ETERNALBLUE is an SMBv1 remote unauthenticated zero day exploit that works on 2008 R2. Note that this exploit is part of the recent public disclosure from the “Shadow Brokers” who…
>> CATEGORY: exploit
context: https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation writeup: https://www.trustedsec.com/blog/equation-group-dump-analysis-full-rce-win7-fully-patched-cobalt-strike/ decrypted files: https://github.com/x0rz/EQGRP_Lost_in_Translation 750BTC: https://bit.surf:43110/theshadowbrokers.bit/page/windows/ if its up
This Metasploit module exploits an unauthenticated command injection in Alienvault USM/OSSIM versions 5.3.4 and 5.3.5. The vulnerability lies in an API function that does not check for authentication and then…
Agorum Core Pro version 7.8.1.4-251 suffers from an XML external entity injection vulnerability.
Agorum Core Pro version 7.8.1.4-251 suffers from a reflective cross site scripting vulnerability.
concrete5 version 8.1.0 suffers from a host header injection vulnerability.
Multiple bugs have been discovered in the implementation of the win32k!NtGdiGetDIBitsInternal system call, which is a part of the graphic subsystem in all modern versions of Windows. The issues can…
The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32kfull!SfnINLPUAHDRAWMENUITEM.
uc-httpd is an HTTP daemon used by a wide array of IoT devices and is vulnerable to local file inclusion and directory traversal bugs.
This Metasploit module exploits a buffer overflow vulnerability found in the ACCT command of the PCMAN FTP version 2.0.7 Server. This requires authentication but by default anonymous credentials are enabled.