This exploit is for CVE-2018-4233, which is an out-of-bounds read vulnerability in the IONDRVSupport kext. The vulnerability allows an attacker to read kernel memory, which can be used to gain kernel code execution. The exploit uses the leaked pointer to calculate the kernel base address and kernel slide, which can then be used to calculate the kernel text base address.
MalwareBytes Anti-Exploit (mbae.sys) is vulnerable to an Out-of-bounds Read Denial of Service (DoS) attack. An attacker can send a specially crafted IOCTL request with a size of 0xFFFFFF00 to the vulnerable driver, which will cause the system to crash. This vulnerability affects 32bit Windows XP SP3 and Windows 7 SP1 systems running MalwareBytes Anti-Exploit version 1.03.1.1220 and 1.04.1.1012.
RedaxScript 2.1.0 suffers from a privilege Escalation vulnerability. The issue occurs because the application fails to properly implement access controls. The application also fails to perform proper sanity checks on the user supplied input before processing it. These two flaws led to a vertical privilege escalation. This can be achieved by a simply tampering the parameter values. An attacker can exploit this issue to gain elevated privileges to the application.
Anyone can import CSV file. Pie Register will import users from this file. After importing, the user can activate the account and reset the password. This can be done by creating a CSV file with the details of the user and then importing it using a form. The user can then activate the account using a form and reset the password using the lost password feature.
This PoC exploits a vulnerability in Samsung SmartViewer 3.0, which allows remote code execution. The vulnerability is caused due to a boundary error in the BackupToAvi() method, which can be exploited to cause a stack-based buffer overflow by supplying a specially crafted argument. This can be exploited to execute arbitrary code by overwriting the SEH handler of the vulnerable application.
Sim Editor v6.6 is vulnerable to a stack based buffer overflow vulnerability due to improper bounds checking of user-supplied input. An attacker can exploit this vulnerability by supplying a specially crafted input that can lead to arbitrary code execution.
Congstar Internet-Manager SEH Buffer Overflow is a vulnerability in Congstar Prepaid Internet-Stick (MF100) software version 14.0.0.162. It was discovered in 8.01.2015 by metacom. The vulnerability is caused due to a boundary error when handling specially crafted UpdateCfg.ini file, which can be exploited to cause a stack-based buffer overflow. Successful exploitation of this vulnerability may allow execution of arbitrary code.
Ansible Tower provides the feature to create multiple organizations inside one tower instance. Due to missing validation of the 'is_superuser' parameter during user creation, organization admins can create superadmin accounts and therefoe gain access to all organizations. Ansible Tower is also vulnerable to reflected XSS. The vulnerable parameter is 'name' which is part of the URL when creating a new organization. Ansible Tower is also vulnerable to missing authentication. The vulnerable endpoint is '/api/v1/users/'.
This exploit is written for Mac OS X Yosemite (10.10.1) by @joystick and @rpaleari. It exploits IOBluetoothHCIUserClient::DispatchHCIWriteStoredLinkKey() by creating requests and filling them with data. It then calls IOConnectCallMethod() to send the requests to the user client connection.
This exploit is written for Mac OS X Yosemite (10.10) by @rpaleari and @joystick. It exploits a missing check in IOBluetoothHCIController::TransferACLPacketToHW() to trigger a panic. The exploit uses IOConnectCallMethod to call DispatchHCISendRawACLData().
Services By CQR