Advanced Host Monitor 11.90 Beta Denial Of Service

Exploit Title: Advanced Host Monitor 11.90 Beta - 'Registration number' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2019-01-30 Vendor Homepage: https://www.ks-soft.net Software Link : https://www.ks-soft.net/download/hm1190.exe Tested Version: 11.90 Beta Vulnerability Type:...

PassFab Excel Password Recovery 8.3.1 - SEH Local Exploit

Exploit Title: PassFab Excel Password Recovery SEH Local Exploit Date: 31.01.19 Vendor Homepage:https://www.passfab.com/products/excel-password-recovery.html Software Link: https://www.passfab.com/downloads/passfab-excel-password-recovery.exe Exploit Author: Achilles Tested Version: 8.3.1 Tested...

PassFab Excel Password Recovery 8.3.1 - SEH Local Exploit

Exploit for windows platform in category local exploits Exploit Title: PassFab Excel Password Recovery SEH Local Exploit Vendor Homepage:https://www.passfab.com/products/excel-password-recovery.html Software Link: https://www.passfab.com/downloads/passfab-excel-password-recovery.exe Exploit Autho...

blueman - set_dhcp_handler D-Bus Privilege Escalation Exploit

Exploit for linux platform in category local exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'blueman setdhcphandler D-Bus Privilege Escalation', 'Description' = %q This module attempts...

blueman - set_dhcp_handler D-Bus Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'blueman setdhcphandler D-Bus Privilege Escalation', 'Description' = %q This module attempts to gain root privileges by exploiting a Python code...

Arbitrary Code Execution

openstack-ironic-discoverd is vulnerable to arbitrary code execution. It was discovered that enabling debug mode in openstack-ironic-discoverd also enables debug mode in the underlying Flask framework. If errors are encountered while Flask is in debug mode, a user experiencing an error may be abl...

Remote Code Execution (RCE)

luci is vulnerable to remote code execution RCE attacks. The vulnerability exists through an eval injection vulnerability in luci 0.26.0 allows remote authenticated users with certain permissions to execute arbitrary Python code via a crafted cluster configuration...

CVE-2018-16168

LogonTracer 1.2.0 and earlier allows remote attackers to conduct Python code injection attacks via unspecified vectors...

CVE-2018-16168

LogonTracer 1.2.0 and earlier allows remote attackers to conduct Python code injection attacks via unspecified vectors...

Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service (PoC)

Exploit Title: Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2019-01-04 Vendor Homepage: https://www.foscam.es/ Software Link : https://www.foscam.es/descarga/FoscamVMS1.1.4.9.zip Tested Version: 1.1.4.9 Vulnerability Type:...

CVE-2019-3575

Sqlayamlfixtures 0.9.1 allows local users to execute arbitrary python code via the fixturetext argument in sqlayamlfixtures.load...

CVE-2019-3575

Sqlayamlfixtures 0.9.1 allows local users to execute arbitrary python code via the fixturetext argument in sqlayamlfixtures.load...

Code injection

Sqlayamlfixtures 0.9.1 allows local users to execute arbitrary python code via the fixturetext argument in sqlayamlfixtures.load...

PYSEC-2019-52

Sqlayamlfixtures 0.9.1 allows local users to execute arbitrary python code via the fixturetext argument in sqlayamlfixtures.load...

PYSEC-2019-122

Sqlayamlfixtures 0.9.1 allows local users to execute arbitrary python code via the fixturetext argument in sqlayamlfixtures.load...

CVE-2019-3575

Sqla_yaml_fixtures up to version 0.9.1 is vulnerable to code injection: the fixture_text argument passed to sqla_yaml_fixtures.load can execute arbitrary Python code. Root cause is unsafe use of yaml.load. Impact is local code execution with high risk; remediation details are not provided in the ...

EZ CD Audio Converter 8.0.7 Denial Of Service

Exploit Title: EZ CD Audio Converter 8.0.7 - Denial of Service PoC Date: 2018-12-30 Exploit Author: Achilles Vendor Homepage: https://www.poikosoft.com/ Software Link : https://download.poikosoft.com/ezcdaudioconvertersetupx64.exe Exploit Author: Achilles Tested Version: 8.0.7 64-bit Tested on:...

NetworkSleuth 3.0.0.0 - Key Denial of Service Exploit

Exploit Title: NetworkSleuth 3.0.0.0 - 'Key' Denial of Service PoC Discovery by: Luis Martinez Vendor Homepage: www.nsauditor.com Software Link : http://www.nsauditor.com/downloads/networksleuthsetup.exe Tested Version: 3.0.0.0 Vulnerability Type: Denial of Service DoS Local Tested on OS: Windows...

EZ CD Audio Converter 8.0.7 - Denial of Service Exploit

Exploit Title: EZ CD Audio Converter Date: 30-12-2018 Vendor Homepage: https://www.poikosoft.com/ Software Link : https://download.poikosoft.com/ezcdaudioconvertersetupx64.exe Exploit Author: Achilles Tested Version: 8.0.7 64-bit Tested on: Windows 7 x64 Vulnerability Type: Denial of Service DoS...

Angry IP Scanner for Linux 3.5.3 - Denial of Service (PoC)

Angry IP Scanner for Linux 3.5.3 - Denial of Service PoC Exploit Title: Angry IP Scanner for Linux 3.5.3 - Denial of Service PoC Discovery by: Mr Winst0n Discovery Date: 2018-12-22 Vendor Homepage: https://angryip.org/ Software Link : https://angryip.org/download/ Tested Version: 3.5.3 latest...