This module exploits a vulnerability in MongoDB server. An arbitrary value passed as a parameter to the nativeHelper function in MongoDB server allows an attacker to control the execution flows to achieve remote code execution.

This module exploits a vulnerability in W3 Total Cache plugin for Wordpress. Certain macros such as mfunc allow to inject PHP code into comments. By injecting a crafted comment into a valid post an attacker can execute arbitrary PHP code on systems running vulnerable installations of W3 Total Cache.

The Serva32 TFTPD service is vulnerable to a buffer overflow vulnerability when parsing large read requests. When the application reads in a large buffer the application crashes.

This module exploits a vulnerability in the Mac OS X DirectoryService by sending a specially crafted packet to the 625/TCP port.

This module exploits a vulnerability in Symantec AMS Intel Handler service by sending a malformed packet to the 38292/TCP port to crash the application.

This update resolves an issue while trying to run the "Keylogger" module.

This module exploits a vulnerability in the Novell ZENworks Mobile Management application by injecting code in the PHP session file and leveraging a Local File Inclusion in mdm.php to execute the injected PHP code.

The Message Server component of SAP Netweaver is prone to a memory corruption vulnerability when the _MsJ2EE_AddStatistics function handles a specially crafted request with iflag value 0x0c MS_J2EE_SEND_TO_CLUSTERID, or 0x0d MS_J2EE_SEND_BROADCAST.

This vulnerability can be exploited by remote unauthenticated attackers to execute arbitrary code on the vulnerable server.

The vulnerability is caused due to an error in the AlphaStor Library Control Program when processing commands and can be exploited to cause a buffer overflow.

The DRDA protocol dissector in Wireshark can enter an infinite loop when processing an specially crafted DRDA packet with the iLength field set to 0, causing Wireshark to stop responding.