Microsoft Windows 10 BasicRender.sys – Denial of Service (PoC)
>> ARCHIVE: 2019-12
Microsoft Windows 10 BasicRender.sys – Denial of Service (PoC)
XnView version 2.49.1 suffers from a denial of service vulnerability.
AVS Audio Converter version 9.1 suffers from a buffer overflow vulnerability.
Rumpus FTP Web File Manager version 8.2.9.1 suffers from a cross site scripting vulnerability.
The Telerik UI for ASP.NET AJAX insecurely deserializes JSON objects in a manner that results in arbitrary remote code execution on the software’s underlying host.
In the macOS kernel, the XNU function wait_for_namespace_event() in bsd/vfs/vfs_syscalls.c releases a file descriptor for use by userspace but may then subsequently destroy that file descriptor using fp_free(), which unconditionally…
This Metasploit module exploits two vulnerabilities to execute a command as an elevated user. The first (CVE-2019-1405) uses the UPnP Device Host Service to elevate to NT AUTHORITYLOCAL SERVICE. The…
FTP Navigator 8.03 – ‘Custom Command’ Denial of Service (SEH)
Deutsche Bahn Ticket Vending Machine Local Kiosk – Privilege Escalation
This Metasploit exploit module illustrates how a vulnerability could be exploited in a linux command for privilege escalation.