安全文章 / 文章资料 / Exploits

首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

热门关键字：　shell 　88888 　art 　vitter 　linux

		当前位置：主页>安全文章>文章资料>Exploits>列表


	Microsoft MsMpEng - Multiple Problems Handling ntdll!NtControlChannel Commands
	日期：2017-05-31 17:44:25 点击：51 评论：0
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1260 MsMpEng includes a full system x86 emulator that is used to execute any untrusted files that look like PE executables. The emulator runs as NT AUTHORITYSYSTEM and isn't sandboxed


	JAD java Decompiler 1.5.8e - Local Buffer Overflow
	日期：2017-05-31 17:43:42 点击：26 评论：0
#!/usr/bin/python # Exploit Author: Juan Sacco juan.sacco@kpn.com at KPN Red Team - http://www.kpn.com # Developed using Exploit Pack - http://exploitpack.com - jsacco@exploitpack.com # Tested on: GNU/Linux - Kali 2017.1 Release # # Description: JAD


	Sandboxie 5.18 - Local Denial of Service
	日期：2017-05-31 17:42:51 点击：23 评论：0
author = ''' ############################################## # Created: ScrR1pTK1dd13 # # Name: Greg Priest # # Mail: ScR1pTK1dd13.slammer@gmail.com # ############################################## # Exploit Title: Sandboxie version 5.18 local Dos Exp


	Mozilla Firefox < 53 - 'ConvolvePixel' Memory Disclosure
	日期：2017-05-31 17:41:57 点击：23 评论：0
!-- Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1185 Mozilla bug tracker link: https://bugzilla.mozilla.org/show_bug.cgi?id=1347617 There is an out of bound read leading to memory disclosure in Firefox. The vulnerability was con


	Mozilla Firefox < 53 - 'gfxTextRun' Out-of-Bounds Read
	日期：2017-05-31 17:40:40 点击：27 评论：0
!-- Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1160 Mozilla bug tracker link: https://bugzilla.mozilla.org/show_bug.cgi?id=1343552 There is an out-of-bounds read vulnerability in Firefox. The vulnerability was confirmed on the


	Skia Graphics Library - Heap Overflow due to Rounding Error in SkEdge::setLine
	日期：2017-05-31 17:39:52 点击：48 评论：0
/* Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1155 Skia bug: https://bugs.chromium.org/p/skia/issues/detail?id=6294 There is a heap overflow in SkARGB32_Shader_Blitter::blitH caused by a rounding error in SkEdge::setLine. To tr


	Apple Safari 10.0.3(12602.4.8) / WebKit - 'HTMLObjectElement::updateWidget' Univ
	日期：2017-05-31 17:38:58 点击：12 评论：0
!-- Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1120 When an object element loads a JavaScript URL(e.g., javascript:alert(1)), it checks whether it violate the Same Origin Policy or not. Here's some snippets of the logic. void H


	WebKit - Stealing Variables via Page Navigation in FrameLoader::clear
	日期：2017-05-31 17:36:27 点击：10 评论：0
!-- Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1162 void FrameLoader::clear(Document* newDocument, bool clearWindowProperties, bool clearScriptObjects, bool clearFrameView) { m_frame.editor().clear(); if (!m_needsClear) return;


	WebKit - enqueuePageshowEvent and enqueuePopstateEvent Universal Cross-Site Scri
	日期：2017-05-31 17:35:03 点击：22 评论：0
!-- Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1151 Here is a snippet of CachedFrameBase::restore which is invoked when cached frames are restored. void CachedFrameBase::restore() { ... for (auto childFrame : m_childFrames) { A


	WebKit - 'ContainerNode::parserRemoveChild' Universal Cross-Site Scripting
	日期：2017-05-31 17:34:11 点击：15 评论：0
!-- Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1134 Here's a snippet of ContainerNode::parserRemoveChild. void ContainerNode::parserRemoveChild(Node oldChild) { disconnectSubframesIfNeeded(*this, DescendantsOnly); ---- (a) ...


	Apple WebKit / Safari 10.0.3(12602.4.8) - 'Editor::Command::execute' Universal C
	日期：2017-05-31 17:31:41 点击：20 评论：0
!-- Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1133 Here's a snippet of Editor::Command::execute used to handle \|document.execCommand\|. bool Editor::Command::execute(const String parameter, Event* triggeringEvent) const { if (!


	Apple WebKit / Safari 10.0.3(12602.4.8) - 'WebCore::FrameView::scheduleRelayout'
	日期：2017-05-31 17:30:48 点击：54 评论：0
!-- Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1109 PoC: -- body script let f = document.body.appendChild(document.createElement('iframe')); let g = f.contentDocument.body.appendChild(document.createElement('iframe')); g.conten


	Samba 3.5.0 - Remote Code Execution
	日期：2017-05-31 17:27:33 点击：31 评论：0
#! /usr/bin/env python # Title : ETERNALRED # Date: 05/24/2017 # Exploit Author: steelo knownsteelo@gmail.com # Vendor Homepage: https://www.samba.org # Samba 3.5.0 - 4.5.4/4.5.10/4.4.14 # CVE-2017-7494 import argparse import os.path import sys impor


	Samba is_known_pipename() Arbitrary Module Load
	日期：2017-05-25 16:05:13 点击：120 评论：0
## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::DCERPC include


	Dup Scout Enterprise 9.7.18 - '.xml' Local Buffer Overflow
	日期：2017-05-25 16:03:27 点击：12 评论：0
author = ''' ############################################## # Created: ScrR1pTK1dd13 # # Name: Greg Priest # # Mail: ScR1pTK1dd13.slammer@gmail.com # ############################################## # Exploit Title: Dup Scout Enterprise v9.7.18 Import


	NetGain EM 7.2.647 build 941 - Authentication Bypass / Local File Inclusion
	日期：2017-05-25 16:02:21 点击：28 评论：0
''' # Exploit Title: Add User Account with Admin Privilege without Login Local File Inclusion # Date: 2017-05-21 # Exploit Author: f3ci # Vendor Homepage: http://www.netgain-systems.com # Software Link: http://www.netgain-systems.com/free-edition-dow


	KDE 4/5 - 'KAuth' Privilege Escalation
	日期：2017-05-24 14:20:00 点击：38 评论：0
// cc -Wall smb0k.c -pedantic -std=c11 // // smb4k PoC, also demonstrating broader scope of a generic kde // authentication bypass vulnerability // // (C) 2017 Sebastian Krahmer // #define _POSIX_C_SOURCE 200112L #include stdio.h #include fcntl.h #in


	VX Search Enterprise GET Buffer Overflow
	日期：2017-05-23 14:19:18 点击：33 评论：0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Remote Rank = GreatRanking include Msf::Exploit::Remote::Seh include Msf::Explo


	Sync Breeze Enterprise GET Buffer Overflow
	日期：2017-05-23 14:18:26 点击：22 评论：0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Remote Rank = GreatRanking include Msf::Exploit::Remote::Seh include Msf::Explo


	MediaWiki SyntaxHighlight Extension Option Injection
	日期：2017-05-23 14:17:21 点击：30 评论：0
### This module requires Metasploit: http://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule Msf::Exploit::Remote Rank = GoodRanking include Msf::Exploit::Remote::HttpClient def initiali

共637页/12733条记录首页上一页 [72] [73] [74] 75 [76] [77] [78] 下一页末页

本月热点文章

本月推荐文章

相关分类

Exploits

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved