Tor Half-Closed Connection Stream Confusion
Authored by Jann Horn, Google Security Research
Tor suffers from an issue where half-closed connection tracking ignores layer_hint and due to this, entry/middle relays can spoof RELAY_END cells on half-closed...
VMware ThinApp DLL Hijacking
Authored by houjingyi
VMware ThinApp suffered from a dll hijacking vulnerability.
advisories | CVE-2021-22000
Change Mirror Download
A few months ago I disclosed IBM(R) Db2(R) Windows client DLLHijacking Vulnerability(0day) I found:https://seclists.org/fulldisclosure/2021/Feb/73In that post...
Aruba Instant (IAP) Remote Code Execution
Authored by Aleph Security
Aruba Instant (IAP) remote code execution exploit.
advisories | CVE-2021-25155, CVE-2021-25156, CVE-2021-25157, CVE-2021-25158, CVE-2021-25159, CVE-2021-25160, CVE-2021-25161, CVE-2021-25162
Change Mirror Download
import socketimport sysimport structimport timeimport threadingimport urllib3import reimport telnetlibimport...
Seagate BlackArmor NAS sg2000-2000.1331 Command Injection
Authored by Metin Yunus Kandemir
Seagate BlackArmor NAS version sg2000-2000.1331 remote command injection exploit.
Change Mirror Download
# Exploit Title: Seagate BlackArmor NAS sg2000-2000.1331 - Command Injection# Date: 15.07.2021# Discovered by: Jeroen...
Aruba Instant 8.7.1.0 Arbitrary File Modification
Authored by Gr33nh4t
Aruba Instant version 8.7.1.0 arbitrary file modification exploit.
advisories | CVE-2021-25155
Change Mirror Download
# Exploit Title: Aruba Instant 8.7.1.0 - Arbitrary File Modification# Date: 15/07/2021# Exploit Author: Gr33nh4t# Vendor...
ForgeRock Access Manager/OpenAM 14.6.3 Remote Code Execution
Authored by Photubias
ForgeRock Access Manager/OpenAM version 14.6.3 unauthenticated remote code execution exploit.
advisories | CVE-2021-35464
Change Mirror Download
# Exploit Title: ForgeRock Access Manager/OpenAM 14.6.3 - Remote Code Execution (RCE) (Unauthenticated)# Date:...
Argus Surveillance DVR 4.0 Weak Password Encryption
Authored by Salman Asad
Argus Surveillance DVR version 4.0 suffers from a weak password encryption vulnerability.
Change Mirror Download
# Exploit Title: Argus Surveillance DVR 4.0 - Weak Password Encryption# Exploit Author:...
OX App Suite / OX Guard / OX Documents SSRF / Cross Site Scripting
Authored by Martin Heiland
Open-Xchange OX App Suite, OX Guard, and OX Documents suffer from server-side request forgery and cross site scripting vulnerabilities. Some of these issues only affect version...
Linux Kernel Netfilter Heap Out-Of-Bounds Write
Authored by Andy Nguyen
A heap out-of-bounds write affecting the Linux kernel since version 2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a denial...
WordPress Current Book 1.0.1 Cross Site Scripting
Authored by Vikas Srivastava
WordPress Current Book plugin version 1.0.1 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: WordPress Plugin Current Book 1.0.1 - 'Book Title...
