This exploit allows an attacker to execute arbitrary code remotely on a Pluxml 0.3.1 server. The attacker needs to provide the URL of the vulnerable Pluxml installation and the IP address to bind the socket. The exploit leverages a XSS vulnerability to bypass NoScript protection and execute the code.
This vulnerability allows an attacker to cause a denial of service (DoS) or potentially execute arbitrary code with root privileges by sending a specially crafted message to the powerd com.apple.PowerManagement.control mach service. The vulnerability exists in the pm_mig_demux function, which does not properly handle certain requests, leading to a memory corruption issue.
This vulnerability allows userspace to manipulate the reference count of kernel objects, leading to a potential use-after-free vulnerability. By controlling the reference count, an attacker can free an object prematurely and reuse the name for another right.
The IOService::newUserClient function in IOServices allows IOService classes to define their IOUserClient classes. The default implementation of newUserClient does not properly handle the case when the IOUserClientClass key is not set in the registry entry, leading to a vulnerability. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service.
The Pharmacy System v2 and prior versions are vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending specially crafted SQL queries to the application, which can lead to unauthorized access to the database.
This exploit allows remote code execution in NETGEAR WNR2000v5 routers. It is an alpha quality exploit and has been deprecated. Please refer to the Metasploit framework or https://github.com/pedrib/PoC/tree/master/exploits/metasploit/wnr2000 for more information.
A specially crafted web-page can trigger a use-after-free vulnerability in Microsoft Internet Explorer 11. There is sufficient time between the free and reuse for an attacker to control the contents of the freed memory and exploit the vulnerability.
The code in the WifiNative.cpp file does not validate the parameter params.num_bssid before copying that number of elements into a stack-allocated wifi_bssid_hotlist_params structure. This can potentially lead to a stack-based buffer overflow if an attacker can control the value of params.num_bssid.
A specially crafted HTTP response can allow a malicious web-page to trigger a out-of-bounds read vulnerability in Google Chrome. The data is read from the main process' memory.
The BeginPrint method in BarCodeAx.dll is vulnerable to a stack buffer overflow. An attacker can exploit this vulnerability remotely.
Services By CQR