Microsoft Edge Scripting Engine - Memory Corruption (MS16-129)

Microsoft Edge Scripting Engine - Memory Corruption MS16-129 !-- Source: http://www.security-assessment.com/files/documents/advisory/edgechakramemcorruption.pdf Name: Microsoft Edge Scripting Engine Memory Corruption Vulnerability MS16-129 CVE: CVE-2016-7202 Vendor Website:...

Kaltura 11.1.0-2 - Remote Code Execution (Metasploit)

Exploit for php platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kaltura Remote PHP Code Execution', 'Description' = %q This module exploits an Object Injecti...

Kaltura 11.1.0-2 - Remote Code Execution (Metasploit)

Kaltura 11.1.0-2 - Remote Code Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kaltura Remote PHP Code Execution', 'Description' = %q This module exploits an Object Injectio...

Panda Security (Multiple Products) - Local Privilege Escalation

Panda Security Multiple Products - Local Privilege Escalation Exploit Title: Panda Security Privilege Escalation Date: 27/6/2016 Exploit Author: Security-Assessment.com Vendor Homepage: http://www.pandasecurity.com Version: Panda Global Protection 2016 16.1.2,Panda Antivirus Pro 2016 16.1.2,Panda...

Panda Security (Multiple Products) - Local Privilege Escalation

Exploit Title: Panda Security Privilege Escalation Date: 27/6/2016 Exploit Author: Security-Assessment.com Vendor Homepage: http://www.pandasecurity.com Version: Panda Global Protection 2016 16.1.2,Panda Antivirus Pro 2016 16.1.2,Panda Small Business Protection 16.1.2,Panda Internet Security 2016...

Panda Security Multiple Products - Privilege Escalation

Exploit for windows platform in category local exploits Exploit Title: Panda Security Privilege Escalation Date: 27/6/2016 Exploit Author: Security-Assessment.com Vendor Homepage: http://www.pandasecurity.com Version: Panda Global Protection 2016 16.1.2,Panda Antivirus Pro 2016 16.1.2,Panda Small...

OpenLDAP 2.4.42 - ber_get_next Denial of Service

Exploit Title: OpenLDAP 2.4.42 bergetnext DOS Date: 11/09/15 Exploit Author: Denis Andzakovic - Security-Assessment.com Vendor Homepage: http://www.openldap.org/ Software Link: ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.4.42.tgz Version: Y Y \ / /| / \ /||| / / /.-. / /:wq...

Watchguard XCS 10.0 - Multiple Vulnerabilities

Watchguard XCS 10.0 - Multiple Vulnerabilities , , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Watchguard XCS Multiple Vulnerabilities Affected versions: Watchguard XCS =10.0 PDF:...

OpenLitespeed 1.3.9 - Use After Free (DoS)

Exploit for linux platform in category dos / poc / Openlitespeed 1.3.9 Use After Free denial of service exploit. This exploit triggers a denial of service condition within the Openlitespeed web server. This is achieved by sending a tampered request contain a large number 91 of 'a: a' header rows...

Kaseya Browser 7.0 Android Path Traversal

, , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Kaseya Browser Android Path Traversal Affected Versions: Kaseya Browser 7.0 Android PDF:...

Hyleos ChemView ActiveX Control Stack Buffer Overflow

No description provided by source. $Id: hyleoschemviewxactivex.rb 9935 2010-07-27 02:25:15Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

ManageEngine DesktopCentral 8.0.0 build 80293 - Arbitrary File Upload

DesktopCentral versions prior to 80293 suffer from a remote shell upload vulnerability. DesktopCentral Arbitrary File Upload Vulnerability Affected versions: DesktopCentral versions :8020 User-Agent: Mozilla/5.0 Windows NT 6.1; rv:22.0 Gecko/20100101 Firefox/22.0 Accept:...

DesktopCentral Shell Upload

, , . .' '. ', . , '. , ., , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. DesktopCentral Arbitrary File Upload Vulnerability Affected versions: DesktopCentral versions :8020 User-Agent: Mozilla/5.0 Windows NT 6.1; rv:22.0...

Kaseya 6.3 Shell Upload

, , . .' '. ', . , '. , ., , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. Kaseya Arbitrary File Upload Vulnerability Affected versions: All versions and hotfixes prior to 6.3.0.2 PDF:...

Kaseya 6.3.0.2 - Arbitrary File Upload

Kaseya 6.3.0.2 - Arbitrary File Upload , , . .' '. ', . , '. , ., , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. Kaseya Arbitrary File Upload Vulnerability Affected versions:...

ManageEngine Desktop Central 8.0.0 build < 80293 - Arbitrary File Upload

, , . .' '. ', . , '. , ., , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. DesktopCentral Arbitrary File Upload Vulnerability Affected versions: DesktopCentral versions 80293 PDF:...

Polycom HDX - Telnet Authentication Bypass (Metasploit)

======================================================================== = Polycom HDX Telnet Authorization Bypass = = Vendor Website: = www.polycom.com = = Affected Version: = Polycom HDX devices: = All releases prior to and including Commercial 3.0.5 = = Public disclosure on January 18, 2013 =...

Polycom HDX Telnet Authorization Bypass

======================================================================== = Polycom HDX Telnet Authorization Bypass = = Vendor Website: = www.polycom.com = = Affected Version: = Polycom HDX devices: = All releases prior to and including Commercial 3.0.5 = = Public disclosure on January 18, 2013 =...

Memory corruption in str_unescape — Mozilla

Security researcher Scott Bell of Security-Assessment.com used the Address Sanitizer tool to discover a memory corruption in strunescape in the Javascript engine. This could potentially lead to arbitrary code execution...

Oracle GlassFish Server - REST CSRF Vulnerability

Exploit for windows platform in category web applications Details Vendor Site: Oracle www.oracle.com Date: April, 19th 2012 – CVE 2012-0550 Affected Software: Oracle GlassFish Server 3.1.1 build 12 Researcher: Roberto Suggi Liverani PDF version:...