Linux/ppc shellcode which connects /bin/sh to a host. connect-core5.s is appended.

execve /bin/sh shellcode for Linux PPC. execve-core.s is appended.

read(0,stack,1028); stack(); shellcode for Linux PPC. readnexecppc-core.s appended.

CoronaBlue aka SMBGhost proof of concept exploit for Microsoft Windows 10 (1903/1909) SMB version 3.1.1. This script connects to the target host, and compresses the authentication request with a bad offset field set in the transformation header, causing the decompresser to buffer overflow and crash the target.

Microsoft Windows suffers from an NtFilterToken ParentTokenId incorrect setting that allows for elevation of privileges.

ASP.NET Core version 5.-RC1 suffers from an HTTP header injection vulnerability.

macOS and iOS have an ImageIO heap corruption issue when processing malformed PVR images.

launchd on macOS and iOS suffer from a memory corruption issue due to a lack of bounds checking when parsing XPC messages.

A remote iOS / macOS heap corruption issue exists due to insufficient bounds checking in AWDL.

Lotus Core CMS version 1.0.1 suffers from a local file inclusion vulnerability.

NICE Recording eXpress versions 6.0.x, 6.1.x, 6.2.x, 6.3.x, and 6.5.x suffer from cross site scripting, root backdoor, unauthenticated access, fail authorization, insecure cookie handling, and remote SQL injection vulnerabilities.

Grub2 has grub2-set-bootflag setuid in the new Fedora release and has the ability to corrupt the environment.

The ByteComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of "dataOffsets[]" boundary checks. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.

The ShortComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of "dataOffsets[]" boundary checks when the "numDataElements" field is 0. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.