Clik here to view.
Grundig Smart Inter@ctive 3.0 - Cross-Site Request Forgery
EDB-ID: 45022Author: t4rkd3vilzPublished: 2018-07-13CVE: CVE-2018-13989 Type: WebappsPlatform: HardwareVulnerable App: N/A # Date: 2018-07-§3 # Exploit Author: Ahmethan-Gultekin - t4rkd3vilz # Vendor...
View ArticleClik here to view.
Huawei eNSP Buffer Overflow
Huawei eNSP version 1 suffers from a buffer overflow vulnerability that results in a denial of service condition.MD5 | ea0e5d03687dc7fb48390b25b9754758DownloadDocument Title:===============Huawei eNSP...
View ArticleClik here to view.
Barracuda ADC 5.x Cross Site Scripting
Barracuda ADC version 5.x suffers from cross site scripting vulnerabilities.MD5 | 99b253616567048a1e05557ba0af4897DownloadDocument Title:===============Barracuda ADC v5.x - Multiple Persistent...
View ArticleClik here to view.
Fortify SSC 17.10 / 17.20 / 18.10 XXE Injection
Fortify SSC versions 17.10, 17.20, and 18.10 suffer from an out-of-band XML external entity injection vulnerability.MD5 | 5d336ed86682dde9438aa03537aed720DownloadDetails================Software:...
View ArticleClik here to view.
OpenConext-EngineBlock 5.7.3 Cross Site Scripting
OpenConext-EngineBlock versions 5.7.0 through 5.7.3suffers from a cross site scripting vulnerability.MD5 | 0f69b9dff062062f1f42999854188322Download-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512XSS...
View ArticleClik here to view.
ISS For Business 14.0.1400.2029 Blue Screen Of Death
In MicroWorld eScan Internet Security Suite (ISS) for Business version 14.0.1400.2029, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \\.\econceal to cause a...
View ArticleClik here to view.
Total AV 4.6.19 Insecure Permissions
A vulnerability allows local attackers to escalate privilege on TotalAV versions 4.1.7 through 4.6.19 because of weak "C:\Program Files\TotalAV" permissions. The specific flaw exists within the access...
View ArticleClik here to view.
G DATA TOTAL SECURITY 25.4.0.3 Active-X Buffer Overflow
G DATA TOTAL SECURITY version 25.4.0.3 suffers from an active-x buffer overflow vulnerability.MD5 | 90c8424162c88e3a300d66cb5666405aDownload=====[ Tempest Security Intelligence - ADV-24/2018 ]===G DATA...
View ArticleClik here to view.
Clam AntiVirus parsehwp3_paragraph() Denial Of Service
Secunia Research has discovered a vulnerability in Clam AntiVirus, which can be exploited by malicious people to cause a DoS (Denial of Service). An integer overflow error within the...
View ArticleClik here to view.
Hadoop YARN ResourceManager Unauthenticated Command Execution
This Metasploit module exploits an unauthenticated command execution vulnerability in Apache Hadoop through ResourceManager REST API.MD5 | b4238f62a3c92ba834b83f14ddc4f179Download### This module...
View ArticleClik here to view.
Microsoft Windows POP/MOV SS Local Privilege Elevation
This Metasploit module exploits a vulnerability in a statement in the system programming guide of the Intel 64 and IA-32 architectures software developer's manual being mishandled in various operating...
View ArticleClik here to view.
Hadoop YARN ResourceManager - Unauthenticated Command Execution (Metasploit)
EDB-ID: 45025Author: MetasploitPublished: 2018-07-13CVE: N/A Type: RemotePlatform: LinuxAliases: N/AAdvisory/Source: LinkTags: Metasploit Framework (MSF), RemoteVulnerable App: N/A # This module...
View ArticleClik here to view.
Microsoft Windows - POP/MOV SS Local Privilege Elevation (Metasploit)
EDB-ID: 45024Author: MetasploitPublished: 2018-07-13CVE: CVE-2018-8897 Type: LocalPlatform: WindowsAliases: N/AAdvisory/Source: LinkTags: Metasploit Framework (MSF), LocalVulnerable App: N/A # This...
View ArticleClik here to view.
macOS / iOS OfficeImporter JavaScript Injection
macOS and iOS suffer from a javascript injection bug in OfficeImporter.MD5 | 8a77e3c5cc05866fe394bdbf6a928d1bDownloadSource:packetstormsecurity.com
View ArticleClik here to view.
Linux execve(/bin/sh) Shellcode
21 bytes small Linux x86_64 execve(/bin/sh) shellcode.MD5 | bade4240797a316204c40812a27ac5a0Download/*; Title : execve(/bin/sh) - Shellcode; Author : Hashim Jawad @ihack4falafel; OS : Linux kali...
View ArticleClik here to view.
Linux/Ubuntu Coredump Reading Access Bypass
Linux/Ubuntu suffers from a vulnerability where other users' coredumps can be read via a setgid directory and killpriv bypass.MD5 | 643a11ef1ca33c7ad1aef476e210c8b8DownloadLinux/Ubuntu: other users'...
View ArticleClik here to view.
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Default Credentials
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems utilize hard-coded credentials within its Linux distribution image. These sets of credentials are never exposed to the end-user and...
View ArticleClik here to view.
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Remote Root
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems suffer from multiple authenticated arbitrary remote code execution vulnerabilities with highest privileges. This is due to multiple...
View ArticleClik here to view.
VelotiSmart WiFi B-380 Camera Directory Traversal
VelotiSmart WiFi B-380 Camera suffers from a directory traversal vulnerability.MD5 | 8751fc8d501690682d891ec46e468a3fDownloadTitle: Vulnerability in VelotiSmart Wifi - Directory TraversalDate:...
View ArticleClik here to view.
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Denial Of Service
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems have an undocumented and hidden feature that allows an authenticated attacker to list running processes in the operating system and...
View Article