8287 matches found
shopify-scripts: SIGSEGV - mark_context_stack
PoC ------------------- The following code triggers the bug attached as testmarkcontextstack.rb: def one tooyieldend def too yield ensure onebreakend one Debug - mirb ------------------- Starting program: /home/x/Desktop/test/mruby/bin/mirb testmarkcontextstack mirb - Embeddable Interactive Ruby...
WePresent WiPG-1500 - Backdoor Account Vulnerability
Exploit for hardware platform in category remote exploits Exploit Title: CVE-2017-6351 - WePresent undocumented privileged manufacturer backdoor account Date: 27/02/2017 Exploit Author: Quentin Olagne Vendor Homepage: http://www.wepresentwifi.com/ or...
WePresent WiPG-1500 Backdoor Account
Exploit Title: CVE-2017-6351 - WePresent undocumented privileged manufacturer backdoor account Date: 27/02/2017 Exploit Author: Quentin Olagne Vendor Homepage: http://www.wepresentwifi.com/ or http://www.awindinc.com/productswepresentwipg1500.html Software Link:...
WePresent WiPG-1500 - Backdoor Account
WePresent WiPG-1500 - Backdoor Account Exploit Title: CVE-2017-6351 - WePresent undocumented privileged manufacturer backdoor account Date: 27/02/2017 Exploit Author: Quentin Olagne Vendor Homepage: http://www.wepresentwifi.com/ or http://www.awindinc.com/productswepresentwipg1500.html Software...
WePresent WiPG-1500 - Backdoor Account
Exploit Title: CVE-2017-6351 - WePresent undocumented privileged manufacturer backdoor account Date: 27/02/2017 Exploit Author: Quentin Olagne Vendor Homepage: http://www.wepresentwifi.com/ or http://www.awindinc.com/productswepresentwipg1500.html Software Link:...
Chrome: bypass for download filetype blacklist, extension->native privesc
This bug report describes a vulnerability that can be used by an extension with some permissions to escalate to native code execution on Linux desktops if Java is installed. No user interaction is required. Chrome permits extensions with appropriate permissions "downloads" and "downloads. open" t...
shopify-scripts: Memory corrouption in mrb_gc_mark
The memory corruption in mrbgcmark function can lead to code execution or at least DoS on mruby. PoC attached. Crash debug mr@minhrau $ ./mrubylatest/mruby/build/bench/bin/mruby ./mruby/fuzz03/crashes/mrbgcmark.rb Reading symbols from ./mrubylatest/mruby/build/bench/bin/mruby...done. gdb r...
UBUNTU-CVE-2016-5038
The dwarfgetmacrostartendfile function in dwarfmacro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds read via a crafted string offset for .debugstr...
DEBIAN-CVE-2016-5038
The dwarfgetmacrostartendfile function in dwarfmacro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds read via a crafted string offset for .debugstr...
NVIDIA Driver 375.70 - Buffer Overflow in Command Buffer Submission Vulnerability
Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1012 DxgkDdiSubmitCommandVirtual is the function implemented by the kernel mode driver responsible for submitting a command buffer to the GPU. One of the arguments passed contains...
NVIDIA Driver 375.70 - Buffer Overflow in Command Buffer Submission
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1012 DxgkDdiSubmitCommandVirtual is the function implemented by the kernel mode driver responsible for submitting a command buffer to the GPU. One of the arguments passed contains vendor specific data from the user mode driver. The...
NVIDIA Driver 375.70 - Buffer Overflow in Command Buffer Submission
NVIDIA Driver 375.70 - Buffer Overflow in Command Buffer Submission Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1012 DxgkDdiSubmitCommandVirtual is the function implemented by the kernel mode driver responsible for submitting a command buffer to the GPU. One of the arguments...
Simple Static Malware Analyzer: SSMA
Simple Static Malware Analyzer SSMA is a simple malware analyzer written in Python 3. Features: Analyze PE file’s header and sections number of sections, entropy of sections/PE file, suspicious section names, suspicious flags in the characteristics of the PE file, etc. Searches for possible...
UBUNTU-CVE-2015-8750
libdwarf 20151114 and earlier allows remote attackers to cause a denial of service NULL pointer dereference and crash via a debugabbrev section marked NOBITS in an ELF file...
DEBIAN-CVE-2015-8750
libdwarf 20151114 and earlier allows remote attackers to cause a denial of service NULL pointer dereference and crash via a debugabbrev section marked NOBITS in an ELF file...
Fedora 25 : gnome-boxes (2017-fc0140d4c5)
gnome-boxes 3.22.4 release, fixing a possible security issue with storing the express installation password in clear text. - Store the user password in the keyring during an express installation. - Fix typo in debug string in vm-configurator. - Fix printf format strings in the selectiontoolbar...
shopify-scripts: SIGSEGV - mrb_vm_exec - line:1312
PoC ------------------- The following code triggers the bug attached as mrbvmexec.rb: n s s k h GC.start ObjectSpace.eachobject|obj|obj Debug - mirb ------------------- gdb r mrbvmexec.rb The program being debugged has been started already. Start it from the beginning? y or n y Starting program:...
habitation.gouv.qc.ca XSS vulnerability
Open Bug Bounty ID: OBB-211018 Description| Value ---|--- Affected Website:| habitation.gouv.qc.ca Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
ontariorvda.ca XSS vulnerability
Vulnerable URL: http://www.ontariorvda.ca/wp-content/plugins/shadowbox-js/shadowbox/player.swf?debug=alert%27openbugbounty%27 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 10857868 VIP website status:| No Check...
Pornhub: Debug.log file Exposed to Public \Full Path Disclosure\
The researcher discovered a debug log file exposing path information...