imagemagick/encoder_dng_fuzzer: Use-of-uninitialized-value in LibRaw::panasonic_load_raw

Detailed report: https://oss-fuzz.com/testcase?key=5147834853621760 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderdngfuzzer Fuzz target binary: encoderdngfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...

imagemagick/encoder_dng_fuzzer: Stack-buffer-overflow in LibRaw::kodak_radc_load_raw

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5965403386806272 Project: imagemagick Fuzzer: aflimagemagickencoderdngfuzzer Fuzz target binary: encoderdngfuzzer Job Type: aflasanimagemagick Platform Id: linux Crash Type:...

imagemagick/encoder_ptif_fuzzer: Use-of-uninitialized-value in ReadTIFFImage

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=6258253836058624 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderptiffuzzer Fuzz target binary: encoderptiffuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

Arista Networks EOS ASN.1 Encoder RCE (SA0020)

The version of Arista Networks EOS running on the remote device is affected by a remote code execution vulnerability in the ASN.1 encoder due to an underflow condition that occurs when attempting to encode the value zero represented as a negative integer. An unauthenticated, remote attacker can...

CVE-2017-17767

In all Qualcomm products with Android releases from CAF using the Linux kernel, the IL client may free a buffer OMX Video Encoder Component and then subsequently access the already freed buffer...

CVE-2017-17767

In all Qualcomm products with Android releases from CAF using the Linux kernel, the IL client may free a buffer OMX Video Encoder Component and then subsequently access the already freed buffer...

CVE-2017-17767

CVE-2017-17767 affects Qualcomm Media framework on Android CAF builds using the Linux kernel. The underlying issue is a use-after-free in the IL client where an OMX Video Encoder Component buffer is freed and then subsequently accessed, enabling Elevation of Privilege by a local attacker. Affecte...

imagemagick/encoder_mvg_fuzzer: Heap-buffer-overflow in TracePoint

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5650434216689664 Project: imagemagick Fuzzer: aflimagemagickencodermvgfuzzer Fuzz target binary: encodermvgfuzzer Job Type: aflasanimagemagick Platform Id: linux Crash Type:...

imagemagick/encoder_miff_fuzzer: Use-of-uninitialized-value in QueryColorCompliance

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5538926652555264 Project: imagemagick Fuzzer: libFuzzerimagemagickencodermifffuzzer Fuzz target binary: encodermifffuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

Meterpreter Paranoid Mode - Meterpreter over SSL/TLS connections

MeterpreterParanoidMode.sh allows users to secure your staged/stageless connection for Meterpreter by having it check the certificate of the handler it is connecting to. We start by generating a certificate in PEM format, once the certs have been created we can create a HTTP or HTTPS or EXE paylo...

imagemagick/encoder_xc_fuzzer: Use-of-uninitialized-value in ReadImage

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=4884902857146368 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderxcfuzzer Fuzz target binary: encoderxcfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

imagemagick/encoder_miff_fuzzer: Use-of-uninitialized-value in ParseGeometry

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5690482123341824 Project: imagemagick Fuzzer: libFuzzerimagemagickencodermifffuzzer Fuzz target binary: encodermifffuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

imagemagick/encoder_mvg_fuzzer: Heap-buffer-overflow in GetNextToken

Detailed report: https://oss-fuzz.com/testcase?key=6057739475222528 Project: imagemagick Fuzzer: aflimagemagickencodermvgfuzzer Fuzz target binary: encodermvgfuzzer Job Type: aflasanimagemagick Platform Id: linux Crash Type: Heap-buffer-overflow WRITE 1 Crash Address: 0x62100003c0ff Crash State:...

Linux/x86 ROT-N + Shift-N + XOR-N Encoded /bin/sh Shellcode (77 bytes)

/ Description ; Title : ROT-N + Shift-N + XOR-N encoded /bin/sh - Shellcode ; Author : Hashim Jawad ; Blog Post : https://ihack4falafel.com/2018/01/rot-n-shift-n-xor-n-shellcode-encoder-linux-x86/ ; Twitter : @ihack4falafel ; SLAE ID : SLAE-1115 ; Purpose : spawn /bin/sh shell ; Tested On : Ubunt...

ALPINE-CVE-2018-5785

In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opjj2ksetupencoder function openjp2/j2k.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file...

imagemagick/encoder_miff_fuzzer: Use-of-uninitialized-value in GetXMPProperty

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5177219254059008 Project: imagemagick Fuzzer: libFuzzerimagemagickencodermifffuzzer Fuzz target binary: encodermifffuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

imagemagick/encoder_mpc_fuzzer: Stack-buffer-overflow in GetPathComponent

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5192405184675840 Project: imagemagick Fuzzer: aflimagemagickencodermpcfuzzer Fuzz target binary: encodermpcfuzzer Job Type: aflasanimagemagick Platform Id: linux Crash Type:...

UBUNTU-CVE-2017-16840

The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service out-of-bounds read because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2encdwt.c...

CVE-2017-16840

The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service out-of-bounds read because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2encdwt.c...

CVE-2017-16840

CVE-2017-16840 affects FFmpeg 3.0 and 3.4, where the VC-2 video encoder (libavcodec/vc2enc.c and vc2enc_dwt.c) allows a remote attacker to trigger a denial of service via an out-of-bounds read caused by incorrect buffer padding for non-Haar wavelets. The issue has been fixed in FFmpeg 3.4.x relea...