CVE-2019-14237

On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls FAC a software IP protection method for execute-only access can be defeated by observing CPU registers and the effect of code/instruction execution...

CVE-2019-14236

On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection PCROP a software IP protection method can be defeated by observing CPU registers and the effect of code/instruction execution...

CVE-2001-1578

Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors...

CVE-2018-12127

Microprocessors use a ‘load port’ subcomponent to perform load operations from memory or IO. During a load operation, the load port receives data from the memory or IO subsystem and then provides the data to the CPU registers and operations in the CPU’s pipelines. Stale load operations results ar...

CVE-2020-0543

A new domain bypass transient execution attack known as Special Register Buffer Data Sampling SRBDS has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this fl...

CVE-2019-14236

On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection PCROP a software IP protection method can be defeated by observing CPU registers and the effect of code/instruction execution...

CVE-2019-14236

On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection PCROP a software IP protection method can be defeated by observing CPU registers and the effect of code/instruction execution...

Information Disclosure

The kernel packages is vulnerable to information disclosure. Microprocessors use a €˜load port€™ subcomponent to perform load operations from memory or IO. During a load operation, the load port receives data from the memory or IO subsystem and then provides the data to the CPU registers and...

CVE-2018-14713

Format string vulnerability in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to read arbitrary sections of memory and CPU registers via the "hook" URL parameter...

From zero to start to learn the Win32 platform buffer overflow（Part1）-bug warning-the black bar safety net

Buffer overflow is a common and we often heard of software security vulnerabilities, buffer overflow, i.e. that the data is too much to write into the memory or buffer, when a buffer within the write data is full, if you continue to write data, the data will overflow into other buffer, it will...

HTML Email Creator & Sender 2.3 - Local Buffer Overflow PoC (SEH)

No description provided by source. /0day HTML Email Creator & Sender v2.3 Local Buffer OverflowSeh Poc Debugging info Seh handler is overwriten , the offset is at 60 bytes in our buffer so you have to build your buffer as follows: PONTER TO NEXT SEH-------SEH HANDLER----NOP------SHELLCODE | | | |...

Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit

Mini HTTPd version 1.21 stack buffer overflow POST exploit for Windows XP SP3. !/usr/bin/python Title: Mini HTTPD stack buffer overflow POST exploit Author: TheColonial Date: 20 Feb 2013 Software Link: http://www.vector.co.jp/soft/winnt/net/se275154.html Vendor Homepage: http://www.picolix.jp/...

Ubuntu 9.10 / 10.04 LTS / 10.10 : linux, linux-ec2 vulnerabilities (USN-1041-1)

Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. CVE-2010-3301 Dan Rosenberg discovered that the btrfs filesystem did...

Barcodewiz BarCode ActiveX 3.29 - Denial of Service (PoC)

Barcodewiz BarCode ActiveX 3.29 - Denial of Service PoC BarCodeWiz Barcode ActiveX Control 3.29 PoC SEH Bug found: 24th July 2010 Found by: loneferret Software: http://www.barcodewiz.com/ Nods to exploit-db.com Vulnerable file BarCodeWiz.dll LoadProperties method Tested on: Windows XP Professiona...

Barcodewiz BarCode ActiveX 3.29 - Denial of Service (PoC)

BarCodeWiz Barcode ActiveX Control 3.29 PoC SEH Bug found: 24th July 2010 Found by: loneferret Software: http://www.barcodewiz.com/ Nods to exploit-db.com Vulnerable file BarCodeWiz.dll LoadProperties method Tested on: Windows XP Professional SP3 & Windows XP Home SP3 Internet Explorer 6 & Intern...

Portable E.M Magic Morph 1.95b .MOR File Stack Buffer Overflow PoC

No description provided by source. / Portable E.M Magic Morph 1.95b .MOR File Stack Buffer Overflow POC By fl0 fl0w "can't stop me/my time is now/your time is up/MY TIME IS NOW !!!!" / The EIP offset is at 312 bytes 0x138 HEX After you compile and create the .MOR file ,edit it with HEX EDITOR and...

Portable E.M Magic Morph 1.95b Buffer Overflow

/ Portable E.M Magic Morph 1.95b .MOR File Stack Buffer Overflow POC By fl0 fl0w "can't stop me/my time is now/your time is up/MY TIME IS NOW !!!!" / The EIP offset is at 312 bytes 0x138 HEX After you compile and create the .MOR file ,edit it with HEX EDITOR and start counting from the start of t...

Portable E.M Magic Morph 1.95b .MOR File Stack Buffer Overflow PoC

Exploit for unknown platform in category local exploits ================================================================== Portable E.M Magic Morph 1.95b .MOR File Stack Buffer Overflow PoC ================================================================== / Portable E.M Magic Morph 1.95b .MOR Fi...

MailEnable 1.52 HTTP Mail Service Stack BOF Exploit PoC

Exploit for unknown platform in category dos / poc ======================================================= MailEnable 1.52 HTTP Mail Service Stack BOF Exploit PoC ======================================================= / MailEnable 1.52 HTTP Mail Service Stack Overflow POC Exploitencoded comand...

MailEnable 1.52 HTTP Mail Service Stack BOF Exploit PoC

No description provided by source. / MailEnable 1.52 HTTP Mail Service Stack Overflow POC Exploitencoded comand Debugging Info szAppName : MEHTTPS.EXE szAppVer : 1.0.0.1 szModName : MEHTTPS.EXE szModVer : 1.0.0.1 offset : 00010c21 Files that caused error :...