embedi

21 exploits Active since May 2017
CVE-2017-11882 NOMISEC HIGH WORKING POC
Microsoft Office CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
496 stars
CVSS 7.8
CVE-2017-11882 NOMISEC HIGH WORKING POC
Microsoft Office CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
97 stars
CVSS 7.8
CVE-2017-5689 NOMISEC CRITICAL WORKING POC
Intel AMT Digest Authentication Bypass Scanner
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
57 stars
CVSS 9.8
CVE-2018-5234 NOMISEC HIGH WORKING POC
Norton Core <v237 - Command Injection
The Norton Core router prior to v237 may be susceptible to a command injection exploit. This is a type of attack in which the goal is execution of arbitrary commands on the host system via vulnerable software.
31 stars
CVSS 8.0
CVE-2017-5721 NOMISEC HIGH WORKING POC
Intel Nuc7i7bnh Firmware - Improper Input Validation
Insufficient input validation in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows local attackers to execute arbitrary code via manipulation of memory.
17 stars
CVSS 7.5
CVE-2024-26169 NOMISEC HIGH WORKING POC
Microsoft Windows 10 1507 - Improper Privilege Management
Windows Error Reporting Service Elevation of Privilege Vulnerability
CVSS 7.8
CVE-2017-11882 PATCHAPALOOZA HIGH WORKING POC
Microsoft Office CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
CVSS 7.8
CVE-2017-11882 PATCHAPALOOZA HIGH WORKING POC
Microsoft Office CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
CVSS 7.8
CVE-2017-11882 PATCHAPALOOZA HIGH WORKING POC
Microsoft Office CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
CVSS 7.8
CVE-2017-11882 PATCHAPALOOZA HIGH WORKING POC
Microsoft Office CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
CVSS 7.8
CVE-2017-11882 PATCHAPALOOZA HIGH WORKING POC
Microsoft Office CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
CVSS 7.8
CVE-2017-11882 PATCHAPALOOZA HIGH WORKING POC
Microsoft Office CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
CVSS 7.8
CVE-2017-11882 PATCHAPALOOZA HIGH WORKING POC
Microsoft Office CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
CVSS 7.8
CVE-2017-11882 PATCHAPALOOZA HIGH WORKING POC
Microsoft Office CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
CVSS 7.8
CVE-2017-11882 METASPLOIT HIGH ruby WORKING POC
Microsoft Office CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
CVSS 7.8
CVE-2017-11882 EXPLOITDB HIGH text WORKING POC
Microsoft Office CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
CVSS 7.8
EIP-2026-101635 EXPLOITDB bash WORKING POC
D-Link DIR-8xx Routers - Local Firmware Upload
EIP-2026-101636 EXPLOITDB python WORKING POC
D-Link DIR-8xx Routers - Root Remote Code Execution
EIP-2026-101634 EXPLOITDB python WORKING POC
D-Link DIR-8xx Routers - Leak Credentials
CVE-2018-0171 EXPLOITDB CRITICAL python WORKING POC
Cisco Ios - Out-of-Bounds Write
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.
CVSS 9.8
CVE-2018-5234 EXPLOITDB HIGH text WORKING POC
Norton Core <v237 - Command Injection
The Norton Core router prior to v237 may be susceptible to a command injection exploit. This is a type of attack in which the goal is execution of arbitrary commands on the host system via vulnerable software.
CVSS 8.0