This module exploits a race condition vulnerability in the Linux Kernel via AF_PACKET sockets.



WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site. This registration works even when registration has been disabled.



This module exploits this vulnerability to add an administrator user to the Joomla database. Notice that this account could need registration confirmation (activation).

This module exploits a vulnerability in win32k.sys by setting a Window as WS_CHILD and sending a special key combination to this one.



WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

This module exploits a vulnerability in Rivatuner's core (Rivatuner*.sys, RTCore*.sys), a driver used by hardware tweaking apps Rivatuner, MSI Afterburner, EVGA Presicion X (and possibly others).



During app operation, the driver is loaded and used to read and write physical memory, MSR registers, io ports, etc. This module abuses said functionality to escalate privileges.

The Symantec Web Gateway Management Console before 5.2.5 allows some specially crafted entries to update the whitelist without validation. A lower-privileged but authorized management console user can bypass the whitelist validation using a specifically-modified script to create an unauthorized whitelist entry. This whitelist entry could potentially be leveraged in further malicious attempts against the network.

This module exploits a race condition vulnerability in the Linux Kernel via MAP_PRIVATE COW.



The bug relies in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.



WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

Vx Search Enterprise is prone to a buffer overflow vulnerability when receive a crafted request.

PowerFolder Server is prone to a remote vulnerability that allows attackers to take advantage of a deserialization vulnerability present in the commons-collections Java library.

The module exploit a buffer overflow vulnerability in the SNMP code of the Cisco ASA

Samsung Security Manager is prone to a privilege-escalation vulnerability that affects Apache Felix Gogo runtime. Due to an insecure default installation of the runtime, an attacker could then send commands that will be executed by the mentioned runtime.