>> CATEGORY: exploit

This Metasploit module will exploit SMB with vulnerabilities in MS17-010 to achieve a write-what-where primitive. This will then be used to overwrite the connection session information with as an Administrator…

systemd (systemd-tmpfiles) versions prior to 236 suffer from an fs.protected_hardlinks=0 local privilege escalation vulnerability.

Sprecher Automation SPRECON-E-C and PU-2433 versions prior to 8.49 suffer from directory traversal, missing authentication, broken authentication, and denial of service vulnerabilities.

Chromium suffers from a sandbox escape vulnerability via an exposed filesystem::mojom::Directory mojo interface in the catalog service.

IPSwitch MoveIt versions 8.1 through 9.4 suffer from a persistent cross site scripting vulnerability.

This Metasploit module exploits a weak access control check in the BMC Server Automation RSCD agent that allows arbitrary operating system commands to be executed without authentication. Note: Under Windows,…

This archive contains all of the 268 exploits added to Packet Storm in January, 2018.

HPE iMC version 7.3 suffers from an RMI java deserialization vulnerability.

Advantech WebAccess version 8.0-2015.08.16 suffers from a remote SQL injection vulnerability.

Arq version 5.10 suffers from a local privilege escalation vulnerability. Proof of concept 2 of 2.