>> CATEGORY: exploit

Citrix Gateway versions 11.1, 12.0, and 12.1 suffer from a cache poisoning vulnerability.

Citrix Gateway versions 11.1, 12.0, and 12.1 suffer from a caching bypass vulnerability.

Proof of concept crash exploit for pppd versions 2.4.2 through 2.4.8. It leverages a rhostname buffer overflow in the eap_request and eap_response functions in eap.c.

This tool can be used to exploit vulnerable versions of RichFaces. It has payloads for 4 vulnerabilities that have been identified, which can lead to remote code execution via java…

This Metasploit module exploits an issue in Google Chrome version 80.0.3987.87 (64 bit). The exploit corrupts the length of a float array (float_rel), which can then be used for out…

This Metasploit module exploits an out-of-bounds read of an attacker-controlled string in OpenSMTPD’s MTA implementation to execute a command as the root or nobody user, depending on the kind of…

netkit-telnet version 0.17 telnetd on Fedora 31 BraveStarr remote code execution exploit.

This Metasploit module exploits an issue in Chrome version 73.0.3683.86 (64 bit). The exploit corrupts the length of a float in order to modify the backing store of a typed…

This Metasploit modules exploits a type confusion in Google Chrome’s JIT compiler. The Object.create operation can be used to cause a type confusion between a PropertyArray and a NameDictionary. The…

This Metasploit module exploits an underflow vulnerability in PHP-FPM versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 of PHP-FPM on Nginx. Only servers with certain Nginx +…