A denial of service vulnerability exists in Oracle VirtualBox Manager 5.2.18 r124319 when a crafted string is pasted into the 'Name' attribute of a storage controller, resulting in a crash of the application.
A buffer overflow vulnerability exists in Notebook Pro 2.0, which could allow an attacker to cause a denial of service condition. The vulnerability is due to insufficient input validation when handling user-supplied data. An attacker can exploit this vulnerability by supplying a specially crafted payload to the application. This will cause the application to crash, resulting in a denial of service condition.
A buffer overflow vulnerability exists in Faleemi Plus 1.0.2, which could allow an attacker to cause a denial of service condition. By running a specially crafted python exploit script, an attacker can create a new file with the name 'exploit.txt' and copy the text inside 'exploit.txt' and start the program. By clicking 'Add Camera' and pasting the content of 'exploit.txt' into the 'Camera name' and 'DID number' fields, an attacker can cause a crash.
Free MP3 CD Ripper 2.6 is vulnerable to a buffer overflow vulnerability when a specially crafted .wma file is opened. This can be exploited to execute arbitrary code by overwriting the SEH handler with a pointer to the malicious code. The malicious code can be injected by running the python exploit script which will create a new file with the name 'exploit.wma'. When the program is started and the file is opened, a calculator will pop up.
The vulnerability allows an attacker to inject sql commands using a value of a cookie parameter. When a user visits a page which has a poll or survey, a question will be appeared for answering. When the user answers the question, wp_sap will be assigned to a value. An attacker can then change it with a payload containing an OR statement which must be 1=2. When the page is reloaded, the source code of the page can be searched for 'sss_params' to reveal the version of the DB.
CdBurnerXP 4.5.8.6795 is vulnerable to a denial of service attack when a maliciously crafted file name is pasted into the 'File Name' field. This causes the application to crash.
Watchguard AP's have a backdoor account with known credentials. This can be used to gain a valid web session on the HTTP administration interface. The administrator can then upload a shell directly to the web root to execute it. This module can also be used if you have legitimate access credentials to the device.
There is a variety of RPC communication channels between the Chrome OS host system and the crosvm guest. This bug report focuses on communication on TCP port 8889, which is used by the 'garcon' service. Chrome OS apps running on the host (and I think also Android apps, but I haven't tested that) are not affected by such restrictions. This means that a Chrome OS app with the 'Exchange data with any device on the local network or internet' permission can open a gRPC socket to the guest's garcon (no authentication required) and send a vm_tools.container.Garcon.LaunchApplication RPC call to the guest.
Socusoft Photo to Video Converter Professional 8.07 is vulnerable to a buffer overflow when a maliciously crafted input is supplied to the 'Registration Name' field. This can be exploited to execute arbitrary code by tricking a user into opening a specially crafted file. The vulnerability is due to a lack of proper bounds checking of the user-supplied data before copying it to a fixed-length buffer.
A denial of service vulnerability exists in TeamViewer App 13.0.100.0 when a maliciously crafted payload is sent to the application, resulting in a crash. An attacker can exploit this vulnerability by creating a file with a malicious payload and then pasting the content of the file into the password field when logging in. This will cause the application to crash.
Services By CQR