Clik here to view.
Sync Breeze Enterprise 10.1.16 Denial Of Service
Sync Breeze Enterprise version 10.1.16 suffers from a denial of service vulnerability.MD5 | 8434d980acd60c5efde73d1eb84cf0bdDownload# Exploit Title: Sync Breeze Enterprise Server v10.1.16 - Denial of...
View ArticleClik here to view.
Disk Pulse Enterprise 10.1.18 Denial Of Service
Disk Pulse Enterprise version 10.1.18 suffers from a denial of service vulnerability.MD5 | 9de19f1754253002aaabb3275205a48bDownload# Exploit Title: Disk Pulse Enterprise Server v10.1.18 - DOS,# Date:...
View ArticleClik here to view.
VX Search Enterprise 10.1.12 Denial Of Service
VX Search Enterprise version 10.1.12 suffers from a denial of service vulnerability.MD5 | 108fb6491d1696b262e5da416645d1deDownload# Exploit Title: VX Search Enterprise Server v10.1.12 - Denial of...
View ArticleClik here to view.
Yawcam 0.6.0 Directory Traversal
Yawcam versions 0.2.6 through 0.6.0 suffer from a directory traversal vulnerability.MD5 | 8b2ff035a9acdb60012023f99d73de9aDownloadDirectory traversal vulnerability in Yawcam webcam...
View ArticleClik here to view.
Synology PhotoStation 6.7.2-3429 Remote Root
This Metasploit module exploits multiple vulnerabilities in Synology PhotoStation. When combined these issues can be leveraged to gain a remote root shell.MD5 |...
View ArticleClik here to view.
Synology PhotoStation 6.7.2-3429 SQL Injection / File Disclosure
Synology PhotoStation versions 6.7.2-3429 and below suffer from file disclosure and remote SQL injection vulnerabilities.MD5 |...
View ArticleClik here to view.
Commvault Communications Service (cvd) Command Injection
This Metasploit module exploits a command injection vulnerability discovered in Commvault Service v11 SP5 and earlier versions (tested in v11 SP5 and v10). The vulnerability exists in the cvd.exe...
View ArticleClik here to view.
TOR Virtual Network Tunneling Tool 0.3.2.9
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with...
View ArticleClik here to view.
Commvault Communications Service (cvd) - Command Injection (Metasploit)
EDB-ID: 43472Author: MetasploitPublished: 2018-01-09CVE: N/A Type: RemotePlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A # This module requires Metasploit:...
View ArticleClik here to view.
Microsoft Edge Chakra JIT Op_MaxInAnArray / Op_MinInAnArray Misuse
Microsoft Edge Chakra JIT has an issue where Op_MaxInAnArray and Op_MinInAnArray Misuse can explicitly call user defined JavaScript functions.MD5 | 077ed40c3d16dd77486c3f7c155974d8DownloadMicrosoft...
View ArticleClik here to view.
Microsoft Edge Chakra JIT asm.js Out-Of-Bounds Read
Microsoft Edge Chakra JIT suffers from an out-of-bounds read in asm.js.MD5 | 0ad7db805f5e80c2d07d8d3efece99ceDownloadMicrosoft Edge: Chakra: OOB read in asm.js CVE-2017-11911Here's a snippet of...
View ArticleClik here to view.
Android ashmem Race Condition
The Android MemoryIntArray class allows processes to share an in-memory array of integers backed by an "ashmem" file descriptor. As the class implements the Parcelable interface, it can be inserted...
View ArticleClik here to view.
Microsoft Windows Kernel nt!NtQueryInformationProcess Stack Memory Disclosure
The Microsoft Windows kernel suffers from a stack memory disclosure in nt!NtQueryInformationProcess (information class 76, QueryProcessEnergyValues).MD5 |...
View ArticleClik here to view.
Microsoft Windows Kernel nt!NtQuerySystemInformation Memory Disclosure
The Microsoft Windows kernel pool suffers from a memory disclosure in nt!NtQuerySystemInformation (information class 138, QueryMemoryTopologyInformation).MD5 |...
View ArticleClik here to view.
Microsoft Edge Chakra JIT Escape Analysis Bug
Microsoft Edge Chakra fails to detect if "tmp" escapes the scope, allocates it to the stack. This may lead to dereference uninitialized stack values.MD5 |...
View ArticleClik here to view.
Microsoft Windows Kernel nt!PiUEventHandleGetEven Stack Memory Disclosure
The Microsoft Windows kernel suffers from a stack memory disclosure from nt!RawMountVolume via nt!PiUEventHandleGetEvent (\Device\DeviceApi\CMNotify device).MD5 |...
View ArticleClik here to view.
Microsoft Windows Kernel ATMFD.DLL Out-Of-Bounds Read
The Microsoft Windows OpenType ATMFD.DLL kernel-mode driver lacks any sort of sanitization of various 32-bit offsets found in .MMM files (Multiple Master Metrics), and instead uses them blindly while...
View ArticleClik here to view.
Microsoft Windows Kernel ATMFD.DLL NamedEscape 0x250D Pool Corruption
The Microsoft Windows OpenType ATMFD.DLL kernel-mode font driver has an undocumented "escape" interface, handled by the standard DrvEscape and DrvFontManagement functions implemented by the module. The...
View ArticleClik here to view.
Microsoft Windows Local XPS Print Spooler Sandbox Escape
The Microsoft Windows local print spooler can be abused to create an arbitrary file from a low privilege application including one in an AC as well as a typical Edge LPAC CP leading to elevation of...
View ArticleClik here to view.
Synology Photostation 6.7.2-3429 - Remote Code Execution (Metasploit)
EDB-ID: 43474Author: James BercegayPublished: 2018-01-10CVE: N/A Type: WebappsPlatform: PHPVulnerable App: N/A # This module requires Metasploit: http://metasploit.com/download # Current source:...
View Article