CVE-2017-18193

fs/f2fs/extentcache.c in the Linux kernel, before 4.13, mishandles extent trees. This allows local users to cause a denial of service via an application with multiple threads...

Design/Logic Flaw

fs/f2fs/extentcache.c in the Linux kernel before 4.13 mishandles extent trees, which allows local users to cause a denial of service BUG via an application with multiple threads...

CVE-2017-18193

fs/f2fs/extentcache.c in the Linux kernel before 4.13 mishandles extent trees, which allows local users to cause a denial of service BUG via an application with multiple threads...

CVE-2017-18193

fs/f2fs/extentcache.c in the Linux kernel before 4.13 mishandles extent trees, which allows local users to cause a denial of service BUG via an application with multiple threads...

CVE-2017-18193

fs/f2fs/extentcache.c in the Linux kernel before 4.13 mishandles extent trees, which allows local users to cause a denial of service BUG via an application with multiple threads...

CVE-2017-18193

fs/f2fs/extentcache.c in the Linux kernel before 4.13 mishandles extent trees, which allows local users to cause a denial of service BUG via an application with multiple threads...

CVE-2018-1000030

Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are...

Heap overflow

Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are...

CVE-2018-1000030

Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are...

CVE-2018-1000030

Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are...

DEScrypt-CPU-Collision-Cracker - DEScrypt CPU Collision Cracker

A linux based high performance DEScrypt CPU cracker written in c++, it deduces the salt and uses a password list to crack hashes. Why not use a rainbow table? DEScrypt uses by default a two byte saltcomprised of characters a-zA-Z0-9./ 1 which would mean that you would need to produce roughly 65,5...

undertow: IO thread DoS via unclean Websocket closing

It was found that with non-clean TCP close, Websocket server gets into infinite loop on every IO thread, effectively causing DoS...

undertow: IO thread DoS via unclean Websocket closing

It was found that with non-clean TCP close, Websocket server gets into infinite loop on every IO thread, effectively causing DoS...

Apple macOS/iOS - Multiple Kernel Use-After-Frees due to Incorrect IOKit Object Lifetime Management in IOTimeSyncClockManagerUserClient

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1377 IOTimeSyncClockManagerUserClient provides the userspace interface for the IOTimeSyncClockManager IOService. IOTimeSyncClockManagerUserClient overrides the IOUserClient::clientClose method but it treats it like a destructor...

Sublist3r v1.0 - Fast subdomains enumeration tool for penetration testers

Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu, and Ask...

Double free

The soundtrigger driver in P9 Plus smart phones with software versions earlier than VIE-AL10BC00B353 has a memory double free vulnerability. An attacker tricks a user into installing a malicious application, and the application can start multiple threads and try to free specific memory, which cou...

CVE-2017-11023

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of out-of-bound buffer accesses due to no synchronization in accessing global variables by multiple threads...

subjack - Hostile Subdomain Takeover tool written in Go

subjack is a Hostile Subdomain Takeover tool written in Go designed to scan a list of subdomains concurrently and identify ones that are able to be hijacked. With Go's speed and efficiency, this tool really stands out when it comes to mass-testing. Always double check the results manually to rule...

Buffer overflow

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, setting the HMAC key by different threads during SHA operations may potentially lead to a buffer overflow...

AWSBucketDump - Security Tool to Look For Interesting Files in S3 Buckets

AWSBucketDump is a tool to quickly enumerate AWS S3 buckets to look for loot. It's similar to a subdomain bruteforcer but is made specifically for S3 buckets and also has some extra features that allow you to grep for delicious files as well as download interesting files if you're not afraid to...