Lucene search
K
ExploitpackMost viewed

41207 matches found

exploitpack
exploitpack
added 2018/10/12 12:0 a.m.37 views

SugarCRM 6.5.26 - Cross-Site Scripting

SugarCRM 6.5.26 - Cross-Site Scripting Exploit Title: SugarCRM 6.5.26 - Cross-Site Scripting Date: 2018-09-29 Exploit Author: Purplemet Security Author Website: https://www.purplemet.com/ Vendor Homepage: https://www.sugarcrm.com/ Software Link: https://sourceforge.net/projects/sugarcrm/ Version:...

4.3CVSS0.04353EPSS
Exploits5
exploitpack
exploitpack
added 2018/09/04 12:0 a.m.37 views

PHP File Browser Script 1 - Directory Traversal

PHP File Browser Script 1 - Directory Traversal Exploit Title: PHP File Browser Script 1 - Directory Traversal Dork: N/A Date: 2018-09-03 Exploit Author: Özkan Mustafa Akkuş AkkuS Vendor Homepage: https://www.hscripts.com/scripts/php/file-browser.php Software...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/08/13 12:0 a.m.37 views

Microsoft DirectX SDK - Xact.exe Remote Code Execution

Microsoft DirectX SDK - Xact.exe Remote Code Execution + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-DIRECTX-SDK-XACT.EXE-TROJAN-FILE-CODE-EXECUTION.txt + ISR: Apparition Security Greetz: indoushka | Eduardo...

8.1AI score
Exploits0
exploitpack
exploitpack
added 2018/07/17 12:0 a.m.37 views

Microhard Systems 3G4G Cellular Ethernet and Serial Gateway - File Manipulation

Microhard Systems 3G4G Cellular Ethernet and Serial Gateway - File Manipulation Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Arbitrary File Attacks Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb 2.2.0...

Exploits0
exploitpack
exploitpack
added 2018/06/05 12:0 a.m.37 views

Clone2GO Video converter 2.8.2 - Buffer Overflow

Clone2GO Video converter 2.8.2 - Buffer Overflow !/usr/bin/python ---------------------------------------------------------------------------------------------------------------------- Exploit Title : Clone 2 GO Video converter 2.8.2 Unicode Buffer Overflow Remote Code Execution Exploit Author :...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2018/06/05 12:0 a.m.37 views

Linux Kernel 4.16.11 - ext4_read_inline_data() Memory Corruption

Linux Kernel 4.16.11 - ext4readinlinedata Memory Corruption ext4 can store data for small regular files as "inline data", meaning that the data is stored inside the corresponding inode instead of in separate blocks. Inline data is stored in two places: The first 60 bytes go in the iblock field in...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2018/06/03 12:0 a.m.38 views

GreenCMS 2.3.0603 - Cross-Site Request Forgery (Add Admin)

GreenCMS 2.3.0603 - Cross-Site Request Forgery Add Admin Exploit Title: GreenCMS v2.3.0603 CSRF vulnerability add admin Date: 2018-06-02 Exploit Author: xichao Vendor Homepage: https://github.com/GreenCMS/GreenCMS Software Link: https://github.com/GreenCMS/GreenCMS Version: v2.3.0603 CVE :...

6.8CVSS0.5AI score0.02513EPSS
Exploits5
exploitpack
exploitpack
added 2018/05/30 12:0 a.m.37 views

Dolibarr ERPCRM 7.0.0 - (Authenticated) SQL Injection

Dolibarr ERPCRM 7.0.0 - Authenticated SQL Injection CVE-2018-10094 Dolibarr SQL Injection vulnerability Description Dolibarr is an "Open Source ERP & CRM for Business" used by many companies worldwide. It is available through GitHub or as distribution packages e.g .deb package. Threat The...

7.5CVSS0.4AI score0.71242EPSS
Exploits10
exploitpack
exploitpack
added 2018/05/30 12:0 a.m.38 views

SearchBlox 8.6.6 - Cross-Site Request Forgery

SearchBlox 8.6.6 - Cross-Site Request Forgery Exploit Title: CSRF Privilege Escalation Creation of an administrator account on SearchBlox 8.6.6 Exploit Author: Canberk BOLAT, Ahmet GÜREL Software Link: https://www.searchblox.com/ Version: = SearchBlox Version 8.6.6 Platform: Java Tested on: Windo...

6.8CVSS0.8AI score0.12879EPSS
Exploits5
exploitpack
exploitpack
added 2018/05/16 12:0 a.m.37 views

Multiplayer BlackJack Online Casino Game 2.5 - Cross-Site Scripting

Multiplayer BlackJack Online Casino Game 2.5 - Cross-Site Scripting Exploit Title: Multiplayer BlackJack - Online Casino Game 2.5 - Persistent Cross-Site scripting Date: 2018-05-16 Exploit Author: L0RD Vendor Homepage:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/05/11 12:0 a.m.37 views

2345 Security Guard 3.7 - 2345BdPcSafe.sys Denial of Service

2345 Security Guard 3.7 - 2345BdPcSafe.sys Denial of Service Exploit Title: BSOD by IOCTL 0x002220e0 in 2345BdPcSafe.sys of 2345 Security Guard 3.7 Date: 20180509 Exploit Author: anhkgg Vendor Homepage: http://safe.2345.cc/ Software Link: http://dl.2345.cc/2345pcsafe/2345pcsafev3.7.0.9345.exe...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2018/05/02 12:0 a.m.37 views

WebKit - WebCore::jsElementScrollHeightGetter Use-After-Free

WebKit - WebCore::jsElementScrollHeightGetter Use-After-Free input:enabled content: urlfoo; padding-top: 0vmin .class4 -webkit-transform: scale1, 255; function jsfuzzer document.head.appendChildkg; var test = input.scrollHeight; ::ptr const...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2018/04/18 12:0 a.m.37 views

Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities

Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities Exploit Author: bzyo CVE: CVE-2018-10077, CVE-2018-10078, CVE-2018-10079 Twitter: @bzyo Exploit Title: Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities Date: 04-17-18 Vulnerable Software: WatchDog Console - 3.2.2 Vendor Homepage:...

4CVSS0.3AI score0.08296EPSS
Exploits7
exploitpack
exploitpack
added 2018/03/20 12:0 a.m.37 views

Kamailio 5.1.1 5.1.0 5.0.0 - Off-by-One Heap Overflow

Kamailio 5.1.1 5.1.0 5.0.0 - Off-by-One Heap Overflow ''' Off-by-one heap overflow in Kamailio - Authors: - Alfred Farrugia - Sandro Gauci - Fixed versions: Kamailio v5.1.2, v5.0.6 and v4.4.7 - References: no CVE assigned yet - Enable Security Advisory: - Tested vulnerable versions: 5.1.1, 5.1.0,...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2018/03/02 12:0 a.m.37 views

DualDesk 20 - Proxy.exe Denial of Service

DualDesk 20 - Proxy.exe Denial of Service + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/DUALDESK-v20-DENIAL-OF-SERVICE.txt + ISR: Apparition Security Vendor: =============== www.dualdesk.com Product: =========== DualDes...

5CVSS7.6AI score0.40671EPSS
Exploits5
exploitpack
exploitpack
added 2017/12/27 12:0 a.m.37 views

Telesquare SKT LTE Router SDT-CS3B1 - Denial of Service

Telesquare SKT LTE Router SDT-CS3B1 - Denial of Service !/usr/bin/env python Telesquare SKT LTE Router SDT-CS3B1 Remote Reboot Denial Of Service Vendor: Telesquare Co., Ltd. Product web page: http://www.telesquare.co.kr Affected version: FwVer: SDT-CS3B1, sw version 1.2.0 LteVer: ML300S5XEA41090 ...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2017/12/14 12:0 a.m.37 views

Piwigo 2.9.1 - cat_true cat_false SQL Injection

Piwigo 2.9.1 - cattrue catfalse SQL Injection Exploit Title: Piwigo = 2.9.1 - 'cattrue'/'catfalse' SQL Injection Dork: N/A Date: 12.12.2017 Vendor Homepage: http://piwigo.org/ Software Link: http://piwigo.org/basics/downloads Version: = 2.9.1 Category: Webapps Tested on: WiN7x64/WIN10X64 CVE:...

7.5CVSS0.1AI score0.08239EPSS
Exploits5
exploitpack
exploitpack
added 2017/12/13 12:0 a.m.37 views

vBulletin 5.x - routestring Remote Code Execution

vBulletin 5.x - routestring Remote Code Execution SSD Advisory – vBulletin routestring Unauthenticated Remote Code Execution Source: https://blogs.securiteam.com/index.php/archives/3569 Vulnerability Summary The following advisory describes a unauthenticated file inclusion vulnerability that lead...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2017/12/07 12:0 a.m.37 views

Microsoft Windows Defender - Controlled Folder Bypass Through UNC Path

Microsoft Windows Defender - Controlled Folder Bypass Through UNC Path / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1418 Windows Defender: Controlled Folder Bypass through UNC Path Platform: Windows 10 1709 + Antimalware client version 4.12.16299.15 Class: Security Feature...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2017/11/22 12:0 a.m.37 views

WebKit - WebCore::RenderText::localCaretRect Out-of-Bounds Read

WebKit - WebCore::RenderText::localCaretRect Out-of-Bounds Read / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1348 There is an out-of-bounds read security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. PoC:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2017/10/22 12:0 a.m.37 views

WordPress Plugin Polls 1.2.4 - SQL Injection (PoC)

WordPress Plugin Polls 1.2.4 - SQL Injection PoC Exploit Title :WordPress Polls plugin1.2.4 SQL Injection vulnerability Vulnerable version:Download Link : https://downloads.wordpress.org/plugin/polls-widget.1.2.4.zip //////////////////////// /// Overview: //////////////////////// WordPress Polls...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2017/10/12 12:0 a.m.37 views

TP-Link TL-MR3220 - Cross-Site Scripting

TP-Link TL-MR3220 - Cross-Site Scripting Exploit Title: Vulnerability Xss - TP-LINK TL-MR3220 Date: 12/10/2017 Exploit Author: Thiago "THX" Sena Vendor Homepage: http://www.tp-link.com.br Version: TL-MR3220 Tested on: Windows 10 CVE : CVE-2017-15291 Vulnerabilty: Cross-site scripting XSS in TP-LI...

4.3CVSS6.1AI score0.01671EPSS
Exploits4
exploitpack
exploitpack
added 2017/09/28 12:0 a.m.37 views

Trend Micro OfficeScan 11.0XG (12.0) - Server Side Request Forgery

Trend Micro OfficeScan 11.0XG 12.0 - Server Side Request Forgery + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/TRENDMICRO-OFFICESCAN-XG-SERVER-SIDE-REQUEST-FORGERY.txt + ISR: ApparitionSec Vendor: ==================...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2017/09/28 12:0 a.m.37 views

DiskBoss Enterprise 8.4.16 - Import Command Local Buffer Overflow

DiskBoss Enterprise 8.4.16 - Import Command Local Buffer Overflow !/usr/bin/python ======================================================================================================================== Exploit Author: Touhid M.Shaikh Exploit Title: DiskBoss Enterprise v8.4.16 "Import Command"...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2017/09/02 12:0 a.m.37 views

Lotus Notes Diagnostic Tool 8.59.0 - Local Privilege Escalation

Lotus Notes Diagnostic Tool 8.59.0 - Local Privilege Escalation Exploit Title: Lotus Notes Diagnostic Tool nsd.exe Privelege Escalation Date: 02-09-2017 Exploit Author: ParagonSec Website: https://github.com/paragonsec Version: 8.5 & 9.0 Tested on: Windows 7 Enterprise CVE: CVE-2015-0179 Vendor C...

7.2CVSS0.2AI score0.01118EPSS
Exploits4
exploitpack
exploitpack
added 2017/08/31 12:0 a.m.37 views

Sitefinity CMS 9.2 - Cross-Site Scripting

Sitefinity CMS 9.2 - Cross-Site Scripting Exploit Title: Stored Cross Site Scripting XSS in Progress Sitefinity CMS 9.2 Date: Aug 31, 2017 Exploit Author: Pralhad Chaskar Vendor Homepage: http://www.sitefinity.com/ Tested on: Progress Sitefinity CMS 9.2 and lower CVE : NA Vendor Description...

Exploits0
exploitpack
exploitpack
added 2017/08/18 12:0 a.m.37 views

QuantaStor Software Defined Storage 4.3.1 - Multiple Vulnerabilities

QuantaStor Software Defined Storage 4.3.1 - Multiple Vulnerabilities 1. --- Advisory details --- Title: QuantaStor Software Define Storage mmultiple vulnerabilities Advisory ID: VVVSEC-2017-6943 Advisory URL: http://www.vvvsecurity.com/advisories/vvvsecurity-advisory-2017-6943.txt Date published:...

5CVSS0.04746EPSS
Exploits7
exploitpack
exploitpack
added 2017/08/15 12:0 a.m.37 views

AdvanDate iCupid Dating Software 12.2 - SQL Injection

AdvanDate iCupid Dating Software 12.2 - SQL Injection Exploit Title: iCupid Dating Software 12.2 - SQL Injection Dork: N/A Date: 15.08.2017 Vendor Homepage : https://www.advandate.com/ Software Link: https://www.advandate.com/dating-software-features/ Demo: https://demo.advandate.com/ Version: 12...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2017/08/08 12:0 a.m.37 views

Unitrends UEB 9.1 - Privilege Escalation

Unitrends UEB 9.1 - Privilege Escalation Exploit Title: Authenticated lowpriv RCE for Unitrends UEB 9.1 Date: 08/08/2017 Exploit Authors: Benny Husted, Jared Arave, Cale Smith Contact: https://twitter.com/iotennui || https://twitter.com/BennyHusted || https://twitter.com/0xC413 Vendor Homepage:...

9CVSS0.6AI score0.11811EPSS
Exploits4
exploitpack
exploitpack
added 2017/08/03 12:0 a.m.37 views

Horde Groupware 5.2.21 - Unauthorized File Download

Horde Groupware 5.2.21 - Unauthorized File Download Vulnerability Summary The following advisory describes an unauthorized file download vulnerability found in Horde Groupware version 5.2.21. Horde Groupware Webmail Edition is “a free, enterprise ready, browser based communication suite. Users ca...

5CVSS7.5AI score0.0553EPSS
Exploits3
exploitpack
exploitpack
added 2017/07/31 12:0 a.m.37 views

libao 1.2.0 - Denial of Service

libao 1.2.0 - Denial of Service libao memory corruption vulnerability ================ Author : qflb.wu =============== Introduction: ============= Libao is a cross-platform audio library that allows programs to output audio using a simple API on a wide variety of platforms. Affected version: ===...

4.3CVSS5.5AI score0.03855EPSS
Exploits3
exploitpack
exploitpack
added 2017/07/28 12:0 a.m.37 views

FortiOS 5.6.0 - Cross-Site Scripting

FortiOS 5.6.0 - Cross-Site Scripting Title: FortiOS = 5.6.0 Multiple XSS Vulnerabilities Vendor: Fortinet www.fortinet.com CVE: CVE-2017-3131, CVE-2017-3132, CVE-2017-3133 Date: 28.07.2016 Author: Patryk Bogdan @patrykbogdan Affected FortiNet products: CVE-2017-3131 : FortiOS versions 5.4.0 to...

4.3CVSS5.7AI score0.08869EPSS
Exploits6
exploitpack
exploitpack
added 2017/07/13 12:0 a.m.37 views

CyberArk Viewfinity 5.5.10.95 - Local Privilege Escalation

CyberArk Viewfinity 5.5.10.95 - Local Privilege Escalation Exploit Title: Privilege Escalation via CyberArk Viewfinity 8. This will spawn a new CMD prompt. Verify you are now Admin...

0.7AI score0.00985EPSS
Exploits3
exploitpack
exploitpack
added 2017/07/10 12:0 a.m.38 views

NfSen 1.3.7 AlienVault OSSIM 5.3.4 - Command Injection

NfSen 1.3.7 AlienVault OSSIM 5.3.4 - Command Injection Exploit Title: NfSen/AlienVault remote root exploit IPC query command injection Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1bpo80+1all. Previous versions are also likely to be affected. Version: AlienVault 5.3.4 Date: 2017-07-10 Vendor Homepage:...

9CVSS0.4AI score0.16179EPSS
Exploits5
exploitpack
exploitpack
added 2017/05/17 12:0 a.m.37 views

Apple iOS 10.3.2 - Notifications API Denial of Service

Apple iOS 10.3.2 - Notifications API Denial of Service Exploit Title: Apple iOS 10.3.2 - Notifications API Denial of Service Date: 05-15-2017 Exploit Author: Sem Voigtländer @OxFEEDFACE, Vincent Desmurs @vincedes3 and Joseph Shenton Vendor Homepage: https://apple.com Software Link:...

4.3CVSS5.7AI score0.02394EPSS
Exploits3
exploitpack
exploitpack
added 2017/05/10 12:0 a.m.37 views

Microsoft Windows Server 2008 R2 (x64) - SrvOs2FeaToNt SMB Remote Code Execution (MS17-010)

Microsoft Windows Server 2008 R2 x64 - SrvOs2FeaToNt SMB Remote Code Execution MS17-010 Exploit Author: Juan Sacco at KPN Red Team - http://www.kpn.com Date and time of release: May, 9 2017 - 13:00PM Found this and more exploits on my open source security project: http://www.exploitpack.com...

8.1AI score
Exploits0
exploitpack
exploitpack
added 2017/04/20 12:0 a.m.37 views

Oracle VM VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy

Oracle VM VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1086 There is a vulnerability in VirtualBox that permits an attacker with root privileges in a virtual machine with a NAT network...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2017/03/01 12:0 a.m.37 views

WordPress Plugin Global Content Blocks 2.1.5 - Cross-Site Request Forgery

WordPress Plugin Global Content Blocks 2.1.5 - Cross-Site Request Forgery !-- Source: https://sumofpwn.nl/advisory/2016/crosssiterequestforgeryinglobalcontentblockswordpressplugin.html Abstract It was discovered that the Global Content Blocks WordPress Plugin is vulnerable to Cross-Site Request...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2017/02/28 12:0 a.m.37 views

Sophos Web Appliance 4.3.1.1 - Session Fixation

Sophos Web Appliance 4.3.1.1 - Session Fixation Exploit Title: Sophos Secure Web Appliance Session Fixation Vulnerability Date: 28/02/2017 Exploit Author: SlidingWindow , Twitter: @KapilKhot Vendor Homepage: https://www.sophos.com/en-us/products/secure-web-gateway.aspx Version: Tested on Sophos W...

6.8CVSS0.3AI score0.07538EPSS
Exploits4
exploitpack
exploitpack
added 2016/12/22 12:0 a.m.37 views

Microsoft Internet Explorer 11 - MSHTML CPaste­Command::Convert­Bitmapto­Png Heap Buffer Overflow (MS14-056)

Microsoft Internet Explorer 11 - MSHTML CPaste­Command::Convert­Bitmapto­Png Heap Buffer Overflow MS14-056 Security Settings - Choose a zone - Scripting should prevent websites from programmatically copy/pasting an image. Disabling execution of scripts on web-pages altogether will have the same...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2016/11/21 12:0 a.m.37 views

Microsoft Internet Explorer 8 - jscript Reg­Exp­Base::FBad­Header Use-After-Free (MS15-018)

Microsoft Internet Explorer 8 - jscript Reg­Exp­Base::FBad­Header Use-After-Free MS15-018 // This Po­C attempts to exploit a use-after-free bug in Microsoft Internet // Explorer 8. // See http://blog.skylined.nl/20161116001.html for details. var r=new Reg­Exp"A|x|x|xx|xxxxxxxxxxxxxxxxxxxx+", "g";...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2016/11/02 12:0 a.m.37 views

Alienvault OSSIMUSM 5.3.1 - Persistent Cross-Site Scripting

Alienvault OSSIMUSM 5.3.1 - Persistent Cross-Site Scripting Details ======= Product: Alienvault OSSIM/USM Vulnerability: Stored XSS Author: Peter Lapp, lappsec gmail com CVE: CVE-2016-8581 CVSS: 3.5 Vulnerable Versions: Current Sessions. POC === The POC uses jQuery to send all session IDs on the...

4.3CVSS0.2AI score0.17058EPSS
Exploits5
exploitpack
exploitpack
added 2016/11/02 12:0 a.m.37 views

LifeSize Room 5.0.9 - Multiple Vulnerabilities

LifeSize Room 5.0.9 - Multiple Vulnerabilities Source: https://github.com/XiphosResearch/exploits/tree/master/deathsize LifeSize Room 5.0.9, remote config disclosure, code execution & local privilege escalation Ultimately the Lifesize Room products have fundamentally flawed firmware, many similar...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2016/10/31 12:0 a.m.37 views

Micro Focus Rumba 9.3 - ActiveX Stack Buffer Overflow (PoC)

Micro Focus Rumba 9.3 - ActiveX Stack Buffer Overflow PoC Exploit Title: Micro Focus Rumba function vuln // 272 Junk Data // 272 + "\x43\x43\x43\x43" = EDX = 43434343 // // If we change the edx to an address that point to a valid address // We will have control over EIP // 0x20302228 // Overwrite...

10CVSS1.3AI score0.15115EPSS
Exploits4
exploitpack
exploitpack
added 2016/10/28 12:0 a.m.37 views

InfraPower PPS-02-S Q213V1 - Multiple Cross-Site Scripting Vulnerabilities

InfraPower PPS-02-S Q213V1 - Multiple Cross-Site Scripting Vulnerabilities InfraPower PPS-02-S Q213V1 Multiple XSS Vulnerabilities Vendor: Austin Hughes Electronics Ltd. Product web page: http://www.austin-hughes.com Affected version: Q213V1 Firmware: V2395S Fixed version: Q216V3 Firmware:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2016/10/20 12:0 a.m.37 views

SPIP 3.1.2 Template CompilerComposer - PHP Code Execution

SPIP 3.1.2 Template CompilerComposer - PHP Code Execution SPIP 3.1.2 Template Compiler/Composer PHP Code Execution CVE-2016-7998 Product Description SPIP is a publishing system for the Internet, which put importance on collaborative working, multilingual environments and ease of use. It is free...

6.5CVSS9AI score0.13649EPSS
Exploits7
exploitpack
exploitpack
added 2016/10/19 12:0 a.m.37 views

IObit Advanced SystemCare 10.0.2 - Unquoted Service Path Privilege Escalation

IObit Advanced SystemCare 10.0.2 - Unquoted Service Path Privilege Escalation Exploit Title: IObit Advanced SystemCare Unquoted Service Path Privilege Escalation Date: 19/10/2016 Author: Ashiyane Digital Security Team Vendor Homepage: http://www.iobit.com/en/index.php Software Link:...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2016/10/17 12:0 a.m.37 views

Microsoft Windows Diagnostics Hub - DLL Load Privilege Escalation (MS16-125)

Microsoft Windows Diagnostics Hub - DLL Load Privilege Escalation MS16-125 / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=887 Windows: Diagnostics Hub DLL Load EoP Platform: Windows 10 10586, not tested 8.1 Update 2 or Windows 7 Class: Elevation of Privilege Summary: The fix...

7.2CVSS0.4AI score0.02019EPSS
Exploits2
exploitpack
exploitpack
added 2016/10/12 12:0 a.m.37 views

Cisco Webex Player T29.10 - .WRF Use-After-Free Memory Corruption

Cisco Webex Player T29.10 - .WRF Use-After-Free Memory Corruption Application: Cisco Webex Player Platforms: Windows Versions: Cisco Webex Meeting Player version T29.10 Author: Francis Provencher of COSIG Website: https://cosig.gouv.qc.ca/en/advisory/ Twitter: @COSIG Date: August 31, 2016 CVE:...

9.3CVSS0.3AI score0.09983EPSS
Exploits3
exploitpack
exploitpack
added 2016/09/05 12:0 a.m.37 views

ArcServe UDP 6.0.3792 Update 2 Build 516 - Unquoted Service Path Privilege Escalation

ArcServe UDP 6.0.3792 Update 2 Build 516 - Unquoted Service Path Privilege Escalation Title: ArcServe UDP - Unquoted Service Path Privilege Escalation CWE Class: CWE-427: Uncontrolled Search Path Element Date: 04/09/2016 Vendor: ArcServe Product: ArcServe UDP Standard Edition for Windows, TRIAL...

0.7AI score
Exploits0
Total number of security vulnerabilities5000