sickness

29 exploits Active since Jun 2007
CVE-2021-31955 NOMISEC MEDIUM WORKING POC
Windows 10 1809-21H1 and Windows Server 2019-20H2 - Kernel Information Disclosure
Windows Kernel Information Disclosure Vulnerability
2 stars
CVSS 5.5
CVE-2015-4077 NOMISEC WORKING POC
FortiClient < 5.2.3 - Unauthorized Kernel Memory Read via mdare Driver ioctl
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to read arbitrary kernel memory via a 0x22608C ioctl call.
2 stars
CVE-2011-10027 EXPLOITDB HIGH python WORKING POC
AOL Desktop < 9.6 - Stack-based Buffer Overflow via RTX Hyperlink Tag
AOL Desktop 9.6 contains a buffer overflow vulnerability in its Tool\rich.rct component when parsing .rtx files. By embedding an overly long string in a hyperlink tag, an attacker can trigger a stack-based buffer overflow due to the use of unsafe strcpy operations. This allows remote attackers to execute arbitrary code when a victim opens a malicious .rtx file. AOL Desktop is end-of-life and no longer supported. Users are encouraged to migrate to AOL Desktop Gold or alternative platforms.
CVE-2011-1591 METASPLOIT ruby WORKING POC
Wireshark 1.4.x < 1.4.5 - Stack-Based Buffer Overflow in DECT Dissector
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.
CVE-2017-13696 METASPLOIT CRITICAL ruby WORKING POC
Flexense Dupscout - Memory Corruption
A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server component. Successful exploitation of the software will allow an attacker to gain complete access to the system with NT AUTHORITY / SYSTEM level privileges. The vulnerability lies due to improper handling and sanitization of the incoming request.
CVSS 9.8
CVE-2007-3068 METASPLOIT ruby WORKING POC
DVD X Player 4.1 Professional - Stack-Based Buffer Overflow via PLF Playlist Filename
Stack-based buffer overflow in DVD X Player 4.1 Professional allows remote attackers to execute arbitrary code via a PLF playlist containing a long filename.
CVE-2011-1591 METASPLOIT ruby WORKING POC
Wireshark 1.4.x < 1.4.5 - Stack-Based Buffer Overflow in DECT Dissector
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.
EIP-2026-119525 EXPLOITDB c++ WORKING POC
Fortinet FortiClient 5.2.3 (Windows 10 x86) - Local Privilege Escalation
CVE-2015-5736 EXPLOITDB c WORKING POC
Fortinet FortiClient < 5.2.3 - Local Privilege Escalation via Fortishield.sys Ioctl Calls
The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call.
CVE-2015-5736 EXPLOITDB c WORKING POC
Fortinet FortiClient < 5.2.3 - Local Privilege Escalation via Fortishield.sys Ioctl Calls
The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call.
CVE-2011-1591 EXPLOITDB ruby WORKING POC
Wireshark 1.4.x < 1.4.5 - Stack-Based Buffer Overflow in DECT Dissector
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.
CVE-2012-1876 EXPLOITDB html WORKING POC
Microsoft Internet Explorer 6-9 and 10 Consumer Preview - Remote Code Execution via Col Element Handling
Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access a nonexistent object, leading to a heap-based buffer overflow, aka "Col Element Remote Code Execution Vulnerability," as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.
CVE-2012-1876 EXPLOITDB html WORKING POC
Microsoft Internet Explorer 6-9 and 10 Consumer Preview - Remote Code Execution via Col Element Handling
Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access a nonexistent object, leading to a heap-based buffer overflow, aka "Col Element Remote Code Execution Vulnerability," as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.
CVE-2012-1876 EXPLOITDB html WORKING POC
Microsoft Internet Explorer 6-9 and 10 Consumer Preview - Remote Code Execution via Col Element Handling
Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access a nonexistent object, leading to a heap-based buffer overflow, aka "Col Element Remote Code Execution Vulnerability," as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.
CVE-2012-1876 EXPLOITDB html WORKING POC
Microsoft Internet Explorer 6-9 and 10 Consumer Preview - Remote Code Execution via Col Element Handling
Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by attempting to access a nonexistent object, leading to a heap-based buffer overflow, aka "Col Element Remote Code Execution Vulnerability," as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2012.
EIP-2026-118436 EXPLOITDB ruby WORKING POC
Dup Scout Enterprise - 'Login' Buffer Overflow (Metasploit)
EIP-2026-118438 EXPLOITDB python WORKING POC
Dup Scout Enterprise 10.0.18 - 'Login' Remote Buffer Overflow
EIP-2026-118439 EXPLOITDB python WORKING POC
Dup Scout Enterprise 10.0.18 - 'online_registration' Remote Buffer Overflow
EIP-2026-118407 EXPLOITDB python WORKING POC
Disk Pulse Enterprise 10.0.12 - GET Buffer Overflow (SEH)
CVE-2011-1591 EXPLOITDB ruby WORKING POC
Wireshark 1.4.x < 1.4.5 - Stack-Based Buffer Overflow in DECT Dissector
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.
EIP-2026-118145 EXPLOITDB python WORKING POC
WM Downloader 3.1.2.2 2010.04.15 - '.m3u' File Buffer Overflow (DEP Bypass)
CVE-2011-1591 EXPLOITDB python WORKING POC
Wireshark 1.4.x < 1.4.5 - Stack-Based Buffer Overflow in DECT Dissector
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.
CVE-2013-3956 EXPLOITDB python WORKING POC
Novell Client - Local Privilege Escalation via NICM.SYS IOCTL 0x143B6B
The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2 on Windows Vista and Windows Server 2008; and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted 0x143B6B IOCTL call.
CVE-2007-5762 EXPLOITDB python WORKING POC
Novell NetWare Client 4.91 SP4 - Local Privilege Escalation via NICM.SYS IOCTL
NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\.\nicm device and providing crafted kernel addresses via IOCTLs with the METHOD_NEITHER buffering mode.
EIP-2026-117633 EXPLOITDB python WORKING POC
MoviePlay 4.82 - '.lst' Local Buffer Overflow