Xen allows pagetables of the same level to map each other as readonly in PV domains. When cleaning up a pagetable after the last typed reference to it has been dropped, Xen will recursively drop the typed refcounts of pages referenced by the pagetable, potentially recursively cleaning them up as well. For pagetables of the same depth that map each other, there is no depth limit for recursion. An attacker can set up a chain of pagetables that cause a stack overflow when the type-pin of the first pagetable is removed and the following pagetables are recursively cleaned up.
This exploit allows an attacker to execute arbitrary code on a vulnerable Mercury/32 SMTPD server by sending a specially crafted CRAM-MD5 authentication request. The exploit will bind a command shell on port 1154 if successful.
This exploit allows an attacker to perform a remote SQL injection attack on LiteCommerce. By injecting a specially crafted query, the attacker can retrieve the login and password information from the xlite_profiles table. The exploit may not work on the latest version of LiteCommerce as it does not generate an error message.
This PoC demonstrates a SQL injection vulnerability in TorrentTrader 1.0 RC2. It allows an attacker to manipulate SQL queries by injecting arbitrary SQL code, resulting in the disclosure of the administrator's username and md5(password) hash.
This is a remote exploit for the ProFTPD 1.2.9 rc1 mod_sql vulnerability. It allows an attacker to inject SQL queries into the server.
The Bailout vulnerability in ChakraCore allows an attacker to directly change the opcode of an instruction that cannot be JITed, leading to the generation of bailouts. This can be done by modifying the method 'Lowerer::GenerateBailOut'. The vulnerability occurs when a Call instruction has 'Src2'.
Passing more than 164 chars to ReInit method in Username argument causes a buffer overflow in the eCentrex VOIP Client module (uacomx.ocx 2.0.1) on IE6 / XP SP2. This leads to an access violation and overwrites the structured exception handler (SEH).
The Perl script shown above is an example of a remote denial of service vulnerability. It sends multiple SIP INVITE and OPTIONS requests to a target IP address and port, causing the target server to become unresponsive or crash. This vulnerability can be exploited by an attacker to disrupt the communication services of a target server.
A buffer overflow Attack possible due to improper input mechanism
This exploit allows remote attackers to execute arbitrary code via a crafted request to the VX Search Enterprise software, which triggers a buffer overflow.
Services By CQR