Linux Kernel 4.4 - 'rtnetlink' Stack Memory Disclosure

/ Briefs - CVE-2016-4486 has discovered and reported by Kangjie Lu. - This is local exploit against the CVE-2016-4486. Tested version - Distro : Ubuntu 16.04 - Kernel version : 4.4.0-21-generic - Arch : x8664 Prerequisites - None Goal - Leak kernel stack base address of current process by...

PDF Explorer 1.5.66.2 - SEH Local Exploit

Exploit for windows platform in category local exploits Exploit Title: PDF Explorer SEH Local Exploit Original Discovery:Gionathan "John" Reale DoS exploit Exploit Author: Achilles Date: 18-12-2018 Vendor Homepage: http://www.rttsoftware.com/ Software Link:...

Emacs - movemail Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Emacs movemail Privilege Escalation', 'Description' = %q This module exploits a SUID installation of the Emacs movemail utility to run a command ...

CVE-2018-7113

A security vulnerability in HPE Integrated Lights-Out 5 iLO 5 prior to v1.37 could be locally exploited to bypass the security restrictions for firmware updates...

Linux Kernel 4.8 (Ubuntu 16.04) sctp Kernel Pointer Leak

Exploit Title: Linux Kernel 4.8 Ubuntu 16.04 - Leak sctp kernel pointer Google Dork: - Date: 2018-11-20 Exploit Author: Jinbum Park Vendor Homepage: - Software Link: - Version: Linux Kernel 4.8 Ubuntu 16.04 Tested on: 4.8.0-36-generic 3616.04.1-Ubuntu SMP Sun Feb 5 09:39:57 UTC 2017 x8664 x8664...

Linux Kernel 4.8 (Ubuntu 16.04) - Leak sctp Kernel Pointer

Linux Kernel 4.8 Ubuntu 16.04 - Leak sctp Kernel Pointer / Exploit Title: Linux Kernel 4.8 Ubuntu 16.04 - Leak sctp kernel pointer Google Dork: - Date: 2018-11-20 Exploit Author: Jinbum Park Vendor Homepage: - Software Link: - Version: Linux Kernel 4.8 Ubuntu 16.04 Tested on: 4.8.0-36-generic...

Linux Kernel 4.8 (Ubuntu 16.04) - Leak sctp Kernel Pointer

/ Exploit Title: Linux Kernel 4.8 Ubuntu 16.04 - Leak sctp kernel pointer Google Dork: - Date: 2018-11-20 Exploit Author: Jinbum Park Vendor Homepage: - Software Link: - Version: Linux Kernel 4.8 Ubuntu 16.04 Tested on: 4.8.0-36-generic 3616.04.1-Ubuntu SMP Sun Feb 5 09:39:57 UTC 2017 x8664 x8664...

DENX U-Boot Buffer Overflow Vulnerability (CNVD-2019-00332)

DENX Software Engineering Das U-Boot is a set of bootloaders from DENX Software Engineering, Germany, that can read device configurations from AES encrypted files. A buffer overflow vulnerability exists in the network image boot in DENX Software Engineering Das U-Boot, which stems from the progra...

CVE-2018-18439

DENX U-Boot (through 2018.09-rc1) is affected by CVE-2018-18439 due to a remotely exploitable buffer overflow in TFTP handling and an additional local exploit path via a crafted kernel image. The vulnerability enables network-triggered overflow via a malicious TFTP server and also allows local ex...

Double free

In driveroverridestore and driveroverrideshow of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel...

ASRock Drivers - Privilege Escalation

ASRock Drivers - Privilege Escalation SecureAuth - SecureAuth Labs Advisory http://www.secureauth.com/ ASRock Drivers Elevation of Privilege Vulnerabilities 1. Advisory Information Title: ASRock Drivers Elevation of Privilege Vulnerabilities Advisory ID: CORE-2018-0005 Advisory URL:...

DEBIAN-CVE-2018-18398

Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within File Manager, leading to an out-of-bounds read and SEGV. This could potentially be exploited by an arbitrary local user who creates files in /tmp before the victim uses this input method...

Snes9K 0.0.9z - Buffer Overflow (SEH)

Exploit Title: Snes9K 0.0.9z - Buffer Overflow SEH Date: 2018-10-13 Exploit Author: Abdullah Alıç Vendor Homepage: https://sourceforge.net/projects/snes9k/ Software Link: https://sourceforge.net/projects/snes9k/files/latest/download Version: 0.0.9z Tested on: Windows XP Professional sp3ENG...

ifwatchd - Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ifwatchd Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on QNX 6.4.x and 6.5.x systems by exploiting the...

UBUNTU-CVE-2018-17977

The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTOAH packets, and IPPROTOIP packets, which allows local users to cause a denial of service memory consumption and system hang by leveraging root access to execute crafted applications, as demonstrated on...

Snes9K 0.0.9z - Denial of Service (PoC) Exploit

Exploit for windows platform in category dos / poc Exploit Title: Snes9K 0.0.9z - Denial of Service PoC Exploit Author: crashmanucoot Vendor Homepage: https://sourceforge.net/projects/snes9k/ Software Link: https://sourceforge.net/projects/snes9k/files/latest/download Version: 0.0.9z Tested on:...

New Linux Kernel Bug Affects Red Hat, CentOS, and Debian Distributions

Security researchers have published the details and proof-of-concept PoC exploits of an integer overflow vulnerability in the Linux kernel that could allow an unprivileged user to gain superuser access to the targeted system. The vulnerability, discovered by cloud-based security and compliance...

CVE-2018-10501

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

Cisco AnyConnect Secure Mobility Client 4.6.01099 - Introducir URL Denial of Service Exploit

Exploit for iOS platform in category dos / poc Exploit Title: Cisco AnyConnect Secure Mobility Client 4.6.01099 - 'Introducir URL' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: https://www.cisco.com/ Software Link: App Store for iOS devices Tested Version: 4.6.01099...

Design/Logic Flaw

Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use After Free vulnerability in cJSON library that can result in Possible crash, corruption of data or even RCE. This attack appear to be exploitable via Depends on how application uses cJSON library. If application provides network...