Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

XNU NFSSVC Root Check Bypass / Use-After-Free

0
Authored by Google Security Research, nedwill XNU NFSSVC suffers from root check bypass and use-after-free vulnerabilities due to insufficient locking in upcall worker threads. advisories | CVE-2023-23514

Microsoft SQL Server 2014 / 2016 / 2017 / 2019 / 2022 Audit Logging...

0
Authored by Emad Al-Mousa Microsoft SQL Server 2014, 2016, 2017, 2019, and 2022 appears to ignore audit rules for sys.sysxlgns allowing an attacker with administrative permissions to extract password hashes...

Bitbucket Environment Variable Remote Command Injection

0
Authored by Shelby Pace, Y4er, Ry0taK | Site metasploit.com For various versions of Bitbucket, there is an authenticated command injection vulnerability that can be exploited by injecting environment variables into...

Microsoft Outlook CVE-2023-23397 Proof Of Concept

0
Authored by sqrtZeroKnowledge | Site github.com Proof of concept code for a critical Microsoft Outlook vulnerability for Windows that allows hackers to remotely steal hashed passwords by simply receiving an...

Shannon Baseband NrmmMsgCodec Emergency Number List Heap Buffer Overflow

0
Authored by Ivan Fratric, Google Security Research There is a heap buffer overflow in Shannon baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according...

Shannon Baseband NrmmMsgCodec Extended Emergency Number List Heap Buffer Overflow

0
Authored by Ivan Fratric, Google Security Research There is a heap buffer overflow in Shannon baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according...

Shannon Baseband NrmmMsgCodec Access Category Definitions Heap Buffer Overflow

0
Authored by Ivan Fratric, Google Security Research There is a heap buffer overflow in Shannon Baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according...

Riello UPS Restricted Shell Bypass

0
Authored by Ricardo Jose Ruiz Fernandez Riello UPS systems can have their restricted configuration shell bypassed to gain full underlying operating system access. Change Mirror Download I. VULNERABILITY-------------------------Riello UPS systems allow to...

Shannon Baseband NrmmMsgCodec Intra-Object Overflow

0
Authored by Ivan Fratric, Google Security Research There is an intra-object overflow in Shannon Baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according to...

Open Web Analytics 1.7.3 Remote Code Execution

0
Authored by Jacob Ebben, Dennis Pfleger | Site metasploit.com Open Web Analytics (OWA) versions prior to 1.7.4 allow an unauthenticated remote attacker to obtain sensitive user information, which can be...