The vulnerability is an Arbitrary File Delete Write which can be used to achieve an agent with elevated privileges.
This module produces an out of bounds and generate a Denial of Service
IBM i Access Client Solutions is vulnerable to DLL hijacking when certain features are run on a Windows operating system that leverage native code. IBM has addressed this CVE by providing a fix to IBM i Access Client Solutions as described in the remediation/fixes section. The attacker must entice a victim into opening a specially crafted .hod, .bchx, .ws, .dttx and dtfx file. This file and the associated binary may be delivered to a user through remote WebDAV shares or zipped attach. An attacker may exploit this issue to execute arbitrary code.
This module exploits a java deserialization vulnerability present in the CewolfRenderer servlet. Also, this module exploits a blind XXE vulnerability present in the ProcessTrackingListener class.
This module exploits a java deserialization vulnerability present in the CewolfRenderer servlet. Also, this module exploits a blind XXE vulnerability present in the ProcessTrackingListener class.
This module exploits an Arbitrary File Deletion performed by a normal user in protected folders
The vulnerability is a win32k window object type confusion leading to an OOB (out-of-bounds) write which can be used to create arbitrary memory read and write capabilities within the Windows kernel to achieve elevated privileges.
This module crashes the target machine producing a blue screen by sending a malformed HTTP packet.
This module exploits an Integer Overflow in module sxssrv of CSRSS to produce an integer overflow and generate a Denial of Service
This module exploits a Zoho ManageEngine Password Manager Pro present in the org.apache.xmlrpc.parser.XmlRpcRequestParser class of Zoho ManageEngine Password Manager Pro. The deployed agent will run with SYSTEM privileges.
Pagination
- Previous page
- Page 15
- Next page