An unauthenticated attacker can send a malicious SOAP request to the interface WLS AsyncResponseService to execute code on the vulnerable host. The attacker must have network access to the Oracle Weblogic Server T3 interface.
This module exploits a server-side template injection vulnerability in Jira Server and Data Center, in the ContactAdministrators and the SendBulkMail actions. The ContactAdministrators action doesn't require authentication but it's not enabled by default. The SendBulkMail does require authentication and the "JIRA Administrators" access level.
This module triggers a use after free vulnerability in the Remote Desktop Service by sending a malformed RDO packet to the 3389/TCP port.
This module exploits a vulnerability in Edge, getting Full Control over a file. This can be exploited to execute arbitrary code with System privileges.
COM classes used by the VMX process on a Windows host can be hijacked leading to elevation of privilege.
This module exploits a vulnerability in Private Internet Access VPN, loading a malicious OpenSSL engine without checking.
An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations.
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys)
The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes functionality that allows low-privileged users to read and write arbitrary physical memory via specially crafted IOCTL requests and elevate system privileges. This occurs because the device object has an associated symbolic link and an open DACL.
The TarArchive class blindly extracts tar archives without checking for directory traversals. An attacker can leverage this vulnerability to execute code in the system.