Microsoft Windows CLFS Elevation of Privilege (MS16-134: CVE-2016-7184)

An elevation of privilege vulnerability has been reported in Microsoft Windows. The vulnerability is due to an malformed blf file, which could be abused by attackers to gain local privilege escalation. The attacker must entice the victim to run an executable file to exploit this vulnerability...

Microsoft Windows VHDFS Driver Elevation of Privilege (MS16-138: CVE-2016-7226)

An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is due to insufficient specification for a certain flag. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted executable...

Microsoft Windows VHDFS Driver Elevation of Privilege (MS16-138: CVE-2016-7225)

An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is due to insufficient specification for a certain flag. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted executable...

Microsoft Windows Driver CLFS Elevation Of Privilege (MS16-134: CVE-2016-3332)

An elevation of privilege vulnerability has been reported in Microsoft Windows. The vulnerability is due to an malformed blf file, which could be abused by attackers to gain local privilege escalation. The attacker must entice the victim to run an executable file to exploit this vulnerability...

Moodle Arbitrary File Upload Vulnerability (CNVD-2016-10744)

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. An arbitrary file upload vulnerability exists in the dual extension support in the ima...

CVE-2016-9186

Unrestricted file upload vulnerability in the "legacy course files" and "file manager" modules in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors...

Unrestricted file upload

Unrestricted file upload vulnerability in the double extension support in the "image" module in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors...

Unrestricted file upload

Unrestricted file upload vulnerability in the "legacy course files" and "file manager" modules in Moodle 3.1.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, and then accessing it via unspecified vectors...

NVIDIA GeForce Experience Stack Buffer Overflow Vulnerability

NVIDIA GeForce Experience is a suite of automatic graphics card update tools from NVIDIA. A stack buffer overflow vulnerability exists in NVIDIA GeForce Experience. An attacker can exploit this vulnerability with an executable path to cause a denial of service or elevation of privilege...

NVIDIA Driver - Unchecked User-Provided Pointer in Escape 0x5000027

NVIDIA Driver - Unchecked User-Provided Pointer in Escape 0x5000027 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=937 The DxgkDdiEscape handler for 0x5000027 accepts a user provided pointer, but does no checks on it before using it. ... DWORD userptr = escape5000027data-userpt...

NO-IP DUC v4.1.1 Unquoted Service Path Privilege Escalation Exploit

Exploit Title : NO-IPprivilegescalation.rb - 'Unquoted Service Path Privilege Escalation' PDF Version : 4.1.1 vuln Discover : Ehsan Hosseini Module Author : pedr0 Ubuntu r00t-3xp10it Tested on : Windows 7 Professional Software Link : http://www.noip.com/client/DUCSetupv411.exe DESCRIPTION NO-IP D...

PDF Complete Office Edition 4.1.12 - Unquoted Service Path Privilege Escalation Exploit

Exploit Title : PDFcompletecorporateedition.rb - 'Unquoted Service Path Privilege Escalation' PDF Version : 4.1.12 vuln Discover : Joey Lane Module Author : pedr0 Ubuntu r00t-3xp10it Tested on : Windows 7 Professional Software Link : http://www.pdfcomplete.com/cms/Downloads.aspx "This was tested ...

Windows Atom Tables Can Be Abused for Code Injection Attacks

Researchers have identified a way attackers could use atom tables in all versions of Windows to inject malicious code into a computer and bypass detection by security products at the same time. The technique has been nicknamed AtomBombing by researchers at enSilo, and opens the door to perform...

CleanMyPC Unquoted Service Path Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits Exploit Title: CleanMyPC Unquoted Service Path Privilege Escalation Date: 20/10/2016 Exploit Author: Federico Zambito Vendor Homepage: http://macpaw.com/cleanmypc Software Link: http://macpaw.com/cleanmypc Version: 1.7.4.258 Tested on: Windo...

PDF Complete 4.1.12 Corporate Edition Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits Exploit Title: PDF Complete Corporate Edition - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Software Link: http://www.pdfcomplete.com/cms/Downloads.aspx Version: 4.1.12 Tested on: Windows 7...

Vembu StoreGrid 4.0 Privilege Escalation

Exploit Title: Vembu StoreGrid - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 4.0 Tested on: Windows Server 2012 StoreGrid is a re-brandable backup solution, which can install 2 services with unquoted service paths. This enables a local privilege...

Vembu StoreGrid 4.0 Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits Exploit Title: Vembu StoreGrid - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 4.0 Tested on: Windows Server 2012 StoreGrid is a re-brandable backup solution, which can install 2 services with...

Lenovo ThinkVantage Communications Utility 3.0.42.0 Privilege Escalation

Exploit Title: Lenovo ThinkVantage Communications Utility - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 3.0.42.0 Tested on: Windows 7 Professional The Lenovo ThinkVantage Communications Utility installs 2 services with unquoted service paths. Thi...

Lenovo RapidBoot HDD Acelerator 1.00.0802 Privilege Escalation

Exploit Title: Lenovo RapidBoot HDD Accelerator - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 1.00.0802 Tested on: Windows 7 Professional The Lenovo RapidBoot HDD Accelerator service is installed with an unquoted service path. This enables a loca...

Intel(R) Management Engine Components 8.0.1.1399 Privilege Escalation

Exploit Title: IntelR Management Engine Components - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 8.0.1.1399 Tested on: Windows 7 Professional The IntelR Management and Security Application Local Management Service LMS is installed with an unquote...