CVE-2016-6859

Hybris Management Console HMC in SAP Hybris before 6.0 allows remote attackers to obtain sensitive information by triggering an error and then reading a Java stack trace...

CVE-2016-6859

CVE-2016-6859 concerns SAP Hybris’ Hybris Management Console (HMC) prior to version 6.0. An information disclosure vulnerability allows remote attackers to trigger an error and read a Java stack trace, potentially exposing sensitive information. Affected component is the HMC within SAP Hybris; ro...

CVE-2016-2957

IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated users to obtain sensitive information by reading a stack trace in a response...

CVE-2016-2957

IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated users to obtain sensitive information by reading a stack trace in a response...

Design/Logic Flaw

IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated users to obtain sensitive information by reading a stack trace in a response...

CVE-2016-2957

IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated users to obtain sensitive information by reading a stack trace in a response...

Microsoft Windows10 AHCACHE.SYS Remote Denial Of Service

Summary A denial of service vulnerability exists in the AHCACHE.SYS driver. A specially crafted Portable Executable file can cause a bugcheck in the Windows kernel resulting in remote denial of service. Tested Versions Windows 10, AHCACHE.SYS version 10.0.10586.0 Tested on Windows 10 X86 Product...

CVE-2016-2961

The integration server in IBM Integration Bus 9 before 9.0.0.6 and 10 before 10.0.0.5 and WebSphere Message Broker 8 before 8.0.0.8 allows remote attackers to obtain sensitive Tomcat version information by sending a malformed POST request and then reading the Java stack trace...

CVE-2016-2961

The integration server in IBM Integration Bus 9 before 9.0.0.6 and 10 before 10.0.0.5 and WebSphere Message Broker 8 before 8.0.0.8 allows remote attackers to obtain sensitive Tomcat version information by sending a malformed POST request and then reading the Java stack trace...

Ruby on Rails - Development Web Console (v2) Code Execution (Metasploit)

Exploit for ruby platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Ruby on Rails Development Web Console v2 Code Execution', 'Description' =...

Ruby on Rails - Development Web Console (v2) Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Ruby on Rails Development Web Console v2 Code Execution', 'Description' = %q This module exploits a remote code execution featu...

GDB-Dashboard - Modular Visual Interface For Gdb In Python

Modular visual interface for GDB in Python. This comes as a standalone single-file .gdbinit which, among the other things, enables a configurable dashboard showing the most relevant information during the program execution. Its main goal is to reduce the number of GDB commands issued to inspect t...

Git-1.9.5 ssh-agent.exe Buffer Overflow Exploit

Exploit for windows platform in category dos / poc Vendor: ================================ git-scm.com Product: ================================ Git-1.9.5-preview20150319.exe github.com/msysgit/msysgit/releases/tag/Git-1.9.5-preview20150319 Vulnerability Type: =================== Buffer Overflow...

Microsoft Exchange Server Information Disclosure Vulnerability

Microsoft Exchange Server is a set of e-mail service programs from the American company Microsoft Microsoft. An information disclosure vulnerability exists when OWA in Microsoft Exchange Server fails to properly process Web requests. An attacker can exploit the vulnerability to discover the stack...

Mock SMTP Server 1.0 Remote Crash PoC

Exploit for windows platform in category dos / poc !/usr/bin/python Exploit Title: Mock SMTP Server 1.0 Remote Crash PoC Date: 23-08-2015 Exploit Author: Shankar Damodaran Author's Twitter : @sh4nx0r Vendor Homepage: http://mocksmtpserver.codeplex.com Software Link:...

Microsoft Office 2007 MSO.dll Use-After-Free Exploit

Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=414&can=1 The following crash was observed in MS Office 2007 running under Windows 2003 x86. Microsoft Office File Validation Add-In is disabled and application verified...

Microsoft Office 2007 - mso.dll Use-After-Free (MS15-081)

Microsoft Office 2007 - mso.dll Use-After-Free MS15-081 Source: https://code.google.com/p/google-security-research/issues/detail?id=414&can=1 The following crash was observed in MS Office 2007 running under Windows 2003 x86. Microsoft Office File Validation Add-In is disabled and application...

Microsoft Internet Explorer stack Property Descriptor Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Zendesk: Error stack trace enabled

The researcher found an endpoint that generated a stack-trace for a specified URL input...

McAfee SiteAdvisor 3.7.2 - Firefox Use-After-Free (PoC)

McAfee SiteAdvisor 3.7.2 - Firefox Use-After-Free PoC McAfee SiteAdvisor 3.7.2 for firefox Use After Free Poc / Title: McAfee SiteAdvisor 3.7.2 firefox Use After Free Author: Marcin Ressel Twitter: https://twitter.com/mressel NPMcFFPlg32.dll McAfee SiteAdvisor 3.7.2 Tested on: Windows 8.1 x64 and...