Lucene search
K

129 matches found

Cvelist
Cvelist
added 2020/04/06 2:56 p.m.18 views

CVE-2020-9473

The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 has a passwordless ftp ssh user. By using an exploit chain, an attacker with access to the network can get root access on the gateway...

7.1AI score0.01012EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2020/02/27 12:0 a.m.130 views

CVE-2020-6418

Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Recent assessments: J3rryBl4nks at March 04, 2020 4:42pm UTC reported: You would have to chain this vulnerability with a working sandbox escape in...

8.8CVSS0.3AI score0.78808EPSS
In wildExploits6References9
0day.today
0day.today
added 2019/11/20 12:0 a.m.86 views

iOS 12.4 - Sandbox Escape due to Integer Overflow in mediaserverd Exploit

mediaserverd has various media parsing responsibilities; its reachable from various sandboxes and is able to talk to interesting kernel drivers so is a valid target in an exploit chain. One of the services it vends is com.apple.audio.AudioFileServer, a fairly simple XPC service which will parse...

Exploits0
GithubExploit
GithubExploit
added 2019/09/29 7:8 a.m.174 views

Exploit for Improper Input Validation in Mozilla Firefox

Full chain exploit for CVE-2019-11708 & CVE-2019-9810 This is...

10CVSS9.5AI score0.55874EPSS
Exploits15
VulnCheck KEV
VulnCheck KEV
added 2019/09/26 12:0 a.m.3 views

VulnCheck KEV: CVE-2019-2215

Android Kernel contains a use-after-free vulnerability in binder.c that allows for privilege escalation from an application to the Linux Kernel. This vulnerability was observed chained with CVE-2020-0041 and CVE-2020-0069 under exploit chain "AbstractEmu."...

7.8CVSS7.2AI score0.72105EPSS
Exploits35References1
The Hacker News
The Hacker News
added 2019/09/24 2:43 p.m.87 views

1-Click iPhone and Android Exploits Target Tibetan Users via WhatsApp

A team of Canadian cybersecurity researchers has uncovered a sophisticated and targeted mobile hacking campaign that is targeting high-profile members of various Tibetan groups with one-click exploits for iOS and Android devices. Dubbed Poison Carp by University of Toronto's Citizen Lab, the...

Exploits0
myhack58
myhack58
added 2019/09/12 12:0 a.m.173 views

In-depth exploration found in the wild iOS exploit chain IV-vulnerability warning-the black bar safety net

Overview This exploit chain for iOS 12 – 12.1 version, when we found in the wild exploit of the chain, the two vulnerabilities are no official patch released. So we to an Apple reported two vulnerabilities in the 7 days after the iOS release 12. 1. 4 updated version. Here's the sandbox escape...

7.4AI score
Exploits0
myhack58
myhack58
added 2019/09/12 12:0 a.m.128 views

In-depth exploration found in the wild iOS exploit chain III-vulnerability warning-the black bar safety net

Overview This article exploits the chain's target is iOS 11-11. 4. 1, spanning nearly 10 months. This is what we observed first having a separate sandbox escape exploits chain. The sandbox escape vulnerability is libxpc in more serious security problem, wherein the reconstruction will lead to a W...

0.3AI score
Exploits0
myhack58
myhack58
added 2019/09/09 12:0 a.m.117 views

In-depth exploration found in the wild iOS exploit chain a-vulnerability warning-the black bar safety net

Series Foreword Project Zero One of the tasks is the analysis of the 0-day vulnerability, we often partner with other companies to find security vulnerabilities and submit, the final goal is to promote the popular system architecture of the security improvements to help protect throughout end...

8.1AI score0.15705EPSS
Exploits2
OSV
OSV
added 2019/09/05 10:15 p.m.3 views

CVE-2019-14224

An issue was discovered in Alfresco Community Edition 5.2 201707. By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to achieve remote code execution on the victim machine. The attacker must upload malicious Solr...

7.2CVSS7.7AI score0.0527EPSS
Exploits1References1
NVD
NVD
added 2019/09/05 10:15 p.m.19 views

CVE-2019-14224

An issue was discovered in Alfresco Community Edition 5.2 201707. By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to achieve remote code execution on the victim machine. The attacker must upload malicious Solr...

9CVSS7.6AI score0.0527EPSS
Exploits1References1
Prion
Prion
added 2019/09/05 10:15 p.m.22 views

Deserialization of untrusted data

An issue was discovered in Alfresco Community Edition 5.2 201707. By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to achieve remote code execution on the victim machine. The attacker must upload malicious Solr...

9CVSS7.5AI score0.0527EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/09/05 9:1 p.m.26 views

CVE-2019-14224

An issue was discovered in Alfresco Community Edition 5.2 201707. By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to achieve remote code execution on the victim machine. The attacker must upload malicious Solr...

7.6AI score0.0527EPSS
Exploits1References1
GoogleProjectZero
GoogleProjectZero
added 2019/08/29 12:0 a.m.71 views

In-the-wild iOS Exploit Chain 4

Posted by Ian Beer, Project Zero TL;DR This exploit chain supported iOS 12-12.1, although the two vulnerabilities were unpatched when we discovered the chain in the wild. It was these two vulnerabilities which we reported to Apple with a 7-day deadline, leading to the release of iOS 12.1.4. The...

7.5CVSS8.3AI score0.11029EPSS
Exploits1
GoogleProjectZero
GoogleProjectZero
added 2019/08/29 12:0 a.m.193 views

In-the-wild iOS Exploit Chain 5

Posted by Ian Beer, Project Zero TL;DR This exploit chain is a three way collision between this attacker group, Brandon Azad from Project Zero, and @S0rryMybad from 360 security. On November 17th 2018, @S0rryMybad used this vulnerability to win $200,000 USD at the TianFu Cup PWN competition...

7.8CVSS7.8AI score0.28548EPSS
Exploits4
ATTACKERKB
ATTACKERKB
added 2019/05/30 5:29 p.m.2 views

CVE-2018-9193

A researcher has disclosed several vulnerabilities against FortiClient for Windows version 6.0.5 and below, version 5.6.6, the combination of these vulnerabilities can turn into an exploit chain, which allows a user to gain system privileges on Microsoft Windows...

7.8CVSS5.6AI score0.00382EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/05/30 5:29 p.m.2 views

CVE-2018-9193

A researcher has disclosed several vulnerabilities against FortiClient for Windows version 6.0.5 and below, version 5.6.6, the combination of these vulnerabilities can turn into an exploit chain, which allows a user to gain system privileges on Microsoft Windows...

7.8CVSS5.8AI score0.00382EPSS
Exploits0References1
myhack58
myhack58
added 2019/04/22 12:0 a.m.58 views

A single click to achieve remote code execution: content management framework Drupal malicious image upload exploit chain analysis-vulnerability warning-the black bar safety net

Overview Recently, Drupal has released a set for the 7. x and 8. x version key patch. In the update, contains a set of vulnerabilities fix the vulnerabilities is our initial participation in the for the target of the vulnerability incentive program when submitted. These vulnerabilities can achiev...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2018/11/20 12:0 a.m.337 views

Richfaces 3.x Remote Code Execution

Original report+advisories: TITLE: ==================== Unauthenticated Remote Code execution in WebApps using Richfaces 3.X all versions. RESUME ==================== RichFaces Framework 3.X through 3.3.4 all versions is vulnerable to Expression Language EL Injection via UserResource resource,...

9.5AI score0.74171EPSS
Exploits6
Talos Blog
Talos Blog
added 2018/10/15 9:0 a.m.1711 views

Old dog, new tricks - Analysing new RTF-based campaign distributing Agent Tesla, Loki with PyREbox

This blog post was authored by Edmund Brumaghin and Holger Unterbrink with contributions from Emmanuel Tacheau. Executive Summary Cisco Talos has discovered a new malware campaign that drops the sophisticated information-stealing trojan called "Agent Tesla," and other malware such as the Loki...

9.3CVSS8.6AI score0.99945EPSS
Exploits62
Rows per page
Query Builder