Результаты поиска

NETGATE Registry Cleaner 16.0.205 - Unquoted Service Path Privilege Escalation ######################################################################### # Exploit Title: NETGATE Registry Cleaner Unquoted Service Path Privilege Escalation # Date: 15/10/2016 # Author: Amir.ght # Vendor Homepage...

NETGATE AMITI Antivirus 23.0.305 - Unquoted Service Path Privilege Escalation ######################################################################### # Exploit Title: NETGATE AMITI Antivirus Unquoted Service Path Privilege Escalation # Date: 15/10/2016 # Author: Amir.ght # Vendor Homepage...

Hotspot Shield 6.0.3 - Unquoted Service Path Privilege Escalation ######################################################################### # Exploit Title: Hotspot Shield Unquoted Service Path Privilege Escalation # Date: 13/10/2016 # Author: Amir.ght # Vendor Homepage...

Snes9K 0.0.9z - Denial of Service (PoC) # Exploit Title: Snes9K 0.0.9z - Denial of Service (PoC) # Date: 2018-09-28 # Exploit Author: crash_manucoot # Vendor Homepage: https://sourceforge.net/projects/snes9k/ # Software Link: https://sourceforge.net/projects/snes9k/files/latest/download #...

Mozilla Firefox 49.0.1 - Denial of Service ''' #Title: Firefox 49.0.1 crash Denial of Service #Date: 15 Oct 2016 #Author: sultan albalawi #video: https://www.facebook.com/pentest3/videos/vb.100012552940568/199310163830747/?type=2&theater #Tested on:win7 #Open link in firefox #Double click on...

VOX Music Player 2.8.8 - '.pls' Denial of Service # Exploit Title: VOX Music Player 2.8.8 '.pls' Local Crash PoC # Date: 10-12-2016 # Exploit Author: Antonio Z. # Vendor Homepage: http://coppertino.com/vox/mac/ # Software Link: http://dl.devmate.com/com.coppertino.Vox/Vox.dmg # Version: 2.8.8...

Microsoft Edge - Sandbox Escape 1. Content process -> Privileged content process (first_stage.js) When spawning a new Edge content process, its privilege is determined by its URL. This URL check is performed by the LCIEUrlPolicy::GetPICForPrivilegedInternalPage method in eModel.dll. The method...

PCProtect 4.8.35 - Privilege Escalation # Exploit Title: PCProtect 4.8.35 - Privilege Escalation # Date: 2018-09-11 # Exploit Author: Hashim Jawad - @ihack4falafel # Vendor Homepage: https://www.pcprotect.com/ # Vulnerable Software: https://www.pcprotect.com/download # Tested on: Windows 7...

TransMac 12.2 - Denial of Service (PoC) # Exploit Title: TransMac 12.2 - Denial of Service (PoC) # Author: Gionathan "John" Reale # Discovey Date: 2018-09-26 # Software Link: http://www.acutesystems.com/tmac/tmsetup.exe # Tested Version: 12.2 # Tested on OS: Windows 7 32-bit # Steps to...

Google Android - Binder Generic ASLR Leak Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=889 The interaction between the kernel /dev/binder and the usermode Parcel.cpp mean that when a binder object is passed as BINDER_TYPE_BINDER or BINDER_TYPE_WEAK_BINDER, a pointer to...

Linux Kernel - VMA Use-After-Free via Buggy vmacache_flush_all() Fastpath Local Privilege Escalation Since commit 615d6e8756c8 ("mm: per-thread vma caching", first in 3.15), Linux has per-task VMA caches that contain up to four VMA pointers for fast lookup. VMA caches are invalidated by...

Cisco Webex Player T29.10 - '.ARF' Out-of-Bounds Memory Corruption ##################################################################################### # Application: Cisco Webex Player # Platforms: Windows # Versions: Cisco Webex Meeting Player version T29.10 # Author: Francis Provencher of...

Adobe Flash Player 23.0.0.162 - '.SWF' ConstantPool Critical Memory Corruption ##################################################################################### # Application: Adobe Flash Player # Platforms: Windows,OSX # Versions: 23.0.0.162 and earlier # Author: Francis Provencher of...

Categorizator 0.3.1 - SQL Injection # Exploit Title: Categorizator 0.3.1 | SQL Injection # Date: 03/09/16 # Exploit Author: Wad Deek # Vendor Homepage: http://lelogiciellibre.net/telecharger/annuaire-web.php # Software Link...

WebKit - 'WebCore::SVGTextLayoutAttributes::context' Use-After-Free <!-- There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on the ASan build of the latest WebKit source on OSX. PoC: =================================================================...

WebKit - 'WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded' Use-After-Free <!-- There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on the ASan build of the latest WebKit source on OSX. PoC...

Cisco Webex Player T29.10 - '.WRF' Use-After-Free Memory Corruption ##################################################################################### # Application: Cisco Webex Player # Platforms: Windows # Versions: Cisco Webex Meeting Player version T29.10 # Author: Francis Provencher...

Allwinner 3.4 Legacy Kernel - Local Privilege Escalation (Metasploit) ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require "msf/core" class MetasploitModule < Msf::Exploit::Local Rank =...

WebKit - 'WebCore::SVGTRefElement::updateReferencedText' Use-After-Free <!-- There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on the ASan build of WebKit revision 233006 on OSX. PoC: =================================================================...

WebKit - 'WebCore::RenderLayer::updateDescendantDependentFlags' Use-After-Free <!-- There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on the ASan build of the latest WebKit source on OSX. PoC...

WebKit - 'WebCore::InlineTextBox::paint' Out-of-Bounds Read <!-- There is a out-of-bounds read security vulnerability in WebKit. The vulnerability was confirmed on the ASan build of WebKit revision 233419 on OSX. The vulnerability has also been confirmed on Safari 11.1.1 sources grabbed from...

Linux Kernel 3.13.1 - 'Recvmmsg' Local Privilege Escalation (Metasploit) ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require "msf/core" class MetasploitModule < Msf::Exploit::Local Rank =...

WebKit - 'WebCore::RenderMultiColumnSet::updateMinimumColumnHeight' Use-After-Free <!-- There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on the ASan build of WebKit revision 233419 on OSX. The vulnerability has also been confirmed on Safari 11.1.1...

WebKit - 'WebCore::AXObjectCache::handleMenuItemSelected' Use-After-Free <!-- There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on the ASan build of WebKit revision 233006 on OSX. Note that accessibility features need to be enabled in order to trigger...

WebKit - 'WebCore::Node::ensureRareData' Use-After-Free <!-- There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on the ASan build of WebKit revision 233006 on OSX. PoC: ================================================================= --> <style>...