Exploit for Out-of-bounds Write in Gnu Glibc

CTT-Vsyslog-Vortex-CVE-2023-6246 CVE-2023-6246 glibc vsyslog...

Binary_Exploitation_Material

Binary Exploitation Material Personal collection of binary ex...

binary-exploitation-labs

Binary Exploitation Labs This repository is my long-term pu...

EUVD-2023-55538

Malicious code in bioql PyPI...

CVE-2024-21502

Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary...

CVE-2025-0611

Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

gstreamer1-plugins-good: OOB-write in convert_to_s334_1a

A flaw was found in the GStreamer library. An out-of-bounds write in the MP4/MOV demuxer when handling CEA608 Closed Caption tracks can lead to crashes for certain input files. This vulnerability allows a malicious third party to trigger a crash of the application and perform code execution throu...

gstreamer1-plugins-good: OOB-write in isomp4/qtdemux.c

A flaw was found in the GStreamer library. An integer overflow in the MP4/MOV demuxer's sample table parser can lead to out-of-bounds writes and NULL-pointer dereferences for certain input files. This vulnerability allows a malicious third party to trigger an application crash and, in the case of...

GHSA-PH86-G9R3-5QW4 Uninitialized Variable in fastecdsa

Versions of the package fastecdsa before 2.3.2 use an Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary realloc, null pointer...

Uninitialized Variable in fastecdsa

Versions of the package fastecdsa before 2.3.2 use an Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary realloc, null pointer...

CVE-2024-21502

Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary...

Null pointer dereference

Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary...

PYSEC-2024-39

Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary...

CVE-2024-21502

Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary...

CVE-2024-21502

Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary...

CVE-2023-2932

Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Chromium security severity: High...

Use After Free

chrome is vulnerable to use after free. The vulnerability exists due to a memory corruption in ANGLE which allows an attacker to potentially exploit heap corruption via a malicious HTML page...

UBUNTU-CVE-2022-0808

Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions...

SUSE-SU-2022:0052-1 Security update for libsndfile

This update for libsndfile fixes the following issues: - CVE-2021-4156: Fixed heap buffer overflow in flacbuffercopy that could potentially lead to heap exploitation bsc1194006...

nightmare

This is a course on binary exploitation and reverse engineering, specifically targeting Linux systems. The course is designed to be a comprehensive guide to learning binary exploitation and reverse engineering, with a focus on hands-on exercises and real-world examples. The course covers a range ...