TrendMicro is prone to an abuse in the talker.php function to get authentication bypass, combined with the mod TMCSS user-supplied unvalidated input before using it to execute a system calls leads us to execute arbitrary code.

This module exploits an arbitrary file upload in DotCMS to install an agent.

This module exploits a command injection vulnerability in REDDOXX Appliance to install an agent.

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Jungo WinDriver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.



The specific flaw exists within the processing of IOCTL 0x953824a7 by the windrvr12xx kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in an out-of-bounds write condition. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel.

Dup Scout is prone to a buffer overflow when handling an overly long username.

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory.

NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x600000D where a value passed from a user to the driver is used without validation leading to escalation of privileges. This update add reliability and speed to the attack.

This module exploits an arbitrary file upload in Trend Micro Mobile Security for Enterprise to install an agent.

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory.

Multiple stack-based buffer overflow vulnerabilities have been identified in which the application does not verify string size before copying to memory, the attacker may then be able to crash the application or run arbitrary code.