Lucene search
K
ExploitpackRecent

41207 matches found

exploitpack
exploitpack
added 2019/08/30 12:0 a.m.11 views

Easy MP3 Downloader 4.7.8.8 - Unlock Code Denial of Service

Easy MP3 Downloader 4.7.8.8 - Unlock Code Denial of Service !/usr/bin/python SWAMI KARUPASAMI THUNAI print""" Exploit Title: Easy MP3 Downloader Denial of Service Date: 2019-08-29 Exploit Author: Mohan Ravichandran & Snazzy Sanoj Organization : StrongBox IT Vulnerable Software: Easy MP3 Downloade...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/08/30 12:0 a.m.31 views

WordPress Plugin WooCommerce Product Feed 2.2.18 - Cross-Site Scripting

WordPress Plugin WooCommerce Product Feed 2.2.18 - Cross-Site Scripting Exploit Title: WordPress Plugin WooCommerce Product Feed = 2.2.18 - Cross-Site Scripting Date: 30 August 2019 Exploit Author: Damian Ebelties https://zerodays.lol/ Vendor Homepage:...

4.3CVSS5.5AI score0.03213EPSS
Exploits5
exploitpack
exploitpack
added 2019/08/30 12:0 a.m.52 views

Canon PRINT 2.5.5 - Information Disclosure

Canon PRINT 2.5.5 - Information Disclosure Exploit Title: Content Provider URI Injection on Canon PRINT 2.5.5 CVE-2019-14339 Date: 24th July, 2019 Exploit Author: 0x48piraj Vendor Homepage:...

4.3CVSS5.4AI score0.05393EPSS
Exploits6
exploitpack
exploitpack
added 2019/08/30 12:0 a.m.23 views

Sentrifugo 3.2 - File Upload Restriction Bypass

Sentrifugo 3.2 - File Upload Restriction Bypass Exploit Title: Sentrifugo 3.2 - File Upload Restriction Bypass Google Dork: N/A Date: 8/29/2019 Exploit Author: creosote Vendor Homepage: http://www.sentrifugo.com/ Version: 3.2 Tested on: Ubuntu 18.04 CVE : CVE-2019-15813 Multiple File Upload...

6.5CVSS0.5AI score0.33236EPSS
Exploits7
exploitpack
exploitpack
added 2019/08/30 12:0 a.m.32 views

SQL Server Password Changer 1.90 - Denial of Service

SQL Server Password Changer 1.90 - Denial of Service Exploit Title: SQL Server Password Changer v1.90 Denial of Service Exploit Date: 29.08.2019 Vendor Homepage:https://www.top-password.com/ Exploit Author: Velayutham Selvaraj & Praveen Thiyagarayam TwinTech Solutions Tested Version: v2.10 Tested...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/08/29 12:0 a.m.20 views

PilusCart 1.4.1 - Local File Disclosure

PilusCart 1.4.1 - Local File Disclosure Exploit Title: PilusCart = 1.4.1 - Local File Disclosure Date: 29 August 2019 Exploit Author: Damian Ebelties https://zerodays.lol/ Vendor Homepage: https://sourceforge.net/projects/pilus/ Version: = 1.4.1 Tested on: Ubuntu 18.04.1 The e-commerce software...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/08/29 12:0 a.m.18 views

Jobberbase 2.0 - subscribe SQL Injection

Jobberbase 2.0 - subscribe SQL Injection !/bin/bash Exploit Title: Jobberbase 2.0 - 'subscribe' SQL injection Date: 29 August 2019 Exploit Author: Damian Ebelties https://zerodays.lol/ Vendor Homepage: http://www.jobberbase.com/ Version: 2.0 Tested on: Ubuntu 18.04.1 : ' The page "/subscribe/" is...

8.6AI score
Exploits0
exploitpack
exploitpack
added 2019/08/29 12:0 a.m.12 views

Webkit JSC: JIT - Uninitialized Variable Access in ArgumentsEliminationPhase::transform

Webkit JSC: JIT - Uninitialized Variable Access in ArgumentsEliminationPhase::transform https://github.com/WebKit/webkit/blob/94e868c940d46c5745869192d07255331d00102b/Source/JavaScriptCore/dfg/DFGArgumentsEliminationPhase.cppL743 case GetByVal: ... unsigned numberOfArgumentsToSkip = 0; if...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/08/28 12:0 a.m.38 views

SQLiteManager 1.2.0 1.2.4 - Blind SQL Injection

SQLiteManager 1.2.0 1.2.4 - Blind SQL Injection !-- Exploit Title: Blind SQL injection in SQLiteManager 1.2.0 and 1.2.4 Date: 17-02-2019 Exploit Author: Rafael Pedrero Vendor Homepage: http://www.sqlitemanager.org/ Software Link: http://www.sqlitemanager.org/ Version: SQLiteManager 1.2.0 and 1.2....

7.5CVSS0.3AI score0.17598EPSS
Exploits5
exploitpack
exploitpack
added 2019/08/28 12:0 a.m.17 views

Jobberbase 2.0 CMS - jobs-in SQL Injection

Jobberbase 2.0 CMS - jobs-in SQL Injection Exploit Title: Jobberbase 2.0 CMS - 'jobs-in' SQL Injection Google Dork: N/A Date: 28, August 2019 Exploit Author: Suvadip Kar Vendor Homepage: http://jobberbase.com/ Software Link: https://github.com/filipcte/jobberbase/zipball/master Version: 2.0 Teste...

8.7AI score
Exploits0
exploitpack
exploitpack
added 2019/08/28 12:0 a.m.31 views

Outlook Password Recovery 2.10 - Denial of Service

Outlook Password Recovery 2.10 - Denial of Service Exploit Title: Outlook Password Recovery v2.10 Denial of Service Exploit Date: 16.08.2019 Vendor Homepage:https://www.top-password.com/ Software Link: https://www.top-password.com/outlook-password-recovery.html Exploit Author: Velayutham Selvaraj...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/08/27 12:0 a.m.34 views

Tableau - XML External Entity

Tableau - XML External Entity Exploit Title: Tableau XXE Google Dork: N/A Date: Reported to vendor July 2019, fix released August 2019. Exploit Author: Jarad Kopf Vendor Homepage: https://www.tableau.com/ Software Link: Tableau Desktop downloads: https://www.tableau.com/products/desktop/download...

5.5CVSS0.14314EPSS
Exploits5
exploitpack
exploitpack
added 2019/08/26 12:0 a.m.28 views

openITCOCKPIT 3.6.1-2 - Cross-Site Request Forgery

openITCOCKPIT 3.6.1-2 - Cross-Site Request Forgery Exploit Title: openITCOCKPIT 3.6.1-2 - CSRF 2 RCE Google Dork: N/A Date: 26-08-2019 Exploit Author: Julian Rittweger Vendor Homepage: https://openitcockpit.io/ Software Link:...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2019/08/26 12:0 a.m.24 views

Windows 10 - SET_REPARSE_POINT_EX Mount Point Security Feature Bypass

Windows 10 - SETREPARSEPOINTEX Mount Point Security Feature Bypass Windows: SETREPARSEPOINTEX Mount Point Security Feature Bypass Platform: Windows 10 1903, 1809 not tested earlier Class: Security Feature Bypass Summary: The NTFS driver supports a new FS control code to set a mount point which th...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/08/26 12:0 a.m.25 views

WordPress Plugin Import Export WordPress Users 1.3.1 - CSV Injection

WordPress Plugin Import Export WordPress Users 1.3.1 - CSV Injection Exploit Title: Wordpress Plugin Import Export WordPress Users = 1.3.1 - CSV Injection Exploit Author: Javier Olmedo Contact: @jjavierolmedo Website: https://sidertia.com Date: 2018-08-22 Google Dork:...

6CVSS0.05141EPSS
Exploits5
exploitpack
exploitpack
added 2019/08/26 12:0 a.m.41 views

LSoft ListServ 16.5-2018a - Cross-Site Scripting

LSoft ListServ 16.5-2018a - Cross-Site Scripting Exploit Title: LSoft ListServ 2. http://127.0.0.1/scripts/wa.exe?OK= References: 1. http://www.lsoft.com/manuals/16.5/LISTSERV16.5-2018aWhatsNew.pdf 2. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15501...

4.3CVSS0.08182EPSS
Exploits5
exploitpack
exploitpack
added 2019/08/26 12:0 a.m.24 views

WordPress Plugin UserPro 4.9.32 - Cross-Site Scripting

WordPress Plugin UserPro 4.9.32 - Cross-Site Scripting Exploit Title: UserPro https://github.com/cosenary/Instagram-PHP-API/blob/master/example/success.phpL36 Proof-of-Concept:...

4.3CVSS0.2AI score0.82962EPSS
Exploits6
exploitpack
exploitpack
added 2019/08/23 12:0 a.m.40 views

Nimble Streamer 3.0.2-2 3.5.4-9 - Directory Traversal

Nimble Streamer 3.0.2-2 3.5.4-9 - Directory Traversal Nimble Streamer 3.0.2-2 to 3.5.4-9 - Path Traversal Exploit Author: MAYASEVEN Source at "https://mayaseven.com/nimble-directory-traversal-in-nimble-streamer-version-3-0-2-2-to-3-5-4-9/" Published on 08/04/2019 Vendor Homepage at...

4CVSS0.2AI score0.23978EPSS
Exploits5
exploitpack
exploitpack
added 2019/08/21 12:0 a.m.169 views

Pulse Secure 8.1R15.18.28.39.0 SSL VPN - Arbitrary File Disclosure (Metasploit)

Pulse Secure 8.1R15.18.28.39.0 SSL VPN - Arbitrary File Disclosure Metasploit Exploit Title: File disclosure in Pulse Secure SSL VPN metasploit Google Dork: inurl:/dana-na/ filetype:cgi Date: 8/20/2019 Exploit Author: 0xDezzy Justin Wagner, Alyssa Herrera Vendor Homepage: https://pulsesecure.net...

7.5CVSS10AI score0.99999EPSS
Exploits22
exploitpack
exploitpack
added 2019/08/21 12:0 a.m.70 views

Cisco UCS Director_ Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data - Multiple Vulnerabilities

Cisco UCS Director Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data - Multiple Vulnerabilities Multiple critical vulnerabilities in Cisco UCS Director, Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data...

10CVSS0.4AI score0.83386EPSS
Exploits20
exploitpack
exploitpack
added 2019/08/21 12:0 a.m.67 views

LibreOffice 6.2.6 Macro - Python Code Execution (Metasploit)

LibreOffice 6.2.6 Macro - Python Code Execution Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LibreOffice Macro Python Code Execution', 'Description' = %q LibreOffice comes bundled...

7.5CVSS0.5AI score0.78007EPSS
Exploits11
exploitpack
exploitpack
added 2019/08/20 12:0 a.m.42 views

QEMU - Denial of Service

QEMU - Denial of Service include include include include include include include include include include include include include include include include include define diex do \ perrorx; \ exitEXITFAILURE; \ while0; // Constans define SRCADDR "10.0.2.15" define DSTADDR "10.0.2.2" define INTERFACE...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/08/20 12:0 a.m.28 views

WordPress Add Mime Types Plugin 2.2.1 - Cross-Site Request Forgery

WordPress Add Mime Types Plugin 2.2.1 - Cross-Site Request Forgery Exploit Title: CSRF vulnerabilities in WP Add Mime Types Plugin...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/08/19 12:0 a.m.267 views

FortiOS 5.6.3 - 5.6.7 FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure (Metasploit)

FortiOS 5.6.3 - 5.6.7 FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure Metasploit Exploit Title: FortiOS Leak file - Reading login/passwords in clear text. Google Dork: intext:"Please Login" inurl:"/remote/login" Date: 17/08/2019 Exploit Author: Carlos E. Vieira Vendor Homepage:...

5CVSS10AI score0.99999EPSS
Exploits22
exploitpack
exploitpack
added 2019/08/19 12:0 a.m.262 views

FortiOS 5.6.3 - 5.6.7 FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure

FortiOS 5.6.3 - 5.6.7 FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure Exploit Title: FortiOS Leak file - Reading login/passwords in clear text. Google Dork: intext:"Please Login" inurl:"/remote/login" Date: 17/08/2019 Exploit Author: Carlos E. Vieira Vendor Homepage: https://www.fortinet.com/...

5CVSS10AI score0.99999EPSS
Exploits22
exploitpack
exploitpack
added 2019/08/19 12:0 a.m.12 views

Kimai 2 - Persistent Cross-Site Scripting

Kimai 2 - Persistent Cross-Site Scripting Exploit Title: Kimai 2- persistent cross-site scripting XSS Date: 07/15/2019 Exploit Author: osamaalaa Vendor Homepage: link Software Link: https://github.com/kevinpapst/kimai2 Fixed on Github : https://github.com/kevinpapst/kimai2/pull/962 Version: 2...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2019/08/19 12:0 a.m.34 views

Webmin 1.920 - Remote Code Execution

Webmin 1.920 - Remote Code Execution !/bin/sh CVE-2019-15107 Webmin Unauhenticated Remote Command Execution based on Metasploit module https://www.exploit-db.com/exploits/47230 Original advisory: https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html...

10CVSS9.9AI score0.99766EPSS
Exploits37
exploitpack
exploitpack
added 2019/08/19 12:0 a.m.22 views

RAR Password Recovery 1.80 - User Name and Registration Code Denial of Service

RAR Password Recovery 1.80 - User Name and Registration Code Denial of Service Exploit Title: RAR Password Recovery v1.80 Denial of Service Exploit Date: 16.08.2019 Vendor Homepage:https://www.top-password.com/ Software Link: https://www.top-password.com/download/RARPRSetup.exe Exploit Author:...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/08/19 12:0 a.m.51 views

YouPHPTube 7.2 - userCreate.json.php SQL Injection

YouPHPTube 7.2 - userCreate.json.php SQL Injection Exploit Title: YouPHPTube 7.3 SQL Injection Google Dork: / Date: 19.08.2019 Exploit Author: Fabian Mosch, r-tec IT Security GmbH Vendor Homepage: https://www.youphptube.com/ Software Link: https://github.com/YouPHPTube/YouPHPTube Version: 7.3...

5CVSS0.02984EPSS
Exploits5
exploitpack
exploitpack
added 2019/08/19 12:0 a.m.14 views

Neo Billing 3.5 - Persistent Cross-Site Scripting

Neo Billing 3.5 - Persistent Cross-Site Scripting Exploit Title: Neo Billing 3.5 - Stored Cross Site Scripting Vulnerability Date: 18.8.2019. Exploit Author: n1x MS-WEB Vendor Homepage: https://codecanyon.net/item/neo-billing-accounting-invoicing-and-crm-software/20896547 Version: 3.5 CWE : CWE-7...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2019/08/16 12:0 a.m.21 views

GetGo Download Manager 6.2.2.3300 - Denial of Service

GetGo Download Manager 6.2.2.3300 - Denial of Service Exploit Title : GetGo Download Manager 6.2.2.3300 - Denial of Service Date: 2019-08-15 Author - Malav Vyas Vulnerable Software: GetGo Download Manager 6.2.2.3300 Vendor Home Page: www.getgosoft.com Software Link:...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/08/16 12:0 a.m.24 views

Integria IMS 5.0.86 - Arbitrary File Upload

Integria IMS 5.0.86 - Arbitrary File Upload Exploit Title: Integria IMS 5.0.86 - Arbitrary File Upload Date: 2019-08-16 Exploit Author: Greg.Priest Vendor Homepage: https://integriaims.com/ Software Link: https://sourceforge.net/projects/integria/files/5.0.86/ Version: Integria IMS 5.0.86 Tested...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2019/08/16 12:0 a.m.25 views

Joomla! component com_jsjobs 1.2.6 - Arbitrary File Deletion

Joomla! component comjsjobs 1.2.6 - Arbitrary File Deletion Exploit Title: Joomla! component comjsjobs 1.2.6 - Arbitrary File Deletion Dork: inurl:"index.php?option=comjsjobs" Date: 2019-08-16 Exploit Author: qw3rTyTy Vendor Homepage: https://www.joomsky.com/ Software Link:...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2019/08/16 12:0 a.m.49 views

EyesOfNetwork 5.1 - Authenticated Remote Command Execution

EyesOfNetwork 5.1 - Authenticated Remote Command Execution Exploit Title: EyesOfNetwork 5.1 - Authenticated Remote Command Execution Google Dork: N/A Date: 2019-08-14 Exploit Author: Nassim Asrir Vendor Homepage: https://www.eyesofnetwork.com/ Software Link:...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2019/08/16 12:0 a.m.13 views

Web Wiz Forums 12.01 - PF SQL Injection

Web Wiz Forums 12.01 - PF SQL Injection Exploit Title: Web Wiz Forums 12.01 - 'PF' SQL Injection Date: 2019-09-16 Exploit Author: n1x MS-WEB Vendor Homepage: https://www.webwiz.net/web-wiz-forums/forum-downloads.htm Version: 12.01 Tested on Windows Vulnerable parameter: PF memberprofile.asp GET...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/08/15 12:0 a.m.23 views

Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow in CoolType.dll

Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow in CoolType.dll We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 3fb8.2ac4: Access violation - code c0000005 first...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2019/08/15 12:0 a.m.33 views

Microsoft Font Subsetting - DLL Heap Corruption in FixSbitSubTables

Microsoft Font Subsetting - DLL Heap Corruption in FixSbitSubTables -----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific glyphs used i...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/08/15 12:0 a.m.30 views

Microsoft Font Subsetting - DLL Heap Corruption in ReadTableIntoStructure

Microsoft Font Subsetting - DLL Heap Corruption in ReadTableIntoStructure -----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific glyphs...

Exploits0
exploitpack
exploitpack
added 2019/08/15 12:0 a.m.25 views

Adobe Acrobat Reader DC for Windows - Double Free due to Malformed JP2 Stream

Adobe Acrobat Reader DC for Windows - Double Free due to Malformed JP2 Stream We have observed the following crash in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- ======================================= VERIFIER STOP 00000007: pid 0x2C1...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/08/15 12:0 a.m.24 views

Adobe Acrobat Reader DC for Windows - Heap-Based Memory Corruption due to Malformed TTF Font

Adobe Acrobat Reader DC for Windows - Heap-Based Memory Corruption due to Malformed TTF Font We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 4c84.1e3c: Access violation - code...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/08/15 12:0 a.m.26 views

Adobe Acrobat Reader DC for Windows - Heap-Based Out-of-Bounds read due to Malformed JP2 Stream

Adobe Acrobat Reader DC for Windows - Heap-Based Out-of-Bounds read due to Malformed JP2 Stream We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 180c.327c: Access violation - code...

Exploits0
exploitpack
exploitpack
added 2019/08/15 12:0 a.m.27 views

Microsoft Font Subsetting - DLL Double Free in MergeFormat12Cmap MakeFormat12MergedGlyphList

Microsoft Font Subsetting - DLL Double Free in MergeFormat12Cmap MakeFormat12MergedGlyphList -----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on t...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/08/15 12:0 a.m.19 views

Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed JP2 Stream

Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed JP2 Stream We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 2728.1fa8: Access violation - code...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2019/08/15 12:0 a.m.27 views

Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in FixSbitSubTableFormat1

Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in FixSbitSubTableFormat1 -----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/08/15 12:0 a.m.34 views

Adobe Acrobat CoolType (AFDKO) - Call from Uninitialized Memory due to Empty FDArray in Type 1 Fonts

Adobe Acrobat CoolType AFDKO - Call from Uninitialized Memory due to Empty FDArray in Type 1 Fonts -----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library...

Exploits0
exploitpack
exploitpack
added 2019/08/15 12:0 a.m.21 views

Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow While Processing Malformed PDF

Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow While Processing Malformed PDF We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 36ec.3210: Access violation - code...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2019/08/15 12:0 a.m.29 views

Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in GetGlyphIdx

Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in GetGlyphIdx -----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific glyp...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/08/15 12:0 a.m.16 views

Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed Font Stream

Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed Font Stream We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 50a8.4100: Access violation - code...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/08/15 12:0 a.m.22 views

Microsoft Font Subsetting - DLL Heap Corruption in ReadAllocFormat12CharGlyphMapList

Microsoft Font Subsetting - DLL Heap Corruption in ReadAllocFormat12CharGlyphMapList -----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/08/15 12:0 a.m.24 views

Adobe Acrobat Reader DC for Windows - free() of Uninitialized Pointer due to Malformed JBIG2Globals Stream

Adobe Acrobat Reader DC for Windows - free of Uninitialized Pointer due to Malformed JBIG2Globals Stream We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 4970.179c: Access violati...

0.5AI score
Exploits0
Total number of security vulnerabilities41207