Lucene search
K

157 matches found

ossfuzz
ossfuzz
added 2017/05/14 1:48 a.m.18 views

gdal: Heap-buffer-overflow in PackBitsDecode

Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=5296144668164096 Project: gdal Fuzzer: libFuzzergdalfuzzer Fuzz target binary: gdalfuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address:...

7AI score
Exploits0Affected Software1
myhack58
myhack58
added 2017/04/20 12:0 a.m.1053 views

The Jackson framework Java deserialization remote code execution vulnerability technical analysis and protection solution-vulnerability warning-the black bar safety net

GMT 4 on 15 May, the Jackson framework is found in the presence of a deserialization code execution vulnerability. The vulnerability exists in Jackson under the framework of the enableDefaultTyping method by which the vulnerability, an attacker can Remote in to the server host on the unauthorized...

1AI score
Exploits0
n0where
n0where
added 2016/11/05 5:21 a.m.193 views

What the Fuzz: Radamsa

What the Fuzz: Radamsa Radamsa is a test case generator for robustness testing, a.k.a. a fuzzer. It is typically used to test how well a program can withstand malformed and potentially malicious inputs. It works by reading sample files of valid data and generating interestingly different outputs...

7.5AI score
Exploits0References1
n0where
n0where
added 2016/10/07 2:40 p.m.29 views

CERT Basic Fuzzing Framework: BFF

CERT Basic Fuzzing Framework The CERT Basic Fuzzing Framework BFF is a software testing tool that finds defects in applications that run on the Linux and Mac OS X platforms. BFF performs mutational fuzzing on software that consumes file input. Mutational fuzzing is the act of taking well-formed...

0.4AI score
Exploits0References1
n0where
n0where
added 2016/05/26 2:18 p.m.33 views

General Purpose Fuzzer: Radamsa

Radamsa is a test case generator for robustness testing, a.k.a. a fuzzer. It is typically used to test how well a program can withstand malformed and potentially malicious inputs. It works by reading sample files of valid data and generating interestringly different outputs from them. The main...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2016/05/18 11:30 p.m.33 views

EhTrace - Tool for Tracing Execution of Binaries on Windows

Eh'Trace pronounced ATrace is a binary tracing tool for Windows. Implemented in C but has some interesting properties that may make it suitable for tracing binaries when other methods are not sufficient, in particular EhTrace does not require changes to a binary to enable traces, despite being ab...

7.5AI score
Exploits0References3
0day.today
0day.today
added 2015/08/25 12:0 a.m.48 views

Microsoft Office 2007 OneTableDocumentStream Invalid Object Exploit

Microsoft Office 2007 suffers from a OneTableDocumentStream invalid object vulnerability. Source: https://code.google.com/p/google-security-research/issues/detail?id=171&can=1 The following access violation was observed in Microsoft Office 2007 Word document: 8c0.e68: Access violation - code...

9.3CVSS6.4AI score0.30325EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2015/08/10 12:0 a.m.25 views

CVE-2015-5180

resquery in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service NULL pointer dereference and process crash...

7.5CVSS7.2AI score0.06219EPSS
Exploits0References3
Kitploit
Kitploit
added 2015/07/21 10:3 p.m.22 views

Dharma - A generation-based, context-free grammar fuzzer

A generation-based, context-free grammar fuzzer. Requirements None Examples Generate a single test-case. % ./dharma.py -grammars grammars/webcrypto.dg Generate a single test case with multiple grammars. % ./dharma.py -grammars grammars/canvas2d.dg grammars/mediarecorder.dg Generating test-cases a...

7.3AI score
Exploits0References2
Packet Storm
Packet Storm
added 2015/04/30 12:0 a.m.76 views

TestDisk 6.14 Check_OS2MB Stack Buffer Overflow

, , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. TestDisk 6.14 CheckOS2MB Stack Buffer Overflow Affected versions: TestDisk 6.14 - Linux, Windows and Mac OSX PDF:...

0.9AI score
Exploits0
UbuntuCve
UbuntuCve
added 2011/03/22 12:0 a.m.40 views

CVE-2011-0188

The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service applicati...

6.8CVSS6.8AI score0.03025EPSS
Exploits0References2
NVD
NVD
added 2009/12/10 11:30 p.m.19 views

CVE-2009-4238

Multiple SQL injection vulnerabilities in TestLink before 1.8.5 allow remote authenticated users to execute arbitrary SQL commands via 1 the Test Case ID field to lib/general/navBar.php or 2 the logLevel parameter to lib/events/eventviewer.php...

6.5CVSS8AI score0.01082EPSS
Exploits7References6
RedHat Linux
RedHat Linux
added 2009/04/22 1:40 a.m.5 views

Firefox 3 Layout engine crashes

The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service application crash and possibly trigger memory corruption via vectors related to 1 nsAsyncInstantiateEvent::Run, 2...

5CVSS7.4AI score0.029EPSS
Exploits1References4
seebug.org
seebug.org
added 2008/12/08 12:0 a.m.21 views

NULL FTP Server 1.1.0.7 SITE Parameters Command Injection Vuln

No description provided by source. vuln.sg Vulnerability Research Advisory NULL FTP Server SITE Parameters Command Injection Vulnerability by Tan Chew Keong Release Date: 2008-12-05 Summary A vulnerability has been found in NULL FTP Server. When exploited, this vulnerability allows an authenticat...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/12/05 12:0 a.m.32 views

NULL FTP Server 1.1.0.7 - 'Site' Command Injection

vuln.sg Vulnerability Research Advisory NULL FTP Server SITE Parameters Command Injection Vulnerability by Tan Chew Keong Release Date: 2008-12-05 Summary A vulnerability has been found in NULL FTP Server. When exploited, this vulnerability allows an authenticated user to execute arbitrary shell...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2008/11/25 8:57 a.m.6 views

vim: heap buffer overflow in mch_expand_wildcards()

Heap-based buffer overflow in the mchexpandwildcards function in osunix.c in Vim 6.2 and 6.3 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames, as demonstrated by the netrw.v3 test case...

6.8CVSS6.4AI score0.0862EPSS
Exploits0References4
securityvulns
securityvulns
added 2006/04/10 12:0 a.m.31 views

[Full-disclosure] Oracle read-only user can insert/update/delete data via specially crafted views

Hello Full Disclosure Last Thursday 6th April 2006, Oracle released a note on the Oracle knowledgebase Metalink with details about an unfixed security vulnerability =0day and a working test case =exploit code which effects all versions of Oracle from 9.2.0.0 to 10.2.0.3. This note "363848.1 - A...

0.9AI score
Exploits0
Rows per page
Query Builder