Cisco IOS Software Privilege Escalation (cisco-sa-XE-FSM-Yj8qJbJc)

According to its self-reported version, Cisco IOS Software is affected by a software privilege escalation vulnerability. A vulnerability in the dragonite debugger of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege. The...

Cisco IOS and IOS XE Elevation of Privilege Vulnerability

Cisco IOS is an operation and maintenance system developed by Cisco for its network equipment, where users set up the functions of the network equipment through the command line human-machine interface. IOS XE is a modular operating system based on Linux kernel developed for its network equipment...

CVE-2021-1391

A vulnerability in the dragonite debugger of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker...

CVE-2021-1391

A vulnerability in the dragonite debugger of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root privilege. The vulnerability is due to the presence of development testing and verification scripts that remained on the device. An attacker...

Cisco IOS XE Software 安全漏洞

Cisco IOS is an operation and maintenance system developed by Cisco for its network equipment, where users set up the functions of the network equipment through the command line human-machine interface. IOS XE is a modular operating system based on Linux kernel developed for its network equipment...

[SECURITY] Fedora 33 Update: radare2-5.1.1-1.fc33

The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...

nightmare

This repository is an open-source project for teaching binary exploitation and reverse engineering skills through a series of challenges. It is a collection of CTF Capture The Flag challenges designed to help learners develop their skills in exploiting binaries and reversing assembly code. The...

[SECURITY] Fedora 32 Update: radare2-5.1.1-1.fc32

The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and...

Shellex - C-shellcode To Hex Converter, Handy Tool For Paste And Execute Shellcodes In Gdb, Windbg, Radare2, Ollydbg, X64Dbg, Immunity Debugger And 010 Editor

C-shellcode to hex converter. Handy tool for paste & execute shellcodes in gdb, windbg, radare2, ollydbg, x64dbg, immunity debugger & 010 editor. Are you having problems converting C-shellcodes to HEX maybe c-comments+ASCII mixed? Here is shellex. If the shellcode can be compiled in a C compiler...

HyperDbg - The Source Code Of HyperDbg Debugger

HyperDbg is designed with a focus on using modern hardware technologies to provide new features to the reverse engineering world. It operates on top of Windows by virtualizing an already running system using Intel VT-x and Intel PT. This debugger aims not to use any APIs and software debugging...

Foxit Reader Javascript Field fileSelect Use After Free Vulnerability

Summary A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open t...

CVE-2020-25464

Heap buffer overflow at moddable/xs/sources/xsDebug.c in Moddable SDK before before 20200903. The top stack frame is only partially initialized because the stack overflowed while creating the frame. This leads to a crash in the code sending the stack frame to the debugger...

Heap overflow

Heap buffer overflow at moddable/xs/sources/xsDebug.c in Moddable SDK before before 20200903. The top stack frame is only partially initialized because the stack overflowed while creating the frame. This leads to a crash in the code sending the stack frame to the debugger...

CVE-2020-25464

Heap buffer overflow at moddable/xs/sources/xsDebug.c in Moddable SDK before before 20200903. The top stack frame is only partially initialized because the stack overflowed while creating the frame. This leads to a crash in the code sending the stack frame to the debugger...

Moddable SDK Buffer Error Vulnerability

Moddable SDK is a set of software development kits SDKs for embedded software development for the Internet of Things from Moddable, Inc. in the United States. A buffer error vulnerability exists in versions prior to Moddable SDK 20200903, which stems from a moddable/xs/sources/xsDebug.c heap buff...

USN-4655-1 python-werkzeug vulnerabilities

It was discovered that Werkzeug has insufficient debugger PIN randomness. An attacker could use this issue to access sensitive information. This issue only affected Ubuntu 18.04 LTS. CVE-2019-14806 It was discovered that Werkzeug incorrectly handled certain URLs. An attacker could possibly use th...

USN-4655-1: Werkzeug vulnerabilities

It was discovered that Werkzeug has insufficient debugger PIN randomness. An attacker could use this issue to access sensitive information. This issue only affected Ubuntu 18.04 LTS. CVE-2019-14806 It was discovered that Werkzeug incorrectly handled certain URLs. An attacker could possibly use th...

pwntools

This is an offensive tool for binary exploitation. It is a Python library called pwntools, which provides a set of tools for binary exploitation and reverse engineering. The library is designed to be used by security researchers and penetration testers to identify and exploit vulnerabilities in...

CVE-2020-28211

A CWE-863: Incorrect Authorization vulnerability exists in PLC Simulator on EcoStruxureª Control Expert now Unity Pro all versions that could cause bypass of authentication when overwriting memory using a debugger...

Authorization

A CWE-863: Incorrect Authorization vulnerability exists in PLC Simulator on EcoStruxureª Control Expert now Unity Pro all versions that could cause bypass of authentication when overwriting memory using a debugger...