Showing 1 - 6 of 6

Files Date: 2018-10-27 to 2018-10-28

Webiness Inventory 2.9 Shell Upload: Posted Oct 27, 2018; Authored by Boumediene Kaddour; Webiness Inventory version 2.9 suffers from a remote shell upload vulnerability.; tags | exploit, remote, shell; advisories | CVE-2018-18752; SHA-256 | 40336d3af53a8ba585646fbedc4366f3618af0f92e4e24bfa7992e3b7063a57d; Download | Favorite | View

WordPress Arforms 3.5.1 Arbitrary File Delete: Posted Oct 27, 2018; Authored by Amir Hossein Mahboubi; WordPress Arforms plugin versions 3.5.1 and below suffer from an arbitrary file deletion vulnerability.; tags | exploit, arbitrary; advisories | CVE-2018-15818; SHA-256 | eec5913d7e98c93148a427b5533b2edf6c4b543e9e8fc4ce4b3f0fd2e675535c; Download | Favorite | View

ASRock Drivers Privilege Escalation / Code Execution: Posted Oct 27, 2018; Authored by Core Security Technologies, Diego Juarez | Site secureauth.com; ASRock offers several utilities designed to give the user with an ASRock motherboard more control over certain settings and functions. These utilities include various features like the RGB LED control, hardware monitor, fan controls, and overclocking/voltage options. Multiple vulnerabilities were found in AsrDrv101.sys and AsrDrv102.sys low level drivers, installed by ASRock RGBLED and other ASRock branded utilities, which could allow a local attacker to elevate privileges. Vulnerable packages include ASRock RGBLED before version 1.0.35.1, A-Tuning before version 3.0.210, F-Stream before version 3.0.210, and RestartToUEFI before version 1.0.6.2.; tags | exploit, local, vulnerability; advisories | CVE-2018-10709, CVE-2018-10710, CVE-2018-10711, CVE-2018-10712; SHA-256 | 3b57e1d843a64059edf1200acba22a276913db2838fb449328d307badda0ce0e; Download | Favorite | View

Ubuntu Security Notice USN-3802-1: Posted Oct 27, 2018; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3802-1 - Narendra Shinde discovered that the X.Org X server incorrectly handled certain command line parameters when running as root with the legacy wrapper. When certain graphics drivers are being used, a local attacker could possibly use this issue to overwrite arbitrary files and escalate privileges.; tags | advisory, arbitrary, local, root; systems | linux, ubuntu; advisories | CVE-2018-14665; SHA-256 | 3e1800b73c06b9c5d9e9432c23ff8f3942aa93d0c796d9685eac915ed9e32c29; Download | Favorite | View

Shell In A Box 2.2.0 Denial Of Service: Posted Oct 27, 2018; Authored by Imre Rad; Shell In A Box versions 2.2.0 and below suffer from an infinite loop denial of service vulnerability.; tags | exploit, denial of service, shell; advisories | CVE-2018-16789; SHA-256 | cf504b640b61a6a0ad0b121dbbe3f7bee85c6e61335a525740f2aa402cebc279; Download | Favorite | View

HID ActivID ActivClient 7.1.0.202 Heap Spray / Denial Of Service: Posted Oct 27, 2018; Authored by Harrison Neal; HID ActivID ActivClient version 7.1.0.202 may not enforce upper bounds on the size of data received from a smart card, which can lead to attacks such as memory exhaustion, or serve as a heap spraying primitive for other attacks against the software, albeit slowly.; tags | exploit, denial of service; SHA-256 | 8f152ff2c4f8e62b07f2d5b2c106633d4aa5a263ab60b54c6da64427b460e860; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days