The Bank Of Tokyo-mitsubishi Ufj, Ltd. Security Vulnerabilities

Exploit for Deserialization of Untrusted Data in Apache Log4J

Exploiting-CVE-2021-44228-Log4Shell-in-a-Banking-Environment...

Use Of Insufficiently Random Values

zendframework/zendframework is vulnerable to insufficient entropy. The vulnerability is due to using PHP's mt_rand() function as a fallback for generating random bytes, which is predictable and susceptible to brute force attacks on the...

Exploit for Out-of-bounds Write in Gnu Glibc

CVE-2023-4911-Looney-Tunables Looney Tunables Local privilege...

Exploit for Out-of-bounds Write in Gnu Glibc

CVE-2023-4911 - Looney Tunables This is a (atm very rough)...

Exploit for Deserialization of Untrusted Data in Apache Log4J

Log4j-check 支持RC1绕过 log4J...

Denial Of Service (DoS)

go.opentelemetry.io/collector/config/configgrpc is vulnerable to Denial Of Service (DoS). The vulnerability is due to compressed HTTP requests which can be maliciously designed to crash the system by consuming excessive memory. Attackers can exploit this by sending specially crafted "zip bomb"...

Denial Of Service (DoS)

gpac is vulnerable to Denial of Service (DoS) attacks. If keys or parameters are received from an unreliable source, applications employing DH_check(), DH_check_ex(), or EVP_PKEY_param_check() may face lengthy delays, resulting in denial of service...

Denial Of Service (DoS)

node-tar is vulnerable to Denial of service (DoS). The vulnerability is caused due to lack of validation on the number of folders created during the folder creation process.This allows an attackers to consume excessive CPU and memory resources, potentially causing the system to become unresponsive....

Out-of-bounds Read

libfreerdp.so is vulnerable to Out-of-bounds Read. The vulnerability is due to improper handling of nWidth and nHeight when both are zero, This allowing an attacker to potentially access or modify memory outside the intended buffer...

Out-of-bounds Write

chromium is vulnerable to Out-of-bounds Write. The vulnerability is due to inadequate bounds checking within a sandbox environment via a carefully crafted HTML page, allowing a remote attacker to execute arbitrary...

Exploit for Deserialization of Untrusted Data in Apache Log4J

Nmap Log4Shell NSE script for discovery Apache Log4j RCE...

Denial Of Service (DoS)

qemu is vulnerable to a Denial of Service(DoS) attack. The vulnerability is due to an assertion failure in the update_sctp_checksum() function in hw/net/net_tx_pkt.c, allows a malicious guest to trigger a denial of...

Deserialization Of Untrusted Data

typo3/phar-stream-wrapper is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to improper handling of user-supplied Phar achive data before deserialization, which allows attackers to manipulate the serialized data to execute arbitrary...

Denial Of Service (DoS)

apache2 is vulnerable to Denial of Service (DoS). This vulnerability allows an attacker to cause denial of service conditions on a vulnerable system by exploiting a race condition that occurs when a HTTP/2 connection is reset (RST frame) by a...

Out-of-bounds Read

libfreerdp.so is vulnerable to an out-of-bounds read. The vulnerability is due to inadequate bounds checking in the zgfx_decompress_segment function because the variable count is not checked against Stream_GetRemainingLength. This could allow an attacker to potentially access sensitive information....

Denial Of Service (DoS)

MediaWiki is vulnerable to Denial Of Service (DoS). The vulnerability is due to a flaw in includes/specials/SpecialMovePage.php. If a user with the necessary rights to move the page opens Special:MovePage for a page with tens of thousands of subpages, then the page will exceed the maximum request.....

Deserialization Of Untrusted Data

mlflow is vulnerable to Deserialization of Untrusted Data. The vulnerability is due to inadequate input validation in the _load_custom_objects function within mlflow/tensorflow/init.py, which allows attackers to execute arbitrary code by injecting a malicious pickle object into the Tensorflow...

Exploit for Deserialization of Untrusted Data in Apache Activemq

ActiveMQ-RCE ActiveMQ RCE (CVE-2023-46604) exploit, written...

Exploit for Deserialization of Untrusted Data in Apache Dubbo

更全面的Dubbo漏洞扫描工具见我的另一个项目：https://github.com/YYHYlh/Dubbo-Scan...

Denial Of Service (DoS)

github.com/envoyproxy/envoy is vulnerable to Denial Of Service (DOS). The vulnerability is due to the async HTTP client buffering the mirror response with an unbounded buffer, which allows attackers to potentially cause an out-of-memory scenario by sending huge...

Exploit for Out-of-bounds Write in Haxx Libcurl

🇮🇱 **#BringThemHome...

Exploit for Deserialization of Untrusted Data in Apache Log4J

Log4j Vulnerability - CVE-2021-44228 :green_book: ...

Exploit for Out-of-bounds Write in Fortinet Fortiproxy

FortiGate cve-2024-21762-checker This script is used to check...

Exploit for Out-of-bounds Write in Gnu Glibc

CVE-2023-4911-Looney-Tunables Looney Tunables Local privilege...

Exploit for Deserialization of Untrusted Data in Apache Log4J

Log4Shell sample vulnerable application (CVE-2021-44228)...

Exploit for Deserialization of Untrusted Data in Apache Log4J

Log4j...

Exploit for Out-of-bounds Write in 7-Zip

CVE-2022-29072 7-Zip through 21.07 on Windows allows...

Exploit for Cleartext Transmission of Sensitive Information in Keepass

KeePass 2.X Master Password Dumper...

Denial Of Service (DOS)

pimcore/pimcore is vulnerable to Denial Of Service. The vulnerability due to the lack of restrictions on the scaling factors that can be applied to image thumbnails, potentially creating disproportionately large files or overwhelming server CPU...

Denial Of Service (DoS)

libdjvulibre.so is Denial Of Service (DoS). The vulnerability exists in the IW44Image::Map::image function at IW44Image.cpp due to a divide by zero bug resulting in a floating point exception causing an application...

Denial Of Service (DoS)

libdjvulibre.so is vulnerable to Denial Of Service (DoS). The vulnerability exists due to the lack of input validation in the IW44EncodeCodec.cpp when preparing the gray level conversion table, which allows an attacker to cause an application crash via divide by...

Denial Of Service (DOS)

NodeJS is vulnerable to Denial Of Service (DOS). The vulnerability is caused due the fact that the fetch() function in Node.js always decodes Brotli, making it possible for an attacker to cause resource exhaustion when fetching content from an untrusted URL. An attacker controlling the URL passed.....

Denial Of Service (DoS)

strukturag/libde265 is vulnerable to Denial of Service (DoS). The vulnerability is caused due to a lack of proper bounds checking when calculating memory allocation sizes within image.cc. An attacker could manipulate the values to exceed the intended dimensions, leading to a buffer overflow and...

Out-of-bounds Read

apache2 is vulnerable to Out-of-bounds Read. An attacker could exploit this vulnerability by sending a specially crafted HTTP request to a vulnerable Apache HTTP Server. The request would contain a specially crafted mod_macro directive that would cause the server to read data from outside of the...

Out-of-bounds Read

libfreerdp.so is vulnerable to an out-of-bounds read. The vulnerability is due to insufficient validation of the SrcSize before reading data from pSrcData, potentially allowing reading beyond the allocated memory when SrcSize is less than 4. This could allow an attacker to access sensitive...

Denial Of Service (DoS)

Node.js is vulnerable to Denial of Service (DoS). The vulnerability is due to improper handling of HTTP/2 CONTINUATION frames, where sending a small amount of HTTP/2 frames packets can cause data to be left in nghttp2 memory after a reset, leading to a race condition when the Http2Session...

Denial Of Service (DoS)

node-tar is vulnerable to Denial of service (DoS). The vulnerability is caused by to lack of validation on the number of folders created during the folder creation process. This allows an attacker to consume excessive CPU and memory resources, potentially causing the system to become unresponsive.....

Out-of-bounds Read

FreeRDP is vulnerable to Out-of-bounds Read. The vulnerability is caused due to an incorrect calculation of the WCHAR string length during conversion to UTF-8 within redirection.c, resulting in out-of-bounds...

Out-of-bounds Read

libfreerdp.so is vulnerable to an out-of-bounds read. This vulnerability is due to inadequate bounds checking in the planar_skip_plane_rle function, leading to potential out-of-bounds reads when processing RLE-encoded...

Out-of-bounds Read

FreeRDP is vulnerable to Out-of-bounds Read. The vulnerability is caused due to inadequate bounds checking when reading data from a buffer.This allows an attacker to access or manipulate data outside its intended range, potentially leading to unauthorized information...

Exploit for Out-of-bounds Write in Fortinet Fortios

CVE-2022-42475-RCE-POC 漏洞名称 CVE-2022-42475 飞塔RCE漏洞 POC...

Exploit for Deserialization of Untrusted Data in Apache Log4J

log4j2-scan is a single binary...

Exploit for Out-of-bounds Write in Haxx Libcurl

$ chmod +x run.sh $ ./ru...

Exploit for Out-of-bounds Write in Lenovo Diagnostics

CVE-2022-3699 Incorrect access control for the Lenovo...

Exploit for Incorrect Implementation of Authentication Algorithm in Microsoft

Recreation of the SharePoint PoC for CVE-2023-29357 in C# with...

Exploit for Out-of-bounds Write in Microsoft

CVE-2023-28252-Compiled-exe A modification of Fortra's...

Exploit for Deserialization of Untrusted Data in Clear Clearml

CVE-2024-24590 Deserialization of untrusted data can occur in...

Exploit for Incorrect Implementation of Authentication Algorithm in Microsoft

🛑 Microsoft SharePoint: CVE-2023-29357 🛑 **Microsoft...

Exploit for Cleartext Storage of Sensitive Information in Mremoteng

mRemoteNG <= v1.77.3.1784-NB Password Dumper...

Deserialization Of Untrusted Data

mlflow is vulnerable to Deserialization of Untrusted Data. The vulnerability is caused due to inadequate input validation in the _load_model function within mlflow/pytorch/init .py. This allows an attacker to execute arbitrary code on the victim's system by injecting a malicious pickle object...