Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

WordPress Duplicator 1.4.7.2 Backup Disclosure

0
Authored by nu11secur1ty WordPress Duplicator plugin version 1.4.7.2 suffers from a backup disclosure vulnerability. Change Mirror Download ## Title: WordPress Plugin Duplicator 1.4.7.2 - Unauthenticated Backup Download## Author: nu11secur1ty## Date: 08.23.2022## Vendor:...

FLIX AX8 1.46.16 Remote Command Execution

0
Authored by Samy Younsi FLIR AX8 versions 1.46.16 and below unauthenticated remote OS command injection exploit. advisories | CVE-2022-36266 Change Mirror Download # -*- coding: utf-8 -*-# Exploit Title: FLIR AX8 Unauthenticated OS...

Chrome content::ServiceWorkerVersion::MaybeTimeoutRequest Heap Use-After-Free

0
Authored by Google Security Research, Glazvunov Chrome suffers from a heap use-after-free vulnerability in content::ServiceWorkerVersion::MaybeTimeoutRequest. Google Chrome version 103.0.5060.53 and Chromium version 105.0.5134.0 are affected. advisories | CVE-2022-2480

FLIR AX8 1.46.16 Traversal / Access Control / Command Injection / XSS

0
Authored by Samy Younsi, Thomas Knudsen FLIR AX8 versions 1.46.16 and below suffer from command injection, directory traversal, improper access control, and cross site scripting vulnerabilities. advisories | CVE-2022-37060, CVE-2022-37061, CVE-2022-37062,...

Transposh WordPress Translation 1.0.8.1 Incorrect Authorization

0
Authored by Julien Ahrens | Site rcesecurity.com Transposh WordPress Translation versions 1.0.8.1 and below suffer from an incorrect authorization vulnerability. advisories | CVE-2022-2536 Change Mirror Download RCE Security Advisoryhttps://www.rcesecurity.com1. ADVISORY INFORMATION=======================Product: ...

FreeBSD 13.0 aio_aqueue Kernel Refcount Local Privilege Escalation

0
Authored by Chris J-D | Site accessvector.net FreeBSD versions 11.0 through 13.0 suffers from a local privilege escalation vulnerability via an aio_aqueue kernel refcount bug. This research post goes into...

Polar Flow Android 5.7.1 Secret Disclosure

0
Authored by Karima Hebbal | Site trovent.io Polar Flow for Android version 5.7.1 stores the username and password in clear text in a file on mobile devices. Change Mirror Download # Trovent...

Advantech iView NetworkServlet Command Injection

0
Authored by rgod, Shelby Pace, Y4er | Site metasploit.com Advantech iView software versions prior to 5.7.04.6469 are vulnerable to an unauthenticated command injection vulnerability via the NetworkServlet endpoint. The database...

Windows Credential Guard Domain-Joined Device Public Key Privilege Escalation

0
Authored by James Forshaw, Google Security Research On Windows, when registered to use a public key for computer authentication, the certificate is stored in a user accessible registry key leading...

TypeORM 0.3.7 Information Disclosure

0
Authored by Andrii Kostenko TypeORM version 0.3.7 suffers from an information disclosure vulnerability. advisories | CVE-2022-33171 Change Mirror Download I found what I think is a vulnerability in the latest typeorm 0.3.7.TypeORM v0.3...