Windows 7 SP1 x86 Privilege Escalation
Windows 7 SP1 x86 privilege escalation exploit that leverages the issue documented in MS16-014.
View ArticleLenovo ThinkPad System Management Mode Arbitrary Code Execution
This code exploits a 0day privilege escalation vulnerability (or possible backdoor) in the SystemSmmRuntimeRt UEFI driver (GUID is 7C79AC 8C-5E6C-4E3D-BA6F-C260EE7C172E) of Lenovo firmware.
View ArticleCuckoo Sandbox Guest 2.0.1 Code Execution
Cuckoo Sandbox Guest versions 2.0.1 and below XMLRPC privilege remote code execution exploit.
View ArticleWordPress Ultimate Membership Pro 3.3 SQL Injection
WordPress Ultimate Membership Pro plugin version 3.3 suffers from a remote SQL injection vulnerability.
View ArticleSymantec Endpoint Protection 12.1 CSRF / XSS / Open Redirect
Symantec Endpoint Protection Manager and Client version 12.1 suffers from cross site request forgery, cross site scripting, and open redirection vulnerabilities.
View ArticleRed Hat Security Advisory 2016-1374-01
Red Hat Security Advisory 2016-1374-01 - JBoss Portal Platform provides an integrated open source platform for hosting and serving a portal's web interface, aggregating, publishing, and managing its...
View ArticleDebian Security Advisory 3609-1
Debian Linux Security Advisory 3609-1 - Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in information disclosure, the bypass of CSRF...
View ArticleDebian Security Advisory 3608-1
Debian Linux Security Advisory 3608-1 - Aleksandar Nikolic discovered that missing input sanitising in the RTF parser in Libreoffice may result in the execution of arbitrary code if a malformed...
View ArticleUbuntu Security Notice USN-3022-1
Ubuntu Security Notice 3022-1 - It was discovered that LibreOffice incorrectly handled RTF document files. If a user were tricked into opening a specially crafted RTF document, a remote attacker could...
View ArticleDebian Security Advisory 3610-1
Debian Linux Security Advisory 3610-1 - Brandon Perry discovered that xerces-c, a validating XML parser library for C++, fails to successfully parse a DTD that is deeply nested, causing a stack...
View ArticleDebian Security Advisory 3611-1
Debian Linux Security Advisory 3611-1 - The TERASOLUNA Framework Development Team discovered a denial of service vulnerability in Apache Commons FileUpload, a package to make it easy to add robust,...
View ArticlePhoenix Exploit Kit Remote Code Execution
Phoenix Exploit Kit suffers from a remote code execution vulnerability.
View ArticleRockLoader SQL Injection / Shell Upload
The RockLoader malware tool suffers from remote shell upload and remote SQL injection vulnerabilities.
View ArticleKtools Photostore 4.7.5 Blind SQL Injection
Ktools Photostore versions 4.7.5 and below suffer from a remote blind SQL injection vulnerability.
View ArticleJoomla SmartFormer 2.4.1 Shell Upload
Joomla Smartformer component version 2.4.1 suffers from a remote shell upload vulnerability.
View ArticleRed Hat Security Advisory 2016-1376-01
Red Hat Security Advisory 2016-1376-01 - Red Hat JBoss SOA Platform is the next-generation ESB and business process automation infrastructure. Red Hat JBoss SOA Platform allows IT to leverage existing,...
View ArticleUbuntu Security Notice USN-3015-1
Ubuntu Security Notice 3015-1 - Multiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to...
View ArticleHuawei HiSuite For Windows 4.0.3.301 Privilege Escalation
A privilege escalation vulnerability was identified in the Huawei HiSuite software which can be used by a local user to elevate privileges to become the SYSTEM user. The root cause of the problem are...
View ArticlePacket Storm New Exploits For June, 2016
This archive contains all of the 234 exploits added to Packet Storm in June, 2016.
View ArticleOpenSCAP Libraries 1.2.10
The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.
View Article