While fuzzing UPX packed files in Kaspersky Antivirus, a crash was discovered resulting in an arbitrary stack-relative write. This vulnerability is obviously remotely exploitable for remote code execution as NT…
>> AUTHOR: deepcore
The attached testcase was found by fuzzing packed PE files with Kaspersky Antivirus. The researcher suspects it was packed using “Yoda’s protector”. This vulnerability is obviously exploitable for remote code…
Avast will render the commonName of X.509 certificates into an HTMLLayout frame when your MITM proxy detects a bad signature.
K2 SmartForms, BlackPearl, and K2 for Sharepoint version 4.6.7 suffer from a boolean-based remote SQL injection vulnerability.
Linux/MIPS Kernel NetUSB – Remote Code Execution Exploit
ZyXEL PMG5318-B20A – OS Command Injection Vulnerability
NetUSB stack buffer overflow denial of service exploit.
Dream CMS allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative…
Zhone ZNID GPON 2426A suffers from insecure direct object reference, password disclosure, command injection, cross site scripting, and privilege escalation vulnerabilities. Versions prior to S3.0.501 are affected.
Netgear Voice Gateway 2.3.0.23_2.3.23 – Multiple Vulnerabilities