A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file…
>> CATEGORY: exploit
A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file…
Netgear’s ProSafe NMS300 is a network management utility that runs on Windows systems. The application has a file upload vulnerability that can be exploited by an unauthenticated remote attacker to…
The Adreno GPU driver for the MSM Linux kernel contains a heap overflow in the IOCTL_KGSL_PERFCOUNTER_QUERY ioctl command. The bug results from an incorrect conversion to a signed type when…
Fiyo CMS version 2.0.6.1 suffers from multiple cross site scripting vulnerabilities.
This script exploits er, unsanitized env var passing in ASAN which leads to file clobbering as root when executing setuid root binaries compiled with ASAN. It uses an overwrite of…
A crash due to a use-after-free condition can be observed in an ASAN build of Wireshark (current git master), by feeding a malformed file to tshark.
WordPress More Fields plugin versions 2.1 and below suffer from a cross site request forgery vulnerability.
GpicView version 0.2.5 buffer overflow crash proof of concept exploit.
An independent vulnerability laboratory researcher discovered a client-side cross site scripting web vulnerability in the official WordPress Good News Themes.