header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Heap-based out-of-bounds memory read in FreeType

The exploit triggers a heap-buffer-overflow in FreeType, specifically in the tt_sbit_decoder_load_bit_aligned function in ttsbit.c file. It has been reproduced with the current version of freetype2 from the master git branch, with a 64-bit build of the ftbench utility compiled with AddressSanitizer.

WordPress Ajax Load More PHP Upload Vulnerability

This module exploits an arbitrary file upload vulnerability in the WordPress Ajax Load More version 2.8.1.1. It allows for the upload of arbitrary php files and allows for remote code execution. The vulnerability has been tested successfully on WordPress Ajax Load More 2.8.0 with Wordpress 4.1.3 on Ubuntu 12.04/14.04 Server.

Versalsoft HTTP File Uploader (UFileUploaderD.dll) ‘AddFile’ method Buffer Overflow

The 'AddFile' method in the Versalsoft HTTP File Uploader (UFileUploaderD.dll) is vulnerable to a buffer overflow. This can be exploited by sending a specially crafted request, causing the application to crash and potentially allowing for code execution.

NXFilter v3.0.3 – Persistent & Reflected XSS

Persistent & reflected XSS entry points exist allowing arbitrary client side browser code execution on victims who click our infected linx or visit persistently stored XSS payloads. XSS strings seem to get filtered, yet we can defeat that using JS String.fromCharCode() functions.

Friendly 1.0d1 (friendly_path) Remote File Inclusion Vulnerabilities

The vulnerability allows an attacker to include a remote file by manipulating the 'friendly_path' parameter in the specified URLs. This can lead to remote code execution and unauthorized access to the server.

Heap-based out-of-bounds memory reads in FreeType

The vulnerability occurs in the handling of the 'cmap' (format 14) SFNT table in FreeType. It allows for heap-based out-of-bounds memory reads. The issue has been reproduced using the current version of freetype2 with a 64-bit build of the ftbench utility compiled with AddressSanitizer. Three proof-of-concept (POC) files triggering the conditions are attached.

Python 2.7 strop.replace() Integer Overflow

The Python 2.7 strop.replace() method suffers from an integer overflow that can be exploited to write outside the bounds of the string buffer and potentially achieve code execution. The issue can be triggered by performing a large substitution that overflows the arithmetic used in mymemreplace() to calculate the size of the new string.

Recent Exploits: