header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Show More

nipper-ng 0.11.10 – Remote Buffer Overflow (PoC)

This is a proof-of-concept exploit for a remote buffer overflow vulnerability in nipper-ng version 0.11.10. The vulnerability was found by Guy Levin and can be exploited by sending a specially crafted shell command. The exploit uses a buffer overflow to overwrite the return address and gain control of the program execution flow. The vulnerability is tracked as CVE-2019-17424.

7.8
CVSS
HIGH
Remote Buffer Overflow
119
CWE
Product Name
nipper-ng
Platforms Tested
Debian
Affected Version
From:
2000.11.10
To:
2000.11.10
2019
Show More

Foscam Video Management System 1.1.4.9 – ‘Username’ Denial of Service (PoC)

The Foscam Video Management System 1.1.4.9 is vulnerable to a denial of service (DoS) attack. By sending a specially crafted username, an attacker can cause the application to crash, resulting in a denial of service condition.

7.5
CVSS
HIGH
Denial of Service (DoS) Local
CWE
Product Name
Foscam Video Management System
Platforms Tested
Windows 10 Pro x64 es
Affected Version
From:
1.1.4.9
To:
1.1.4.9
2019
Show More

Centova Cast 3.2.11 – Arbitrary File Download

The Centova Cast 3.2.11 version is vulnerable to an arbitrary file download attack. An attacker can exploit this vulnerability to download arbitrary files from the server without authentication. This can lead to unauthorized access to sensitive information or system compromise.

7.5
CVSS
HIGH
Arbitrary File Download
CWE
Product Name
Centova Cast
Platforms Tested
Debian 9, CentOS 7
Affected Version
From:
<=v3.2.11
To:
<=v3.2.11
2019
Show More

ASUS HM Com Service 1.00.31 – ‘asHMComSvc’ Unquoted Service Path

The application suffers from an unquoted service path issue impacting the service 'ASUS HM Com Service (aaHMSvc.exe)' related to the Asus Motherboard Utilities. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with system privileges.

7.5
CVSS
HIGH
Unquoted Service Path
428
CWE
Product Name
ASUS HM Com Service
Platforms Tested
Windows
Affected Version
From:
1.00.31
To:
1.00.31
2019

Recent Exploits:

RDPGuard 9.9.9 – Privilege Escalation

author
Ahmet Ümit BAYRAM
vendor
RDPGuard
severity
6.1
HIGH

YesWiki Unauthenticated Path Traversal

author
Al Baradi Joy
vendor
YesWiki
severity
7.1
HIGH

ABB Cylon Aspect 3.08.02 Stored Cross-Site Scripting Vulnerability

author
Gjoko 'LiquidWorm' Krstic
vendor
ABB Ltd.
severity
6.1
HIGH

Apache ActiveMQ 6.1.6 – Denial of Service (DOS)

author
Abdualhadi khalifa
vendor
Apache
severity
6.1
HIGH

GeoVision GV-ASManager 6.1.1.0 – CSRF

author
Giorgi Dograshvili [DRAGOWN]
vendor
GeoVision
severity
6.1
HIGH

ABB Cylon FLXeon 9.3.4 WebSocket Command Spawning Vulnerability

author
Zero Science Lab
vendor
ABB Ltd.
severity
6.1
HIGH

GestioIP 3.5.7 – Stored Cross-Site Scripting Vulnerability

author
m4xth0r (Maximiliano Belino)
vendor
GestioIP
severity
6.1
HIGH

Cacti 1.2.26 – Remote Code Execution (RCE) (Authenticated)

author
D3Ext
vendor
Cacti
severity
6.1
HIGH

Exclusive Addons for Elementor ≤ 2.6.9 – Authenticated Stored Cross-Site Scripting (XSS)

author
Al Baradi Joy
vendor
exclusiveaddons
severity
5.1
MEDIUM

Kentico Xperience 13.0.178 – Cross Site Scripting (XSS)

author
Alex Messham
vendor
Kentico
severity
6.1
HIGH

Navigation

Suggest Exploit

Services By CQR