There is a heap overflow in SkARGB32_Shader_Blitter::blitH caused by a rounding error in SkEdge::setLine. To trigger the bug Skia needs to be compiled with SK_RASTERIZE_EVEN_ROUNDING (true in, for example, Mozilla Firefox).
The exploit takes advantage of a vulnerability in IBM Lotus Domino versions 7.0.2 and 6.5.5 FP2. It allows an attacker to execute arbitrary code on the server by manipulating the ECX register and using a buffer overflow.
The exploit code creates iframes within iframes in order to trigger a heap-use-after-free vulnerability in WebKit. This vulnerability allows an attacker to read from or write to previously freed memory, potentially leading to arbitrary code execution.
The vulnerability allows an attacker to pull out admin/members login credentials by exploiting a SQL injection vulnerability in the BlogSite Professional application. The exploit uses a crafted URL to perform a UNION SELECT statement and retrieve the username and password from the websiteadmin_admin_users table.
netagent_handle_register_setopt function in netagent_ctl_setopt.c in the XNU kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Demonstrates a generic kde authentication bypass vulnerability using smb4k PoC. The exploit involves sending a variant map containing an evil mh_command key-pair to the net.sourceforge.smb4k.mounthelper D-Bus service.
This exploit allows an attacker to remotely cause a denial of service (DOS) attack on the TeamSpeak 2.0 Windows Release. The TeamSpeak WebServer does not have a TCP session expiry and does not check the length of incoming values.
This vulnerability allows an unprivileged user on a Linux machine with VMWare Workstation installed to gain root privileges. The issue occurs when the privileged VM host process loads libasound, which parses ALSA configuration files, including one at ~/.asoundrc. The libasound library is not designed to run in a setuid context and permits loading arbitrary shared libraries via dlopen(). The exploit involves creating a malicious shared library and a specially crafted ALSA configuration file to gain root access.
This exploit takes advantage of a buffer overflow vulnerability in the snmpget() function in PHP version 5.2.3 and earlier. It allows for an eip overwrite and can be used to execute arbitrary code.
Uses evil view to perform unauthorized password update
Services By CQR