Lucene search
K

39001 matches found

0day.today
0day.today
added 2019/05/28 12:0 a.m.246 views

Spidermonkey IonMonkey JS_OPTIMIZED_OUT Value Leak Exploit

Spidermonkey IonMonkey can, during a bailout, leak an internal JSOPTIMIZEDOUT magic value to the running script. This magic value can then be used to achieve memory corruption. Spidermonkey: IonMonkey leaks JSOPTIMIZEDOUT magic value to script Related CVE Numbers: CVE-2019-9792. TURN ON "CODE...

9.8CVSS0.5AI score0.13197EPSS
Exploits5
0day.today
0day.today
added 2019/05/28 12:0 a.m.123 views

Cyberoam SSLVPN Client 1.3.1.30 Connect To Server / HTTP Proxy Denial Of Service Exploit

Exploit Title: Cyberoam SSLVPN Client 1.3.1.30 - 'Connect To Server' Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: https://www.cyberoam.com Software Link: https://download.cyberoam.com/solution/optionals/i18n/CrSSLv1.3.1.30.zip Tested Version: 1.3.1.30 Tested on: Windows...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/05/28 12:0 a.m.67 views

MacOS X 10.14.5 Gatekeeper Bypass Vulnerability

Exploit for macOS platform in category local exploits MacOS X 10.14.5 Gatekeeper Bypass OVERVIEW On MacOS X version = 10.14.5 at time of writing it is possible to easily bypass Gatekeeper in order to execute untrusted code without any warning or user's explicit permission. Gatekeeper is a mechani...

6.8AI score
Exploits0
0day.today
0day.today
added 2019/05/28 12:0 a.m.117 views

Spidermonkey - IonMonkey Unexpected ObjectGroup in ObjectGroupDispatch Operation Exploit

Spidermonkey IonMonkey suffers from an issue where an unexpected ObjectGroup in the ObjectGroupDispatch operation might lead to potentially unsafe code being executed. Spidermonkey: IonMonkey: unexpected ObjectGroup in ObjectGroupDispatch operation might lead to potentially unsafe code being...

5.9CVSS0.3AI score0.06175EPSS
Exploits1
0day.today
0day.today
added 2019/05/28 12:0 a.m.193 views

Petraware pTransformer ADC < 2.1.7.22827 - Login Bypass Vulnerability

Exploit Title: Petraware pTransformer ADC before 2.1.7.22827 allows SQL Injection via the User ID parameter to the login form. Date: 28-05-2019 Exploit Author: Faudhzan Rahman Website: https://faudhzanrahman.blogspot.com/ Vendor Homepage: http://www.petraware.com Version: 2.0 CVE : CVE-2019-12372...

7.8CVSS0.4AI score0.00941EPSS
Exploits5
0day.today
0day.today
added 2019/05/27 12:0 a.m.443 views

Typora 0.9.9.24.6 - Directory Traversal Vulnerability

Exploit Title: Code execution via path traversal Exploit Author: Dhiraj Mishra Vendor Homepage: http://typora.io Software Link: https://typora.io/download/Typora.dmg Version: 0.9.9.24.6 Tested on: macOS Mojave v10.14.4 CVE: CVE-2019-12137 References: https://nvd.nist.gov/vuln/detail/CVE-2019-1213...

7.8CVSS0.4AI score0.06451EPSS
Exploits5
0day.today
0day.today
added 2019/05/27 12:0 a.m.416 views

Deltek Maconomy 2.2.5 - Local File Inclusion Vulnerability

Exploit for multiple platform in category web applications Exploit Title: Maconomy Erp local file include Date: 22/05/2019 Exploit Author: JameelNabbo Website: jameelnabbo.com Vendor Homepage: https://www.deltek.com Software Link: https://www.deltek.com/en-gb/products/project-erp/maconomy CVE:...

9.7AI score0.8422EPSS
Exploits6
0day.today
0day.today
added 2019/05/27 12:0 a.m.189 views

Pidgin 2.13.0 - Denial of Service Exploit

-- coding: utf-8 -- Exploit Title: Pidgin 2.13.0 - Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: https://pidgin.im/ Software https://cfhcable.dl.sourceforge.net/project/pidgin/Pidgin/2.13.0/pidgin-2.13.0.exe Version: 2.13.0 Tested on: Windows 7, Windows 10 Proof of Concept: 1.-...

Exploits0
0day.today
0day.today
added 2019/05/25 12:0 a.m.242 views

FairStars Audio Converter Pro 1.82 - (.tta) Denial of Service Exploit

Exploit Title: FairStars Audio Converter Pro 1.82 - '.tta' Denial of Service PoC Date: 25.5.2019 Vendor Homepage:http://www.fairstars.com/ Software Link: http://www.fairstars.com/download/facpsetup.exe Exploit Author: Achilles Tested Version: 1.82 Tested on: Windows 7 x64 Sp1 Windows XP Sp3 1.- R...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/05/24 12:0 a.m.264 views

Microsoft Windows 10 (17763.379) - Install DLL Exploit

Exploit for windows platform in category local exploits edit: Figure out how this works for yourself. I can't be bothered. It's a really hard race, doubt anyone will be able to repro anyway. Could be used with malware, you could programmatically trigger the rollback. Maybe you can even pass the...

7.2AI score
Exploits0
0day.today
0day.today
added 2019/05/24 12:0 a.m.123 views

Cyberoam General Authentication Client 2.1.2.7 - (Server Address) Denial of Service Exploit

Exploit Title: Cyberoam General Authentication Client 2.1.2.7 - Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: https://www.cyberoam.com Software Link: https://download.cyberoam.com/solution/optionals/i18n/Cyberoam%20General%20Authentication%20Client%202.1.2.7.zip Tested...

0.6AI score
Exploits0
0day.today
0day.today
added 2019/05/24 12:0 a.m.344 views

Microsoft Windows 10 1809 - CmKeyBodyRemapToVirtualForEnum Arbitrary Key Enumeration

Exploit for windows platform in category local exploits Microsoft Windows 10 1809 - 'CmKeyBodyRemapToVirtualForEnum' Arbitrary Key Enumeration Privilege Escalation Windows: CmKeyBodyRemapToVirtualForEnum Arbitrary Key Enumeration EoP Platform: Windows 10 1809 not tested earlier Class: Elevation o...

7.2CVSS7.6AI score0.02643EPSS
Exploits1
0day.today
0day.today
added 2019/05/24 12:0 a.m.129 views

Cyberoam SSLVPN Client 1.3.1.30 - (Connect To Server) Denial of Service Exploit

Exploit Title: Cyberoam SSLVPN Client 1.3.1.30 - 'Connect To Server' Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: https://www.cyberoam.com Software Link: https://download.cyberoam.com/solution/optionals/i18n/CrSSLv1.3.1.30.zip Tested Version: 1.3.1.30 Tested on: Windows...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/05/24 12:0 a.m.111 views

Fast AVI MPEG Joiner Dos Exploit

Exploit Title: Fast AVI MPEG Joiner Dos Exploit Date: 24.5.2019 Vendor Homepage:http://www.alloksoft.com Software Link: http://www.alloksoft.com/fastavimpegjoiner.exe Exploit Author: Achilles Tested Version: 1.2.0812 Tested on: Windows 7 x64 Sp1 Windows XP x86 Sp3 1.- Run python code :Joiner.py 2...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/05/24 12:0 a.m.250 views

Microsoft Windows (x84) - Task Scheduler (.job) Import Arbitrary Discretionary Access Control List

Exploit for windows platform in category local exploits Microsoft Windows x84 - Task Scheduler' .job' Import Arbitrary Discretionary Access Control List Write / Local Privilege Escalation Task Scheduler .job import arbitrary DACL write Tested on: Windows 10 32-bit Bug information: There are two...

7.2AI score
Exploits0
0day.today
0day.today
added 2019/05/24 12:0 a.m.148 views

Cyberoam Transparent Authentication Suite 2.1.2.5 - (NetBIOS Name) Denial of Service Exploit

Exploit Title: Cyberoam Transparent Authentication Suite 2.1.2.5 - 'NetBIOS Name' Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: https://www.cyberoam.com Software Link: https://download.cyberoam.com/solution/optionals/i18n/CTAS%202.1.2.5%20Release.zip Tested Version: 2.1.2....

7.1AI score
Exploits0
0day.today
0day.today
added 2019/05/24 12:0 a.m.115 views

Axessh 4.2 - (Log file name) Local Stack-based Buffer Overflow Exploit

Exploit for windows platform in category local exploits Title: Axessh 4.2 - 'Log file name' Local Stack-based Buffer Overflow Date: May 23rd, 2019 Author: Uday Mittal https://github.com/yaksas443/YaksasCSC-Lab/ Vendor Homepage: http://www.labf.com Software Link:...

6.8AI score
Exploits0
0day.today
0day.today
added 2019/05/24 12:0 a.m.109 views

NetAware 1.20 - Add Block Denial of Service Exploit

-- coding: utf-8 -- Exploit Title: NetAware 1.20 - 'Add Block' Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: https://www.infiltration-systems.com Software: http://www.infiltration-systems.com/Files/netaware.zip Version: 1.20 Tested on: Windows 7 Proof of Concept: 1.- Run the...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/05/24 12:0 a.m.204 views

Linux/x64 - Execve(/bin/sh) Shellcode (23 bytes)

/ ;Category: Shellcode ;Title: GNU/Linux x8664 - execve /bin/sh ;Author: rajvardhan ;Architecture: Linux x8664 ;Possibly The Smallest And Fully Reliable Shellcode =========== Asm Source =========== global start section .text start: xor rsi,rsi push rsi mov rdi,0x68732f2f6e69622f push rdi push rsp...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/05/24 12:0 a.m.97 views

Cyberoam Transparent Authentication Suite 2.1.2.5 - (Fully Qualified Domain Name) Denial of Service

Exploit Title: Cyberoam Transparent Authentication Suite 2.1.2.5 - 'Fully Qualified Domain Name' Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: https://www.cyberoam.com Software Link: https://download.cyberoam.com/solution/optionals/i18n/CTAS%202.1.2.5%20Release.zip Tested...

0.5AI score
Exploits0
0day.today
0day.today
added 2019/05/24 12:0 a.m.175 views

Microsoft Windows - Win32k Local Privilege Escalation Exploit

Exploit for windows platform in category local exploits CVE-2019-0803 Win32k Elevation of Privilege Poc Reference ----------------------------- steal Security token https://github.com/mwrlabs/CVE-2016-7255 EDB Note: Download...

7.2CVSS0.2AI score0.80968EPSS
Exploits46
0day.today
0day.today
added 2019/05/24 12:0 a.m.358 views

Microsoft Windows (x84/x64) - Error Reporting Discretionary Access Control List / Local Privilege

Exploit for windows platform in category local exploits Microsoft Windows x84/x64 - 'Error Reporting' Discretionary Access Control List / Local Privilege Escalation EDIT: Apparently this was patched earlier this month.. so whatever. Windows Error Reporting Arbitrary DACL write It can take upwards...

7.2CVSS7.6AI score0.05207EPSS
Exploits1
0day.today
0day.today
added 2019/05/24 12:0 a.m.114 views

Terminal Services Manager 3.2.1 - Denial of Service Exploit

-- coding: utf-8 -- Exploit Title: Terminal Services Manager 3.2.1 - Local Buffer Overflow Denial of Service Author: Alejandra Sánchez Vendor Homepage: https://lizardsystems.com Software: https://lizardsystems.com/files/releases/terminal-services-manager/tsmanagersetup3.2.1.247.exe Version: 3.2.1...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/05/24 12:0 a.m.183 views

Opencart 3.0.3.2 - (extension/feed/google_base) Denial of Service Exploit

Exploit for php platform in category web applications !/bin/bash Opencart PoC exploit, just for test... Tested on store with added more than 1000 products Usage: ./cartkiller.sh storeurl threads sleep Example: ./cartkiller.sh https://storename 50 5 Disclaimer: This or previous programs is for...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/05/24 12:0 a.m.1746 views

Bitbucket Path Traversal / Remote Code Execution Vulnerability

Bitbucket Data Center had a path traversal vulnerability in the Data Center migration tool. A remote attacker with authenticated user with admin permissions can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that...

0.7AI score0.05057EPSS
Exploits1
0day.today
0day.today
added 2019/05/24 12:0 a.m.131 views

Cyberoam SSLVPN Client 1.3.1.30 - (HTTP Proxy) Denial of Service Exploit

Exploit Title: Cyberoam SSLVPN Client 1.3.1.30 - 'HTTP Proxy' Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: https://www.cyberoam.com Software Link: https://download.cyberoam.com/solution/optionals/i18n/CrSSLv1.3.1.30.zip Tested Version: 1.3.1.30 Tested on: Windows Windows ...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/05/24 12:0 a.m.110 views

NetAware 1.20 - Share Name Denial of Service Exploit

-- coding: utf-8 -- Exploit Title: NetAware 1.20 - 'Share Name' Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: https://www.infiltration-systems.com Software: http://www.infiltration-systems.com/Files/netaware.zip Version: 1.20 Tested on: Windows 7 Proof of Concept: 1.- Run the...

Exploits0
0day.today
0day.today
added 2019/05/24 12:0 a.m.231 views

Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption Exploit

Content Dim ar1&h3000000 Dim ar21000 Dim gremlin addressOfGremlin = &h28281000 Class MyClass Private mValue Public Property Let Valuev mValue = v End Property Public Default Property Get P P = mValue ' Where to write End Property End Class Sub TriggerWritewhere, val Dim v1 Set v1 =...

7.6CVSS0.1AI score0.81551EPSS
Exploits9
0day.today
0day.today
added 2019/05/24 12:0 a.m.198 views

Visual Voicemail for iPhone - IMAP NAMESPACE Processing Use-After-Free Exploit

Visual Voicemail VVM is a feature of mobile devices that allows voicemail to be read in an email-like format. Carriers set up a Visual Voicemail server that supports IMAP, and the device queries this server for new email. Visual Voicemail is configured over SMS, and carriers inform devices of the...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/05/23 12:0 a.m.213 views

Shopware - createInstanceFromNamedArguments PHP Object Instantiation Remote Code Execute Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Shopware createInstanceFromNamedArguments PHP Object Instantiation RCE", 'Description' = %q This module exploits a php object instantiation...

6.5CVSS0.8AI score0.27074EPSS
Exploits6
0day.today
0day.today
added 2019/05/23 12:0 a.m.91 views

Horde Webmail 5.2.22 - Multiple Vulnerabilities

Exploit for php platform in category web applications Title: Horde Webmail - XSS + CSRF to SQLi, RCE, Stealing Emails var url = "http://webmail.victimserver.com/trean/"; var params =...

0.3AI score0.01536EPSS
Exploits7
0day.today
0day.today
added 2019/05/23 12:0 a.m.59 views

RarmaRadio 2.72.3 - (Server) Denial of Service Exploit

Exploit Title: RarmaRadio 2.72.3 - 'Server' Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: http://www.raimersoft.com/ Software Link: www.raimersoft.com/downloads/rarmaradiosetup.exe Tested Version: 2.72.3 Tested on: Windows 7 Service Pack 1 x64 Steps to produce the crash: 1...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/05/23 12:0 a.m.64 views

RarmaRadio 2.72.3 - (Username) Denial of Service Exploit

Exploit Title: RarmaRadio 2.72.3 - 'Username' Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: http://www.raimersoft.com/ Software Link: www.raimersoft.com/downloads/rarmaradiosetup.exe Tested Version: 2.72.3 Tested on: Windows 7 Service Pack 1 x64 Steps to produce the crash:...

0.1AI score
Exploits0
0day.today
0day.today
added 2019/05/23 12:0 a.m.141 views

AUO Solar Data Recorder < 1.3.0 - addr Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: AUO Solar Data Recorder - Stored XSS Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO Solar Data Recorder all versions prior to v1.3.0 Tested on: It is a proprietary devices:...

Exploits0
0day.today
0day.today
added 2019/05/23 12:0 a.m.78 views

Carel pCOWeb < B1.2.1 - Credentials Disclosure Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Carel pCOWeb - Unprotected Storage of Credentials Exploit Author: Luca.Chiou Vendor Homepage: https://www.carel.com/ Version: Carel pCOWeb all versions prior to B1.2.1 Tested on: It is a proprietary devices:...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/05/23 12:0 a.m.249 views

BlueStacks 4.80.0.1060 - Denial of Service Exploit

-- coding: utf-8 -- Exploit Title: BlueStacks 4.80.0.1060 - Denial of Service PoC Author: Alejandra Sánchez Vendor Homepage: https://www.bluestacks.com Software: https://www.bluestacks.com/download.html?utmcampaign=bluestacks-4-en Version: 4.80.0.1060 Tested on: Windows 10 Proof of Concept: 1.- R...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/05/23 12:0 a.m.81 views

TapinRadio 2.11.6 - (Address) Denial of Service Exploit

Exploit Title: TapinRadio 2.11.6 - 'Address' Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: http://www.raimersoft.com/ Software Link: www.raimersoft.com/downloads/tapinradiosetupx64.exe Tested Version: 2.11.6 Tested on: Windows 7 Service Pack 1 x64 Steps to produce the cras...

0.3AI score
Exploits0
0day.today
0day.today
added 2019/05/23 12:0 a.m.62 views

TapinRadio 2.11.6 - (Uername) Denial of Service Exploit

Exploit Title: TapinRadio 2.11.6 - 'Uername' Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: http://www.raimersoft.com/ Software Link: www.raimersoft.com/downloads/tapinradiosetupx64.exe Tested Version: 2.11.6 Tested on: Windows 7 Service Pack 1 x64 Steps to produce the cras...

0.4AI score
Exploits0
0day.today
0day.today
added 2019/05/23 12:0 a.m.64 views

Carel pCOWeb < B1.2.1 - Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Carel pCOWeb - Stored XSS Exploit Author: Luca.Chiou Vendor Homepage: https://www.carel.com/ Version: Carel pCOWeb all versions prior to B1.2.1 Tested on: It is a proprietary devices: http://www.carel.com/product/pcoweb-car...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/05/23 12:0 a.m.106 views

Nagios XI 5.6.1 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Nagiosxi username sql injection Exploit Author: JameelNabbo Website: jameelnabbo.com Vendor Homepage: https://www.nagios.com Software Link: https://www.nagios.com/products/nagios-xi/ Version: xi-5.6.1 Tested on: MacOSX CVE:...

7.5CVSS9.7AI score0.0422EPSS
Exploits5
0day.today
0day.today
added 2019/05/23 12:0 a.m.113 views

Zoho ManageEngine ServiceDesk Plus < 10.5 - Improper Access Restrictions Vulnerability

Exploit for php platform in category web applications Exploit Title: Zoho ManageEngine ServiceDesk Plus 10.5 Incorrect Access Control Exploit Author: Enter of VinCSS Vingroup Vendor Homepage: https://www.manageengine.com/products/service-desk Version: Zoho ManageEngine ServiceDesk Plus 10.5 CVE :...

4CVSS6.5AI score0.08359EPSS
Exploits4
0day.today
0day.today
added 2019/05/23 12:0 a.m.77 views

Microsoft Internet Explorer 11 - Sandbox Escape Exploit

Exploit for windows platform in category local exploits Inject into IE11. Will work on other sandboxes that allow the opening of windows filepickers through a broker. You will gain medium IL javascript execution, at which point you simply retrigger your IE RCE bug. EDB Note Download:...

7.2AI score
Exploits0
0day.today
0day.today
added 2019/05/23 12:0 a.m.79 views

Zoho ManageEngine ServiceDesk Plus 9.3 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting Exploit Author: Enter of VinCSS Vingroup Vendor Homepage: https://www.manageengine.com/products/service-desk Version: Zoho ManageEngine ServiceDesk Plus 9.3 CVE :...

4.3CVSS6.3AI score0.05917EPSS
Exploits5
0day.today
0day.today
added 2019/05/22 12:0 a.m.263 views

FreeBSD rtld execl() Privilege Escalation Exploit

This Metasploit module exploits a vulnerability in the FreeBSD run-time link-editor rtld. The rtld unsetenv function fails to remove LD environment variables if findenv fails. This can be abused to load arbitrary shared objects using LDPRELOAD, resulting in privileged code execution. This module...

7.2CVSS0.8AI score0.03903EPSS
Exploits5
0day.today
0day.today
added 2019/05/22 12:0 a.m.432 views

Shopware createInstanceFromNamedArguments PHP Object Instantiation Exploit

This Metasploit module exploits a php object instantiation vulnerability that can lead to remote code execution in Shopware. An authenticated backend user could exploit the vulnerability. The vulnerability exists in the createInstanceFromNamedArguments function, where the code insufficiently...

6.5CVSS0.5AI score0.27074EPSS
Exploits6
0day.today
0day.today
added 2019/05/22 12:0 a.m.545 views

Darktrace Enterprise Immune System 3.0.9 / 3.0.10 Cross Site Request Forgery Vulnerability

Darktrace Enterprise Immune System versions 3.0.9 and 3.0.10 contain multiple cross site request forgery vulnerabilities. It is highly likely that older versions are affected as well, but this has not been confirmed. An attacker can whitelist domains and/or change core Darktrace configuration. 1 ...

0.9AI score0.0162EPSS
Exploits5
0day.today
0day.today
added 2019/05/22 12:0 a.m.416 views

PHP PHP_INI_SYSTEM Ineffective Controls Vulnerability

Security controls configured via php.ini directives at the PHPINISYSTEM level are ineffective as they could be bypassed by malicious scripts via writing their own process memory on the Linux platform. Proof of concept code included. "PHP is a popular general-purpose scripting language that is...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/05/22 12:0 a.m.239 views

Mac OS X Feedback Assistant Race Condition Exploit

This Metasploit module exploits a race condition vulnerability in Mac's Feedback Assistant. A successful attempt would result in remote code execution under the context of root. This module requires Metasploit: https://metasploit.com/download Current source:...

7.6CVSS0.7AI score0.13512EPSS
Exploits4
0day.today
0day.today
added 2019/05/21 12:0 a.m.210 views

macOS < 10.14.5 / iOS < 12.3 XNU - Wild-read due to bad cast in stf_ioctl Exploit

macOS ifaaddr-safamily != AFINET6 // - crash here IFAUNLOCKifa; error = EAFNOSUPPORT; break; Note that IFALOCK is called on user-provided data; it appears that there is an opportunity for memory corruption a controlled write when using indirect mutexes via LCKMTXTAGINDIRECT see lckmtxlockslow...

7.1CVSS7.3AI score0.04442EPSS
Exploits2
0day.today
0day.today
added 2019/05/21 12:0 a.m.92 views

Deluge 1.3.15 - (Webseeds) Denial of Service Exploit

Exploit Title: Deluge 1.3.15 - 'Webseeds' Denial of Service PoC Discovery by: Victor Mondragón Vendor Homepage: https://dev.deluge-torrent.org/ Software Link: http://download.deluge-torrent.org/windows/deluge-1.3.15-win32-py2.7.exe Tested Version: 1.3.15 Tested on: Windows 7 Service Pack 1 x64...

7.4AI score
Exploits0
Total number of security vulnerabilities39001