PT-2022-33509 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.5 through v5.19.1 Description: The issue is related to the addition of multithread support for a DMA channel in the sf-pdma driver. It was introduced in version v5.5 and fixed in version v5.19.2. The actual impact and...

Mozilla: Use-after-free in NSSToken objects

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of NSSToken objects referenced via direct points that could have been accessed unsafely on different threads, leading to a use-after-free and potentially exploitable crash...

Mozilla: Use-after-free in NSSToken objects

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of NSSToken objects referenced via direct points that could have been accessed unsafely on different threads, leading to a use-after-free and potentially exploitable crash...

Mozilla: Use-after-free in NSSToken objects

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of NSSToken objects referenced via direct points that could have been accessed unsafely on different threads, leading to a use-after-free and potentially exploitable crash...

PT-2021-22700 · Libvirt +9 · Libvirt +9

Name of the Vulnerable Software and Affected Versions: libvirt affected versions not specified Description: A use-after-free flaw was found in libvirt, where the qemuMonitorUnregister function in qemuProcessHandleMonitorEOF is called using multiple threads without adequate protection by a monitor...

QEMU: seccomp: blacklist is not applied to all threads

qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service guest crash by leveraging mishandling of the seccomp policy for threads other than the main thread...

PXE client computers freeze during multithread network transfers in Windows Server 2012 R2

PXE client computers freeze during multithread network transfers in Windows Server 2012 R2 Symptoms When you deploy Windows Server 2012 R2 through Windows Deployment Services WDS Pre-Boot Execution Environment PXE, the server CPU usage spikes to 100%. In this situation, client computers may freez...

stickyKeysHunter - A Script to Test an RDP Host for Sticky Keys and Utilman Backdoor

This bash script tests for sticky keys and utilman backdoors. The script will connect to an RDP server, send both the sticky keys and utilman triggers and screenshot the result. How does it work? 1. Connects to RDP using rdesktop 2. Sends shift 5 times using xdotool to trigger sethc.exe backdoors...

Janissaries Joomla Civicrm Shell Upload

||| /|/ | /\ | //|| /\ / / / / / / /// ----------------------------------------------------------------------------- Janissaries Joomla ComCivicrm Exploitation Tool with MultiThread Coded by Miyachung Stay away from lamers o.O Contact: [email protected] Special Thanks : B127Y Site:...

DarkComet-RAT v4.2 fwb (Firewall bypass)

DarkComet-RAT v4.2 fwb Firewall bypass This version is firewall bypass it will inject to web browsers and bypass firewall rules. Targets are in this order : Firefox, Opera, Chrome, Safari, Internet Explorer and Explorer if all fails normally never then it runs normally. Notice now you can use...

nss_ldap information leak

Race conditions in multithread applications...

libsafe stack protection library protection bypass

In multithread application there are race doncition before protection becomes active...