1075 matches found
CVE-2018-10576
An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15. Improper authentication handling by the native Access Point web UI allows authentication using a local system account instead of the dedicated web-only user...
CVE-2018-10361
An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor's kauthktexteditorhelper service as utilized in the Kate text editor can allow other unprivileged users on the local system to gain root privileges. The attack occurs when one use...
CVE-2018-10361
An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor's kauthktexteditorhelper service as utilized in the Kate text editor can allow other unprivileged users on the local system to gain root privileges. The attack occurs when one use...
Privilege escalation
An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor's kauthktexteditorhelper service as utilized in the Kate text editor can allow other unprivileged users on the local system to gain root privileges. The attack occurs when one use...
CVE-2018-10361
An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor's kauthktexteditorhelper service as utilized in the Kate text editor can allow other unprivileged users on the local system to gain root privileges. The attack occurs when one use...
Microsoft Malware Protection Engine Remote Code Execution (CVE-2018-0986)
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption .An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the Local Syst...
WebLog Expert Enterprise 9.4 - Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits Exploit Author: bzyo Twitter: @bzyo Exploit Title: WebLog Expert Enterprise 9.4 - Privilege Escalation Vulnerable Software: WebLog Expert Enterprise 9.4 Vendor Homepage: https://www.weblogexpert.com/ Version: 9.4 Software Link:...
WebLog Expert Enterprise 9.4 - Privilege Escalation
WebLog Expert Enterprise 9.4 - Privilege Escalation Exploit Author: bzyo Twitter: @bzyo Exploit Title: WebLog Expert Enterprise 9.4 - Privilege Escalation Date: 03-31-2018 Vulnerable Software: WebLog Expert Enterprise 9.4 Vendor Homepage: https://www.weblogexpert.com/ Version: 9.4 Software Link:...
WebLog Expert Enterprise 9.4 - Privilege Escalation
Exploit Author: bzyo Twitter: @bzyo Exploit Title: WebLog Expert Enterprise 9.4 - Privilege Escalation Date: 03-31-2018 Vulnerable Software: WebLog Expert Enterprise 9.4 Vendor Homepage: https://www.weblogexpert.com/ Version: 9.4 Software Link: https://www.weblogexpert.com/download.htm Tested On:...
WebLog Expert Enterprise 9.4 Privilege Escalation
Exploit Author: bzyo Twitter: @bzyo Exploit Title: WebLog Expert Enterprise 9.4 - Privilege Escalation Date: 03-31-2018 Vulnerable Software: WebLog Expert Enterprise 9.4 Vendor Homepage: https://www.weblogexpert.com/ Version: 9.4 Software Link: https://www.weblogexpert.com/download.htm Tested On:...
PowerShell Runspace Post Exploitation Toolkit: p0wnedShell
p0wnedShell is an offensive PowerShell host application written in C that does not rely on powershell.exe but runs powershell commands and functions within a powershell runspace environment .NET. It has a lot of offensive PowerShell modules and binaries included to make the process of Post...
Ubiquiti Inc.: UniFi Video Server web interface admin user Firmware Update path traversal leading to local system compromise
The UniFi Video Server for Windows web interface Firmware Update functionality, under certain circumstances, does not validate firmware download destinations to ensure they are within the intended destination directory tree. It accepts a request with a URL to firmware update information. If the...
LabF nfsAxe 3.7 - Privilege Escalation Exploit
Exploit for windows platform in category local exploits Exploit Author: bzyo Twitter: @bzyo Exploit Title: LabF nfsAxe 3.7 - Privilege Escalation Date: 03-24-2018 Vulnerable Software: LabF nfsAxe 3.7 Vendor Homepage: http://www.labf.com/ Version: 3.7 Software Link:...
LabF nfsAxe 3.7 - Privilege Escalation
LabF nfsAxe 3.7 - Privilege Escalation Exploit Author: bzyo Twitter: @bzyo Exploit Title: LabF nfsAxe 3.7 - Privilege Escalation Date: 03-24-2018 Vulnerable Software: LabF nfsAxe 3.7 Vendor Homepage: http://www.labf.com/ Version: 3.7 Software Link: http://www.labf.com/download/nfsaxe.exe Tested O...
LabF nfsAxe 3.7 Privilege Escalation
Exploit Author: bzyo Twitter: @bzyo Exploit Title: LabF nfsAxe 3.7 - Privilege Escalation Date: 03-24-2018 Vulnerable Software: LabF nfsAxe 3.7 Vendor Homepage: http://www.labf.com/ Version: 3.7 Software Link: http://www.labf.com/download/nfsaxe.exe Tested On: Windows 7 x86 and x64 Requires Windo...
Linux Kernel _sctp_make_chunk() Denial Of Service Vulnerability
Secunia Research has discovered a vulnerability in Linux Kernel, which can be exploited by malicious, local users to cause a DoS Denial of Service. An error in the "sctpmakechunk" function net/sctp/smmakechunk.c when handling SCTP packets length can be exploited to cause a kernel crash. The...
Incorrect Default Permissions
npm is vulnerable to authorization bypass. During installation, the file access permissions on the local system are bypassed due to a change in ownership of the /etc/ and /usr directories, allowing a malicious file system access...
IBM Remote Control Elevation of Privilege Vulnerability
IBM Remote Control is a remote control management program from IBM USA. The program is able to remotely manage and control a large number of servers or PCs. An elevation of privilege vulnerability exists in IBM Remote Control version 9.1.4. A local attacker can exploit this vulnerability to execu...
CVE-2017-1233
IBM Remote Control v9 could allow a local user to use the component to replace files to which he does not have write access and which he can cause to be executed with Local System or root privileges. IBM X-Force ID: 123912...
CVE-2017-1233
IBM Remote Control v9 could allow a local user to use the component to replace files to which he does not have write access and which he can cause to be executed with Local System or root privileges. IBM X-Force ID: 123912...