>> TAG: #remote exploit

Oracle Business Intelligence / XML Publisher 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 – XML External Entity Injection

SystemTap 1.3 – MODPROBE_OPTIONS Privilege Escalation (Metasploit)

Atlassian Confluence Widget Connector Macro – Velocity Template Injection (Metasploit)

Evernote 7.9 – Code Execution via Path Traversal

ManageEngine Applications Manager 11.0 < 14.0 – SQL Injection / Remote Code Execution (Metasploit)

Netwide Assembler (NASM) 2.14rc15 – NULL Pointer Dereference (PoC)

LibreOffice < 6.0.7 / 6.1.3 – Macro Code Execution (Metasploit)

MailCarrier 2.51 – POP3 ‘RETR’ SEH Buffer Overflow

Oracle Java Runtime Environment – Heap Corruption During TTF font Rendering in sc_FindExtrema4

ASUS HG100 – Denial of Service