Lucene search
K

172 matches found

Packet Storm
Packet Storm
added 2015/02/20 12:0 a.m.119 views

PHP DateTime Use-After-Free

Use After Free Vulnerability in unserialize with DateTime CVE-2015-0273 Taoguang Chen - Write Date: 2015.1.29 - Release Date: 2015.2.20 A use-after-free vulnerability was discovered in unserialize with DateTime/DateTimeZone/DateInterval/DatePeriod objects's wakeup magic method that can be abused...

7.5CVSS7.4AI score0.41315EPSS
Exploits9
Binamuse
Binamuse
added 2014/09/19 8:20 p.m.667 views

CoreGraphics Memory Corruption - CVE-2014-4377

Apple CoreGraphics library fails to validate the input when parsing the colorspace specification of a PDF XObject resulting in a heap overflow condition. A small heap memory allocation can be overflowed with controlled data from the input in any application linked with the affected framework. Usi...

6.8CVSS8.4AI score0.06947EPSS
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

VLC Media Player 2.0.4 (.swf) - Crash PoC

No description provided by source. Title : VLC media player 2.0.4 buffer overflow POC Version : 2.0.4 Twoflower Date : 2012-12-06 Vendor : www.videolan.org/vlc/ Impact : Med/High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : windows XP SP3 Author : coolkaveh VLC media player...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/07/01 12:0 a.m.70 views

Microsoft Internet Explorer 8 - Fixed Col Span ID (Full ASLR + DEP + EMET 4.1.x Bypass) (MS12-037)

function strtointstr return str.charCodeAt10x10000 + str.charCodeAt0; var free = "EEEE"; while free.length 500 free += free; var string1 = "AAAA"; while string1.length 500 string1 += string1; var string2 = "BBBB"; while string2.length 500 string2 += string2; var fr = new Array; var al = new Array...

9.3CVSS6.3AI score0.64962EPSS
Exploits27
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

Small HTTP Server <= 3.05.28 Arbitrary Data Execution Exploit

No description provided by source. !/usr/bin/perl sHTTP FTPServer Abritary Data Execution Exploit -------------------------------------------------- Infam0us Gr0up - Securiti Research E:\PERLperl shttp.pl localhost C:\shttps ? Version: libwww-perl-5.76 + Connect to localhost... + Connected + Send...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.46 views

Virtual PC Hypervisor Memory Protection Vulnerability

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Virtual PC Hypervisor Memory Protection Vulnerability 1. Advisory Information Title: Virtual PC Hypervisor Memory Protection...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2014/05/21 11:8 a.m.17 views

VUPEN Discloses Details of Patched Firefox Pwn2Own Zero-Days

Contestants at this year’s Pwn2Own contest made no bones about it: they were going after browsers and as it turned out, Firefox had the biggest target on its back. Mozilla’s popular browser was popped four times during the Canadian hacker festival accounting for a quarter of the $800,000-plus in...

0.5AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/04/08 12:0 a.m.57 views

OpenSSL 1.0.0 < 1.0.0m Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 1.0.0m. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.0m advisory. - The dtls1clearqueues function in ssl/d1lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data...

7.5CVSS8.7AI score0.99977EPSS
Exploits16References22
ThreatPost
ThreatPost
added 2014/02/24 8:43 a.m.85 views

Complete Microsoft EMET Bypass Developed

SAN FRANCISCO — Researchers at Bromium Labs are expected to announce today they have developed an exploit that bypasses all of the mitigations in Microsoft’s Enhanced Mitigation Experience Toolkit EMET. Principal security researcher Jared DeMott is scheduled to deliver a presentation this morning...

9.3CVSS1.2AI score0.99945EPSS
Exploits33References6
ThreatPost
ThreatPost
added 2014/02/14 2:27 p.m.40 views

New IE Zero Day Found Targeting Military Intelligence

Attackers were able to compromise the U.S. Veterans of Foreign Wars’ website this week and serve up a previously unknown zero day exploit in Internet Explorer 10, and while motivation behind the campaign is still unclear, experts are speculating its aim was to procure military intelligence...

9.3CVSS0.6AI score0.85239EPSS
Exploits23References6
MSRC
MSRC
added 2013/08/12 7:0 a.m.8 views

Mitigating the LdrHotPatchRoutine DEP/ASLR bypass with MS13-063

Today we released MS13-063 which includes a defense in depth change to address an exploitation technique that could be used to bypass two important platform mitigations: Address Space Layout Randomization ASLR and Data Execution Prevention DEP. As we’ve described in the past, these mitigations pl...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2013/05/16 12:3 a.m.19 views

[DEP Process Scanner] Tool to scan and show all the DEP enabled Processes

DEP Process Scanner is the free command-line tool to scan and show all the DEP enabled Processes. Data Execution Prevention DEP is a security feature introduced since Windows XP SP2 onwards and designed to prevent an application executing code from a non-executable memory regions such as Stack or...

8.2AI score
Exploits0
CERT
CERT
added 2013/02/07 12:0 a.m.22 views

Nuance PDF viewing products contain multiple vulnerabilities

Overview Nuance PDF viewing products contain multiple memory-corruption vulnerabilities, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Nuance provides two similar PDF viewing products called PDF Reader and PDF Viewer Plus. Both of...

9.3CVSS7.3AI score0.0322EPSS
Exploits0References5
CERT
CERT
added 2013/01/25 12:0 a.m.34 views

Foxit Advanced PDF Editor 3 contains a stack buffer overrun vulnerability

Overview Foxit Advanced PDF Editor 3, and possibly earlier versions, contains a stack buffer overrun vulnerability. Description Foxit Advanced PDF Editor 3, and possibly earlier versions, contains a stack buffer overrun vulnerability that may be exploited by an attacker that is able to successful...

7.6CVSS7.4AI score0.03891EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2012/12/27 4:47 p.m.13 views

Nvidia Display Driver Service Attack Escalates Privileges on Windows Machines

There’s nothing like a zero-day to ruin the holiday break, but that’s just what may be in store for engineers at Nvidia after a researcher discovered a new vulnerability in the Nvidia Display Driver Service. The flaw could hand over administrator privileges on Windows machines to an attacker. Pet...

1.4AI score
Exploits0References1
seebug.org
seebug.org
added 2012/12/11 12:0 a.m.22 views

VLC Media Player 'swf'文件栈缓冲区溢出漏洞

BUGTRAQ ID: 56861 VLC Media Player是多媒体播放器(最初命名为VideoLAN客户端)是VideoLAN计划的多媒体播放器。 VLC media player 2.0.4及其他版本在处理恶意文件时没有正确进行边界检查,通过诱使受害者打开特制的SWF文件,远程攻击者可利用此漏洞使缓冲区溢出,在系统中执行任意代码或造成应用崩溃。 0 VLC Media Player 2.0.4 厂商补丁: VideoLAN -------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...

6.9AI score
Exploits0
Exploit DB
Exploit DB
added 2012/12/07 12:0 a.m.36 views

VideoLAN VLC Media Player 2.0.4 - &#039;.swf&#039; Crash (PoC)

Title : VLC media player 2.0.4 buffer overflow POC Version : 2.0.4 Twoflower Date : 2012-12-06 Vendor : www.videolan.org/vlc/ Impact : Med/High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : windows XP SP3 Author : coolkaveh VLC media player also known as VLC is a highly...

7.4AI score
Exploits0
0day.today
0day.today
added 2012/12/06 12:0 a.m.21 views

VLC media player 2.0.4 buffer overflow PoC

buffer overflow during the handling of the swf file context-dependent Successful exploits can allow attackers to execute arbitrary code Title : VLC media player 2.0.4 buffer overflow POC Version : 2.0.4 Twoflower Date : 2012-12-06 Vendor : http://www.videolan.org/vlc/ Impact : Med/High Contact :...

8.3AI score
Exploits0
CERT
CERT
added 2012/11/20 12:0 a.m.69 views

Autonomy Keyview IDOL contains multiple vulnerabilities in file parsers

Overview Autonomy Keyview IDOL contains multiple vulnerabilities in file parsers. These vulnerabilities could allow a remote attacker to execute arbitrary code on an affected system. Description Autonomy Keyview IDOL is a set of libraries that can decode over 1,000 different file formats. The...

9.3CVSS8.2AI score0.07924EPSS
Exploits0References13
exploitpack
exploitpack
added 2012/07/23 12:0 a.m.16 views

MyMp3 Player Stack - .m3u File DEP Bypass

MyMp3 Player Stack - .m3u File DEP Bypass ''' Title: MyMp3-Player '.m3u' Stack BOF Bypass DEP Author: Daniel Romero Perez @danielrome Software & Version: MyMp3-Player 3.02.067 Tested on: Windows XP SP3 - ES Mail: [email protected] Blog: unlearningsecurity.blogspot.com Advisor:...

7.4AI score
Exploits0
Rows per page
Query Builder