88 matches found
CVE-2020-2128
Jenkins ECX Copy Data Management Plugin 1.9 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...
NVIDIA D3D10 Driver Shader Functionality DCL_INDEXRANGE instruction memory corruption vulnerability
Talos Vulnerability Report TALOS-2022-1604 NVIDIA D3D10 Driver Shader Functionality DCLINDEXRANGE instruction memory corruption vulnerability December 6, 2022 CVE Number CVE-2022-34671 SUMMARY A memory corruption vulnerability exists in the Shader Functionality DCLINDEXRANGE instruction...
Password stored in plain text by ECX Copy Data Management Plugin
Jenkins ECX Copy Data Management Plugin 1.9 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...
Backdoor.Win32.Ncx.b Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/991c1f02c809cee860cb712896a45338B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Ncx.b Vulnerability: Remote Stack Buffer Overflow Description: The malware listens o...
Backdoor.Win32.BlueAdept.02.a Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/694d21679cc212c59515584d1b65dc84.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.BlueAdept.02.a Vulnerability: Remote Buffer Overflow Description: The malware listens...
Backdoor.Win32.Ncx.b Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/885e74a43b4f7caec3cfb4dba0787de4.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Ncx.b Vulnerability: Remote Stack Buffer Overflow Description: The malware listens on...
Backdoor.Win32.Agent.sah Heap Corruption
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/3ee7a90b5fc3f2b7ba68911e8220df17.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.sah Vulnerability: Heap Corruption Description: The malware listens on TCP port...
crossfire-server 1.9.0 - SetUp() Remote Buffer Overflow Exploit
Exploit Title: crossfire-server 1.9.0 - 'SetUp' Remote Buffer Overflow Exploit Author: Khaled Salem @Khaled0x07 Software Link: https://www.exploit-db.com/apps/43240af83a4414d2dcc19fff3af31a63-crossfire-1.9.0.tar.gz Version: 1.9.0 Tested on: Kali Linux 2020.4 CVE : CVE-2006-1236 !/bin/python impor...
Backdoor.Win32.Whgrx Remote Stack Buffer Overflow
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/eb6fd418cd3b52132ffb029b52839edf.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Whgrx Vulnerability: Remote Host Header Stack Buffer Overflow Description: The specim...
NetPCLinker 1.0.0.0 Buffer Overflow
!/usr/bin/python Exploit Title: NetPCLinker 1.0.0.0 Buffer Overflow SEH Egghunter Date: 2019-06-28 Exploit Author: Saeed reza Zamanian Vendor Homepage: https://sourceforge.net/projects/netpclinker/ Software Link: https://sourceforge.net/projects/netpclinker/files/ Version: 1.0.0.0 Tested on:...
10-Strike Bandwidth Monitor 3.9 Buffer Overflow Exploit
10-Strike Bandwidth Monitor version 3.9 ROP VirtualAlloc buffer overflow exploit with SEH, DEP, and ASLR. Exploit Title: 10-Strike Bandwidth Monitor 3.9 - ROP VirtualAlloc - Buffer Overflow SEH,DEP,ASLR Exploit Author: Bobby Cooke Date: June 7th, 2020 Vendor Site: https://www.10-strike.com/...
LanSend 3.2 - Buffer Overflow (SEH) Exploit
Exploit Title: LanSend 3.2 - Buffer Overflow SEH Exploit Author: gurbanli Vulnerable Software: LanSend 3.2 Vendor Homepage: https://lizardsystems.com Version: 3.2 Software Link: https://lizardsystems.com/download/lansendsetup.exe Tested on: Windows 7 x86 f = file'payload.txt','w' """ PoC 1. Run...
Nsauditor 3.2.1.0 - Buffer Overflow (SEH+ASLR bypass (3 bytes overwrite))
Exploit Title: Nsauditor 3.2.1.0 - Buffer Overflow SEH+ASLR bypass 3 bytes overwrite Date: 2020-04-17 Exploit Author: Cervoise Vendor Homepage: https://www.nsauditor.com/ Software Link: https://www.nsauditor.com/downloads/nsauditorsetup.exe Version: 3.2.1.0 and 3.0.28 Tested on: Windows...
Nsauditor 3.2.1.0 - Buffer Overflow (SEH+ASLR bypass (3 bytes overwrite)) Exploit
Exploit Title: Nsauditor 3.2.1.0 - Buffer Overflow SEH+ASLR bypass 3 bytes overwrite Exploit Author: Cervoise Vendor Homepage: https://www.nsauditor.com/ Software Link: https://www.nsauditor.com/downloads/nsauditorsetup.exe Version: 3.2.1.0 and 3.0.28 Tested on: Windows 10.0.18363.778 x86 Pro EN...
CloudBees Jenkins ECX Copy Data Management Plugin Information Disclosure Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A security vulnerability exis...
CVE-2020-2128
Jenkins ECX Copy Data Management Plugin 1.9 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2020-2128
Jenkins ECX Copy Data Management Plugin 1.9 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...
Design/Logic Flaw
Jenkins ECX Copy Data Management Plugin 1.9 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2020-2128
CVE-2020-2128 affects the Jenkins ECX Copy Data Management Plugin (versions ≤ 1.9). The root cause is passwords stored unencrypted in job config.xml on the Jenkins master. This allows disclosure to users with Extended Read permissions or to anyone with master filesystem access. The provided docum...
CVE-2020-2128
Jenkins ECX Copy Data Management Plugin 1.9 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...