ktsuss 1.4 - suid Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ktsuss suid Privilege Escalation', 'Description' = %q This module attempts to gain root privileges by exploiting a vulnerability in ktsuss versio...

ktsuss Suid Privilege Escalation Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ktsuss suid Privilege Escalation', 'Description' = %q This module attempts to gain root privileges by exploiting a vulnerability in ktsuss versio...

CVE-2019-15752

CVE-2019-15752 affects Docker Desktop Community Edition prior to 2.1.0.1. A local attacker can escalate privileges by placing a Trojan horse docker-credential-wincred.exe in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, then rely on an admin/service user authenticating with Do...

CVE-2019-14393

CVE-2019-14393 affects cPanel prior to version 80.0.5, where insecure cpphp execution allows local code execution in the context of a different cPanel account (SEC-486). Root cause is insecure cpphp execution. Impact is described as local code execution; exploitation status is not provided in the...

Linux Kernel 4.15.x < 4.19.2 - map_write() CAP_SYS_ADMIN Local Privilege Escalation (ldpreload)

Exploit for linux platform in category local exploits !/bin/sh EDB Note: Download https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47166.zip wrapper for Jann Horn's exploit for CVE-2018-18955 uses ld.so.preload technique ---...

MacOS X #TimeMachine - (tmdiagnose) Command Injection Privilege Escalation Exploit #RCE

Exploit for macOS platform in category local exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mac OS X TimeMachine tmdiagnose Command Injection Privilege Escalation', 'Description' = %q...

Exploit for OS Command Injection in Exim

PoC-CVE-2019-10149Exim MNEMO-CERT ha desarrollado una PoC que...

ProShow 9.0.3797 Privilege Escalation

!/usr/bin/python coding:utf-8 Exploit Title: ProShow v9.0.3797 Local Exploit Exploit Author: @YonatanCorrea website with details: https://risataim.blogspot.com/2019/06/exploit-local-para-proshow.html Vendor Homepage: http://www.photodex.com/ProShow Software Link:...

CVE-2019-2053

In wnmparseneighborreportelem of wnmsta.c, there is a possible out-of-bounds read due to missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0...

ptrace Sudo Token Privilege Escalation

This module attempts to gain root privileges by blindly injecting into the session user's running shell processes and executing commands by calling system, in the hope that the process has valid cached sudo tokens with root privileges. The system must have gdb installed and permit ptrace. This...

CVE-2018-4004

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the disconnectService functionality. A non-root user is able to kill any privileged process on the system. An attacker would need local access to the machine for a successful exploit...

Privilege escalation

An exploitable privilege escalation vulnerability exists in the Shimo VPN helper service due to improper validation of code signing. A user with local access can use this vulnerability to raise their privileges to root. An attacker would need local access to the machine to successfully exploit th...

AllPlayer 7.4 - SEH Buffer Overflow (Unicode)

AllPlayer 7.4 - SEH Buffer Overflow Unicode !/usr/bin/python -w Exploit Author: Chris Au Exploit Title: AllPlayer V7.4 - Local Buffer Overflow SEH Unicode Date: 07-04-2019 Vulnerable Software: AllPlayer V7.4 Vendor Homepage: https://www.allplayer.org/ Version: 7.4 Software Link:...

WinMPG Video Convert 9.3.5 - Denial of Service

WinMPG Video Convert 9.3.5 - Denial of Service Exploit Title: WinMPG Video Convert Local Dos Exploit Date: 15.03.2019 Vendor Homepage:http://www.winmpg.com Software Link: http://www.winmpg.com/down/WinMPGVideoConvert.zip Exploit Author: Achilles Tested Version: 9.3.5 and older ones Tested on:...

WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 - Denial of Service

Exploit Title: WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 Local Dos Exploit Date: 16.03.2019 Vendor Homepage:http://www.winavi.com Software Link: http://www.winavi.com/user/download/WinAVIiPod3GPMP4PSPConverter.exe Exploit Author: Achilles Tested Version: 4.4.2 Tested on: Windows XP SP3 EN Windows 7...

Linux Kernel 4.4 (Ubuntu 16.04) - &#039;snd_timer_user_ccallback()&#039; Kernel Pointer Leak

include include include include include include include include include include include include include include Exploit Title: Linux Kernel 4.4 Ubuntu 16.04 - Leak kernel pointer in sndtimeruserccallback Google Dork: - Date: 2019-03-11 Exploit Author: wally0813 Vendor Homepage: - Software Link: -...

Realterm Serial Terminal 2.0.0.70 - Local Buffer Overflow (SEH)

Realterm Serial Terminal 2.0.0.70 - Local Buffer Overflow SEH -- coding: utf-8 -- Exploit Title: RealTerm: Serial Terminal 2.0.0.70 - 'Echo Port' Overflow Crash SEH PoC Date: 16/02/2019 Author: Alejandra Sánchez Vendor Homepage: https://realterm.sourceforge.io/ Software Link:...

CVE-2019-5596

In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE before 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicious local user to ga...

River Past Video Cleaner 7.6.3 - Local Buffer Overflow (SEH) Exploit

Exploit Title: River Past Video Cleaner Buffer Overflow SEH Exploit Author: crashmanucoot Contact: twitter.com/crashmanucoot Software Link: https://river-past-video-cleaner.softonic.com/ Version: 7.6.3 Tested on: Windows 10 Pro x64 SPANISH Category: Windows Local Exploit How to use:open the progr...

PassFab Excel Password Recovery 8.3.1 - SEH Local Exploit

PassFab Excel Password Recovery 8.3.1 - SEH Local Exploit Exploit Title: PassFab Excel Password Recovery SEH Local Exploit Date: 31.01.19 Vendor Homepage:https://www.passfab.com/products/excel-password-recovery.html Software Link:...