Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

PoC exploit for CVE-2023-38831, a Windows RCE vulnerability. The...

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

It is an offensive tool for Windows. This repository contains a...

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

CVE-2023-38831 winrar exploit generator Quick poc test Ge...

Buffer overflow

D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the fipv6enable parameter at /bscipv6. This vulnerability is exploited via a crafted POST request...

CVE-2023-39016

bboss-persistent v6.0.9 and below was discovered to contain a code injection vulnerability in the component com.frameworkset.common.poolman.util.SQLManager.createPool. This vulnerability is exploited via passing an unchecked argument...

CVE-2023-3322

A vulnerability exists by allowing low-privileged users to read and update the data in various directories used by the Zenon system. An attacker could exploit the vulnerability by using specially crafted programs to exploit the vulnerabilities by allowing them to run on the zenon installed hosts...

CVE-2023-38501

creationtimestamp| type| source ---|---|--- 2023-07-23 16:22:59+00:00| published-proof-of-concept| https://github.com/9001/copyparty/security/advisories/GHSA-f54q-j679-p9hh 2023-07-26 02:27:12+00:00| seen| https://t.me/cibsecurity/67279 2023-07-28 00:00:00+00:00| exploited|...

Google Android Information Disclosure Vulnerability (CNVD-2024-13744)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability caused by an out-of-bounds read in ftopenfaceinternal of ftobjs.c, which can be exploited by an attacker to obtain sensitive information...

Format string

Format string vulnerability in the distributed file system. Attackers who bypass the selinux permission can exploit this vulnerability to crash the program...

PT-2023-24107 · Unknown +2 · Accountsservice +2

Name of the Vulnerable Software and Affected Versions: accountsservice affected versions not specified Description: An unprivileged local attacker can trigger a use-after-free issue in accountsservice by sending a D-Bus message to the accounts-daemon process. This allows the attacker to potential...

Exploit for Improper Initialization in Linux Linux_Kernel

POC Exploit to add user to Sudo for CVE-2022-0847 Dirty Pipe V...

Fortinet FortiOS Remote Code Execution Vulnerability

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A security vulnerability exists i...

Jobs Portal 3.6 Insecure Settings

==================================================================================================================================== | Title : Jobs Portal V 3.6 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 103.064-bit...

Apache InLong Elevation of Privilege Vulnerability

Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. An elevation of privilege vulnerability exists in Apache InLong versions 1.2.0 through 1.6.0, which can be exploited by an attacker to elevate privileges...

The vulnerability of the web interface of the microprogramming software for Cisco Small Business Series switches allows a hacker to execute arbitrary code.

The vulnerability of the web interface of the microprogramming software for Cisco Small Business Series switches is related to the possibility of buffer overflow attacks based on a stack. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

Microsoft SharePoint Information Disclosure Vulnerability (CNVD-2023-53465)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. An information...

IBM Business Automation Workflow Cross-Site Scripting Vulnerability (CNVD-2023-37162)

IBM Business Automation Workflow is an integrated platform that helps business users rapidly automate all aspects of business operations at scale. A cross-site scripting vulnerability exists in IBM Business Automation Workflow versions 18.0.0.0 through 22.0.2, which can be exploited by an attacke...

CVE-2022-38730

Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the windowscontainers/start dockerBackendV2 API by controlling the data-root field inside the DaemonJSON field in the WindowsContainerStartRequest class. This allows exploiting a symlink vulnerability in...

PT-2023-3152 · Cisco · Cisco Telepresence Ce +1

Name of the Vulnerable Software and Affected Versions: Cisco TelePresence CE and RoomOS versions affected versions not specified Description: The issue is related to improper access controls on files in the local file system, allowing an authenticated, local attacker to overwrite arbitrary files...

PT-2023-17882 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: A local escalation of privilege issue exists due to a possible way to keep the foreground service alive while the app is in the background. This could lead to local escalation of...