WaR

2 exploits Active since May 2000

CVE-2024-38532 WRITEUP HIGH WRITEUP

usbarmory/mxs-dcp >= commit 6151, < commit 26a7 - Use of Hard-coded Cryptographic Key in dcp_tool

The NXP Data Co-Processor (DCP) is a built-in hardware module for specific NXP SoCs¹ that implements a dedicated AES cryptographic engine for encryption/decryption operations. The dcp_tool reference implementation included in the repository selected the test key, regardless of its `-t` argument. This issue has been patched in commit 26a7.

CVSS 7.1

View Code

CVE-2000-0438 EXPLOITDB c WORKING POC

Caldera OpenLinux - Buffer Overflow in fdmount via Long Mountpoint Parameter

Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter.

View Code