18 matches found
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Binder: Fixed a UAF Use-After-Free vulnerability caused by overwriting offset fields. Binder objects are processed and copied individually into the target buffer during transactions. Any raw data between these objects is also...
PT-2026-21363
LinkAce is a self-hosted archive to collect website links. Versions 2.4.2 and below have a Stored Cross-site Scripting vulnerability through the Atom feed endpoint for lists /lists/feed. An authenticated user can inject a CDATA-breaking payload into a list description that escapes the XML CDATA...
EUVD-2010-1951
Malware in sbrugna...
GNU elfutils Buffer Overflow Vulnerability
GNU elfutils is an open source toolset for working with binaries, target files and shared libraries in the ELF Executable and Linkable Format format. GNU elfutils suffers from a buffer overflow vulnerability that stems from improper handling of z/x parameters by the...
Elfutils 安全漏洞
GNU elfutils is an open source toolset for working with binaries, target files and shared libraries in the ELF Executable and Linkable Format format. GNU elfutils suffers from a buffer overflow vulnerability that stems from improper handling of z/x parameters by the...
DEBIAN-CVE-2024-46740
In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF caused by offsets overwrite Binder objects are processed and copied individually into the target buffer during transactions. Any raw data in-between these objects is copied as well. However, this raw data copy lac...
UBUNTU-CVE-2024-46740
In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF caused by offsets overwrite Binder objects are processed and copied individually into the target buffer during transactions. Any raw data in-between these objects is copied as well. However, this raw data copy lac...
new packages: perl-Data-Section
An update is available for perl-Data-Section. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
new module: perl:5.30
An update is available for perl-Pod-Perldoc, perl-DBI, perl-Pod-Escapes, perl-Devel-PPPort, perl-Pod-Usage, perl-Sub-Exporter, perl-perlfaq, perl-Object-HashBase, perl-CPAN-Meta-YAML, perl-Digest, perl-podlators, perl-bignum, perl-Text-ParseWords, perl-Text-Template, perl-DBD-MySQL, perl-Text-Glo...
CVE-2019-8359
An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. An out of bounds write is present in the data section during 6LoWPAN fragment re-assembly in the face of forged fragment offsets in os/net/ipv6/sicslowpan.c...
Virtuailor - IDAPython Tool For Creating Automatic C++ Virtual Tables In IDA Pro
Virtuailor is an IDAPython tool that reconstructs vtables for C++ code written for intel architecture, both 32bit and 64bit code and AArch64 New!. The tool constructed from 2 parts, static and dynamic. The first is the static part, contains the following capabilities: Detects indirect calls. Hook...
WPS Office < 2016 - '.doc' OneTableDocumentStream Memory Corruption
Application: WPS Office Platforms: Windows Versions: Version before 2016 Author: Francis Provencher of COSIG Twitter: @COSIG 1 Introduction 2 Report Timeline 3 Technical details 4 POC =============== 1 Introduction =============== WPS Office an acronym for Writer, Presentation and Spreadsheets,2...
AppUse - Android Pentest Platform Unified Standalone Environment
AppUse Virtual Machine, developed by AppSec Labs, is a unique and free system, a platform for mobile application security testing in the android environment, and it includes unique custom-made tools. Faster & More Powerful The system is a blessing to security teams, who from now on can easily...
X360 VideoPlayer ActiveX Control 2.6 - ASLR + DEP Bypass
X360 VideoPlayer ActiveX Control 2.6 - ASLR + DEP Bypass !-- Exploit Title: X360 VideoPlayer ActiveX Control RCE Full ASLR & DEP Bypass Author: Rh0 Date: Jan 30 2015 Affected Software: X360 VideoPlayer ActiveX Control 2.6 VideoPlayer.ocx Vulnerability: Buffer Overflow in Data Section Tested on:...
X360 VideoPlayer ActiveX Control 2.6 - Full ASLR & DEP Bypass Exploit
Exploit for windows platform in category remote exploits !-- Exploit Title: X360 VideoPlayer ActiveX Control RCE Full ASLR & DEP Bypass Author: Rh0 Date: Jan 30 2015 Affected Software: X360 VideoPlayer ActiveX Control 2.6 VideoPlayer.ocx Vulnerability: Buffer Overflow in Data Section Tested on:...
X360 VideoPlayer ActiveX Control 2.6 - ASLR + DEP Bypass
!-- Exploit Title: X360 VideoPlayer ActiveX Control RCE Full ASLR & DEP Bypass Author: Rh0 Date: Jan 30 2015 Affected Software: X360 VideoPlayer ActiveX Control 2.6 VideoPlayer.ocx Vulnerability: Buffer Overflow in Data Section Tested on: Internet Explorer 10 32-bit Windows 7 64-bit in VirtualBox...
CVE-2010-1932
Heap-based buffer overflow in XnView 1.97.4 and possibly earlier allows remote attackers to execute arbitrary code via a MultiBitMap MBM file with a Paint Data Section that contains a malformed Encoding field...
Heap overflow
Heap-based buffer overflow in XnView 1.97.4 and possibly earlier allows remote attackers to execute arbitrary code via a MultiBitMap MBM file with a Paint Data Section that contains a malformed Encoding field...