CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/05/11 10:17 p.m.•35 views

CVE-2026-34963 barebox EFI PE Loader Memory Safety Vulnerabilities

8.6CVSS0.00157EPSS

Vulnrichment•added 2026/05/11 10:17 p.m.•8 views

CVE-2026-34963 barebox EFI PE Loader Memory Safety Vulnerabilities

8.6CVSS6.3AI score0.00157EPSS

Positive Technologies•added 2026/05/11 12:0 a.m.•11 views

PT-2026-39869

Name of the Vulnerable Software and Affected Versions barebox versions prior to 2026.04.0 Description Multiple memory-safety issues exist in the EFI PE loader within the efi/loader/pe.c file. An integer overflow occurs during virtual image size computation when using 32-bit arithmetic on section...

8.6CVSS6.3AI score0.00157EPSS

Exploits0References6

CNNVD•added 2026/05/11 12:0 a.m.•8 views

Barebox 输入验证错误漏洞

Barebox is a versatile and flexible bootloader developed by Barebox Open Source. Versions of barebox prior to 2026.04.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows and unvalidated boundaries within the EFI PE loader, which could...

8.6CVSS6.1AI score0.00157EPSS

Exploits0References1

GithubExploit•added 2024/07/15 8:7 a.m.•810 views

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Microsoft

Collateral Damage Collateral Damage is a kernel exploit for Xb...

7CVSS7.2AI score0.68202EPSS

Exploits7

Kitploit•added 2021/08/28 9:30 p.m.•75 views

Huan - Encrypted PE Loader Generator

Huan is an encrypted PE Loader Generator that I developed for learning PE file structure and PE loading processes. It encrypts the PE file to be run with different keys each time and embeds it in a new section of the loader binary. Currently, it works on 64 bit PE files. How It Works? First, Huan...

7.4AI score

Exploits0References4

Kitploit•added 2020/09/28 11:30 a.m.•34 views

Cooolis-ms - A Server That Supports The Metasploit Framework RPC

Cooolis-ms is a server that supports Metasploit Framework RPC. It is used to work for Shellcode and PE loader, bypassing the static detection of anti-virus software to a certain extent, and allows the Cooolis-ms server to perform with the Metasploit server separate. Loader execution process: 1...

7.5AI score

Metasploit•added 2020/09/02 5:41 p.m.•23 views

Windows Inject Reflective PE Files, Windows x64 Reverse TCP Stager

Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...

7AI score

Metasploit•added 2020/09/02 5:41 p.m.•19 views

Windows Inject Reflective PE Files, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Metasploit•added 2020/09/02 5:41 p.m.•22 views

Windows Inject Reflective PE Files, Windows x64 IPv6 Bind TCP Stager

Metasploit•added 2020/09/02 5:41 p.m.•14 views

Windows Inject Reflective PE Files, Windows x64 Bind Named Pipe Stager

Metasploit•added 2020/09/02 5:41 p.m.•17 views

Windows Inject Reflective PE Files, Reverse TCP Stager with UUID Support (Windows x64)

7AI score

Metasploit•added 2020/09/02 5:41 p.m.•13 views

Windows Inject PE Files, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Metasploit•added 2020/09/02 5:41 p.m.•12 views

Windows Inject PE Files, Reverse TCP Stager (No NX or Win7)

7AI score

Metasploit•added 2020/09/02 5:41 p.m.•27 views

Windows Inject PE Files, Windows x86 Bind Named Pipe Stager

Metasploit•added 2020/09/02 5:41 p.m.•14 views

Windows Inject PE Files, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Metasploit•added 2020/09/02 5:41 p.m.•9 views

Windows Inject PE Files, Reverse All-Port TCP Stager