ASRock Drivers - Privilege Escalation

ASRock Drivers - Privilege Escalation SecureAuth - SecureAuth Labs Advisory http://www.secureauth.com/ ASRock Drivers Elevation of Privilege Vulnerabilities 1. Advisory Information Title: ASRock Drivers Elevation of Privilege Vulnerabilities Advisory ID: CORE-2018-0005 Advisory URL:...

DEBIAN-CVE-2018-18398

Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within File Manager, leading to an out-of-bounds read and SEGV. This could potentially be exploited by an arbitrary local user who creates files in /tmp before the victim uses this input method...

Snes9K 0.0.9z - Buffer Overflow (SEH)

Exploit Title: Snes9K 0.0.9z - Buffer Overflow SEH Date: 2018-10-13 Exploit Author: Abdullah Alıç Vendor Homepage: https://sourceforge.net/projects/snes9k/ Software Link: https://sourceforge.net/projects/snes9k/files/latest/download Version: 0.0.9z Tested on: Windows XP Professional sp3ENG...

ifwatchd - Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ifwatchd Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on QNX 6.4.x and 6.5.x systems by exploiting the...

UBUNTU-CVE-2018-17977

The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTOAH packets, and IPPROTOIP packets, which allows local users to cause a denial of service memory consumption and system hang by leveraging root access to execute crafted applications, as demonstrated on...

Snes9K 0.0.9z - Denial of Service (PoC) Exploit

Exploit for windows platform in category dos / poc Exploit Title: Snes9K 0.0.9z - Denial of Service PoC Exploit Author: crashmanucoot Vendor Homepage: https://sourceforge.net/projects/snes9k/ Software Link: https://sourceforge.net/projects/snes9k/files/latest/download Version: 0.0.9z Tested on:...

New Linux Kernel Bug Affects Red Hat, CentOS, and Debian Distributions

Security researchers have published the details and proof-of-concept PoC exploits of an integer overflow vulnerability in the Linux kernel that could allow an unprivileged user to gain superuser access to the targeted system. The vulnerability, discovered by cloud-based security and compliance...

CVE-2018-10501

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

Cisco AnyConnect Secure Mobility Client 4.6.01099 - Introducir URL Denial of Service Exploit

Exploit for iOS platform in category dos / poc Exploit Title: Cisco AnyConnect Secure Mobility Client 4.6.01099 - 'Introducir URL' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: https://www.cisco.com/ Software Link: App Store for iOS devices Tested Version: 4.6.01099...

Design/Logic Flaw

Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use After Free vulnerability in cJSON library that can result in Possible crash, corruption of data or even RCE. This attack appear to be exploitable via Depends on how application uses cJSON library. If application provides network...

CVE-2018-1000217

Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use After Free vulnerability in cJSON library that can result in Possible crash, corruption of data or even RCE. This attack appear to be exploitable via Depends on how application uses cJSON library. If application provides network...

Directory traversal

A security vulnerability was identified in 3PAR Service Processor SP prior to SP-4.4.0.GA-110MU7. The vulnerability may be locally exploited to allow directory traversal...

CVE-2018-7094

CVE-2018-7094 affects the HPE 3PAR Service Processor (SP) prior to SP-5.0.0.0-22913 GA. The vulnerability allows a local attacker to disclose privileged information. The available documents identify the affected component and root cause as an information disclosure issue on SPs before the listed ...

iSmartViewPro 1.5 Buffer Overflow

Exploit Title: iSmartViewPro 1.5 - 'SavePath for ScreenShots' Local Buffer Overflow Author: Shubham Singh Known As: Spirited Wolf Twitter: @Pwsecspirit Discovey Date: 2018-08-12 Software Link: https://securimport.com/university/videovigilancia-ip/software/493-software-ismartviewpro-v1-5 Tested...

Linux BPF Sign Extension Local Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linux BPF Sign Extension Local Privilege Escalation', 'Description' = %q Linux kernel prior to 4.14.8 utilizes the Berkeley Packet Filter BPF whi...

Boxoft WAV To WMA Converter 1.0 Buffer Overflow

Exploit Title: Boxoft wav-wma Converter - Local Buffer Overflow SEH Date: 2018-07-08 Software Link: http://www.boxoft.com/wav-to-wma/ Software Version:1.0 Exploit Author: Achilles Target: Windows 7 x64 CVE: Description: A malicious .wav file cause this vulnerability. Category: Local Exploit buffe...

Easy Chat Server 3.1 Add User Local Buffer Overflow Exploit

Exploit for windows platform in category local exploits !/usr/bin/env python ---------------------------------------------------------------------------------------------------------- Exploit Title : Easy Chat Server 3.1 - 'Add user' Local Buffer Overflow Exploit Author : Hashim Jawad -...

CVE-2017-7796

On Windows systems, the logger run by the Windows updater deletes the file "update.log" before it runs in order to write a new log of that name. The path to this file is supplied at the command line to the updater and could be used in concert with another local exploit to delete a different file...

CVE-2017-7796

On Windows systems, the logger run by the Windows updater deletes the file "update.log" before it runs in order to write a new log of that name. The path to this file is supplied at the command line to the updater and could be used in concert with another local exploit to delete a different file...

CVE-2017-7796

On Windows systems, the logger run by the Windows updater deletes the file "update.log" before it runs in order to write a new log of that name. The path to this file is supplied at the command line to the updater and could be used in concert with another local exploit to delete a different file...