SUSE-SU-2019:1326-1 Security update for sysstat

This update for sysstat fixes the following issues: Security issues fixed: - CVE-2018-19416: Fixed out-of-bounds read during a memmove call inside the remapstruct function bsc1117001. - CVE-2018-19517: Fixed out-of-bounds read during a memset call inside the remapstruct function bsc1117260...

macOS < 10.14.5 / iOS < 12.3 XNU - Wild-read due to bad cast in stf_ioctl Exploit

macOS ifaaddr-safamily != AFINET6 // - crash here IFAUNLOCKifa; error = EAFNOSUPPORT; break; Note that IFALOCK is called on user-provided data; it appears that there is an opportunity for memory corruption a controlled write when using indirect mutexes via LCKMTXTAGINDIRECT see lckmtxlockslow...

Lavavo CD Ripper 4.20 - License Activation Name Buffer Overflow (SEH)

Lavavo CD Ripper 4.20 - License Activation Name Buffer Overflow SEH Exploit Title: Lavavo CD Ripper 4.20 Local Seh Exploit Date: 25.04.2019 Vendor Homepage:https://www.lavavosoftware.com Software Link: https://lavavo-cd-ripper.jaleco.com/download Exploit Author: Achilles Tested Version: 4.20 Test...

SUSE-SU-2019:0789-1 Security update for ntp

This update for ntp fixes the following issues: Security issue fixed: - CVE-2019-8936: Fixed a null pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd bsc1128525. Other isses addressed: - Fixed an issue which caused openSSL mismatch bsc1125401 - Fixed...

SUSE SLES12 Security Update : ntp (SUSE-SU-2019:0775-1)

This update for ntp fixes the following issues : Security issue fixed : CVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd bsc1128525. Other issues addressed: Fixed several bugs in the BANCOMM reclock driver. Fixed...

SUSE-SU-2019:0775-1 Security update for ntp

This update for ntp fixes the following issues: Security issue fixed: - CVE-2019-8936: Fixed a null pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd bsc1128525. Other issues addressed: - Fixed several bugs in the BANCOMM reclock driver. - Fixed...

FTPGetter Standard 5.97.0.177 - Remote Code Execution

FTPGetter Standard 5.97.0.177 - Remote Code Execution Exploit Title: FTPGetter Standard - v.5.97.0.177 Remote Code Execution Date: 05/03/2019 Exploit Author: https://github.com/w4fz5uck5 | @w4fz5uck5 Vendor Homepage: https://www.ftpgetter.com Software Link:...

robinbhandari FTP Remote Denial Of Service Exploit

Title: CVE-2019-9668 robinbhandari FTP remote DoS vulnerability Vulnerable: - https://github.com/rovinbhandari/FTP Description: robinbhandari is a open source tiny ftp server/client in github.com. it has a remote DoS vulnerability in a 'put' command. Timeline: 2019-03-11 CVE-2019-9668 robinbhanda...

River Past Cam Do 3.7.6 Local Buffer Overflow

Exploit Title: River Past CamDo SEH Local Exploit Date: 07.02.2019 Vendor Homepage:www.riverpast.com Software Link: https://en.softonic.com/download/river-past-cam-do/windows/post-download?sl=1 Exploit Author: Achilles Tested Version: 3.7.6 Tested on: Windows XP SP3 EN 1.- Run python code :...

River Past Audio Converter 7.7.16 - Buffer Overflow (SEH)

Exploit Title: RiverPastAudioConverter - Buffer Overflow SEH Date: 06.02.2019 Vendor Homepage: www.riverpast.com Software Link: https://en.softonic.com/download/river-past-audio-converter/windows/post-download?sl=3D1 Exploit Author: Matteo Malvica Tested Version: 7.7.16 Tested on: Windows 10 -...

redis: Integer overflow in lua_struct.c:b_unpack()

An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking...

redis: Integer overflow in lua_struct.c:b_unpack()

An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking...

UBUNTU-CVE-2019-6129

pngcreateinfostruct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer...

Netatalk 3.1.12 - Authentication Bypass (PoC)

import socket import struct import sys if lensys.argv != 3: sys.exit0 ip = sys.argv1 port = intsys.argv2 sock = socket.socketsocket.AFINET, socket.SOCKSTREAM print "+ Attempting connection to " + ip + ":" + sys.argv2 sock.connectip, port dsipayload = "\x00\x00\x40\x00" client quantum dsipayload +...

Base64 Decoder 1.1.2 SEH Local Buffer Overflow

!/usr/bin/env python Exploit Author: bzyo Twitter: @bzyo Exploit Title: Base64 Decoder 1.1.2 - Local Buffer Overflow SEH Date: 12-20-18 Vulnerable Software: Base64 Decoder 1.1.2 Vendor Homepage: http://4mhz.de/b64dec.html Version: 1.1.2 Software Link:...

Base64 Decoder 1.1.2 - Local Buffer Overflow (SEH)

Base64 Decoder 1.1.2 - Local Buffer Overflow SEH !/usr/bin/env python Exploit Author: bzyo Twitter: @bzyo Exploit Title: Base64 Decoder 1.1.2 - Local Buffer Overflow SEH Date: 12-20-18 Vulnerable Software: Base64 Decoder 1.1.2 Vendor Homepage: http://4mhz.de/b64dec.html Version: 1.1.2 Software...

XMPlay 3.8.3 - .m3u Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: XMPlay 3.8.3 - '.m3u' Denial of Service PoC Exploit Author: s7acktrac3 Vendor Homepage: https://www.xmplay.com/ Software Link: https://support.xmplay.com/filesview.php?fileid=676 Version: 3.8.3 latest Tested on: Windows XP/7/8 CVE ...

CVE-2018-16840

A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the Curlclose function, the library code first frees a struct without nulling the pointer and might then subsequently...

CVE-2018-16840

A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the Curlclose function, the library code first frees a struct without nulling the pointer and might then subsequently...

SEIG SCADA System 9 - Remote Code Execution Exploit

Exploit for windows platform in category remote exploits Title: SEIG SCADA SYSTEM 9 - Remote Code Execution Author: Alejandro Parodi Vendor Homepage: https://www.schneider-electric.com Software Link:...