mu-b

65 exploits Active since Jun 2001
CVE-2008-1138 EXPLOITDB c WORKING POC
DESlock+ < 3.2.6 - Denial of Service via DLMFENC_IOCTL Request
DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users to cause a denial of service (system crash) via a certain ZERO_MEM DLMFENC_IOCTL request to \\.\DLKPFSD_Device, aka the "ring0 link list zero" vulnerability.
CVE-2008-4363 EXPLOITDB c WORKING POC
DESlock+ 3.2.7 - Denial of Service via DLMFENC_IOCTL Request
DLMFENC.sys 1.0.0.28 in DESlock+ 3.2.7 allows local users to cause a denial of service (system crash) or potentially execute arbitrary code via a certain DLMFENC_IOCTL request to \\.\DLKPFSD_Device that overwrites a pointer, probably related to use of the ProbeForRead function when ProbeForWrite was intended.
CVE-2008-1141 EXPLOITDB c WORKING POC
DESlock+ < 3.2.6 - Denial of Service via DLMFENC_IOCTL Requests
Memory leak in DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users to cause a denial of service (kernel memory consumption) via a series of DLMFENC_IOCTL requests to \\.\DLKPFSD_Device that allocate "link list structures."
CVE-2008-4363 EXPLOITDB c WORKING POC
DESlock+ 3.2.7 - Denial of Service via DLMFENC_IOCTL Request
DLMFENC.sys 1.0.0.28 in DESlock+ 3.2.7 allows local users to cause a denial of service (system crash) or potentially execute arbitrary code via a certain DLMFENC_IOCTL request to \\.\DLKPFSD_Device that overwrites a pointer, probably related to use of the ProbeForRead function when ProbeForWrite was intended.
CVE-2008-0324 EXPLOITDB c WORKING POC
Cisco VPN Client 5.0.02.0090 - Denial of Service via IOCTL 0x80002038
Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) 5.0.02.0090 allows local users to cause a denial of service (crash) by calling the 0x80002038 IOCTL with a small size value, which triggers memory corruption.
CVE-2009-1478 EXPLOITDB c WORKING POC
OpenSolaris < snv_114 - Denial of Service via DTrace ioctl Handlers
Multiple unspecified vulnerabilities in the DTrace ioctl handlers in Sun Solaris 10, and OpenSolaris before snv_114, allow local users to cause a denial of service (panic) via unknown vectors.
EIP-2026-114712 EXPLOITDB c WORKING POC
Solaris 10 / OpenSolaris - 'fasttrap' Local Kernel Denial of Service (PoC)
CVE-2018-2892 EXPLOITDB HIGH c WORKING POC
Oracle Solaris <11 - Privilege Escalation
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Availability Suite Service). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful attacks of this vulnerability can result in takeover of Solaris. CVSS 3.0 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
CVSS 7.8
CVE-2007-6276 EXPLOITDB c WORKING POC
Mac OS X 10.5 - Denial of Service via Crafted Load Balancing Packet
The accept_connections function in the virtual private network daemon (vpnd) in Apple Mac OS X 10.5 before 10.5.4 allows remote attackers to cause a denial of service (divide-by-zero error and daemon crash) via a crafted load balancing packet to UDP port 4112.
EIP-2026-104592 EXPLOITDB c WORKING POC
Apple Mac OSX xnu 1228.x - Local Kernel Memory Disclosure
CVE-2009-1235 EXPLOITDB bash WORKING POC
macOS X < 10.5.6 - Privilege Escalation via HFS IOCTL Handler
XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls.
EIP-2026-104591 EXPLOITDB c WORKING POC
Apple Mac OSX xnu 1228.9.59 - Kernel Privilege Escalation
EIP-2026-104589 EXPLOITDB WORKING POC
Apple Mac OSX < 10.9/10 - Local Privilege Escalation
CVE-2009-3281 EXPLOITDB c WORKING POC
VMware Fusion < 2.0.6 - Privilege Escalation via Incorrect File Permissions
The vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 does not use correct file permissions, which allows host OS users to gain privileges on the host OS via unspecified vectors.
EIP-2026-104573 EXPLOITDB c WORKING POC
VMware Fusion 2.0.5 - vmx86 kext Local Buffer Overflow (PoC)
CVE-2009-1238 EXPLOITDB c WORKING POC
macOS X < 10.5.6 - Denial of Service via HFS vfs sysctl Race Condition
Race condition in the HFS vfs sysctl interface in XNU 1228.8.20 and earlier on Apple Mac OS X 10.5.6 and earlier allows local users to cause a denial of service (kernel memory corruption) by simultaneously executing the same HFS_SET_PKG_EXTENSIONS code path in multiple threads, which is problematic because of lack of mutex locking for an unspecified global variable.
CVE-2009-1236 EXPLOITDB c WORKING POC
macOS X < 10.5.6 - Heap-Based Buffer Overflow via AppleTalk ZIP NOTIFY Packet
Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allows remote attackers to cause a denial of service (system crash) via a ZIP NOTIFY (aka ZIPOP_NOTIFY) packet that overwrites a certain ifPort structure member.
CVE-2009-1237 EXPLOITDB c WORKING POC
macOS < 10.5.6 - Denial of Service via SYS_add_profil or SYS___mac_getfsstat System Calls
Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allow local users to cause a denial of service (kernel memory consumption) via a crafted (1) SYS_add_profil or (2) SYS___mac_getfsstat system call.
CVE-2009-1237 EXPLOITDB c WORKING POC
macOS < 10.5.6 - Denial of Service via SYS_add_profil or SYS___mac_getfsstat System Calls
Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allow local users to cause a denial of service (kernel memory consumption) via a crafted (1) SYS_add_profil or (2) SYS___mac_getfsstat system call.
CVE-2007-6359 EXPLOITDB c WORKING POC
macOS X 10.5.1 - Denial of Service via Crafted Signed Mach-O Binary
The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash) via a crafted signed Mach-O binary that causes the hashes function to return NULL.
CVE-2007-6261 EXPLOITDB c WORKING POC
Mac OS X 10.4-10.5.1 - Denial of Service via Mach-O Binary Integer Overflow
Integer overflow in the load_threadstack function in the Mach-O loader (mach_loader.c) in the xnu kernel in Apple Mac OS X 10.4 through 10.5.1 allows local users to cause a denial of service (infinite loop) via a crafted Mach-O binary.
EIP-2026-104011 EXPLOITDB c WORKING POC
NovaSTOR NovaNET 12.0 - Remote SYSTEM
EIP-2026-104010 EXPLOITDB c WORKING POC
NovaSTOR NovaNET 12.0 - Remote Command Execution
CVE-2008-0177 EXPLOITDB c WORKING POC
KAME ipcomp - Denial of Service via IPv6 IPComp Header
The ipcomp6_input function in sys/netinet6/ipcomp_input.c in the KAME project before 20071201 does not properly check the return value of the m_pulldown function, which allows remote attackers to cause a denial of service (system crash) via an IPv6 packet with an IPComp header.
EIP-2026-103597 EXPLOITDB c WORKING POC
NovaSTOR NovaNET/NovaBACKUP 13.0 - Remote Denial of Service