Clik here to view.
macOS getrusage Stack Leak
macOS suffers from a getrusage stack leak through struct padding.MD5 | 7b47e5940f3ef53d7ed82338cc4b4ae9DownloadMacOS getrusage stack leak through struct padding CVE-2017-13869For 64-bit processes, the...
View ArticleClik here to view.
macOS / iOS Kernel IOSurfaceRootUserClient Double-Free
macOS and iOS suffer from a kernel double free vulnerability due to IOSurfaceRootUserClient not respecting MIG ownership rules.MD5 | 184f6e2345e9d5d30fb5251e4ff335fcDownloadSource:packetstormsecurity.com
View ArticleClik here to view.
Joomla! Component JBuildozer 1.4.1 - 'appid' SQL Injection
EDB-ID: 43323Author: Ihsan SencanPublished: 2017-12-12CVE: N/A Type: WebappsPlatform: PHPAliases: N/AAdvisory/Source: N/ATags: SQL Injection (SQLi)Vulnerable App: N/A # Exploit Title: Joomla! Component...
View ArticleClik here to view.
Accesspress Anonymous Post Pro < 3.2.0 - Unauthenticated Arbitrary File Upload
EDB-ID: 43324Author: Colette ChamberlandPublished: 2017-12-12CVE: CVE-2017-16949 Type: WebappsPlatform: PHPVulnerable App: N/A # Date: November 12, 2017 # Exploit Author: Colette Chamberland # Author...
View ArticleClik here to view.
macOS/iOS - Kernel Double Free due to Incorrect API Usage in Flow Divert...
EDB-ID: 43328Author: Google Security ResearchPublished: 2017-12-12CVE: CVE-2017-13867 Type: DosPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A Source:...
View ArticleClik here to view.
Apple XNU Kernel - Memory Corruption due to Integer Overflow in __offsetof...
EDB-ID: 43325Author: Google Security ResearchPublished: 2017-12-12CVE: CVE-2017-13876 Type: DosPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A is a pointer to a further...
View ArticleClik here to view.
macOS/iOS - Multiple Kernel Use-After-Frees due to Incorrect IOKit Object...
EDB-ID: 43326Author: Google Security ResearchPublished: 2017-12-12CVE: CVE-2017-13847 Type: DosPlatform: MultipleAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A Source:...
View ArticleClik here to view.
SAP Plant Connectivity CVE-2017-16690 DLL Loading Remote Code Execution...
SAP Plant Connectivity is prone to a remote code-execution vulnerability. A remote attacker can leverage this issue to execute arbitrary code in the context of the affected application. SAP Plant...
View ArticleClik here to view.
macOS - Kernel Code Execution due to Lack of Bounds Checking in...
EDB-ID: 43327Author: Google Security ResearchPublished: 2017-12-12CVE: CVE-2017-13875 Type: DosPlatform: macOSAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A Source:...
View ArticleClik here to view.
Libraw 0.18.5 Denial Of Service
Libraw version 0.8.15 suffers from a denial of service vulnerability.MD5 | 05f8390db2d984a68b3f2a0b472f4f59Download====================================================================== Secunia...
View ArticleClik here to view.
Meinberg LANTIME Web Configuration Utility 6.16.008 - Arbitrary File Read
EDB-ID: 43332Author: Jakub PalaczynskiPublished: 2017-12-13CVE: CVE-2017-16787 Type: WebappsPlatform: CGIVulnerable App: N/A Author: Jakub Palaczynski CVE: CVE-2017-16787 Exploit tested on:...
View ArticleClik here to view.
MikroTik RouterBoard 6.39.2 / 6.40.5 DNS Denial Of Service
MikroTik DNS daemon denial of service proof of concept exploit.MD5 | c3b26684e576d6b6c58b6f3270bef359DownloadSource:packetstormsecurity.com
View ArticleClik here to view.
MikroTik 6.40.5 Denial Of Service
MikroTik version 6.40.5 kernel failure denial of service proof of concept exploit.MD5 | 12c83cbcfbe3a5163c4f8fc4865dd781DownloadSource:packetstormsecurity.com
View ArticleClik here to view.
PS4 Remote Play 2.5.0.9220 DLL Hijacking
PS4 Remote Play version 2.5.0.9220 suffers from a dll hijacking vulnerability.MD5 | 75dc08c32f295ed4d0c576c54e2e2294DownloadApplication: PS4 Remote PlayApplication Version: 2.5.0.9220Platform:...
View ArticleClik here to view.
EMC Isilon OneFS Privilege Escalation
EMC Isilon OneFS versions 7.x and 8.x suffer from a privilege escalation vulnerability. They contain an issue where a 'compadmin' user can potentially run restricted system commands with elevated...
View ArticleClik here to view.
Zivif PR115-204-P-RS 2.3.4.2103 Bypass / Command Injection / Hardcoded Password
Zivif PR115-204-P-RS cameras version 2.3.4.2103 suffer from authentication bypass, command injection, and hardcoded password vulnerabilities.MD5 | c34cc75d39516718e28358cc3f925ed6DownloadAttack vector:...
View ArticleClik here to view.
Meinberg LANTIME Web Configuration Utility 6.16.008 Arbitrary File Read
Meinberg LANTIME Web Configuration Utility version 6.16.008 suffers from an arbitrary file read vulnerability.MD5 | 936472311cac9ef43b96368a13aa0968DownloadTitle: Meinberg LANTIME Web Configuration...
View ArticleClik here to view.
Meinberg LANTIME Web Configuration Utility 6.16.008 Arbitrary File Upload
Meinberg LANTIME Web Configuration Utility version 6.16.008 suffers from an arbitrary file upload vulnerability.MD5 | cea75b62b1121f93f0200e9c1039ce2eDownloadTitle: Meinberg LANTIME Web Configuration...
View ArticleClik here to view.
Meinberg LANTIME Web Configuration Utility 6.16.008 Authentication Bypass
Meinberg LANTIME Web Configuration Utility version 6.16.008 suffers from an authentication bypass vulnerability.MD5 | c9529fb287c20dc6b7600d4cb6aeb966DownloadTitle: Meinberg LANTIME Web Configuration...
View ArticleClik here to view.
Palo Alto Networks Firewalls Remote Root Code Execution
Three separate bugs can be used together to remotely execute commands as root through the web management interface without authentication on PAN-OS versions 6.1.18 and earlier, PAN-OS versions 7.0.18...
View Article