297 matches found
Update now! Chrome patches critical RCE vulnerability in Safe Browsing
Google has issued an update for the Chrome browser which includes 26 security fixes. What stands out is that one of these fixes is rated as "critical". The critical vulnerability is a use after free bug in the Safe Browsing feature. The Stable channel has been updated to 97.0.4692.99 for Windows,...
Xen 输入验证错误漏洞
Xen is an open source virtual machine monitor product from the University of Cambridge, UK. The product enables different and incompatible operating systems to run on the same computer and supports migration at runtime to ensure uptime and avoid downtime. An input validation error vulnerability...
CVE-2021-38449
Some API functions permit by-design writing or copying data into a given buffer. Since the client controls these parameters, an attacker could rewrite the memory in any location of the affected product...
CVE-2021-3634
CVE-2021-3634 affects libssh
CVE-2021-26096
Multiple instances of heap-based buffer overflow in the command shell of FortiSandbox before 4.0.0 may allow an authenticated attacker to manipulate memory and alter its content by means of specifically crafted command line arguments...
Heap overflow
Multiple instances of heap-based buffer overflow in the command shell of FortiSandbox before 4.0.0 may allow an authenticated attacker to manipulate memory and alter its content by means of specifically crafted command line arguments...
CVE-2021-26096
Multiple instances of heap-based buffer overflow in the command shell of FortiSandbox before 4.0.0 may allow an authenticated attacker to manipulate memory and alter its content by means of specifically crafted command line arguments...
CVE-2021-26096
Multiple instances of heap-based buffer overflow in the command shell of FortiSandbox before 4.0.0 may allow an authenticated attacker to manipulate memory and alter its content by means of specifically crafted command line arguments...
FortiSandbox - Multiple heap corruption vulnerabilities in command shell
Multiple instances of heap-based buffer overflow in the command shell of FortiSandbox may allow an authenticated attacker to manipulate memory and alter its content by means of specifically crafted command line arguments...
Squalr - Squalr Memory Editor - Game Hacking Tool Written In C#
Squalr Official Website Join us on our Discord Channel Squalr is performant Memory Editing software that allows users to create and share cheats in their windows desktop games. This includes memory scanning, pointers, x86/x64 assembly injection, and so on. Squalr achieves fast scans through...
CVE-2021-22548
An attacker can change the pointer to untrusted memory to point to trusted memory region which causes copying trusted memory to trusted memory, if the latter is later copied out, it allows for reading of memory regions from the trusted region. It is recommended to update past 0.6.2 or git commit...
CVE-2021-22548
The CVE-2021-22548 entry concerns Google Asylo. A vulnerability arises where an attacker can change a pointer from untrusted memory to reference trusted memory, causing copying of trusted memory to trusted memory. If the later copy-out occurs, this enables reading memory regions from the trusted ...
Vulnerability fixed in Siemens SIMATIC
Siemens has fixed a vulnerability in several SIMATIC products. An unauthenticated malicious person with access to TCP port 102 could potentially exploit the vulnerability to manipulate system memory, execute arbitrary code and gain access to system data. Siemens has released updates to fix the...
CVE-2020-27779
A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest...
ScareCrow - Payload Creation Framework Designed Around EDR Bypass
If you want to learn more about the techniques utlized in this framework please take a look at Part 1 and Part 2 Description ScareCrow is a payload creation framework for generating loaders for the use of side loading not injection into a legitimate Windows process bypassing Application...
CVE-2020-25690
An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat...
CVE-2020-25690
An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat...
Heap overflow
An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat...
CVE-2020-25690
An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat...
CVE-2020-25690
An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat...