Lenovo Diagnostics Driver Memory Access
Authored by jheysel-r7, alfarom256 | Site metasploit.com
This Metasploit module demonstrates how an incorrect access control for the Lenovo Diagnostics Driver allows a low-privileged user the ability to issue device...
Windows Kernel Registry Virtualization Memory Corruption
Authored by Google Security Research, mjurczyk
Microsoft Windows suffers from a kernel memory corruption due to an insufficient handling of predefined keys in registry virtualization.
advisories | CVE-2023-21675
Android Binder VMA Management Security Issues
Authored by Jann Horn, Google Security Research
Android Binder VMA management suffers from multiple security issues.
advisories | CVE-2023-20928
Apache Tomcat On Ubuntu Log Init Privilege Escalation
Authored by h00die, Dawid Golunski | Site metasploit.com
This Metasploit module targets a vulnerability in Tomcat versions 6, 7, and 8 on Debian-based distributions where these older versions provide a...
Oracle Database 12.1.0.2 Spatial Component Privilege Escalation
Authored by Emad Al-Mousa
Oracle Database version 12.1.0.2 suffers from a privilege escalation vulnerability that achieves DBA access via the Spatial component.
Change Mirror Download
Title: Oracle Database Privilege Escalation Through Oracle...
F5 Big-IP Create Administrative User
Authored by Ron Bowes | Site metasploit.com
This Metasploit module creates a local user with a username/password and root-level privileges. Note that a root-level account is not required to do...
vmwgfx Driver File Descriptor Handling Privilege Escalation
Authored by h00die, Mathias Krause | Site metasploit.com
If the vmwgfx driver fails to copy the fence_rep object to userland, it tries to recover by deallocating the (already populated) file...
io_uring Same Type Object Reuse Privilege Escalation
Authored by h00die, Mathias Krause, Ryota Shiga | Site metasploit.com
This Metasploit module exploits a bug in io_uring leading to an additional put_cred() that can be exploited to hijack credentials...
Packet Storm New Exploits For January, 2023
Authored by Todd J. | Site packetstormsecurity.com
This archive contains all of the 130 exploits added to Packet Storm in January, 2023.
Online Eyewear Shop 1.0 SQL Injection
Authored by Muhammad Navaid Zafar Ansari
Online Eyewear Shop version 1.0 suffers from a remote SQL injection vulnerability.
Change Mirror Download
# Exploit Title: Online Eyewear Shop 1.0 - Product detail 'id'...





