Lucene search
K
ExploitpackMost viewed

41207 matches found

exploitpack
exploitpack
added 2018/11/13 12:0 a.m.40 views

SIPve 0.0.2-R19 - SQL Injection

SIPve 0.0.2-R19 - SQL Injection Exploit Title: SIPve 0.0.2-R19 - SQL Injection Dork: N/A Date: 2018-11-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://sourceforge.net/projects/sipve/ Software Link: https://datapacket.dl.sourceforge.net/project/sipve/sipve-v0.0.2-R19.tar.gz Version:...

8.6AI score
Exploits0
exploitpack
exploitpack
added 2018/10/22 12:0 a.m.40 views

Apple iOSmacOS - Kernel Memory Corruption due to Integer Overflow in IOHIDResourceQueue::enqueueReport

Apple iOSmacOS - Kernel Memory Corruption due to Integer Overflow in IOHIDResourceQueue::enqueueReport / IOHIDResourceQueue inherits from IOSharedDataQueue and adds its own ::enqueueReport method, which seems to be mostly copy-pasted from IOSharedDataQueue and IODataQueue's ::enqueue methods. I...

9.3CVSS0.7AI score0.03424EPSS
Exploits2
exploitpack
exploitpack
added 2018/10/15 12:0 a.m.40 views

Advanced HRM 1.6 - Remote Code Execution

Advanced HRM 1.6 - Remote Code Execution Exploit Title: Advanced HRM 1.6 - Remote Code Execution Google Dork: intext:"Advanced HRM" Date: 2018-10-06 Exploit Author: Renos Nikolaou Vendor Homepage: https://coderpixel.com/ Software Link: https://codecanyon.net/item/advanced-hrm/17767006 Version: 1....

0.2AI score
Exploits0
exploitpack
exploitpack
added 2018/10/12 12:0 a.m.40 views

D-Link Routers - Plaintext Password

D-Link Routers - Plaintext Password Password stored in plaintext CVE: CVE-2018-10824 Description: An issue was discovered on D-Link routers: DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02,...

5CVSS8.7AI score0.39268EPSS
Exploits9
exploitpack
exploitpack
added 2018/10/11 12:0 a.m.40 views

Microsoft SQL Server Management Studio 17.9 - .xmla XML External Entity Injection

Microsoft SQL Server Management Studio 17.9 - .xmla XML External Entity Injection Exploit Title: Microsoft SQL Server Management Studio 17.9 - '.xmla' XML External Entity Injection Date: 2018-10-10 Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Venodor: www.microsoft.com...

4.3CVSS6AI score0.23373EPSS
Exploits5
exploitpack
exploitpack
added 2018/09/25 12:0 a.m.40 views

WebKit - WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded Use-After-Free

WebKit - WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded Use-After-Free ::selection, input:focus, .class0, ul::first-letter -webkit-column-count: 85; float: left; function jsfuzzer var fuzzervars = ; try / / var00034 = document.getSelection; catche try...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/07/20 12:0 a.m.40 views

TP-Link TL-WR840N - Denial of Service

TP-Link TL-WR840N - Denial of Service Exploit Title:- TP-Link Wireless N Router WR840N - Buffer Overflow Date:- 2018-07-16 Vendor Homepage:- https://www.tp-link.com/ Hardware Link:- https://www.amazon.in/TP-LINK-TL-WR840N-300Mbps-Wireless-External/dp/B01A0G1J7Q Version:- TP-Link Wireless N Router...

5CVSS7.7AI score0.08297EPSS
Exploits3
exploitpack
exploitpack
added 2018/07/17 12:0 a.m.40 views

Microhard Systems 3G4G Cellular Ethernet and Serial Gateway - Remote Root

Microhard Systems 3G4G Cellular Ethernet and Serial Gateway - Remote Root Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Remote Root Exploit Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb 2.2.0 build 2160...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2018/07/04 12:0 a.m.40 views

Online Trade - Information Disclosure

Online Trade - Information Disclosure Exploit Title: Online Trade 1 - Information Disclosure Date: 2018-07-03 Exploit Author: L0RD Vendor Homepage: https://codecanyon.net/item/online-trade-online-forex-and-cryptocurrency-investment-system/21987193?srank=14 CVE: CVE-2018-12908 Version: 1 Tested on...

5CVSS9.4AI score0.10662EPSS
Exploits5
exploitpack
exploitpack
added 2018/07/04 12:0 a.m.40 views

CMS Made Simple 2.2.5 - (Authenticated) Remote Code Execution

CMS Made Simple 2.2.5 - Authenticated Remote Code Execution Exploit Title: CMS Made Simple 2.2.5 authenticated Remote Code Execution Date: 3rd of July, 2018 Exploit Author: Mustafa Hasan @strukt93 Vendor Homepage: http://www.cmsmadesimple.org/ Software Link:...

6.5CVSS0.5AI score0.40548EPSS
Exploits8
exploitpack
exploitpack
added 2018/06/27 12:0 a.m.40 views

HPE VAN SDN 2.7.18.0503 - Remote Root

HPE VAN SDN 2.7.18.0503 - Remote Root ''' -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 KL-001-2018-008 : HPE VAN SDN Unauthenticated Remote Root Vulnerability Title: HPE VAN SDN Unauthenticated Remote Root Vulnerability Advisory ID: KL-001-2018-008 Publication Date: 2018.06.25 Publication URL:...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2018/06/04 12:0 a.m.40 views

Brother HL Series Printers 1.15 - Cross-Site Scripting

Brother HL Series Printers 1.15 - Cross-Site Scripting Exploit Title: XSS at Brother HL series printers Date: 30.05.2018 Exploit Author: Huy Kha Vendor Homepage: http://support.brother.com Software Link: Website Version: Brother HL series printers. Tested on: Mozilla FireFox Reflected XSS Payload...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2018/05/16 12:0 a.m.40 views

WhatsApp 2.18.31 - Memory Corruption

WhatsApp 2.18.31 - Memory Corruption !/usr/bin/env python -- coding: utf-8 -- Exploit Author: Juan Sacco at Exploit Pack - http://www.exploitpack.com This vulnerability has been discovered and exploited using Exploit Pack - Framework Tested on: iPhone 5/6s/X iOS 10 and 11.3 Latest release of iOS ...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/04/18 12:0 a.m.40 views

Joomla! Component JS Jobs 1.2.0 - Cross-Site Request Forgery

Joomla! Component JS Jobs 1.2.0 - Cross-Site Request Forgery Exploit Title: Joomla! Component Js Jobs - Multiple Cross Site Request Forgery Vulnerabilities Google Dork: N/A Date: 17-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/04/02 12:0 a.m.40 views

VideoFlow Digital Video Protection (DVP) 2.10 - Directory Traversal

VideoFlow Digital Video Protection DVP 2.10 - Directory Traversal VideoFlow Digital Video Protection DVP 10 Authenticated Directory Traversal Vendor: VideoFlow Ltd. Product web page: http://www.video-flow.com Affected version: 2.10 X-Prototype-Version: 1.6.0.2 System = Indicate if the DVP is...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2018/03/30 12:0 a.m.40 views

Allok WMV to AVI MPEG DVD WMV Converter 4.6.1217 - Buffer Overflow

Allok WMV to AVI MPEG DVD WMV Converter 4.6.1217 - Buffer Overflow SWAMI KARUPASAMI THUNAI Exploit Title: Allok soft WMV to AVI MPEG DVD WMV Converter - Buffer Overflow Vulnerability Windows XP SP3 Date: 06-03-2018 Exploit Author: Mohan Ravichandran & Velayutham Selvaraj Organization : TwinTech...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2018/03/30 12:0 a.m.40 views

Vtiger CRM 6.3.0 - (Authenticated) Arbitrary File Upload (Metasploit)

Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload', 'Description' = %q...

0.3AI score0.40241EPSS
Exploits12
exploitpack
exploitpack
added 2018/03/02 12:0 a.m.40 views

uWSGI 2.0.17 - Directory Traversal

uWSGI 2.0.17 - Directory Traversal Exploit Title: uWSGI PHP Plugin Directory Traversal Date: 01-03-2018 Exploit Author: Marios Nicolaides - RUNESEC Reviewers: Simon Loizides and Nicolas Markitanis - RUNESEC Vendor Homepage: https://uwsgi-docs.readthedocs.io Affected Software: uWSGI PHP Plugin...

5CVSS0.7081EPSS
Exploits5
exploitpack
exploitpack
added 2018/02/27 12:0 a.m.40 views

Microsoft Windows 8.12012 R2 - SMBv3 Null Pointer Dereference Denial of Service

Microsoft Windows 8.12012 R2 - SMBv3 Null Pointer Dereference Denial of Service Exploit Title: Microsoft Windows SMB Client Null Pointer Dereference Denial of Service Date: 26/02/2018 Exploit Author: Nabeel Ahmed Version: SMBv3 Tested on: Windows 8.1 x86, Windows Server 2012 R2 x64 CVE :...

6.3CVSS0.40645EPSS
Exploits11
exploitpack
exploitpack
added 2018/02/27 12:0 a.m.40 views

CMS Made Simple 2.1.6 - Remote Code Execution

CMS Made Simple 2.1.6 - Remote Code Execution Exploit Title: CMS Made Simple 2.1.6 - Remote Code Execution Date: 2018-02-26 Exploit Author: Keerati T. Vendor Homepage: http://www.cmsmadesimple.org/ Software Link: http://s3.amazonaws.com/cmsms/downloads/13570/cmsms-2. 1.6-install.zip Version: 2.1....

8.5CVSS0.1AI score0.13252EPSS
Exploits5
exploitpack
exploitpack
added 2018/02/22 12:0 a.m.40 views

Joomla! Component Proclaim 9.1.1 - Arbitrary File Upload

Joomla! Component Proclaim 9.1.1 - Arbitrary File Upload Exploit Title: Joomla! Component Proclaim 9.1.1 - Arbitrary File Upload Dork: N/A Date: 22.02.2018 Vendor Homepage: https://www.christianwebministries.org/ Software Link:...

7.5CVSS0.2AI score0.08213EPSS
Exploits5
exploitpack
exploitpack
added 2018/01/24 12:0 a.m.40 views

RAVPower 2.000.056 - Root Remote Code Execution

RAVPower 2.000.056 - Root Remote Code Execution """ Exploit Title: RAVPower - remote root Date: 23/01/2018 Exploit Authors: Daniele Linguaglossa Vendor Homepage: https://www.ravpower.com/ Software Link: https://www.ravpower.com/ Version: 2.000.056 Tested on: OSX CVE : CVE-2018-5997 """ import...

10CVSS0.1AI score0.23948EPSS
Exploits5
exploitpack
exploitpack
added 2018/01/21 12:0 a.m.40 views

Shopware 5.2.55.3 - Cross-Site Scripting

Shopware 5.2.55.3 - Cross-Site Scripting Document Title: =============== Shopware 5.2.5 & v5.3 - Multiple Cross Site Scripting Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1922 Shopware Security Tracking ID: SW-19834 Security Updat...

4.3CVSS0.1AI score0.04812EPSS
Exploits7
exploitpack
exploitpack
added 2018/01/15 12:0 a.m.40 views

D-Link DNS-343 ShareCenter 1.05 - Command Injection

D-Link DNS-343 ShareCenter 1.05 - Command Injection D-Link DNS-343 ShareCenter Remote Root Vendor: D-Link Product: D-Link DNS-343 ShareCenter Version: = 1.05 Website: http://sharecenter.dlink.com/products/DNS-343 / / / / / / / / / / / / / / / / / / / / / \ / // / // / / / / / / / // / / / /,///...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/01/15 12:0 a.m.40 views

Disk Pulse Enterprise 10.1.18 - Remote Buffer Overflow

Disk Pulse Enterprise 10.1.18 - Remote Buffer Overflow Exploit Title: Disk Pulse Enterprise Server v10.1.18 - Buffer Overflow Exploit Author: Ahmad Mahfouz Description: Disk Pule Enterprise Server Unauthenticated Remote Buffer Overflow SEH Contact: http://twitter.com/eln1x Date: 12/01/2018 CVE:...

5CVSS0.5AI score0.13176EPSS
Exploits8
exploitpack
exploitpack
added 2018/01/11 12:0 a.m.40 views

ALLMediaServer 0.95 - Remote Buffer Overflow

ALLMediaServer 0.95 - Remote Buffer Overflow !/usr/bin/python Exploit Title: Stack Buffer Overflow in ALLMediaServer 0.95 Exploit Author: Mario Kartone Ciccarelli Contact: https://twitter.com/Kartone CVE: CVE-2017-17932 Date: 09-01-2018 Thanks to PoC: https://www.exploit-db.com/exploits/43406/...

10CVSS1AI score0.53317EPSS
Exploits10
exploitpack
exploitpack
added 2017/12/22 12:0 a.m.40 views

Vitek - Remote Command Execution Information Disclosure (PoC)

Vitek - Remote Command Execution Information Disclosure PoC STX Subject: Vitek RCE and Information Disclosure and possible other OEM Attack vector: Remote Authentication: Anonymous no credentials needed Researcher: bashis December 2017 PoC: https://github.com/mcw0/PoC Release date: December 22,...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2017/12/14 12:0 a.m.40 views

Multiple OEM - nsd Remote Stack Format String (PoC)

Multiple OEM - nsd Remote Stack Format String PoC STX Subject: Remote Stack Format String in 'nsd' binary from multiple OEM Attack vector: Remote Authentication: Anonymous no credentials needed Researcher: bashis December 2017 PoC: https://github.com/mcw0/PoC Release date: December 14, 2017 Full...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2017/12/13 12:0 a.m.40 views

vBulletin 5 - routestring Remote Code Execution

vBulletin 5 - routestring Remote Code Execution SSD Advisory – vBulletin routestring Unauthenticated Remote Code Execution Source: https://blogs.securiteam.com/index.php/archives/3569 Vulnerability Summary The following advisory describes a unauthenticated file inclusion vulnerability that leads ...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2017/11/11 12:0 a.m.40 views

osCommerce 2.3.4.1 - Arbitrary File Upload

osCommerce 2.3.4.1 - Arbitrary File Upload Exploit Title: osCommerce 2.3.4.1 Authenticated Arbitrary File Upload Date: 11.11.2017 Exploit Author: Simon Scannell - https://scannell-infosec.net Vendor Homepage: https://www.oscommerce.com/ Software Link:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2017/10/09 12:0 a.m.40 views

PHP Melody 2.7.3 - Multiple Vulnerabilities

PHP Melody 2.7.3 - Multiple Vulnerabilities Vulnerabilities Summary The following advisory describes three 3 vulnerabilities found in PHP Melody version 2.7.3. PHP Melody is a “self-hosted Video CMS which evolved over the last 9 years. SEO optimization, unbeaten security and speed are advantages...

7.5CVSS0.4AI score0.01485EPSS
Exploits4
exploitpack
exploitpack
added 2017/08/18 12:0 a.m.40 views

ZKTime Web Software 2.0 - Cross-Site Request Forgery

ZKTime Web Software 2.0 - Cross-Site Request Forgery Exploit Title: ZKTime Web Software 2.0 - Cross Site Request Forgery CVE-ID: CVE-2017-13129 Vendor Homepage: https://www.zkteco.com/product/ZKTimeWeb2.0435.html Vendor of Product: ZKTeco Affected Product Code: ZKTime Web - 2.0.1.12280 Category:...

6CVSS0.4AI score0.01079EPSS
Exploits4
exploitpack
exploitpack
added 2017/07/24 12:0 a.m.40 views

Nitro Pro PDF - Multiple Vulnerabilities

Nitro Pro PDF - Multiple Vulnerabilities Vulnerabilities Summary The following advisory describes three vulnerabilities found in Nitro / Nitro Pro PDF. Nitro Pro is the PDF reader and editor that does everything you will ever need to do with PDF files. The powerful but snappy editor lets you chan...

4.3CVSS0.9AI score0.0249EPSS
Exploits2
exploitpack
exploitpack
added 2017/07/18 12:0 a.m.40 views

Microsoft Windows Kernel - IOCTL 0x120007 NsiGetParameter nsiproxynetio Pool Memory Disclosure

Microsoft Windows Kernel - IOCTL 0x120007 NsiGetParameter nsiproxynetio Pool Memory Disclosure / We have discovered that the handler of the 0x120007 IOCTL in nsiproxy.sys \.\Nsi device discloses portions of uninitialized pool memory to user-mode clients, likely due to output structure alignment...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/07/12 12:0 a.m.40 views

360 Total Security - Local Privilege Escalation

360 Total Security - Local Privilege Escalation Vulnerability Summary The following advisory describes an Privileged Escalation vulnerability found in 360 Total Security. 360 Total Security offers your PC complete protection from Viruses, Trojans and other emerging threats. Whether you are shoppi...

6.8CVSS0.8AI score0.01984EPSS
Exploits2
exploitpack
exploitpack
added 2017/07/11 12:0 a.m.40 views

NfSen 1.3.7 AlienVault OSSIM 4.3.1 - customfmt Command Injection

NfSen 1.3.7 AlienVault OSSIM 4.3.1 - customfmt Command Injection Exploit Title: NfSen/AlienVault remote root exploit command injection in customfmt parameter Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault USM/OSSIM 4.3.1...

10CVSS0.14603EPSS
Exploits3
exploitpack
exploitpack
added 2017/07/10 12:0 a.m.40 views

Pelco SarixSpectra Cameras - Remote Code Execution

Pelco SarixSpectra Cameras - Remote Code Execution Schneider Electric Pelco Sarix/Spectra Cameras Root Remote Code Execution Vendor: Schneider Electric SE Product web page: https://www.pelco.com Affected version: Sarix Enhanced - Model: IME219 Firmware: 2.1.2.0.8280-A0.0 Sarix Enhanced - Model:...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2017/06/14 12:0 a.m.40 views

KBVault MySQL 0.16a - Arbitrary File Upload

KBVault MySQL 0.16a - Arbitrary File Upload Exploit Title: KBVault MySQL v0.16a - Unauthenticated File Upload to Run Code Google Dork: inurl:"FileExplorer/Explorer.aspx" Date: 2017-06-14 Exploit Author: Fatih Emiral Vendor Homepage: http://kbvaultmysql.codeplex.com/ Software Link:...

7.5CVSS0.1AI score0.04289EPSS
Exploits4
exploitpack
exploitpack
added 2017/06/07 12:0 a.m.40 views

Robert 0.5 - Multiple Vulnerabilities

Robert 0.5 - Multiple Vulnerabilities Exploit Title: Robert 0.5 - Multiple Vulnerabilities XSS, CSRF, Directory traversal & SQLi Date: 07/06/2017 Exploit Author: Cyril Vallicari / HTTPCS - ZIWIT Vendor website :http://robert.polosson.com/ Download link :...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2017/05/31 12:0 a.m.40 views

OV3 Online Administration 3.0 - SQL Injection

OV3 Online Administration 3.0 - SQL Injection OV3 Online Administration 3.0 Multiple Unauthenticated SQL Injection Vulnerabilities Vendor: novaCapta Software & Consulting GmbH Product web page: http://www.meacon.de Affected version: 3.0 Summary: With the decision to use the OV3 as a platform for...

Exploits0
exploitpack
exploitpack
added 2017/05/26 12:0 a.m.40 views

Microsoft MsMpEng - Multiple Problems Handling ntdll!NtControlChannel Commands

Microsoft MsMpEng - Multiple Problems Handling ntdll!NtControlChannel Commands Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1260 MsMpEng includes a full system x86 emulator that is used to execute any untrusted files that look like PE executables. The emulator runs as NT...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/05/10 12:0 a.m.40 views

SAP SAPCAR 721.510 - Heap Buffer Overflow

SAP SAPCAR 721.510 - Heap Buffer Overflow ''' Source: https://www.coresecurity.com/advisories/sap-sapcar-heap-based-buffer-overflow-vulnerability 1. Advisory Information Title: SAP SAPCAR Heap Based Buffer Overflow Vulnerability Advisory ID: CORE-2017-0001 Advisory URL:...

6.8CVSS0.2AI score0.03297EPSS
Exploits5
exploitpack
exploitpack
added 2017/05/09 12:0 a.m.40 views

I_ Librarian 4.64.7 - Command Injection Server Side Request Forgery Directory Enumeration Cross-Site Scripting

I Librarian 4.64.7 - Command Injection Server Side Request Forgery Directory Enumeration Cross-Site Scripting SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: I, Librarian PDF manager...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2017/05/05 12:0 a.m.40 views

ViMbAdmin 3.0.15 - Multiple Cross-Site Request Forgery Vulnerabilities

ViMbAdmin 3.0.15 - Multiple Cross-Site Request Forgery Vulnerabilities CVE-2017-6086 Multiple CSRF vulnerabilities in ViMbAdmin version 3.0.15 Product Description ViMbAdmin is a web-based interface used to manage a mail server with virtual domains, mailboxes and aliases. It is an open source...

6.8CVSS0.6AI score0.01998EPSS
Exploits5
exploitpack
exploitpack
added 2017/04/10 12:0 a.m.40 views

Moxa MXview 2.8 - Private Key Disclosure

Moxa MXview 2.8 - Private Key Disclosure + Credits: John Page AKA HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MOXA-MXVIEW-v2.8-REMOTE-PRIVATE-KEY-DISCLOSURE.txt + ISR: APPARITIONSEC Vendor: ============ www.moxa.com Product: =========== MXvie...

5CVSS7.6AI score0.16341EPSS
Exploits5
exploitpack
exploitpack
added 2017/02/22 12:0 a.m.40 views

D-Link DCS Series Cameras - Insecure Crossdomain

D-Link DCS Series Cameras - Insecure Crossdomain Exploit Title: Insecure CrossDomain.XML in D-Link DCS Series Cameras Date: 22/02/2017 Exploit Author: SlidingWindow , Twitter: @KapilKhot Vendor Homepage: http://us.dlink.com/product-category/home-solutions/view/network-cameras/ Version: Tested on...

6.8CVSS0.4AI score0.04294EPSS
Exploits5
exploitpack
exploitpack
added 2016/12/22 12:0 a.m.40 views

Apple macOS 10.12 - Double vm_deallocate in Userspace MIG Code Use-After-Free

Apple macOS 10.12 - Double vmdeallocate in Userspace MIG Code Use-After-Free / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=954 Proofs of Concept: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/40954.zip Userspace MIG services often use...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2016/11/22 12:0 a.m.40 views

TP-LINK TDDP - Multiple Vulnerabilities

TP-LINK TDDP - Multiple Vulnerabilities 1. Advisory Information Title: TP-LINK TDDP Multiple Vulnerabilities Advisory ID: CORE-2016-0007 Advisory URL: http://www.coresecurity.com/advisories/tp-link-tddp-multiple-vulnerabilities Date published: 2016-11-21 Date of last update: 2016-11-18 Vendors...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2016/10/05 12:0 a.m.40 views

Cisco Firepower Threat Management Console 6.0.1 - Hard-Coded MySQL Credentials

Cisco Firepower Threat Management Console 6.0.1 - Hard-Coded MySQL Credentials KL-001-2016-005 : Cisco Firepower Threat Management Console Hard-coded MySQL Credentials Title: Cisco Firepower Threat Management Console Hard-coded MySQL Credentials Advisory ID: KL-001-2016-005 Publication Date:...

4.6CVSS7.7AI score0.00983EPSS
Exploits4
exploitpack
exploitpack
added 2016/08/14 12:0 a.m.40 views

Claroline 1.7.7 - Arbitrary File Inclusion

Claroline 1.7.7 - Arbitrary File Inclusion Claroline Arbitrary File Inclusion Vendor: Claroline Product: Claroline Version: 0 $uidReset = true; $clarologinSucceeded = true; break; e...

5.1CVSS0.9AI score0.10076EPSS
Exploits4
Total number of security vulnerabilities5000