Security Experts:

Connect with us

Hi, what are you looking for?


Malware & Threats

Malvuln Project Catalogues Vulnerabilities Found in Malware


A researcher has launched Malvuln, a project that catalogues vulnerabilities discovered in malware and provides information on how those vulnerabilities can be exploited.


A researcher has launched Malvuln, a project that catalogues vulnerabilities discovered in malware and provides information on how those vulnerabilities can be exploited.

Malvuln is the creation of security researcher John Page (aka hyp3rlinx), who told SecurityWeek that he came up with the idea when he got bored during a COVID-19 lockdown.

The Malvuln website currently has 26 entries describing remotely exploitable buffer overflow vulnerabilities and privilege escalation flaws related to insecure permissions. The list of targeted malware includes backdoors and trojans, as well as one email worm (Zhelatin). A vast majority of the buffer overflow bugs can be exploited for remote code execution, the expert said.

Each entry contains the name of the malware, its associated hash, the type of vulnerability, a brief description of the flaw, dropped files, a memory dump, and proof-of-concept (PoC) exploit code.

The researcher said he found all the vulnerabilities currently in the Malvuln database himself, but he suggested on Twitter that at some point — depending on where the project goes — he could also start accepting third-party contributions.

Page told SecurityWeek that the information hosted on Malvuln could turn out to be useful to incident response teams to “eradicate a malware without touching the machine if it’s a remote exploit.” He added that it “may eventually pit a malware vs malware situation.”

He hopes that the project will be useful to the infosec community, but others caution that it could also help bad actors. Greg Leah, director of threat intelligence at attribution intelligence and response firm HYAS, says the information could also be useful to malware developers and it could hamper ongoing research into malicious activity.

Malvuln tweet

Related: Community Project Crushes 100,000 Malware Sites in 10 Months

Related: University Project Tracks Ransomware Attacks on Critical Infrastructure

Related: Free Microsoft Service Looks at OS Memory Snapshots to Find Malware

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.