ipPulse version 1.92 suffers from an Enter Key denial of service vulnerability.
516720de62a4544f73c1db153fcf6f81OpenNetAdmin version 18.1.1 suffers from a remote code execution vulnerability.
b78ce6ccdab3eb00a716398e6fcf7e4fMicrosoft Windows allows for the automatic loading of a profiling COM object during the launch of a CLR process based on certain environment variables ostensibly to monitor execution. In this case, the authors abuse the profiler by pointing to a payload DLL that will be launched as the profiling thread. This thread will run at the permission level of the calling process, so an auto-elevating process will launch the DLL with elevated permissions. In this case, they use gpedit.msc as the auto-elevated CLR process, but others would work, too.
465589077d4444936024dfe8a99d25c1scadaApp for iOS version 1.1.4.0 suffers from a denial of service vulnerability.
ff85010e64b7dc5aa39cebf3d96e416aCentova Cast version 3.2.12 denial of service proof of concept exploit.
7d2b1421b9153e8e920109091a56d827Studio 5000 Logix Designer version 30.01.00 suffers from an unquoted service path vulnerability.
9f0dbfc3b3eee08dce605d2ff9bd6240XMedia Recode version 3.4.8.6 suffers from a denial of service vulnerability.
e1b5cb9ed05d8580baf8dede64d61ce9Microsoft Windows 7 (x86) BlueKeep remote desktop protocol windows kernel use-after-free exploit.
2c3d703bbfbb24401c0d36420ac618d0BartVPN version 1.2.2 suffers from a BartVPNService unquoted service path vulnerability.
6e89cac93c8e77ebd174c47999311c35This Metasploit module will bypass Windows UAC by hijacking a special key in the Registry under the current user hive, and inserting a custom command that will get invoked when Windows backup and restore is launched. It will spawn a second shell that has the UAC flag turned off. This module modifies a registry key, but cleans up the key once the payload has been invoked.
4f1cab9439a2a2fee0bb0c73a655df7dCentova Cast versions 3.2.11 and below suffer from an arbitrary file download vulnerability.
06295d9b498967fba1d7e043f6b5e745MobileGo version 8.5.0 suffers from an insecure file permission vulnerability.
01b469607a40a0f08aba37d07b840883nipper-ng version 0.11.10 suffers from a remote buffer overflow vulnerability.
d4babeb02a84d1101e6c163b25b3b907TemaTres version 3.0 suffers from a persistent cross site scripting vulnerability.
6f25a6e1c11e44890bac7aca68f875aeFoscam Video Management System version 1.1.4.9 username denial of service proof of concept exploit.
f4ed71a0cf156255d4e06a58ba562112TemaTres version 3.0 suffers from a cross site request forgery vulnerability.
e8b3eeba117e93d31065972e40d48400Crystal Live HTTP Server version 6.01 suffers from a directory traversal vulnerability.
9d4260e2999b76e3021c14066da0c499Open Proficy HMI-SCADA version 5.0.0.25920 suffers from a denial of service vulnerability.
64ca0afe85c1b214c34f0f0c11041be0Lexmark Services Monitor version 2.27.4.0.39 suffers from a directory traversal vulnerability.
46bf6a48051d0bf2f840e83e3f1f6cbbASUS HM Com Service version 1.00.31 suffers from an unquoted service path vulnerability.
31437721397cd7ab5ed7a866bcf4174eEmerson PAC Machine Edition version 9.70 build 8595 suffers from an unquoted service path vulnerability.
4104203b4fbc0492e2def98177a6c68fNCP_Secure_Entry_Client version 9.2 suffers from multiple unquoted service path vulnerabilities.
9739ded1d46fec83cc8bd382b852a350iSmartViewPro version 1.3.34 suffers from a denial of service vulnerability.
e7e4dac447b9ef691456dcc0b51eaee4FreeRadius versions 3.0.19 and below suffer from a privilege escalation vulnerability via insecure logrotate use.
38f7cd44ce6153a2cf84f8f2f5819066Raritan CommandCenter Secure Gateway versions prior to 8.0.0 suffer from a cross site scripting vulnerability.
a71df70e983939b7c7a0b9688e5bed94
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed