Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2019/07/19 12:0 a.m.165 views

Web Ofisi Platinum E-Ticaret 5 - 'q' SQL Injection

Exploit Title: Web Ofisi Platinum E-Ticaret 5 - 'q' SQL Injection Date: 2019-07-19 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://www.web-ofisi.com/detay/platinum-e-ticaret-v5.html Demo Site: http://demobul.net/eticaretv5/ Version: v5 Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi -----...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/19 12:0 a.m.137 views

Docker - Container Escape

On the host docker run --rm -it --cap-add=SYSADMIN --security-opt apparmor=unconfined ubuntu bash In the container mkdir /tmp/cgrp && mount -t cgroup -o rdma cgroup /tmp/cgrp && mkdir /tmp/cgrp/x echo 1 /tmp/cgrp/x/notifyonrelease hostpath=sed -n 's/.\perdir=^,./\1/p' /etc/mtab echo...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/19 12:0 a.m.125 views

Web Ofisi Firma Rehberi 1 - 'il' SQL Injection

Exploit Title: Web Ofisi Firma Rehberi 1 - 'il' SQL Injection Date: 2019-07-19 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://www.web-ofisi.com/detay/firma-rehberi-scripti-v1.html Demo Site: http://demobul.net/firma-rehberi-v1/ Version: v1 Tested on: Kali Linux CVE: N/A ----- PoC: SQLi -----...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/19 12:0 a.m.127 views

Web Ofisi Emlak 3 - 'emlak_durumu' SQL Injection

Exploit Title: Web Ofisi Emlak 3 - 'emlakdurumu' SQL Injection Date: 2019-07-19 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://www.web-ofisi.com/detay/emlak-scripti-v3.html Demo Site: http://demobul.net/emlakv3/ Version: V2 Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi ----- Request:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/19 12:0 a.m.129 views

REDCap < 9.1.2 - Cross-Site Scripting

Exploit Title: REDCap - Details: Since it is an onkeypress event, it is triggered whenever the user touch any key and since the XSS payload is stored in the project name it appears in several pages. - Privileges: It requires admin privileges to store it. - Location example:...

4.8CVSS5.5AI score0.02469EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/07/19 12:0 a.m.161 views

Web Ofisi Rent a Car 3 - 'klima' SQL Injection

Exploit Title: Web Ofisi Rent a Car 3 - 'klima' SQL Injection Date: 2019-07-19 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://www.web-ofisi.com/detay/rent-a-car-v3.html Demo Site: http://demobul.net/rentacarv3/ Version: v3 Tested on: Kali Linux CVE: N/A ----- PoC 1: SQLi ----- Request:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/19 12:0 a.m.439 views

fuel CMS 1.4.1 - Remote Code Execution (1)

Exploit Title: fuel CMS 1.4.1 - Remote Code Execution 1 Date: 2019-07-19 Exploit Author: 0xd0ff9 Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.4.1 Version: = 0 and n 1: start = haystack.findneedle, start+1 n -= 1 return start...

9.8CVSS9.8AI score0.82937EPSS
Exploits17
Exploit DB
Exploit DB
added 2019/07/19 12:0 a.m.120 views

Web Ofisi E-Ticaret 3 - 'a' SQL Injection

Exploit Title: Web Ofisi E-Ticaret 3 - 'a' SQL Injection Date: 2019-07-19 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://www.web-ofisi.com/detay/e-ticaret-v3-sanal-pos.html Demo Site: http://demobul.net/eticaretv3/ Version: v3 Tested on: Kali Linux CVE: N/A ----- PoC: SQLi ----- Request:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/19 12:0 a.m.151 views

MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow (EggHunter)

Exploit Title: MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow EggHunter Author: sasaga92 Discovery Date: 2019-07-18 Vendor Homepage: www.computerlab.com Software Link: https://www.computerlab.com/index.php/downloads/category/27-device-manager Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/19 12:0 a.m.121 views

Web Ofisi Firma 13 - 'oz' SQL Injection

Exploit Title: Web Ofisi Firma 13 - 'oz' SQL Injection Date: 2019-07-19 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://www.web-ofisi.com/detay/kurumsal-firma-v13-sinirsiz-dil.html Demo Site: http://demobul.net/firmav13/ Version: v13 Tested on: Kali Linux CVE: N/A ----- PoC: SQLi ----- Request:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/18 12:0 a.m.463 views

Microsoft Windows 10 1903/1809 - RPCSS Activation Kernel Security Callback Privilege Escalation

Windows: RPCSS Activation Kernel Security Callback EoP Platform: Windows 10 1903/1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary Summary: The RPCSS Activation Kernel RPC server’s security callback can be bypassed resulti...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/18 12:0 a.m.425 views

WordPress Plugin OneSignal 1.17.5 - 'subdomain' Persistent Cross-Site Scripting

Exploit Title: WordPress Plugin OneSignal 1.17.5 - Persistent Cross-Site Scripting Date: 2019-07-18 Vendor Homepage: https://www.onesignal.com Software Link: https://wordpress.org/plugins/onesignal-free-web-push-notifications/ Affected version: 1.17.5 Exploit Author: LiquidWorm Tested on: Linux...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/17 12:0 a.m.187 views

WinMPG iPod Convert 3.0 - 'Register' Denial of Service

Exploit Title: WinMPG iPod Convert 3.0 - 'Register' Denial of Service Date: 2019-07-16 Vendor Homepage:http://www.winmpg.com Software Link: https://www.techspot.com/downloads/downloadnow/6192/?evp=d62142990e9320a4e811b283fdcc4060&file= Exploit Author: stresser Tested Version: 3.0 Tested on: Windo...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/17 12:0 a.m.596 views

MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow

Exploit Title: MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow Author: hyp3rlinx Discovery Date: 2019-07-17 Vendor Homepage: www.computerlab.com Software Link: https://www.computerlab.com/index.php/downloads/category/27-device-manager Software Link:...

9.8CVSS9.8AI score0.24403EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/07/17 12:0 a.m.194 views

Oracle Siebel CRM 19.0 - Persistent Cross-Site Scripting

Exploit Title: Oracle Siebel CRM 19.0 - Persistent Cross-Site Scripting Date: 2019-07-17 Exploit Author: Sarath Nair aka AceNeon13 Contact: @AceNeon13 Vendor Homepage: www.oracle.com Software Link: https://www.oracle.com/applications/siebel/ Version: Siebel CRM UI Framework Version 19.0 and prior...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/17 12:0 a.m.274 views

Linux - Broken Permission and Object Lifetime Handling for PTRACE_TRACEME

== Summary == This bug report describes two issues introduced by commit 64b875f7ac8a "ptrace: Capture the ptracer's creds not PTPTRACECAP", introduced in v4.10 but also stable-backported to older versions. I will send a suggested patch in a minute "ptrace: Fix -ptracercred handling for...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/17 12:0 a.m.329 views

Microsoft Windows - NtUserSetWindowFNID Win32k User Callback Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows NtUserSetWindowFNID Win32k User Callback', 'Description' = %q An elevation of privilege vulnerability exists in Windows when the Win32k...

7.8CVSS8.1AI score0.69833EPSS
Exploits9
Exploit DB
Exploit DB
added 2019/07/16 12:0 a.m.114 views

CentOS Control Web Panel 0.9.8.836 - Authentication Bypass

Exploit Title: CWP CentOS Control Web Panel ||//theme/original CV...

9.8CVSS9.5AI score0.2445EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/07/16 12:0 a.m.3713 views

Microsoft Windows 10 < build 17763 - AppXSvc Hard Link Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AppXSvc Hard Link Privilege Escalation', 'Description' = %q There exists a privilege escalation vulnerability for Windows 10 builds prior to buil...

7.8CVSS6.9AI score0.414EPSS
Exploits19
Exploit DB
Exploit DB
added 2019/07/16 12:0 a.m.447 views

CentOS Control Web Panel 0.9.8.838 - User Enumeration

Exploit Title: CWP CentOS Control Web Panel 0.9.8.848 User Enumeration via HTTP Response Message Date: 15 July 2019 Exploit Author: Pongtorn Angsuchotmetee, Nissana Sirijirakal, Narin Boonwasanarak Vendor Homepage: https://control-webpanel.com/changelog Software Link: Not available, user panel on...

5.3CVSS5.6AI score0.14241EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/07/16 12:0 a.m.275 views

PHP Laravel Framework 5.5.40 / 5.6.x < 5.6.30 - token Unserialize Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PHP Laravel Framework token Unserialize Remote Command Execution', 'Description' = %q This module exploits a vulnerability in the PHP Laravel...

7.5CVSS8.1AI score0.8703EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/07/16 12:0 a.m.137 views

DameWare Remote Support 12.0.0.509 - 'Host' Buffer Overflow (SEH)

!/usr/bin/env python Author: Xavi Beltran Date: 11/07/2019 Description: SEH based Buffer Overflow DameWare Remote Support V. 12.0.0.509 CVE-2018-12897 Contact: [email protected] Webpage: https://xavibel.com Tested on: Windows XP SP3 ESP Credit for Adam Jeffreys from Nettitude! : Usage:...

7.8CVSS7.9AI score0.01672EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/07/16 12:0 a.m.187 views

Microsoft Compiled HTML Help / Uncompiled .chm File - XML External Entity Injection

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-HTML-HELP-UNCOMPILED-CHM-FILE-XML-EXTERNAL-ENTITY-INJECTION.txt + ISR: ApparitionSec Vendor www.microsoft.com Product Microsoft Compiled HTML Help "hh.exe"...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/16 12:0 a.m.653 views

R 3.4.4 (Windows 10 x64) - Buffer Overflow SEH (DEP/ASLR Bypass)

!/usr/bin/python Exploit Title: R 3.4.4 Windows 10 x64 - Buffer Overflow SEHDEP/ASLR Bypass Date: 2019-07-15 Exploit Author: blackleitus Vendor Homepage: https://www.r-project.org/ Tested on: Windows 10 Home Single Language 64-bit Social: https://twitter.com/blackleitus Website:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/16 12:0 a.m.165 views

CentOS Control Web Panel 0.9.8.836 - Privilege Escalation

//====================================================================\ || || || CWP Control Web Panel 0.9.8.836 - 0.9.8.839 || || Root Privilege Escalation || || || \====================================================================//...

8.5CVSS7.8AI score0.2577EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/07/15 12:0 a.m.238 views

CISCO Small Business 200 / 300 / 500 Switches - Multiple Vulnerabilities

Exploit Title: CISCO Small Business 200, 300, 500 Switches Multiple Vulnerabilities. Shodan query: /config/logoffpage.html Discovered Date: 07/03/2014 Reported Date: 08/04/2019 Exploit Author: Ramikan Website: http://fact-in-hack.blogspot.com Vendor...

6.1CVSS5.8AI score0.1051EPSS
Exploits3
Exploit DB
Exploit DB
added 2019/07/15 12:0 a.m.425 views

Netgear WiFi Router JWNR2010v5 / R6080 - Authentication Bypass

Exploit Title: NETGEAR WiFi Router R6080 - Security Questions Answers Disclosure Date: 13/07/2019 Exploit Author: Wadeek Hardware Version: R6080-100PES Firmware Version: 1.0.0.34 / 1.0.0.40 Vendor Homepage: https://www.netgear.com/support/product/R6080.aspx Firmware Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/15 12:0 a.m.318 views

Android 7 - 9 VideoPlayer - 'ihevcd_parse_pps' Out-of-Bounds Write

CVE-2019-2107 - looks scary. Still remember Stagefright and PNG bugs vulns .... With CVE-2019-2107 the decoder/codec runs under mediacodec user and with properly "crafted" video with tiles enabled - pspps-i1tilesenabledflag you can possibly do RCE. The codec affected is HVEC a.k.a H.265 and MPEG-...

9.3CVSS8.9AI score0.08926EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/07/15 12:0 a.m.1245 views

Microsoft Windows Remote Desktop - 'BlueKeep' Denial of Service (Metasploit)

Exploit Title: Bluekeep Denial of Service metasploit module Shodan Dork: port:3389 Date: 07/14/2019 Exploit Author: RAMELLA Sebastien https://github.com/mekhalleh/ Vendor Homepage: https://microsoft.com Version: all affected RDP services by cve-2019-0708 Tested on: Windows XP 32-bits / Windows 7...

10CVSS10AI score0.99999EPSS
Exploits123
Exploit DB
Exploit DB
added 2019/07/15 12:0 a.m.147 views

FlightPath < 4.8.2 / < 5.0-rc2 - Local File Inclusion

Exploit Title: FlightPath 4.8.2 & 5.0-rc2 - Local File Inclusion Date: 07-07-2019 Exploit Author: Mohammed Althibyani Vendor Homepage: http://getflightpath.com Software Link: http://getflightpath.com/project/9/releases Version: 4.8.2 & 5.0-rc2 Tested on: Kali Linux CVE : CVE-2019-13396 Parameters...

5.3CVSS5.6AI score0.62572EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/07/15 12:0 a.m.307 views

Streamripper 2.6 - 'Song Pattern' Buffer Overflow

!/usr/bin/python Exploit Title: StreamRipper32 Buffer Overflow Date: 07/2019 Exploit Author: Andrey Stoykov OSCP Tested On: Win7 SP1 x64 Software Link: http://streamripper.sourceforge.net/sr32/StreamRipper3226.exe Version: 2.6 Steps To Reproduce: Double click on "Add" in the "Station/Song Section...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/12 12:0 a.m.641 views

Citrix SD-WAN Appliance 10.2.2 - Authentication Bypass / Remote Command Execution

Exploit Title: Citrix SD-WAN Appliance 10.2.2 Auth Bypass and Remote Command Execution Date: 2019-07-12 Exploit Author: Chris Lyne @lynerc Vendor Homepage: https://www.citrix.com Product: Citrix SD-WAN Software Link: https://www.citrix.com/downloads/citrix-sd-wan/ Version: Tested against 10.2.2...

9.8CVSS9.5AI score0.94046EPSS
Exploits6
Exploit DB
Exploit DB
added 2019/07/12 12:0 a.m.151 views

Xymon 4.3.25 - useradm Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xymon useradm Command Execution', 'Description' = %q This module exploits a command injection vulnerability in Xymon versions before 4.3.25 which...

8.8CVSS7.4AI score0.54507EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/07/12 12:0 a.m.231 views

Tenda D301 v2 Modem Router - Persistent Cross-Site Scripting

Exploit Title: tenda D301 v2 modem router stored xss CVE-2019-13492 Exploit Author: ABDO10 Date : July, 11th 2019 Product : Tenda D301 v2 Modem Router version : v2 Vendor Homepage: https://www.tp-link.com/au/home-networking/dsl-modem-router/td-w8960n/ Tested on: Linux CVE : 2019-13491 Poc...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/12 12:0 a.m.181 views

Microsoft Font Subsetting - DLL Heap Corruption in ComputeFormat4CmapData

-----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific glyphs used in the document where the fonts are embedded. It is used by Windows G...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/12 12:0 a.m.332 views

Sahi Pro 8.0.0 - Remote Command Execution

Exploit Title: Sahi Pro V8.0.0 - Unauthenticated Remote Command Execution Date: 2019-07-12 Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://sahipro.com Software Link: https://sahipro.com/static/builds/pro/installsahiprov80020181031.jar Reference:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/12 12:0 a.m.279 views

Jenkins Dependency Graph View Plugin 0.13 - Persistent Cross-Site Scripting

Exploit Title: Persistent XSS - Dependency Graph View Pluginv0.13 Vendor Homepage: https://wiki.jenkins.io/display/JENKINS/Dependency+Graph+View+Plugin Exploit Author: Ishaq Mohammed Contact: https://twitter.com/securityprince Website: https://about.me/security-prince Category: webapps Platform:...

5.4CVSS5.8AI score0.03885EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/07/12 12:0 a.m.443 views

MyT Project Management 1.5.1 - User[username] Persistent Cross-Site Scripting

Exploit Title: MyT Project Management - Userusername Stored Cross Site Scripting Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://manageyourteam.net/index.html Software Link: https://sourceforge.net/projects/myt/files/latest/download Version: 1.5.1 Category: Webapps Tested o...

6.1CVSS6.5AI score0.02187EPSS
Exploits4
Exploit DB
Exploit DB
added 2019/07/12 12:0 a.m.298 views

Microsoft Windows 10.0.17134.648 - HTTP -> SMB NTLM Reflection Leads to Privilege Elevation

VULNERABILITY DETAILS It's possible to use the NTLM reflection attack to escape a browser sandbox in the case where the sandboxed process is allowed to create TCP sockets. In particular, I was able to combine the issues mentioned below with a bug in Chromium to escape its sandbox. HTTP - SMB NTLM...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/11 12:0 a.m.320 views

SNMPc Enterprise Edition 9/10 - Mapping Filename Buffer Overflow

!/usr/bin/python -- coding: utf-8 -- -------------------------------------------------------------------- Exploit: SNMPc Enterprise Edition 9 & 10 Mapping File Name BOF Date: 11 July 2019 Exploit Author: @xerubus | mogozobo.com Vendor Homepage: https://www.castlerock.com/ Software Linke:...

7.8CVSS7AI score0.03887EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/07/11 12:0 a.m.204 views

Sitecore 9.0 rev 171002 - Persistent Cross-Site Scripting

Exploit Title: Stored Cross Site Scripting XSS in Sitecore 9.0 rev 171002 Date: July 11, 2019 Exploit Author: Owais Mehtab Vendor Homepage: http://www.sitecore.net/en Version: 9.0 rev. 171002 Tested on: Sitecore Experience Platform 8.1 Update-3 i.e.; 8.1 rev. 160519 CVE : CVE-2019-13493 Vendor...

5.4CVSS5.8AI score0.01581EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/07/10 12:0 a.m.196 views

Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readEncoding

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/10 12:0 a.m.271 views

Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling Due to Negative nAxes

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/10 12:0 a.m.179 views

Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling due to Out-of-Bounds cubeStackDepth

----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/10 12:0 a.m.193 views

Mozilla Spidermonkey - Unboxed Objects Uninitialized Memory Access

/ For constructors, Spidermonkey implements a "definite property analysis" 1 to compute which properties will definitely exist on the constructed objects. Spidermonkey then directly allocates the constructed objects with the final Shape. As such, at the entrypoint of the constructor the construct...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/10 12:0 a.m.67 views

Siemens TIA Portal - Remote Command Execution

Exploit Title: Siemens TIA Portal unauthenticated remote command execution Date: 06/11/2019 Exploit Author: Joseph Bingham CVE : CVE-2019-10915 Vendor Homepage: www.siemens.com Software Link: https://new.siemens.com/global/en/products/automation/industry-software/automation-software/tia-portal.ht...

7.8CVSS7AI score0.00897EPSS
Exploits1
Exploit DB
Exploit DB
added 2019/07/10 12:0 a.m.288 views

Microsoft DirectWrite / AFDKO - Out-of-Bounds Read in OpenType Font Handling Due to Undefined FontName Index

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/10 12:0 a.m.216 views

Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling Due to Incorrect Handling of blendArray

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/10 12:0 a.m.44 views

FreeBSD 12.0 - 'fd' Local Privilege Escalation

!/bin/sh Exploit script for FreeBSD-SA-19:02.fd Author: Karsten König of Secfault Security Contact: [email protected] Twitter: @gr4yf0x Kudos: Maik, greg and Dirk for discussion and inspiration libmap.conf primitive inspired by kcope's 2005 exploit for Qpopper echo "+ Root Exploit for...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/07/10 12:0 a.m.259 views

Microsoft DirectWrite / AFDKO - Multiple Bugs in OpenType Font Handling Related to the "post" Table

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

7.4AI score
Exploits0
Total number of security vulnerabilities47904