Rockwell Automation Micrologix 1400 <= 21.2 Float Value Exploit

Binary data 720223.prm...

Freefloat FTP Server 1.0 - STOR Remote Buffer Overflow Exploit

Exploit Title: Free Float FTP 1.0 "STOR" Remote Buffer Overflow Exploit Author: Kevin Randall Vendor Homepage: Software Link: http://www.freefloat.com/software/freefloatftpserver.zip Version: Firmware: Free Float FTP 1.0 Tested on: Windows XP Professional Service Pack 2 CVE : N/A Generate Shellco...

Freefloat FTP Server 1.0 - &#039;SIZE&#039; Remote Buffer Overflow

Exploit Title: Free Float FTP 1.0 "SIZE" Remote Buffer Overflow Google Dork: N/A Date: 4/26/2019 Exploit Author: Kevin Randall Vendor Homepage: Software Link: http://www.freefloat.com/software/freefloatftpserver.zip Version: Firmware: Free Float FTP 1.0 Tested on: Windows XP Professional Service...

openSUSE Security Update : jhead (openSUSE-2019-698)

This update for jhead fixes the following security issues : - CVE-2016-3822: jhead remote attackers to execute arbitrary code or cause a denial of service out-of-bounds access via crafted EXIF data bsc1108480. - CVE-2018-16554: The ProcessGpsInfo function may have allowed a remote attacker to cau...

PT-2022-11254 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: Gpac versions through 1.0.1 Description: A Segmentation fault caused by a floating point exception exists in Gpac, which causes a denial of service. This issue is related to the naludmx enqueue or dispatch function in reframe nalu.c when usin...

Updated jhead package fixes security vulnerabilities

The ProcessGpsInfo function may have allowed a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAGGPSALT handling CVE-2018-16554. The ProcessGpsInfo...

CVE-2018-12366

An invalid grid size during QCMS color profile transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability affects Thunderbird 60, Thunderbird 52.9, Firefox ESR 60.1, Firefox ESR 52.9, and Firefox 61...

XenoScan - Open Source Memory Scanner Written In C++

XenoScan is a memory scanner which can be used to scan the memory of processes to locate the specific locations of important values. These types of tools are typically used when hacking video games, as they allow one to locate the values representing the game's state in memory. XenoScan is writte...

Security update for jhead (moderate)

This update for jhead fixes the following security issues: - CVE-2016-3822: jhead remote attackers to execute arbitrary code or cause a denial of service out-of-bounds access via crafted EXIF data bsc1108480. - CVE-2018-16554: The ProcessGpsInfo function may have allowed a remote attacker to caus...

CVE-2018-16554

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAGGPSALT handling...

CVE-2018-16554

CVE-2018-16554 affects jhead 3.00, where ProcessGpsInfo in gpsinfo.c mishandles a sprintf format string for TAG_GPS_ALT due to float/double mismatch, enabling a remote attacker to cause a denial-of-service or unspecified impact via a crafted JPEG. Public advisories (openSUSE/SUSE patches) show th...

CVE-2018-16554

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAGGPSALT handling...

Mozilla: Invalid data handling during QCMS transformations

An invalid grid size during QCMS color profile transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability affects Thunderbird 60, Thunderbird 52.9, Firefox ESR 60.1, Firefox ESR 52.9, and Firefox 61...

JavaScript Core - Arbitrary Code Execution Exploit

Exploit for multiple platform in category local exploits // Load Int library, thanks saelo! load'util.js'; load'int64.js'; // Helpers to convert from float to in a few random places var conva = new ArrayBuffer8; var convf = new Float64Arrayconva; var convi = new Uint32Arrayconva; var convi8 = new...

JavaScript Core - Arbitrary Code Execution

JavaScript Core - Arbitrary Code Execution // Load Int library, thanks saelo! load'util.js'; load'int64.js'; // Helpers to convert from float to in a few random places var conva = new ArrayBuffer8; var convf = new Float64Arrayconva; var convi = new Uint32Arrayconva; var convi8 = new...

JavaScript Core - Arbitrary Code Execution

// Load Int library, thanks saelo! load'util.js'; load'int64.js'; // Helpers to convert from float to in a few random places var conva = new ArrayBuffer8; var convf = new Float64Arrayconva; var convi = new Uint32Arrayconva; var convi8 = new Uint8Arrayconva; var floatarrmagic = new...

zipy.co.il XSS vulnerability

Open Bug Bounty ID: OBB-624724 Description| Value ---|--- Affected Website:| zipy.co.il Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Microsoft Edge Chakra JIT - Magic Value Type Confusion

Microsoft Edge Chakra JIT - Magic Value Type Confusion / BOOL JavascriptNativeFloatArray::SetItemuint32 index, double dValue if uint64&dValue == uint64&JavascriptNativeFloatArray::MissingItem JavascriptArray varArr = JavascriptNativeFloatArray::ToVarArraythis; varArr-DirectSetItemAtindex,...

gcc security, bug fix, and enhancement update

4.8.5-28.0.1 - Orabug: 27557686 Egeyar Bagcioglu - Introduce 'oraclerelease' into .spec file. Echo it to gcc/DEV-PHASE. 4.8.5-28 - Minor testsuite fixes to clean up test results 1469697 - retpoline support for spectre mitigation 1535655 4.8.5-27 - bump for rebuild with RELRO enabled even for...

Allen Bradley Micrologix 1400 Series B FRN Access Control Vulnerability (CNVD-2018-08282)

Allen Bradley Micrologix 1400 Series B FRN is a programmable logic controller from Rockwell Automation. An access control vulnerability exists in the data, program, and function file permissions functions in Allen Bradley Micrologix 1400 Series B FRN 21.2 and earlier. For the Float data type, the...