首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
热门关键字: shell  88888  art  vitter  vsserver
  当前位置:主页>安全文章>文章资料>Exploits>列表
Microsoft Edge Chakra PushPopFrameHelper Incorrect Usage
  日期:2017-08-17 14:06:49 点击:4 评论:0
Microsoft Edge: Chakra: Incorrect usage of PushPopFrameHelper in InterpreterStackFrame::ProcessLinkFailedAsmJsModule CVE-2017-8646PushPopFrameHelper is a class that pushes the current stack frame object in its constructor and pops it in the destruct
Microsoft Edge Charka Failed Re-Parse
  日期:2017-08-17 14:05:32 点击:3 评论:0
Microsoft Edge: Chakra: InterpreterStackFrame::ProcessLinkFailedAsmJsModule incorrectly re-parses CVE-2017-8645When Chakra fails to link an asmjs module, it tries to re-parse the failed-to-link asmjs function to treat it as a normal javascript funct
Microsoft Edge Charka PreVisitCatch Missing Call
  日期:2017-08-17 14:04:15 点击:3 评论:0
Microsoft Edge: Chakra: PreVisitCatch doesnt call SetIsCatch for all cases CVE-2017-8656function trigger() { try { } catch (x) { var x = 1; } print(x);}trigger();When Chakra executes the above code, it declares two "x"s. One is only for the catch sco
Microsoft Edge CInputDateTimeScrollerElement::_SelectValueInternal Out-Of-Bounds
  日期:2017-08-17 14:03:09 点击:3 评论:0
Microsoft Edge: Out-of-bounds read in CInputDateTimeScrollerElement::_SelectValueInternal CVE-2017-8644The vulnerability has been confirmed on Windows 10 Enterprise 64-bit (OS version 1607, OS build 14393.1198) and Microsoft Edge 38.14393.1066.0, Mi
FreeBSD 10.3 Jail SHM Issue
  日期:2017-08-17 14:01:39 点击:3 评论:0
/******************************************************************************* * * AFFECTED PRODUCTS * * This issue affects FreeBSD from 7.0 to 10.3 included. * * * DESCRIPTION * * FreeBSD jail incompletely protects the access to the IPC primitives
Internet Download Manager 6.28 Build 17 - Buffer Overflow (SEH Unicode)
  日期:2017-08-16 15:15:16 点击:2 评论:0
#!/usr/bin/python # Exploit Title: Internet Download Manager 6.28 Build 17 - 'Find file' SEH Buffer Overflow (Unicode) # Date: 14-06-2017 # Exploit Author: f3ci # Tested on: Windows 7 SP1 x86 # How to exploit: Open IDM - Downloads - Find - paste expl
ALLPlayer 7.4 - Buffer Overflow (SEH Unicode)
  日期:2017-08-16 15:14:27 点击:2 评论:0
#!/usr/bin/python # Exploit Title: ALL Player v7.4 SEH Buffer Overflow (Unicode) # Version: 7.4 # Date: 15-08-2017 # Exploit Author: f3ci # Tested on: Windows 7 SP1 x86 head = http:// seh = x0fx47 #0x0047000f nseh = x61x41 #popad align junk = x4
Xamarin Studio for Mac 6.2.1 (build 3)/6.3 (build 863) - Privilege Escalation
  日期:2017-08-15 14:26:04 点击:5 评论:0
Source: https://www.securify.nl/advisory/SFY20170403/xamarin-studio-for-mac-api-documentation-update-affected-by-local-privilege-escalation.html Abstract Xamarin Studio is an Integrated Development Environment (IDE) used to create iOS, Mac and Andro
Tomabo MP4 Converter 3.19.15 - Denial of Service
  日期:2017-08-15 14:25:15 点击:4 评论:0
#!/usr/bin/python # Exploit Title: Tomabo MP4 Converter DOS # Date: 13/08/17 # Exploit Author: Andy Bowden # Vendor Homepage: http://www.tomabo.com/ # Software Link: http://www.tomabo.com/mp4-converter/index.html # Version: 3.19.15 # Tested on: Wind
Microsoft Edge textarea.defaultValue Memory Disclosure
  日期:2017-08-11 13:00:47 点击:3 评论:0
Microsoft Edge: textarea.defaultValue memory disclosure CVE-2017-8652There is a use-after free vulnerability in Microsoft Edge that can lead to memory disclosure. The vulnerability has been confirmed on Windows 10 Enterprise 64-bit (OS version 1607,
DALIM SOFTWARE ES Core 5.0 Build 7184.1 User Enumeration
  日期:2017-08-11 12:59:57 点击:3 评论:0
#!/usr/bin/env python### DALIM SOFTWARE ES Core 5.0 build 7184.1 User Enumeration Weakness### Vendor: Dalim Software GmbH# Product web page: https://www.dalim.com# Affected version: ES/ESPRiT 5.0 (build 7184.1)# (build 7163.2)# (build 7163.0)# (buil
Synology Photo Station 6.7.3-3432 / 6.3-2967 - Remote Code Execution
  日期:2017-08-09 14:14:49 点击:7 评论:0
''' Source: https://blogs.securiteam.com/index.php/archives/3356 Vulnerability details The remote code execution is a combination of 4 different vulnerabilities: Upload arbitrary files to the specified directories Log in with a fake authentication me
Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation (MS
  日期:2017-08-09 14:13:28 点击:5 评论:0
# E-DB Note: # + Source: https://github.com/sensepost/gdi-palettes-exp # + Binary: https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42432.exe #include Windows.h #include stdio.h #include winddi.h #include Psapi.h
Microsoft Windows - LNK Shortcut File Code Execution
  日期:2017-08-07 16:56:53 点击:10 评论:0
#!/usr/bin/python # -*- coding: utf-8 -*- # Title : CVE-2017-8464 | LNK Remote Code Execution Vulnerability # CVE : 2017-8464 # Authors : [ykoster, nixawk] # Notice : Only for educational purposes. # Support : python2 import struct def generate_SHELL
DNSTracer 1.9 - Buffer Overflow
  日期:2017-08-04 14:07:45 点击:5 评论:0
# Exploit Title: DNSTracer 1.9 - Buffer Overflow # Google Dork: [if applicable] # Date: 03-08-2017 # Exploit Author: j0lama # Vendor Homepage: http://www.mavetju.org/unix/dnstracer.php # Software Link: http://www.mavetju.org/download/dnstracer-1.9.ta
SMBLoris Denial Of Service
  日期:2017-08-03 18:31:31 点击:12 评论:0
PoC (runs under Linux): https://gist.github.com/marcan/6a2d14b0e3eaa5de1795a763fb58641e https://twitter.com/marcan42/status/892706927720808449 https://twitter.com/marcan42/status/892716247502082051 https://twitter.com/marcan42/status/892785957849645
Hashicorp vagrant-vmware-fusion 4.0.23 Local Root Privilege Escalation
  日期:2017-08-03 18:30:34 点击:6 评论:0
CVE-2017-11741 Local root privesc in Hashicorp vagrant-vmware-fusion = 4.0.232 Aug 2017 06:49A couple of weeks ago I disclosed a local root privesc in Hashicorp's vagrant-vmware-fusion plugin:https://m4.rkw.io/blog/cve20177642-local-root-privesc-in-
Solarwinds Kiwi Syslog 9.6.1.6 - Denial of Service
  日期:2017-08-03 18:29:47 点击:6 评论:0
# Exploit Title: Solarwinds Kiwi Syslog 9.6.1.6 - Remote Denial of Service (Type Mismatch) # Date: 26/05/2017 # Exploit Author: Guillaume Kaddouch # Twitter: @gkweb76 # Blog: https://networkfilter.blogspot.com # GitHub: https://github.com/gkweb76/exp
Nitro Pro PDF Reader 11.0.3.173 Remote Code Execution
  日期:2017-08-02 13:28:43 点击:8 评论:0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpServer::HTML i
Microsoft Windows LNK Shortcut File Code Execution
  日期:2017-08-02 13:27:16 点击:9 评论:0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework## class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::EXE attr_accessor :exploi
共572页/11433条记录 首页 上一页 [1] 2 [3] [4] [5] [6] [7] 下一页 末页
  本月热点文章
·Microsoft Internet Explorer
·Microsoft Edge Chakra Incorr
·SMBLoris Denial Of Service
·ManageEngine Desktop Central
·Microsoft Windows - LNK Shor
·VICIdial 2.9 RC 1 to 2.13 RC
·Microsoft Windows - LNK Shor
·Metasploit RPC Console Comma
·Microsoft Windows LNK Shortc
·Nitro Pro PDF Reader 11.0.3.
·Synology Photo Station 6.7.3
·Jenkins < 1.650 - Java Deser
  本月推荐文章
 
  相关分类
  漏洞检测
  漏洞资料
  入侵实例
  系统安全
  网络安全
  网络基础
  病毒分析
Exploits
CopyRight © 2002-2017 VFocuS.Net All Rights Reserved