31 matches found
UBUNTU-CVE-2016-10745
In Pallets Jinja before 2.8.1, str.format allows a sandbox escape...
AZL-41949 CVE-2019-10906 affecting package nodejs for versions less than 20.14.0-1
In Pallets Jinja before 2.10.1, str.formatmap allows a sandbox escape...
CVE-2018-12181
A stack-based buffer overflow was discovered in edk2 when the HII database contains a Bitmap that claims to be 4-bit or 8-bit per pixel, but the palette contains more than 162^4 or 2562^8 colors...
Microsoft Windows Kernel (Windows 7 x86) - Local Privilege Escalation (MS17-017) Exploit
Exploit for windows platform in category local exploits include include include include pragma commentlib, "psapi.lib" define POCDEBUG 0 if POCDEBUG == 1 define POCDEBUGBREAK getchar elif POCDEBUG == 2 define POCDEBUGBREAK DebugBreak else define POCDEBUGBREAK endif CONST LONG maxTimes = 2000; CON...
Microsoft Windows 10 x64 RS2 - win32kfull!bFill Pool Overflow Exploit
Exploit for windows platform in category local exploits Sources: https://siberas.de/blog/2017/10/05/exploitationcasestudywildpooloverflowCVE-2016-3309reloaded.html https://github.com/siberas/CVE-2016-3309Reloaded Exploits for the recently-patched win32kfull!bFill vulnerability. Executing the...
Microsoft Windows 10 RS2 (x64) - win32kfull!bFill Pool Overflow
Microsoft Windows 10 RS2 x64 - win32kfull!bFill Pool Overflow Sources: https://siberas.de/blog/2017/10/05/exploitationcasestudywildpooloverflowCVE-2016-3309reloaded.html https://github.com/siberas/CVE-2016-3309Reloaded Exploits for the recently-patched win32kfull!bFill vulnerability. Executing th...
ALPINE-CVE-2017-6362
Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors...
libpng 1.6.1 through 1.6.7 contain a null-pointer dereference vulnerability
Overview libpng versions 1.6.1 through 1.6.7 fail to reject colormapped images with empty palettes, leading to a null-pointer dereference crash in pngdoexpandpalette. Description The PNG Development Group has reported that "libpng versions 1.6.1 through 1.6.7 fail to reject colormapped images wit...
CVE-2005-4048
Heap-based buffer overflow in the avcodecdefaultgetbuffer function utils.c in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as 1 mplayer, 2 xine-lib, 3 Xmovie, and 4 GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes...
DEBIAN-CVE-2005-4048
Heap-based buffer overflow in the avcodecdefaultgetbuffer function utils.c in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as 1 mplayer, 2 xine-lib, 3 Xmovie, and 4 GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes...
CVE-2005-4048
Heap-based buffer overflow in the avcodecdefaultgetbuffer function utils.c in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as 1 mplayer, 2 xine-lib, 3 Xmovie, and 4 GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes...