Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

Backdoor.Win32.Delf.arh MVID-2022-0650 Authentication Bypass

0
Authored by malvuln | Site malvuln.com Backdoor.Win32.Delf.arh malware suffers from an authentication bypass vulnerability. Change Mirror Download Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source: https://malvuln.com/advisory/b3b19524967d22d6eb7517b03b660b00.txtContact: [email protected]: twitter.com/malvulnThreat: Backdoor.Win32.Delf.arhVulnerability:...

Pega Platform 8.7.3 Remote Code Execution

0
Authored by Marcin Wolak Pega Platform versions 8.1.0 through 8.7.3 suffer from a remote code execution vulnerability. If an on-premise installation of the Pega Platform is configured with the port...

Email-Worm.Win32.Kipis.c MVID-2022-0652 File Write / Code Execution

0
Authored by malvuln | Site malvuln.com Email-Worm.Win32.Kipis.c malware suffers from a remote file write vulnerability that allows for remote code execution. Change Mirror Download Discovery / credits: Malvuln (John Page aka hyp3rlinx)...

Backdoor.Win32.Psychward.10 MVID-2022-0651 Remote Command Execution

0
Authored by malvuln | Site malvuln.com Backdoor.Win32.Psychward.10 malware suffers from an unauthenticated remote command execution vulnerability. Change Mirror Download Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source: https://malvuln.com/advisory/70c5f8d61f6ac67091c0c5860e456427.txtContact: [email protected]:...

ZKTeco ZEM500-510-560-760 / ZEM600-800 / ZEM720 / ZMM Missing Authentication

0
Site redteam-pentesting.de ZKTeco ZEM500-510-560-760, ZEM600-800, ZEM720, and ZMM suffer from a missing authentication vulnerability. Versions below 8.88 (ZEM500-510-560-760, ZEM600-800, ZEM720) and 15.00 (ZMM200-220-210) are potentially affected. advisories | CVE-2022-42953 Change Mirror Download Advisory:...

Zimbra Collaboration Suite TAR Path Traversal

0
Authored by Ron Bowes, Alexander Cherepanov, yeak | Site metasploit.com This Metasploit module creates a .tar file that can be emailed to a Zimbra server to exploit CVE-2022-41352. If successful,...

Chrome AccountSelectionBubbleView::OnAccountImageFetched Heap Use-After-Free

0
Authored by Google Security Research, Glazvunov Chrome suffers from a heap use-after-free vulnerability in AccountSelectionBubbleView::OnAccountImageFetched. advisories | CVE-2022-2852

Chrome offline_items_collection::OfflineContentAggregator::OnItemRemoved Heap Buffer Overflow

0
Authored by Google Security Research, Glazvunov Chrome suffers from a heap buffer overflow vulnerability in offline_items_collection::OfflineContentAggregator::OnItemRemoved. advisories | CVE-2022-2853

Cisco Jabber XMPP Stanza Smuggling

0
Authored by Ivan Fratric, Google Security Research There is a vulnerability in Cisco Jabber that allows an attacker to send arbitrary XMPP stanzas (XMPP control messages) to another Cisco Jabber...

Zimbra Privilege Escalation

0
Authored by Ron Bowes, EvergreenCartoons | Site metasploit.com This Metasploit module exploits a vulnerable sudo configuration that permits the Zimbra user to execute postfix as root. In turn, postfix can...