This module exploits a vulnerability in win32k.sys by calling to SetParent function with crafted parameters.
This module exploits a vulnerability in "atmfd.dll" Windows driver by loading a crafted OTF font.
This update adds support to "Low Integrity Level" bypass for "Windows 8.1" 32 bits by using a kernel memory leak (CVE-2015-2433).
This update adds support to "Low Integrity Level" bypass for "Windows 8.1" 32 bits by using a kernel memory leak (CVE-2015-2433).
This module exploits a vulnerability in Linux. The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.
This module exploits a vulnerability in "atmfd.dll" Windows driver by loading a crafted OTF font.
This update adds support to "Low Integrity Level" bypass for "Windows 8.1" 64 bits and "Windows 2012" R2 by using a kernel memory leak (CVE-2015-2433).
Besides, this updates improves AV evasion.
This update adds support to "Low Integrity Level" bypass for "Windows 8.1" 64 bits and "Windows 2012" R2 by using a kernel memory leak (CVE-2015-2433).
Besides, this updates improves AV evasion.
This module exploits a COM Server-based Binary Planting vulnerability on Microsoft Word to deploy an agent.
The sosreport program, a component of the ABRT bug reporting system used in Red Hat Enterprise Linux, does not handle symbolic links correctly when writing core dumps of ABRT programs to the ABRT dump directory (/var/tmp/abrt). This can be leveraged by local unprivileged attackers to gain root privileges on vulnerable systems.
This module exploits a Jenkins command injection in order to install an agent.
This module exploits a SQL Injection vulnerability in Joomla which allows gathering of users and password hashes by parsing SQL output errors
This module exploits a remote code execution vulnerability in Joomla. The session handling code is susceptible to PHP Object Injection attacks due to lack of sanitization in some HTTP headers that are saved to the database session backend.
VMware vCenter Server is prone to a remote vulnerability that allows attackers to take advantage of an insecure deployment of the JMX/RMI service used to manage and monitor the Java Virtual Machine.
By exploiting known methods, it is possible to remotely load an MLet file from an attacker controlled web server that points at a, also controlled, jar file.
By exploiting known methods, it is possible to remotely load an MLet file from an attacker controlled web server that points at a, also controlled, jar file.