Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

SecurePoint UTM 12.x Session ID Leak

0
Authored by Julien Ahrens | Site rcesecurity.com SecurePoint UTM versions 12.x suffers from a session identifier leak vulnerability via the spcgi.cgi endpoint. advisories | CVE-2023-22620 Change Mirror Download RCE Security Advisoryhttps://www.rcesecurity.com1. ADVISORY INFORMATION=======================Product:...

SecurePoint UTM 12.x Memory Leak

0
Authored by Julien Ahrens | Site rcesecurity.com SecurePoint UTM versions 12.x suffers from a memory leak vulnerability via the spcgi.cgi endpoint. advisories | CVE-2023-22897 Change Mirror Download RCE Security Advisoryhttps://www.rcesecurity.com1. ADVISORY INFORMATION=======================Product: ...

VMware Workspace ONE Access Privilege Escalation

0
Authored by mr_me, jheysel-r7 | Site metasploit.com This Metasploit module exploits CVE-2022-22960 which allows the user to overwrite the permissions of the certproxyService.sh script so that it can be modified...

GDidees CMS 3.9.1 Local File Disclosure / Directory Traversal

0
Authored by Hadi Mene GDidees CMS version 3.9.1 suffers from file disclosure and directory traversal vulnerabilities. advisories | CVE-2023-27179 Change Mirror Download # Exploit Title: GDidees CMS - 'imgdownload.php' Local File Disclosure# Date...

Sielco PolyEco Digital FM Transmitter 2.0.6 Cookie Brute Force

0
Authored by LiquidWorm | Site zeroscience.mk Sielco PolyEco Digital FM Transmitter version 2.0.6 suffers from a cookie brute forcing vulnerability that can allow for session hijacking. Change Mirror Download Sielco PolyEco Digital...

Sielco PolyEco Digital FM Transmitter 2.0.6 Default Credentials

0
Authored by LiquidWorm | Site zeroscience.mk Sielco PolyEco Digital FM Transmitter version 2.0.6 uses a weak set of default administrative credentials that can be easily guessed in remote password attacks...

Microsoft Windows Kernel Transactional Registry Key Rename Issues

0
Authored by Google Security Research, mjurczyk The Microsoft Windows Kernel suffers from multiple issues in the prepare/commit phase of a transactional registry key rename. advisories | CVE-2023-23421, CVE-2023-23422, CVE-2023-23423

Microsoft Windows Kernel New Registry Key name Insufficient Validation

0
Authored by Google Security Research, mjurczyk The Microsoft Windows Kernel has insufficient validation of new registry key names in transacted NtRenameKey. advisories | CVE-2023-23420

File Replication Pro 7.5.0 Insecure Permissions / Privilege Escalation

0
Authored by Andrea Intilangelo File Replication Pro version 7.5.0 suffers from having insecure directory permissions that can allow a local attacker the ability to escalate privileges. advisories | CVE-2023-26918 Change Mirror Download #...

Microsoft Word Remote Code Execution

0
Authored by nu11secur1ty Microsoft Word appears to suffer from a remote code execution vulnerability when a user load a malicious file that reaches out to an attacker-controller server to get...