197 matches found
SUSE CVE-2020-11914
The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read...
PT-2023-14802 · Apache · Apache James Server
Name of the Vulnerable Software and Affected Versions: Apache James server versions 3.7.2 and prior versions Description: The issue allows an attacker with local access to access private user data in transit due to the usage of temporary files with insecure permissions by the Apache James server...
[SECURITY] [DLA 3157-1] bluez security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3157-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler October 24, 2022 https://wiki.debian.org/LTS -...
CVE-2021-44425
An issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.3. An unnecessarily open listening port on a machine in the LAN of an attacker, opened by the Anydesk Windows client when using the tunneling feature, allows the attacker unauthorized access to the local machine's AnyDesk...
CVE-2021-44425
AnyDesk before 6.2.6 and 6.3.x before 6.3.3 creates an unnecessarily open listening port when using the tunneling feature, enabling an attacker on the LAN to access the local AnyDesk tunneling protocol stack (and potentially remote services listening on that port). Affected software: AnyDesk Wind...
DEBIAN-CVE-2022-0400
An out-of-bounds read vulnerability was discovered in linux kernel in the smc protocol stack, causing remote dos...
UBUNTU-CVE-2022-0400
An out-of-bounds read vulnerability was discovered in linux kernel in the smc protocol stack, causing remote dos...
Cross site scripting
An out-of-bounds read vulnerability was discovered in linux kernel in the smc protocol stack, causing remote dos...
CVE-2022-0400
An out-of-bounds read vulnerability was discovered in linux kernel in the smc protocol stack, causing remote dos...
CVE-2022-0400
An out-of-bounds read vulnerability was discovered in linux kernel in the smc protocol stack, causing remote dos...
Exploit for CVE-2022-21907
CVE-2022-21907 Golang Application by 1vere$k CVE-2022-21907 -...
AlmaLinux 8 : bluez (ALSA-2022:2081)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:2081 advisory. - BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdpcstateallocbuf which allocates memory which will always be hung ...
Exploit for CVE-2022-21907
CVE-2022-21907 A REAL DoS exploit for CVE-2022-21907 It supp...
Linux kernel 缓冲区错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a buffer overflow vulnerability that originates from not properly validating data boundaries when net/ipv4/esp4.c and net/ipv6/esp6.c perform...
Windows IIS HTTP Protocol Stack DOS
This module exploits CVE-2021-31166, a UAF bug in http.sys when parsing specially crafted Accept-Encoding headers that was patched by Microsoft in May 2021, on vulnerable IIS servers. Successful exploitation will result in the target computer BSOD'ing before subsequently rebooting. Note that the...
Exploit for CVE-2022-21907
CVE-2022-21907 - Double Free in http.sys driver !./.github...
Exploit for CVE-2022-21907
This is a PoC exploit for CVE-2022-21907, a HTTP Protocol Stack...
Microsoft Patch Tuesday January 2022
Hello everyone! This episode will be about Microsoft Patch Tuesday for January 2022. Traditionally, I will use my open source Vulristics tool for analysis. This time I didnt make any changes to how connectors work. The report generation worked correctly on the first try. python3.8 vulristics.py...
Microsoft Patch Tuesday fixes critical zero-days along with 97 other flaws
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Microsoft has fixed 97 vulnerabilities, with nine classified as Critical and 88 as Important and among them 6 zero-days. Following are the type of security vulnerabilities reported in multiple Microsoft products: 41 Elevation...
First Patch Tuesday of 2022 Brings Fix for a Critical 'Wormable' Windows Vulnerability
Microsoft on Tuesday kicked off its first set of updates for 2022 by plugging 96 security holes across its software ecosystem, while urging customers to prioritize patching for what it calls a critical "wormable" vulnerability. Of the 96 vulnerabilities, nine are rated Critical and 89 are rated...