Chrome version 121 suffers from a javascript fork malloc vulnerability that indicates memory corruption upon crash.
c5fe58fff9338fa2b857b94610a42def7f40d9f7d58140b30fcf25e66b5a7686
Firefox version 121 and Chrome version 120 may both suffer from a minor denial of service issue with file downloads.
87fff58ac306829b938551eaffd6ed12db00ff7e56118bf0e6a8e7d7cf6ed267
cpio version 2.13 suffers from a privilege escalation vulnerability via setuid files in a cpio archive.
e4948bd6237737a1ce41d6d861ca14bf4316c0d417e7e9b48c670388f66f760a
Firefox version 117 suffers from a file creation denial of service vulnerability.
0d270254e544e127717e08d6202c874bd08cb13e7feeb36cff908777b6a11eca
GNOME Files version 43.4 (nautilus) on Fedora 37 will extract zip archives with setuid files for other user identifiers that can be leveraged to escalate privileges.
ac80117ac673973985c2dd78f43ddd88009c6d2d28c771696ceaab5aceb3f410
The documentation for the python CGI module suffers from a cross site scripting vulnerability.
12070a3cded8397a9c1036c6ffa17c97d5ef5a584b91e3216867995ff23654e8
Sagemath version 9.0 suffers from overflow and denial of service vulnerabilities.
cd33738d86983c0d334c06354102833ee1f1e36d4ad569b092958d9f143920da
pari/gp versions 2.9.1 on Debian Stretch and 2.11 on Debian Buster allow arbitrary file write and hence arbitrary code execution.
ffffda78c0913f524e10b48ae7dd7f2a88fb017e7d948c4b48b4348c11a63e02
PunBB with SQLite appears to store its database within the webroot, allowing it to be retrieved by attackers.
69a176611a21eebbc0aee350ecc71ddb18f3ad9ba64256f148c25a06a3685d57
Apple Safari remote denial of service exploit for the iPhone / OSX / Windows.
bcf3762c17722ccbd9badf01735132e76fff0d22715bdb3bc81c0734638e143f
POC for a possible integer overflow bug in konqueror 3.5-latest.
00263bb5a228545e88b8e05dee01534319248a7271970aec28977e1612e8fbe9
Various flaws exist with qmail on 64 bit platforms. Exploits provided.
e78a21634f16badb4dc5b430ee69e8aaf02b0f216e92396bb8d94d3c093ddf2d
An integer overflow flaw exists in sys_epoll_wait in the Linux kernel 2.6 series in versions equal to or below 2.6.11. Sample exploitation provided.
d083ba6efdf8af859e7ea6c1a4962bccf506a55a0eb627d60abf4685586d6b1a
Linux v2.6.10 and below kernel exploit which allows non-privileged users to read kernel memory.
64668cf27bf96d59d1d1f9aeceaa70ae1834d86bc88475e6ae009a8b38a70a8b
Georgi Guninski security advisory #71 - By opening html in IE it is possible to read at least well formed xml from arbitrary servers. The info then may be transmitted.
e156bc37f51fe57421af3618c35923d4d1555d62766229c4eb0d0edca13f7471
Secunia Security Advisory - Details have been released about several vulnerabilities in Mozilla, Mozilla Firefox, and Thunderbird. These can potentially be exploited by malicious people to conduct cross-site scripting attacks, access and modify sensitive information, and compromise a user's system. These vulnerabilities reportedly affect versions prior to the following: Mozilla 1.7.3, Firefox 1.0PR, Thunderbird 0.8.
0a6ca10ffc4a3ba1127a2e7aff306ae4251a2daf157abd425b6d345403f1729d
There is denial of service in Apache httpd 2.0.49. It is possible to consume arbitrary amount of memory. On 64 bit systems with more than 4GB virtual memory this may lead to heap based buffer overflow whose exploitation is unclear at the moment.
a8cc5f8ac30aaea07627d9adc2917e311c049a9732c8e5df1d08b9e3855672e0
The version of mod_proxy shipped with Apache 1.3.31 and possibly earlier versions are susceptible to a buffer overflow via the Content-Length: header. This can lead to a denial of service and possible compromise of a vulnerable system.
4fd4a3dc2ff2887823678f53b78e0b6b9f804c4881d7f2160ca9ed11a8f808d5
Georgi Guninski has discovered a vulnerability in mod_ssl versions below 2.8.17, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Successful exploitation requires that the FakeBasicAuth option is enabled and that the malicious client certificate is issued from a trusted CA (Certificate Authority).
9510c3cbe496d79d6ba299e4a9cfefccde6cd32836986fc9c388bc98a38277d8
Two stack based buffer overflows exist in Exim 3.35. Both bugs need features enabled and are not in the default configuration. Proof of concept exploitation given.
353e702b40c92a2c6f894d544e776cf46bb65be439d7576759dac932b6645004
Georgi Guninski security advisory #65, 2004 - Qmail version 1.03 is susceptible to a couple attacks. A crash in qmail-smtpd occurs with a long SMTP session. The crash is not global, it affects only the current SMTP session. It is also possible to trigger a segmentation violation (SEGV) from the network.
10dae39fc506d25c870163518f0077627ecaf939966caa0aad04678186ced065
OpenBSD v3.3 and below local root and v3.4 local denial of service exploit which uses a kernel based stack overflow vulnerability in ICBS. Patch available for v3.3 here. Also works against OpenBSD v2.x.
02d1b6e6fd805a42150e80b21f685c51c4db5a62cb4d1d9e22b42e2992724a5c
Georgi Guninski Security Advisory #56, 2002 - It is possible to inject user supplied input to file descriptors 0 through 2, which in some cases (for example if the user is permitted to do su) leads to local root compromise. Includes C code which checks if your system is vulnerable.
5f384a32d95069e2a59cd9ac291811139c17cd24f6fb6bf2e1c41c048807c9f3
AIX shellcode that does an execve() of /bin/sh.
b148fe51945518e8a42791b283e7d596af3c65b818e4827df4c53d3d8dd094db
Georgi Guninski security advisory #53, 2002 - Two serious security vulnerabilities have been found in Microsoft Office XP. It is possible to embed active content (object + script) in HTML mail which is triggered if the user replies to or forwards mail. In addition, a bug in the Host() function of the spreadsheet allows creating files with arbitrary names and their content may be specified to some extent at which is sufficient to place an executable file (.hta) in user's startup directory which may lead to taking full control over user's computer.
3f49c6b96bb45bdcb1c169996f326348feabd1e79660329b74273529af5b2f1f