exploit-db-mirror

bpmcdevitt/exploit-db-mirror

Fork 0

Commit graph

Author	SHA1	Message	Date
Offensive Security	9e9bf495c2	DB: 2017-04-26 26 new exploits PHP 5.4.0RC6 (x64t) - Denial of Service PHP 5.4.0RC6 (x64) - Denial of Service Evostream Media Server 1.7.1 (x64) - Denial of Service PrivateTunnel Client 2.8 - Local Buffer Overflow (SEH) VirtualBox - Environment and ioctl Unprivileged Host User to Host Kernel Privilege Escalation VirtualBox - 'virtio-net' Guest-to-Host Out-of-Bounds Write Dmitry 1.3a - Local Buffer Overflow Oracle VM VirtualBox - Environment and ioctl Unprivileged Host User to Host Kernel Privilege Escalation Oracle VM VirtualBox - 'virtio-net' Guest-to-Host Out-of-Bounds Write Apple Safari - Array concat Memory Corruption Oracle VirtualBox Guest Additions 5.1.18 - Unprivileged Windows User-Mode Guest Code Double-Free VirtualBox - Cooperating VMs can Escape from Shared Folder PCAUSA Rawether (ASUS PCE-AC56 WLAN Card Utilities Windows 10 x64) - Privilege Escalation Oracle VM VirtualBox - Cooperating VMs can Escape from Shared Folder PCAUSA Rawether (ASUS PCE-AC56 WLAN Card Utilities Windows 10 x64) - Privilege Escalation VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy VirtualBox 5.1.14 r112924 - Unprivileged Host User to Host Kernel Privilege Escalation via ALSA config VirtualBox 5.0.32 r112930 x64 - Windows Process COM Injection Privilege Escalation Oracle VM VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy Oracle VM VirtualBox 5.1.14 r112924 - Unprivileged Host User to Host Kernel Privilege Escalation via ALSA config Oracle VM VirtualBox 5.0.32 r112930 (x64) - Windows Process COM Injection Privilege Escalation Dell Customer Connect 1.3.28.0 - Privilege Escalation LightDM (Ubuntu 16.04/16.10) - Guest Account Local Privilege Escalation Realtek Audio Driver 6.0.1.7898 (Windows 10) - Dolby Audio X2 Service Privilege Escalation Nginx 1.4.0 (x64) (Generic Linux) - Remote Exploit Nginx 1.4.0 (Generic Linux x64) - Remote Exploit Microsoft Windows 2003 SP2 - 'ERRATICGOPHER' SMB Remote Code Execution Microsoft Office Word - Malicious Hta Execution (Metasploit) WePresent WiPG-1000 - Command Injection (Metasploit) OSX/Intel - setuid shell x86_64 Shellcode (51 bytes) OSX/Intel (x86-64) - setuid shell Shellcode (51 bytes) OSX/Intel (x86_64) - reverse_tcp shell Shellcode (131 bytes) OSX/Intel (x86-64) - reverse_tcp shell Shellcode (131 bytes) Linux x86 / x86_64 - reverse_tcp (192.168.1.29:4444) Shellcode (195 bytes) Linux x86 / x86_64 - tcp_bind (Port 4444) Shellcode (251 bytes) Linux x86 / x86_64 - Read /etc/passwd Shellcode (156 bytes) Linux x86/x86-64 - reverse_tcp (192.168.1.29:4444) Shellcode (195 bytes) Linux x86/x86-64 - tcp_bind (Port 4444) Shellcode (251 bytes) Linux x86/x86-64 - Read /etc/passwd Shellcode (156 bytes) Linux/Windows/BSD x86_64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes) Linux/Windows/BSD x86-64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes) Linux/x86-64 - Egghunter Shellcode (38 bytes) Linux/x86-64 - Reverse Shell Shellcode (84 bytes) FlySpray 1.0-rc4 - Cross-Site Scripting / Cross-Site Request Forgery WordPress Plugin KittyCatfish 2.2 - SQL Injection WordPress Plugin Car Rental System 2.5 - SQL Injection WordPress Plugin Wow Viral Signups 2.1 - SQL Injection WordPress Plugin Wow Forms 2.1 - SQL Injection Oracle PeopleSoft - 'PeopleSoftServiceListeningConnector' XML External Entity via DOCTYPE Oracle E-Business Suite 12.2.3 - 'IESFOOTPRINT' SQL Injection HPE OpenCall Media Platform (OCMP) 4.3.2 - Cross-Site Scripting / Remote File Inclusion OpenText Documentum Content Server - dm_bp_transition.ebs docbase Method Arbitrary Code Execution Joomla Component Myportfolio 3.0.2 - 'pid' Parameter SQL Injection October CMS 1.0.412 - Multiple Vulnerabilities	2017-04-26 05:01:18 +00:00

Author

SHA1

Message

Date

Offensive Security

9e9bf495c2

DB: 2017-04-26

26 new exploits

PHP 5.4.0RC6 (x64t) - Denial of Service
PHP 5.4.0RC6 (x64) - Denial of Service

Evostream Media Server 1.7.1 (x64) - Denial of Service

PrivateTunnel Client 2.8 - Local Buffer Overflow (SEH)
VirtualBox - Environment and ioctl Unprivileged Host User to Host Kernel Privilege Escalation
VirtualBox - 'virtio-net' Guest-to-Host Out-of-Bounds Write
Dmitry 1.3a - Local Buffer Overflow
Oracle VM VirtualBox - Environment and ioctl Unprivileged Host User to Host Kernel Privilege Escalation
Oracle VM VirtualBox - 'virtio-net' Guest-to-Host Out-of-Bounds Write
Apple Safari - Array concat Memory Corruption
Oracle VirtualBox Guest Additions 5.1.18 -  Unprivileged Windows User-Mode Guest Code Double-Free
VirtualBox - Cooperating VMs can Escape from Shared Folder
PCAUSA Rawether (ASUS PCE-AC56 WLAN Card Utilities Windows 10 x64) - Privilege Escalation
Oracle VM VirtualBox - Cooperating VMs can Escape from Shared Folder
PCAUSA Rawether (ASUS PCE-AC56 WLAN Card Utilities Windows 10 x64) - Privilege Escalation
VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy
VirtualBox 5.1.14 r112924 - Unprivileged Host User to Host Kernel Privilege Escalation via ALSA config
VirtualBox 5.0.32 r112930 x64 - Windows Process COM Injection Privilege Escalation
Oracle VM VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy
Oracle VM VirtualBox 5.1.14 r112924 - Unprivileged Host User to Host Kernel Privilege Escalation via ALSA config
Oracle VM VirtualBox 5.0.32 r112930 (x64) - Windows Process COM Injection Privilege Escalation
Dell Customer Connect 1.3.28.0 - Privilege Escalation
LightDM (Ubuntu 16.04/16.10) - Guest Account Local Privilege Escalation
Realtek Audio Driver 6.0.1.7898 (Windows 10) - Dolby Audio X2 Service Privilege Escalation

Nginx 1.4.0 (x64) (Generic Linux) - Remote Exploit
Nginx 1.4.0 (Generic Linux x64) - Remote Exploit
Microsoft Windows 2003 SP2 - 'ERRATICGOPHER' SMB Remote Code Execution
Microsoft Office Word - Malicious Hta Execution (Metasploit)
WePresent WiPG-1000 - Command Injection (Metasploit)

OSX/Intel - setuid shell x86_64 Shellcode (51 bytes)
OSX/Intel (x86-64) - setuid shell  Shellcode (51 bytes)

OSX/Intel (x86_64) - reverse_tcp shell Shellcode (131 bytes)
OSX/Intel (x86-64) - reverse_tcp shell Shellcode (131 bytes)
Linux x86 / x86_64 - reverse_tcp (192.168.1.29:4444) Shellcode (195 bytes)
Linux x86 / x86_64 - tcp_bind (Port 4444) Shellcode (251 bytes)
Linux x86 / x86_64 - Read /etc/passwd Shellcode (156 bytes)
Linux x86/x86-64 - reverse_tcp (192.168.1.29:4444) Shellcode (195 bytes)
Linux x86/x86-64 - tcp_bind (Port 4444) Shellcode (251 bytes)
Linux x86/x86-64 - Read /etc/passwd Shellcode (156 bytes)

Linux/Windows/BSD x86_64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes)
Linux/Windows/BSD x86-64 - execve(_/bin//sh__ {_//bin/sh__ _-c__ _cmd_}_ NULL) Execute Command Shellcode (194 bytes)

Linux/x86-64 - Egghunter Shellcode (38 bytes)

Linux/x86-64 - Reverse Shell Shellcode (84 bytes)
FlySpray 1.0-rc4 - Cross-Site Scripting / Cross-Site Request Forgery
WordPress Plugin KittyCatfish 2.2 - SQL Injection
WordPress Plugin Car Rental System 2.5 - SQL Injection
WordPress Plugin Wow Viral Signups 2.1 - SQL Injection
WordPress Plugin Wow Forms 2.1 - SQL Injection
Oracle PeopleSoft - 'PeopleSoftServiceListeningConnector' XML External Entity via DOCTYPE
Oracle E-Business Suite 12.2.3 - 'IESFOOTPRINT' SQL Injection
HPE OpenCall Media Platform (OCMP) 4.3.2 - Cross-Site Scripting / Remote File Inclusion
OpenText Documentum Content Server - dm_bp_transition.ebs docbase Method Arbitrary Code Execution
Joomla Component Myportfolio 3.0.2 - 'pid' Parameter SQL Injection
October CMS 1.0.412 - Multiple Vulnerabilities

2017-04-26 05:01:18 +00:00

1 commit