46 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Unlinking the table before deleting it The syzbot reports the following UAFs: BUG: KASAN: Use-after-free in memcmp+0x18f/0x1c0, lib/string.c:955 nlastrcmp+0xf2/0x130, lib/nlattr.c:836...
Buffer-Overflow-PoC
Buffer Overflow PoC — ret2libc on x86-64 Linux Overview D...
New-Shellcode-Injection-Exploit
Shellcode Injection Exploit Author Created by 0x5da...
CVE-2025-1331
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the gets function...
Software-Exploitation-Final-Project
ATM Challenge - Buffer Overflow Exploit Author: Olalekan...
Malicious Package
Overview gets-random-datas is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2025-48519 Malicious code in gets-random-datas (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d13279c0dfe50ca0e8f75374e6903bf163c9fa3b46842da81459f75f423a88d7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2025-35019
Malicious code in gets-random-datas npm...
Malicious code in gets-random-datas (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d13279c0dfe50ca0e8f75374e6903bf163c9fa3b46842da81459f75f423a88d7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-1331
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the gets function...
CVE-2025-1331
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the gets function...
CVE-2025-1331
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the gets function...
CVE-2025-1331 IBM CICS TX code execution
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the gets function...
CVE-2025-1331 IBM CICS TX code execution
IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to the use of unsafe use of the gets function...
CVE-2025-1331
IBM CICS TX code execution (CVE-2025-1331) affects IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1/11.1. Root cause: unsafe use of the gets function, enabling a local user to execute arbitrary code. CVSS v3.1 base score 7.8 (LOCAL, HIGH impacts; privileges/impact). Remediation: apply fixe...
IBM CICS TX Standard 安全漏洞
IBM CICS TX Standard is a comprehensive single transaction runtime package from International Business Machines IBM. A security vulnerability exists in the IBM CICS TX gets function handling DNS return requests, which can be exploited by a local attacker to submit a special request that can be us...
CLSA-2025-1745427138 LibRaw: Fix of CVE-2021-32142
CVE-2021-32142: fix buffer overflow vulnerability in LibRawbufferdatastream::getschar, int in librawdatastream.cpp...
Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp.
...
SUSE CVE-2024-50336
matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. matrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients based on the matrix-js-sdk to issue arbitrary authenticated GET requests to the...
ruby: Buffer overread vulnerability in StringIO
A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a StringIO object can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value...