Malicious File Parsing

@finos/git-proxy is vulnerable to malicious file parsing. The vulnerability is due to improper PACK signature detection in parsePush.ts, which allows an attacker to embed misleading signatures in commit content and craft packet structures to bypass approval or hide commits...

The vulnerability of the methods used to verify the structure of TCP packets in Siemens LOGO!8 BM and SIPLUS LOGO! programmable logic controllers allows a perpetrator to execute arbitrary code or cause service failures.

The vulnerability of the methods used to check the structure of TCP packets in Siemens LOGO!8 BM and SIPLUS LOGO! programmable logic controllers is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code or...

ESXi OpenSLP堆溢出漏洞（CVE-2021-21974）

My RCE PoC walkthrough for CVE-2021–21974 VMware ESXi OpenSLP heap-overflow vulnerability Introduction During a recent engagement, I discovered a machine that is running VMware ESXi 6.7.0. Upon inspecting any known vulnerabilities associated with this version of the software, I identified it may ...

Ubuntu Update for krb5 vulnerabilities USN-940-1

Ubuntu Update for Linux kernel vulnerabilities USN-940-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9401.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for krb5 vulnerabilities USN-940-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Kadu remote DoS

Hi. Kadu is a Gadu-Gadu instant messaging open source client. By sending message with richtext ,image basic informations and nothing else to speciffic UIN thru Gadu-Gadu server Kadu is stopping to respond or is shutting down immidietly. Behavior depends on version 0.4.2 In most cases Kadu freezes...

Need for Speed 2 Remote Client Buffer Overflow Exploit

Exploit for unknown platform in category dos / poc ====================================================== Need for Speed 2 Remote Client Buffer Overflow Exploit ====================================================== / Need for Speed 2 Remote Client Buffer Overflow Exploit - 23.01.2004 by Luigi...

RIP Detection

RIP is an Interior Gateway Protocol and is based on the distance vector routing algorithm. Routing tables may disclose your internal network architecture and help a remote attacker. C Tenable Network Security, Inc. References: RFC 1058 Routing Information Protocol RFC 2453 RIP Version 2 0 1 2 3 4...

Network Associates Gauntlet Firewall 5.0 - Denial of Service

// source: https://www.securityfocus.com/bid/556/info There is a vulnerability in Gauntlet Firewall 5.0 which allows an attacker to remotely cause a denial of service. The vulnerability occurs because Gauntlet Firewall cannot handle a condition where an ICMP Protocol Problem packet's ICMPPARAMPRO...