Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Lenovo Diagnostics Driver Memory Access

0
Authored by jheysel-r7, alfarom256 | Site metasploit.com This Metasploit module demonstrates how an incorrect access control for the Lenovo Diagnostics Driver allows a low-privileged user the ability to issue device...

Windows Kernel Registry Virtualization Memory Corruption

0
Authored by Google Security Research, mjurczyk Microsoft Windows suffers from a kernel memory corruption due to an insufficient handling of predefined keys in registry virtualization. advisories | CVE-2023-21675

Android Binder VMA Management Security Issues

0
Authored by Jann Horn, Google Security Research Android Binder VMA management suffers from multiple security issues. advisories | CVE-2023-20928

Apache Tomcat On Ubuntu Log Init Privilege Escalation

0
Authored by h00die, Dawid Golunski | Site metasploit.com This Metasploit module targets a vulnerability in Tomcat versions 6, 7, and 8 on Debian-based distributions where these older versions provide a...

Oracle Database 12.1.0.2 Spatial Component Privilege Escalation

0
Authored by Emad Al-Mousa Oracle Database version 12.1.0.2 suffers from a privilege escalation vulnerability that achieves DBA access via the Spatial component. Change Mirror Download Title: Oracle Database Privilege Escalation Through Oracle...

F5 Big-IP Create Administrative User

0
Authored by Ron Bowes | Site metasploit.com This Metasploit module creates a local user with a username/password and root-level privileges. Note that a root-level account is not required to do...

vmwgfx Driver File Descriptor Handling Privilege Escalation

0
Authored by h00die, Mathias Krause | Site metasploit.com If the vmwgfx driver fails to copy the fence_rep object to userland, it tries to recover by deallocating the (already populated) file...

io_uring Same Type Object Reuse Privilege Escalation

0
Authored by h00die, Mathias Krause, Ryota Shiga | Site metasploit.com This Metasploit module exploits a bug in io_uring leading to an additional put_cred() that can be exploited to hijack credentials...

Packet Storm New Exploits For January, 2023

0
Authored by Todd J. | Site packetstormsecurity.com This archive contains all of the 130 exploits added to Packet Storm in January, 2023.

Online Eyewear Shop 1.0 SQL Injection

0
Authored by Muhammad Navaid Zafar Ansari Online Eyewear Shop version 1.0 suffers from a remote SQL injection vulnerability. Change Mirror Download # Exploit Title: Online Eyewear Shop 1.0 - Product detail 'id'...