CVE-2025-11648 Tomofun Furbo 360/Furbo Mini GATT Interface URL TF_FQDN.json server-side request forgery

A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. Impacted is an unknown function of the file TFFQDN.json of the component GATT Interface URL Handler. Such manipulation leads to server-side request forgery. The attack may be performed from remote. Attacks of this nature are high...

AZL-56597 CVE-2025-1152 affecting package annobin 12.49-2

A vulnerability classified as problematic has been found in GNU Binutils 2.43. Affected is the function xstrdup of the file xstrdup.c of the component ld. The manipulation leads to memory leak. It is possible to launch the attack remotely. The complexity of an attack is rather high. The...

30M Dell Devices at Risk for Remote BIOS Attacks, RCE

UPDATE A high-severity series of four vulnerabilities can allow remote adversaries to gain arbitrary code execution in the pre-boot environment on Dell devices, researchers said. They affect an estimated 30 million individual Dell endpoints worldwide. According to an analysis from Eclypsium, the...

Stagefrightened?

Posted by Mark Brand, Bypasser of Mitigations There’s been a lot of attention recently around a number of vulnerabilities in Android’s libstagefright. There’s been a lot of confusion about the remote exploitability of the issues, especially on modern devices. In this blog post we will demonstrate...

MS Windows Server 2003 AD Pre-Auth BROWSER ELECTION Remote Heap Overflow

No description provided by source. MS Windows Server 2003 AD Pre-Auth BROWSER ELECTION Remote Heap Overflow Release date: 2011-02-14 Author: Cupidon-3005 Greet: Winny Thomas, Laurent Gaffie, h07 Bug: Heap Overflow Remote Exploitability: Unlikely Local Exploitability: Likely Context: Broadcast,...

Oracle Leaves Fix for Java SE Zero Day Until February Patch Update

Oracle will not patch a critical sandbox escape vulnerability in Java SE versions 5, 6 and 7 until its February Critical Patch Update, according to the researcher who discovered the flaw. Adam Gowdiak of Polish security firm Security Explorations told Threatpost via email that Oracle said it was...

Multiple vulnerabilities in HP Data Protector

Core Security Technologies - Corelabs Advisory Multiple vulnerabilities in HP Data Protector 1. Advisory Information Title: Multiple vulnerabilities in HP Data Protector Advisory ID: CORE-2011-0514 Advisory URL: http://www.coresecurity.com/content/HP-Data-Protector-multiple-vulnerabilities Date...

Sunway Force Control

Overview ICS-CERT has received a report from Security researcher Dillon Beresford of NSS Labs concerning vulnerabililities affecting Sunway ForceControl and pNetPower SCADA/HMI applications. The reported vulnerabilities are heap-based buffer overflows that could result in a denial of service or t...

MS Windows Server 2003 AD Pre-Auth BROWSER ELECTION Heap Overflow

Exploit for windows platform in category dos / poc MS Windows Server 2003 AD Pre-Auth BROWSER ELECTION Remote Heap Overflow Release date: 2011-02-14 Author: Cupidon-3005 Greet: Winny Thomas, Laurent Gaffie, h07 Bug: Heap Overflow Remote Exploitability: Unlikely Local Exploitability: Likely Contex...

Microsoft Windows Server 2003 AD Pre-Auth Heap Overflow

MS Windows Server 2003 AD Pre-Auth BROWSER ELECTION Remote Heap Overflow Release date: 2011-02-14 Anonymous Comment: Apologies if this puts a downer on the MSRC valentines day sausage fest Author: Cupidon-3005 Greet: Winny Thomas, Laurent Gaffie, h07 Bug: Heap Overflow Remote Exploitability:...

Microsoft Windows Server 2003 - AD BROWSER ELECTION Remote Heap Overflow

MS Windows Server 2003 AD Pre-Auth BROWSER ELECTION Remote Heap Overflow Release date: 2011-02-14 Author: Cupidon-3005 Greet: Winny Thomas, Laurent Gaffie, h07 Bug: Heap Overflow Remote Exploitability: Unlikely Local Exploitability: Likely Context: Broadcast, Pre-Auth Mrxsmb.sys, around...