Home | Latest News | Popular News | Our Network | About | Contact
Latest Exploits | www.SecurityPhresh.com
Latest Exploits
Showing 'Latest Exploits' from 71 to 80
Playable 9.18 Script Insertion / Arbitrary File Upload
17th Apr 2020 [one month ago] from PacketStormSecurity
Playable version 9.18 for iOS suffers from script insertion and arbitrary file upload vulnerabilities.
Cisco IP Phone 11.7 Denial Of Service
17th Apr 2020 [one month ago] from PacketStormSecurity
Cisco IP Phone version 11.7 denial of service proof of concept exploit.
Easy MPEG To DVD Burner 1.7.11 Buffer Overflow
17th Apr 2020 [one month ago] from PacketStormSecurity
Easy MPEG to DVD Burner version 1.7.11 SEH buffer overflow exploit with DEP.
Microsoft Windows Unquoted Service Path Privilege Escalation
16th Apr 2020 [one month ago] from PacketStormSecurity
This Metasploit module exploits a logic flaw due to how the lpApplicationName parameter is handled. When the lpApplicationName contains a space, the file name is ambiguous. Take this file path as example: C:program fileshello.exe; The Windows...
Nexus Repository Manager 3.21.1-01 Remote Code Execution
16th Apr 2020 [one month ago] from PacketStormSecurity
This Metasploit module exploits a Java Expression Language (EL) injection in Nexus Repository Manager versions up to and including 3.21.1 to execute code as the Nexus user. Tested against 3.21.1-01.
TP-Link Archer A7/C7 Unauthenticated LAN Remote Code Execution
15th Apr 2020 [one month ago] from PacketStormSecurity
This Metasploit module exploits a command injection vulnerability in the tdpServer daemon (/usr/bin/tdpServer), running on the router TP-Link Archer A7/C7 (AC1750), hardware version 5, MIPS Architecture, firmware version 190726. The vulnerability...
Liferay Portal Java Unmarshalling Remote Code Execution
15th Apr 2020 [one month ago] from PacketStormSecurity
This Metasploit module exploits a Java unmarshalling vulnerability via JSONWS in Liferay Portal versions prior to 6.2.5 GA6, 7.0.6 GA7, 7.1.3 GA4, and 7.2.1 GA2 to execute code as the Liferay user. Tested against 7.2.0 GA1.
Git Credential Helper Protocol Newline Injection
15th Apr 2020 [one month ago] from PacketStormSecurity
A git clone action can leak cached / stored credentials for github.com to example.com due to insecure handling of newlines in the credential helper protocol.
Microsoft Windows SE_SERVER_SECURITY Security Descriptor Owner Privilege Escalation
15th Apr 2020 [one month ago] from PacketStormSecurity
In Microsoft Windows, by using the poorly documented SE_SERVER_SECURITY Control flag it is possible to set an owner different to the caller, bypassing security checks.
Microsoft Windows NtFilterToken ParentTokenId Incorrect Setting Privilege Escalation
15th Apr 2020 [one month ago] from PacketStormSecurity
Microsoft Windows suffers from an NtFilterToken ParentTokenId incorrect setting that allows for elevation of privileges.
« Newer 3 4 5 6 7 8 9 10 11 12 Older »