Derek Abdine

5 exploits Active since Oct 2006
CVE-2021-22005 METASPLOIT CRITICAL ruby WORKING POC
VMware Cloud Foundation 3.0-4.0 and vCenter Server - Arbitrary File Upload via Analytics Service
The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.
CVSS 9.8
CVE-2007-2440 EXPLOITDB text WRITEUP
Caucho Resin <3.1.0 - Path Traversal
Directory traversal vulnerability in Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to read certain files via a .. (dot dot) in a URI containing a "\web-inf" sequence.
CVE-2007-2441 EXPLOITDB text WRITEUP
Caucho Resin <3.1.0 - Info Disclosure
Caucho Resin Professional 3.1.0 and Caucho Resin 3.1.0 and earlier for Windows allows remote attackers to obtain the system path via certain URLs associated with (1) deploying web applications or (2) displaying .xtp files.
CVE-2006-5379 EXPLOITDB c WORKING POC
NVIDIA Binary Graphics Driver <v8774,v8762 - RCE
The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.
CVE-2007-2437 EXPLOITDB text WORKING POC
X.org X Window System 7.0-7.2 with Xserver < 1.3.0 - Authenticated Denial of Service via XRender Extension
The X render (Xrender) extension in X.org X Window System 7.0, 7.1, and 7.2, with Xserver 1.3.0 and earlier, allows remote authenticated users to cause a denial of service (daemon crash) via crafted values to the (1) XRenderCompositeTrapezoids and (2) XRenderAddTraps functions, which trigger a divide-by-zero error.