This Metasploit module exploits a buffer overflow in the LabF nfsAxe 3.7 FTP Client allowing remote code execution.
>> ARCHIVE: 2018-01
When creating a new file on an NTFS drive it’s possible to circumvent security checks for setting an arbitrary owner and mandatory label leading to a non-admin user setting those…
On Microsoft Windows, the check for an AC token when impersonating the anonymous token does not check impersonation token’s security level leading to impersonating a non-AC anonymous token leading to…
On Microsoft Windows, when impersonating the anonymous token in an LPAC the WIN://NOAPPALLPKG security attribute is ignored leading to impersonating a non-LPAC token leading to privilege escalation.
On Microsoft Windows, the SMB server drivers (srv.sys and srv2.sys) do not check the destination of a NTFS mount point when manually handling a reparse operation leading to being able…
Kentico CMS 11.0 – Buffer Overflow
Taxi Booking Script 1.0 – Cross-site Scripting
Xnami 1.0 – Cross-Site Scripting
PyroBatchFTP < 3.19 – Buffer Overflow
An information leak using speculative execution exists in CPUs by Intel, AMD, and to some extent, ARM.