Exploits txt files

Linux 5.3 - Privilege Escalation via io_uring Offload of sendmsg() onto Kernel Thread with Kernel Creds

OpenBSD 6.x - Dynamic Loader Privilege Escalation

Adobe Acrobat Reader DC - Heap-Based Memory Corruption due to Malformed TTF Font

Snipe-IT Open Source Asset Management 4.7.5 - Persistent Cross-Site Scripting

Trend Micro Deep Security Agent 11 - Arbitrary File Overwrite

Broadcom CA Privilged Access Manager 2.8.2 - Remote Command Execution

Microsoft Windows Media Center 2002 - XML External Entity MotW Bypass

Visual Studio 2008 - XML External Entity Injection

macOS 10.14.6 - root->kernel Privilege Escalation via update_dyld_shared_cache

Internet Explorer - Use-After-Free in JScript Arguments During toJSON Callback

Xorg X11 Server - Local Privilege Escalation (Metasploit)

Pulse Secure VPN - Arbitrary Command Execution (Metasploit)

Bludit - Directory Traversal Image File Upload (Metasploit)

FreeSWITCH - Event Socket Command Execution (Metasploit)

FusionPBX - Operator Panel exec.php Command Execution (Metasploit)

Windows - Escalate UAC Protection Bypass (Via dot net profiler) (Metasploit)

iOS 12.4 - Sandbox Escape due to Integer Overflow in mediaserverd

Ubuntu 19.10 - Refcount Underflow and Type Confusion in shiftfs

Ubuntu 19.10 - ubuntu-aufs-modified mmap_region() Breaks Refcounting in overlayfs/shiftfs Error Path

Papers

Xinet Elegant 6 Asset Library Web Interface 6.1.655 - 'username' SQL Injection

Sony Playstation 2 (PS2): Hacking the PS2 with Yabasic

Shellcodes

Linux/x86 - (NOT|ROT+8 Encoded) execve(/bin/sh) null-free Shellcode (47 bytes)

Linux/x86 - execve(/bin/sh) socket reuse Shellcode (42 bytes)

Linux/x86 - adduser (User) to /etc/passwd Shellcode (74 bytes)

Linux/x86 - execve /bin/sh Shellcode (25 bytes)

Linux/x86 - Reverse Shell NULL free 127.0.0.1:4444 Shellcode (91 bytes)

Windows/x86 - bitsadmin Download and Execute (http://192.168.10.10/evil.exe "c:\evil.exe") Shellcode (210 Bytes)

Windows/x86 - Start iexplore.exe (http://192.168.10.10/) Shellcode (191 Bytes

Windows/x86 - Download With TFTP And Execute Shellcode (51-60 bytes) (Generator)

Windows/x86 - 'msiexec.exe' Download and Execute Shellcode (95 bytes)

Windows/x64 (10) - WoW64 Egghunter (w00tw00t) Shellcode (50 bytes)

Cisco ASA - 'EXTRABACON' Authentication Bypass (Improved Shellcode) (69 bytes)

Google Android - Bind (1035/TCP) Telnetd Shell + Environment/Parameters Shellcode (248 bytes)

OSX/x64 - Bind (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (144 bytes)

BSD / Linux / Windows - execve("/bin//sh", {"//bin/sh", "-c", "cmd"}, NULL) Execute Command Shellcode (194 bytes)

Solaris/x86 - Bind (/TCP) Shell Shellcode (Generator)

NetBSD/x86 - Kill All Processes Shellcode (23 bytes)