599 matches found
strongSwan Denial of Service Vulnerability (CNVD-2018-14260)
strongSwan is an open source IPsec-based VPN solution for Linux platforms maintained by Swiss software developer Andreas Steffen. The solution includes authentication mechanisms such as X.509 public key certificates, secure storage of private keys, and smart cards. A security vulnerability exists...
Git < 2.17.1 - Remote Code Execution Exploit
Exploit for linux platform in category remote exploits...
DLink #DSL2750B OS Command Injection Exploit
This Metasploit module exploits a remote command injection vulnerability in D-Link DSL-2750B devices. Vulnerability can be exploited through "cli" parameter that is directly used to invoke "ayecli" binary. Vulnerable firmwares are from 1.01 up to 1.03. This module requires Metasploit:...
IBM Netezza Platform Software Detection (Linux)
Binary data ibmnetezzaplatformsoftwareinstalled.nbin...
Google Chrome for Mac, Windows and Linux Navigation URL Spoofing Vulnerability
Google Chrome for Mac, Windows and Linux is a web browser developed by Google for the Mac, Windows and Linux platforms.Navigation is one of the browser navigation modules. A security vulnerability exists in Navigation in versions of Google Chrome prior to 64.0.3282.119 on Windows, Mac and Linux...
Google Chrome for Mac, Windows and Linux Blink Security Bypass Vulnerability
Google Chrome for Mac, Windows and Linux is a web browser for Mac, Windows and Linux platforms developed by Google Inc. Blink is one of a set of browser layout engines rendering engines co-developed by Google Inc. and Norway's Opera Software. Co-developed by the United States Google Google and...
Google Chrome for Mac, Windows and Linux Security Bypass Vulnerability (CNVD-2018-03797)
Google Chrome for Mac, Windows and Linux is a web browser developed by Google, Inc. for the Mac, Windows and Linux platforms. A security vulnerability exists in versions of Google Chrome prior to 64.0.3282.119 for Windows, Mac and Linux platforms. A remote attacker can exploit this vulnerability ...
Google Chrome for Mac, Windows and Linux New Tab Page Information Disclosure Vulnerability
Google Chrome for Mac, Windows and Linux is a web browser developed by Google for the Mac, Windows and Linux platforms.New Tab Page is one of the modules used to create new tab pages. A security vulnerability exists in New Tab Page in versions of Google Chrome prior to 64.0.3282.119 for Windows,...
Linux Meterpreter, Reverse TCP Inline
Run the Meterpreter / Mettle server payload stageless This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Module generated by tools/modules/generatemettlepayloads.rb module MetasploitModule CachedSize = 1622448 include...
Google Chrome Information Disclosure Vulnerability (CNVD-2017-33598)
Google Chrome for Linux, Windows, Mac, and Android is a web browser developed by Google for Linux, Windows, Mac, and Android.Skia is an open source 2D graphics library that provides common APIs that work on a variety of hardware and software platforms. software platforms. A security vulnerability...
Cisco Prime Collaboration Provisioning ScriptMgr HEAD request vulnerability
Added: 10/25/2017 CVE: CVE-2017-6622 BID: 98520 Background The Cisco Prime Collaboration product family facilitates installation and maintenance of Cisco Unified Communications and Cisco TelePresence components, as well as the provisioning of users and services. Problem Missing security constrain...
Linux PDF rendering engine poppler JPEG2000Stream.cc suffers from a null pointer reference denial of service vulnerability
Poppler is used to generate a PDF of the C++ class library , from xpdf inheritance. Linux platform PDF rendering engine poppler 0.59.0 version JPEG2000Stream.cc JPXStream::ini there is a null pointer reference denial-of-service vulnerability, which can be exploited by an attacker to launch a...
IBM Informix Dynamic Server for Linux Elevation of Privilege Vulnerability
IBM Informix Dynamic Server IDS for Linux is a scalable object-relational database server based on the Linux platform from IBM in the United States, which provides functions such as continuous data availability and disaster recovery for clustered data centers. An elevation of privilege...
chromium-browser: use of uninitialized value in skia
Use of an uninitialized value in Skia in Google Chrome prior to 61.0.3163.79 for Linux and Windows allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page...
Capturing, Analyzing and Responding to Cyber Attacks: cyberprobe
The Cyberprobe project is an open-source distributed architecture for real-time monitoring of networks against attack. The software consists of two components: a probe, which collects data packets and forwards it over a network in standard streaming protocols. a monitor, which receives the stream...
GNU binutils - print_insn_score16 Buffer Overflow Exploit
Exploit for linux platform in category dos / poc...
harfbuzz: Index-out-of-bounds in OT::ContextFormat3::sanitize
Project: https://github.com/harfbuzz/harfbuzz.git Detailed report: https://oss-fuzz.com/testcase?key=4769173588672512 Project: harfbuzz Fuzzer: libFuzzerharfbuzzhb-fuzzer Fuzz target binary: hb-fuzzer Job Type: libfuzzerubsanharfbuzz Platform Id: linux Crash Type: Index-out-of-bounds Crash Addres...
Linux/x86 - Disable ASLR Shellcode (80 bytes)
Linux/x86 - Disable ASLR Shellcode 80 bytes. Shellcode exploit for Linx86 platform / Linux/x86 setuid-disable-aslr.c by @abatchy17 - abatchy.com Shellcode size: 80 bytes SLAE-885 section .text global start start: ; ; setruid0,0 ; xor ecx,ecx mov ebx,ecx push 0x46 pop eax int 0x80 ; ;...
CMVISION CM-NVST-MP08 Command Injection Vulnerability
The ddnsserver.cgi script on the device's webserver that runs as root is vulnerable to remote command execution by an authenticated user, with the default password being "admin:admin". The address GET parameter is fed to the command line by the CGI script without sanitization for semicolons,...
file: Heap-buffer-overflow in cdf_getuint32
Project: https://github.com/file/file.git Detailed report: https://oss-fuzz.com/testcase?key=4694120629010432 Project: file Fuzzer: libFuzzerfilemagicfuzzer Fuzz target binary: magicfuzzer Job Type: libfuzzerasanfile Platform Id: linux Crash Type: Heap-buffer-overflow READ 4 Crash Address:...