CVE-2021-22545 Use-after-free in BinDiff

An attacker can craft a specific IdaPro .i64 file that will cause the BinDiff plugin to load an invalid memory offset. This can allow the attacker to control the instruction pointer and execute arbitrary code. It is recommended to upgrade BinDiff 7...

BinDiff 资源管理错误漏洞

BinDiff is a tool for binary file analysis and comparison. A security vulnerability exists in BinDiff that can be exploited by an attacker to create a specific IdaPro .i64 file will cause the BinDiff plugin to load an invalid memory offset. The vulnerability can be exploited by an attacker to tak...

Buffer overflow

Potential buffer over-read due to lack of bound check of memory offset passed in WLAN firmware in Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074,...

Microsoft Office PowerPoint Remote Code Execution Vulnerability (3124585)

This host is missing an important security update according to Microsoft Bulletin MS16-004. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

PHP str_getcsv()函数中断处理地址信息泄露漏洞

CVE ID: CVE-2010-2100 PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 PHP的strgetcsv函数中存在信息泄露漏洞： PHPFUNCTIONstrgetcsv char str, delim = ',', enc = '"', esc = ''; char delimstr = NULL, encstr = NULL, escstr = NULL; int strlen = 0, delimlen = 0, enclen = 0, esclen = 0; if zendparseparametersZENDNUMARGS...

Linux Kernel 2.4.x-2.6.x Assembler Inline Function Local DoS Exploit

No description provided by source. / ----------------------------------------------------------------------------- frstor Local Kernel exploit Crashes any kernel from 2.4.18 to 2.6.7 because frstor in assembler inline offsets in memory by 4. Original proof of concept code by [email protected]. Added...

Microsoft Word Document - Malformed Pointer (PoC)

===== The file I have attached is a very basic two stage bug. stage 1 the first mod forces the code down a wrong path. the second mod by itsself is harmless, however when used with the first it will be the first and part of the second overwrite. I have use 41414141 as a marker to make it easier f...

Linux Kernel 2.4.x-2.6.x Assembler Inline Function Local DoS Exploit

Exploit for linux platform in category dos / poc ==================================================================== Linux Kernel 2.4.x-2.6.x Assembler Inline Function Local DoS Exploit ==================================================================== /...