Proof of concept exploit code for the Linux Rowhammer DRAM privilege escalation vulnerability.
>> ARCHIVE: 2015-09
This Metasploit module exploits a SQL query functionality in ManageEngine EventLog Analyzer v10.6 build 10060 and previous versions. Every authenticated user, including the default “guest” account can execute SQL queries…
WinRAR SFX version 5.21 suffers from a remote code execution vulnerability.
BisonWare BisonFTP version 3.5 suffers from a directory traversal vulnerability.
The latest version of the Vector.primitive length check in Flash 18,0,0,232 is not robust against memory corruptions such as heap overflows. While it is no longer possible to obviously bypass…
Centreon version 2.6.1 add administrator cross site request forgery exploit.
Photos in Wifi version 1.0.1 suffers from a remote shell upload vulnerability.
IconLover version 5.4.5 suffers from a stack buffer overflow vulnerability.
Centreon version 2.6.1 suffers from a command injection vulnerability. The POST parameter ‘persistant’ which serves for making a new service run in the background is not properly sanitized before being…
Vtiger CRM versions 6.3 and below suffer from an authenticated remote code execution vulnerability.