Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service (PoC)

Exploit Title: Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service PoC Author: Cakes Discovery Date: 2018-09-16 Vendor Homepage: http://www.netis-systems.com Software Link: http://www.netis-systems.com/Home/detail/id/74.html Tested Version: RTK 2.1.1 Tested on OS: Kali Linux CVE: N/A...

CVE-2017-16337

On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. At 0x9d01ef24 the value f...

Linux Kernel - UDP Fragmentation Offset 'UFO' Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linux Kernel UDP Fragmentation Offset UFO Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on Linux systems...

Fedora 27 : php (2018-6f37f99641)

PHP version 7.1.20 19 Jul 2018 Core: - Fixed bug php76534 PHP hangs on 'illegal string offset on string references with an error handler. Laruence - Fixed bug php76502 Chain of mixed exceptions and errors does not serialize properly. Nikita Date: - Fixed bug php76462 Undefined property:...

Router vulnerability reproduction: from the principle to the first verification-vulnerability and early warning-the black bar safety net

The IOT vulnerability to reproduction and the traditional system vulnerabilities to reproduce the different point is that the physical network vulnerability depends on the hardware, almost every vulnerability all have to buy a new piece of hardware to reproduce, which is different from the...

DEBIAN-CVE-2018-14339

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation...

UBUNTU-CVE-2018-14341

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow...

Integer overflow

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow...

CVE-2018-14339

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation...

CVE-2018-14339

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation...

UBUNTU-CVE-2018-14339

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation...

CVE-2018-14339

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation...

DEBIAN-CVE-2018-14341

In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow...

The vulnerability of the dynamic library Qualcomm Libgralloc of the MediaServer component of the Android operating system from the CAF repository allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dynamic library Qualcomm Libgralloc of the Android operating system’s MediaServer component, originating from the CAF repository, is related to a pointer offset that extends beyond the allocated memory range. Exploiting this vulnerability could allow an attacker to...

CVE-2018-5872

While parsing over-the-air information elements in all Android releases from CAF using the Linux kernel Android for MSM, Firefox OS for MSM, QRD Android before security patch level 2018-07-05, the use of an out-of-range pointer offset can occur...

CloudMe Sync 1.11.0 - Buffer Overflow (SEH) (DEP Bypass) Exploit

Exploit for windows platform in category remote exploits Author: Juan Prescotto Tested Against: Win7 Pro SP1 64 bit Software Download: https://www.cloudme.com/downloads/CloudMe1109.exe Tested Against Version: 1.10.9 Special Thanks to my wife for allowing me spend countless hours on this passion o...

Easy MPEG to DVD Burner 1.7.11 - Local Buffer Overflow (SEH) (DEP Bypass)

!/usr/bin/python ------------------------------------------------------------------------------------------------------------------------------------ Exploit: Easy MPEG to DVD Burner 1.7.11 SEH + DEP Bypass Local Buffer Overflow Date: 2018-05-19 Author: Juan Prescotto Tested Against: Win7 Pro SP1...

Out-of-bounds access vulnerability in Hikvision Player SDK (for Windows x32)

Hikvision Playback Library SDK hereinafter referred to as "Player SDK" is a secondary development kit for playback of Hikvision embedded network DVRs, video servers, and IP devices. An out-of-bounds access vulnerability exists in the Hikvision Player SDK for Windows x32. The vulnerability is caus...

Buffer overflow

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9640, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, and SDX20, when reading CDT from eMMC...

FreeBSD-SA-18:05.ipsec

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-18:05.ipsec Security Advisory The FreeBSD Project Topic: ipsec crash or denial of service Category: core Module: ipsec Announced: 2018-04-04 Credits: Maxime...