Clik here to view.
PeopleSoft ToolsRelease 8.55.03 / ToolsReleaseDB 8.55 / HCM 9.2 XSS
PeopleSoft ToolsRelease version 8.55.03, ToolsReleaseDB version 8.55, and HCM version 9.2 suffer from a TestServlet cross site scripting vulnerability.MD5 | 8a037c93fb00af442cd3d7d4c290d773Download1....
View ArticleClik here to view.
Metasploit RPC Console Command Execution
This Metasploit module connects to a specified Metasploit RPC server and uses the 'console.write' procedure to execute operating system commands. Valid credentials are required to access the RPC...
View ArticleClik here to view.
VICIdial user_authorization Unauthenticated Command Execution
This Metasploit module exploits a vulnerability in VICIdial versions 2.9 RC 1 to 2.13 RC1 which allows unauthenticated users to execute arbitrary operating system commands as the web server user if...
View ArticleClik here to view.
IPFire proxy.cgi Remote Code Execution
IPFire, a free linux based open source firewall distribution, version prior to 2.19 Update Core 110 contains a remote command execution vulnerability in the ids.cgi page in the OINKCODE field.MD5 |...
View ArticleClik here to view.
Razer Synapse rzpnk.sys ZwOpenProcess
A vulnerability exists in the latest version of Razer Synapse (v2.20.15.1104 as of the day of disclosure) which can be leveraged locally by a malicious application to elevate its privileges to those of...
View ArticleClik here to view.
Easy Chat Server User Registeration Buffer Overflow (SEH)
This Metasploit module exploits a buffer overflow during user registration in Easy Chat Server software.MD5 | ea660b80899722585fc2d5713b8b135fDownload### This module requires Metasploit:...
View ArticleClik here to view.
Oracle Web Center 11.1.1.9.0 / 12.2.1.1.0 / 12.2.1.2.0 XSS
Oracle Web Center versions 11.1.1.9.0, 12.2.1.1.0, and 12.2.1.2.0 suffer from a cross site scripting vulnerability.MD5 | 1e3f00f41f33004fa4e281208e66410bDownloadOracle Web Center...
View ArticleClik here to view.
MAWK 1.3.3-17 Buffer Overflow
MAWK versions 1.3.3-17 and below are susceptible to a stack-based buffer overflow vulnerability.MD5 | f76cf831d1aaa6799ae5841ed1ae6276Download#!/usr/bin/python# Developed using Exploit Pack -...
View ArticleClik here to view.
REDDOXX Appliance Undocumented Administrative Service Account
RedTeam Pentesting discovered an undocumented service account in the REDDOXX appliance software, which allows attackers to access the administrative interface of the appliance and change its...
View ArticleClik here to view.
REDDOXX Appliance Unauthenticated Access
RedTeam Pentesting discovered a vulnerability which allows attackers unauthenticated access to the diagnostic functions of the administrative interface of the REDDOXX appliance. The functions allow,...
View ArticleClik here to view.
REDDOXX Appliance Remote Command Execution
RedTeam Pentesting discovered a remote command execution vulnerability in the REDDOXX appliance software, which allows attackers to execute arbitrary command with root privileges while unauthenticated....
View ArticleClik here to view.
WebKit JSC arrayProtoFuncSplice Uninitiailzed Memory Reference
WebKit JSC suffers from an uninitialized memory reference in arrayProtoFuncSplice.MD5 | 61302137db1706d8e9bb703e1fa8e6bbDownloadWebKit: JSC: uninitialized memory reference in arrayProtoFuncSplice...
View ArticleClik here to view.
WebKit JSC Incorrect Scope Register Handling
WebKit suffers from a JSC incorrect scope register handling in DFG::ByteCodeParser::flush(InlineStackEntry* inlineStackEntry).MD5 | 8ee249918143ed15fd4a0095efcb75b7Download WebKit: JSC: Incorrect scope...
View ArticleClik here to view.
WebKit JSC JSArray::appendMemcpy Uninitialized Memory Copy
WebKit suffers from a JSC JSArray::appendMemcpy uninitialized memory copy vulnerability.MD5 | fdfb04b663dc8d80c76b553252701587Download WebKit: JSC: JSArray::appendMemcpy uninitialized memory copy...
View ArticleClik here to view.
MEDHOST Connex Hard-Coded Credentials
MEDHOST Connex suffers from having hard-coded credentials that are used for customer database access.MD5 | 4060ece78c50b2cf07b1ff050beb19bdDownloadOverview------------MEDHOST Connex for all versions...
View ArticleClik here to view.
WebKit JSC JSObject::putInlineSlow / JSValue::putToPrimitive XSS
WebKit JSC JSObject::putInlineSlow and JSValue::putToPrimitive suffer from a universal cross site scripting vulnerability.MD5 | da248021643aa56bbe3143261555b3ceDownloadWebKit: JSC: UXSS via...
View ArticleClik here to view.
WebKit WebCore::Node::nextSibling Use-After-Free
WebKit suffers from a WebCore::Node::nextSibling use-after-free vulnerability.MD5 | c8f489da13b7b258afa1030ba904ea43DownloadWebKit: use-after-free in WebCore::Node::nextSibling CVE-2017-7039There is a...
View ArticleClik here to view.
WebKit WebCore::getCachedWrapper Use-After-Free
WebKit suffers from a WebCore::getCachedWrapper use-after-free vulnerability.MD5 | 3a6a7d8569e29c1fb12610c995fbb00fDownload WebKit: use-after-free in WebCore::getCachedWrapper CVE-2017-7040There is a...
View ArticleClik here to view.
WebKit WebCore::Node::getFlag Use-After-Free
WebKit suffers from a WebCore::Node::getFlag use-after-free vulnerability.MD5 | f406ef3e1b6958dc221da9cb7f623349Download WebKit: use-after-free in WebCore::Node::getFlag CVE-2017-7041There is a...
View ArticleClik here to view.
WebKit WebCore::InputType::element Use-After-Free
WebKit suffers from a WebCore::InputType::element use-after-free vulnerability.MD5 | 84bb52539cff54ae0d806d9a294724dcDownload WebKit: use-after-free in WebCore::InputType::element CVE-2017-7042There is...
View Article