KoreLogic

17 exploits Active since Jul 2014
CVE-2018-15767 EXPLOITDB HIGH python WORKING POC
Dell Openmanage Network Manager < 6.5.3 - Incorrect Authorization
The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file.
CVSS 8.8
EIP-2026-119687 EXPLOITDB html WORKING POC
WatchGuard XTMv 11.12 Build 516911 - User Management Cross-Site Request Forgery
EIP-2026-119502 EXPLOITDB text WRITEUP
VMware Workstation 10.0.0.40273 - 'vmx86.sys' Arbitrary Kernel Read
CVE-2014-4076 EXPLOITDB python WRITEUP
Microsoft Windows Server 2003 SP2 - Privilege Escalation
Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability."
CVE-2014-4971 EXPLOITDB text WORKING POC
Microsoft Windows XP SP3 - Privilege Escalation
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem.
CVE-2014-4971 EXPLOITDB python WORKING POC
Microsoft Windows XP SP3 - Privilege Escalation
Microsoft Windows XP SP3 does not validate addresses in certain IRP handler routines, which allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted address in an IOCTL call, related to (1) the MQAC.sys driver in the MQ Access Control subsystem and (2) the BthPan.sys driver in the Bluetooth Personal Area Networking subsystem.
CVE-2015-5465 EXPLOITDB text WRITEUP
Silicon Integrated Systems WindowsXP Display Manager <6.14.10.3930 ...
Silicon Integrated Systems WindowsXP Display Manager (aka VGA Driver Manager and VGA Display Manager) 6.14.10.3930 allows local users to gain privileges via a crafted (1) 0x96002400 or (2) 0x96002404 IOCTL call.
CVE-2015-6923 EXPLOITDB text WRITEUP
VBox Communications Satellite Express Protocol <2.3.17.3 - Privileg...
The ndvbs module in VBox Communications Satellite Express Protocol 2.3.17.3 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x00000ffd ioctl call.
CVE-2015-5466 EXPLOITDB HIGH text WORKING POC
XGI WindowsXP Display Manager <6.14.10.1090 - Privilege Escalation
Silicon Integrated Systems XGI WindowsXP Display Manager (aka XGI VGA Driver Manager and VGA Display Manager) 6.14.10.1090 allows local users to gain privileges via a crafted 0x96002404 IOCTL call.
CVSS 7.8
EIP-2026-112346 EXPLOITDB text WORKING POC
Sophos Web Appliance 4.2.1.3 - Remote Code Execution
EIP-2026-103282 EXPLOITDB python WORKING POC
HPE VAN SDN 2.7.18.0503 - Remote Root
CVE-2018-15768 EXPLOITDB MEDIUM python WORKING POC
Dell Openmanage Network Manager - Incorrect Permission Assignment
Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file system for MySQL users due to insecure default configuration setting for the embedded MySQL database.
CVSS 6.5
EIP-2026-103007 EXPLOITDB text WORKING POC
Sophos UTM 9.410 - 'loginuser' 'confd' Service Privilege Escalation
CVE-2016-6434 EXPLOITDB HIGH text WRITEUP
Cisco Firepower Management Center 6.0.1 - Info Disclosure
Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local users to obtain sensitive information by leveraging CLI access, aka Bug ID CSCva30370.
CVSS 7.8
CVE-2016-6435 EXPLOITDB MEDIUM text WRITEUP
Cisco Firepower Management Center 6.0.1 - Info Disclosure
The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via crafted parameters, aka Bug ID CSCva30376.
CVSS 6.5
CVE-2016-6433 EXPLOITDB HIGH text WORKING POC
Cisco Firepower Mgmt Cntr <6.0.1 - RCE
The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users to execute arbitrary commands via crafted web-application parameters, aka Bug ID CSCva30872.
CVSS 8.8
EIP-2026-100919 EXPLOITDB html WORKING POC
Ubiquiti Administration Portal - Remote Command Execution (via Cross-Site Request Forgery)