Lucene search
K

75 matches found

0day.today
0day.today
added 2016/11/17 12:0 a.m.26 views

WMI Authenticated Exec Via Powershell Authenticated Exploit

This Metasploit module uses WMI execution to launch a payload instance on a remote machine. In order to avoid AV detection, all execution is performed in memory via psh-net encoded payload. Persistence option can be set to keep the payload looping while a handler is present to receive it. By...

0.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2016/07/12 12:0 a.m.6 views

Microsoft Internet Explorer Memory Corruption (MS16-084: CVE-2016-3242)

A memory corruption vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an error while handling certain objects when processing HTML and script code. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could...

7.6CVSS7.7AI score0.13848EPSS
Exploits0
n0where
n0where
added 2016/06/15 6:43 p.m.32 views

PowerShell Runspace Portable Post Exploitation Tool: PowerOPS

PowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell “easier” PowerOPS is an application written in C that does not rely on powershell.exe but runs PowerShell commands and functions within a powershell runspace environment .NET. It intends to...

0.8AI score
Exploits0References7
n0where
n0where
added 2016/04/19 5:16 p.m.18 views

Run Binaries From Memory: Pazuzu

Pazuzu is a Python script that allows you to embed a binary within a precompiled DLL which uses reflective DLL injection. The goal is that you can run your own binary directly from memory. This can be useful in various scenarios. For example, if you want to exploit a vulnerability and run your ow...

7.4AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/03/25 12:0 a.m.23 views

SuSE 11.3 Security Update : Mozilla Firefox (SAT Patch Number 10524)

Mozilla Firefox was updated to the 31.5.3ESR release to fix two security vulnerabilities : - Security researcher ilxu1a reported, through HP Zero Day Initiative's Pwn2Own contest, a flaw in Mozilla's implementation of typed array bounds checking in JavaScript just-in-time compilation JIT and its...

7.5CVSS8.3AI score0.03677EPSS
Exploits0References7
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.34 views

IBM Informix Dynamic Server 9.40/Informix Extended Parallel Server 8.40 Multiple Vulnerabilities (2)

No description provided by source. source: http://www.securityfocus.com/bid/9512/info IBM Informix Dynamic Server and IBM Informix Extended Parallel Server have been reported prone to multiple vulnerabilities. The first issue exists in the onedcu binary. Specifically, when the binary is invoked a...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/04/29 12:0 a.m.42 views

Firefox < 29.0 Multiple Vulnerabilities

The installed version of Firefox is a version prior to 29.0 and is, therefore, potentially affected by the following vulnerabilities : - An issue exists in the Network Security NSS library due to improper handling of IDNA domain prefixes for wildcard certificates. This issue could allow man-in-...

10CVSS6.9AI score0.07543EPSS
Exploits12References27
Saint
Saint
added 2013/02/18 12:0 a.m.36 views

Novell GroupWise Client ActiveX SetEngine Pointer Manipulation

Added: 02/18/2013 CVE: CVE-2012-0439 BID: 57658 OSVDB: 89700 Background Novell GroupWise is an e-mail and collaboration product suite. Problem Several methods in the GroupWise ActiveX plugin do not validate user-supplied pointers that are passed as function arguments. This may allow an attacker t...

9.3CVSS7AI score0.39183EPSS
Exploits9
Mozilla
Mozilla
added 2011/06/21 12:0 a.m.44 views

Multiple dangling pointer vulnerabilities — Mozilla

Security researcher regenrecht reported via TippingPoint's Zero Day Initiative two instances of code which modifies SVG element lists failed to account for changes made to the list by user-supplied callbacks before accessing list elements. If a user-supplied callback deleted such an object, the...

10CVSS2.6AI score0.05772EPSS
Exploits0References6Affected Software2
seebug.org
seebug.org
added 2010/03/08 12:0 a.m.25 views

JITed stage-0 shellcode

No description provided by source. Title: JITed stage-0 shellcode Author: Alexey Sintsov Download N/A // JITS0.AS // // VirtualProtect stage-0 shellcode // // how to use stack // // 0000: 0x11111111 -- ret addr to JIT satge0 shellcode // 0004: 0x60616f62 -- pointer on string atom encoded high if...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/03/07 12:0 a.m.35 views

JITed stage-0 shellcode

JITed stage-0 shellcode. Shellcode exploit for win32 platform Title: JITed stage-0 shellcode Author: Alexey Sintsov Download N/A // JITS0.AS // // VirtualProtect stage-0 shellcode // // how to use stack // // 0000: 0x11111111 -- ret addr to JIT satge0 shellcode // 0004: 0x60616f62 -- pointer on...

Exploits0
Exploit DB
Exploit DB
added 2010/02/02 12:0 a.m.36 views

DeepBurner pro 1.9.0.228 - &#039;.dbr&#039; file Buffer Overflow (Universal)

/ Deepburner pro 1.9.0.228 dbr file buffer overflow exploituniversal This is buffer: header 253 bytes + junk+ next seh + seh addr + tail 957 bytes dbr/dbi file Date: 29.01.2010 Dicovery Credits: fl0 fl0w Exploit Credits : fl0 fl0w ?Download latest vuln vs from: http://www.deepburner.com/?r=downlo...

7.4AI score
Exploits0
Prion
Prion
added 2007/08/03 10:17 a.m.13 views

Design/Logic Flaw

The Java interface to CoreAudio on Apple Mac OS X 10.3.9 and 10.4.10 contains an unsafe interface that is exposed by JDirect, which allows remote attackers to free arbitrary memory and thereby execute arbitrary code...

6.8CVSS7.2AI score0.03356EPSS
Exploits1References7
seebug.org
seebug.org
added 2006/10/23 12:0 a.m.22 views

linux/x86 setuid(0) and /bin/sh execve() shellcode 30 bytes

No description provided by source. / $Id: setuid-linux.c,v 1.4 2004/06/02 12:22:30 raptor Exp $ setuid-linux.c - setuid/execve shellcode for Linux/x86 Copyright c 2004 Marco Ivaldi [email protected] Short fully-functional setuid0 and /bin/sh execve shellcode. / / setuid0 8049380: 6a 17 push...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2004/09/26 12:0 a.m.28 views

linux/x86 shared memory exec 50 bytes

linux/x86 shared memory exec 50 bytes. Shellcode exploit for linx86 platform / [email protected] - http://www.nopninjas.com Platform: Linux x86 Length: 50 bytes - This shellcode connects to the shared memory segment matching the key and executes the code at that address. xorl %edi,%edi xorl...

7.4AI score
Exploits0
Rows per page
Query Builder