Lucene search
K

39001 matches found

0day.today
0day.today
added 2021/02/15 12:0 a.m.34 views

Tasks 9.7.3 - Insecure Permissions Vulnerability

Exploit Title: Tasks 9.7.3 - Insecure Permissions Exploit Author: Lyhin's Lab Detailed Bug Description: https://lyhinslab.org/index.php/2020/07/18/how-the-white-box-hacking-works-ok-google-i-wanna-pwn-this-app/ Vendor Homepage: https://tasks.org/ Software Link: https://github.com/tasks/tasks...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/02/12 12:0 a.m.30 views

PDFCOMPLETE Corporate Edition 4.1.45 - (pdfcDispatcher) Unquoted Service Path Vulnerability

Exploit Title: PDFCOMPLETE Corporate Edition 4.1.45 - 'pdfcDispatcher' Unquoted Service Path Discovery by: Ismael Nava Discovery Date: 02-11-2020 Vendor Homepage: https://www.pdfcomplete.com/cms/dpl/tabid/111/Default.aspx?r=du2vH8r Software Links : https://pdf-complete.informer.com/download/ Test...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/02/11 12:0 a.m.87 views

Micro Focus Operations Bridge Manager Remote Code Execution Exploit

This Metasploit module exploits an authenticated Java deserialization that affects a truckload of Micro Focus products: Operations Bridge Manager, Application Performance Management, Data Center Automation, Universal CMDB, Hybrid Cloud Management and Service Management Automation. However, this...

8.8CVSS8.9AI score0.7699EPSS
Exploits6
0day.today
0day.today
added 2021/02/09 12:0 a.m.30 views

AnyTXT Searcher 1.2.394 - (ATService) Unquoted Service Path Vulnerability

Exploit Title: AnyTXT Searcher 1.2.394 - 'ATService' Unquoted Service Path Exploit Author: Mohammed Alshehri Vendor Homepage: Anytxt.net Software Link: https://sourceforge.net/projects/anytxt/files/AnyTXT.Searcher.1.2.394.exe Version: Version 1.2.394 Tested on: Microsoft Windows 10 Education -...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/02/09 12:0 a.m.37 views

Epson USB Display 1.6.0.0 - (EMP_UDSA) Unquote Service Path Vulnerability

Exploit Title: Epson USB Display 1.6.0.0 - 'EMPUDSA' Unquote Service Path Discovery by: Hector Gerbacio Vendor Homepage: https://epson.com.mx/ Tested Version: 1.6.0.0 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 8.1 con Bing Step to discover Unquoted Service Path: C:\wmic servi...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/02/09 12:0 a.m.108 views

Linux/x64 - execve (cat /etc/shadow) Shellcode (66 bytes)

Exploit Title: Linux/x64 - execve "cat /etc/shadow" Shellcode 66 bytes Author: Felipe Winsnes Tested on: Debian x64 Shellcode Length: 66 / global start start: xor rax, rax ; Zeroes out RAX. xor rbp, rbp ; Zeroes out RBP. push rax ; Pushes RAX's NULL-DWORD. mov rbp, 0x776f646168732f63 ; Moves valu...

7.1AI score
Exploits0
0day.today
0day.today
added 2021/02/08 12:0 a.m.214 views

Microsoft Internet Explorer 11 32-bit - Use-After-Free Exploit

Exploit Title: Microsoft Internet Explorer 11 32-bit - Use-After-Free Exploit Author: deadlock Forrest Orr Vendor Homepage: https://www.microsoft.com/ Software Link: https://www.microsoft.com/en-gb/download/internet-explorer.aspx Version: IE 8, 9, 10, and 11 Tested on: Windows 7 x64 and Windows 7...

7.5CVSS8.2AI score0.86863EPSS
Exploits17
0day.today
0day.today
added 2021/02/08 12:0 a.m.44 views

SmartFoxServer 2X 2.17.0 - God Mode Console Remote Code Execution Exploit

Exploit Title: SmartFoxServer 2X 2.17.0 - God Mode Console Remote Code Execution Exploit Author: LiquidWorm Vendor Homepage: https://www.smartfoxserver.com Vendor: gotoAndPlay Product web page: https://www.smartfoxserver.com Affected version: Server: 2.17.0 Remote Admin: 3.2.6 SmartFoxServer 2X,...

7.1AI score
Exploits0
0day.today
0day.today
added 2021/02/08 12:0 a.m.124 views

Millewin 13.39.146.1 - Local Privilege Escalation Vulnerability

Exploit Title: Millewin 13.39.146.1 - Local Privilege Escalation Author: Andrea Intilangelo Vendor Homepage: https://www.millewin.it Software Homepage: https://www.millewin.it/index.php/prodotti/millewin Software Link: https://download.millewin.it/files/Millewin/setup/InstMilleDemo13.392019PS.exe...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/02/08 12:0 a.m.47 views

SmartFoxServer 2X 2.17.0 - Credentials Disclosure Vulnerability

Exploit Title: SmartFoxServer 2X 2.17.0 - Credentials Disclosure Exploit Author: LiquidWorm Vendor Homepage: https://www.smartfoxserver.com SmartFoxServer 2X 2.17.0 Credentials Disclosure Vendor: gotoAndPlay Product web page: https://www.smartfoxserver.com Affected version: Server: 2.17.0 Remote...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/02/08 12:0 a.m.36 views

AMD Fuel Service - (Fuel.service) Unquote Service Path Vulnerability

Exploit Title: AMD Fuel Service - 'Fuel.service' Unquote Service Path Discovery by: Hector Gerbacio Vendor Homepage: https://www.amd.com/ Tested Version: 1.0.0.0 Vulnerability Type: Unquoted Service Path Tested on OS: Windows 8.1 con Bing Step to discover Unquoted Service Path: C:\wmic service ge...

0.4AI score
Exploits0
0day.today
0day.today
added 2021/02/05 12:0 a.m.133 views

Sudo 1.8.31p2 / 1.9.5p1 Buffer Overflow Exploit

A heap based buffer overflow exists in the sudo command line utility that can be exploited by a local attacker to gain elevated privileges. The vulnerability was introduced in July of 2011 and affects version 1.8.2 through 1.8.31p2 as well as 1.9.0 through 1.9.5p1 in their default configurations...

7.8CVSS8.5AI score0.99295EPSS
Exploits81
0day.today
0day.today
added 2021/02/02 12:0 a.m.37 views

Solaris 10 1/13 (Intel) - (dtprintinfo) Local Privilege Escalation Exploit (2)

Exploit Title: Solaris 10 1/13 Intel - 'dtprintinfo' Local Privilege Escalation 2 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/solaris/solaris10/ Version: Solaris 10 Tested on: Solaris 10 1/13 Intel / raptordtprintcheckdirintel.c - Solaris/Intel 0day? LPE Copyright c 2020...

0.3AI score
Exploits0
0day.today
0day.today
added 2021/02/02 12:0 a.m.35 views

Solaris 10 1/13 (Intel) - (dtprintinfo) Local Privilege Escalation Exploit(3)

Exploit Title: Solaris 10 1/13 Intel - 'dtprintinfo' Local Privilege Escalation 3 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/solaris/solaris10/ Version: Solaris 10 Tested on: Solaris 10 1/13 Intel / raptordtprintcheckdirintel2.c - Solaris/Intel FMT LPE Copyright c 2020...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/02/02 12:0 a.m.68 views

Solaris 10 1/13 (SPARC) - (dtprintinfo) Local Privilege Escalation Exploit (3)

Exploit Title: Solaris 10 1/13 SPARC - 'dtprintinfo' Local Privilege Escalation 3 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/solaris/solaris10/ Version: Solaris 10 Tested on: Solaris 10 1/13 SPARC / raptordtprintnamesparc3.c - dtprintinfo on Solaris 10 SPARC Copyright c...

7.1AI score
Exploits0
0day.today
0day.today
added 2021/02/02 12:0 a.m.53 views

Solaris 10 1/13 (SPARC) - (dtprintinfo) Local Privilege Escalation Exploit (2)

Exploit Title: Solaris 10 1/13 SPARC - 'dtprintinfo' Local Privilege Escalation 2 Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/solaris/solaris10/ Version: Solaris 10 Tested on: Solaris 10 1/13 SPARC / raptordtprintcheckdirsparc2.c - Solaris/SPARC FMT LPE Copyright c 2020...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/02/02 12:0 a.m.59 views

Solaris 10 1/13 (SPARC) - (dtprintinfo) Local Privilege Escalation Exploit (1)

Exploit Title: Solaris 10 1/13 SPARC - 'dtprintinfo' Local Privilege Escalation Exploit Author: Marco Ivaldi Vendor Homepage: https://www.oracle.com/solaris/solaris10/ Version: Solaris 10 Tested on: Solaris 10 1/13 SPARC / raptordtprintcheckdirsparc.c - Solaris/SPARC FMT PoC Copyright c 2020 Marc...

Exploits0
0day.today
0day.today
added 2021/02/01 12:0 a.m.61 views

Sudo 1.9.5p1 - (Baron Samedit) Heap-Based Buffer Overflow Privilege Escalation Exploit (1)

Exploit Title: Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation 1 Exploit Author: West Shepherd Version: Sudo legacy versions from 1.8.2 to 1.8.31p2, stable versions from 1.9.0 to 1.9.5p1. Tested on: Ubuntu 20.04.1 LTS Sudo version 1.8.31 CVE : CVE-2021-3156 Credit...

7.8CVSS8.2AI score0.99295EPSS
Exploits81
0day.today
0day.today
added 2021/02/01 12:0 a.m.176 views

Sudo 1.9.5p1 - (Baron Samedit) Heap-Based Buffer Overflow Privilege Escalation Exploit (2)

Sudo versions prior to 1.9.5p2 suffer from buffer overflow and privilege escalation vulnerabilities. Exploit Title: Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation 2 Authors and Contributors: cts, help from r4j, debug by nu11secur1ty Vendor: https://www.sudo.ws/...

7.8CVSS8.8AI score0.99295EPSS
Exploits81
0day.today
0day.today
added 2021/01/28 12:0 a.m.115 views

jQuery UI 1.12.1 - Denial of Service Exploit

Exploit Title: jQuery UI 1.12.1 - Denial of Service DoS Exploit Author: Rafael Cintra Lopes Vendor Homepage: https://jqueryui.com/ Software Link: https://jqueryui.com/download/ Version: DoS - jQuery UI 1.12.1 DoS - jQuery UI 1.12.1 Exploit PoC by Rafael Cintra Lopes function exploit for var i = 0...

6.6AI score
Exploits4
0day.today
0day.today
added 2021/01/28 12:0 a.m.60 views

Metasploit Framework 6.0.11 - msfvenom APK template command injection Exploit

Exploit Title: Metasploit Framework 6.0.11 - msfvenom APK template command injection Exploit Author: Justin Steven Vendor Homepage: https://www.metasploit.com/ Software Link: https://www.metasploit.com/ Version: Metasploit Framework 6.0.11 and Metasploit Pro 4.18.0 CVE : CVE-2020-7384 !/usr/bin/e...

7.8CVSS7.7AI score0.30562EPSS
Exploits8
0day.today
0day.today
added 2021/01/28 12:0 a.m.273 views

PRTG Network Monitor Remote Code Execution Exploit

This Metasploit module exploits an authenticated remote code execution vulnerability in PRTG Network Monitor. Notifications can be created by an authenticated user and can execute scripts when triggered. Due to a poorly validated input on the script name, it is possible to chain it with a...

7.2CVSS0.1AI score0.87173EPSS
Exploits12
0day.today
0day.today
added 2021/01/28 12:0 a.m.96 views

Micro Focus UCMDB Remote Code Execution Exploit

This Metasploit module exploits two vulnerabilities, that when chained allow an attacker to achieve unauthenticated remote code execution in Micro Focus UCMDB. UCMDB included in versions 2020.05 and below of Operations Bridge Manager are affected, but this module can probably also be used to...

9.8CVSS9AI score0.7699EPSS
Exploits6
0day.today
0day.today
added 2021/01/27 12:0 a.m.124 views

MobileIron MDM Hessian-Based Java Deserialization Remote Code Execution Exploit

This Metasploit module exploits an ACL bypass in MobileIron MDM products to execute a Groovy gadget against a Hessian-based Java deserialization endpoint. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

9.8CVSS0.7AI score0.99737EPSS
Exploits4
0day.today
0day.today
added 2021/01/27 12:0 a.m.164 views

Sudo version 1.8.2 to 1.8.31p2 Heap-Based Buffer Overflow Vulnerability

Qualys has released extensive research details regarding a heap-based buffer overflow vulnerability in sudo. The issue was introduced in July 2011 commit 8255ed69, and affects all legacy versions from 1.8.2 to 1.8.31p2 and all stable versions from 1.9.0 to 1.9.5p1, in their default configuration...

7.8CVSS8.4AI score0.99295EPSS
Exploits81
0day.today
0day.today
added 2021/01/25 12:0 a.m.20 views

Linux/x64 - Bind_tcp (0.0.0.0:4444) + Password (12345678) + Shell (/bin/sh) Shellcode (142 bytes)

/ Exploit Title: Linux/x64 - Bindtcp 0.0.0.0:4444 + Password 12345678 + Shell /bin/sh Shellcode 142 bytes Author: Guillem Alminyana Platform: GNU Linux x64 ===================================== Compile: gcc -fno-stack-protector -z execstack shellcode.c -o shellcode / include include unsigned char...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/01/22 12:0 a.m.119 views

Windows/x86 - Stager Generic MSHTA Shellcode (143 bytes)

Exploit Title: Windows/x86 - Stager Generic MSHTA Shellcode 143 bytes Exploit Author: Armando Huesca Prida Date: 11-01-2021 Tested on: Windows 7 Professional 6.1.7601 SP1 Build 7601 x86 Windows Vista Ultimate 6.0.6002 SP2 Build 6002 x86 Windows Server 2003 Enterprise Edition 5.2.3790 SP1 Build 37...

0.2AI score
Exploits0
0day.today
0day.today
added 2021/01/22 12:0 a.m.45 views

Selea CarPlateServer (CPS) 4.0.1.6 - Local Privilege Escalation Vulnerability

Exploit Title: Selea CarPlateServer CPS 4.0.1.6 - Local Privilege Escalation Exploit Author: LiquidWorm Vendor Homepage: https://www.selea.com Selea CarPlateServer CPS v4.0.1.6 Local Privilege Escalation Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: 4.0.1.6210120...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/01/20 12:0 a.m.55 views

Linux/x86 - Socat Bind Shellcode (113 bytes)

/ Exploit Title: Linux/x86 - Socat Bind Shellcode 113 bytes Author: Felipe Winsnes Tested on: Debian x86 Shellcode Length: 113 global start section .text start: xor eax, eax push eax PUSH 0x30303030 ; "tcp-listen:10000" PUSH 0x313a6e65 PUSH 0x7473696c PUSH 0x2d706374 mov esi, esp push eax PUSH...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/01/20 12:0 a.m.26 views

Linux/x64 - Reverse (127.1.1.1:4444) Shell (/bin/sh) Shellcode (123 Bytes)

/ Exploit Title: Linux/x64 - Reverse Shell Author: Guillem Alminyana Date: 2021-01-18 Platform: GNU Linux x64 ===================================== This shellcode connects back to 127.1.1.1 address on port 4444 Listener needs to be opened before execute: nc -lvp 4444 Compile: gcc...

0.4AI score
Exploits0
0day.today
0day.today
added 2021/01/18 12:0 a.m.53 views

Microsoft Spooler Local Privilege Elevation Exploit

This exploit leverages a file write vulnerability in the print spooler service which will restart if stopped. Because the service cannot be stopped long enough to remove the dll, there is no way to remove the dll once it is loaded by the service. Essentially, on default settings, this module adds...

7.8CVSS8.7AI score0.14179EPSS
Exploits10
0day.today
0day.today
added 2021/01/18 12:0 a.m.181 views

IBM Spectrum LSF 10.1 / 10.2 Hardcoded Eauth Key / Eauth Key Exposure Vulnerability

================================================================================ Multiple IBM Spectrum LSF Authentication Vulnerabilities Eauth - CVE-2020-4983 ================================================================================ Software: Spectrum LSF Vendor: IBM Affected Versions:...

7.8CVSS7.8AI score0.00437EPSS
Exploits1
0day.today
0day.today
added 2021/01/14 12:0 a.m.101 views

Cisco RV110W 1.2.1.7 - (vpn_account) Denial of Service Exploit

Exploit Title: Cisco RV110W 1.2.1.7 - 'vpnaccount' Denial of Service PoC Exploit Author: Shizhi He Vendor Homepage: https://www.cisco.com/ Software Link: https://software.cisco.com/download/home/283879340/type/282487380/release/1.2.1.7 Version: V1.2.1.7 Tested on: RV110W V1.2.1.7 CVE :...

7.2CVSS7AI score0.05628EPSS
Exploits4
0day.today
0day.today
added 2021/01/13 12:0 a.m.48 views

Erlang Cookie - Remote Code Execution Exploit

Exploit Title: Erlang Cookie - Remote Code Execution Exploit Author: 1F98D Original Author: Milton Valencia wetw0rk Software Link: https://www.erlang.org/ Version: N/A Tested on: Debian 9.11 x64 References: https://insinuator.net/2017/10/erlang-distribution-rce-and-a-cookie-bruteforcer/ Erlang...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/01/12 12:0 a.m.99 views

Cloud Filter Arbitrary File Creation / Privilege Escalation Exploit

This Metasploit module exploits a vulnerability in cldflt.sys. The Cloud Filter driver on Windows 10 v1803 and later, prior to the December 2020 updates, did not set the IOFORCEACCESSCHECK or OBJFORCEACCESSCHECK flags when calling FltCreateFileEx and FltCreateFileEx2 within its...

7.8CVSS8.1AI score0.13958EPSS
Exploits4
0day.today
0day.today
added 2021/01/12 12:0 a.m.34 views

Linux/x86 - bind shell on port 13377 Shellcode (65 bytes)

Exploit Title: Linux/x86 - bind shell on port 13377 Shellcode 65 bytes Date: Jan 12, 2021 Exploit Author: ac3 Version: Linux x86 Tested on: Linux x86 linux x86 nc -lvve/bin/sh -p13377 shellcode This shellcode will listen on port 13377 using netcat and give /bin/sh to connecting attacker 31 c0 xor...

Exploits0
0day.today
0day.today
added 2021/01/12 12:0 a.m.49 views

WordPress AIT CSV Import/Export 3.0.3 Shell Upload Exploit

WordPress AIT CSV Import/Export plugin versions 3.0.3 and below allow unauthenticated remote attackers to upload and execute arbitrary PHP code. The upload-handler does not require authentication, nor validates the uploaded content. It may return an error when attempting to parse a CSV, however t...

0.5AI score
Exploits0
0day.today
0day.today
added 2021/01/11 12:0 a.m.70 views

Coturn 4.5.1.x Access Control Bypass Vulnerability

Coturn 4.5.1.x Access Control Bypass Vulnerability Loopback access control bypass in coturn by using 0.0.0.0, ::1 or :: as the peer address - Fixed version: 4.5.2 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-01-coturn-access-control-bypass - Coturn...

7.2CVSS7.1AI score0.01282EPSS
Exploits3
0day.today
0day.today
added 2021/01/08 12:0 a.m.57 views

dnsrecon 0.10.0 - CSV Injection Vulnerability

Exploit Title: dnsrecon 0.10.0 - CSV Injection Author: Dolev Farhi Vendor Homepage: https://github.com/darkoperator/dnsrecon/ Version : 0.10.0 Tested on: ParrotOS 4.10 dnsrecon, when scanning a TXT record such as SPF, i.e.: spf.domain.com, outputs a CSV report -c out.csv with entries such as...

7.1AI score
Exploits0
0day.today
0day.today
added 2021/01/07 12:0 a.m.40 views

NTLM BITS SYSTEM Token Impersonation Exploit

This Metasploit module exploit BITS behavior which tries to connect to the local Windows Remote Management server WinRM every times it starts. The module launches a fake WinRM server which listen on port 5985 and triggers BITS. When BITS starts, it tries to authenticate to the Rogue WinRM server,...

7.3AI score
Exploits0
0day.today
0day.today
added 2021/01/07 12:0 a.m.167 views

Dovecot 2.3.11.3 Denial Of Service Vulnerability

Dovecot 2.3.11.3 Denial Of Service Vulnerability Vendor: OX Software GmbH Internal reference: DOV-4113 Bug ID Vulnerability type: CWE-20: Improper Input Validation Vulnerable version: 2.3.11-2.3.11.3 Vulnerable component: lda, lmtp, imap Report confidence: Confirmed Solution status: Fixed by Vend...

7.5CVSS0.05215EPSS
Exploits2
0day.today
0day.today
added 2021/01/06 12:0 a.m.64 views

H2 Database 1.4.199 - JNI Code Execution Vulnerability

Exploit Title: H2 Database 1.4.199 - JNI Code Execution Exploit Author: 1F98D Original Author: Markus Wulftange Vendor Hompage: https://www.h2database.com/ Tested on: Windows 10 x64, Java 1.8, H2 1.4.199 References:...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/01/06 12:0 a.m.40 views

PaperStream IP (TWAIN) 1.42.0.5685 - Local Privilege Escalation

Exploit Title: PaperStream IP TWAIN 1.42.0.5685 - Local Privilege Escalation Exploit Author: 1F98D Original Author: securifera Vendor Hompage: https://www.fujitsu.com/global/support/products/computing/peripheral/scanners/fi/software/fi6x30-fi6x40-ps-ip-twain32.html CVE: CVE-2018-16156 Tested on:...

7.8CVSS7.7AI score0.02557EPSS
Exploits4
0day.today
0day.today
added 2021/01/06 12:0 a.m.161 views

IObit Uninstaller 10 Pro - Unquoted Service Path Vulnerability

Exploit Title: IObit Uninstaller 10 Pro - Unquoted Service Path Exploit Author: Mayur Parmarth3cyb3rc0p Vendor Homepage: https://www.iobit.com Software Link: https://www.iobit.com/en/advanceduninstaller.php Version: 10 Tested on Windows 10 Unquoted Service Path: When a service is created whose...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/01/06 12:0 a.m.34 views

WinAVR Version 20100110 - Insecure Folder Permissions Vulnerability

Exploit Title: WinAVR Version 20100110 - Insecure Folder Permissions Exploit Author: Mohammed Alshehri Vendor Homepage: https://sourceforge.net/projects/winavr/ Software Link: https://sourceforge.net/projects/winavr/files/WinAVR/20100110/WinAVR-20100110-install.exe Version: Version 20100110 Teste...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/01/06 12:0 a.m.22 views

dirsearch 0.4.1 - CSV Injection Vulnerability

Exploit Title: dirsearch 0.4.1 - CSV Injection Author: Dolev Farhi Vendor Homepage: https://github.com/maurosoria/dirsearch Version : 0.4.1 Tested on: Debian 9.13 dirsearch, when used with the --csv-report flag, writes the results of crawled endpoints which redirect, to a csv file without...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/01/05 12:0 a.m.28 views

Node.js TLSWrap Use-After-Free Vulnerability

Node.js: use-after-free in TLSWrap Node v14.11.0 Current is vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method...

Exploits0
0day.today
0day.today
added 2021/01/05 12:0 a.m.27 views

Intel Matrix Storage Event Monitor x86 8.0.0.1039 - (IAANTMON) Unquoted Service Path Vulnerability

Exploit Title: IntelR Matrix Storage Event Monitor x86 8.0.0.1039 - 'IAANTMON' Unquoted Service Path Exploit Author: Geovanni Ruiz Vendor Homepage: https://www.intel.com Software Version: 8.0.0.1039 File Version: 8.0.0.1039 Tested on: Microsoft® Windows Vista Business 6.0.6001 Service Pack 1 x64e...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/01/05 12:0 a.m.44 views

PLANEX CS-QP50F-ING2 Remote Configuration Disclosure Vulnerability

PLANEX CS-QP50F-ING2 security surveillance smart camera remote configuration disclosure exploit. !/usr/bin/perl PLANEX CS-QP50F-ING2 Security Surveillance Smart Camera Remote Configuration Disclosure - Mass Exploiter Copyright 2021 c Todor Donev https://donev.eu/ Disclaimer: This or previous...

7.5AI score
Exploits0
0day.today
0day.today
added 2021/01/05 12:0 a.m.61 views

Fluentd TD-agent plugin 4.0.1 - Insecure Folder Permission Vulnerability

Exploit Title: Fluentd TD-agent plugin 4.0.1 - Insecure Folder Permission Exploit Author: Adrian Bondocea Vendor Homepage: https://www.fluentd.org/ Software Link: https://td-agent-package-browser.herokuapp.com/4/windows Version: icacls C:\opt\td-agent\bin C:\opt\td-agent\bin...

7CVSS7.1AI score0.01171EPSS
Exploits4
Total number of security vulnerabilities39001