Linux/x86 - Read File (/etc/passwd) + MSF Optimized Shellcode (61 bytes)

Linux/x86 - Read File /etc/passwd + MSF Optimized Shellcode 61 bytes. Shellcode exploit for Linuxx86 platform / Shellcode Title: Linux/x86 - Read File /etc/passwd MSF Optimized Shellcode 61 bytes Date: 2018-09-13 Author: Ray Doyle @doylersec Homepage: https://www.doyler.net Tested on: Linux/x86 g...

Medium: glibc

Issue Overview: stdlib/canonicalize.c in the GNU C Library aka glibc or libc6 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary...

HackRF Circuit Board - New Universal Case for PenTests

Document Title: =============== HackRF Circuit Board - New Universal Case for PenTests References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2134 Download: https://www.vulnerability-lab.com/resources/documents/2134.rar Vulnerability Magazine:...

Code injection

An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library aka glibc or libc6 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in...

CVE-2017-18269

An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library aka glibc or libc6 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in...

CVE-2017-18269

An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library aka glibc or libc6 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in...

tcpdump: Buffer over-read in print-olsr.c:olsr_print() in OLSR parser

The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsrprint...

FAQ: Citrix ADC on Microsoft Azure

Q: What is Citrix ADC, formerly Netscaler ADC, on Microsoft Azure? A: Citrix ACD on Microsoft Azure is a L4-L7 virtual networking appliance that ensures organizations have access to secure and optimized applications and assets deployed in the cloud. Citrix ADC on Azure provides a foundation for t...

UBUNTU-CVE-2017-9260

The TDStretchSSE::calcCrossCorr function in source/SoundTouch/sseoptimized.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted wav file...

UBUNTU-CVE-2017-9111

In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h could cause the application to crash or execute arbitrary code...

Oracle GoldenGate 12.1.2.0.0 - Unauthenticated Remote Code Execution Exploit

Exploit for multiple platform in category remote exploits !/usr/bin/env python Sources: https://silentsignal.hu/docs/S2OracleGoldenGateGOLDENSHOWER.py https://blog.silentsignal.eu/2017/05/08/fools-of-golden-gate/ GOLDENSHOWER - Oracle GoldenGate unauthenticated RCE by Silent Signal Tested with:...

Cross-site scripting vulnerability in wordpress plugin optimized-latex

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability in the wordpress plugin optimized-latex exists due to improper filtering of user input,...

VBScan 0.1.7 - Black Box vBulletin Vulnerability Scanner

OWASP VBScan short for VBulletin Vulnerability Scanner is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analyses them . Why OWASP VBScan ? If you want to do a penetration test on a vBulletin Forum, OWASP VBScan is Your best shot ever! This Project ...

[SECURITY] Fedora 24 Update: lcms2-2.8-2.fc24

LittleCMS intends to be a small-footprint, speed optimized color management engine in open source form. LCMS2 is the current version of LCMS, and can be parallel installed with the original deprecated lcms...

[SECURITY] Fedora 22 Update: pypy3-2.4.0-3.fc22

PyPy's implementation of Python 3, featuring a Just-In-Time compiler on som e CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc This build of PyPy has JIT-compilation enabled...

[SECURITY] Fedora 23 Update: pypy-4.0.1-3.fc23

PyPy's implementation of Python, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc This build of PyPy has JIT-compilation enabled...

brafton WordPress Plugin <=3.4.7 - Reflected XSS

Title -brafton WordPress Plugin XSS Exploit Title : Vulnerabilitie XSS in brafton WordPress Plugin Date: Fri May 20 2016 Reported Date : Fri May 20 2016 Vendor Homepage: http://www.brafton.com/support/wordpress/ Version: v3.3.10 – January2016 Software Link:...

Twitter Open Sources 'Diffy' that Automatically Catches Potential Bugs in Code

After, Facebook open sourced Thrift Technology an internally used tool by Facebook in 2007, rival entity Twitter brings Diffy, an internal Twitter service to the world. Yesterday, Twitter introduced "Diffy," an open source tool, acting as a helping hand for the software developers to catch bugs,...

[SECURITY] Fedora 22 Update: jffi-1.2.7-5.fc22

An optimized Java interface to libffi...

DBHcms 1.1.4 - SQL Injection Vulnerability

No description provided by source. DBHcms 1.1.4 SQL Injection Vulnerability Exploit Title: DBHcms 1.1.4 SQL Injection Vulnerability Date: 24-10-2010 Author: ZonTa Mail: zontahackersatgmaildotcom IM : zontahackersatlivedotcom Software Link: http://www.drbenhur.com/downloads-dbhcms-114-1-69-en.html...