>> ARCHIVE: 2016-10

Foxit Cloud Update Service suffers from an unquoted service path privilege escalation vulnerability.

Fitbit Connect Service suffers from an unquoted service path privilege escalation vulnerability.

Apache Tomcat versions 8, 7, and 6 suffer from a privilege escalation vulnerability on RedHat-based distros.

HP Client Automation remote command injection exploit that adds backdoor accounts and provides a reverse shell. Author tested on version 7.9 but believes it should also work on 8.1, 9.0,…

ZendStudio IDE version 13.5.1 suffers from a privilege escalation vulnerability.

Android devices can be crashed remotely forcing a halt and then a soft reboot by a MITM attacker manipulating assisted GPS/GNSS data provided by Qualcomm. This issue affects the open…

This Metasploit module attempts to exploit a debug backdoor privilege escalation in Allwinner SoC based devices.

This Metasploit module attempts to exploit CVE-2014-0038, by sending a recvmmsg system call with a crafted timeout pointer parameter to gain root. This exploit has offsets for 3 Ubuntu 13…

This Metasploit module generates a dynamic executable on the session host using .NET templates. Code is pulled from C

The vulnerability laboratory core research team discovered a RFC6749 Open Redirect Attack & Vulnerability in the Faceboo…