CVE-2018-16885

A flaw was found in the Linux kernel that allows the userspace to call memcpyfromiovecend and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault and a system halt by accessing invalid memory...

DEBIAN-CVE-2018-16885

A flaw was found in the Linux kernel that allows the userspace to call memcpyfromiovecend and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault and a system halt by accessing invalid memory...

CVE-2018-16885

A flaw was found in the Linux kernel that allows the userspace to call memcpyfromiovecend and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault and a system halt by accessing invalid memory...

XMPlay 3.8.3 - .m3u Local Stack Overflow Code Execution Exploit

Exploit for windows platform in category local exploits !/usr/bin/env python -- coding: utf-8 -- Exploit Title: XMPlay 3.8.3 - '.m3u' Code Execution PoC Exploit Author: s7acktrac3 Vendor Homepage: https://www.xmplay.com/ Software Link: https://support.xmplay.com/filesview.php?fileid=676 Version:...

XMPlay 3.8.3 Local Stack Overflow

!/usr/bin/env python -- coding: utf-8 -- Exploit Title: XMPlay 3.8.3 - '.m3u' Code Execution PoC Date: 2018-12-19 Exploit Author: s7acktrac3 Vendor Homepage: https://www.xmplay.com/ Software Link: https://support.xmplay.com/filesview.php?fileid=676 Version: 3.8.3 latest Tested on: Windows XP SP3...

LanSpy 2.0.1.159 - Local Buffer Overflow

LanSpy 2.0.1.159 - Local Buffer Overflow !/usr/bin/python ------------------------------------------------------------------------------------------------------------------------------------ Exploit: LanSpy 2.0.1.159 - Local Buffer Overflow RCEPoC Date: 2018-12-16 Author: Juan Prescotto Tested...

LanSpy 2.0.1.159 - Local Buffer Overflow Exploit

Exploit for windows platform in category local exploits !/usr/bin/python ------------------------------------------------------------------------------------------------------------------------------------ Exploit: LanSpy 2.0.1.159 - Local Buffer Overflow RCEPoC Date: 2018-12-16 Author: Juan...

Mozilla: Buffer overflow in accelerated 2D canvas with Skia

A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.4, Firefox ESR 60.4, an...

UBUNTU-CVE-2018-18493

A buffer overflow can occur in the Skia library during buffer offset calculations with hardware accelerated canvas 2D actions due to the use of 32-bit calculations instead of 64-bit. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 60.4, Firefox ESR 60.4, an...

CVE-2018-1002008

There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in list-user.html.php:4: via GET request offset variable...

Cross site scripting

There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in list-user.html.php:4: via GET request offset variable...

Extreme Office 1.0.1.30274 suffers from memory corruption vulnerability

Extreme Office is an independently controlled office learning software developed by Beijing Haiteng Times Technology Co. A memory corruption vulnerability exists in Extreme Office version 1.0.1.30274. The vulnerability is caused due to the failure of the loop body of a function in the core module...

CVE-2018-17907

When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with the value of an offset, an attacker can force the application to read a value outside of an array...

Code injection

When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with the value of an offset, an attacker can force the application to read a value outside of an array...

CVE-2018-17907

When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with the value of an offset, an attacker can force the application to read a value outside of an array...

CVE-2018-17907

CVE-2018-17907 is an Out-of-Bounds Read vulnerability in Omron CX-Supervisor (versions 3.4.1.0 and prior). When processing project files and tampering with the value of an offset, the application can read outside an array. Impact: potential information disclosure; exploitation details emphasize l...

CVE-2018-18329

A KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac Consumer 7.0 2017 and above could allow a local attacker to escalate privileges on vulnerable installations. The issue results from the lack of proper validation function on 0x6F4E offse...

BSD Command Shell, Reverse TCP Inline

Connect back to attacker and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 100 This is so one-off that we define it here ARCHVAX = 'vax' include...

Microsoft Edge - Sandbox Escape

Content process - Privileged content process firststage.js When spawning a new Edge content process, its privilege is determined by its URL. This URL check is performed by the LCIEUrlPolicy::GetPICForPrivilegedInternalPage method in eModel.dll. The method calls several another methods to check...

Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service Exploit

Exploit for hardware platform in category dos / poc Exploit Title: Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service PoC Author: Cakes Vendor Homepage: http://www.netis-systems.com Software Link: http://www.netis-systems.com/Home/detail/id/74.html Tested Version: RTK 2.1.1 Tested on OS: Kal...