Exploit the possiblities
Showing 101 - 125 of 40,239 RSS Feed

Exploit Files

Microsoft Edge Chakra JIT Missing Integer Overflow Check
Posted Jan 11, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from a missing integer overflow check in Lowerer::LowerSetConcatStrMultiItem.

tags | exploit, overflow
advisories | CVE-2018-0758
MD5 | 65fafc5cbcfc312f3b6de6a81d4ce4c3
Polygonize PC 1.1 Remote Command Execution
Posted Jan 11, 2018
Authored by indoushka

Polygonize PC version 1.1 suffers from a remote command execution vulnerability.

tags | exploit, remote
MD5 | 7c73f4a69f6242e7dc14c93875b326b5
HPE iMC dbman RestoreDBase Unauthenticated Remote Command Execution
Posted Jan 10, 2018
Authored by Chris Lyne, sztivi | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Hewlett Packard Enterprise Intelligent Management Center before version 7.3 E0504P04. The dbman service allows unauthenticated remote users to restore a user-specified database (OpCode 10007), however the database connection username is not sanitized resulting in command injection, allowing execution of arbitrary operating system commands as SYSTEM. This service listens on TCP port 2810 by default. This Metasploit module has been tested successfully on iMC PLAT v7.2 (E0403) on Windows 7 SP1 (EN).

tags | exploit, remote, arbitrary, tcp
systems | windows, 7
advisories | CVE-2017-5817
MD5 | 252d40a332488ae10b75261fe5cefc7d
HPE iMC dbman RestartDB Unauthenticated Remote Command Execution
Posted Jan 10, 2018
Authored by Chris Lyne, sztivi | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Hewlett Packard Enterprise Intelligent Management Center before version 7.3 E0504P04. The dbman service allows unauthenticated remote users to restart a user-specified database instance (OpCode 10008), however the instance ID is not sanitized, allowing execution of arbitrary operating system commands as SYSTEM. This service listens on TCP port 2810 by default. This Metasploit module has been tested successfully on iMC PLAT v7.2 (E0403) on Windows 7 SP1 (EN).

tags | exploit, remote, arbitrary, tcp
systems | windows, 7
advisories | CVE-2017-5816
MD5 | 5919ea7fa37b5b123d15780fb9eca50b
Spring Jackson-Databind Default Typing Issue
Posted Jan 10, 2018
Authored by Imre Rad

Proof of concept that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions.

tags | exploit, proof of concept
advisories | CVE-2017-17485, CVE-2017-7525
MD5 | bd94dd448499d73f15b54018b06b7f7f
Microsoft Windows Local XPS Print Spooler Sandbox Escape
Posted Jan 10, 2018
Authored by James Forshaw, Google Security Research

The Microsoft Windows local print spooler can be abused to create an arbitrary file from a low privilege application including one in an AC as well as a typical Edge LPAC CP leading to elevation of privilege.

tags | exploit, arbitrary, local
systems | windows
MD5 | f9c76875d1743262b2802cf76e9e7f56
Microsoft Edge Chakra JIT Escape Analysis Bug
Posted Jan 10, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra fails to detect if "tmp" escapes the scope, allocates it to the stack. This may lead to dereference uninitialized stack values.

tags | exploit
advisories | CVE-2017-11918
MD5 | f49a75546e986ccb23882860abd5f185
Microsoft Windows Kernel nt!NtQuerySystemInformation Memory Disclosure
Posted Jan 10, 2018
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel pool suffers from a memory disclosure in nt!NtQuerySystemInformation (information class 138, QueryMemoryTopologyInformation).

tags | exploit, kernel
systems | windows
advisories | CVE-2018-0746
MD5 | b620b4ff52f8487fa112c32d8993da4c
Microsoft Windows Kernel nt!NtQueryInformationProcess Stack Memory Disclosure
Posted Jan 10, 2018
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a stack memory disclosure in nt!NtQueryInformationProcess (information class 76, QueryProcessEnergyValues).

tags | exploit, kernel
systems | windows
advisories | CVE-2018-0745
MD5 | 705f77a5bfdb76b806fe73449ba102a5
Android ashmem Race Condition
Posted Jan 10, 2018
Authored by Google Security Research, laginimaineb

The Android MemoryIntArray class allows processes to share an in-memory array of integers backed by an "ashmem" file descriptor. As the class implements the Parcelable interface, it can be inserted into a Parcel, and optionally placed in a Bundle and transferred via binder to remote processes.

tags | exploit, remote
advisories | CVE-2017-13216
MD5 | dcf0633cc886152f7601ff53e754aa73
Microsoft Edge Chakra JIT asm.js Out-Of-Bounds Read
Posted Jan 10, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from an out-of-bounds read in asm.js.

tags | exploit
advisories | CVE-2017-11911
MD5 | 0ad7db805f5e80c2d07d8d3efece99ce
Microsoft Edge Chakra JIT BackwardPass::RemoveEmptyLoopAfterMemOp Failed Insert
Posted Jan 10, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT has an issue where BackwardPass::RemoveEmptyLoopAfterMemOp does not insert branches.

tags | exploit
advisories | CVE-2017-11909
MD5 | dc948f248dc2d2bfd1f170d86c25f83c
Microsoft Edge Chakra JIT Op_MaxInAnArray / Op_MinInAnArray Misuse
Posted Jan 10, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT has an issue where Op_MaxInAnArray and Op_MinInAnArray Misuse can explicitly call user defined JavaScript functions.

tags | exploit, javascript
advisories | CVE-2017-11893
MD5 | 077ed40c3d16dd77486c3f7c155974d8
CPU Speculative Execution Information Leak
Posted Jan 10, 2018
Authored by Jann Horn, Google Security Research

An information leak using speculative execution exists in CPUs by Intel, AMD, and to some extent, ARM.

tags | exploit
MD5 | b69690cdd34a7503e0457b6da3b6cd0e
Commvault Communications Service (cvd) Command Injection
Posted Jan 9, 2018
Authored by b0yd | Site metasploit.com

This Metasploit module exploits a command injection vulnerability discovered in Commvault Service v11 SP5 and earlier versions (tested in v11 SP5 and v10). The vulnerability exists in the cvd.exe service and allows an attacker to execute arbitrary commands in the context of the service. By default, the Commvault Communications service installs and runs as SYSTEM in Windows and does not require authentication. This vulnerability was discovered in the Windows version. The Linux version wasn't tested.

tags | exploit, arbitrary
systems | linux, windows
MD5 | 8f74d3dcfffa4afce969d6065128dfad
Synology PhotoStation 6.7.2-3429 SQL Injection / File Disclosure
Posted Jan 9, 2018
Authored by James Bercegay | Site gulftech.org

Synology PhotoStation versions 6.7.2-3429 and below suffer from file disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 83195bb339c2ac6977f6130a5414402a
Synology PhotoStation 6.7.2-3429 Remote Root
Posted Jan 9, 2018
Authored by James Bercegay | Site metasploit.com

This Metasploit module exploits multiple vulnerabilities in Synology PhotoStation. When combined these issues can be leveraged to gain a remote root shell.

tags | exploit, remote, shell, root, vulnerability
MD5 | b4f5208c794052067b20c6cf8801580a
Yawcam 0.6.0 Directory Traversal
Posted Jan 9, 2018
Authored by David Panter

Yawcam versions 0.2.6 through 0.6.0 suffer from a directory traversal vulnerability.

tags | exploit
advisories | CVE-2017-17662
MD5 | 8b2ff035a9acdb60012023f99d73de9a
VX Search Enterprise 10.1.12 Denial Of Service
Posted Jan 9, 2018
Authored by Ahmad Mahfouz

VX Search Enterprise version 10.1.12 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2017-15662
MD5 | 108fb6491d1696b262e5da416645d1de
Disk Pulse Enterprise 10.1.18 Denial Of Service
Posted Jan 9, 2018
Authored by Ahmad Mahfouz

Disk Pulse Enterprise version 10.1.18 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2017-15663
MD5 | 9de19f1754253002aaabb3275205a48b
Sync Breeze Enterprise 10.1.16 Denial Of Service
Posted Jan 9, 2018
Authored by Ahmad Mahfouz

Sync Breeze Enterprise version 10.1.16 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2017-15664
MD5 | 8434d980acd60c5efde73d1eb84cf0bd
DiskBoss Enterprise 8.5.12 Denial Of Service
Posted Jan 9, 2018
Authored by Ahmad Mahfouz

DiskBoss Enterprise version 8.5.12 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2017-15665
MD5 | 661234612264e4c4abf1b234d80d1d82
Vanilla Forums Cross Site Request Forgery
Posted Jan 9, 2018
Authored by Anand Meyyappan

Vanilla Forums versions prior to 2.1.5 suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2017-1000432
MD5 | 07788708ade7a4b68433038c99e7fc93
AvantFAX 3.3.3 Cross Site Scripting
Posted Jan 9, 2018
Authored by Nassim Asrir

AvantFAX version 3.3.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2017-18024
MD5 | 69a0b3a925460eb10e462a381d348d2a
Office Tracker 11.2.5 Cross Site Scripting
Posted Jan 9, 2018
Authored by Nassim Asrir

Office Tracker version 11.2.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2017-18023
MD5 | a458952c5d53a047d2ebccfe52183690
Page 5 of 1,610
Back34567Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    24 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    5 Files
  • 21
    Jan 21st
    1 Files
  • 22
    Jan 22nd
    15 Files
  • 23
    Jan 23rd
    12 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close