Last Updated on November 3, 2015 by deepcore The NtCreateLowBoxToken API allows the capture of arbitrary handles which can lead to to local denial of service or elevation of privilege.
Last Updated on November 3, 2015 by deepcore Milton Webdav version 2.7.0.1 suffers from an XXE injection vulnerability.
Last Updated on November 3, 2015 by deepcore Python version 2.7 strop.replace() method suffers from an integer overflow that can be exploited to write outside the bounds of the string buffer and potentially achieve code execution. The issue can be triggered by performing a large substitution that overflows the arithmetic used in mymemreplace() to calculate […]
Last Updated on November 3, 2015 by deepcore Python 2.7 array.fromstring() method suffers from a use after free caused by unsafe realloc use. The issue is triggered when an array is concatenated to itself via fromstring() call.
Last Updated on November 3, 2015 by deepcore Python version 2.7 hotshot module suffers from a heap buffer overflow due to a memcpy in the pack_string function at line 633.
Last Updated on November 3, 2015 by deepcore If TCPing is called with an specially crafted CL argument it will cause an exception and overwrite the pointers to next SEH record and SEH handler with our buffer and malicious shellcode. Spetnik TCPing version 2.1.0 is affected.
Last Updated on November 3, 2015 by deepcore actiTIME 2015.2 suffers from multiple security vulnerabilities including open redirection, HTTP response splitting, and unquoted service path elevation of privilege.
Last Updated on November 3, 2015 by deepcore This archive contains 166 exploits that were added to Packet Storm in October, 2015.
Last Updated on November 3, 2015 by deepcore Samsung libQjpeg Image Decoding Memory Corruption
Tags: 0day, remote exploitLast Updated on November 3, 2015 by deepcore Samsung Galaxy S6 – android.media.process Face Recognition Memory Corruption
Tags: 0day, remote exploit
