CVE-2018-1149 & CVE-2018-1150 NUUO DVR firmware exploits


Between 180,000 and 800,000 IP-based closed-circuit television cameras are vulnerable to a zero-day vulnerability and a backdoor that allows an attacker remote code execution. Tenable issued the advisory today, the bugs are rated critical and tied to firmware possibly used in one of 100 different cameras that run the affected NVRMini2 webserver so...

Read More

Microsoft Windows Animation Manager Memory Corruption Vulnerability (MS16-132) (CVE-2016-7205) + POC:

A memory corruption in the Microsoft Windows Animation Manager which allows a malicious user to remotely execute arbitrary code on a vulnerable user’s machine, in the context of the current user. JavaScript POC ::HERE::

Read More

OpenSSH xauth command injection

CVE-2016-3115
Affected configurations: All versions of OpenSSH prior to 7.2p2 with X11Forwarding enabled.

Vulnerability: Missing sanitisation of untrusted input allows an authenticated user who is able to request X11 forwarding to inject commands to xauth(1).
Injection of xauth commands grants the ability to read arbitrary files under the authent...

Read More

CVE-2016-0728 POC

cve_2016_0728
use-after-free flaw was found in the way the Linux kernel’s key management subsystem handled keyring object reference counting in certain error path of the join_session_keyring() function. A local, unprivileged user could use this flaw to escalate their privileges on the system. The vulnerability has existed since 2012...

Read More

VMware Privilege Escalation

The products affected by the privilege escalation vulnerability are: ‘VMware Workstation’, ‘Horizon Client’ (with Local Mode Option), and ‘Player’. VMware Workstation, Player and Horizon View Client for Windows do not set a discretionary access control list (DACL) for one of their processes...

Read More