Exploit for Use After Free in Google Android

CVE-2019-2215 Temproot for Bravia TV via CVE-2019-2215. Ov...

CVE-2019-19495

The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable to DNS rebinding, which allows a remote attacker to configure the cable modem via JavaScript in a victim's browser. The attacker can then configure the cable modem to port forward the modem's internal TELNET server, allowing...

CVE-2019-19495

The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable to DNS rebinding, which allows a remote attacker to configure the cable modem via JavaScript in a victim's browser. The attacker can then configure the cable modem to port forward the modem's internal TELNET server, allowing...

CVE-2019-19495

The CVE-2019-19495 entry concerns the Technicolor TC7230 STEB 01.25 web interface. It describes a DNS rebinding vulnerability that allows a remote attacker, via JavaScript in a victim’s browser, to reconfigure the cable modem and enable port-forwarding of the internal TELNET server, potentially g...

CVE-2019-16273

DTEN D5 and D7 before 1.3.4 devices allow unauthenticated root shell access through Android Debug Bridge adb, leading to arbitrary code execution and system administration. Also, this provides a covert ability to capture screen data from the Zoom Client on Windows by executing commands on the...

Cisco IOS XE Software User EXEC Mode Root Shell Access Multiple Vulnerabilities (cisco-sa-20180328-privesc1)

According to its self-reported version, Cisco IOS XE Software is affected by multiple vulnerabilities in the CLI parser due to improper sanitization of command arguments to prevent access to internal data structures on a device. An authenticated, local attacker with user EXEC mode access to an...

Mersive Solstice 2.8.0 - Remote Code Execution

Mersive Solstice 2.8.0 - Remote Code Execution Exploit Title: Mersive Solstice 2.8.0 - Remote Code Execution Google Dork: N/A Date: 2016-12-23 Exploit Author: Alexandre Teyar Vendor Homepage: https://www2.mersive.com/ Firmware Link:...

Exploit for Use After Free in Google Android

CVE-2019-2215 Temproot for Pixel 2 and Pixel 2 XL via CVE-...

CVE-2019-16103

Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows privilege escalation by administrators from the menu to a root Bash OS shell via the spsshell feature...

F5 Networks BIG-IP : F5 tmsh vulnerability (K40378764)

"Authenticated users with the ability to upload files via scp, for example can escalate their privileges to allow root shell access from within the TMOS Shell tmsh interface. The tmsh interface allows users to execute a secondary program via tools like sftp or scp . CVE-2019-6642 Impact...

Exploit for Race Condition in Canonical Ubuntu_Linux

This is a PoC exploit for CVE-2016-5195, a vulnerability in the Linux kernel that allows for a local privilege escalation. The exploit is implemented in C++ and has been ported to Go and a legacy version without C++11 features. The exploit modifies the /etc/passwd file, forcing the password...

Cisco Small Business 220 Series Smart Switches Input Validation Error Vulnerability

Cisco Small Business 220 Series Smart Switches is a small smart switch device from Cisco USA. An input validation error vulnerability exists in Cisco Small Business 220 Series Smart Switches. An attacker can exploit this vulnerability by sending a malicious HTTP or HTTPS request to execute...

Deepin Linux 15 - lastore-daemon Local Privilege Escalation Exploit

Exploit for multiple platform in category local exploits !/bin/bash Deepin Linux 15.5 lastore-daemon D-Bus Local Root Exploit The lastore-daemon D-Bus configuration on Deepin Linux 15.5 permits any user in the sudo group to install arbitrary packages without providing a password, resulting in cod...

ASAN / SUID - Local Privilege Escalation Exploit

Exploit for multiple platform in category local exploits !/bin/bash unsanitary.sh - ASAN/SUID Local Root Exploit Exploits er, unsanitized env var passing in ASAN which leads to file clobbering as root when executing setuid root binaries compiled with ASAN. Uses an overwrite of /etc/ld.so.preload ...

CVE-2019-12325

The Htek UC902 VoIP phone web management interface contains several buffer overflow vulnerabilities in the firmware version 2.0.4.4.46, which allow an attacker to crash the device DoS without authentication or execute code authenticated as a user to spawn a remote shell as a root user...

Command Execution Vulnerability in Arifang Technology 4G Module Performance King N720

Shenzhen Youfang Technology Co., Ltd. is an enterprise focusing on M2M IoT wireless communication products and services, providing industrial module products and related services in GPRS, CDMA 1X, WCDMA, EVDO, LTE and other communication standards. A command execution vulnerability exists in the ...

Unauthorized Access Vulnerability in Communication Module CLM920_NC5 of Shanghai Haige Information Technology Co.

Ltd. is engaged in the research, development, production and operation of 3G/3.75G/4G/NB communication module, which is a communication module company with a patch production factory. An unauthorized access vulnerability exists in communication module CLM920NC5 of Shanghai Haige Information...

CVE-2019-6642

In BIG-IP 15.0.0, 14.0.0-14.1.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.2, and 11.5.2-11.6.4, BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, authenticated users with the ability to upload files via scp, for example can escalate their privileges to allow root shell...

Authentication flaw

In BIG-IP 15.0.0, 14.0.0-14.1.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.2, and 11.5.2-11.6.4, BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, authenticated users with the ability to upload files via scp, for example can escalate their privileges to allow root shell...

CVE-2019-6642

In BIG-IP 15.0.0, 14.0.0-14.1.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.2, and 11.5.2-11.6.4, BIG-IQ 6.0.0-6.1.0 and 5.1.0-5.4.0, iWorkflow 2.3.0, and Enterprise Manager 3.1.1, authenticated users with the ability to upload files via scp, for example can escalate their privileges to allow root shell...