New CVE-2018-8373 Exploit Spotted

On 28 października, 2018, Posted by , In News, By ,,,,, , With Możliwość komentowania New CVE-2018-8373 Exploit Spotted została wyłączona

On September 18, 2018, more than a month after we published a blog revealing the details of a use-after-free (UAF) vulnerability CVE-2018-8373 that affects the VBScript engine in newer Windows versions, we spotted another exploit that uses the same vulnerability.  It’s important to note that this exploit doesn’t work on…

Drupal core – Highly critical – Remote Code Execution – SA-CORE-2018-002

On 28 marca, 2018, Posted by , In News, By ,,, , With Możliwość komentowania Drupal core – Highly critical – Remote Code Execution – SA-CORE-2018-002 została wyłączona

A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.   Read more: https://www.drupal.org/sa-core-2018-002

Dirty Cow – podatność w jądrze Linuksa – można dostać roota + jest exploit

On 25 października, 2016, Posted by , In News, By ,,,,, , With Możliwość komentowania Dirty Cow – podatność w jądrze Linuksa – można dostać roota + jest exploit została wyłączona

Dirty Cow – podatność w jądrze Linuksa – można dostać roota + jest exploit

Xen exploitation part 2: XSA-148, from guest to host

On 30 lipca, 2016, Posted by , In News, By ,, , With Możliwość komentowania Xen exploitation part 2: XSA-148, from guest to host została wyłączona

http://blog.quarkslab.com/xen-exploitation-part-2-xsa-148-from-guest-to-host.html

Xen exploitation part 1: XSA-105, from nobody to root

On 3 czerwca, 2016, Posted by , In News, By ,, , With Możliwość komentowania Xen exploitation part 1: XSA-105, from nobody to root została wyłączona

This blog post describes the exploitation of Xen Security Advisory 105 (XSA-105) [1] (CVE-2014-7155). This post explains the environment setup and shows the development of a fully working exploit on Linux 4.4.5. We are not aware of any public exploit for this vulnerability, although Andrei Lutas wrote excellent articles [2]…