer Overflow Exploit Demo A from-scratch demonstrati...

happy-dom 安全漏洞

happy-dom is a JavaScript implementation of a web browser without a graphical user interface by the individual developer David Ortner. A security vulnerability exists in happy-dom prior to version 20.0.2, which stems from insufficient isolation and could lead to prototype pollution attacks and...

EUVD-2020-6161

Malware in sbrugna...

EUVD-2018-3587

Malware in sbrugna...

EUVD-2025-9057

Malicious code in bioql PyPI...

Amlib NetOpacs 安全漏洞

Amlib NetOpacs is a catalog module in a library management system from Amlib UK. A security vulnerability exists in Amlib NetOpacs that stems from an unrestricted HTTP GET parameter input length that could lead to a stack buffer overflow and control flow hijacking...

Buffer overflow

Buffer Overflow vulnerability in Supermicro motherboard X12DPG-QR 1.4b allows local attackers to hijack control flow via manipulation of SmcSecurityEraseSetupVar variable...

CVE-2022-30426

There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow during UEFI DXE execution. This affects Altos T110...

NGINX 安全漏洞

Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from the US-based Nginx Corporation. A security vulnerability exists in NGINX, which stems from njs was found to contain a control flow hijacking caused by a type obfuscation vulnerability in...

North Korea’s Lazarus APT leverages Windows Update client, GitHub in latest campaign

This blog was authored by Ankur Saini and Hossein Jazi Lazarus Group is one of the most sophisticated North Korean APTs that has been active since 2009. The group is responsible for many high profile attacks in the past and has gained worldwide attention. The Malwarebytes Threat Intelligence team...

Exploit for CVE-2020-0551

PoC for the LVI-LFB Control Flow Hijacking attack CVE-2020-0...

Multiple Buffer Overflow Vulnerabilities in Tenda AC9 Routers

Tenda AC9 Router is a router produced by Shenzhen Jixiang Tenda Technology Co. Tenda AC9 router there are multiple buffer overflow vulnerabilities, the vulnerability stems from the router background on the http request parameter content length is not limited, an attacker can use the vulnerability...

CVE-2018-19241

Buffer overflow in video.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, V1.2.2.65, and V1.2.2 build 64 and TV-IP121WN V1.2.2 build 28 devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload without authentication...

Buffer overflow

Buffer overflow in network.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, V1.2.2.65, and V1.2.2 build 64 and TV-IP121WN V1.2.2 build 28 devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload without authentication...

CVE-2018-19241

CVE-2018-19241 : Buffer overflow in TRENDnet TV-IP110WN (V1.2.2 build 68, V1.2.2.65, V1.2.2 build 64) and TV-IP121WN (V1.2.2 build 28) video.cgi allows an unauthenticated attacker to hijack the control flow to an attacker-specified location via a crafted POST payload. Impact described as partial ...

CVE-2018-19241

Buffer overflow in video.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, V1.2.2.65, and V1.2.2 build 64 and TV-IP121WN V1.2.2 build 28 devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload without authentication...

CVE-2018-11560

The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp parameter to cgi-bin/CGIProxy.fcgi on port 34100...

Stack overflow

The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp parameter to cgi-bin/CGIProxy.fcgi on port 34100...

CVE-2018-11560

CVE-2018-11560 affects the Insteon HD IP Camera White 2864-222 webService binary, where a stack-based buffer overflow can cause control-flow hijacking via a crafted usr key, evidenced by a long remoteIp to CGIProxy.fcgi (port 34100). Related sources describe a related remote-code execution impact...

CVE-2018-11560

The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp parameter to cgi-bin/CGIProxy.fcgi on port 34100...