6858 matches found
Apple Security Advisory 03-31-2025-3
Apple Security Advisory 03-31-2025-3 - iOS 18.4 and iPadOS 18.4 addresses buffer overflow, bypass, cross site scripting, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities...
Apple Security Advisory 03-31-2025-5
Apple Security Advisory 03-31-2025-5 - iOS 16.7.11 and iPadOS 16.7.11 addresses an out of bounds write vulnerability...
Apple Security Advisory 03-31-2025-6
Apple Security Advisory 03-31-2025-6 - iOS 15.8.4 and iPadOS 15.8.4 addresses an out of bounds write vulnerabilities...
Apple Security Advisory 03-31-2025-1
Apple Security Advisory 03-31-2025-1 - Safari 18.4 addresses buffer overflow, cross site scripting, spoofing, and use-after-free vulnerabilities...
Apple Security Advisory 04-01-2025-1
Apple Security Advisory 04-01-2025-1 - watchOS 11.4 addresses buffer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities...
Apple Security Advisory 03-31-2025-4
Apple Security Advisory 03-31-2025-4 - iPadOS 17.7.6 addresses buffer overflow, out of bounds read, spoofing, and use-after-free vulnerabilities...
Apple Security Advisory 03-31-2025-10
Apple Security Advisory 03-31-2025-10 - tvOS 18.4 addresses buffer overflow, out of bounds read, and use-after-free vulnerabilities...
Apple Security Advisory 03-31-2025-11
Apple Security Advisory 03-31-2025-11 - visionOS 2.4 addresses buffer overflow, bypass, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities...
Apple Security Advisory 03-31-2025-7
Apple Security Advisory 03-31-2025-7 - macOS Sequoia 15.4 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities...
Apple Security Advisory 03-31-2025-9
Apple Security Advisory 03-31-2025-9 - macOS Ventura 13.7.5 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities...
Apple Security Advisory 03-31-2025-8
Apple Security Advisory 03-31-2025-8 - macOS Sonoma 14.7.5 addresses buffer overflow, bypass, code execution, format string, heap corruption, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities...
WordPress Front-End Users 3.2.32 Shell Upload
WordPress Front-End Users plugin versions 3.2.32 and below suffer from a remote shell upload vulnerability...
Wazuh 4.11.2
Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...
Advanced XSS Exploitation - Capturing User Local Storage Data
In this paper, the author teaches advanced persistent cross site scripting techniques that can be used to capture data from the client's local storage and send it to an external server. The paper is primarily focusing on a pentesting perspective but also discusses mitigations. Written in Brazilia...
WordPress the Novel Design Store Directory 4.3.0 Shell Upload
WordPress The Novel Design Store Directory plugin versions 4.3.0 and below suffer from a remote shell upload vulnerability...
WordPress Newscrunch Theme 1.8.4.1 Shell Upload
WordPress Newscrunch theme version 1.8.4.1 suffers from a remote shell upload vulnerability...
WordPress SoJ SoundSlides 1.2.2 Shell Upload
WordPress SoJ SoundSlides plugin versions 1.2.2 and below suffer from a remote shell upload vulnerability...
Packet Storm New Exploits for March, 2025
This archive contains all of the 223 exploits added to Packet Storm in March, 2025...
WordPress Datasets Manager 1.5 Shell Upload
WordPress Datasets Manager plugin versions 1.5 and below suffer from a remote shell upload vulnerability...
WordPress Verbalize WP 1.0 Shell Upload
WordPress Verbalize WP plugin versions 1.0 and below suffer from a remote shell upload vulnerability...
WordPress Checkout Mestres do WP for WooCommerce 8.7.5 Missing Authentication
WordPress Checkout Mestres do WP for WooCommerce plugin versions 8.6.5 through 8.7.5 suffer from a missing authentication vulnerability that allows you to update options...
Advanced XSS Exploitation - User Screenshot
In this paper, the author teaches advanced persistent cross site scripting techniques that can be used to take screenshots of the client's screen and send them to an external server. The paper is primarily focusing on a pentesting perspective but also discusses mitigations. Written in Brazilian...
WordPress Newscrunch Theme 1.8.4.1 Cross Site Request Forgery
WordPress Newscrunch theme version 1.8.4 suffers from a cross site request forgery vulnerability...
Advanced XSS Exploitation - How to Record User Audio
In this paper, the author teaches advanced persistent cross site scripting techniques that can be used to record client audio conversations and send them to an external server. The paper is primarily focusing on a pentesting perspective but also discusses mitigations. Written in Brazilian...
Advanced XSS Exploitation - How to Create Keylogger and Get Password
In this paper, the author teaches advanced persistent cross site scripting techniques that can be used to create keyloggers and send the content typed by the client to an external server, where the attacker will have access to messages, passwords, etc. The paper is primarily focusing on a...
WordPress WPC Smart Upsell Funnel for WooCommerce 3.0.4 Privilege Escalation
A missing authorization vulnerability in the WPC Smart Upsell Funnel for WooCommerce plugin versions through 3.0.4 allows authenticated users with minimal privileges e.g., subscriber to escalate their privileges by modifying arbitrary WordPress options via a vulnerable AJAX endpoint...
WordPress Kubio AI Page Builder 2.5.1 Local File Inclusion
The Kubio AI Page Builder plugin for WordPress is vulnerable to a local file inclusion vulnerability in all versions up to, and including, 2.5.1 via the kubiohybridthemeloadtemplate function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server...
Horde IMP 6.2.27 Cross Site Scripting / Account Takeover
Proof of concept exploit that demonstrates a cross site scripting vulnerability in Horde IMP versions 6.2.27 and below...
Advanced XSS Exploitation - How to Capture Session Cookies
In this paper, the author teaches advanced cross site scripting techniques that can be used to capture user session cookies and send them to an external server. Although this paper primarily focuses on attack methodology, it also touches on cross site scripting mitigations. Written in Brazilian...
TeamViewer Improper Signature Verification
Proof of concept code for a flaw in TeamViewer that enables an unprivileged user to load an arbitrary kernel driver into the system. This is a python implementation of the original exploit produced by Peter Gabaldon...
IngressNightmare Proof of Concepts
This is an archive of IngressNightmare proof of concept exploits meant to help researchers understand the exploitation and vulnerability prerequisites. IngressNightmare is a series of unauthenticated remote code execution vulnerabilities in ingress NGINX controllers for Kubernetes...
Buffer Overflow - How to Create an Exploit for a Web Server
In this paper, the author demonstrates how to identify a vanilla buffer overflow and how to create an exploit in Perl to exploit a vulnerability in the well-known web server MiniHttp. Written in Brazilian Portuguese...
Next.js Authorization Bypass
Proof of concept exploit for a critical security vulnerability affecting Next.js, a popular React framework for building full-stack web applications. This flaw allows attackers to bypass authorization checks implemented in Next.js middleware, potentially granting unauthorized access to sensitive...
Zed Attack Proxy 2.16.1 Cross Platform Package
The Zed Attack Proxy ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testin...
WordPress SEO LAT Auto Post 2.2.1 Remote Code Execution
WordPress SEO LAT Auto Post plugin versions 2.2.1 and below suffer from a remote code execution vulnerability...
Microsoft Windows Runtime Broker ClipboardBroker Privilege Escalation
The Runtime Broker’s Clipboard Broker allows any low IL/AppContainer such as Edge or IE EPM to get access to an OOP IStorage object through the ClipboardBroker leading to a sandbox escape...
WordPress ScottCart 1.1 Remote Code Execution
WordPress ScottCart plugin versions 1.1 and below suffer from a remote code execution vulnerability...
How to Create a Scan in Perl to Identify Vulnerable Telnet Servers
This paper, written in Brazilian Portuguese, explains how to create a Perl script to identify vulnerable telnet servers. In the context of application security, the author provides mitigation recommendations...
How to Create a Scan in Perl to Identify Vulnerable SSH Servers
This paper, written in Brazilian Portuguese, explains how to create a Perl script to identify vulnerable SSH servers. In the context of application security, the author provides mitigation recommendations...
How to Create a Scan in Perl to Identify Vulnerable Webservers
This paper, written in Brazilian Portuguese, explains how to create a Perl script to identify vulnerable web servers. In the context of application security, the author provides mitigation recommendations...
How to Create a Scan in Perl to Identify Vulnerable SMTP Servers
This paper, written in Brazilian Portuguese, explains how to create a Perl script to identify vulnerable SMTP servers. In the context of application security, the author provides mitigation recommendations...
How to Create a Scan in Perl to Identify Vulnerable POP3 Servers
This paper, written in Brazilian Portuguese, explains how to create a Perl script to identify vulnerable POP3 servers. In the context of application security, the author provides mitigation recommendations...
WordPress Shortcode Addons 3.2.5 Shell Upload
WordPress Shortcode Addons plugin versions 3.2.5 and below suffer from a remote shell upload vulnerability...
Linux 4.2 Out-Of-Bounds Write
The USB CDC-ACM driver in Linux versions starting at 4.12 suffers from a missing size check in acmctrlirq that leads to an out-of-bounds write...
Creating an FTP Server Buffer Overflow Exploit with Metasploit
This paper, written in Brazilian Portuguese, explains how to create a common exploit from the data of a Metasploit Framework exploit to exploit a vanilla buffer overflow on an FTP server. In the context of application security, the author provides mitigation recommendations...
Next.js Middleware Authorization Bypass
Proof of concept exploit that demonstrates an authorization bypass being exploited in Next.js middleware...
WordPress Pubnews 1.0.7 Arbitrary Plugin Installation
WordPress Pubnews theme versions 1.0.7 and below suffer from an unauthenticated arbitrary plugin installation vulnerability...
GNUnet P2P Framework 0.24.0
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP IPv4 and IPv6, TCP IPv4 and IPv6, HTTP, o...
WordPress Portfolleo 1.2 Shell Upload
WordPress Portfolleo plugin versions 1.2 and below suffer from a remote shell upload vulnerability...
WordPress RepairBuddy 3.8115 Shell Upload
WordPress RepairBuddy plugin versions 3.8115 and below suffer from a remote shell upload vulnerability...