Microsoft Windows allows for the automatic loading of a profiling COM object during the launch of a CLR process based on certain environment variables ostensibly to monitor execution. In this case, the authors abuse the profiler by pointing to a payload DLL that will be launched as the profiling thread. This thread will run at […]
Xorg X11 Server – Local Privilege Escalation (Metasploit)
Tags:
0day,
remote exploit
Pulse Secure VPN – Arbitrary Command Execution (Metasploit)
Tags:
0day,
remote exploit
Bludit – Directory Traversal Image File Upload (Metasploit)
Tags:
0day,
remote exploit
FreeSWITCH – Event Socket Command Execution (Metasploit)
Tags:
0day,
remote exploit
FusionPBX – Operator Panel exec.php Command Execution (Metasploit)
Tags:
0day,
remote exploit
Windows – Escalate UAC Protection Bypass (Via Shell Open Registry Key) (Metasploit)
Tags:
0day,
remote exploit
Windows – Escalate UAC Protection Bypass (Via dot net profiler) (Metasploit)
Tags:
0day,
remote exploit
iOS 12.4 – Sandbox Escape due to Integer Overflow in mediaserverd
Tags:
0day,
remote exploit
Ubuntu 19.10 – Refcount Underflow and Type Confusion in shiftfs
Tags:
0day,
remote exploit