CVE-2018-25258

CVE-2018-25258 affects RGui 3.5.0. The issue is a local buffer overflow in the GUI preferences dialog, enabling DEP bypass via structured exception handling and a stack-based overflow triggered by input in the Language for menus and messages field. This can be exploited to construct a ROP chain f...

CVE-2019-25485

R 3.4.4 on Windows x64 contains a buffer overflow vulnerability in the GUI Preferences language menu field that allows local attackers to bypass DEP and ASLR protections. Attackers can inject a crafted payload through the Language for menus preference to trigger a structured exception handler cha...

EUVD-2018-8339

Malware in sbrugna...

CVE-2011-10023

MJM QuickPlayer likely now referred to as MJM Player version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitra...

CVE-2020-17448

Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as demonstrated by use of the chat window with a filename that lacks an extension...

net/smc: protect link down work from execute after lgr freed

...

APSB25-01 : Security update available for Adobe InDesign

Adobe has released a security update for Adobe InDesign. This update addresses critical and important vulnerabilities. Successful exploitation could lead to memory leak, arbitrary code execution and application denial-of-service...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix potential context UAFs CVE-2023-52913 In the Linux kernel, the following vulnerability has been resolved: dm-crypt, dm-verity: disable tasklets CVE-2024-26718 In the Linux kernel, the following...

CVE-2020-17354

LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a different file format. NOTE: in 2.24 and later versions, sa...

CVE-2020-17448

Summary (CVE-2020-17448, Telegram Desktop): Telegram Desktop up to version 2.1.13 is affected by a spoofed file type that bypasses the Dangerous File Type Execution protection, demonstrated by a filename without an extension. Root cause: failure of the protection mechanism to correctly validate f...

CVE-2020-17448

Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as demonstrated by use of the chat window with a filename that lacks an extension...

10-Strike Bandwidth Monitor 3.9 Buffer Overflow

Exploit Title: 10-Strike Bandwidth Monitor 3.9 - ROP VirtualAlloc - Buffer Overflow SEH,DEP,ASLR Exploit Author: Bobby Cooke Date: June 7th, 2020 Vendor Site: https://www.10-strike.com/ Software Download: https://www.10-strike.com/bandwidth-monitor/bandwidth-monitor.exe Tested On: Windows 10 - Pr...

CVE-2018-16530

A stack-based buffer overflow in Forcepoint Email Security version 8.5 allows an attacker to craft malicious input and potentially crash a process creating a denial-of-service. While no known Remote Code Execution RCE vulnerabilities exist, as with all buffer overflows, the possibility of RCE...

Stack overflow

A stack-based buffer overflow in Forcepoint Email Security version 8.5 allows an attacker to craft malicious input and potentially crash a process creating a denial-of-service. While no known Remote Code Execution RCE vulnerabilities exist, as with all buffer overflows, the possibility of RCE...

PT-2019-9318 · Forcepoint · Forcepoint Email Security

Name of the Vulnerable Software and Affected Versions: Forcepoint Email Security version 8.5 Description: A stack-based buffer overflow allows an attacker to craft malicious input, potentially crashing a process and creating a denial-of-service. Although no known Remote Code Execution RCE...

Mozilla Firefox, Firefox ESR and Thunderbird Memory Corruption Vulnerability (CNVD-2018-12100)

Mozilla Firefox, Firefox ESR, and Thunderbird are products developed by the Mozilla Foundation.Firefox is an open source web browser, and Firefox ESR is an extended support version of Firefox.Thunderbird is a standalone email client from the Mozilla Thunderbird is a separate email client software...

Schneider Electric IGSS SCADA Software Local Code Execution Vulnerability

Schneider Electric IGSS SCADA Software is a shared service platform for SCADA Data Acquisition and Supervisory Control systems from Schneider Electric France. A security vulnerability exists in Schneider Electric IGSS SCADA Software version 12 and earlier, which stems from incorrect security...

Mozilla Firefox ESR < 45.7 Multiple Vulnerabilities

Binary data 9928.prm...

AVG Internet Security Security Bypass Vulnerability

AVG Internet Security is a suite of Internet security software from the Czech company AVG. The AVG Internet Security 2015 program protects user-mode processes by allocating memory with Read, Write, Execute RWX privileges in predictable addresses, allowing an attacker to bypass the DEP and ASLR...

on windows systems use the VS compiler to buffer overflow preventive measures-vulnerability warning-the black bar safety net

0x01 /GS --buffer security check If you use the/GS compile the program to insert code to detect possible overwrite the function return address of buffer overflows. If the occurrence of a buffer overflow, the system will display to the user a warning dialog, and then terminate the program. Thus, t...