CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

0day.today•added 2017/05/19 12:0 a.m.•454 views

Microsoft Windows 7 / 2008 R2 (x64) - EternalBlue SMB Remote Code Execution (MS17-010) Exploit

Exploit for windows platform in category remote exploits !/usr/bin/python from impacket import smb from struct import pack import os import sys import socket ''' EternalBlue exploit for Windows 7/2008 by sleepya The exploit might FAIL and CRASH a target system depended on what is overwritten Test...

9.3CVSS8.2AI score0.94318EPSS

Exploits51

Talos•added 2017/01/17 12:0 a.m.•55 views

Oracle Outside In Technology PDF parser confusion Code Execution Vulnerability

Summary An exploitable arbitrary write vulnerability exists in the PDF parser functionality of Oracle Outside In Technology SDK. A specially crafted PDF document can cause a parser confusion resulting in an arbitrary write vulnerability ultimately leading to code execution. Tested Versions Oracle...

8.6CVSS9.2AI score0.01528EPSS

Exploits1

exploitpack•added 2016/12/06 12:0 a.m.•22 views

Microsoft Edge - JSON.parse Info Leak

Microsoft Edge - JSON.parse Info Leak var once = false; var a = 1; function f if!once a = new Array1, 2, 3; this2 = a; once = true; //alert"f " + this; return ; JSON.parse"1, 2, 4, 5", f; var n = new Numbera0; n = n 1; var s = n.toString16; n = new Numbera1; n = n 1; s = s + n.toString16; n.lengt...

7.4AI score

Zero Day Initiative•added 2016/09/16 12:0 a.m.•32 views

Microsoft Edge CTreePos Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw relates to how Edge handles tex...

6.8CVSS2AI score0.2137EPSS

Exploits0References1

Hacker One•added 2016/08/26 1:6 a.m.•10 views

Tor: potential memory corruption in or/buffers.c (particularly on 32 bit)

In or/buffer.s.c: c / Return the allocation size we'd like to use to hold target bytes. / static inline sizet preferredchunksizesizet target sizet sz = MINCHUNKALLOC; while CHUNKSIZEWITHALLOCsz include define FLEXIBLEARRAYMEMBER // define DEBUGCHUNKALLOC / A single chunk on a buffer. / typedef...

6.6AI score

Zero Day Initiative•added 2015/11/10 12:0 a.m.•46 views

Microsoft Office Excel Binary Worksheet Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.4AI score0.40892EPSS

Exploits0References1

exploitpack•added 2015/09/22 12:0 a.m.•9 views

Kaspersky AntiVirus - ExeCryptor Parsing Memory Corruption

Kaspersky AntiVirus - ExeCryptor Parsing Memory Corruption Source: https://code.google.com/p/google-security-research/issues/detail?id=525 Fuzzing packed executables found the attached crash, it might be usable as an information leak as part of another bug, so filing as a low-risk bug. If I had t...

1AI score

seebug.org•added 2014/07/01 12:0 a.m.•16 views

LBL traceroute 1.4 a5 Heap Corruption Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/1739/info Traceroute is a well-known network diagnostic tool used for analyzing the path on a network between two hosts. On unix systems, traceroute is typically installed setuid root because of its use of raw sockets...

7.1AI score

Exploit DB•added 2013/12/03 12:0 a.m.•91 views

Microsoft - Tagged Image File Format '.TIFF' Integer Overflow (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/zip' require 'nokogiri' module ::Nokogiri module XML class Builder Some XML documents don't declare the namespace before referencing, but...

9.3CVSS8AI score0.92451EPSS

Exploits7

Saint•added 2013/02/18 12:0 a.m.•34 views

Novell GroupWise Client ActiveX SetEngine Pointer Manipulation

Added: 02/18/2013 CVE: CVE-2012-0439 BID: 57658 OSVDB: 89700 Background Novell GroupWise is an e-mail and collaboration product suite. Problem Several methods in the GroupWise ActiveX plugin do not validate user-supplied pointers that are passed as function arguments. This may allow an attacker t...

Saint•added 2013/02/18 12:0 a.m.•33 views

Novell GroupWise Client ActiveX SetEngine Pointer Manipulation

Saint•added 2013/02/18 12:0 a.m.•32 views

Novell GroupWise Client ActiveX SetEngine Pointer Manipulation

Saint•added 2013/02/18 12:0 a.m.•33 views

Novell GroupWise Client ActiveX SetEngine Pointer Manipulation

exploitpack•added 2012/07/29 12:0 a.m.•12 views

httpdx 1.5.4 - Remote Heap Overflow

httpdx 1.5.4 - Remote Heap Overflow !/usr/bin/perl -w ====================================================================== Exploit Title: httpdx UnhandledExceptionFilter ====================================================================== use strict; use IO::Socket::INET; target my $host =...

0.7AI score

securityvulns•added 2012/06/13 12:0 a.m.•130 views

ZDI-12-083 : Oracle Java OpenAL Library Pointer Manipulation Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-083 : Oracle Java OpenAL Library Pointer Manipulation Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-083 June 6, 2012 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Oracle - -- Affected...

0.4AI score