Exploits & CVE's

Exploits Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, CVEs and more.

NSS Signature Validation Memory Corruption

0
Authored by Tavis Ormandy, Google Security Research NSS (Network Security Services), Mozilla project's cross-platform security library, suffers from a memory corruption flaw when validating ECDSA signatures. advisories | CVE-2021-43527

MilleGPG5 5.7.2 Luglio 2021 Privilege Escalation

0
Authored by Alessandro Salzano MilleGPG5 version 5.7.2 Luglio 2021 suffers from a local privilege escalation vulnerability. Change Mirror Download # Exploit Title: MilleGPG5 5.7.2 Luglio 2021 (x64) - Local Privilege Escalation# Date:...

Packet Storm New Exploits For November, 2021

0
Authored by Todd J. | Site packetstormsecurity.com This archive contains all of the 137 exploits added to Packet Storm in November, 2021.

Android vold Unsafe Mounting

0
Authored by Jann Horn, Google Security Research Android's vold's incremental-fs APIs trust paths from system_server for mounting. There is supposed to be privilege separation between vold (TCB) and system_server (privileged...

Opencart 3.0.3.8 Session Injection

0
Authored by Hubert Wojciechowski Opencart version 3.0.3.8 suffers from a session injection vulnerability. Change Mirror Download # Exploit Title: opencart 3.0.3.8 - Sessjion Injection# Date: 28/11/2021# Exploit Author: Hubert Wojciechowski# Contact Author:...

D-Link DSL-3782 Pre-Authentication Remote Root

0
Authored by Cody Sixteen D-Link DSL-3782 pre-authentication remote root exploit. Change Mirror Download #!/usr/bin/python2# preauth rece for dlink dsl-3782# found: 06.11.2021# pwned: 18.112021 @ 19:26# import sysimport urllib2 # requestsimport urllibimport...

ManageEngine ADSelfService Plus Authentication Bypass / Code Execution

0
Authored by mr_me, wvu, Wilfried Becard, Antoine Cervoise | Site metasploit.com This Metasploit module exploits CVE-2021-40539, a REST API authentication bypass vulnerability in ManageEngine ADSelfService Plus, to upload a JAR...

Nextar C472 POS DLL Hijacking

0
Authored by Yehia Elghaly Nextar C472 POS suffers from a dll hijacking vulnerability. Change Mirror Download /* Description: A vulnerability exists in windows that allows other applications dynamic link librariesto execute malicious...

Polkit Authentication Bypass / Local Privilege Escalation

0
Authored by Sudhanshu Kumar, Rohit Verma, Sonam Nagar This whitepaper provides an overview of a Polkit authentication bypass vulnerability that allows for local privilege escalation. advisories | CVE-2021-3560

Apache HTTP Server 2.4.50 CVE-2021-42013 Exploitation

0
Authored by Apaar Farmaha, Aman Saxena, Shlok Yadav This document aims at explaining some recent vulnerabilities in Apache HTTP Server that leads to attacks like path traversal and remote code...