CVE-2020-0069

In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

MGASA-2020-0076 Updated mgetty packages fix security vulnerability

Updated mgetty package fixes security vulnerability: mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impact is: DoS, the program does never terminates. The component is: g3/g32pbm.c. The attack vector is: Local, the user should open a specially crafted file CVE-2019-1010189...

CVE-2014-7302

SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to change the permissions of arbitrary files by executing /opt/sgi/sgimc/bin/vx...

CVE-2014-7302

The CVE-2014-7302 entry concerns SGI Tempo on SGI ICE-X systems where the /opt/sgi/sgimc/bin/vx binary has insecure SUID root permissions (example: -rwsr-sr-x 1 root root). This allows low-privileged local users to escalate to root by executing vx and applying its permission-changing capabilities...

CVE-2018-1000876

binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfdgetdynamicrelocupperbound,bfdcanonicalizedynamicreloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be...

CVE-2019-2228

In arrayfind of array.c, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to local information disclosure in the printer spooler with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

NewStart CGSL CORE 5.04 / MAIN 5.04 : binutils Multiple Vulnerabilities (NS-SA-2019-0187)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has binutils packages installed that are affected by multiple vulnerabilities: - An issue was discovered in armpt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangli...

CVE-2019-0061

The management daemon MGD is responsible for all configuration and management operations in Junos OS. The Junos CLI communicates with MGD over an internal unix-domain socket and is granted special permission to open this protected mode socket. Due to a misconfiguration of the internal socket, a...

CVE-2019-9373

In JobStore, there is a mismatched serialization/deserialization for the "battery-not-low" job attribute. This could lead to a local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID:...

Information disclosure

In SyncStatusObserver, there is a possible bypass for operating system protections that isolate user profiles from each other due to a missing permission check. This could lead to local limited information disclosure with no additional execution privileges needed. User interaction is not needed f...

Microsoft Windows 10 UAC Protection Bypass Via Windows Store

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows 10 UAC Protection Bypass Via Windows Store WSReset.exe', 'Description' = %q This module exploits a flaw in the WSReset.exe Windows Store...

ktsuss 1.4 - suid Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ktsuss suid Privilege Escalation', 'Description' = %q This module attempts to gain root privileges by exploiting a vulnerability in ktsuss versio...

ktsuss Suid Privilege Escalation Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ktsuss suid Privilege Escalation', 'Description' = %q This module attempts to gain root privileges by exploiting a vulnerability in ktsuss versio...

CVE-2019-15752

CVE-2019-15752 affects Docker Desktop Community Edition prior to 2.1.0.1. A local attacker can escalate privileges by placing a Trojan horse docker-credential-wincred.exe in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, then rely on an admin/service user authenticating with Do...

CVE-2019-14393

CVE-2019-14393 affects cPanel prior to version 80.0.5, where insecure cpphp execution allows local code execution in the context of a different cPanel account (SEC-486). Root cause is insecure cpphp execution. Impact is described as local code execution; exploitation status is not provided in the...

Linux Kernel 4.15.x < 4.19.2 - map_write() CAP_SYS_ADMIN Local Privilege Escalation (ldpreload)

Exploit for linux platform in category local exploits !/bin/sh EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47166.zip wrapper for Jann Horn's exploit for CVE-2018-18955 uses ld.so.preload technique ---...

MacOS X #TimeMachine - (tmdiagnose) Command Injection Privilege Escalation Exploit #RCE

Exploit for macOS platform in category local exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mac OS X TimeMachine tmdiagnose Command Injection Privilege Escalation', 'Description' = %q...

Exploit for OS Command Injection in Exim

PoC-CVE-2019-10149Exim MNEMO-CERT ha desarrollado una PoC que...

ProShow 9.0.3797 Privilege Escalation

!/usr/bin/python coding:utf-8 Exploit Title: ProShow v9.0.3797 Local Exploit Exploit Author: @YonatanCorrea website with details: https://risataim.blogspot.com/2019/06/exploit-local-para-proshow.html Vendor Homepage: http://www.photodex.com/ProShow Software Link:...

CVE-2019-2053

In wnmparseneighborreportelem of wnmsta.c, there is a possible out-of-bounds read due to missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0...