首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
热门关键字: shell  88888  art  vitter  vsserver
  当前位置:主页>安全文章>文章资料>Exploits>列表
NEC Univerge SV9100/SV8100 WebPro 10.0 Remote Configuration Download
  日期:2018-01-23 14:00:22 点击:6 评论:0
NEC Univerge SV9100/SV8100 WebPro 10.0 Remote Configuration DownloadVendor: NEC CorporationProduct web page: http://www.nec.comAffected version: WebPro =10.00 DSP Firmware Version: 12.11.00.02Summary: NEC's UNIVERGEA(r) SV9100 is the unified communi
Simple ASC CMS 1.2 Database Disclosure
  日期:2018-01-22 16:01:34 点击:2 评论:0
========================================================================| # Title : Simple ASC CMS 1.2 Database Disclosure Exploit| # Author : indoushka| # email : indoushka4ever@gmail.com| # Tested on : windows 8.1 FranASSais V.(Pro)| # Vendor : ht
PHPFreeChat 1.7 - Denial of Service
  日期:2018-01-22 16:00:22 点击:5 评论:0
# Exploit Title: phpFreeChat 1.7 and earlier - Denial of Service # Version: 1.7 and earlier # Date: 21/01/2018 # Vendor Homepage: http://www.phpfreechat.net # Software Link: http://www.phpfreechat.net/download # Exploit Author: A. Pakbaz # CVE : CVE-
macOS 10.13 (17A365) - Kernel Memory Disclosure due to Lack of Bounds Checking i
  日期:2018-01-22 15:59:32 点击:5 评论:0
/* AppleIntelCapriController::getDisplayPipeCapability reads an attacker-controlled dword value from a userclient structure input buffer which it uses to index a small array of pointers to memory to copy back to userspace. There is no bounds checking
Smiths Medical Medfusion 4000 - 'DHCP' Denial of Service
  日期:2018-01-19 15:13:42 点击:2 评论:0
#!/usr/bin/python3 PoC for MQX RTCS code execution via DHCP options overflow. This is just a quick hack to prove the vulnerability and was designed to run on a private network with the target device. import datetime import socket def main(): Use a de
glibc - 'getcwd()' Local Privilege Escalation
  日期:2018-01-19 15:10:53 点击:4 评论:0
/** This software is provided by the copyright owner as is and any * expressed or implied warranties, including, but not limited to, * the implied warranties of merchantability and fitness for a particular * purpose are disclaimed. In no event shall
Primefaces 5.x - Remote Code Execution (Metasploit)
  日期:2018-01-19 15:08:58 点击:4 评论:0
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::Tcp include Msf::
GitStack 2.3.10 Remote Code Execution
  日期:2018-01-19 15:08:11 点击:3 评论:0
# Exploit: GitStack 2.3.10 Unauthenticated Remote Code Execution# Date: 18.01.2018# Software Link: https://gitstack.com/# Exploit Author: Kacper Szurek# Contact: https://twitter.com/KacperSzurek# Website: https://security.szurek.pl/# Category: remot
Docker Sudo Privilege Escalation
  日期:2018-01-18 15:43:36 点击:4 评论:0
#!/bin/bash# SUDO Docker Privilege Escalation # https://github.com/pyperanger/dockerevil# SELINUX bypass using :z option# https://docs.docker.com/engine/admin/volumes/bind-mounts/#configure-the-selinux-labelecho [*] SUDO Docker Privilege Escalation;
Microsoft Edge Chakra JIT Loop Analysis Bug
  日期:2018-01-18 15:43:10 点击:3 评论:0
Microsoft Edge: Chakra: JIT: Loop analysis bug CVE-2018-0777Here's the PoC demonstrating OOB write.function opt(arr, start, end) { for (let i = start; i end; i++) { if (i === 10) { i += 0; // -- (a) } arr[i] = 2.3023e-320; }}function main() { let ar
Microsoft Edge Chakra JIT - Stack-to-Heap Copy
  日期:2018-01-18 15:42:33 点击:5 评论:0
/* If variables don't escape the scope, the variables can be allocated to the stack. However, there are some situations, such as when a bailout happens or accessing to arguments containing stack-allocated variables, where those variables should not e
Microsoft Edge Chakra - 'AsmJSByteCodeGenerator::EmitCall' Out-of-Bounds Read
  日期:2018-01-18 15:41:52 点击:3 评论:0
/* AsmJSByteCodeGenerator::EmitCall which is used to emit call insturctions doesn't check if an array identifier is used as callee. The method handles those invalid calls in the same way it handles valid calls such as arr[idx ...](). In these cases,
Microsoft Edge Chakra JIT - Out-of-Bounds Write
  日期:2018-01-18 15:41:07 点击:2 评论:0
// Here's the PoC demonstrating OOB write. function opt(arr, start, end) { for (let i = start; i end; i++) { if (i === 10) { i += 0; // -- (a) } arr[i] = 2.3023e-320; } } function main() { let arr = new Array(100); arr.fill(1.1); for (let i = 0; i 1
Microsoft Edge Chakra - Deferred Parsing Makes Wrong Scopes (2)
  日期:2018-01-18 15:40:34 点击:5 评论:0
/* Since the PoC is only triggerable when the DeferParse flag enabled and requires a with statement, I think this is simillar to issue 1310 . PoC: */ // Enable the flag using 'n'.repeat(0x1000) eval(`(function f() { with ({}) { (function () { print(
Microsoft Edge Chakra - Incorrect Scope Handling
  日期:2018-01-18 15:39:38 点击:4 评论:0
// PoC: (function func(arg = function () { print(func); // SetHasOwnLocalInClosure should be called for the param scope in the PostVisitFunction function. }()) { print(func); function func() { } })(); // Chakra fails to distinguish whether the functi
Microsoft Edge Chakra - 'JavascriptGeneratorFunction::GetPropertyBuiltIns' Type
  日期:2018-01-18 15:39:04 点击:3 评论:0
/* Here's a snippet of the method. bool JavascriptGeneratorFunction::GetPropertyBuiltIns(Var originalInstance, PropertyId propertyId, Var* value, PropertyValueInfo* info, ScriptContext* requestContext, BOOL* result) { if (propertyId == PropertyIds::l
Microsoft Edge Chakra JIT - Incorrect Bounds Calculation
  日期:2018-01-18 15:38:13 点击:4 评论:0
/* Let's start with comments in the GlobOpt::TrackIntSpecializedAddSubConstant method. // Track bounds for add or sub with a constant. For instance, consider (b = a + 2). The value of 'b' should track // that it is equal to (the value of 'a') + 2. Th
Seagate Personal Cloud - Multiple Vulnerabilities
  日期:2018-01-17 14:36:37 点击:4 评论:0
# SSD Advisory Seagate Personal Cloud Multiple Vulnerabilities ## Vulnerabilities summary The following advisory describes two (2) unauthenticated command injection vulnerabilities. Seagate Personal Cloud Home Media Storage is the easiest way to stor
D-Link DNS-325 ShareCenter 1.05B03 Shell Upload / Command Injection
  日期:2018-01-16 15:38:22 点击:18 评论:0
########################################################################### ,---.| | |---'|---.,---.,---.,---.|---.,---.,---.. .,---. | | || |`---.| || || || | |`---. ` ` '`---'`---'|---'` '`---'` `---'`---' | Phosphorus Cybersecurity, Inc. ########
Synology Photo Station 6.8.2-3461 - 'SYNOPHOTO_Flickr_MultiUpload' Race Conditio
  日期:2018-01-16 15:35:28 点击:2 评论:0
#!/usr/local/bin/python Synology Photo Station = 6.8.2-3461 (latest) SYNOPHOTO_Flickr_MultiUpload Race Condition File Write Remote Code Execution Vulnerability Found by: mr_me Tested: 6.8.2-3461 (latest at the time) Vendor Advisory: https://www.synol
共594页/11872条记录 首页 上一页 [1] [2] [3] 4 [5] [6] [7] 下一页 末页
  本月热点文章
·MS17-010 EternalRomance / Et
·Cisco ASA - Crash PoC
·D-Link DNS-325 ShareCenter 1
·Oracle WebLogic wls-wsat Com
·LabF nfsAxe 3.7 TFTP Client
·MikroTik RouterOS < 6.38.5 R
·AsusWRT Router < 3.0.0.4.380
·Trend Micro Threat Discovery
·RAVPower 2.000.056 - Root Re
·BMC Server Automation RSCD A
·GoAhead Web Server LD_PRELOA
·System Shield 5.0.0.136 - Pr
  本月推荐文章
 
  相关分类
  漏洞检测
  漏洞资料
  入侵实例
  系统安全
  网络安全
  网络基础
  病毒分析
Exploits
CopyRight © 2002-2018 VFocuS.Net All Rights Reserved