Lucene search
+L
ExploitdbRecent

47904 matches found

Exploit DB
Exploit DB
added 2017/05/19 12:0 a.m.29 views

Sure Thing Disc Labeler 6.2.138.0 - Buffer Overflow (PoC)

Exploit Title: Sure Thing Disc Labeler - Stack Buffer Overflow PoC Date: 5-19-17 Exploit Author: Chance Johnson [email protected] Vendor Homepage: http://www.surething.com/ Software Link: http://www.surething.com/disclabeler Version: 6.2.138.0 Tested on: Windows 7 x64 / Windows 10 Usage: Ope...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/19 12:0 a.m.55 views

SAP Business One for Android 1.2.3 - XML External Entity Injection

Exploit Title: Blind XXE XML External Entityin SAP Date of Disclosure: 17/05/2017 Author: Ravindra Singh Rathore Vendor Homepage: https://www.sap.com/products/business-one.html Product - SAP Business One Android Application Version - 1.2.3 Security Note: 2378065 CVE - CVE-2016-6256 CVSS - 6.5 XXE...

9.6CVSS9.5AI score0.0788EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/05/19 12:0 a.m.319 views

Joomla! 3.7.0 - 'com_fields' SQL Injection

Exploit Title: Joomla 3.7.0 - Sql Injection Date: 05-19-2017 Exploit Author: Mateus Lino Reference: https://blog.sucuri.net/2017/05/sql-injection-vulnerability-joomla-3-7.html Vendor Homepage: https://www.joomla.org/ Version: = 3.7.0 Tested on: Win, Kali Linux x64, Ubuntu, Manjaro and Arch Linux...

9.8CVSS9.6AI score0.99826EPSS
Exploits21
Exploit DB
Exploit DB
added 2017/05/19 12:0 a.m.74 views

Oracle PeopleSoft - Server-Side Request Forgery

Application: Oracle PeopleSoft Versions Affected: ToolsRelease: 8.55.03; ToolsReleaseDB: 8.55; PeopleSoft HCM 9.2 Vendor URL: http://oracle.com Bugs: SSRF Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Author: Roman Shalymov...

6.5CVSS6.8AI score0.09636EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/05/19 12:0 a.m.36 views

PlaySMS 1.4 - Remote Code Execution

Exploit Title: PlaySMS 1.4 Remote Code Execution to Poisoning admin log Date: 19-05-2017 Software Link: https://playsms.org/download/ Version: 1.4 Exploit Author: Touhid M.Shaikh Contact: http://twitter.com/touhidshaikh22 Website: http://touhidshaikh.com/ Category: webapps 1. Description Remote...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/18 12:0 a.m.24 views

KDE 4/5 - 'KAuth' Local Privilege Escalation

// cc -Wall smb0k.c -pedantic -std=c11 // // smb4k PoC, also demonstrating broader scope of a generic kde // authentication bypass vulnerability // // C 2017 Sebastian Krahmer // define POSIXCSOURCE 200112L include include include include include include include include include void dieconst char...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.137 views

Oracle PeopleSoft Enterprise PeopleTools < 8.55 - Remote Code Execution Via Blind XML External Entity

!/usr/bin/python3 Oracle PeopleSoft SYSTEM RCE https://www.ambionics.io/blog/oracle-peoplesoft-xxe-to-rce cf 2017-05-17 import requests import urllib.parse import re import string import random import sys from requests.packages.urllib3.exceptions import InsecureRequestWarning...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.158 views

Microsoft Windows 8/8.1/2012 R2 (x64) - 'EternalBlue' SMB Remote Code Execution (MS17-010)

!/usr/bin/python from impacket import smb, ntlm from struct import pack import sys import socket ''' EternalBlue exploit for Windows 8 and 2012 by sleepya The exploit might FAIL and CRASH a target system depended on what is overwritten The exploit support only x64 target EDB Note: Shellcode - x64...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.34 views

Oracle PeopleSoft - XML External Entity to SYSTEM Remote Code Execution

!/usr/bin/python3 Oracle PeopleSoft SYSTEM RCE https://www.ambionics.io/blog/oracle-peoplesoft-xxe-to-rce cf 2017-05-17 import requests import urllib.parse import re import string import random import sys from requests.packages.urllib3.exceptions import InsecureRequestWarning...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.59 views

INFOR EAM 11.0 Build 201410 - Persistent Cross-Site Scripting via Comment Fields

Stored XSS in INFOR EAM V11.0 Build 201410 via comment fields ------------------- Assigned CVE: CVE-2017-7953 Reproduction steps: ------------------- 1. Log in with your EAM account 2. Go to the jobs page 3. Click on a record and open its page 4. Go to "Comments" tab 4. Click the add new comment...

5.4CVSS5.5AI score0.00954EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.275 views

WordPress Plugin PHPMailer 4.6 - Host Header Command Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress PHPMailer Host Header Command Injection', 'Description' = %q This module exploits a command injection vulnerability in WordPress version...

9.8CVSS8.1AI score0.99714EPSS
Exploits58
Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.40 views

Apple iOS < 10.3.2 - Notifications API Denial of Service

Exploit Title: Apple iOS 10.3.2 - Notifications API Denial of Service Date: 05-15-2017 Exploit Author: Sem Voigtländer @OxFEEDFACE, Vincent Desmurs @vincedes3 and Joseph Shenton Vendor Homepage: https://apple.com Software Link: https://support.apple.com/en-us/HT207798 Version: iOS 10.3.2 Tested o...

5.5CVSS6.3AI score0.02394EPSS
Exploits3
Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.25 views

Adobe Flash - Out-of-Bounds Read in Getting TextField Width

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1211 The attached swf causes an out-of-bounds read in getting the width of a TextField. Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42019.zip...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.26 views

Serviio Media Server - checkStreamUrl Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule /Restlet-Framework/ include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStager def initializeinfo = superupdateinfoinfo, 'Name' =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.30 views

Adobe Flash - AVC Deblocking Out-of-Bounds Read

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1171 The attached swf triggers an out-of-bounds read in AVC deblocking. Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42017.zip...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.27 views

Dup Scout Enterprise 9.5.14 - GET Buffer Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Dup Scout Enterprise GET Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability ...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.84 views

Microsoft Windows - Running Object Table Register ROTFLAGS_ALLOWANYCLIENT Privilege Escalation

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1112 Windows: Running Object Table Register ROTFLAGSALLOWANYCLIENT EoP Platform: Windows 10 10586/14393 not tested 8.1 Update 2 or Windows 7 Class: Elevation of Privilege Summary: By setting an appropriate AppID it’s possible for a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.28 views

Adobe Flash - Margin Handling Heap Corruption

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1174 The attached fuzzed swf causes a crash due to heap corruption when processing the margins of a rich text field. Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/42018.zip...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.132 views

Microsoft Windows - COM Aggregate Marshaler/IRemUnknown2 Type Confusion Privilege Escalation

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1107 Windows: COM Aggregate Marshaler/IRemUnknown2 Type Confusion EoP Platform: Windows 10 10586/14393 not tested 8.1 Update 2 Class: Elevation of Privilege Summary: When accessing an OOP COM object using IRemUnknown2 the local...

7.2CVSS7AI score0.01755EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.648 views

Microsoft Windows 7/2008 R2 - 'EternalBlue' SMB Remote Code Execution (MS17-010)

!/usr/bin/python from impacket import smb from struct import pack import sys import socket ''' EternalBlue exploit for Windows 7/2008 by sleepya The exploit might FAIL and CRASH a target system depended on what is overwritten EDB Note: Shellcode - x64...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.60 views

Mozilla Firefox 50 < 55 - Stack Overflow Denial of Service

function done var x = ''; for i=0; i'; var uri = 'data:image/svg+xml,' + x; var i = new Image; i.src = uri; !-- Visiting https://bugzilla.mozilla.org/attachment.cgi?id=8817075 may likely crash your browser tab. Debug Information: ============== ff4.1108: Stack overflow - code c00000fd first chanc...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.61 views

INFOR EAM 11.0 Build 201410 - 'filtervalue' SQL Injection

SQL injection in INFOR EAM V11.0 Build 201410 search fields web/base/.. via filtervalue parameter ------------------- Assigned CVE: CVE-2017-7952 Reproduction steps: ------------------- 1. Log in with your EAM account 2. Go to any page with a search or filter field in it for example...

8.8CVSS8.8AI score0.01443EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/05/17 12:0 a.m.37 views

BuilderEngine 3.5.0 - Arbitrary File Upload and Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "BuilderEngine Arbitrary File Upload Vulnerability and execution", 'Description' = %q This module exploits a vulnerability found in BuilderEngine...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/15 12:0 a.m.29 views

Microsoft Windows 10 Kernel - 'nt!NtTraceControl (EtwpSetProviderTraits)' Pool Memory Disclosure

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1161 We have discovered that the handler of the nt!NtTraceControl system call specifically the EtwpSetProviderTraitsUm functionality, opcode 0x1E discloses portions of uninitialized pool memory to user-mode clients on Windows 10...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/15 12:0 a.m.55 views

Mailcow 0.14 - Cross-Site Request Forgery

Credits: John Page a.k.a hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MAILCOW-v0.14-CSRF-PASSWORD-RESET-ADD-ADMIN.txt + ISR: ApparitionSec Vendor: ============= mailcow.email mailcow.github.io Product: =========== The integrated mailcow UI...

8.8CVSS8.8AI score0.02049EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/05/15 12:0 a.m.54 views

Quest Privilege Manager - pmmasterd Buffer Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Quest Privilege Manager pmmasterd Buffer Overflow', 'Description' = %q This modules exploits a buffer overflow in the Quest Privilege Manager, a...

8.3AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/15 12:0 a.m.70 views

Microsoft Windows 7 Kernel - 'win32k!xxxClientLpkDrawTextEx' Stack Memory Disclosure

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1182 We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 7 other platforms untested indirectly through the win32k!NtUserCreateWindowEx system call...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/15 12:0 a.m.16 views

LabF nfsAxe 3.7 FTP Client - Remote Buffer Overflow (SEH)

!/usr/bin/python print "LabF nfsAxe 3.7 FTP Client Buffer Overflow SEH" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Tested on Windows Vista x86 import socket import sys badchars \x00\x10\x0a buf = "" buf +=...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/15 12:0 a.m.57 views

Microsoft Windows 7 Kernel - Pool-Based Out-of-Bounds Reads Due to bind() Implementation Bugs in afd.sys / tcpip.sys

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1127 We have identified two related bugs in Windows kernel code responsible for implementing the bind socket function, specifically in the afd!AfdBind and tcpip!TcpBindEndpoint routines. They both can lead to reading beyond the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/15 12:0 a.m.38 views

Microsoft Windows 7 Kernel - Uninitialized Memory in the Default dacl Descriptor of System Processes Token

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1145 We have observed on Windows 7 32-bit that for unclear reasons, the kernel-mode structure containing the default DACL of system processes' tokens lsass.exe, services.exe, ... has 8 uninitialized bytes at the end, as the size ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/14 12:0 a.m.42 views

PlaySMS 1.4 - '/sendfromfile.php' Remote Code Execution / Unrestricted File Upload

Exploit Title: PlaySMS 1.4 Code Execution using $filename and Unrestricted File Upload in sendfromfile.php Date: 14-05-2017 Software Link: https://playsms.org/download/ Version: 1.4 Exploit Author: Touhid M.Shaikh Contact: http://twitter.com/touhidshaikh22 Website: http://touhidshaikh.com/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/14 12:0 a.m.50 views

Larson VizEx Reader 9.7.5 - Local Buffer Overflow (SEH)

!/usr/bin/python Exploit Title : Larson VizEx Reader 9.7.5 - Local Buffer Overflow SEH Date : 14/05/2017 Exploit Author : Muhann4d CVE : CVE-2017-8927 Vendor Homepage : http://www.cgmlarson.com/ Software Link : http://download.freedownloadmanager.org/Windows-PC/Larson-VizEx-Reader/FREE-9.7.5.html...

7.8CVSS7.7AI score0.0301EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/05/14 12:0 a.m.38 views

Halliburton LogView Pro 10.0.1 - Local Buffer Overflow (SEH)

!/usr/bin/python Exploit Title : Halliburton LogView Pro 10.0.1 - Local Buffer Overflow SEH Date : 2017-05-14 Exploit Author : Muhann4d CVE : CVE-2017-8926 Vendor Homepage : http://www.halliburton.com Software Link :...

7.8CVSS7AI score0.03134EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/05/12 12:0 a.m.31 views

Dive Assistant Template Builder 8.0 - XML External Entity Injection

Exploit Title: Dive Assistant - Template Builder XXE Injection + Date: 12-05-2017 + Exploit Author: Trent Gordon + Vendor Homepage: http://www.blackwave.com/ + Software Link: http://www.diveassistant.com/Products/DiveAssistantDesktop/index.aspx + Version: 8.0 + Tested on: Windows 7 SP1, Windows...

5.5CVSS5.6AI score0.02208EPSS
Exploits3
Exploit DB
Exploit DB
added 2017/05/11 12:0 a.m.1375 views

MiniUPnP MiniUPnPc < 2.0 - Remote Denial of Service

VuNote ====== Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-8798 Version: 0.6 Date: May 1st, 2017 Tag: miniupnpc getHTTPResponse chunked encoding integer signedness error Overview -------- Name: miniupnpc Vendor: Thomas Bernard References: http://miniupnp.free.fr/ 1...

9.8CVSS9.6AI score0.24027EPSS
Exploits6
Exploit DB
Exploit DB
added 2017/05/11 12:0 a.m.132 views

Vanilla Forums < 2.3 - Remote Code Execution

!/bin/bash / / / / / / / / / / / / / / / / / / // / / / /// / / / / // / // / // / / / / // / // , / / / ///, /,// // //,///||// // // Vanilla Forums = 2.3 Remote Code Execution RCE PoC Exploit 0day Core version no plugins, default config. CVE-2016-10033 RCE CVE-2016-10073 Header Injection...

9.8CVSS9.3AI score0.99714EPSS
Exploits60
Exploit DB
Exploit DB
added 2017/05/11 12:0 a.m.319 views

Linux Kernel 4.8.0-41-generic (Ubuntu) - Packet Socket Local Privilege Escalation

// A proof-of-concept local root exploit for CVE-2017-7308. // Includes a SMEP & SMAP bypass. // Tested on 4.8.0-41-generic Ubuntu kernel. // https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-7308 // // Usage: // user@ubuntu:$ uname -a // Linux ubuntu 4.8.0-41-generic 4416.04.1-Ubuntu...

7.8CVSS8.1AI score0.17827EPSS
Exploits17
Exploit DB
Exploit DB
added 2017/05/11 12:0 a.m.567 views

Microsoft IIS - WebDav 'ScStoragePathFromUrl' Remote Overflow (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule ' Microsoft IIS WebDav ScStoragePathFromUrl Overflow', 'Description' = %q Buffer overflow in the ScStoragePathFromUrl function in the WebDAV servic...

10CVSS9.6AI score0.99823EPSS
Exploits39
Exploit DB
Exploit DB
added 2017/05/11 12:0 a.m.87 views

OpenVPN 2.4.0 - Denial of Service

!/usr/bin/env python3 ''' $ ./dosserver.py & $ sudo ./openvpn-2.4.0/src/openvpn/openvpn conf/server-tls.conf ... Fri Feb 24 10:19:19 2017 192.168.149.1:64249 TLS: Initial packet from AFINET192.168.149.1:64249, sid=9a6c48a6 1467f5e1 Fri Feb 24 10:19:19 2017 192.168.149.1:64249 Assertion failed at...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/10 12:0 a.m.64 views

Cisco DPC3928 Router - Arbitrary File Disclosure

Vulnerability Summary The following advisory describes an arbitrary file disclosure vulnerability found in Cisco DPC3928AD DOCSIS 3.0 2-PORT Voice Gateway. The Cisco DPC3928AD DOCSIS is a home wireless router that is currently "Out of support" but is provided by ISPs world wide. Credit An...

9.8CVSS9.8AI score0.07122EPSS
Exploits3
Exploit DB
Exploit DB
added 2017/05/10 12:0 a.m.54 views

CMS Made Simple 2.1.6 - Multiple Vulnerabilities

Title: CMSMS 2.1.6 Multiple Vulnerabilities Date: 10-05-2017 Tested on: Windows 8 64-bit Exploit Author: Osanda Malith Jayathissa @OsandaMalith Original write-up: https://osandamalith.com/2017/05/11/cmsms-2-1-6-multiple-vulnerabilities/ CVE: CVE-2017-8912 Remote Code Execution...

7.2CVSS7AI score0.03111EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/05/10 12:0 a.m.498 views

Microsoft Windows Server 2008 R2 (x64) - 'SrvOs2FeaToNt' SMB Remote Code Execution (MS17-010)

Exploit Author: Juan Sacco at KPN Red Team - http://www.kpn.com Date and time of release: May, 9 2017 - 13:00PM Found this and more exploits on my open source security project: http://www.exploitpack.com MS17-010 - https://technet.microsoft.com/en-us/library/security/ms17-010.aspx Tested on:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/10 12:0 a.m.225 views

Intel Active Management Technology - System Privileges

!/usr/bin/python -- coding: utf-8 -- Author: Nixawk CVE-2017-5689 = dork="Server: IntelR Active Management Technology" port:"16992", ports= 623, 664, 16992, 16993, 16994, 16995 products= Active Management Technology AMT, Intel Standard Manageability ISM, Intel Small Business Technology SBT versio...

10CVSS7AI score0.92189EPSS
Exploits7
Exploit DB
Exploit DB
added 2017/05/10 12:0 a.m.49 views

QNAP PhotoStation 5.2.4 / MusicStation 4.8.4 - Authentication Bypass

Exploit QNAP PhotoStation 5.2.4 and MusicStation 4.8.4 Authentication Bypass Date: 10.05.2017 Software Link: https://www.qnap.com Exploit Author: Kacper Szurek Contact: https://twitter.com/KacperSzurek Website: https://security.szurek.pl/ Category: web 1. Description $COOKIESTATIONSID is not...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/10 12:0 a.m.25 views

Gongwalker API Manager 1.1 - Cross-Site Request Forgery

Exploit Title: gongwalker API Manager v1.1 - CSRFAdd/Delete/Edit API Date: 2017-05-10 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: https://github.com/gongwalker/ApiManager Software Link: https://github.com/gongwalker/ApiManager.git Version: v1.1 Tested on: Debian...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/10 12:0 a.m.32 views

BanManager WebUI 1.5.8 - PHP Code Injection

BanManager WebUI 1.5.8 - PHP Code Injection & Stored XSS Exploit Title: BanManager WebUI - PHP Code Injection & Stored XSS Date: 2017-05-10 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: https://github.com/BanManagement/BanManager-WebUI Software Link:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/10 12:0 a.m.84 views

SAP SAPCAR 721.510 - Heap Buffer Overflow

''' Source: https://www.coresecurity.com/advisories/sap-sapcar-heap-based-buffer-overflow-vulnerability 1. Advisory Information Title: SAP SAPCAR Heap Based Buffer Overflow Vulnerability Advisory ID: CORE-2017-0001 Advisory URL:...

7.8CVSS7.7AI score0.03297EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/05/09 12:0 a.m.75 views

Oracle GoldenGate 12.1.2.0.0 - Remote Code Execution

!/usr/bin/env python Sources: https://silentsignal.hu/docs/S2OracleGoldenGateGOLDENSHOWER.py https://blog.silentsignal.eu/2017/05/08/fools-of-golden-gate/ GOLDENSHOWER - Oracle GoldenGate unauthenticated RCE by Silent Signal Tested with: Version 12.1.2.0.0 17185003...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2017/05/09 12:0 a.m.61 views

wolfSSL 3.10.2 - x509 Certificate Text Parsing Off-by-One

TALOS-2017-0293 WOLFSSL LIBRARY X509 CERTIFICATE TEXT PARSING CODE EXECUTION VULNERABILITY MAY 8, 2017 CVE-2017-2800 SUMMARY An exploitable off-by-one write vulnerability exists in the x509 certificate parsing functionality of wolfSSL library versions up to 3.10.2. A specially crafted x509...

9.8CVSS9AI score0.0853EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/05/09 12:0 a.m.68 views

I, Librarian 4.6/4.7 - Command Injection / Server Side Request Forgery / Directory Enumeration / Cross-Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: I, Librarian PDF manager vulnerable version: =4.6 & 4.7 fixed version: 4.8 CVE number: - impact: Critical homepage:...

7.4AI score
Exploits0
Total number of security vulnerabilities47904