Windows/x86 iexplore.exe Shellcode
191 bytes small Windows/x86 start iexplore.exe shellcode.
View ArticleGoogle Chrome PDF Plugin Pepper Socket API Access
There is a security issue where Google Chrome's PDF plugin is allowed to use the Pepper Socket API. Patches are included in this archive.
View ArticleLinux/x86 /usr/bin/wget Shellcode
129 bytes small Linux/x86 chmod + execute + hide output via /usr/bin/wget shellcode.
View ArticleLibreNMS 1.46 addhost Remote Code Execution
LibreNMS version 1.46 addhost remote code execution exploit.
View ArticleDebian Security Advisory 4472-1
Debian Linux Security Advisory 4472-1 - It was discovered that Expat, an XML parsing C library, did not properly handled XML input including XML names that contain a large number of colons, potentially...
View ArticleGoogle Chrome AudioWorkletGlobalScope::Process Use-After-Free
Google Chrome suffers from a use-after-free vulnerability in AudioWorkletGlobalScope::Process.
View ArticleGoogle Chrome JS Execution Use-After-Free
JS execution inside ScriptForbiddenScope can lead to a use-after-free condition in Google Chrome.
View ArticleWindows Escalate UAC Protection Bypass Via SilentCleanup
There's a task in Windows Task Scheduler called "SilentCleanup" which, while it's executed as Users, automatically runs with elevated privileges. When it runs, it executes the file...
View ArticleUbuntu Security Notice USN-4041-2
Ubuntu Security Notice 4041-2 - USN-4041-1 provided updates for the Linux kernel in Ubuntu. This update provides the corresponding updates for the Linux kernel for Ubuntu 16.04 ESM. USN-4017-2 fixed...
View ArticleUbuntu Security Notice USN-4041-1
Ubuntu Security Notice 4041-1 - USN-4017-1 fixed vulnerabilities in the Linux kernel for Ubuntu. Unfortunately, the update introduced a regression that interfered with networking applications that...
View ArticleWorkSuite PRM 2.4 SQL Injection
WorkSuite PRM version 2.4 suffers from a remote SQL injection vulnerability.
View ArticleDebian Security Advisory 4473-1
Debian Linux Security Advisory 4473-1 - Multiple security issues were found in the rdesktop RDP client, which could result in denial of service and the execution of arbitrary code.
View ArticleCiuisCRM 1.6 SQL Injection
CiuisCRM version 1.6 suffers from a remote SQL injection vulnerability.
View Article