Lenovo Diagnostics Driver Memory Access
This Metasploit module demonstrates how an incorrect access control for the Lenovo Diagnostics Driver allows a low-privileged user the ability to issue device IOCTLs to
macOS Dirty Cow Arbitrary File Write Local Privilege Escalation
Dirty Cow arbitrary file write local privilege escalation exploit for macOS. Exploit Files ≈ Packet Storm
F5 Big-IP Create Administrative User
This Metasploit module creates a local user with a username/password and root-level privileges. Note that a root-level account is not required to do this, which
Oracle Database 12.1.0.2 Spatial Component Privilege Escalation
Oracle Database version 12.1.0.2 suffers from a privilege escalation vulnerability that achieves DBA access via the Spatial component. Exploit Files ≈ Packet Storm
WordPress Quick Restaurant 2.0.2 XSS / CSRF / IDOR / Missing Authorization
On January 16, 2023, the Wordfence Threat Intelligence team responsibly disclosed several vulnerabilities in Quick Restaurant Menu, a WordPress plugin that allows users to set
Debian Security Advisory 5335-1
Debian Linux Security Advisory 5335-1 – Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service or spoofing. Vulnerability
IOTW: Malicious actors gain access to GitHub source code
A hacker has cloned repositories associated with multiple GitHub-owned organizations Categories RSS Feed
Packet Storm New Exploits For January, 2023
This archive contains all of the 130 exploits added to Packet Storm in January, 2023. Exploit Files ≈ Packet Storm
io_uring Same Type Object Reuse Privilege Escalation
This Metasploit module exploits a bug in io_uring leading to an additional put_cred() that can be exploited to hijack credentials of other processes. This exploit
vmwgfx Driver File Descriptor Handling Privilege Escalation
If the vmwgfx driver fails to copy the fence_rep object to userland, it tries to recover by deallocating the (already populated) file descriptor. This is