Zero day remote root exploit for IntelliNet version 2.0. It affects multiple devices of AES Corp and Siemens. The exploit provides a remote shell and escalates your permissions to full root permissions by abusing exec_suid. No authentication needed at all, neither any interaction from the victim. The firmware affected by this exploit runs on fire alarms, burglar sensors and environmental devices, all on the internet, all vulnerable, no patch. Full control over hardware and software with no restrictions, you can manipulate battery voltage and even damage the hardware with unknown outcomes.
03f6a27dff52d1325441a14044dae92e43735378844d284aa4a56aa28a72abe1
This Metasploit module exploits a vulnerability in the native browser that comes with Android 4.0.3. If successful, the browser will crash after viewing the webpage.
ed9f536506a6fbec4e357c8ba0d4fba05c0f9f3e72f96d8657a24235f3ca4bda
Google Chrome version 115.0.5790.102 WebGPU use-after-free memory corruption proof of concept exploit.
8d8a37ec6a9723c095e854941ee699a99d052bf1885ef10eb39b13deb719ce3d
HospitalRun version 1.0.0-beta local root exploit for macOS.
5974878a49f1ebd87d13c459e69f6e25119f1ca212ec3fb8f6659b619d908c93
Apple Motion version 5.0.7 suffers from an integer overflow overflow vulnerability.
91c40a0f5210a72956be6cab5d6bbc2cbf117ff75e22221cb0d96af1905ecbb3
Microsoft Internet Explorer 9.x suffers from a remote stack exhaustion vulnerability.
d92f15f413457c5e0e27867c732c549570fd1dd935370f20ae2973bbf1b93532
DIMIN Viewer version 5.4.0 suffers from a WriteAV arbitrary code execution vulnerability.
01eb0894eaac986c3fff401ab886352e284216e0434a731c389a76a82a94fefb
FreeVimager version 4.1.0 suffers from a WriteAV arbitrary code execution vulnerability.
35e5e13d2e82922d649ad92142ac0d02c9c0e530b0e24f4a78b0a544ce6ef7ab
Android version 4.0.3 web browser remote crash denial of service exploit.
d1c6e6c912e743baafc08008ef615c03e7b268b06b54c466a1b4fa9346a0327e
Internet Explorer 9 suffers from a memory corruption vulnerability.
c4c37c1e9cf32f20d009dfc9a5dcce5b053e048c72ba248cb5450adabed3c630
Internet Explore 9 suffers from a cross site scripting filter bypass vulnerability.
7efa996042e8eed00bc79381471e8b40fc3c777a09a054edbce6d231f7849cde
Microsoft Office Excel ReadAV arbitrary code execution exploit.
4f183637725018f93e56bfb644917918cb8b9b41e1b0740342746d362b3ada27
VLC Player version 2.0.3 suffers from a ReadAV arbitrary code execution vulnerability.
b8d9e4b0937d2e4052d917d3fa45e638484b85c6cfa01eb95f048b90e9486e2f
This Metasploit module exploits a vulnerability found in PhpTax, an income tax report generator. When generating a PDF, the icondrawpng() function in drawimage.php does not properly handle the pfilez parameter, which will be used in a exec() statement, and then results in arbitrary remote code execution under the context of the web server. Please note: authentication is not required to exploit this vulnerability.
3ecd2777666a36e43ebd4979984a5196686b1b70e2c3ecf4ce15f5ace94c27d1
Arctic Torrent version 1.2.3 remote memory corruption denial of service exploit.
9172304714395a3f989c23b4c6fb9c5679590e4aa469b113717c0617e2230ff7
HCView WriteAV crash proof of concept exploit.
36cf1bb86989c1940b473b410af8ac6f68d4023aeef97b972a5c25cc34856979
FastStone Image Viewer version 4.6 suffers from an arbitrary code execution vulnerability.
4b66f73257ae013039d76fd10c358d59
Hardcorereview suffers from a WriteAV arbitrary code execution vulnerability.
6e8b830a697c7e0e850189baa7cc8e6be109d14d786eea51b618398858d95978
JPEGsnoop version 1.5.2 suffers from a WriteAV arbitrary code execution vulnerability.
a106a4b486db7909dcbee3661ab4941a5788b191b8246f580eb52671715d140f
PHPTax versions 0.8 and below remote code execution exploit. Written in Python.
86294030fd719aa799ec672577b9d00f4cb5ff09a5e758f0b04271418448dd6a
PhpTax version 0.8 suffers from a remote code execution vulnerability.
d0d6e0e1685582da24a6399ab9398b69b943a0fb2d14f8839ddf5d959307e3d4
Soapbox version 0.3.1 suffer from a local root code execution vulnerability.
fa6111f3bfe8c24bb8bf372dad0c191f2ae37919333b768bc405657c4799c826
Mieric AddressBook 1.0 suffers from a remote SQL injection vulnerability.
c96a18bbe493f7a2a6510549f9120ba123f913dc9c34eaceac64db2c62b35479
CommPort version 1.01 suffers from an authentication bypass vulnerability.
f452f7ccb48a60edc5d99a67b983276202b6fae18cf2d19313b49d3c85e0732c
CommPort version 1.01 suffers from a remote SQL injection vulnerability.
6721f54935455b70225444dccf2aed30092482422ee8ee5cc79fd86e61bd132e