Boxoft Convert Master 1.3.0 wav SEH Local Exploit

Exploit Title: Boxoft Convert Master 1.3.0 wav SEH Local Exploit Date: 17.09.2020 Vendor Homepage: http://www.boxoft.com/ Software Link: http://www.boxoft.com/convert-master/setupboxoft-convert-master.exe Exploit Author: Achilles Tested Version: 1.3.0 Tested on: Windows 7 x64 1.- Run python code...

Information disclosure

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, an attacker would have to eithe...

UBUNTU-CVE-2020-25211

In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink.c, aka CID-1cc5ef91d2ff...

CVE-2020-3388

A vulnerability in the CLI of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating t...

kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c

A flaw was found in the way the mwifiexcmdappendvsietlv in Linux kernel's Marvell WiFi-Ex driver handled vendor specific information elements. A local user could use this flaw to escalate their privileges on the system...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796-SMB 该资源为CVE-2020-0796漏洞复现，包括Python版本和C++版本。主要是集合了github大神们的资源，希望您喜欢 C++ Python EXP POC 漏洞利用： - 本地EXP提权：https://github.com/danigargu/CVE-2020-0796 - 本地EXE提权: https://github.com/f1tz/CVE-2020-0796-LPE-EXP - POC版本提权： https://github.com/eerykitty/CVE-2020-0796-PoC -...

CVE-2020-13431

CVE-2020-13431 affects I2P before 0.9.46. Local privilege escalation via a Trojan horse I2PSvc.exe is possible due to weak permissions on a specific %PROGRAMFILES% subdirectory. CVSS vectors indicate high impact (C/H/I/H) with local access, low attack complexity, and no user interaction required....

PT-2020-1257 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.8 Description: The issue is related to a use-after-free vulnerability in the fs/block dev.c file of the Linux kernel. This vulnerability can be exploited by local users to gain privileges or cause a denial of...

Out-of-bounds

In BnAAudioService::onTransact of IAAudioService.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

Elevation of Privilege Vulnerability in Linux Kernel (CNVD-2020-32597)

The Linux Kernel is a computer operating system kernel written in C and assembly languages, compliant with the POSIX standard, and distributed under the GNU General Public License. Linux Kernel suffers from an elevation of privilege vulnerability that can be exploited by an attacker to cause a...

Qualys Security Advisory - Qmail Remote Code Execution

Qualys Security Advisory 15 years later: Remote Code Execution in qmail CVE-2005-1513 ======================================================================== Contents ======================================================================== Summary Analysis Exploitation qmail-verify - CVE-2020-38...

ALPINE-CVE-2020-0093

In exifdatasavedataentry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0...

CVE-2020-12463

Avira Software Updater prior to 2.0.6.27476 is affected by an elevation of privilege due to improper handling of file hard links. This allows local users to take control of arbitrary files. CVSSv3.1 base score 7.8 (LOCAL, HIGH impact on confidentiality/integrity/availability); no exploit details ...

ALLPlayer 7.6 Buffer Overflow

Exploit Title: ALLPlayer v7.6 Local Buffer Overflow SEHUnicode Version: 7.6 Date: 20-04-2020 Exploit Author: Xenofon Vassilakopoulos Tested on: Windows 7 Home Premium SP1 x86 Steps to reproduce : 1. generate the test.m3u using this exploit 2. open ALLPlayer then go to Open audio file 3. load the...

Denial Of Service (DoS)

The kernel is vulnerable to Denial Of Service DoS. The attack is possible because a NULL pointer dereference flaw in ftraceregexlseek in the Linux kernel's ftrace implementation could allow a local, unprivileged user to cause a denial of service. Note: The debugfs file system must be mounted...

CVE-2020-1885

Writing to an unprivileged file from a privileged OVRRedir.exe process in Oculus Desktop before 1.44.0.32849 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file...

Microsoft Server Message Block 3.1.1 (SMBv3) Compression Buffer Overflow Exploit

A vulnerability exists within the Microsoft Server Message Block 3.1.1 SMBv3 protocol that can be leveraged to execute code on a vulnerable server. This local exploit implementation leverages this flaw to elevate itself before injecting a payload into winlogon.exe. This module requires Metasploit...

SMBv3 Compression Buffer Overflow

A vulnerability exists within the Microsoft Server Message Block 3.1.1 SMBv3 protocol that can be leveraged to execute code on a vulnerable server. This local exploit implementation leverages this flaw to elevate itself before injecting a payload into winlogon.exe. This module requires Metasploit...

CVE-2020-0505

CVE-2020-0505 is an Intel Graphics Drivers vulnerability involving an improper conditions check. Affected before versions include 15.33.49.5100, 15.36.38.5117, 15.40.44.5107, 15.45.30.5103, and 26.20.100.7212. Exploitation could allow an authenticated local user to cause information disclosure an...

CVE-2020-0069

In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...