>> CATEGORY: exploit

This Metasploit module exploits a vulnerability in the rds_page_copy_user function in net/rds/page.c (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8 to execute code as root (CVE-2010-3904). This module has been…

This Metasploit module uses Reptile rootkit’s reptile_cmd backdoor executable to gain root privileges using the root command. This module has been tested successfully with Reptile from master branch (2019-03-04) on…

FaceTime suffers from an out-of-bounds read vulnerability in _RSU_DecodeByteBuffer.

FTP Navigator version 8.03 suffers from a denial of service vulnerability.

The Deutsche Bahn Ticket Vending Machine suffers from a local kiosk privilege escalation vulnerability.

XnView version 2.49.1 suffers from a denial of service vulnerability.

AVS Audio Converter version 9.1 suffers from a buffer overflow vulnerability.

Rumpus FTP Web File Manager version 8.2.9.1 suffers from a cross site scripting vulnerability.

In the macOS kernel, the XNU function wait_for_namespace_event() in bsd/vfs/vfs_syscalls.c releases a file descriptor for use by userspace but may then subsequently destroy that file descriptor using fp_free(), which unconditionally…

The Telerik UI for ASP.NET AJAX insecurely deserializes JSON objects in a manner that results in arbitrary remote code execution on the software’s underlying host.