591 matches found
Authorization Bypass
openstack-foreman-installer is vulnerable to authorization bypass attacks. The vulnerability exists as the default configuration in the standalone controller quickstack manifest in openstack-foreman-installer, as used in Red Hat Enterprise Linux OpenStack Platform 4.0, disables authentication for...
Google Chrome for Mac, Windows and Linux V8 Security Bypass Vulnerability
Google Chrome for Mac, Windows and Linux is a web browser based on Mac, Windows and Linux platforms developed by Google USA.V8 is one of the open source JavaScript engines. A security vulnerability exists in V8 in versions of Google Chrome prior to 64.0.3282.167 for Mac and Linux-based platforms...
Linux Kernel 4.4 - rtnetlink Stack Memory Disclosure Exploit
Exploit for linux platform in category local exploits...
Intel QuickAssist Technology for Linux Denial of Service Vulnerability
Intel QuickAssist Technology for Linux is a Linux-based data management technology from Intel Corporation that enhances the security and compression of dynamic and static data in cloud, network, big data and storage applications. A denial of service vulnerability exists in Intel QuickAssist...
McAfee Agent Privilege Mobilization Vulnerability (CNVD-2019-07154)
McAfee Agent MA is the United States of America McAfee McAfee company's set of Linux-based platform provides ePolicy Orchestrator antivirus management platform and managed products between the security of the client components of communication. A privilege extraction vulnerability exists in...
Code Execution Vulnerability in FeiFeiCms Frontend
FeiFeiCms is developed with PHP+Mysql technology and can run on windows and Linux system platform. FeiFeiCms code execution vulnerability exists in the front-end, an attacker can exploit the vulnerability to obtain control of the web server...
IBM DB2 Access Control Vulnerability
IBM DB2 is a set of relational database management system from IBM in the United States. The main execution environments for this system are UNIX, Linux, IBM i, z/OS, and Windows server versions. A security vulnerability exists in all revision packages of IBM DB2 version 11.1 including DB2 Connec...
TP-Link EAP Controller for Linux Authentication Bypass Vulnerability
TP-Link EAP Controller for Linux is a set of software for remote control of wireless AP access point devices based on Linux platform from China's TP-LINK. A security vulnerability exists in EAP Controller for Linux, which originates from the RMI interface not requiring authentication before use. ...
file/magic_fuzzer: Heap-buffer-overflow in json_parse_object
Project: https://github.com/file/file.git Detailed report: https://oss-fuzz.com/testcase?key=4855426351890432 Project: file Fuzzer: libFuzzerfilemagicfuzzer Fuzz target binary: magicfuzzer Job Type: libfuzzerasanfile Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address:...
IPTABLES rules removal
This module will be applied on a session connected to a shell. It will remove all IPTABLES rules. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IPTABLES rules removal', 'Description' = %q Thi...
Linux/x86 - Kill Process Shellcode (20 bytes)
/ Exploit Title: Kill PID shellcode Date: 07/09/2018 Exploit Author: Nathu Nandwani Platform: Linux/x86 Size: 20 bytes Compile: gcc -fno-stack-protector -z execstack killproc.c -o killproc / include include int main unsigned short pid = 2801; char shellcode = "\x31\xc0" / xor eax, eax / "\xb0\x25...
Linux/x86 - Execve /bin/cat /etc/passwd Shellcode (37 bytes)
Linux/x86 - Execve /bin/cat /etc/passwd Shellcode 37 bytes. Shellcode exploit for Linuxx86 platform...
strongSwan Denial of Service Vulnerability (CNVD-2018-14260)
strongSwan is an open source IPsec-based VPN solution for Linux platforms maintained by Swiss software developer Andreas Steffen. The solution includes authentication mechanisms such as X.509 public key certificates, secure storage of private keys, and smart cards. A security vulnerability exists...
Git < 2.17.1 - Remote Code Execution Exploit
Exploit for linux platform in category remote exploits...
DLink #DSL2750B OS Command Injection Exploit
This Metasploit module exploits a remote command injection vulnerability in D-Link DSL-2750B devices. Vulnerability can be exploited through "cli" parameter that is directly used to invoke "ayecli" binary. Vulnerable firmwares are from 1.01 up to 1.03. This module requires Metasploit:...
IBM Netezza Platform Software Detection (Linux)
Binary data ibmnetezzaplatformsoftwareinstalled.nbin...
Google Chrome for Mac, Windows and Linux Navigation URL Spoofing Vulnerability
Google Chrome for Mac, Windows and Linux is a web browser developed by Google for the Mac, Windows and Linux platforms.Navigation is one of the browser navigation modules. A security vulnerability exists in Navigation in versions of Google Chrome prior to 64.0.3282.119 on Windows, Mac and Linux...
Google Chrome for Mac, Windows and Linux Blink Security Bypass Vulnerability
Google Chrome for Mac, Windows and Linux is a web browser for Mac, Windows and Linux platforms developed by Google Inc. Blink is one of a set of browser layout engines rendering engines co-developed by Google Inc. and Norway's Opera Software. Co-developed by the United States Google Google and...
Google Chrome for Mac, Windows and Linux New Tab Page Information Disclosure Vulnerability
Google Chrome for Mac, Windows and Linux is a web browser developed by Google for the Mac, Windows and Linux platforms.New Tab Page is one of the modules used to create new tab pages. A security vulnerability exists in New Tab Page in versions of Google Chrome prior to 64.0.3282.119 for Windows,...
Google Chrome for Mac, Windows and Linux Security Bypass Vulnerability (CNVD-2018-03797)
Google Chrome for Mac, Windows and Linux is a web browser developed by Google, Inc. for the Mac, Windows and Linux platforms. A security vulnerability exists in versions of Google Chrome prior to 64.0.3282.119 for Windows, Mac and Linux platforms. A remote attacker can exploit this vulnerability ...