| Latest Exploits |
| Showing 'Latest Exploits' from 11 to 20|
| |Microsoft Windows Task Scheduler .job Import Arbitrary DACL Write Microsoft Windows task scheduler .job import arbitrary DACL write proof of concept exploit.
| |FreeBSD Rtld Execl() Privilege Escalation This Metasploit module exploits a vulnerability in the FreeBSD run-time link-editor (rtld). The rtld unsetenv() function fails to remove LD_* environment variables if __findenv() fails. This can be abused to load arbitrary shared objects...
| |Mac OS X Feedback Assistant Race Condition This Metasploit module exploits a race condition vulnerability in Macs Feedback Assistant. A successful attempt would result in remote code execution under the context of root.
| |Shopware CreateInstanceFromNamedArguments PHP Object Instantiation This Metasploit module exploits a php object instantiation vulnerability that can lead to remote code execution in Shopware. An authenticated backend user could exploit the vulnerability. The vulnerability exists in the createInstanceFromNamedArguments...
| |XNU Stale Pointer Use-After-Free XNU suffers from a use-after-free vulnerability due to a stale pointer left by in6_pcbdetach.
| |Visual Voicemail For IPhone IMAP NAMESPACE Use-After-Free Visual Voicemail for iPhone suffers from a use-after-free vulnerability in IMAP NAMESPACE processing.
| |Darktrace Enterpise Immune System 3.0.9 / 3.0.10 Cross Site Request Forgery Darktrace Enterprise Immune System versions 3.0.9 and 3.0.10 contain multiple cross site request forgery vulnerabilities. It is highly likely that older versions are affected as well, but this has not been confirmed. An attacker can whitelist...
| |PHP PHP_INI_SYSTEM Ineffective Controls Security controls configured via php.ini directives at the PHP_INI_SYSTEM level are ineffective as they could be bypassed by malicious scripts via writing their own process memory on the Linux platform. Proof of concept code included.
| |Slims CMS Akasia 8.3.1 SQL Injection Slims CMS Akasia version 8.3.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
| |Convert Video JetAudio 8.1.7 Denial Of Service (PoC) Topic: Convert Video jetAudio 8.1.7 Denial of Service (PoC) Risk: Medium Text:# -*- coding: utf-8 -*- # Exploit Title: Convert Video jetAudio 8.1.7 - Denial of Service (PoC) # Date: 08/05/2019 # Author:...
| « Newer 1 2 3 4 5 6 7 8 9 10 Older » |