macOS and iOS suffers from an out-of-bounds timestamp write in IOAccelCommandQueue2::processSegmentKernelCommand().

launchd on macOS and iOS suffer from a memory corruption issue due to a lack of bounds checking when parsing XPC messages.

macOS and iOS have a vulnerability with ImageIO where memory safety issues occur when processing OpenEXR images.

This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.

WebSploit is an advanced man-in-the-middle framework.

EnumJavaLibs is a tool that can be used to discover which libraries are loaded (i.e. available on the classpath) by a remote Java application when it supports deserialization.

10Strike LANState version 9.32 on x86 Host Check hostname SEH buffer overflow exploit.

The Megamos Crypto transponder is used in one of the most widely deployed electronic vehicle immobilizers. It is used among others in most Audi, Fiat, Honda, Volkswagen and Volvo cars. Such an immobilizer is an anti-theft device which prevents the engine of the vehicle from starting when the corresponding transponder is not present. This transponder is a passive RFID tag which is embedded in the key of the vehicle. In this paper, the authors have reverse-engineered all proprietary security mechanisms of the transponder, including the cipher and the authentication protocol which we publish here in full detail. This article reveals several weaknesses in the design of the cipher, the authentication protocol and also in their implementation.

XMB - eXtreme Message Board version 1.9.11.13 suffers from weak crypto and insecure password storage vulnerabilities.

This Metasploit module exploits an expression language remote code execution flaw in the Primefaces JSF framework. Primefaces versions prior to 5.2.21, 5.3.8 or 6.0 are vulnerable to a padding oracle attack, due to the use of weak crypto and default encryption password and salt.

The No cON Name 2019 call for papers has been announced. It will be held in Barcelona, Spain, from November 14th and 15th, 2019.

66 bytes small Linux/x86 Execve() alphanumeric shellcode.

This Metasploit module exploits an issue in Google Chrome version 80.0.3987.87 (64 bit). The exploit corrupts the length of a float array (float_rel), which can then be used for out of bounds read and write on adjacent memory. The relative read and write is then used to modify a UInt64Array (uint64_aarw) which is used for read and writing from absolute memory. The exploit then uses WebAssembly in order to allocate a region of RWX memory, which is then replaced with the payload shellcode. The payload is executed within the sandboxed renderer process, so the browser must be run with the --no-sandbox option for the payload to work correctly.

232 bytes small Dynamic MessageBoxA||W PEB and Import Table Method shellcode.

FIBARO System Home Center version 5.021 suffers from cross site scripting and remote file inclusion vulnerabilities.

LimeSurvey version 4.1.11 suffers from a File Manager path traversal vulnerability.