CVE-2017-6351

The WePresent WiPG-1500 device with firmware 1.0.3.7 has a manufacturer account that has a hardcoded username / password. Once the device is set to DEBUG mode, an attacker can connect to the device using the telnet protocol and log into the device with the 'abarco' hardcoded manufacturer account...

CVE-2017-6351

WePresent WiPG-1500 devices (firmware up to 1.0.3.7) contain a hardcoded manufacturer account with a username/password. When DEBUG mode is enabled, an attacker can connect via telnet (port 5885) and log in using the hardcoded account abarco . This account is not documented, nor is the DEBUG featu...

UBUNTU-CVE-2016-7409

The dbclient and server in Dropbear SSH before 2016.74, when compiled with DEBUGTRACE, allows local users to read process memory via the -v argument, related to a failed remote ident...

DEBIAN-CVE-2016-7409

The dbclient and server in Dropbear SSH before 2016.74, when compiled with DEBUGTRACE, allows local users to read process memory via the -v argument, related to a failed remote ident...

CVE-2016-7409

The dbclient and server in Dropbear SSH before 2016.74, when compiled with DEBUGTRACE, allows local users to read process memory via the -v argument, related to a failed remote ident...

Browser-based GDB frontend: gdbGUI

A modern, browser-based frontend to gdb gnu debugger. Add breakpoints, view stack traces, and more in C, C++, Go, and Rust! Simply run gdbgui from the terminal and a new tab will open in your browse Features Debug a different program in each tab new gdb instance is spawned for each tab Set/remove...

radare2 denial of service vulnerability (CNVD-2017-02721)

radare2 is an open source reverse engineering flat. A denial of service vulnerability in the dexparsedebugitem function in libr/bin/p/bindex.c in radare2 version 1.2.1 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted DEX file...

radare2 denial of service vulnerability

radare2 is a set of libraries and tools for working with binary files. A security vulnerability exists in the 'dexparsedebugitem' function in the libr/bin/p/bindex.c file in radare2 version 1.2.1. A remote attacker can exploit this vulnerability to cause a denial of service null pointer...

shopify-scripts: SIGSEGV - mark_context_stack

PoC ------------------- The following code triggers the bug attached as testmarkcontextstack.rb: def one tooyieldend def too yield ensure onebreakend one Debug - mirb ------------------- Starting program: /home/x/Desktop/test/mruby/bin/mirb testmarkcontextstack mirb - Embeddable Interactive Ruby...

WePresent WiPG-1500 - Backdoor Account Vulnerability

Exploit for hardware platform in category remote exploits Exploit Title: CVE-2017-6351 - WePresent undocumented privileged manufacturer backdoor account Date: 27/02/2017 Exploit Author: Quentin Olagne Vendor Homepage: http://www.wepresentwifi.com/ or...

WePresent WiPG-1500 Backdoor Account

Exploit Title: CVE-2017-6351 - WePresent undocumented privileged manufacturer backdoor account Date: 27/02/2017 Exploit Author: Quentin Olagne Vendor Homepage: http://www.wepresentwifi.com/ or http://www.awindinc.com/productswepresentwipg1500.html Software Link:...

WePresent WiPG-1500 - Backdoor Account

WePresent WiPG-1500 - Backdoor Account Exploit Title: CVE-2017-6351 - WePresent undocumented privileged manufacturer backdoor account Date: 27/02/2017 Exploit Author: Quentin Olagne Vendor Homepage: http://www.wepresentwifi.com/ or http://www.awindinc.com/productswepresentwipg1500.html Software...

WePresent WiPG-1500 - Backdoor Account

Exploit Title: CVE-2017-6351 - WePresent undocumented privileged manufacturer backdoor account Date: 27/02/2017 Exploit Author: Quentin Olagne Vendor Homepage: http://www.wepresentwifi.com/ or http://www.awindinc.com/productswepresentwipg1500.html Software Link:...

Chrome: bypass for download filetype blacklist, extension->native privesc

This bug report describes a vulnerability that can be used by an extension with some permissions to escalate to native code execution on Linux desktops if Java is installed. No user interaction is required. Chrome permits extensions with appropriate permissions "downloads" and "downloads. open" t...

shopify-scripts: Memory corrouption in mrb_gc_mark

The memory corruption in mrbgcmark function can lead to code execution or at least DoS on mruby. PoC attached. Crash debug mr@minhrau $ ./mrubylatest/mruby/build/bench/bin/mruby ./mruby/fuzz03/crashes/mrbgcmark.rb Reading symbols from ./mrubylatest/mruby/build/bench/bin/mruby...done. gdb r...

DEBIAN-CVE-2016-5038

The dwarfgetmacrostartendfile function in dwarfmacro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds read via a crafted string offset for .debugstr...

UBUNTU-CVE-2016-5038

The dwarfgetmacrostartendfile function in dwarfmacro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds read via a crafted string offset for .debugstr...

NVIDIA Driver 375.70 - Buffer Overflow in Command Buffer Submission Vulnerability

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1012 DxgkDdiSubmitCommandVirtual is the function implemented by the kernel mode driver responsible for submitting a command buffer to the GPU. One of the arguments passed contains...

NVIDIA Driver 375.70 - Buffer Overflow in Command Buffer Submission

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1012 DxgkDdiSubmitCommandVirtual is the function implemented by the kernel mode driver responsible for submitting a command buffer to the GPU. One of the arguments passed contains vendor specific data from the user mode driver. The...

NVIDIA Driver 375.70 - Buffer Overflow in Command Buffer Submission

NVIDIA Driver 375.70 - Buffer Overflow in Command Buffer Submission Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1012 DxgkDdiSubmitCommandVirtual is the function implemented by the kernel mode driver responsible for submitting a command buffer to the GPU. One of the arguments...