Tag: CVE

Local - Privilege Escalation Exploits, Local Exploit

Webmin 1.920 – Remote Code Execution

- Exploit Details #!/bin/sh # # CVE-2019-15107 Webmin Unauhenticated Remote Command Execution # based on Metasploit module //www.exploit-db.com/exploits/47230 # Original advisory: //pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html # Alternative advisory ... Read More

Anatomy of a Cyber-Attack
cybersecurity, information-security

Anatomy of a Cyber-Attack

<img alt="Image by Image by Gordon Johnson from PixabayIt is often said that you must ‘know your enemy’ in order to succeed, but for many ... Read More

DDoS Exploit, Denial of Service

EyesOfNetwork 5.1 – Authenticated Remote Command Execution

- Exploit Details # Exploit Title: EyesOfNetwork 5.1 - Authenticated Remote Command Execution # Google Dork: N/A # Date: 2019-08-14 # Exploit Author: Nassim Asrir ... Read More

GetGo Download Manager 6.2.2.3300 – Denial of Service
remote code execution

GetGo Download Manager 6.2.2.3300 – Denial of Service

- Exploit Details # Exploit Title : GetGo Download Manager 6.2.2.3300 - Denial of Service # Date: 2019-08-15 # Author - Malav Vyas # Vulnerable ... Read More

Microsoft Windows Text Services Framework MSCTF
remote code execution

Microsoft Windows Text Services Framework MSCTF

- Exploit Details The msctf subsystem is part of the Text Services Framework, The TSF manages things like input methods, keyboard layouts, text processing and ... Read More

Local - Privilege Escalation Exploits, Local Exploit

Adobe Acrobat CoolType (AFDKO) – Call from Uninitialized Memory due to Empty FDArray in Type 1 Fonts

- Exploit Details -----==========----- AFDKO (Adobe Font Development Kit for OpenType) is a set of tools for examining, modifying and building fonts. The core part ... Read More

Local - Privilege Escalation Exploits, Local Exploit

Microsoft Font Subsetting – DLL Returning a Dangling Pointer via MergeFontPackage

- Exploit Details -----==========----- The Microsoft Font Subsetting DLL (fontsub.dll) is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their ... Read More

Critical vulnerabilities fixed in Delta Industrial Automation DOPSoft
hacker, SecurityLAB

Critical vulnerabilities fixed in Delta Industrial Automation DOPSoft

Both problems were fixed in DOPSoft version 4.00.06.47.A vulnerability was discovered in Delta Industrial Automation DOPSoft from a Taiwanese company, Delta Electronics, which could lead ... Read More

Windows PowerShell – Unsanitized Filename Command Execution
remote code execution

Windows PowerShell – Unsanitized Filename Command Execution

- Exploit Details ''' Credits: John Page (aka hyp3rlinx) Website: hyp3rlinx.altervista.org Source: //hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-POWERSHELL-UNSANITIZED-FILENAME-COMMAND-EXECUTION.txt ISR: Apparition Security www.microsoft.com Windows PowerShell Windows PowerShell is a Windows command-line ... Read More