Результаты поиска

Adobe Flash - BitmapData.copyPixels Use-After-Free Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=843 There is a use-after-free in BitmapData.copyPixels. If the method is called on a MovieClip, and the MovieClip is deleted during parameter conversions, it is used to convert...

HD Tune Pro 5.70 - Denial of Service (PoC) # Exploit Title: HD Tune Pro 5.70 - Denial Of Service (PoC) # Author: Gionathan "John" Reale # Discovey Date: 2018-08-29 # Homepage: https://www.hdtune.com/ # Software Link: https://www.hdtune.com/download.html # Tested Version: v5.70 # Tested on OS...

Adobe Flash - MovieClip Transform Getter Use-After-Free Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=844 There is a use-after-free in the MovieClip Transform getter. If the Transform constructor is replaced with a getter using addProperty, this getter can free the...

Adobe Flash - Stage.align Setter Use-After-Free Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=838 There is a use-after-free in the Stage.align property setter. When the setter is called, the parameter is converted to a string early, as a part of the new use-after-free...

Adobe Flash - Use-After-Free When Returning Rectangle Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=842 Several methods in flash return instances of the Rectangle class. There is a use-after-free in creating these objects for return. If the this object of the call is a...

Argus Surveillance DVR 4.0.0.0 - Directory Traversal # Exploit: Argus Surveillance DVR 4.0.0.0 - Directory Traversal # Author: John Page (aka hyp3rlinx) # Date: 2018-08-28 # Vendor: www.argussurveillance.com # Software Link: http://www.argussurveillance.com/download/DVR_stp.exe # CVE: N/A #...

ipPulse 1.92 - 'TCP Port' Denial of Service (PoC) # Exploit Title: ipPulse 1.92 - 'TCP Port' Denial of Service (PoC) # Discovery by: Diego Santamaria # Discovery Date: 2018-08-28 # Vendor Homepage: https://www.netscantools.com/ippulseinfo.html # Software Link...

Adobe Flash - Selection.setFocus Use-After-Free Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=841 There is a user-after-free in Selection.setFocus. It is a static method, but if it is called with a this object, it will be called on that object's thread. Then, if it calls...

Fathom 2.4 - Denial Of Service (PoC) # Exploit Title: Fathom 2.4 - Denial Of Service (PoC) # Author: Gionathan "John" Reale # Discovey Date: 2018-08-28 # Homepage: https://fathom.concord.org/ # Software Link: https://fathom.concord.org/download/ # Tested Version: v2.4 # Tested on OS: Windows 7...

[Persian] Android Security and Forensic Science 40299.pdf

Immunity Debugger 1.85 - Denial of Service (PoC) # Exploit Title: Immunity Debugger 1.85 - Denial of Service (PoC) # Author: Gionathan "John" Reale # Date: 2018-08-28 # Homepage: https://www.immunityinc.com/ # Software Link: https://www.immunityinc.com/products/debugger/index.html # Tested...

phpMyAdmin 4.7.x - Cross-Site Request Forgery # Exploit Title: phpMyAdmin 4.7.x - Cross-Site Request Forgery # Date: 2018-08-28 # Exploit Author: VulnSpy # Vendor Homepage: https://www.phpmyadmin.net/ # Software Link: https://www.phpmyadmin.net/downloads/ # Version: Versions 4.7.x (prior to...

WordPress Plugin CYSTEME Finder 1.3 - Arbitrary File Disclosure/Arbitrary File Upload Exploit Title: WordPress CYSTEME Finder Plugin 1.3 - Arbitrary File Dislcosure/Arbitrary File Upload Link: https://wordpress.org/plugins/cysteme-finder/ Version: 1.3 Date: August 23rd 2016 Exploit Author...

Microsoft Windows - JScript RegExp.lastIndex Use-After-Free <!-- There is a use-after-free vulnerability in jscript.dll related to how the lastIndex property of a RegExp object is handled. This vulnerability can be exploited through Internet Explorer or potentially through WPAD over local...

NASA openVSP 3.16.1 - Denial of Service (PoC) # Exploit Title: NASA openVSP 3.16.1 - Denial of Service (PoC) # Exploit Author : L0RD # Date: 2018-08-28 # Vendor Homepage : https://software.nasa.gov/software/LAR-17491-1 # Software link: https://github.com/nasa/OpenVSP # Version: 3.16.1 # Tested...

WordPress Plugin Plainview Activity Monitor 20161228 - (Authenticated) Command Injection <!-- About: =========== Component: Plainview Activity Monitor (Wordpress plugin) Vulnerable version: 20161228 and possibly prior Fixed version: 20180826 CVE-ID: CVE-2018-15877 CWE-ID: CWE-78 Author: -...

Eye of Gnome 3.10.2 - GMarkup Out of Bounds Write # Exploit Title: Gnome Eye of Gnome Out-of-bounds-write # Exploit Author: Kaslov Dmitri # Vendor Homepage: https://wiki.gnome.org/Apps/EyeOfGnome # Version: 3.10.2 # Tested on: Ubuntu 14.04 LTS # CVE: CVE-2016-6855 Proof of Concept...

Phoenix Exploit Kit - Remote Code Execution (Metasploit) ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking...

Electron WebPreferences - Remote Code Execution CVE-2018-15685 - Electron WebPreferences Remote Code Execution This is a minimal Electron application with a POC for CVE-2018-15685. A remote code execution vulnerability has been discovered affecting apps with the ability to open nested child...

WordPress Core 4.5.3 - Directory Traversal / Denial of Service Path traversal vulnerability in WordPress Core Ajax handlers Abstract A path traversal vulnerability was found in the Core Ajax handlers of the WordPress Admin API. This issue can (potentially) be used by an authenticated user...

HP Jetdirect - Path Traversal Arbitrary Code Execution (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require "rex/proto/pjl" class MetasploitModule < Msf::Exploit::Remote Rank =...

WordPress Plugin Mail Masta 1.0 - Local File Inclusion [+] Date: [23-8-2016] [+] Autor Guillermo Garcia Marcos [+] Vendor: https://downloads.wordpress.org/plugin/mail-masta.zip [+] Title: Mail Masta WP Local File Inclusion [+] info: Local File Inclusion The File Inclusion vulnerability...

Foxit PDF Reader 9.0.1.1049 - Pointer Overwrite Use-After-Free (Metasploit) ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking include...

Hunting HTML 5 postMessage Vulnerabilities 40287.pdf

Responsive FileManager < 9.13.4 - Directory Traversal The following vulnerabilities were fixed in the version 9.13.4. https://responsivefilemanager.com #1 Path Traversal Allows to Read Any File Reserved CVE: CVE-2018-15535 Discovered By: Simon Uvarov Vendor Status: Fixed Details: The...