Netatalk 3.1.12 - Authentication Bypass (PoC)

Netatalk 3.1.12 - Authentication Bypass PoC import socket import struct import sys if lensys.argv != 3: sys.exit0 ip = sys.argv1 port = intsys.argv2 sock = socket.socketsocket.AFINET, socket.SOCKSTREAM print "+ Attempting connection to " + ip + ":" + sys.argv2 sock.connectip, port dsipayload =...

DEBIAN-CVE-2018-20103

An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaustion...

CVE-2018-20103

An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaustion...

LAquis SCADA Remote Code Execution Vulnerability

LAquis SCADA is a suite of SCADA software for monitoring and data acquisition. A remote code execution vulnerability exists in LAquis SCADA 4.1.0.3870 and earlier versions, which stems from the program back-referencing untrusted pointers and can be exploited by a remote attacker to execute code...

Google Adds Control-Flow Integrity to Beef up Android Kernel Security

Google has added a new security feature to the latest Linux kernels for Android devices to prevent it against code reuse attacks that allow attackers to achieve arbitrary code execution by exploiting control-flow hijacking vulnerabilities. In code reuse attacks, attackers exploit memory corruptio...

xml-security-c -- crashes on malformed KeyInfo content

The shibboleth project reports: SAML messages, assertions, and metadata all commonly make use of the XML Signature KeyInfo construct, which expresses information about keys and certificates used in signing or encrypting XML. The Apache Santuario XML Security for C++ library contained code paths a...

Google Android has an unspecified vulnerability (CNVD-2019-44517)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A security vulnerability exists in Android that stems from the program not properly validating pointers in the ADSPRPC command. An attacker can exploit the vulnerability to access...

Memory Corruption Vulnerability in TAS AP-PCLINK setup V1.5

The AP series is a new generation of programmable controllers PLCs newly developed by TSMC. A memory corruption vulnerability exists in AP-PCLINK setup V1.5 of TAS. The vulnerability is caused due to AP-PCLINK failing to validate the availability of a pointer to a function when reading a malforme...

Remote Code Execution (RCE)

microsoft.chakracore is vulnerable to remote code execution attacks. This can happen because it does not prevent the StackScriptFunction::BoxState::Box from accessing uninitialized pointers. This CVE ID is different from CVE-2017-11792, CVE-2017-11793, CVE-2017-11796, CVE-2017-11797,...

DEBIAN-CVE-2018-11743

The initcopy function in kernel.c in mruby 1.4.1 makes initializecopy calls for TTICLASS objects, which allows attackers to cause a denial of service mrbhashkeys uninitialized pointer and application crash or possibly have unspecified other impact...

10-Strike Network Scanner 3.0 - Local Buffer Overflow (SEH)

Exploit Title: 10-Strike Network Scanner 3.0 - Local Buffer Overflow SEH Exploit Author: Hashim Jawad - ihack4falafel Date: 2018-06-05 Vendor Homepage: https://www.10-strike.com/ Vulnerable Software: https://www.10-strike.com/network-scanner/network-scanner.exe Tested on: Windows XP Professional ...

CVE-2015-9200

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, and SD 835, in some TrustZone API functions, untrusted pointers can be dereferenced...

Unspecified vulnerability in Omron CX-Supervisor (CNVD-2018-05320)

CX-Supervisor is a Miscellaneous Shareware software.CX-Supervisor is dedicated to the design and operation of PC visualization and machine control. A security vulnerability exists in Omron CX-Supervisor version 3.30, which can be exploited by an attacker to dereference untrusted pointers via an...

PT-2018-3026 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 4.15.8 Description: The issue is related to the fd locked ioctl function in the Linux kernel, specifically in the floppy driver. It allows an attacker to obtain a kernel pointer by sending the FDGETPRM ioctl,...

CVE-2018-4878

A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the...

UBUNTU-CVE-2018-6405

In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service...

Microsoft Edge Chakra JIT Escape Analysis Bug

Microsoft Edge: Chakra: JIT: Escape analysis bug CVE-2017-11918 Escape analysis: https://en.wikipedia.org/wiki/Escapeanalysis Chakra fails to detect if "tmp" escapes the scope, allocates it to the stack. This may lead to dereference uninitialized stack values. PoC: function opt let tmp = ; tmp0 =...

Microsoft Edge Chakra JIT - Escape Analysis Bug Exploit

Exploit for windows platform in category dos / poc / Escape analysis: https://en.wikipedia.org/wiki/Escapeanalysis Chakra fails to detect if "tmp" escapes the scope, allocates it to the stack. This may lead to dereference uninitialized stack values. PoC: / function opt let tmp = ; tmp0 = tmp;...

CVE-2017-17855

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars...

Memory corruption

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars...