gitcollect

9 exploits Active since Oct 2005
CVE-2010-0738 NOMISEC MEDIUM WORKING POC
JBoss JMX Console Deployer Upload and Execute
The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.
1 stars
CVSS 5.3
CVE-2015-0235 GITHUB c WORKING POC
Exim GHOST (glibc gethostbyname) Buffer Overflow
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
CVE-2013-0292 GITHUB c WORKING POC
dbus-glib < 0.100 - Privilege Escalation via Spoofed NameOwnerChanged Signal
The dbus_g_proxy_manager_filter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal.
CVE-2013-1775 GITHUB c NO CODE
Mac OS X Sudo Password Bypass
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch.
CVE-2005-3120 GITHUB CRITICAL c NO CODE
lynx < 2.8.6 - Remote Code Execution via HTrjis Asian Character Handling
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
CVSS 9.8
CVE-2007-3048 GITHUB c WORKING POC
GNU screen <4.0.3 - Info Disclosure
GNU screen 4.0.3 allows local users to unlock the screen via a CTRL-C sequence at the password prompt. NOTE: multiple third parties report inability to reproduce this issue
CVE-2012-4412 GITHUB c WORKING POC
glibc < 2.17 - Heap-Based Buffer Overflow via Long String in strcoll_l
Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overflow.
CVE-2016-4971 NOMISEC HIGH WORKING POC
GNU wget < 1.18 - Arbitrary File Write via HTTP-to-FTP Redirect
GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.
CVSS 8.8
CVE-2016-2468 NOMISEC HIGH WORKING POC
Qualcomm GPU Driver - Privilege Escalation
The Qualcomm GPU driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 devices allows attackers to gain privileges via a crafted application, aka internal bug 27475454.
CVSS 7.8