Juan Sacco

46 exploits Active since Mar 2017
CVE-2017-0147 EXPLOITDB HIGH python WORKING POC
Microsoft Windows 10 1507 < 4.0e - Information Disclosure
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted packets, aka "Windows SMB Information Disclosure Vulnerability."
CVSS 7.5
CVE-2017-0146 EXPLOITDB HIGH python WORKING POC
Microsoft Server Message Block < 4.0e - Remote Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0148.
CVSS 8.8
CVE-2017-0145 EXPLOITDB HIGH python WORKING POC
Microsoft Server Message Block < 4.0e - Remote Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148.
CVSS 8.8
CVE-2017-0144 EXPLOITDB HIGH python WORKING POC
Microsoft Server Message Block < 4.0e - Remote Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
CVSS 8.8
CVE-2017-0143 EXPLOITDB HIGH python WORKING POC
Microsoft Server Message Block < 4.0e - Remote Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
CVSS 8.8
CVE-2017-0148 EXPLOITDB HIGH python WORKING POC
Microsoft Server Message Block < 4.0e - Improper Input Validation
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146.
CVSS 8.1
EIP-2026-107070 EXPLOITDB text WORKING POC
Feng Office - Persistent Cross-Site Scripting
EIP-2026-104563 EXPLOITDB text WRITEUP
Apple Mac OSX Keychain - EXC_BAD_ACCESS Denial of Service
CVE-2017-17090 EXPLOITDB HIGH python WORKING POC
Asterisk Open Source <15.1.2 - DoS
An issue was discovered in chan_skinny.c in Asterisk Open Source 13.18.2 and older, 14.7.2 and older, and 15.1.2 and older, and Certified Asterisk 13.13-cert7 and older. If the chan_skinny (aka SCCP protocol) channel driver is flooded with certain requests, it can cause the asterisk process to use excessive amounts of virtual memory, eventually causing asterisk to stop processing requests of any kind.
CVSS 7.5
EIP-2026-102860 EXPLOITDB python WORKING POC
GNU GTypist 2.9.5-2 - Local Buffer Overflow
EIP-2026-103055 EXPLOITDB python WORKING POC
ZSNES 1.51 - Local Buffer Overflow
EIP-2026-103028 EXPLOITDB text WORKING POC
VFU 4.10-1.1 - Local Buffer Overflow
EIP-2026-102836 EXPLOITDB python WORKING POC
FENIX 0.92 - Local Buffer Overflow
EIP-2026-102624 EXPLOITDB python WORKING POC
Kaspersky KSN for Linux 5.2 - Memory Corruption
EIP-2026-102793 EXPLOITDB python WORKING POC
BSIGN 0.4.5 - Local Buffer Overflow
EIP-2026-102745 EXPLOITDB python WORKING POC
TACK 1.07 - Local Stack Buffer Overflow
EIP-2026-102700 EXPLOITDB python WORKING POC
Netperf 2.6.0 - Stack-Based Buffer Overflow
EIP-2026-102699 EXPLOITDB python WORKING POC
Netperf 2.6.0 - Stack-Based Buffer Overflow
EIP-2026-102580 EXPLOITDB python WORKING POC
FBZX 2.10 - Local Stack Buffer Overflow
EIP-2026-102193 EXPLOITDB python WORKING POC
WhatsApp 2.18.31 - Memory Corruption
EIP-2026-102192 EXPLOITDB python WORKING POC
WhatsApp 2.17.52 - Memory Corruption