Microsoft Browser Elevation of Privilege (MS16-118: CVE-2016-3388)

An Elevation of Privileges vulnerability exists in Internet Explorer and Edge. The vulnerability is due to a failure in properly securing a private namespace. A remote attacker could exploit this vulnerability by enticing a user to run a specially crafted executable...

Microsoft Windows Transaction Manager Elevation of Privilege (MS16-123: CVE-2016-3341)

An elevation of privilege vulnerability has been reported in Microsoft Windows Kernel Transaction Manager. The vulnerability is due to an malformed blf file, which could be abused by attackers to gain local privilege escalation. The attacker must entice the victim to run an executable file to...

Powershell Payload Execution Exploit

Exploit for windows platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/post/windows/services' require 'msf/core/post/windows/powershell' require...

Powershell Payload Execution

This module generates a dynamic executable on the session host using .NET templates. Code is pulled from C templates and impregnated with a payload before being sent to a modified PowerShell session with .NET 4 loaded. The compiler builds the executable standard or Windows service in memory and...

DWebPro 8.4.2 Local File Inclusion Vulnerability

DWebPro is a dynamic web site software package for distribution on CD/DVD or USB drives. A local file inclusion vulnerability exists in the start parameter of DWebPro, which allows an attacker to access arbitrary files and, when browsing to an executable file, execute the file with system...

Waves Audio Service - Unquoted Service Path Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits Waves Audio Service: http://www.maxx.com By Ross Marks: http://www.rossmarks.co.uk Exploit-db: https://www.exploit-db.com/author/?a=8724 Category: Local Tested on: Windows 10 x86/x64 1 Unquoted Service Path Privilege Escalation Max audio...

BlueStacks 2.5.55 - Unquoted Service Path Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits Exploit Title: BlueStacks 2.5.55 Unquoted Service Path Privilege Escalation Date: 24/09/2016 Author: Yunus YILDIRIM @Th3GundY Team: CT-Zer0 @CRYPTTECH Website: http://yildirimyunus.com Contact: email protected Category: local Vendor Homepage...

DEBIAN-CVE-2016-1371

ClamAV aka Clam AntiVirus before 0.99.2 allows remote attackers to cause a denial of service application crash via a crafted mew packer executable...

CVE-2016-1371

ClamAV before 0.99.2 is affected by CVE-2016-1371 and CVE-2016-1372 (and related issues) due to parsing crafted mew packer and 7z files, enabling remote DoS or application crash. Affected component is libclamav/clamav daemons prior to 0.99.2; impact is partial availability denial of service. Debi...

CVE-2016-1371

ClamAV aka Clam AntiVirus before 0.99.2 allows remote attackers to cause a denial of service application crash via a crafted mew packer executable...

Multiple memory corruption vulnerabilities in the PECompact shell pec2.exe module

PECompact shell is a shelling tool that runs on the win32 platform. The tool has multiple memory corruption vulnerabilities in the handling of pe files, allowing an attacker to cause a program crash by constructing a malformed pe file. If successfully exploited, it can cause arbitrary code...

Apple OS X Application Firewall Denial of Service Vulnerability

Apple OS X is the United States Apple Apple company for the Mac computer developed a set of specialized operating systems. application Firewall is one of the application firewall component. A denial of service vulnerability exists in Application Firewall in Apple OS X versions prior to 10.12, whi...

Linux Kernel 4.6.3 Netfilter Privilege Escalation

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require "msf/core" class MetasploitModule 'Linux Kernel 4.6.3 Netfilter Privilege Escalation', 'Description' = %q This module attempts to exploit a netfilter bug on Linux...

CVE-2016-5945

IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request...

CVE-2016-5945

IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request...

CVE-2016-5945

IBM Spectrum Control formerly Tivoli Storage Productivity Center 5.2.x before 5.2.11 allows remote authenticated users to upload non-executable files via a crafted HTTP request...

Design/Logic Flaw

Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory...

CVE-2016-5793

Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory...

Oracle Orakill.exe Buffer Overflow Vulnerability

Orakill is a tool within Oracle for ending user processes. A buffer overflow vulnerability exists in Oracle Orakill.exe version 11.2.0, which can be exploited by an attacker to execute arbitrary code...

Docker Daemon - Local Privilege Escalation (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Docker Daemon Privilege Escalation', 'Description' = %q This module obtains root privileges from any host account with access to the Docker daemon...