Microsoft Windows - (SMBGhost) Remote Code Execution Exploit

!/usr/bin/env python ''' EDB Note Download: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/48537.zip SMBGhostRCEPoC RCE PoC for CVE-2020-0796 "SMBGhost" For demonstration purposes only! Only use this a reference. Seriously. This has not been tested outside of m...

CVE-2019-20770

An issue was discovered on LG mobile devices with Android OS 9.0 software. The HAL service has a buffer overflow that leads to arbitrary code execution. The LG ID is LVE-SMP-190013 September 2019...

CVE-2019-20770

An issue was discovered on LG mobile devices with Android OS 9.0 software. The HAL service has a buffer overflow that leads to arbitrary code execution. The LG ID is LVE-SMP-190013 September 2019...

Buffer overflow

An issue was discovered on LG mobile devices with Android OS 9.0 software. The HAL service has a buffer overflow that leads to arbitrary code execution. The LG ID is LVE-SMP-190013 September 2019...

CVE-2019-20770

CVE-2019-20770 affects LG mobile devices running Android 9.0. The HAL service contains a buffer overflow that leads to arbitrary code execution. Sources in connected documents (Red Hat and NVD entries) confirm the description and LG’s internal ID LVE-SMP-190013 (Sept 2019). No further exploit det...

CVE-2019-20770

An issue was discovered on LG mobile devices with Android OS 9.0 software. The HAL service has a buffer overflow that leads to arbitrary code execution. The LG ID is LVE-SMP-190013 September 2019...

CVE-2019-10582

Use after free issue due to using of invalidated iterator to delete an object in sensors HAL in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8096AU, MSM8909W, Nicobar, QCS605, SA6155P, SDA845, SDM429W,...

Design/Logic Flaw

Use after free issue due to using of invalidated iterator to delete an object in sensors HAL in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8096AU, MSM8909W, Nicobar, QCS605, SA6155P, SDA845, SDM429W,...

CVE-2019-10582

Use after free issue due to using of invalidated iterator to delete an object in sensors HAL in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8096AU, MSM8909W, Nicobar, QCS605, SA6155P, SDA845, SDM429W,...

PT-2019-14599 · Intel +2 · Opencv +2

Name of the Vulnerable Software and Affected Versions: OpenCV version 4.1.1 Description: The issue is related to an out-of-bounds read in the hal baseline::v load function located in core/hal/intrin sse.hpp, which is called from computeSSDMeanNorm in modules/video/src/dis flow.cpp. Recommendation...

CVE-2019-2023

In ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller. This could allow an app to add or replace a HAL service with its own service, gaining code execution in a privileged process.Product: AndroidVersions: Android-8....

Honeywell MIDAS-E-HAL Gas Detector Detection

Binary data 762163.prm...

CVE-2019-6136

Technical details about CVE-2019-6136 (affected product, impact, and fix) are not provided in the connected documents. Monitor for updates from official sources.

PT-2019-17974 · Libiec61850 +1 · Libiec61850 +1

Name of the Vulnerable Software and Affected Versions: libIEC61850 version 1.3.1 Description: The issue is related to memory leaks in the Memory malloc and Memory calloc functions located in hal/memory/lib memory.c, which are called from several files including mms/iso mms/common/mms value.c,...

PT-2019-17971 · Unknown +1 · Libiec61850 +1

Name of the Vulnerable Software and Affected Versions: libIEC61850 version 1.3.1 Description: A memory leak issue has been identified. The Memory malloc function in hal/memory/lib memory.c leaks memory when called from Asn1PrimitiveValue create in mms/asn1/asn1 ber primitive value.c. This issue i...

MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption for Win8+

EternalBlue exploit for Windows 8, Windows 10, and 2012 by sleepya The exploit might FAIL and CRASH a target system depended on what is overwritten The exploit support only x64 target Tested on: - Windows 2012 R2 x64 - Windows 8.1 x64 - Windows 10 Pro Build 10240 x64 - Windows 10 Enterprise...

CVE-2017-13209

In the ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller which could allow an application or service to replace a HAL service with its own service. This could lead to a local elevation of privilege enabling code...

Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon Exploit

Exploit for Android platform in category dos / poc This bug is similar to Jann Horn's issue https://bugs.chromium.org/p/project-zero/issues/detail?id=851 -- credit should go to him. The hardware service manager allows the registration of HAL services. These services are used by the vendor domain...

Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon

Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon This bug is similar to Jann Horn's issue https://bugs.chromium.org/p/project-zero/issues/detail?id=851 -- credit should go to him. The hardware service manager allows the registration of HAL services. These services...

Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon

This bug is similar to Jann Horn's issue https://bugs.chromium.org/p/project-zero/issues/detail?id=851 -- credit should go to him. The hardware service manager allows the registration of HAL services. These services are used by the vendor domain and other core processes, including systemserver,...