Clik here to view.
NfSen
EDB-ID: 42314Author: Paul TaylorPublished: 2017-07-11CVE: CVE-2017-6972... Type: WebappsPlatform: LinuxVulnerable App: # Version: NfSen 1.3.6p1, 1.3.7 and 1.3.7-1~bpo80+1_all. Previous versions are...
View ArticleClik here to view.
Microsoft Windows EternalBlue SMB Remote Code Execution
Microsoft Windows versions 7, 8.1, 2008 R2, 2012 R2, and 2016 R2 EternalBlue SMB remote code execution exploit that leverages the issue noted in MS17-0101.MD5 |...
View ArticleClik here to view.
NfSen 1.3.7 / AlienVault OSSIM 4.3.1 customfnt Command Injection
NfSen version 1.3.7 and AlienVault OSSIM version 4.3.1 suffer from a customfmt command injection vulnerability.MD5 | e7f34839cb159cbb036031d2d0f759efDownload# Exploit Title: NfSen/AlienVault remote...
View ArticleClik here to view.
xfrm Out-Of-Bounds Read
When dealing with XFRM_MSG_MIGRATE message, xfrm_migrate func does not check dir value of xfrm_userpolicy_id. This will cause out of bound access to net->xfrm.policy_bydst in policy_hash_direct func...
View ArticleClik here to view.
DataTaker DT80 dEX 1.50.012 Sensitive Configuration Exposure
DataTaker DT80 dEX version 1.50.012 suffers from an information disclosure vulnerability.MD5 | 4b412721586372d97d957ff8f8b6d297Download[+] Title: DataTaker DT80 dEX 1.50.012 - Sensitive Configurations...
View ArticleClik here to view.
ObjectPlanet Opinio 7.6.3 Cross Site Scripting
ObjectPlanet Opinio versions 7.6.3 and below suffer from a cross site scripting vulnerability.MD5 | 2c6e538a5255abbbe63a715b422d9339DownloadVendor: ObjectPlanetProduct: OpinioVersion: Up to 7.6.3...
View ArticleClik here to view.
IBM Informix 12.10 DB-Access Buffer Overflow
IBM Informix DB-Access utility is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. The vulnerability is triggered...
View ArticleClik here to view.
RaidenHTTPD 2.0.44 User-Agent Cross Site Scripting
RaidenHTTPD version 2.0.44 suffers from a cross site scripting vulnerability via the user-agent header.MD5 | 280b6748678ae5a593570faa3573d0a8Download# Exploit Title: RaidenHTTPD 2.0.44 - User-Agent -...
View ArticleClik here to view.
AGFEO Smart Home ES 5xx / 6xx Authentication Bypass / XSS / Hardcoded...
AGFEO Smart Home ES 5xx / 6xx versions 1.9b and 1.10 suffers from authentication bypass, cross site scripting, and hard-coded private key vulnerabilities.MD5 |...
View ArticleClik here to view.
Microsoft Windows Kernel 'Win32k.sys' CVE-2017-0263 Local Privilege...
Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code in kernel mode with elevated privileges. InformationBugtraq...
View ArticleClik here to view.
EMC Undocumented Accounts
EMC ViPR SRM, EMC Storage M and R, EMC VNX M and R, EMC M and R for SAS Solution Packs contain undocumented accounts with default passwords for Webservice Gateway and RMI JMX components. A remote...
View ArticleClik here to view.
iSmartAlarm Backend Server-Side Request Forgery
iSmartAlarm Backend suffers from a server-side request forgery vulnerability.MD5 | b5d5cf63554a6ef5398768341cf415ecDownload[+] Credits: Ilia Shnaidman[+]...
View ArticleClik here to view.
Skype for Business 2016 - Cross-Site Scripting
EDB-ID: 42316Author: nyxgeekPublished: 2017-07-12CVE: CVE-2017-8550 Type: RemotePlatform: WindowsVulnerable App: N/A # # Exploit Author: @nyxgeek - TrustedSec # Date: 2017-04-10 # Vendor Homepage:...
View ArticleClik here to view.
Dasan Networks GPON ONT WiFi Router H64X Series - Configuration Download
EDB-ID: 42323Author: LiquidWormPublished: 2017-07-13CVE: N/A Type: WebappsPlatform: HardwareVulnerable App: N/A Vendor: Dasan Networks Product web page: http://www.dasannetworks.com |...
View ArticleClik here to view.
Dasan Networks GPON ONT WiFi Router H64X Series - Authentication Bypass
EDB-ID: 42320Author: LiquidWormPublished: 2017-07-13CVE: N/A Type: WebappsPlatform: HardwareVulnerable App: N/A Vendor: Dasan Networks Product web page: http://www.dasannetworks.com |...
View ArticleClik here to view.
Dasan Networks GPON ONT WiFi Router H64X Series - Cross-Site Request Forgery
EDB-ID: 42321Author: LiquidWormPublished: 2017-07-13CVE: N/A Type: WebappsPlatform: HardwareVulnerable App: N/A Vendor: Dasan Networks Product web page: http://www.dasannetworks.com |...
View ArticleClik here to view.
Dasan Networks GPON ONT WiFi Router H64X Series - Privilege Escalation
EDB-ID: 42322Author: LiquidWormPublished: 2017-07-13CVE: N/A Type: WebappsPlatform: HardwareVulnerable App: N/A Vendor: Dasan Networks Product web page: http://www.dasannetworks.com |...
View ArticleClik here to view.
Microsoft Office CVE-2015-1641 Memory Corruption Vulnerability
Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit...
View ArticleClik here to view.
Microsoft Windows CVE-2014-4114 OLE Package Manager Remote Code Execution...
Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. An attacker can leverage...
View ArticleClik here to view.
Microsoft Windows Kernel 'Win32k.sys' CVE-2016-7255 Local Privilege...
Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code in kernel mode with...
View Article