Lucene search
+L
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2017/08/09 12:0 a.m.56 views

NoMachine 5.3.9 - Local Privilege Escalation

""" Exploit Title: NoMachine LPE - Local Privilege Escalation Date: 09/08/2017 Exploit Author: Daniele Linguaglossa Vendor Homepage: https://www.nomachine.com Software Link: https://www.nomachine.com Version: 5.3.9 Tested on: OSX CVE : CVE-2017-12763 NoMachine uses a file called nxexec in order t...

9CVSS8.9AI score0.03863EPSS
Exploits2
Exploit DB
Exploit DB
added 2017/08/09 12:0 a.m.41 views

Symantec Messaging Gateway < 10.6.3-267 - Cross-Site Request Forgery

Exploit Title: CSRF Date: August 9, 2017 Software Link: https://www.symantec.com/products/messaging-gateway Exploit Author: Dhiraj Mishra Contact: http://twitter.com/mishradhiraj Website: http://datarift.blogspot.in/ CVE: CVE-2017-6328 Category: Symantec Messaging Gateway 1. Description The...

8.8CVSS8.8AI score0.02139EPSS
Exploits3
Exploit DB
Exploit DB
added 2017/08/09 12:0 a.m.42 views

DALIM SOFTWARE ES Core 5.0 build 7184.1 - Cross-Site Scripting / Cross-Site Request Forgery

!-- DALIM SOFTWARE ES Core 5.0 build 7184.1 Multiple Stored XSS And CSRF Vulnerabilities Vendor: Dalim Software GmbH Product web page: https://www.dalim.com Affected version: ES/ESPRiT 5.0 build 7184.1 build 7163.2 build 7163.0 build 7135.0 build 7114.1 build 7114.0 build 7093.1 build 7093.0 buil...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/09 12:0 a.m.22 views

WebFile Explorer 1.0 - Arbitrary File Download

Exploit Title: WebFile Explorer 1.0 - Arbitrary File Download Dork: N/A Date: 09.08.2017 Vendor Homepage : http://speicher.host/ Software Link: https://codecanyon.net/item/webfile-explorer/20366192/ Demo: http://speicher.host/envato/codecanyon/demo/web-file-explorer/ Version: 1.0 Category: Webapp...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/09 12:0 a.m.36 views

DALIM SOFTWARE ES Core 5.0 build 7184.1 - Server-Side Request Forgery

DALIM SOFTWARE ES Core 5.0 build 7184.1 Server-Side Request Forgery Vendor: Dalim Software GmbH Product web page: https://www.dalim.com Affected version: ES/ESPRiT 5.0 build 7184.1 build 7163.2 build 7163.0 build 7135.0 build 7114.1 build 7114.0 build 7093.1 build 7093.0 build 7072.0 build 7051.3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/09 12:0 a.m.132 views

Android Bluetooth - 'Blueborne' Information Leak (1)

from pwn import import bluetooth if not 'TARGET' in args: log.info'Usage: python CVE-2017-0781.py TARGET=XX:XX:XX:XX:XX:XX' exit target = args'TARGET' count = 30 Amount of packets to send port = 0xf BTPSMBNEP context.arch = 'arm' BNEPFRAMECONTROL = 0x01 BNEPSETUPCONNECTIONREQUESTMSG = 0x01 def...

8.8CVSS8.3AI score0.2285EPSS
Exploits13
Exploit DB
Exploit DB
added 2017/08/08 12:0 a.m.61 views

Unitrends UEB 9.1 - Authentication Bypass / Remote Command Execution

Exploit Title: Unauthenticated root RCE for Unitrends UEB 9.1 Date: 08/08/2017 Exploit Authors: Cale Smith, Benny Husted, Jared Arave Contact: https://twitter.com/iotennui || https://twitter.com/BennyHusted || https://twitter.com/0xC413 Vendor Homepage: https://www.unitrends.com/ Software Link:...

10CVSS9.5AI score0.78269EPSS
Exploits12
Exploit DB
Exploit DB
added 2017/08/08 12:0 a.m.44 views

Unitrends UEB 9.1 - Privilege Escalation

Exploit Title: Authenticated lowpriv RCE for Unitrends UEB 9.1 Date: 08/08/2017 Exploit Authors: Benny Husted, Jared Arave, Cale Smith Contact: https://twitter.com/iotennui || https://twitter.com/BennyHusted || https://twitter.com/0xC413 Vendor Homepage: https://www.unitrends.com/ Software Link:...

9CVSS8.8AI score0.11811EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/08/08 12:0 a.m.39 views

Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098) (2)

Sources: - https://github.com/sensepost/gdi-palettes-exp - https://sensepost.com/blog/2017/abusing-gdi-objects-for-ring0-primitives-revolution/ Windows 7 SP1 x86 exploit presented at DEF CON 25 involving the abuse of a newly discovered GDI object abuse technique. DC25 5A1F - Demystifying Windows...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/08 12:0 a.m.54 views

WildMIDI 0.4.2 - Multiple Vulnerabilities

wildmidi multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= WildMIDI is a simple software midi player which has a core softsynth library that can be use with other applications.The WildMIDI library uses Gravis Ultrasound patch files to convert...

7.5CVSS6.7AI score0.10772EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/08/08 12:0 a.m.41 views

Unitrends UEB 9.1 - 'Unitrends bpserverd' Remote Command Execution

Exploit Title: Unauthenticated root RCE for Unitrends UEB 9.1 Date: 08/08/2017 Exploit Authors: Jared Arave, Cale Smith, Benny Husted Contact: https://twitter.com/iotennui || https://twitter.com/BennyHusted || https://twitter.com/0xC413 Vendor Homepage: https://www.unitrends.com/ Software Link:...

10CVSS9.6AI score0.68217EPSS
Exploits9
Exploit DB
Exploit DB
added 2017/08/08 12:0 a.m.49 views

Synology Photo Station 6.7.3-3432 / 6.3-2967 - Remote Code Execution

''' Source: https://blogs.securiteam.com/index.php/archives/3356 Vulnerability details The remote code execution is a combination of 4 different vulnerabilities: Upload arbitrary files to the specified directories Log in with a fake authentication mechanism Log in to Photo Station with any identi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/08 12:0 a.m.57 views

VMware WorkStation 12.5.5 - Virtual Machine Escape

VMware Escape Exploit VMware Escape Exploit before VMware WorkStation 12.5.5 Host Target: Win10 x64 Compiler: VS2013 Test on VMware 12.5.2 build-4638234 Known issues Failing to heap manipulation causes host process crash. Not quite elaborate because I'm not good at doing heap "fengshui" on winows...

9.9CVSS9.7AI score0.1994EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/08/07 12:0 a.m.112 views

WordPress Plugin Easy Modal 2.0.17 - SQL Injection

DefenseCode ThunderScan SAST Advisory WordPress Easy Modal Plugin Multiple Security Vulnerabilities Advisory ID: DC-2017-01-007 Advisory Title: WordPress Easy Modal Plugin Multiple Vulnerabilities Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Easy Modal plugin...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/06 12:0 a.m.465 views

Microsoft Windows - '.LNK' Shortcut File Code Execution

!/usr/bin/python -- coding: utf-8 -- Title : CVE-2017-8464 | LNK Remote Code Execution Vulnerability CVE : 2017-8464 Authors : ykoster, nixawk Notice : Only for educational purposes. Support : python2 import struct def generateSHELLLINKHEADER: | | | | | | | | | | | | | | | | | | | | | | | | | | |...

9.3CVSS6.7AI score0.90026EPSS
Exploits20
Exploit DB
Exploit DB
added 2017/08/06 12:0 a.m.180 views

Linux x86 - /bin/sh Shellcode (24 bytes)

Linux x86 - /bin/sh Shellcode 24 bytes. Shellcode exploit for Linx86 platform / ;Title: Linux/x86 - /bin/sh Shellcode ;Author: Touhid M.Shaikh ;Contact: https://github.com/touhidshaikh ;Category: Shellcode ;Architecture: Linux x86 ;Description: This shellcode baased on stack method to Execute...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/03 12:0 a.m.94 views

Technicolor TC7337 - 'SSID' Persistent Cross-Site Scripting

// Device : Technicolor TC7337 // Vulnerable URL : https://your.rou.ter.ip/wlscanresults.html // XSS through SSID : ' Exactly 32 bytes uu // ^ // 5char domains are running | 'src' does not requires quotes , and passing the URL with ony '//' // out, grab yours ! +--- it will cause the browser to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/03 12:0 a.m.60 views

VirtualBox 5.1.22 - Windows Process DLL UNC Path Signature Bypass Privilege Escalation

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1296 VirtualBox: Windows Process DLL UNC Path Signature Bypass EoP Platform: VirtualBox v5.1.22 r115126 x64 Tested on Windows 10 Class: Elevation of Privilege Summary: The process hardening implemented by the VirtualBox driver can ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/03 12:0 a.m.49 views

Joomla! Component StreetGuessr Game 1.1.8 - SQL Injection

Exploit Title: Joomla! Component StreetGuessr Game v1.1.8 - SQL Injection Dork: N/A Date: 03.08.2017 Vendor : https://www.nordmograph.com/ Software: https://extensions.joomla.org/extensions/extension/sports-a-games/streetguessr-game/ Demo: https://www.streetguessr.com/en/component/streetguess/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/03 12:0 a.m.124 views

DNSTracer 1.9 - Local Buffer Overflow

Exploit Title: DNSTracer 1.9 - Buffer Overflow Google Dork: if applicable Date: 03-08-2017 Exploit Author: j0lama Vendor Homepage: http://www.mavetju.org/unix/dnstracer.php Software Link: http://www.mavetju.org/download/dnstracer-1.9.tar.gz Version: 1.9 Tested on: Ubuntu 12.04 CVE : CVE-2017-9430...

9.8CVSS9.6AI score0.1132EPSS
Exploits8
Exploit DB
Exploit DB
added 2017/08/03 12:0 a.m.37 views

VirtualBox 5.1.22 - Windows Process DLL Signature Bypass Privilege Escalation

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1257 VirtualBox: Windows Process DLL Signature Bypass EoP Platform: VirtualBox v5.1.22 r115126 x64 Tested on Windows 10 Class: Elevation of Privilege Summary: The process hardening implemented by the VirtualBox driver can be...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/03 12:0 a.m.79 views

Tiandy IP Cameras 5.56.17.120 - Sensitive Information Disclosure

Vulnerability Summary The following advisory describes sensitive information Disclosure found in Tiandy IP cameras version 5.56.17.120 Tianjin Tiandy Digital Technology Co., Ltd Tiandy Tech is “one of top 10 leading CCTV manufacturer in China and a global supplier of advanced video surveillance...

7.5CVSS7.7AI score0.03609EPSS
Exploits3
Exploit DB
Exploit DB
added 2017/08/03 12:0 a.m.57 views

Dashlane - DLL Hijacking

Vulnerability Summary The following advisory describes a DLL Hijacking vulnerability found in Dashlane. Dashlane is “a password manager app and secure digital wallet. The app is available on Mac, PC, iOS and Android. The app’s premium feature enables users to securely sync their data between an...

7.3CVSS7.6AI score0.00673EPSS
Exploits2
Exploit DB
Exploit DB
added 2017/08/03 12:0 a.m.49 views

Horde Groupware 5.2.21 - Unauthorized File Download

Vulnerability Summary The following advisory describes an unauthorized file download vulnerability found in Horde Groupware version 5.2.21. Horde Groupware Webmail Edition is “a free, enterprise ready, browser based communication suite. Users can read, send and organize email messages and manage...

7.5CVSS7.5AI score0.0553EPSS
Exploits3
Exploit DB
Exploit DB
added 2017/08/02 12:0 a.m.36 views

Muviko 1.0 - 'q' SQL Injection

Exploit Title: Muviko - Video CMS v1.0 – 'q' Parameter SQL Injection Date: 02.08.2017 Vendor Homepage: https://muvikoscript.com/ Exploit Author: Kaan KAMIS Contact: iletisimatk2andotcom Website: http://k2an.com Category: Web Application Exploits Overview Muviko is a movie & video content manageme...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/02 12:0 a.m.107 views

Nitro Pro PDF Reader 11.0.3.173 - Javascript API Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nitro Pro PDF Reader 11.0.3.173 Javascript API Remote Code Execution', 'Description' = %q This module exploits an unsafe Javascript API implemente...

8.8CVSS7.4AI score0.40692EPSS
Exploits6
Exploit DB
Exploit DB
added 2017/08/02 12:0 a.m.45 views

Joomla! Component Event Registration Pro Calendar 4.1.3 - SQL Injection

Exploit Title: Joomla! Component Event Registration Pro Calendar v4.1.3 - SQL Injection Dork: N/A Date: 02.08.2017 Vendor : http://joomlashowroom.com/ Software: https://www.joomlashowroom.com/products/event-registration-pro-calendar Demo: http://demo3.joomlashowroom.com/ Version: 4.1.3 Author:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/02 12:0 a.m.44 views

Joomla! Component PHP-Bridge 1.2.3 - SQL Injection

Exploit Title: Joomla! Component PHP-Bridge v1.2.3 - SQL Injection Dork: N/A Date: 02.08.2017 Vendor : http://www.henryschorradt.de/ Software: https://extensions.joomla.org/extensions/extension/miscellaneous/development/php-bridge/ Demo: http://www.henryschorradt.de/joomla-php-bridge/ Version:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/02 12:0 a.m.56 views

Premium Servers List Tracker 1.0 - SQL Injection

Exploit Title: Premium Servers List Tracker v1.0 – SQL Injection Date: 02.08.2017 Vendor Homepage: https://codecanyon.net/item/premium-servers-list-tracker/19796599?srank=270 Exploit Author: Kaan KAMIS Contact: iletisimatk2andotcom Website: http://k2an.com Category: Web Application Exploits...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/02 12:0 a.m.107 views

Joomla! Component LMS King Professional 3.2.4.0 - SQL Injection

Exploit Title: Joomla! Component LMS King Professional v3.2.4.0 - SQL Injection Dork: N/A Date: 02.08.2017 Vendor : http://king-products.net/ Software: https://extensions.joomla.org/extensions/extension/living/education-a-culture/lms-king-professional-for-joomla/ Demo:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/02 12:0 a.m.62 views

EDUMOD Pro 1.3 - SQL Injection

Exploit Title: School Management System | EDUMOD Pro v1.3 – SQL Injection Date: 02.08.2017 Vendor Homepage: https://codecanyon.net/item/school-management-system-edumod-pro/19764430?srank=288 Exploit Author: Kaan KAMIS Contact: iletisimatk2andotcom Website: http://k2an.com Category: Web Applicatio...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/02 12:0 a.m.50 views

Joomla! Component Ultimate Property Listing 1.0.2 - SQL Injection

Exploit Title: Joomla! Component Ultimate Property Listing v1.0.2 - SQL Injection Dork: N/A Date: 02.08.2017 Vendor : http://faboba.com/ Software: https://extensions.joomla.org/extensions/extension/vertical-markets/real-estate/ultimate-property-listing/ Demo: http://demoupl.faboba.com/ Version:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/02 12:0 a.m.64 views

Entrepreneur B2B Script - 'pid' SQL Injection

Exploit Title: Entrepreneur B2B Script - 'pid' Parameter SQL Injection Date: 2017-08-02 Exploit Author: Meisam Monsef [email protected] or [email protected] Vendor Homepage: http://readymadeb2bscript.com/ Version: All Version Exploit : http://site.com/path/productview1.php?pid=-99999+SQL+Comm...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/02 12:0 a.m.33 views

Joomla! Component SIMGenealogy 2.1.5 - SQL Injection

Exploit Title: Joomla! Component SIMGenealogy v2.1.5 - SQL Injection Dork: N/A Date: 02.08.2017 Vendor : https://www.simbunch.com/ Software: https://extensions.joomla.org/extensions/extension/clients-a-communities/communities/simgenealogy/ Demo: https://www.simbunch.com/demos/simgenealogy Version...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/01 12:0 a.m.72 views

Advantech SUSIAccess < 3.0 - 'RecoveryMgmt' File Upload

!/usr/bin/env ruby =begin Exploit Title: Advantech SUSIAccess RecoveryMgmt File Upload Date: 07/31/17 Exploit Author: james fitts Vendor Homepage: http://www.advantech.com/ Version: Advantech SUSIAccess = 3.0 Tested on: Windows 7 SP1 Relavant Advisories: ZDI-16-630 ZDI-16-628 CVE-2016-9349...

7.5CVSS7AI score0.07879EPSS
Exploits8
Exploit DB
Exploit DB
added 2017/08/01 12:0 a.m.103 views

libmad 0.15.1b - 'mp3' Memory Corruption

libmad memory corruption vulnerability ================ Author : qflb.wu =============== Introduction: ============= libmad is a high-quality MPEG audio decoder capable of 24-bit output. Affected version: ===== 0.15.1b Vulnerability Description: ========================== the maddecoderrun functi...

6.5CVSS8.1AI score0.0656EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/08/01 12:0 a.m.71 views

VehicleWorkshop - Authentication Bypass

Type: Admin or Customer login bypass via SQL injection Author: Touhid M.Shaikh Vendor Homepage: https://github.com/spiritson/VehicleWorkshop Mail: touhidshaikh22atgmaildotcom More info: https://blog.touhidshaikh.com/ ===================== PoC ================ Admin Login Page :...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/01 12:0 a.m.109 views

Apple macOS/iOS - 'xpc_data' Objects Sandbox Escape Privilege Escalation

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1247 When XPC serializes large xpcdata objects it creates mach memory entry ports to represent the memory region then transfers that region to the receiving process by sending a send right to the memory entry port in the underlying...

8.8CVSS8.2AI score0.06726EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/08/01 12:0 a.m.117 views

VehicleWorkshop - Arbitrary File Upload

Exploit Title: VehicleWorkshop Unrestricted File Upload or Shell Upload Exploit Author: Touhid M.Shaikh Date: 1/08/2017 Vendor Homepage: https://github.com/spiritson/VehicleWorkshop Tested on : Kali Linux 2.0 64 bit and Windows 7 =================== Vulnerable Page: ===================...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/01 12:0 a.m.49 views

SOL.Connect ISET-mpp meter 1.2.4.2 - SQL Injection

Vulnerability type: SQL injection, leading to administrative access through authentication bypass. ----------------------------------- Product: SOL.Connect ISET-mpp meter ----------------------------------- Affected version: SOL.Connect ISET-mpp meter 1.2.4.2 and possibly earlier Vulnerable...

9.8CVSS9.7AI score0.03746EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/08/01 12:0 a.m.73 views

Advantech SUSIAccess < 3.0 - Directory Traversal / Information Disclosure (Metasploit)

require 'msf/core' class MetasploitModule 'Advantech SUSIAccess Server Directory Traversal Information Disclosure', 'Description' = %q This module exploits an information disclosure vulnerability found in Advantech SUSIAccess 'james fitts' , 'License' = MSFLICENSE, 'References' = 'CVE', '2016-934...

7.5CVSS7.4AI score0.07879EPSS
Exploits8
Exploit DB
Exploit DB
added 2017/08/01 12:0 a.m.20 views

Solarwinds Kiwi Syslog 9.6.1.6 - Denial of Service

Exploit Title: Solarwinds Kiwi Syslog 9.6.1.6 - Remote Denial of Service Type Mismatch Date: 26/05/2017 Exploit Author: Guillaume Kaddouch Twitter: @gkweb76 Blog: https://networkfilter.blogspot.com GitHub: https://github.com/gkweb76/exploits Vendor Homepage: http://www.solarwinds.com/ Software...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/08/01 12:0 a.m.33 views

JoySale 2.2.1 - Arbitrary File Upload

JoySale Arbitrary File Upload Exploit Title: JoySale Arbitrary File Upload Exploit Author: Mutlu Benmutlu Date: 1/08/2017 Vendor Homepage: http://www.hitasoft.com/product/joysale-advanced-classifieds-script/ Version: Joysale v2.2.1 latest Google Dork: "joysale-style.css" Tested on : MacOS Sierra...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/07/31 12:0 a.m.67 views

libvorbis 1.3.5 - Multiple Vulnerabilities

libvorbis multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= The libvorbis package contains a general purpose audio and music encoding format. This is useful for creating encoding and playing decoding sound in an open patent free format. Affecte...

5.5CVSS7AI score0.04838EPSS
Exploits3
Exploit DB
Exploit DB
added 2017/07/31 12:0 a.m.37 views

libao 1.2.0 - Denial of Service

libao memory corruption vulnerability ================ Author : qflb.wu =============== Introduction: ============= Libao is a cross-platform audio library that allows programs to output audio using a simple API on a wide variety of platforms. Affected version: ===== 1.2.0 Vulnerability...

5.5CVSS5.4AI score0.03855EPSS
Exploits3
Exploit DB
Exploit DB
added 2017/07/31 12:0 a.m.55 views

Sound eXchange (SoX) 14.4.2 - Multiple Vulnerabilities

Sound eXchange SoX multiple vulnerabilities ================ Author : qflb.wu =============== Introduction: ============= SoX is a cross-platform Windows, Linux, MacOS X, etc. command line utility that can convert various formats of computer audio files in to other formats. It can also apply...

5.5CVSS6AI score0.06599EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/07/31 12:0 a.m.33 views

DivFix++ 0.34 - Denial of Service

DivFix++ denial of service vulnerability ================ Author : qflb.wu =============== Introduction: ============= DivFix++ is FREE AVI Video Fix & Preview program. Affected version: ===== v0.34 Vulnerability Description: ========================== the DivFixppCore::aviheaderfix function in...

5.5CVSS5.6AI score0.03056EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/07/31 12:0 a.m.36 views

Vorbis Tools oggenc 1.4.0 - '.wav' Denial of Service

vorbis-tools oggenc vulnerability ================ Author : qflb.wu =============== Introduction: ============= The Vorbis Tools package contains command-line tools useful for encoding, playing or editing files using the Ogg CODEC. Affected version: ===== 1.4.0 Vulnerability Description:...

5.5CVSS5.4AI score0.03793EPSS
Exploits3
Exploit DB
Exploit DB
added 2017/07/30 12:0 a.m.134 views

Jenkins < 1.650 - Java Deserialization

import random import string from decimal import Decimal import requests from requests.exceptions import RequestException Exploit Title: Jenkins CVE-2016-0792 Deserialization Remote Exploit Google Dork: intitle: "Dashboard Jenkins" + "Manage Jenkins" Date: 30-07-2017 Exploit Author: Janusz Piechów...

9CVSS6.9AI score0.83259EPSS
Exploits23
Exploit DB
Exploit DB
added 2017/07/30 12:0 a.m.58 views

DiskBoss Enterprise 8.2.14 - Remote Buffer Overflow

!/usr/bin/env python Exploit Title: DiskBoss Enterprise v8.2.14 Remote buffer overflow Date: 2017-07-30 Exploit Author: Ahmad Mahfouz Author Homepage: www.unixawy.com Vendor Homepage: http://www.diskboss.com/ Software Link: http://www.diskboss.com/setups/diskbossentsetupv8.2.14.exe Version: v8.2....

7.4AI score
Exploits0
Total number of security vulnerabilities47904