PowerVR PMRMMapPMR() Writability Check
Authored by Jann Horn, Google Security Research
PowerVR has a security issue where a writability check in PMRMMapPMR() does not clear VM_MAYWRITE.
Palo Alto PAN-OS Command Execution / Arbitrary File Creation
Authored by Kr0ff
Palo Alto PAN-OS versions prior to 11.1.2-h3 command injection and arbitrary file creation exploit.
advisories | CVE-2024-3400
Change Mirror Download
# Exploit Title: Palo Alto PAN-OS < v11.1.2-h3 ...
Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution
Authored by sfewer-r7, remmons-r7 | Site metasploit.com
This Metasploit module exploits two vulnerabilities in Palo Alto Networks PAN-OS that allow an unauthenticated attacker to create arbitrarily named files and execute...
Gambio Online Webshop 4.9.2.0 Remote Code Execution
Authored by h00die-gr3y, usd Herolab | Site metasploit.com
A remote code execution vulnerability in Gambio online webshop versions 4.9.2.0 and below allows remote attackers to run arbitrary commands via an...
Visual Studio Code Execution
Authored by h00die | Site metasploit.com
This Metasploit module creates a vsix file which can be installed in Visual Studio Code as an extension. At activation/install, the extension will execute...
GitLens Git Local Configuration Execution
Authored by h00die, Paul Gerste | Site metasploit.com
GitKraken GitLens versions prior to 14.0.0 allow an untrusted workspace to execute git commands. A repo may include its own .git folder...
FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution
Authored by Spencer McIntyre, jheysel-r7, James Horseman, Zach Hanley | Site metasploit.com
A remote SQL injection vulnerability exists in FortiNet FortiClient EMS (Endpoint Management Server) versions 7.2.0 through 7.2.2 and...
Nginx 1.25.5 Host Header Validation
Authored by dhteam
Nginx versions 1.25.5 and below appear to have a host header filtering validation bug that could possibly be used for malice.
Change Mirror Download
# Nginx =< 1.25.5 $host...
LRMS PHP 1.0 SQL Injection / Shell Upload
Authored by nu11secur1ty
LRMS PHP version 1.0 suffers from remote shell upload and multiple remote SQL injection vulnerabilities.
Change Mirror Download
## Titles: LRMS-PHP-by-oretnom23-v1.0 hat-trick1. Multiple-SQLi2. File Upload3. SQLi Bypass Authentication:## Latest...
Laravel Framework 11 Credential Disclosure
Authored by Huseein Amer
Laravel Framework version 11 suffers from a credential disclosure vulnerability.
advisories | CVE-2024-29291
Change Mirror Download
# Exploit Title: Laravel Framework 11 - Credential Leakage# Google Dork: N/A# Date:...
