vportal

16 exploits Active since Feb 2017
CVE-2022-24494 NOMISEC HIGH WORKING POC
Windows Ancillary Function Driver - Privilege Escalation
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
13 stars
CVSS 7.8
CVE-2025-34105 EXPLOITDB CRITICAL python WORKING POC
DiskBoss Enterprise <8.2.14 - Buffer Overflow
A stack-based buffer overflow vulnerability exists in the built-in web interface of DiskBoss Enterprise versions 7.4.28, 7.5.12, and 8.2.14. The vulnerability arises from improper bounds checking on the path component of HTTP GET requests. By sending a specially crafted long URI, a remote unauthenticated attacker can trigger a buffer overflow, potentially leading to arbitrary code execution with SYSTEM privileges on vulnerable Windows hosts.
CVE-2017-6187 METASPLOIT CRITICAL ruby WORKING POC
Disksavvy Enterprise - Memory Corruption
Buffer overflow in the built-in web server in DiskSavvy Enterprise 9.4.18 allows remote attackers to execute arbitrary code via a long URI in a GET request.
CVSS 9.8
CVE-2025-34105 METASPLOIT CRITICAL ruby WORKING POC
DiskBoss Enterprise <8.2.14 - Buffer Overflow
A stack-based buffer overflow vulnerability exists in the built-in web interface of DiskBoss Enterprise versions 7.4.28, 7.5.12, and 8.2.14. The vulnerability arises from improper bounds checking on the path component of HTTP GET requests. By sending a specially crafted long URI, a remote unauthenticated attacker can trigger a buffer overflow, potentially leading to arbitrary code execution with SYSTEM privileges on vulnerable Windows hosts.
CVE-2017-13696 METASPLOIT CRITICAL ruby WORKING POC
Flexense Dupscout - Memory Corruption
A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server component. Successful exploitation of the software will allow an attacker to gain complete access to the system with NT AUTHORITY / SYSTEM level privileges. The vulnerability lies due to improper handling and sanitization of the incoming request.
CVSS 9.8
CVE-2017-11885 EXPLOITDB MEDIUM python WORKING POC
Windows - RCE
Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allow a remote code execution vulnerability due to the way the Routing and Remote Access service handles requests, aka "Windows RRAS Service Remote Code Execution Vulnerability".
CVSS 6.6
EIP-2026-118874 EXPLOITDB python WORKING POC
Microsoft Windows 2003 SP2 - 'ERRATICGOPHER' SMB Remote Code Execution
EIP-2026-118444 EXPLOITDB ruby WORKING POC
Dup Scout Enterprise 9.5.14 - GET Buffer Overflow (Metasploit)
EIP-2026-118415 EXPLOITDB ruby WORKING POC
Disk Savvy Enterprise - GET Buffer Overflow (Metasploit)
EIP-2026-118416 EXPLOITDB ruby WORKING POC
Disk Savvy Enterprise - GET Buffer Overflow (Metasploit)
EIP-2026-118420 EXPLOITDB python WORKING POC
Disk Savvy Enterprise 9.1.14 - 'GET' Remote Buffer Overflow
EIP-2026-118426 EXPLOITDB ruby WORKING POC
DiskBoss Enterprise - GET Buffer Overflow (Metasploit)
EIP-2026-118443 EXPLOITDB python WORKING POC
Dup Scout Enterprise 9.1.14 - Remote Buffer Overflow (SEH)
EIP-2026-118082 EXPLOITDB python WORKING POC
VUPlayer 2.49 - '.pls' File Stack Buffer Overflow (DEP Bypass)
EIP-2026-115787 EXPLOITDB c WORKING POC
Microsoft Windows 10 BasicRender.sys - Denial of Service (PoC)
EIP-2026-115800 EXPLOITDB c WORKING POC
Microsoft Windows Kernel - 'win32k!NtUserConsoleControl' Denial of Service (PoC)