EUVD-2020-20504

Malware in sbrugna...

EUVD-2022-52607

Malicious code in bioql PyPI...

PT-2023-36000 · Hdf5 · Hdf5

Name of the Vulnerable Software and Affected Versions: HDF5 affected versions not specified Description: A heap buffer overflow read issue has been identified. The crash state includes functions such as H5F accum free, H5MF xfree, and H5MF free aggrs. Recommendations: At the moment, there is no...

Linux heap overflow of Fastbin Attack examples detailed explanation-vulnerability warning-the black bar safety net

1. Summary In recent years the large CTF game, see a lot of times pwn the category title appears in the fastbin attack of the case, such as this year's defcon, the RCTF, the fat Hubble Cup, 0CTF final, etc., fastbin attack is a heap exploits are common, easy-to-use and effective attack, in the...

From the byte overflows to arbitrary code execution-Linux stack exploit-vulnerability warning-the black bar safety net

One byte overflow called off-by-one, once a period of time, the off-by-one is considered to be not utilized, but later research found on the heap even if only one byte overflow can lead to arbitrary code execution. At the same time the heap of the off-by-one using also appear in the domestic and...

How to understand stack and heap overflow exploits-a vulnerability warning-the black bar safety net

This article is a detailed description of the heap,and will teach you how to write a heap-based overflow vulnerability. Run the following program: include include include int mainint argc, char argv char buf1 = malloc1 2 8; char buf2 = malloc2 5 6; read's filenostdin, buf1, 2 0 0; freebuf2;...

Microsoft Windows ASN.1 Library Bit String Processing Integer Handling Vulnerability

Description Microsoft ASN.1 handling library has been reported prone to an integer overflow vulnerability that may result in arbitrary heap-based memory corruption. The issue presents itself in the ASN.1 BER decoding/encoding routines. Exploitation of this issue will result in the corruption of...