Wieland wieplan 4.1 Document Parsing Java Code Execution Using XMLDecoder Vendor: Wieland Electric GmbH Product web page: http://www.wieland-electric.com Affected version: 4.1 (Build 9) Summary: Your new software for the configuration of Wieland term
## ## This module requires Metasploit: http://metasploit.com/download ## Current source: https://github.com/rapid7/metasploit-framework ### require 'msf/core' class Metasploit3 Msf::Exploit::Remote include Msf::Exploit::Remote::Telnet include Msf::Ex
/* Source: https://github.com/koczkatamas/CVE-2016-0051 Proof-of-concept BSoD (Blue Screen of Death) code for CVE-2016-0051 (MS-016). Full Proof of Concept: https://github.com/koczkatamas/CVE-2016-0051/archive/master.zip https://github.com/offensive-
''' Oracle 9i XDB FTP PASS Overflow (win32) Ported to python from the Metasploit oracle9i_xdb_ftp_pass.rb exploit Original exploit: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/ftp/oracle9i_xdb_ftp_pass.rb Desc
# Program affected: yTree - File manager for terminals v1.94-1.1 # Description: yTree is prone to a stack-based overflow, an attacker could exploit # this issue to execute arbitrary code in the context of the application. # Failed exploit attempts w
/* Source: https://code.google.com/p/google-security-research/issues/detail?id=511 Method 5 of the IOHDIXController user client is createDrive64. This takes a 0x100 byte structure input from which it reads a userspace pointer and a size which it pass
/* Source: https://code.google.com/p/google-security-research/issues/detail?id=512 IOUserClient::connectClient is an obscure IOKit method which according to the docs is supposed to Inform a connection of a second connection. In fact IOKit provides no
/* Source: https://code.google.com/p/google-security-research/issues/detail?id=543 NKE control sockets are documented here: https://developer.apple.com/library/mac/documentation/Darwin/Conceptual/NKEConceptual/control/control.html By default there ar
/* Source: https://code.google.com/p/google-security-research/issues/detail?id=553 The mach voucher subsystem fails to correctly handle spoofed no-more-senders messages. ipc_kobject_server will be called for mach messages sent to kernel-owned mach po
/* Source: https://code.google.com/p/google-security-research/issues/detail?id=562 Opening userclient type 12 of IOSCSIPeripheralDeviceType00 leads to an exploitable kernel NULL dereference. Tested on OS X 10.11 ElCapitan (15a284) on MacBookAir5,2 */
/* Source: https://code.google.com/p/google-security-research/issues/detail?id=580 The hv_space lock group gets an extra ref dropped when you kill a process with an AppleHV userclient; one via IOService::terminateWorker calling the AppleHVClient::fre
