Lucene search
K

16 matches found

0day.today
0day.today
added 2017/03/25 12:0 a.m.107 views

Forticlient 5.2.3 Windows 10 x64 (Post Anniversary) - Privilege Escalation Exploit

Exploit for windows platform in category local exploits / Check these out: - https://www.coresecurity.com/system/files/publications/2016/05/Windows%20SMEP%20bypass%20U%3DS.pdf - https://labs.mwrinfosecurity.com/blog/a-tale-of-bitmaps/ Tested on: - Windows 10 Pro x64 Post-Anniversary - hal.dll:...

7.2CVSS6.3AI score0.02029EPSS
Exploits5
Kitploit
Kitploit
added 2016/11/11 1:43 p.m.16 views

needle - The iOS Security Testing Framework

Needle is an open source, modular framework to streamline the process of conducting security assessments of iOS apps. Description Assessing the security of an iOS application typically requires a plethora of tools, each developed for a specific need and all with different modes of operation and...

7.2AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/05/26 12:0 a.m.27 views

FreeBSD : cassandra -- remote execution of arbitrary code (607f4d44-0158-11e5-8fda-002590263bf5)

Jake Luciani reports : Under its default configuration, Cassandra binds an unauthenticated JMX/RMI interface to all network interfaces. As RMI is an API for the transport and remote execution of serialized Java, anyone with access to this interface can execute arbitrary code as the running user...

7.5CVSS8.9AI score0.06692EPSS
Exploits0References3
securityvulns
securityvulns
added 2015/05/12 12:0 a.m.75 views

[SECURITY ANNOUNCEMENT] CVE-2015-0225

CVE-2015-0225: Apache Cassandra remote execution of arbitrary code Severity: Important Vendor: The Apache Software Foundation Versions Affected: Cassandra 1.2.0 to 1.2.19 Cassandra 2.0.0 to 2.0.13 Cassandra 2.1.0 to 2.1.3 Description: Under its default configuration, Cassandra binds an...

7.5CVSS1.8AI score0.06692EPSS
Exploits0
seebug.org
seebug.org
added 2014/09/12 12:0 a.m.69 views

Supermicro Onboard IPMI Port 49152 敏感文件泄露漏洞

关于 IPMI:智能平台管理接口 IPMI 是一种开放标准的硬件管理接口规格,定义了嵌入式管理子系统进行通信的特定方法。IPMI 信息通过基板管理控制器 BMC(位于 IPMI 规格的硬件组件上)进行交流。IPMI是智能型平台管理接口(Intelligent Platform Management Interface)的缩写,是管理基于...

5CVSS6.5AI score0.21152EPSS
Exploits6
Packet Storm
Packet Storm
added 2014/07/16 12:0 a.m.45 views

Boat Browser 8.0 / 8.0.1 Remote Code Execution

CreatMalTxt POC - WebView var obj; function TestVulnerability temp="not"; var myObject = window; for var name in myObject if myObject.hasOwnPropertyname try temp=myObjectname.getClass.forName'java.lang.Runtime'.getMethod'getRuntime',null.invokenull,null; catche iftemp=="not"...

6.8CVSS7.4AI score0.4136EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2013/10/10 12:0 a.m.20 views

Debian DSA-2770-1 : torque - authentication bypass

John Fitzpatrick of MWR InfoSecurity discovered an authentication bypass vulnerability in torque, a PBS-derived batch processing queueing system. The torque authentication model revolves around the use of privileged ports. If a request is not made from a privileged port then it is assumed not to ...

9CVSS5.7AI score0.02915EPSS
Exploits0References5
Debian
Debian
added 2013/10/09 2:37 p.m.25 views

[SECURITY] [DSA 2770-1] torque security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2770-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 09, 2013 http://www.debian.org/security/faq -...

9CVSS2.2AI score0.02915EPSS
Exploits0
Exploit DB
Exploit DB
added 2013/05/14 12:0 a.m.29 views

SAP SOAP RFC - SXPG_COMMAND_EXECUTE Remote Command Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ This module is based on, inspired by, or is a port of a...

7.4AI score
Exploits0
Saint
Saint
added 2011/09/07 12:0 a.m.22 views

MPlayer SAMI Subtitle File Overflow

Added: 09/07/2011 BID: 49149 OSVDB: 74604 Background MPlayer is an open source media player with support for many operating systems. Problem MPlayer does not properly validate the contents of Synchronized Accessible Media Interchange SAMI caption files. If a video references a malformed SAMI file...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2011/06/14 12:0 a.m.34 views

MPlayer - '.SAMI' Subtitle File Buffer Overflow (DEP Bypass) (Metasploit)

require 'msf/core' class MetasploitModule 'Mplayer SAMI Buffer Overflow', 'Description' = %q This module exploits a stack based buffer overflow found in SMPlayer 0.6.9 Permanent DEP /AlwaysON. The overflow is triggered during the parsing of an overly long string found in a malicious SAMI subtitle...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2011/04/04 12:0 a.m.42 views

IBM Lotus Domino iCalendar - MAILTO Buffer Overflow (Metasploit)

$Id: dominoicalendarorganizer.rb 12236 2011-04-04 17:43:34Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

9.3CVSS6.6AI score0.41475EPSS
Exploits9
Debian
Debian
added 2011/01/31 11:22 a.m.30 views

[SECURITY] [DSA-2156-1] pcscd security update

------------------------------------------------------------------------ Debian Security Advisory DSA-2156-1 [email protected] http://www.debian.org/security/ Steve Kemp January 31, 2011 http://www.debian.org/security/faq -...

4.4CVSS6.3AI score0.00498EPSS
Exploits0
OSV
OSV
added 2011/01/31 12:0 a.m.11 views

DSA-2156-1 pcsc-lite - buffer overflow

Bulletin has no description...

4.4CVSS6.3AI score0.00498EPSS
Exploits0
ThreatPost
ThreatPost
added 2009/11/02 11:26 p.m.12 views

Flawed USB Sticks Can Be Used to Download Whatever Desired

UK security researchers MWR InfoSecurity have found a flaw in the driver software of USB sticks that could allow the technology to “interrogate” and download the complete content of any system. The company believes the use of such devices is only months away, and has shared its research with the...

2.4AI score
Exploits0References2
0day.today
0day.today
added 2008/09/22 12:0 a.m.19 views

Sagem Routers [email protected] Remote CSRF Exploit (dhcp hostname attack)

Exploit for hardware platform in category remote exploits ============================================================= Sagem Routers email protected Remote CSRF Exploit dhcp hostname attack ============================================================= !/usr/bin/env python OOO OOO OO OOO O O O O ...

7.1AI score
Exploits0
Rows per page
Query Builder