CVE-2022-31696

VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox...

Memory corruption

VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox...

CVE-2022-31696

VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox...

CVE-2022-31696

CVE-2022-31696 is a memory‑corruption flaw in VMware ESXi related to how a network socket is handled. A local, authenticated attacker could exploit this to escape the ESXi sandbox. Affected: ESXi (versions referenced in connected docs). Impact: potential memory corruption with high severity. Miti...

The vulnerability of the network socket of the VMware ESXi hypervisor allows a attacker to execute arbitrary code with elevated privileges.

The vulnerability of the VMware ESXi hypervisor’s network socket is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code with elevated privileges...

PT-2022-5817 · Vmware · Vmware Esxi

Name of the Vulnerable Software and Affected Versions: VMware ESXi affected versions not specified Description: The issue is related to a memory corruption vulnerability in the way VMware ESXi handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt...

CVE-2021-23985

If an attacker is able to alter specific about:config values for example malware running on the user's computer, the Devtools remote debugging feature could have been enabled in a way that was unnoticable to the user. This would have allowed a remote attacker able to make a direct network...

SyncBreeze 10.0.28 Remote Buffer Overflow

Exploit Title: SyncBreeze 10.0.28 - 'password' Remote Buffer Overflow Date: 18-Sep-2020 Exploit Author: Abdessalam kingA.salam Vendor Homepage: http://www.syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv10.0.28.exe Version: 10.0.28 Tested on: Windows 7,windows...

Linux/x86_64 - Reverse Shell (/bin/sh) with Configurable Password Shellcode (120 bytes)

/ ; Title : Linux/x8664 - Reverse Shell /bin/sh with Password configurable 120 bytes ; Date : 2019-08-18 ; Author : Gonçalo Ribeiro @goncalor ; Website : goncalor.com ; SLAE64-ID : 1635 global start %define pass "pass" %define port 0x5c11 ; htons4444 start: jmp realstart password: db pass passlen...

CVE-2019-3837

It was found that the netdma code in tcprecvmsg in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg for the same network socket in parallel executed on ioatdma-enabled hardware with netdma enabled can leak the memory,...

Huawei FusionSphere and FusionSphere OpenStack Command Injection Vulnerability (CNVD-2017-09507)

Huawei FusionSphere and FusionSphere OpenStack FSO are both Huawei products. The former is a cloud operating system product developed based on the OpenStack framework, and the latter is FusionSphere's cloud platform software in ICT scenarios. A command injection vulnerability exists in Huawei...

PT-2016-7227 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.5.2 Description: The issue is related to a use-after-free vulnerability in the sys recvmmsg function, located in the net/socket.c file of the Linux kernel. This vulnerability can be exploited by remote attacke...

Moderate: Red Hat Security Advisory: curl security, bug fix, and enhancement update

Updated curl packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Mocha LPD 1.9 - Remote Buffer Overflow DoS PoC

No description provided by source. !/usr/bin/python Mocha LPD v1.9 Remote Heap Overflow Exploit ol skool 'write 4' whoops, I said it was a DoS. My bad. btw yes, I know its 2010 :0 CVE: 2010-1687 tested on XP sp1 use anti debugging to see it work - !hidedebug zwqueryinformationprocess call trace:...

APSIS Pound 1.5 - Remote Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10267/info APSIS Pound has been found to be prone to a remote format string vulnerability. The problem presents itself when Pound handles certain requests containing embedded format string specifiers. Ultimately this...

CentOS 6 : curl (CESA-2014:0561)

Updated curl packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Moderate: Red Hat Security Advisory: curl security and bug fix update

Updated curl packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Microsoft Hotmail or Outlook 0day exploit by squirrel sploit

An 0day exploit in Microsoft Hotmail system was discovered by squirrel sploit and was successively Integer in our software / Caution should read this : English Tutorial : http://www.youtube.com/watch?v=zfsBXz3lmRg French Tutorial : http://www.youtube.com/watch?v=XHGCXajyVA To exploit this...

IBM Tivoli Storage Manager 5.3 Express CAD Service BoF Exploit

No description provided by source. !/usr/bin/python IBM Tivoli Storage Manager Express CAD Service Buffer Overflow 5.3 http://www.zerodayinitiative.com/advisories/ZDI-07-054.html Tested on windows 2003 server SP0. Coded by Mati Aharoni muts.at.offensive-security.com...

GLSA-200605-13 : MySQL: Information leakage

The remote host is affected by the vulnerability described in GLSA-200605-13 MySQL: Information leakage The processing of the COMTABLEDUMP command by a MySQL server fails to properly validate packets that arrive from the client via a network socket. Impact : By crafting specific malicious packets...