In the macOS kernel, the XNU function wait_for_namespace_event() in bsd/vfs/vfs_syscalls.c releases a file descriptor for use by userspace but may then subsequently destroy that file descriptor using fp_free(), which unconditionally…
>> AUTHOR: deepcore
The Telerik UI for ASP.NET AJAX insecurely deserializes JSON objects in a manner that results in arbitrary remote code execution on the software’s underlying host.
This Metasploit module exploits two vulnerabilities to execute a command as an elevated user. The first (CVE-2019-1405) uses the UPnP Device Host Service to elevate to NT AUTHORITYLOCAL SERVICE. The…
Deutsche Bahn Ticket Vending Machine Local Kiosk – Privilege Escalation
FTP Navigator 8.03 – ‘Custom Command’ Denial of Service (SEH)
This Metasploit exploit module illustrates how a vulnerability could be exploited in a linux command for privilege escalation.
This Metasploit exploit module illustrates how a vulnerability could be exploited in a webapp.
OpenMRS is an open-source platform that supplies users with a customizable medical record system. There exists an object deserialization vulnerability in the webservices.rest module used in OpenMRS Platform. Unauthenticated remote…
Zendesk SweetHawk Survey version 1.6 suffers from a persistent cross site scripting vulnerability.
NopCommerce version 4.2.0 suffers from a privilege escalation vulnerability.