| Latest Exploits |
| Showing 'Latest Exploits' from 51 to 60|
| |ShoreTel / Mitel Connect ONSITE ST14.2 Remote Code Execution ShoreTel / Mitel Connect ONSITE ST14.2 suffers from a remote code execution vulnerability.
| |DoorGets CMS 7.0 File Download doorGets CMS version 7.0 suffers from a file download vulnerability.
| |Microsoft Windows .contact Arbitrary Code Execution This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious...
| |Microsoft Windows Net-NTLMv2 Reflection DCOM/RPC Privilege Escalation This Metasploit module utilizes the Net-NTLMv2 reflection between DCOM/RPC to achieve a SYSTEM handle for elevation of privilege. It requires a CLSID string.
| |Blueman Set_dhcp_handler D-Bus Privilege Escalation This Metasploit module attempts to gain root privileges by exploiting a Python code injection vulnerability in blueman versions prior to 2.0.3. The org.blueman.Mechanism.EnableNetwork D-Bus interface exposes the set_dhcp_handler function...
| |Microsoft Windows XmlDocument Insecure Sharing Privilege Escalation A number of Partial Trust Windows Runtime classes expose the XmlDocument class across process boundaries to less privileged callers which in its current form can be used to elevate privileges and escape the Edge Content LPAC sandbox.
| |Microsoft Windows RestrictedErrorInfo Unmarshal Section Handle Use-After-Free The WinRT RestrictedErrorInfo does not correctly check the validity of a handle to a section object which results in closing an unrelated handle which can lead to an elevation of privilege.
| |Streamworks Job Scheduler Release 7 Authentication Weakness Streamworks Job Scheduler Release 7 has all agents using the same X.509 certificates and keys issued by the vendor for authentication. The processing server component does not check received messages properly for authenticity. Agents installed...
| |WebKit JSC JIT Use-After-Free The doesGC function simply takes a node, and tells if it might cause a garbage collection. This function is used to determine whether to insert write barriers. But it is missing some cases such as StringCharAt, StringCharCodeAt and GetByVal...
| |OwnDMS 4.7 SQL Injection ownDMS version 4.7 suffers from a remote SQL injection vulnerability.
| « Newer 1 2 3 4 5 6 7 8 9 10 Older » |