In Microsoft Windows, by using the poorly documented SE_SERVER_SECURITY Control flag it is possible to set an owner different to the caller, bypassing security checks.
>> AUTHOR: deepcore
This Metasploit module exploits a Java unmarshalling vulnerability via JSONWS in Liferay Portal versions prior to 6.2.5 GA6, 7.0.6 GA7, 7.1.3 GA4, and 7.2.1 GA2 to execute code as the…
A git clone action can leak cached / stored credentials for github.com to example.com due to insecure handling of newlines in the credential helper protocol.
This Metasploit module exploits a command injection vulnerability in the tdpServer daemon (/usr/bin/tdpServer), running on the router TP-Link Archer A7/C7 (AC1750), hardware version 5, MIPS Architecture, firmware version 190726. The…
The vulnerability laboratory core research team discovered multiple vulnerabilities in the official Playable v9.18 apple…
The vulnerability laboratory core research team discovered multiple cross site vulnerabilities in the TAO Open Source As…
VMware Fusion – USB Arbitrator Setuid Privilege Escalation (Metasploit)
TP-Link Archer A7/C7 – Unauthenticated LAN Remote Code Execution (Metasploit)
ThinkPHP – Multiple PHP Injection RCEs (Metasploit)
Liferay Portal – Java Unmarshalling via JSONWS RCE (Metasploit)