40 matches found
Astra Linux - уязвимость в chromium
The use of “after free” in DevTools in Google Chrome before version 111.0.5563.64 allowed a remote attacker who had convinced the user to engage in direct UI interaction to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Exploit for Out-of-bounds Write in Gnu Glibc
CTT-Vsyslog-Vortex-CVE-2023-6246 CVE-2023-6246 glibc vsyslog...
Binary_Exploitation_Material
Binary Exploitation Material Personal collection of binary ex...
binary-exploitation-labs
Binary Exploitation Labs This repository is my long-term pu...
EUVD-2019-4802
Malware in sbrugna...
EUVD-2023-55538
Malicious code in bioql PyPI...
CVE-2024-21502
Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary...
AZL-56041 CVE-2025-0611 affecting package nodejs 20.14.0-13
Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2025-0611
Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Amazon Corretto Java 11.x < 11.0.26.4.1 Vulnerability
The version of Amazon Corretto installed on the remote host is 11 prior to 11.0.26.4.1. It is, therefore, affected by a vulnerability as referenced in the corretto-11-2025-Jan-21 advisory. - Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stac...
gstreamer1-plugins-good: OOB-write in convert_to_s334_1a
A flaw was found in the GStreamer library. An out-of-bounds write in the MP4/MOV demuxer when handling CEA608 Closed Caption tracks can lead to crashes for certain input files. This vulnerability allows a malicious third party to trigger a crash of the application and perform code execution throu...
gstreamer1-plugins-good: OOB-write in isomp4/qtdemux.c
A flaw was found in the GStreamer library. An integer overflow in the MP4/MOV demuxer's sample table parser can lead to out-of-bounds writes and NULL-pointer dereferences for certain input files. This vulnerability allows a malicious third party to trigger an application crash and, in the case of...
ROS-20240625-07
Vulnerability in tiff.c file of ImageMagick console graphic editor related to buffer overflow in the heap. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
GHSA-PH86-G9R3-5QW4 Uninitialized Variable in fastecdsa
Versions of the package fastecdsa before 2.3.2 use an Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary realloc, null pointer...
Uninitialized Variable in fastecdsa
Versions of the package fastecdsa before 2.3.2 use an Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary realloc, null pointer...
CVE-2024-21502
Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary...
CVE-2024-21502
Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary...
PYSEC-2024-39
Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary...
Null pointer dereference
Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary...
CVE-2024-21502
Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary...