Lucene search
K
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2018/12/14 12:0 a.m.40 views

Angry IP Scanner 3.5.3 - Denial of Service (PoC)

!/usr/bin/python -- coding: cp1252 -- Exploit Title: Angry IP Scanner 3.5.3 Denial of Service PoC Author: Fernando Cruz Date: 13/12/2018 Vendor Homepage: https://angryip.org Tested Version: 3.11 Tested on Windows 10 Pro, 64-bit Steps to Produce the Crash: 1.- Run python code : python angryip.py 2...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/13 12:0 a.m.65 views

Linux - 'userfaultfd' Bypasses tmpfs File Permissions

Using the userfaultfd API, it is possible to first register a userfaultfd region for any VMA that fulfills vmacanuserfault: It must be an anonymous VMA -vmops==NULL, a hugetlb VMA VMHUGETLB, or a shmem VMA -vmops==shmemvmops. This means that it is, for example, possible to register userfaulfd...

5.5CVSS6.4AI score0.0051EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/12/13 12:0 a.m.43 views

WebKit JIT - Int32/Double Arrays can have Proxy Objects in the Prototype Chains

didBecomePrototype; if structurevm-hasMonoProto DeferredStructureTransitionWatchpointFire deferredvm, structurevm; Structure newStructure = Structure::changePrototypeTransitionvm, structurevm, prototype, deferred; setStructurevm, newStructure; else putDirectvm, knownPolyProtoOffset, prototype; if...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/13 12:0 a.m.48 views

CyberLink LabelPrint 2.5 - Stack Buffer Overflow (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "CyberLink LabelPrint 2.5 Stack Buffer Overflow", 'Description' = %q This module exploits a stack buffer overflow in CyberLink LabelPrint 2.5 and...

7.8CVSS7.4AI score0.19194EPSS
Exploits9
Exploit DB
Exploit DB
added 2018/12/12 12:0 a.m.3242 views

phpBB 3.2.3 - Remote Code Execution

// All greets goes to RIPS Tech // Run this JS on Attachment Settings ACP page var pluploadsalt = ''; var formtoken = ''; var creationtime = ''; var filepath = 'phar://./../files/plupload/$saltaaae9cba5fdadb1f0c384934cd20d11czip.part'; // md5'evil.zip' = aaae9cba5fdadb1f0c384934cd20d11czip // you...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/11 12:0 a.m.210 views

WordPress Plugin AutoSuggest 0.24 - 'wpas_keys' SQL Injection

Exploit Title: WP AutoSuggest 0.24 - SQL Injection Date: 01-12-2018 Software Link: https://wordpress.org/plugins/wp-autosuggest/ Exploit Author: Kaimi Website: https://kaimi.io Version: 0.24 Category: webapps SQL Injection File: autosuggest.php Vulnerable code: if isset$GET'wpaskeys' $wpaskeys =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/11 12:0 a.m.29 views

HotelDruid 2.3.0 - 'id_utente_mod' SQL Injection

Exploit Title: SQL Injection in HotelDruid version 2.3 Google Dork: N/A Date: 9-12-2018 Exploit Author: Sainadh Jamalpur Vendor Homepage: http://www.hoteldruid.com Software Link: https://sourceforge.net/projects/hoteldruid/ Version: 2.3 REQUIRED Tested on: Windows x64/ Kali linux x64 CVE : N/A...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/11 12:0 a.m.120 views

Adobe ColdFusion 2018 - Arbitrary File Upload

Exploit Title: Unrestricted file upload in Adobe ColdFusion 2018 Google Dork: ext:cfm Date: 10-12-2018 Exploit Author: Pete Freitag of Foundeo Reversed: Vahagn vah13 Vardanian Vendor Homepage: adobe.com Version: 2018 Tested on: Adobe ColdFusion 2018 CVE : CVE-2018-15961 Comment: September 28, 201...

10CVSS9.8AI score0.9995EPSS
Exploits11
Exploit DB
Exploit DB
added 2018/12/11 12:0 a.m.120 views

ZTE ZXHN H168N - Improper Access Restrictions

POC: CVE-2018-7357 and CVE-2018-7358 Disclaimer: This POC is for Educational Purposes , I would Not be responsible for any misuse of the information mentioned in this blog post + Unauthenticated + Author: Usman Saeed usman at xc0re.net + Protocol: UPnP + Affected Harware/Software: Model name: ZXH...

8.8CVSS7.8AI score0.89645EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/12/11 12:0 a.m.53 views

Huawei B315s-22 - Information Leak

Product Family: LTE Model B315s – 22 Firmware version: 21.318.01.00.26 Author: Usman Saeed usman at xc0re.net 1. Unauthenticated access to sensitive files: It was observed that the web application running on the router, allows unauthenticated access to sensitive files on the web server. POC: By...

6.5CVSS6.7AI score0.13219EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/12/11 12:0 a.m.36 views

SmartFTP Client 9.0.2623.0 - Denial of Service (PoC)

-- coding: utf-8 -- Exploit Title: SmartFTP 9.0 Build 2623 - Denial of Service PoC Date: 06/12/2018 Exploit Author: Alejandra Sánchez Vendor Homepage: https://www.smartftp.com/en-us/ Software Link: https://www.smartftp.com/get/SFTPMSI64.exe Version: 9.0.2623.0 Tested on: Windows Server 2016 x64/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/11 12:0 a.m.38 views

DomainMOD 4.11.01 - Cross-Site Scripting

Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-19913 A Stored Cross-site...

4.8CVSS5.5AI score0.01762EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/12/11 12:0 a.m.114 views

PrestaShop 1.6.x/1.7.x - Remote Code Execution

?php / PrestaShop 1.6.x = 1.6.1.23 & 1.7.x = 1.7.4.4 - Back Office Remote Code Execution See https://github.com/farisv/PrestaShop-CVE-2018-19126 for explanation. Chaining multiple vulnerabilities to trigger deserialization via phar. Date: December 1st, 2018 Author: farisv Vendor Homepage:...

9.8CVSS7AI score0.22535EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/12/11 12:0 a.m.31 views

Alumni Tracer SMS Notification - SQL Injection / Cross-Site Request Forgery

Exploit Title: Alumni Tracer SMS Notification - SQL Injection / Cross-Site Request Forgery Add/Update Admin Dork: N/A Date: 2018-12-06 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/php/12825/alumni-tracer-sms-notification-using-phpmysqli.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/11 12:0 a.m.75 views

McAfee True Key - McAfee.TrueKey.Service Privilege Escalation

McAfee True Key: Multiple Issues with McAfee.TrueKey.Service Implementation Platform: Version 5.1.173.1 on Windows 10 1809. Class: Elevation of Privilege Summary: There are multiple issues in the implementation of the McAfee.TrueKey.Service which can result in privilege escalation through executi...

7.8CVSS7AI score0.00813EPSS
Exploits3
Exploit DB
Exploit DB
added 2018/12/11 12:0 a.m.33 views

XNU - POSIX Shared Memory Mappings have Incorrect Maximum Protection

When the mmap syscall is invoked on a POSIX shared memory segment DTYPEPSXSHM, pshmmmap maps the shared memory segment's pages into the address space of the calling process. It does this with the following code: int prot = uap-prot; ... if prot & PROTWRITE && fp-fflag & FWRITE == 0 returnEPERM;...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/11 12:0 a.m.49 views

LanSpy 2.0.1.159 - Local Buffer Overflow (PoC)

Exploit Title: LanSpy 2.0.1.159 - Local BoF PoC Author: Gionathan "John" Reale Discovey Date: 2018-12-07 Homepage: https://lizardsystems.com Software Link: https://lizardsystems.com/download/lanspysetup.exe Tested Version: 2.0.1.159 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the pytho...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/11 12:0 a.m.48 views

PrinterOn Enterprise 4.1.4 - Arbitrary File Deletion

Exploit Author: bzyo CVE: CVE-2018-19936 Twitter: @bzyo Exploit Title: PrinterOn Enterprise 4.1.4 - Arbitrary File Deletion Date: 12-07-18 Vulnerable Software: PrinterOn Enterprise 4.1.4 Vendor Homepage: https://www.printeron.com/ Version: 4.1.4 Tested On...

6.5CVSS6.7AI score0.01066EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/12/11 12:0 a.m.24 views

Tourism Website Blog - Remote Code Execution / SQL Injection

Exploit Title: Tourism Website Blog - Remote Code Execution / SQL Injection Dork: N/A Date: 2018-12-06 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/php/12819/tourism-website-blog-faces-negros-web-application.html Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/11 12:0 a.m.39 views

Apache OFBiz 16.11.05 - Cross-Site Scripting

Exploit Title: Apache OFBiz v16.11.05 - Stored Cross-Site Scripting Vulnerability Google Dork: N/A Date: 09 - December - 2018 Exploit Author: DKM Vendor Homepage: https://ofbiz.apache.org/ Software Link: https://www.apache.org/dyn/closer.lua/ofbiz/apache-ofbiz-16.11.05.zip Version: v16.11.05 Test...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/11 12:0 a.m.54 views

GNU inetutils < 1.9.4 - 'telnet.c' Multiple Overflows (PoC)

GNU inetutils = 1.9.4 telnet.c multiple overflows ================================================== GNU inetutils is vulnerable to a stack overflow vulnerability in the client-side environment variable handling which can be exploited to escape restricted shells on embedded devices. Most modern...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/11 12:0 a.m.96 views

TP-Link wireless router Archer C1200 - Cross-Site Scripting

Unauthenticated + Author: Usman Saeed usman at xc0re.net + Affected Version: Firmware version: 1.13 Build 2018/01/24 rel.52299 EU · Impact: Client side attacks are very common and are the source of maximum number of user compromises. With this attack, the threat actor can steal cookies, redirect...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/11 12:0 a.m.63 views

ThinkPHP 5.0.23/5.1.31 - Remote Code Execution

Exploit Title: ThinkPHP 5.x v5.0.23,v5.1.31 Remote Code Execution Date: 2018-12-11 Exploit Author: VulnSpy Vendor Homepage: https://thinkphp.cn Software Link: https://github.com/top-think/framework/ Version: v5.x below v5.0.23,v5.1.31 CVE: N/A Exploit...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/10 12:0 a.m.105 views

Kubernetes - (Unauthenticated) Arbitrary Requests

!/usr/bin/env python3 import argparse from ssl import wrapsocket from json import loads, dumps from socket import createconnection def requeststage1base, version, target: stage1 = "" with open'ustage1', 'r' as stage1fd: stage1 = stage1fd.read return stage1.formatbase, version, target .encode'utf-...

9.8CVSS8.1AI score0.86978EPSS
Exploits10
Exploit DB
Exploit DB
added 2018/12/10 12:0 a.m.66 views

Kubernetes - (Authenticated) Arbitrary Requests

!/usr/bin/env python3 import argparse from ssl import wrapsocket from socket import createconnection from secrets import base64, tokenbytes def requeststage1namespace, pod, method, target, token: stage1 = "" with open'stage1', 'r' as stage1fd: stage1 = stage1fd.read return stage1.formatnamespace,...

9.8CVSS8.1AI score0.86978EPSS
Exploits10
Exploit DB
Exploit DB
added 2018/12/09 12:0 a.m.64 views

DomainMOD 4.11.01 - 'DisplayName' Cross-Site Scripting

Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/domainmod/domainmod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-19892 A Stored Cross-site...

4.8CVSS5.5AI score0.01514EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/12/09 12:0 a.m.86 views

i-doit CMDB 1.11.2 - Remote Code Execution

Exploit Title: i-doit CMDB 1.11.2 - Remote Code Execution Date: 2018-12-05 Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://www.i-doit.org/ Software Link: https://www.i-doit.org/i-doit-open-1-11-2/ Version: v1.11.2 Category: Webapps Tested on: XAM...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/09 12:0 a.m.190 views

Textpad 8.1.2 - Denial Of Service (PoC)

Exploit Title: Textpad 8.1.2 - Denial Of Service PoC Author: Gionathan "John" Reale Discovey Date: 2018-12-06 Homepage: https://textpad.com Software Link: https://www.textpad.com/download/v81/win32/txpeng812-32.zip Tested Version: 8.1.2 Tested on OS: Windows 7 32-bit Steps to Reproduce: Run the...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/09 12:0 a.m.151 views

Adiscon LogAnalyzer < 4.1.7 - Cross-Site Scripting

Exploit Title: Adiscon LogAnalyzer 4.1.7 - Cross-Site Scripting Date: 2018-12-05 Software Link: httpås://loganalyzer.adiscon.com/ https://github.com/rsyslog/loganalyzer Exploit Author: Gustavo Sorondo Contact: http://twitter.com/iampuky Website: http://cintainfinita.com/ CVE: CVE-2018-19877...

6.1CVSS6.3AI score0.18563EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/12/05 12:0 a.m.195 views

HasanMWB 1.0 - SQL Injection

Exploit Title: HasanMWB 1.0 - SQL Injection Dork: N/A Date: 2018-12-05 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/hasanmwb/ Software Link: https://netcologne.dl.sourceforge.net/project/hasanmwb/HasanMWB-v1.zip Version: 1.0 Category: Webapps Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.62 views

FreshRSS 1.11.1 - Cross-Site Scripting

Multiple Cross-Site Scripting Vulnerabilities in FreshRSS 1.11.1 Information -------------------- Advisory by Netsparker Name: Multiple Cross-Site Scripting Vulnerabilities in FreshRSS Affected Software: FreshRSS Affected Versions: 1.11.1 Homepage: https://freshrss.org/ Vulnerability: Cross-site...

6.1CVSS6.3AI score0.04432EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.44 views

Dolibarr ERP/CRM 8.0.3 - Cross-Site Scripting

Exploit Title: Dolibarr ERP/CRM = 8.0.3 - Cross-Site Scripting CVE: CVE-2018-19799 Date: 2018-11-23 Exploit Author: Özkan Mustafa Akkuş AkkuS Contact: https://pentest.com.tr Vendor Homepage: https://dolibarr.org Software Link: http://sourceforge.net/projects/dolibarr/files/ Version: v8.0.3...

6.1CVSS6.2AI score0.04479EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.6383 views

OpenSSH < 7.7 - User Enumeration (2)

!/usr/bin/env python2 CVE-2018-15473 SSH User Enumeration by Leap Security @LeapSecurity https://leapsecurity.io Credits: Matthew Daley, Justin Gardner, Lee David Painter import argparse, logging, paramiko, socket, sys, os class InvalidUsernameException: pass malicious function to malform packet...

5.9CVSS6.3AI score0.98631EPSS
Exploits23
Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.58 views

NEC Univerge Sv9100 WebPro - 6.00 - Predictable Session ID / Clear Text Password Storage

''' + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/NEC-UNIVERGE-WEBPRO-v6.00-PREDICTABLE-SESSIONID-CLEARTEXT-PASSWORDS.txt + ISR: ApparitionSec Greetz: indoushka | Eduardo B. 0day Vendor www.necam.com Affected Product Code Base NEC...

9.8CVSS9.6AI score0.17886EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.52 views

DomainMOD 4.11.01 - Registrar Cross-Site Scripting

Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-19752 A Stored Cross-site...

4.8CVSS5.5AI score0.03316EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.58 views

NUUO NVRMini2 3.9.1 - (Authenticated) Command Injection

Exploit Title: NUUO NVRMini2 Authenticated Command Injection Date: December 3, 2018 Exploit Author: Artem Metla Vendor Homepage: https://www.nuuo.com/ProductNode.php?node=2 Version: 3.9.1 Tested on: NUUO NVRMini2 with firmware 3.9.1 CVE : CVE-2018-15716 Advisory:...

9CVSS8.8AI score0.18498EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.43 views

KeyBase Botnet 1.5 - SQL Injection

Exploit Title: KeyBase Botnet v1.5 - SQL Injection Vulnerability Google Dork: intitle:"KeyBase: Login" + intext:" Login to get access to your logs " Date: 3/12/2018 Exploit Author: n4pst3r Vendor Homepage: unkn0wn Software Link: unkn0wn Version: v1.5 Tested on: Windows 10, debian 7 CVE : n/a...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.103 views

DomainMOD 4.11.01 - Custom SSL Fields Cross-Site Scripting

Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-19751 A Stored Cross-site...

4.8CVSS5.5AI score0.03316EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.39 views

DomainMOD 4.11.01 - Owner name Field Cross-Site Scripting

Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/domainmod/domainmod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-19749 A Stored Cross-site...

4.8CVSS5.5AI score0.03316EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.85 views

Microsoft Lync for Mac 2011 - Injection Forced Browsing/Download

Exploit Title: Microsoft Lync for Mac 2011 Injection Forced Browsing/Download Author: @nyxgeek - TrustedSec Date: 2018-03-20 Vendor Homepage: microsoft.com Software Link: https://www.microsoft.com/en-us/download/details.aspx?id=36517 CVE: CVE-2018-8474 Version: Lync:Mac 2011 14.4.3, likely earlie...

7.5CVSS7AI score0.38177EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.96 views

Xorg X11 Server (AIX) - Local Privilege Escalation

Exploit Title: AIX Xorg X11 Server - Local Privilege Escalation Date: 29/11/2018 Exploit Author: @0xdono Original Discovery and Exploit: Narendra Shinde Vendor Homepage: https://www.x.org/ Platform: AIX Version: X Window System Version 7.1.1 Fileset: X11.base.rte 7.1.5.32 Tested on: AIX 7.1 6.x t...

7.2CVSS7.2AI score0.2704EPSS
Exploits39
Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.82 views

Rockwell Automation Allen-Bradley PowerMonitor 1000 - Incorrect Access Control Authentication Bypass

Exploit Title: Rockwell Automation Allen-Bradley PowerMonitor 1000 - Incorrect Access Control Date: 2018-11-27 Exploit Author: Luca.Chiou Vendor Homepage: https://www.rockwellautomation.com/ Version: 1408-EM3A-ENT B Tested on: It is a proprietary devices:...

8.1CVSS8.1AI score0.30295EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.48 views

Emacs - movemail Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Emacs movemail Privilege Escalation', 'Description' = %q This module exploits a SUID installation of the Emacs movemail utility to run a command ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.35 views

DomainMOD 4.11.01 - Custom Domain Fields Cross-Site Scripting

Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/domainmod/domainmod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-19750 A Stored Cross-site...

5.4CVSS5.9AI score0.01796EPSS
Exploits6
Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.168 views

HP Intelligent Management - Java Deserialization Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "HP Intelligent Management Java Deserialization RCE", 'Description' = %q This vulnerability allows remote attackers to execute arbitrary code on...

10CVSS7.4AI score0.80119EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.55 views

Wireshark - 'find_signature' Heap Out-of-Bounds Read

The following crash due to a heap-based out-of-bounds read can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr /path/to/file": --- cut --- ==35788==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x62d0000e4400 at pc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.44 views

Wireshark - 'cdma2k_message_ACTIVE_SET_RECORD_FIELDS' Stack Corruption

The following crash due to a stack-based out-of-bounds memory access can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr /path/to/file": Attached are three files which trigger the crash. --- cut --- ==25039==ERROR:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/03 12:0 a.m.75 views

PaloAlto Networks Expedition Migration Tool 1.0.106 - Information Disclosure

Exploit Title: PaloAlto Networks Expedition Migration Tool 1.0.106 - Information Disclosure Date: 2018-11-28 Exploit Author: paragonsec @ Critical Start Vendor Homepage: https://live.paloaltonetworks.com/t5/Expedition-Migration-Tool/ct-p/migrationtool Software Link:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/03 12:0 a.m.163 views

Rockwell Automation Allen-Bradley PowerMonitor 1000 - Cross-Site Scripting

Exploit Title: Rockwell Automation Allen-Bradley PowerMonitor 1000 - Cross-Site Scripting Date: 2018-11-27 Exploit Author: Luca.Chiou Vendor Homepage: https://www.rockwellautomation.com/ Version: 1408-EM3A-ENT B Tested on: It is a proprietary devices:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/12/03 12:0 a.m.176 views

CyberArk 9.7 - Memory Disclosure

Exploit Title: CyberArk 9.7 - Memory Disclosure Date: 2018-06-04 Exploit Author: Thomas Zuk @Freakazoidile Vendor Homepage: https://www.cyberark.com/products/privileged-account-security-solution/enterprise-password-vault/ Version: 9.7 and 10 Tested on: Windows 2008, Windows 2012, Windows 7, Windo...

5.3CVSS5.3AI score0.14116EPSS
Exploits12
Total number of security vulnerabilities47904