Lucene search
+L
ExploitdbRecent

47904 matches found

exploitdb
exploitdb
added 2018/01/13 12:0 a.m.20 views

Linux/x86-64 - Flush IPTables Rules (execve("/sbin/iptables", ["/sbin/iptables", "-F"], NULL)) Shellcode (43 bytes)

Linux/x86-64 - Flush IPTables Rules execve"/sbin/iptables", "/sbin/iptables", "-F", NULL Shellcode 43 bytes. Shellcode ... / section .text global start start: push 0x3b pop rax cdq push rdx push word 0x462d push rsp pop rcx push rdx mov rbx, 0x73656c6261747069 push rbx mov rbx, 0x2f2f2f6e6962732f...

7.1AI score
Exploits0
exploitdb
exploitdb
added 2018/01/12 12:0 a.m.23 views

PyroBatchFTP < 3.19 - Buffer Overflow

============================================= MGC ALERT 2018-001 - Original release date: December 22, 2017 - Last revised: January 12, 2018 - Discovered by: Manuel García Cárdenas - Severity: 7,5/10 CVSS Base Score ============================================= I. VULNERABILITY...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/12 12:0 a.m.28 views

Xnami 1.0 - Cross-Site Scripting

Exploit Title: Xnami Image Sharing - Persistent XSS Vulnerability Google Dork: " Copyright 2017 xnami. " & 2018 Date: 11-01-2018 Exploit Author: Dennis Veninga Contact Author: d.veninga at networking4all.com Vendor Homepage: bizlogicdev.com Version: 1.0 CVE-ID: CVE-2018-5370 Xnami facilitates the...

6.1CVSS6.3AI score0.02186EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/12 12:0 a.m.29 views

Taxi Booking Script 1.0 - Cross-site Scripting

Exploit Title: Taxi Booking Script v1.0 - Cross-site Scripting XSS Date: 11.01.2018 Vendor Homepage: https://www.phpjabbers.com/taxi-booking-script/ Software Link: Demo: http://demo.phpjabbers.com/1515648238792/index.php?controller=pjAdminUsers&action=pjActionIndex&err=AU01 Version: 1.0 Category:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/12 12:0 a.m.74 views

Kentico CMS 11.0 - Buffer Overflow

Document Title: =============== Kentico CMS v11.0 - Stack Buffer Overflow Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1943 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5282 CVE-ID: ======= CVE-2018-5282 Release Date:...

7.8CVSS7.7AI score0.01549EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/11 12:0 a.m.26 views

Linux/ARM (Raspberry Pi) - Bind TCP (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (112 bytes)

Linux/ARM Raspberry Pi - Bind TCP 0.0.0.0:4444/TCP Shell /bin/sh + Null-Free Shellcode 112 bytes. Shellcode exploit for ARM platform .section .text .global start start: .ARM add r3, pc, 1 // switch to thumb mode bx r3 .THUMB // socket2, 1, 0 mov r0, 2 mov r1, 1 sub r2, r2, r2 // set r2 to null mo...

7.1AI score
Exploits0
exploitdb
exploitdb
added 2018/01/11 12:0 a.m.43 views

Microsoft Windows - NtImpersonateAnonymousToken LPAC to Non-LPAC Privilege Escalation

Windows: NtImpersonateAnonymousToken LPAC to Non-LPAC EoP Platform: Windows 10 1703 and 1709 not tested Windows 8.x Class: Elevation of Privilege Summary: When impersonating the anonymous token in an LPAC the WIN://NOAPPALLPKG security attribute is ignored leading to impersonating a non-LPAC toke...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/11 12:0 a.m.41 views

Microsoft Windows SMB Server (v1/v2) - Mount Point Arbitrary Device Open Privilege Escalation

Windows: SMB Server v1 and v2 Mount Point Arbitrary Device Open EoP Platform: Windows 10 1703 and 1709 seems the same on 7 and 8.1 but not extensively tested Class: Elevation of Privilege Summary: The SMB server driver srv.sys and srv2.sys don't check the destination of a NTFS mount point when...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/11 12:0 a.m.34 views

Microsoft Windows - NtImpersonateAnonymousToken AC to Non-AC Privilege Escalation

Windows: NtImpersonateAnonymousToken AC to Non-AC EoP Platform: Windows 10 1703 and 1709 Class: Elevation of Privilege Summary: The check for an AC token when impersonating the anonymous token doesn’t check impersonation token’s security level leading to impersonating a non-AC anonymous token...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/11 12:0 a.m.34 views

Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon

This bug is similar to Jann Horn's issue https://bugs.chromium.org/p/project-zero/issues/detail?id=851 -- credit should go to him. The hardware service manager allows the registration of HAL services. These services are used by the vendor domain and other core processes, including systemserver,...

7AI score
Exploits0
exploitdb
exploitdb
added 2018/01/11 12:0 a.m.27 views

macOS - 'process_policy' Stack Leak Through Uninitialized Field

/ The syscall processpolicyscope=PROCPOLICYSCOPEPROCESS, action=PROCPOLICYACTIONGET, policy=PROCPOLICYRESOURCEUSAGE, policysubtype=PROCPOLICYRUSAGECPU, attrp=, targetpid=0, targetthreadid= causes 4 bytes of uninitialized kernel stack memory to be written to userspace. The call graph looks as...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/11 12:0 a.m.51 views

ALLMediaServer 0.95 - Remote Buffer Overflow

!/usr/bin/python Exploit Title: Stack Buffer Overflow in ALLMediaServer 0.95 Exploit Author: Mario Kartone Ciccarelli Contact: https://twitter.com/Kartone CVE: CVE-2017-17932 Date: 09-01-2018 Thanks to PoC: https://www.exploit-db.com/exploits/43406/ Software link:...

10CVSS9.6AI score0.53597EPSS
Exploits10
exploitdb
exploitdb
added 2018/01/11 12:0 a.m.39 views

LabF nfsAxe 3.7 FTP Client - Stack Buffer Overflow (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LabF nfsAxe 3.7 FTP Client Stack Buffer Overflow', 'Description' = %q This module exploits a buffer overflow in the LabF nfsAxe 3.7 FTP Client...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/11 12:0 a.m.44 views

Seagate Personal Cloud - Multiple Vulnerabilities

SSD Advisory – Seagate Personal Cloud Multiple Vulnerabilities Vulnerabilities summary The following advisory describes two 2 unauthenticated command injection vulnerabilities. Seagate Personal Cloud Home Media Storage is “the easiest way to store, organize, stream and share all your music, movie...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/11 12:0 a.m.43 views

Transmission - RPC DNS Rebinding

The transmission bittorrent client uses a client/server architecture, the user interface is the client and a daemon runs in the background managing the downloading, seeding, etc. Clients interact with the daemon using JSON RPC requests to a web server listening on port 9091. By default, the daemo...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/11 12:0 a.m.90 views

phpCollab 2.5.1 - File Upload (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'phpCollab 2.5.1 Unauthenticated File Upload', 'Description' = %q This module exploits a file upload vulnerability in phpCollab 2.5.1 which could ...

8.8CVSS8.8AI score0.96068EPSS
Exploits9
exploitdb
exploitdb
added 2018/01/11 12:0 a.m.21 views

Microsoft Edge Chakra - 'AppendLeftOverItemsFromEndSegment' Out-of-Bounds Read

/ Here's a snippet of AppendLeftOverItemsFromEndSegment in JavascriptArray.inl. growby = endSeg-length; current = current-GrowByMinrecycler, growby; CopyArraycurrent-elements + endIndex + 1, endSeg-length, Js::SparseArraySegmentendSeg-elements, endSeg-length;...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/11 12:0 a.m.42 views

Microsoft Windows - NTFS Owner/Mandatory Label Privilege Bypass

/ Windows: NTFS Owner/Mandatory Label Privilege Bypass EoP Platform: Windows 10 1709 not tested 8.1 Update 2 or Windows 7 Class: Elevation of Privilege Summary: When creating a new file on an NTFS drive it’s possible to circumvent security checks for setting an arbitrary owner and mandatory label...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.24 views

Linux/x86 - execve(/bin/dash) Shellcode (30 bytes)

Linux/x86 - execve/bin/dash Shellcode 30 bytes. Shellcode exploit for Linuxx86 platform / Description ; Title : exec /bin/dash - Shellcode ; Author : Hashim Jawad ; Website : ihack4falafel.com ; Twitter : @ihack4falafel ; SLAE ID : SLAE-1115 ; Purpose : spawn /bin/dash shell ; OS : Linux ; Arch :...

7.1AI score
Exploits0
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.25 views

Linux/x86 - execve(/bin/sh) + Polymorphic Shellcode (53 bytes)

Linux/x86 - execve/bin/sh + Polymorphic Shellcode 53 bytes. Shellcode exploit for Linuxx86 platform / Title: Linux/x86 - execve/bin/sh Polymorphic Shellcode 53 bytes Date: 10-Jan-2018 Exploit Author: Debashis Pal SLAE-1122 Tested on: i686 GNU/Linux '//bin/sh' = 0x68732f6e 0x69622f2f...

7.1AI score
Exploits0
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.46 views

DiskBoss Enterprise 8.8.16 - Remote Buffer Overflow

Exploit Title: DiskBoss = 8.8.16 - Unauthenticated Remote Code Execution Date: 2017-08-27 Exploit Author: Arris Huijgen Vendor Homepage: http://www.diskboss.com/ Software Link: http://www.diskboss.com/setups/diskbossentsetupv8.8.16.exe Version: Through 8.8.16 Tested on: Windows 7 SP1 x64, Windows...

10CVSS7AI score0.39123EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.34 views

Jungo Windriver 12.5.1 - Local Privilege Escalation

// ConsoleApplication1.cpp : Defines the entry point for the console application. // include "stdafx.h" include include define device L"\\.\WINDRVR1251" define SPRAYSIZE 30000 typedef NTSTATUSWINAPI PNtAllocateVirtualMemory HANDLE ProcessHandle, PVOID BaseAddress, ULONG ZeroBits, PULONG...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.49 views

HPE iMC - dbman 'RestoreDBase' Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HPE iMC dbman RestoreDBase Unauthenticated RCE', 'Description' = %q This module exploits a remote command execution vulnerablity in Hewlett Packa...

10CVSS7.4AI score0.82877EPSS
Exploits8
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.34 views

Multiple CPUs - Information Leak Using Speculative Execution

== INTRODUCTION == This is a bug report about a CPU security issue that affects processors by Intel, AMD and to some extent ARM. I have written a PoC for this issue that, when executed in userspace on an Intel Xeon CPU E5-1650 v3 machine with a modern Linux kernel, can leak around 2000 bytes per...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.42 views

Joomla! Component Easydiscuss < 4.0.21 - Cross-Site Scripting

Exploit Title: Joomla Plugin Easydiscuss inside the body, everything after the will be executed in the user’s browser. Works with every version up to 4.0.20 2. Proof of Concept Login with permissions to post a message, insert in the body and add any html code after that, whenever a user tries to...

5.4CVSS5.5AI score0.01581EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.31 views

WordPress Plugin Admin Menu Tree Page View 2.6.9 - Cross-Site Request Forgery / Privilege Escalation

Exploit Title: Admin Menu Tree Page View CSRF, Privilege Escalation Discovery Date: 2017-12-12 Exploit Author: Panagiotis Vagenas Author Link: https://twitter.com/panVagenas Vendor Homepage: http://eskapism.se/ Software Link: https://wordpress.org/plugins/admin-menu-tree-page-view Version: 2.6.9...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.46 views

WordPress Plugin Events Calendar - 'event_id' SQL Injection

Exploit Title: Wichipi Events Calendar - SQL Injection Date: 09-01-2018 Exploit Author: Dennis Veninga Contact Author: d.veninga at networking4all.com Vendor Homepage: codecanyon.net/user/wachipi Version: 1.0 CVE-ID: CVE-2018-5315 Events Calendar allows you to easily add to your website a powerfu...

9.8CVSS9.7AI score0.0487EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.35 views

Muviko 1.1 - SQL Injection

Exploit Title: Muviko 1.1 - Multiple SQL Injection Exploit Author: Ahmad Mahfouz Contact: http://twitter.com/eln1x Date: 09/01/2018 CVE: CVE-2017-17970 Vendor Homepage: https://www.muvikoscript.com Version: 1.1 Tested on: Mac OS...

9.8CVSS9.7AI score0.05412EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.37 views

Synology Photostation 6.7.2-3429 - Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Synology PhotoStation Multiple Vulnerabilities", 'Description' = %q This module exploits multiple vulnerabilities in Synology PhotoStation. When...

7AI score
Exploits0
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.85 views

Parity Browser < 1.6.10 - Bypass Same Origin Policy

VuNote ====== Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-18016 Version: 0.3 Date: Jun 16th, 2017 Tag: parity same origin policy bypass webproxy token reuse Overview -------- Name: parity Vendor: paritytech References: https://parity.io/ 1 Version: 1.6.8 Latest Version...

5.3CVSS5.3AI score0.05479EPSS
Exploits4
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.59 views

HPE iMC - dbman 'RestartDB' Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HPE iMC dbman RestartDB Unauthenticated RCE', 'Description' = %q This module exploits a remote command execution vulnerablity in Hewlett Packard...

10CVSS7.4AI score0.86466EPSS
Exploits13
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.47 views

D-Link Routers 110/412/615/815 < 1.03 - 'service.cgi' Arbitrary Code Execution

!/usr/bin/python Exploit Title: D-Link WAP 615/645/815 .?.?', 'Product Page : .?' def dlinkdetection: try: r = requests.getURL, timeout=10.00 except requests.exceptions.ConnectionError: print "Error: Failed to connect to " + URL return False if r.statuscode != 200: print "Error: " + URL + "...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.20 views

WordPress Plugin Service Finder Booking < 3.2 - Local File Disclosure

Exploit Title: Worpress Plugin Service Finder Booking 3.2 - Local File Disclosure Google Dork: N/A Date: 09/01/2018 GMT+7 Exploit Author: telahdihapus Vendor Homepage: https://themeforest.net/user/aonetheme Software Link:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.65 views

SAP NetWeaver J2EE Engine 7.40 - SQL Injection

!/usr/bin/env python coding=utf-8 """ Author: Vahagn Vardanyan https://twitter.com/vah13 Bugs: CVE-2016-2386 SQL injection CVE-2016-2388 Information disclosure CVE-2016-1910 Crypto issue Follow HTTP request is a simple PoC for anon time-based SQL injection CVE-2016-2386 vulnerability in SAP...

9.8CVSS7AI score0.7106EPSS
Exploits13
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.26 views

Microsoft Edge Chakra JIT - 'Lowerer::LowerSetConcatStrMultiItem' Missing Integer Overflow Check

/ The method "Lowerer::LowerSetConcatStrMultiItem" is used to generate machine code to concatenate strings. Here's a snippet of the method. void Lowerer::LowerSetConcatStrMultiItemIR::Instr instr ... IR::IndirOpnd dstLength = IR::IndirOpnd::NewconcatStrOpnd,...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.30 views

WordPress Plugin WordPress Download Manager 2.9.60 - Cross-Site Request Forgery

Exploit Title: WordPress Download Manager CSRF Discovery Date: 2017-12-12 Exploit Author: Panagiotis Vagenas Author Link: https://twitter.com/panVagenas Vendor Homepage: https://www.wpdownloadmanager.com/ Software Link: https://wordpress.org/plugins/download-manager Version: 2.9.60 Tested on:...

7AI score
Exploits0
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.31 views

WordPress Plugin CMS Tree Page View 1.4 - Cross-Site Request Forgery / Privilege Escalation

Exploit Title: CMS Tree Page View CSRF, Privilege Escalation Discovery Date: 2017-12-12 Exploit Author: Panagiotis Vagenas Author Link: https://twitter.com/panVagenas Vendor Homepage: http://eskapism.se/ Software Link: https://wordpress.org/plugins/cms-tree-page-view Version: 1.4 Tested on:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/10 12:0 a.m.33 views

WordPress Plugin Social Media Widget by Acurax 3.2.5 - Cross-Site Request Forgery

Exploit Title: Social Media Widget by Acurax CSRF Discovery Date: 2017-12-12 Exploit Author: Panagiotis Vagenas Author Link: https://twitter.com/panVagenas Vendor Homepage: http://www.acurax.com/ Software Link: https://wordpress.org/plugins/acurax-social-media-widget Version: 3.2.5 Tested on:...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/09 12:0 a.m.31 views

Microsoft Edge Chakra JIT - BackwardPass::RemoveEmptyLoopAfterMemOp Does not Insert Branches

/ The optimizations for memory operations may leave empty loops as follows: for let i = 0; i arr.length; i++ arri = 0; Becomes: Memsetarr, 0, arr.length; for let i = 0; i arr.length; i++ // empty! These empty loops will be removed by "BackwardPass::RemoveEmptyLoopAfterMemOp". But this method just...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/09 12:0 a.m.86 views

Microsoft Windows - 'nt!NtQuerySystemInformation (information class 138, QueryMemoryTopologyInformation)' Kernel Pool Memory Disclosure

/ We have discovered that the nt!NtQuerySystemInformation system call invoked with the 138 information class discloses portions of uninitialized kernel pool memory to user-mode clients. The specific information class is handled by an internal nt!ExpQueryMemoryTopologyInformation function. While w...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/09 12:0 a.m.51 views

Microsoft Windows - 'nt!NtQueryInformationProcess (information class 76, QueryProcessEnergyValues)' Kernel Stack Memory Disclosure

/ We have discovered that the nt!NtQueryInformationProcess system call invoked with the 76 information class discloses portions of uninitialized kernel stack memory to user-mode clients. The specific information class is handled by an internal nt!PsQueryProcessEnergyValues function. While we don'...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/09 12:0 a.m.37 views

Commvault Communications Service (cvd) - Command Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/powershell' class MetasploitModule 'Commvault Communications Service cvd Command Injection', 'Description' = %q This module exploits a command...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/09 12:0 a.m.25 views

Microsoft Edge Chakra JIT - Escape Analysis Bug

/ Escape analysis: https://en.wikipedia.org/wiki/Escapeanalysis Chakra fails to detect if "tmp" escapes the scope, allocates it to the stack. This may lead to dereference uninitialized stack values. PoC: / function opt let tmp = ; tmp0 = tmp; return tmp0; function main for let i = 0; i 0x1000; i+...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/09 12:0 a.m.40 views

Microsoft Edge Chakra - 'asm.js' Out-of-Bounds Read

/ Here's a snippet of AsmJSByteCodeGenerator::EmitAsmJsFunctionBody. AsmJsVar initSource = nullptr; if decl-sxVar.pnodeInit-nop == knopName AsmJsSymbol initSym = mCompiler-LookupIdentifierdecl-sxVar.pnodeInit-name, mFunction; if initSym-GetSymbolType == AsmJsSymbol::Variable // in this case we ar...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/09 12:0 a.m.23 views

Microsoft Edge Chakra JIT - Op_MaxInAnArray and Op_MinInAnArray can Explicitly call User-Defined JavaScript Functions

/ 1. Call patterns like "Math.max.applyMath, 1, 2, 3, 4, 5" and "Math.max.applyMath, arr" can be optimized to directly call the method "JavascriptMath::MaxInAnArray" in the Inline Phase. 2. The method takes the original method "Math.max" as the first parameter and the arguments object as the seco...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/09 12:0 a.m.283 views

Microsoft Office - 'Composite Moniker Remote Code Execution

What? This repo contains a Proof of Concept exploit for CVE-2017-8570, a.k.a the "Composite Moniker" vulnerability. This demonstrates using the Packager.dll trick to drop an sct file into the %TEMP% directory, and then execute it using the primitive that the vulnerability provides. Download:...

9.3CVSS8.2AI score0.89889EPSS
Exploits14
exploitdb
exploitdb
added 2018/01/08 12:0 a.m.23 views

Microsoft Windows - Local XPS Print Spooler Sandbox Escape

Windows: Local XPS Print Spooler Sandbox Escape Platform: Windows 10 1703 and 1709 not tested Windows 7 or 8.x Class: Elevation of Privilege Summary: The local print spooler can be abused to create an arbitrary file from a low privilege application including one in an AC as well as a typical Edge...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2018/01/08 12:0 a.m.39 views

Vanilla < 2.1.5 - Cross-Site Request Forgery

Exploit Title: CSRF vulnerabilities in Vanilla Forums below 2.1.5-CVE-2017-1000432 Google Dork: NA Date: 7/1/2018 Contact: https://twitter.com/anandm47 website: https://anandtechzone.blogspot.in Exploit Author: Anand Meyyappan Vendor Homepage: https://open.vanillaforums.com Software Link:...

8CVSS7.9AI score0.01647EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/08 12:0 a.m.53 views

Android - Inter-Process munmap due to Race Condition in ashmem

The MemoryIntArray class allows processes to share an in-memory array of integers backed by an "ashmem" file descriptor. As the class implements the Parcelable interface, it can be inserted into a Parcel, and optionally placed in a Bundle and transferred via binder to remote processes. Instead of...

9.3CVSS7.7AI score0.02535EPSS
Exploits5
exploitdb
exploitdb
added 2018/01/08 12:0 a.m.78 views

FiberHome LM53Q1 - Multiple Vulnerabilities

!/usr/bin/python /$$$$$$$$ /$$ /$$ /$$ /$$ /$$$$$$$ /$$ /$$$$$$$$ /$$ /$$ /$$ | $$/|/| $$ | $$ | $$ | $$ $$ | $$ | $$/ | $$ |/ | $$ | $$ /$$| $$$$$$$ /$$$$$$ /$$$$$$ | $$ | $$ /$$$$$$ /$$$$$$/$$$$ /$$$$$$ | $$ \ $$ /$$$$$$ /$$$$$$/$$$$ /$$$$$$ /$$$$$$ /$$$$$$ | $$ /$$ /$$ /$$$$$$ | $$ /$$$$$$ /$$...

9.8CVSS7AI score0.36627EPSS
Exploits7
Total number of security vulnerabilities47904