Siemens SICAM A8000 RTU Series Uncaught Exception (CVE-2018-13798)

A vulnerability has been identified in SICAM A8000 CP-8000 All versions V14, SICAM A8000 CP-802X All versions V14, SICAM A8000 CP-8050 All versions V2.00. Specially crafted network packets sent to port 80/TCP or 443/TCP could allow an unauthenticated remote attacker to cause a Denial-of-Service...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

pwnKit About: Title: pwnKit Description: Privilege esc...

Navbar - Moderately critical - Cross Site Scripting - SA-CONTRIB-2022-011

This module provides a very simple, mobile-friendly navigation toolbar. The module doesn't sufficiently check for user-provided input. This vulnerability is mitigated by the fact that an attacker must have the ability to post content using a text format like the default "Filtered HTML" format tha...

[Security Nation] Mike Hanley of GitHub on the Log4j Vulnerability

!\Security Nation\ Mike Hanley of GitHub on the Log4j Vulnerabilityhttps://blog.rapid7.com/content/images/2022/01/securitynationlogo.jpg In our first episode of Security Nation Season 5, Jen and Tod chat with Mike Hanley, Chief Security Officer at GitHub, all about the major vulnerability in...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

CVE-2021-44228 Apache Log4j Remote Code Execution） all lo...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Logout4Shell !logohttps://github.com/Cybereason/Logout4Shel...

Exploit for Race Condition in Canonical Ubuntu_Linux

《云原生安全：攻防实践与体系构建》资料仓库 本仓库提供了《云原生安全：攻防实践与体系构建》一书的补充材料和随书源码，供感兴趣的读者深入阅读、实践。 本仓库所有内容仅供教学、研究使用，严禁用于非法用途，违者后果自负！ 相关链接：豆瓣 | 京东 | 当当 补充阅读资料 - 100云计算简介.pdf - 101代码安全.pdf - 200容器技术.pdf - 201容器编排.pdf - 202微服务.pdf - 203服务网格.pdf - 204DevOps.pdf - CVE-2017-1002101：突破隔离访问宿主机文件系统.pdf -...

Wipro Holmes Orchestrator 20.4.1 Arbitrary File Download Exploit

Exploit Title: Wipro Holmes Orchestrator 20.4.1 Unauthenticated Arbitrary File Read PoC Exploit Author: Rizal Muhammed @ub3rsick Vendor Homepage: https://www.wipro.com/holmes/ Version: 20.4.1 Tested on: Windows 10 x64 CVE : CVE-2021-38146 import requests as rq import argparse port = 8001 change...

BrakTooth Bluetooth Bugs Bite: Exploit Code, PoC Released

The embargo period is over for a proof-of-concept PoC tool to test for the recently revealed BrakTooth flaws in Bluetooth devices, and the researchers who discovered them have released both the test kit and full exploit code for the bugs. BrakTooth is a collection of flaws affecting commercial...

Exploit for Race Condition in Canonical Ubuntu_Linux

root-dirtyc0w CVE-2016-5195 DirtyCow root privilege esca...

Vulnerability fixed in Chromium-based browsers

A vulnerability has been fixed in Google Chrome. The vulnerability potentially allows a remote malicious person to execute arbitrary code to execute under the user's privileges. Google has disclosed little information about the vulnerability. The vulnerability is in the "Portals" component, which...

Exploit for CVE-2021-38647

It is an offensive tool for testing CVE-2021-38647, a vulnerabil...

CVE-2021-36955

Windows Common Log File System Driver Elevation of Privilege Vulnerability Recent assessments: gwillcox-r7 at September 18, 2021 12:23am UTC reported: Hmm so this is quite an interesting one. This is similar to CVE-2021-36963 and CVE-2021-38633, both of which are marked as low complexity for bein...

Vulnerabilities fixed in Google Chrome

Vulnerabilities have been fixed in Google Chrome. The vulnerabilities allow a malicious person to launch attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to system data Google, as usual, is releasing few technical details abou...

ROS-2-1592

2.1592 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

Exploit for Use After Free in Linux Linux_Kernel

This is a collection of exploit code for various Linux kernel vulnerabilities, specifically CVE-2016-8655, CVE-2017-1000112, CVE-2017-7308, and CVE-2018-18955. The exploits are written in C and use various techniques such as AFPACKET race condition, UDP fragmentation offset, and Linux kernel...

GHSA-5PH6-QQ5X-7JWC ExternalName Services can be used to gain access to Envoy's admin interface

Impact Josh Ferrell @josh-ferrell from VMware has reported that a specially crafted ExternalName type Service may be used to access Envoy's admin interface, which Contour normally prevents from access outside the Envoy container. This can be used to shut down Envoy remotely a denial of service, o...

Exploit for Integer Overflow or Wraparound in Linux Linux_Kernel

CVE-2021-33909 Exploit code for CVE-2021-33909,Just a dump of...

Online Covid Vaccination Scheduler System 1.0 - Arbitrary File Upload to Remote Code Execution (Unauthenticated)

Exploit Title: Online Covid Vaccination Scheduler System 1.0 - Arbitrary File Upload to Remote Code Execution Unauthenticated Date: 2021-07-07 Exploit Author: faisalfs10x Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Cisco Ios

About 这个github仓库，是eqgrp-free-file.tar.xz 的免费解压版本， 源文件由“The Shadow Brokers”黑客组织放出。 加密的拍卖版本可以在网上找到和下载。 Firewall 这个文件夹包含了所有的源文件。 listing.txt则是所有文件的清单。 This repository contains the decrypted and decompressed contents of the eqgrp-free-file.tar.xz file released by "The Shadow Brokers". The contents ar...