Lucene search
K
ExploitpackRecent

41207 matches found

exploitpack
exploitpack
added 2019/04/30 12:0 a.m.34 views

DeviceViewer 3.12.0.1 - user SEH Overflow

DeviceViewer 3.12.0.1 - user SEH Overflow Exploit Title: DeviceViewer v3.12.0.1 username field SEH overflow PoC Discovery Date: 25/04/2019 Exploit Author: Hayden Wright Vendor Homepage: www.sricam.com/ Software Link: http://download.sricam.com/Manual/DeviceViewer.exe Version: v3.12.0.1 Tested on:...

0.5AI score
Exploits3
exploitpack
exploitpack
added 2019/04/30 12:0 a.m.19 views

Joomla! Component ARI Quiz 3.7.4 - SQL Injection

Joomla! Component ARI Quiz 3.7.4 - SQL Injection Exploit Title: Joomla! Component ARI Quiz 3.7.4 - SQL Injection Exploit Author: Mr Winst0n Author E-mail: [email protected] Discovery Date: April 27, 2019 Vendor Homepage: http://www.ari-soft.com Software Link :...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2019/04/30 12:0 a.m.30 views

Linux - Missing Locking Between ELF coredump code and userfaultfd VMA Modification

Linux - Missing Locking Between ELF coredump code and userfaultfd VMA Modification elfcoredump has a comment back from something like 2.5.43-C3 that says: / We no longer stop all VM operations. This is because those proceses that could possibly change mapcount or the mmap / vma pages are now...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/04/30 12:0 a.m.45 views

Intelbras IWR 3000N - Denial of Service (Remote Reboot)

Intelbras IWR 3000N - Denial of Service Remote Reboot /bin/bash PoC based on CVE-2019-11415 created by Social Engineering Neo. Credit: https://1.337.zone/2019/04/08/intelbras-iwr-3000n-any-version-dos-on-malformed-login-request/ A malformed login request allows remote attackers to cause a denial ...

7.8CVSS7.6AI score0.13743EPSS
Exploits5
exploitpack
exploitpack
added 2019/04/30 12:0 a.m.21 views

Joomla! Component JiFile 2.3.1 - Arbitrary File Download

Joomla! Component JiFile 2.3.1 - Arbitrary File Download Exploit Title: Joomla! Component JiFile 2.3.1 - Arbitrary File Download Exploit Author: Mr Winst0n Author E-mail: [email protected] Discovery Date: April 28, 2019 Vendor Homepage: http://www.isapp.it Software Link :...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/04/30 12:0 a.m.528 views

Oracle Weblogic 10.3.6.0.0 12.1.3.0.0 - Remote Code Execution

Oracle Weblogic 10.3.6.0.0 12.1.3.0.0 - Remote Code Execution !/usr/bin/python Exploit Title: Oracle Weblogic Exploit CVE-2019-2725 Date: 30/04/2019 Exploit Author: Avinash Kumar Thapa Vendor Homepage: https://www.oracle.com/middleware/technologies/weblogic.html Software Link:...

7.5CVSS0.99964EPSS
Exploits35
exploitpack
exploitpack
added 2019/04/30 12:0 a.m.32 views

Hyvikk Fleet Manager - Shell Upload

Hyvikk Fleet Manager - Shell Upload ======================================================================================== | Fleet Manager hyvikk Shell Upload Date: 29-04-2019 Title : Fleet Manager by hyvikk All versions | Author : saxgy1331 - Kaieteur-Falls-1331 | Vendor Homepage:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/04/26 12:0 a.m.22 views

systemd - DynamicUser can Create setuid Binaries when Assisted by Another Process

systemd - DynamicUser can Create setuid Binaries when Assisted by Another Process This bug report describes a bug in systemd that allows a service with DynamicUser in collaboration with another service or user to create a setuid binary that can be used to access its UID beyond the lifetime of the...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/04/26 12:0 a.m.12 views

NSauditor 3.1.2.0 - Name Denial of Service (PoC)

NSauditor 3.1.2.0 - Name Denial of Service PoC Exploit Title: NSauditor 3.1.2.0 - 'Name' Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-04-24 Vendor Homepage: www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Tested Version: 3.1.2.0...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/04/26 12:0 a.m.11 views

NSauditor 3.1.2.0 - Community Denial of Service (PoC)

NSauditor 3.1.2.0 - Community Denial of Service PoC Exploit Title: NSauditor 3.1.2.0 - 'Community' Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-04-24 Vendor Homepage: www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/nsauditorsetup.exe Tested Version...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2019/04/26 12:0 a.m.39 views

Apache Pluto 3.0.0 3.0.1 - Persistent Cross-Site Scripting

Apache Pluto 3.0.0 3.0.1 - Persistent Cross-Site Scripting Exploit Title: Stored XSS Date: 25-04-2019 Exploit Author: Dhiraj Mishra Vendor Homepage: https://portals.apache.org/pluto Software Link: https://portals.apache.org/pluto/download.html Version: 3.0.0, 3.0.1 Tested on: Ubuntu 16.04 LTS CVE...

4.3CVSS6.1AI score0.20649EPSS
Exploits5
exploitpack
exploitpack
added 2019/04/25 12:0 a.m.14 views

AnMing MP3 CD Burner 2.0 - Denial of Service (PoC)

AnMing MP3 CD Burner 2.0 - Denial of Service PoC Exploit Title: AnMing MP3 CD Burner 2.0 Local Dos Exploit Date: 25.04.2019 Vendor Homepage:http://www.ddz1977.com/ Software Link:...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/04/25 12:0 a.m.9 views

Backup Key Recovery 2.2.4 - Denial of Service (PoC)

Backup Key Recovery 2.2.4 - Denial of Service PoC Exploit Title: Backup Key Recovery 2.2.4 - 'Name' Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-04-24 Vendor Homepage: www.nsauditor.com Software Link: http://www.nsauditor.com/downloads/backeyrecoverysetup.exe Tested...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/04/25 12:0 a.m.21 views

osTicket 1.11 - Cross-Site Scripting Local File Inclusion

osTicket 1.11 - Cross-Site Scripting Local File Inclusion Exploit Title: osTicket v1.11 - Cross-Site Scripting to Local File Inclusion Date: 09.04.2019 Exploit Author: Özkan Mustafa Akkuş AkkuS @ehakkus Contact: https://pentest.com.tr Vendor Homepage: https://osticket.com Software Link:...

Exploits0
exploitpack
exploitpack
added 2019/04/25 12:0 a.m.15 views

HeidiSQL 10.1.0.5464 - Denial of Service (PoC)

HeidiSQL 10.1.0.5464 - Denial of Service PoC Exploit Title: HeidiSQL Portable 10.1.0.5464 - Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-04-24 Vendor Homepage: https://www.heidisql.com/ Software Link:...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/04/25 12:0 a.m.15 views

Lavavo CD Ripper 4.20 - License Activation Name Buffer Overflow (SEH)

Lavavo CD Ripper 4.20 - License Activation Name Buffer Overflow SEH Exploit Title: Lavavo CD Ripper 4.20 Local Seh Exploit Date: 25.04.2019 Vendor Homepage:https://www.lavavosoftware.com Software Link: https://lavavo-cd-ripper.jaleco.com/download Exploit Author: Achilles Tested Version: 4.20 Test...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2019/04/25 12:0 a.m.39 views

JioFi 4G M2S 1.0.2 - Denial of Service

JioFi 4G M2S 1.0.2 - Denial of Service Exploit Title: cgi-bin/qcmapwebcgi on JioFi 4G M2S 1.0.2 devices allows a DoS Hang via the mask POST parameter Exploit Author: Vikas Chaudhary Date: 21-01-2019 Vendor Homepage: https://www.jio.com/ Hardware Link:...

6.1CVSS0.1AI score0.04766EPSS
Exploits5
exploitpack
exploitpack
added 2019/04/25 12:0 a.m.45 views

JioFi 4G M2S 1.0.2 - mask Cross-Site Scripting

JioFi 4G M2S 1.0.2 - mask Cross-Site Scripting Exploit Title: cgi-bin/qcmapwebcgi on JioFi 4G M2S 1.0.2 devices has XSS and HTML injection via the mask POST parameter. Exploit Author: Vikas Chaudhary Date: 21-01-2019 Vendor Homepage: https://www.jio.com/ Hardware Link:...

4.3CVSS6.1AI score0.03991EPSS
Exploits5
exploitpack
exploitpack
added 2019/04/24 12:0 a.m.27 views

Google Chrome 72.0.3626.121 74.0.3725.0 - NewFixedDoubleArray Integer Overflow

Google Chrome 72.0.3626.121 74.0.3725.0 - NewFixedDoubleArray Integer Overflow VULNERABILITY DETAILS https://cs.chromium.org/chromium/src/v8/src/heap/factory.cc?rcl=dd689541d3815d64b4b39f6a41603248c71aa00e&l=496 Handle Factory::NewFixedDoubleArrayint length, PretenureFlag pretenure DCHECKLE0,...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/04/24 12:0 a.m.46 views

VirtualBox 6.0.4 r128413 - COM RPC Interface Code Injection Host Privilege Escalation

VirtualBox 6.0.4 r128413 - COM RPC Interface Code Injection Host Privilege Escalation VirtualBox: COM RPC Interface Code Injection Host EoP Platform: VirtualBox 6.0.4 r128413 x64 on Windows 10 1809 Class: Elevation of Privilege Summary: The hardened VirtualBox process on a Windows host doesn’t...

4.6CVSS0.9AI score0.01619EPSS
Exploits4
exploitpack
exploitpack
added 2019/04/23 12:0 a.m.33 views

Linux - page-_refcount Overflow via FUSE

Linux - page-refcount Overflow via FUSE Linux: page-refcount overflow via FUSE with 140GiB RAM usage Tested on: Debian Buster distro kernel "4.19.0-1-amd64 1 SMP Debian 4.19.12-1 2018-12-22" KVM guest with 160000MiB RAM A while back, there was some discussion about possible overflows of the...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2019/04/23 12:0 a.m.39 views

Ross Video DashBoard 8.5.1 - Insecure Permissions

Ross Video DashBoard 8.5.1 - Insecure Permissions Ross Video DashBoard 8.5.1 Insecure Permissions Vendor: Ross Video Ltd. Product web page: https://www.rossvideo.com Affected version: 8.5.1 Summary: DashBoard is a free and open platform from Ross Video for facility control and monitoring that...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/04/23 12:0 a.m.39 views

systemd - Lack of Seat Verification in PAM Module Permits Spoofing Active Session to polkit

systemd - Lack of Seat Verification in PAM Module Permits Spoofing Active Session to polkit As documented at , for any action, a polkit policy can specify separate levels of required authentication based on whether a client is: - in an active session on a local console - in an inactive session on...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/04/23 12:0 a.m.33 views

Linux - Missing Locking in Siemens R3964 Line Discipline Race Condition

Linux - Missing Locking in Siemens R3964 Line Discipline Race Condition / The Siemens R3964 line discipline code in drivers/tty/nr3964.c has a few races around its ioctl handler; for example, the handler for R3964ENABLESIGNALS just allocates and deletes elements in a linked list with zero locking...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2019/04/22 12:0 a.m.24 views

WordPress Plugin Contact Form Builder 1.0.67 - Cross-Site Request Forgery Local File Inclusion

WordPress Plugin Contact Form Builder 1.0.67 - Cross-Site Request Forgery Local File Inclusion Exploit Title: Contact Form Builder CSRF → LFI Date: 2019-03-17 Exploit Author: Panagiotis Vagenas Vendor Homepage: http://web-dorado.com/ Software Link: https://wordpress.org/plugins/contact-form-build...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2019/04/22 12:0 a.m.19 views

ManageEngine Applications Manager 14.0 - Authentication Bypass Remote Command Execution (Metasploit)

ManageEngine Applications Manager 14.0 - Authentication Bypass Remote Command Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ManageEngine Applications Manager %q This modul...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2019/04/22 12:0 a.m.13 views

Ease Audio Converter 5.30 - .mp4 Denial of Service (PoC)

Ease Audio Converter 5.30 - .mp4 Denial of Service PoC Exploit Title: Ease Audio Converter 5.30 Audio Cutter Dos Exploit Date: 19.04.19 Vendor Homepage:http://www.audiotool.net/download.htm Software Link: http://www.audiotool.net/download/audioconverter.exe Exploit Author: Achilles Tested Version...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/04/22 12:0 a.m.24 views

LabF nfsAxe 3.7 Ping Client - Host IP Buffer Overflow (Direct Ret)

LabF nfsAxe 3.7 Ping Client - Host IP Buffer Overflow Direct Ret !/usr/bin/python Exploit Title: LabF nfsAxe 3.7 Ping Client - Buffer Overflow Vanilla Date: 20-04-2019 Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: http://www.labf.com/nfsaxe Version: 3.7 Software Link :...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/04/22 12:0 a.m.21 views

Google Chrome 73.0.3683.103 V8 JavaScript Engine - Out-of-Memory in Invalid Table Size Denial of Service (PoC)

Google Chrome 73.0.3683.103 V8 JavaScript Engine - Out-of-Memory in Invalid Table Size Denial of Service PoC var arr1 = 0,1; function ObjCreatemake this.make = make; var obj1 = new ObjCreate; function main arr1.reducef3; Object.getOwnPropertyDescriptorsArray99.joinobj1.make; function f3 obj1"make...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2019/04/22 12:0 a.m.18 views

QNAP myQNAPcloud Connect 1.3.4.0317 - UsernamePassword Denial of Service

QNAP myQNAPcloud Connect 1.3.4.0317 - UsernamePassword Denial of Service !/usr/bin/python Exploit Title: QNAP myQNAPcloud Connect "Username/Password" DOS Date: 19/04/2019 Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: https://www.qnap.com Version: 1.3.4.0317 and below are...

5CVSS0.09796EPSS
Exploits4
exploitpack
exploitpack
added 2019/04/22 12:0 a.m.25 views

Msvod 10 - Cross-Site Request Forgery (Change User Information)

Msvod 10 - Cross-Site Request Forgery Change User Information Exploit Title: Msvod v10 has a CSRF vulnerability to change user information Date: 2019-04-14 Exploit Author: ax8 Vendor Homepage: https://github.com/Li-Siyuan Software Link: https://www.msvodx.com/ Version: v10 CVE : CVE-2019-11375...

4.3CVSS0.3AI score0.02616EPSS
Exploits5
exploitpack
exploitpack
added 2019/04/22 12:0 a.m.32 views

UliCMS 2019.2 2019.1 - Multiple Cross-Site Scripting

UliCMS 2019.2 2019.1 - Multiple Cross-Site Scripting Exploit Title: UliCMS - 2019.2 , 2019.1 - Multiple Cross-Site Scripting Google Dork: intext:"by UliCMS" Exploit Author: Kağan EĞLENCE Vendor Homepage: https://en.ulicms.de/ Version: 2019.2 , 2019.1 CVE : CVE-2019-11398 Vulnerability 1 Url :...

4.3CVSS6.1AI score0.03473EPSS
Exploits9
exploitpack
exploitpack
added 2019/04/22 12:0 a.m.43 views

74CMS 5.0.1 - Cross-Site Request Forgery (Add New Admin User)

74CMS 5.0.1 - Cross-Site Request Forgery Add New Admin User Exploit Title: 74CMS v5.0.1 has a CSRF vulnerability to add a new admin user Date: 2019-04-14 Exploit Author: ax8 Vendor Homepage: https://github.com/Li-Siyuan Software Link: http://www.74cms.com/download/index.html Version: v5.0.1 CVE :...

6.8CVSS0.2AI score0.09853EPSS
Exploits5
exploitpack
exploitpack
added 2019/04/19 12:0 a.m.62 views

Oracle Business Intelligence XML Publisher 11.1.1.9.0 12.2.1.3.0 12.2.1.4.0 - XML External Entity Injection

Oracle Business Intelligence XML Publisher 11.1.1.9.0 12.2.1.3.0 12.2.1.4.0 - XML External Entity Injection Exploit Title: XXE in Oracle Business Intelligence and XML Publisher Date: 16.04.19 Exploit Author: @vah13 Vendor Homepage: http://oracle.com Software Link:...

6.4CVSS0.1AI score0.92183EPSS
Exploits4
exploitpack
exploitpack
added 2019/04/19 12:0 a.m.48 views

Oracle Business Intelligence 11.1.1.9.0 12.2.1.3.0 12.2.1.4.0 - Directory Traversal

Oracle Business Intelligence 11.1.1.9.0 12.2.1.3.0 12.2.1.4.0 - Directory Traversal Exploit Title: Directory traversal in Oracle Business Intelligence Date: 16.04.19 Exploit Author: @vah13 Vendor Homepage: http://oracle.com Software Link:...

4CVSS0.37099EPSS
Exploits4
exploitpack
exploitpack
added 2019/04/18 12:0 a.m.20 views

Evernote 7.9 - Code Execution via Path Traversal

Evernote 7.9 - Code Execution via Path Traversal Exploit Title: Code execution via path traversal Date: 17-04-2019 Exploit Author: Dhiraj Mishra Vendor Homepage: http://evernote.com/ Software Link: https://evernote.com/download Version: 7.9 Tested on: macOS Mojave v10.14.4 CVE: CVE-2019-10038...

4.4CVSS0.9AI score0.01307EPSS
Exploits4
exploitpack
exploitpack
added 2019/04/18 12:0 a.m.35 views

ManageEngine Applications Manager 11.0 14.0 - SQL Injection Remote Code Execution (Metasploit)

ManageEngine Applications Manager 11.0 14.0 - SQL Injection Remote Code Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ManageEngine Applications Manager 11.0 %q This module...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2019/04/18 12:0 a.m.46 views

Netwide Assembler (NASM) 2.14rc15 - NULL Pointer Dereference (PoC)

Netwide Assembler NASM 2.14rc15 - NULL Pointer Dereference PoC Exploit Title: Netwide Assembler NASM 2.14rc15 NULL Pointer Dereference PoC Date: 2018-09-05 Exploit Author: Fakhri Zulkifli Vendor Homepage: https://www.nasm.us/ Software Link: https://www.nasm.us/pub/nasm/releasebuilds/?C=M;O=D...

4.3CVSS0.05166EPSS
Exploits5
exploitpack
exploitpack
added 2019/04/17 12:0 a.m.23 views

MailCarrier 2.51 - POP3 RETR SEH Buffer Overflow

MailCarrier 2.51 - POP3 RETR SEH Buffer Overflow !/usr/bin/python Exploit Title: MailCarrier 2.51 - SEH Remote Buffer Overflow in "RETR" commandPOP3 Date: 16/04/2019 Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: https://www.tabslab.com/ Version: 2.51 Software Link: N.A Contact...

0.9AI score
Exploits0
exploitpack
exploitpack
added 2019/04/17 12:0 a.m.12 views

Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in sc_FindExtrema4

Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in scFindExtrema4 A heap corruption was observed in Oracle Java Runtime Environment version 8u202 latest at the time of this writing while fuzz-testing the processing of TrueType, implemented in a proprietary t2k library...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/04/17 12:0 a.m.18 views

DHCP Server 2.5.2 - Denial of Service (PoC)

DHCP Server 2.5.2 - Denial of Service PoC Exploit Title: DHCP Server 2.5.2 - Denial of Service PoC Discovery by: Victor Mondragón Discovery Date: 2019-04-16 Vendor Homepage: http://www.dhcpserver.de/cms/ Software Link: http://www.dhcpserver.de/cms/wp-content/plugins/download-attachments Tested...

7.3AI score
Exploits0
exploitpack
exploitpack
added 2019/04/17 12:0 a.m.27 views

Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in GlyphIterator::setCurrGlyphID

Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in GlyphIterator::setCurrGlyphID A heap corruption was observed in Oracle Java Runtime Environment version 8u202 latest at the time of this writing while fuzz-testing the processing of TrueType fonts. It manifests itself ...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2019/04/17 12:0 a.m.31 views

ASUS HG100 - Denial of Service

ASUS HG100 - Denial of Service Exploit Title:ASUS HG100 devices denial of serviceDOS via IPv4 packets/SlowHTTPDOS Date: 2019-04-14 Exploit Author: YinT Wang; Vendor Homepage: www.asus.com Version: Hardware version: HG100 、Firmware version: 1.05.12 Tested on: Currnet 1.05.12 CVE : CVE-2018-11492 1...

7.8CVSS7.6AI score0.11386EPSS
Exploits5
exploitpack
exploitpack
added 2019/04/16 12:0 a.m.18 views

AdminExpress 1.2.5 - Folder Path Denial of Service (PoC)

AdminExpress 1.2.5 - Folder Path Denial of Service PoC -- coding: utf-8 -- !/usr/bin/python Exploit Title: AdminExpress 1.2.5 - Denial of Service PoC Date: 2019-04-12 Exploit Author: Mücahit İsmail Aktaş Software Link: https://admin-express.en.softonic.com/ Version: 1.2.5.485 Tested on: Windows X...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/04/16 12:0 a.m.27 views

Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cross Process Handle Duplication Privilege Escalation

Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cross Process Handle Duplication Privilege Escalation Windows: LUAFV Delayed Virtualization Cross Process Handle Duplication EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Securi...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/04/16 12:0 a.m.28 views

Microsoft Windows 10 1809 1709 - CSRSS SxSSrv Cached Manifest Privilege Escalation

Microsoft Windows 10 1809 1709 - CSRSS SxSSrv Cached Manifest Privilege Escalation Windows: CSRSS SxSSrv Cached Manifest EoP Platform: Windows 10 1809, 1709 Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary and others Summary: The SxS manifest...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2019/04/16 12:0 a.m.22 views

PCHelpWare V2 1.0.0.5 - SC Denial of Service (PoC)

PCHelpWare V2 1.0.0.5 - SC Denial of Service PoC -- coding: utf-8 -- Exploit Title: PCHelpWareV2 1.0.0.5 - 'SC' Denial of Service PoC Date: 15/04/2019 Author: Alejandra Sánchez Vendor Homepage: https://www.uvnc.com/home.html Software Link: http://www.uvnc.eu/download/pchw2/PCHelpWareV2.msi Versio...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2019/04/16 12:0 a.m.25 views

Microsoft Windows 10 1809 - LUAFV NtSetCachedSigningLevel Device Guard Bypass

Microsoft Windows 10 1809 - LUAFV NtSetCachedSigningLevel Device Guard Bypass Windows: LUAFV NtSetCachedSigningLevel Device Guard Bypass Platform: Windows 10 1809 not tested earlier. Note I’ve not tested this on Windows 10 SMode. Class: Security Feature Bypass Summary: The NtSetCachedSigningLevel...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/04/16 12:0 a.m.32 views

Microsoft Windows 10 1809 - LUAFV Delayed Virtualization MAXIMUM_ACCESS DesiredAccess Privilege Escalation

Microsoft Windows 10 1809 - LUAFV Delayed Virtualization MAXIMUMACCESS DesiredAccess Privilege Escalation Windows: LUAFV Delayed Virtualization MAXIMUMACCESS DesiredAccess EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2019/04/16 12:0 a.m.18 views

Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cache Manager Poisoning Privilege Escalation

Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cache Manager Poisoning Privilege Escalation Windows: LUAFV Delayed Virtualization Cache Manager Poisoning EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service Criteri...

Exploits0
Total number of security vulnerabilities41207