Linux/x86 - Cat File Encode to base64 and post via curl to Webserver Shellcode (125 bytes)

Exploit Title: Linux/x86 cat file encode to base64 and post via curl to webserver 125 bytes Exploit Author: strider Vendor Homepage: None Software Link: None Tested on: Debian 9 Stretch i386/ Kali Linux i386 CVE : None Shellcode Length: 125...

Linux/x86 - NOT Encoder / Decoder - execve(/bin/sh) Shellcode (44 bytes)

/ ; NOT-Encoder.py ; Author: Daniele Votta ; Description: This program encode shellcode with NOT technique. ; Tested on: i686 GNU/Linux ; Shellcode Length:25 !/usr/bin/python Python NOT Encoder Execve /bin/sh shellcode...

HDF HDF5 Buffer Overflow Vulnerability

HDF5 is a data model, library, and file format for storing and managing data. A buffer overflow vulnerability exists in H5Olayoutencode in H5Olayout.c in HDF HDF5 1.10.4 and earlier versions. An attacker can exploit this vulnerability to cause a denial of service via a specially crafted HDF5 file...

UBUNTU-CVE-2019-8396

A buffer overflow in H5Olayoutencode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file, aka "Invalid write of size 2."...

DEBIAN-CVE-2019-8396

A buffer overflow in H5Olayoutencode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while repacking an HDF5 file, aka "Invalid write of size 2."...

Hootoo HT-05 - Remote Code Execution Exploit

require 'msf/core' require 'net/http' require "uri" class MetasploitModule 'Hootoo HT-05 remote shell exploit', 'Description' = %q This module tries to open a door in the device by exploiting the RemoteCodeExecution by creating a backdoor inside the device This exploit was written by Andrei Manol...

PYSEC-2018-120

There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack...

PT-2018-15257 · Exiv2 +5 · Exiv2 +5

Name of the Vulnerable Software and Affected Versions: Exiv2 version 0.27-RC3 Description: A heap-based buffer over-read issue exists in the encodeJp2Header function of jp2image.cpp. This can be triggered by a crafted input, potentially leading to a remote denial of service attack. Recommendation...

jasper: NULL pointer exception in jp2_encode()

JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2encode which failed to check to see if the image contained at least one component resulting in a denial-of-service...

ZyXEL VMG3312-B10B 1.00(AAPP.7) - Credential Disclosure

ZyXEL VMG3312-B10B 1.00AAPP.7 - Credential Disclosure Exploit Title: ZyXEL VMG3312-B10B - Leak Credentials "; else continue; else echo "pfff"; ftpclose$ftpconn; ?...

ZyXEL VMG3312-B10B < 1.00(AAPP.7) - Credential Disclosure

Exploit Title: ZyXEL VMG3312-B10B - Leak Credentials "; else continue; else echo "pfff"; ftpclose$ftpconn; ?...

Design/Logic Flaw

An issue was discovered in Pippo 1.11.0. The function SerializationSessionDataTranscoder.decode calls ObjectInputStream.readObject to deserialize a SessionData object without checking the object types. An attacker can create a malicious object, base64 encode it, and place it in the PIPPOSESSION...

CVE-2018-18628

An issue was discovered in Pippo 1.11.0. The function SerializationSessionDataTranscoder.decode calls ObjectInputStream.readObject to deserialize a SessionData object without checking the object types. An attacker can create a malicious object, base64 encode it, and place it in the PIPPOSESSION...

UBUNTU-CVE-2018-17974

An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlten10mbencode of the file plugins/dlten10mb/en10mb.c, due to inappropriate values in the function memmove. The length pktlen + ctx - l2len can be larger than source value packet +...

HDF5 Null Pointer Dereference Vulnerability (CNVD-2019-03443)

HDF5 is a free suite of tools for managing the storage of different types of data that can be managed, manipulated, viewed, analyzed, and generated in portable formats. A null pointer dereference vulnerability exists in the 'H5Osdspaceencode' function of the H5Osdspace.c file in HDF51.10.3 and...

UBUNTU-CVE-2018-17432

A NULL pointer dereference in H5Osdspaceencode in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file...

DEBIAN-CVE-2018-16376

An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2encodepacket in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact...

CVE-2016-8617

The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via CURLOPTUSERNAME...

DEBIAN-CVE-2016-8617

The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via CURLOPTUSERNAME...

CVE-2016-8617

The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via CURLOPTUSERNAME...