|
2019-09-03
|
|
ptrace - Sudo Token Privilege Escalation (Metasploit)
|
3 |
LOCAL
|
Metasploit
|
|
2019-09-03
|
|
ptrace - Sudo Token Privilege Escalation (Metasploit)
|
3 |
LOCAL
|
Metasploit
|
|
2019-09-03
|
|
ktsuss 1.4 - suid Privilege Escalation (Metasploit)
|
4 |
LOCAL
|
Metasploit
|
|
2019-09-03
|
|
ktsuss 1.4 - suid Privilege Escalation (Metasploit)
|
4 |
LOCAL
|
Metasploit
|
|
2019-09-02
|
|
Kaseya VSA agent 9.5 - Privilege Escalation
|
4 |
LOCAL
|
NF
|
|
2019-09-02
|
|
ChaosPro 3.1 - SEH Buffer Overflow
|
6 |
LOCAL
|
Jonathan Crosby
|
|
2019-09-02
|
|
ChaosPro 2.1 - SEH Buffer Overflow
|
4 |
LOCAL
|
Jonathan Crosby
|
|
2019-09-02
|
|
ChaosPro 2.0 - SEH Buffer Overflow
|
4 |
LOCAL
|
Jonathan Crosby
|
|
2019-08-30
|
|
Canon PRINT 2.5.5 - Information Disclosure
|
5 |
LOCAL
|
0x48piraj
|
|
2019-08-26
|
|
Exim 4.87 / 4.91 - Local Privilege Escalation (Metasploit)
|
3 |
LOCAL
|
Metasploit
|
|
2019-08-26
|
|
Exim 4.87 / 4.91 - Local Privilege Escalation (Metasploit)
|
4 |
LOCAL
|
Metasploit
|
|
2019-08-26
|
|
Microsoft Windows 10 - SET_REPARSE_POINT_EX Mount Point Security Feature Bypass
|
3 |
LOCAL
|
Google Security Research
|
|
2019-08-15
|
|
Microsoft Windows Text Services Framework MSCTF - Multiple Vulnerabilities
|
6 |
LOCAL
|
Google Security Research
|
|
2019-08-14
|
|
Microsoft Windows 10 AppXSvc Deployment Service - Arbitrary File Deletion
|
3 |
LOCAL
|
Abdelhamid Naceri
|
|
2019-08-12
|
|
Steam Windows Client - Local Privilege Escalation
|
5 |
LOCAL
|
AbsoZed
|
|
2019-08-12
|
|
Ghidra (Linux) 9.0.4 - .gar Arbitrary Code Execution
|
3 |
LOCAL
|
Etienne Lacoche
|
|
2019-08-01
|
|
SilverSHielD 6.x - Local Privilege Escalation
|
3 |
LOCAL
|
Ian Bredemeyer
|
|
2019-07-26
|
|
Microsoft Windows 7 build 7601 (x86) - Local Privilege Escalation
|
2 |
LOCAL
|
ShivamTrivedi
|
|
2018-12-30
|
|
Deepin Linux 15 - 'lastore-daemon' Local Privilege Escalation
|
4 |
LOCAL
|
bcoles
|
|
2019-01-12
|
|
ASAN/SUID - Local Privilege Escalation
|
4 |
LOCAL
|
bcoles
|
|
2019-01-13
|
|
Serv-U FTP Server < 15.1.7 - Local Privilege Escalation (2)
|
3 |
LOCAL
|
bcoles
|
|
2019-01-13
|
|
S-nail < 14.8.16 - Local Privilege Escalation
|
3 |
LOCAL
|
bcoles
|
|
2018-12-30
|
|
VMware Workstation/Player < 12.5.5 - Local Privilege Escalation
|
3 |
LOCAL
|
bcoles
|
|
2018-12-29
|
|
Linux Kernel 4.4.0-21 < 4.4.0-51 (Ubuntu 14.04/16.04 x64) - 'AF_PACKET' Race Condition Privilege Esc
|
3 |
LOCAL
|
bcoles
|
|
2018-12-29
|
|
Linux Kernel < 4.4.0/ < 4.8.0 (Ubuntu 14.04/16.04 / Linux Mint 17/18 / Zorin) - Local Privilege Esca
|
3 |
LOCAL
|
bcoles
|
|
2018-12-29
|
|
Linux Kernel 4.8.0-34 < 4.8.0-45 (Ubuntu / Linux Mint) - Packet Socket Local Privilege Escalation
|
3 |
LOCAL
|
bcoles
|
|
2019-01-04
|
|
Linux Kernel 4.15.x < 4.19.2 - 'map_write() CAP_SYS_ADMIN' Local Privilege Escalation (polkit Method
|
3 |
LOCAL
|
bcoles
|
|
2018-11-21
|
|
Linux Kernel 4.15.x < 4.19.2 - 'map_write() CAP_SYS_ADMIN' Local Privilege Escalation (ldpreload Met
|
3 |
LOCAL
|
bcoles
|
|
2019-01-04
|
|
Linux Kernel 4.15.x < 4.19.2 - 'map_write() CAP_SYS_ADMIN' Local Privilege Escalation (dbus Method)
|
2 |
LOCAL
|
bcoles
|
|
2018-11-21
|
|
Linux Kernel 4.15.x < 4.19.2 - 'map_write() CAP_SYS_ADMIN' Local Privilege Escalation (cron Method)
|
3 |
LOCAL
|
bcoles
|
|
2019-07-24
|
|
Linux Kernel 4.10 < 5.1.17 - 'PTRACE_TRACEME' pkexec Local Privilege Escalation
|
3 |
LOCAL
|
bcoles
|
|
2019-07-22
|
|
Comtrend-AR-5310 - Restricted Shell Escape
|
3 |
LOCAL
|
AMRI Amine
|
|
2019-07-19
|
|
Docker - Container Escape
|
3 |
LOCAL
|
dominikczarnotatob
|
|
2019-07-18
|
|
Microsoft Windows 10 1903/1809 - RPCSS Activation Kernel Security Callback Privilege Escalation
|
3 |
LOCAL
|
Google Security Research
|
|
2019-07-17
|
|
Microsoft Windows - NtUserSetWindowFNID Win32k User Callback Privilege Escalation (Metasploit)
|
3 |
LOCAL
|
Metasploit
|
|
2019-07-17
|
|
Microsoft Windows - NtUserSetWindowFNID Win32k User Callback Privilege Escalation (Metasploit)
|
3 |
LOCAL
|
Metasploit
|
|
2019-07-17
|
|
Linux - Broken Permission and Object Lifetime Handling for PTRACE_TRACEME
|
4 |
LOCAL
|
Google Security Research
|
|
2019-07-16
|
|
Microsoft Windows 10 < build 17763 - AppXSvc Hard Link Privilege Escalation (Metasploit)
|
5 |
LOCAL
|
Metasploit
|
|
2019-07-16
|
|
Microsoft Windows 10 < build 17763 - AppXSvc Hard Link Privilege Escalation (Metasploit)
|
5 |
LOCAL
|
Metasploit
|
|
2019-07-16
|
|
DameWare Remote Support 12.0.0.509 - 'Host' Buffer Overflow (SEH)
|
5 |
LOCAL
|
Xavi Beltran
|
|
2019-07-16
|
|
DameWare Remote Support 12.0.0.509 - 'Host' Buffer Overflow (SEH)
|
4 |
LOCAL
|
Xavi Beltran
|
|
2019-07-16
|
|
R 3.4.4 (Windows 10 x64) - Buffer Overflow SEH (DEP/ASLR Bypass)
|
3 |
LOCAL
|
blackleitus
|
|
2019-07-16
|
|
R 3.4.4 (Windows 10 x64) - Buffer Overflow SEH (DEP/ASLR Bypass)
|
3 |
LOCAL
|
blackleitus
|
|
2019-07-15
|
|
Streamripper 2.6 - 'Song Pattern' Buffer Overflow
|
3 |
LOCAL
|
Andrey Stoykov
|
|
2019-07-15
|
|
Streamripper 2.6 - 'Song Pattern' Buffer Overflow
|
3 |
LOCAL
|
Andrey Stoykov
|
|
2019-07-12
|
|
Microsoft Windows 10.0.17134.648 - HTTP -> SMB NTLM Reflection Leads to Privilege Elevation
|
5 |
LOCAL
|
Google Security Research
|
|
2019-07-11
|
|
SNMPc Enterprise Edition 9/10 - Mapping Filename Buffer Overflow
|
4 |
LOCAL
|
xerubus
|
|
2019-07-11
|
|
SNMPc Enterprise Edition 9/10 - Mapping Filename Buffer Overflow
|
4 |
LOCAL
|
xerubus
|
|
2019-07-10
|
|
FreeBSD 12.0 - 'fd' Local Privilege Escalation
|
5 |
LOCAL
|
gr4yf0x
|
|
2019-07-03
|
|
Serv-U FTP Server - prepareinstallation Privilege Escalation (Metasploit)
|
3 |
LOCAL
|
Metasploit
|
|
2019-07-03
|
|
Serv-U FTP Server - prepareinstallation Privilege Escalation (Metasploit)
|
5 |
LOCAL
|
Metasploit
|
|
2019-07-02
|
|
Mac OS X TimeMachine - 'tmdiagnose' Command Injection Privilege Escalation (Metasploit)
|
3 |
LOCAL
|
Metasploit
|
|
2019-06-20
|
|
Cisco Prime Infrastructure - Runrshell Privilege Escalation (Metasploit)
|
4 |
LOCAL
|
Metasploit
|
|
2019-06-20
|
|
Tuneclone 2.20 - Local SEH Buffer Overflow
|
4 |
LOCAL
|
Achilles
|
|
2019-06-18
|
|
Serv-U FTP Server < 15.1.7 - Local Privilege Escalation (1)
|
4 |
LOCAL
|
Guy Levin
|
|
2019-06-17
|
|
Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (PowerShell)
|
4 |
LOCAL
|
Gushmazuko
|
|
2019-06-17
|
|
Exim 4.87 - 4.91 - Local Privilege Escalation
|
6 |
LOCAL
|
Marco Ivaldi
|
|
2019-06-14
|
|
Aida64 6.00.5100 - 'Log to CSV File' Local SEH Buffer Overflow
|
2 |
LOCAL
|
Nipun Jaswal
|
|
2019-06-14
|
|
CentOS 7.6 - 'ptrace_scope' Privilege Escalation
|
3 |
LOCAL
|
s4vitar
|
|
2019-06-13
|
|
Pronestor Health Monitoring < 8.1.11.0 - Privilege Escalation
|
3 |
LOCAL
|
PovlTekstTV
|
|
2019-06-11
|
|
ProShow 9.0.3797 - Local Privilege Escalation
|
4 |
LOCAL
|
Yonatan_Correa
|
|
2019-06-10
|
|
Ubuntu 18.04 - 'lxd' Privilege Escalation
|
4 |
LOCAL
|
s4vitar
|
|
2019-06-07
|
|
Microsoft Windows - AppX Deployment Service Local Privilege Escalation (3)
|
4 |
LOCAL
|
SandboxEscaper
|
|
2019-06-04
|
|
Vim < 8.1.1365 / Neovim < 0.3.6 - Arbitrary Code Execution
|
4 |
LOCAL
|
Arminius
|
|
2019-06-03
|
|
Nvidia GeForce Experience Web Helper - Command Injection
|
4 |
LOCAL
|
Rhino Security Labs
|
|
2019-06-04
|
|
DVD X Player 5.5 Pro - Local Buffer Overflow (SEH)
|
5 |
LOCAL
|
Kevin Randall
|
|
2019-06-04
|
|
DVD X Player 5.5 Pro - Local Buffer Overflow (SEH)
|
6 |
LOCAL
|
Kevin Randall
|
|
2014-11-24
|
|
Microsoft Windows 8.1/ Server 2012 - 'Win32k.sys' Local Privilege Escalation (MS14-058)
|
3 |
LOCAL
|
anonymous
|
|
2019-05-23
|
|
Microsoft Windows - AppX Deployment Service Local Privilege Escalation (2)
|
4 |
LOCAL
|
SandboxEscaper
|
|
2019-05-28
|
|
EquityPandit 1.0 - Password Disclosure
|
4 |
LOCAL
|
ManhNho
|
|
2019-05-24
|
|
Axessh 4.2 - 'Log file name' Local Stack-based Buffer Overflow
|
4 |
LOCAL
|
Uday Mittal
|
|
2019-05-24
|
|
Axessh 4.2 - 'Log file name' Local Stack-based Buffer Overflow
|
4 |
LOCAL
|
Uday Mittal
|
|
2019-05-15
|
|
Microsoft Windows - 'Win32k' Local Privilege Escalation
|
4 |
LOCAL
|
Arch-Vile
|
|
2019-05-22
|
|
Microsoft Internet Explorer 11 - Sandbox Escape
|
3 |
LOCAL
|
SandboxEscaper
|
|
2019-05-22
|
|
Microsoft Windows (x86) - Task Scheduler' .job' Import Arbitrary Discretionary Access Control List W
|
6 |
LOCAL
|
SandboxEscaper
|
|
2019-05-22
|
|
Microsoft Windows (x86/x64) - 'Error Reporting' Discretionary Access Control List / Local Privilege
|
4 |
LOCAL
|
SandboxEscaper
|
|
2019-05-23
|
|
Microsoft Windows 10 (17763.379) - Install DLL
|
4 |
LOCAL
|
SandboxEscaper
|
|
2019-05-23
|
|
Apple Mac OS X - Feedback Assistant Race Condition (Metasploit)
|
4 |
LOCAL
|
Metasploit
|
|
2019-05-23
|
|
Apple Mac OS X - Feedback Assistant Race Condition (Metasploit)
|
3 |
LOCAL
|
Metasploit
|
|
2019-05-23
|
|
Microsoft Windows 10 1809 - 'CmKeyBodyRemapToVirtualForEnum' Arbitrary Key Enumeration Privilege Esc
|
4 |
LOCAL
|
Google Security Research
|
|
2019-05-20
|
|
Solaris 7/8/9 (SPARC) - 'dtprintinfo' Local Privilege Escalation (2)
|
4 |
LOCAL
|
Marco Ivaldi
|
|
2019-05-20
|
|
Solaris 7/8/9 (SPARC) - 'dtprintinfo' Local Privilege Escalation (1)
|
5 |
LOCAL
|
Marco Ivaldi
|
|
2019-05-20
|
|
Solaris 10 1/13 (Intel) - 'dtprintinfo' Local Privilege Escalation (1)
|
4 |
LOCAL
|
Marco Ivaldi
|
|
2019-05-20
|
|
Huawei eSpace 1.1.11.103 - DLL Hijacking
|
4 |
LOCAL
|
LiquidWorm
|
|
2019-05-17
|
|
Iperius Backup 6.1.0 - Privilege Escalation
|
4 |
LOCAL
|
bzyo
|
|
2019-05-16
|
|
JetAudio jetCast Server 2.0 - 'Log Directory' Local SEH Alphanumeric Encoded Buffer Overflow
|
4 |
LOCAL
|
Connor McGarr
|
|
2019-05-16
|
|
JetAudio jetCast Server 2.0 - 'Log Directory' Local SEH Alphanumeric Encoded Buffer Overflow
|
4 |
LOCAL
|
Connor McGarr
|
|
2019-05-16
|
|
VMware Workstation 15.1.0 - DLL Hijacking
|
3 |
LOCAL
|
Miguel Mendez Z. & Claudio Cortes C.
|
|
2019-05-08
|
|
MiniFtp - 'parseconf_load_setting' Buffer Overflow
|
4 |
LOCAL
|
strider
|
|
2019-05-07
|
|
Admin Express 1.2.5.485 - 'Folder Path' Local SEH Alphanumeric Encoded Buffer Overflow
|
2 |
LOCAL
|
Connor McGarr
|
|
2019-05-07
|
|
Admin Express 1.2.5.485 - 'Folder Path' Local SEH Alphanumeric Encoded Buffer Overflow
|
5 |
LOCAL
|
Connor McGarr
|
|
2019-05-06
|
|
NSClient++ 0.5.2.35 - Privilege Escalation
|
5 |
LOCAL
|
bzyo
|
|
2019-05-06
|
|
NSClient++ 0.5.2.35 - Privilege Escalation
|
4 |
LOCAL
|
bzyo
|
|
2019-04-30
|
|
DeviceViewer 3.12.0.1 - 'user' SEH Overflow
|
4 |
LOCAL
|
Hayden Wright
|
|
2019-04-30
|
|
DeviceViewer 3.12.0.1 - 'user' SEH Overflow
|
4 |
LOCAL
|
Hayden Wright
|
|
2019-04-25
|
|
RARLAB WinRAR 5.61 - ACE Format Input Validation Remote Code Execution (Metasploit)
|
3 |
LOCAL
|
Metasploit
|
|
2019-04-25
|
|
RARLAB WinRAR 5.61 - ACE Format Input Validation Remote Code Execution (Metasploit)
|
3 |
LOCAL
|
Metasploit
|
|
2019-04-25
|
|
Lavavo CD Ripper 4.20 - 'License Activation Name' Buffer Overflow (SEH)
|
3 |
LOCAL
|
Achilles
|
|
2019-04-25
|
|
Lavavo CD Ripper 4.20 - 'License Activation Name' Buffer Overflow (SEH)
|
5 |
LOCAL
|
Achilles
|
|
2019-04-24
|
|
VirtualBox 6.0.4 r128413 - COM RPC Interface Code Injection Host Privilege Escalation
|
4 |
LOCAL
|
Google Security Research
|
|
2019-04-23
|
|
Ross Video DashBoard 8.5.1 - Insecure Permissions
|
5 |
LOCAL
|
LiquidWorm
|
|
2019-04-22
|
|
LabF nfsAxe 3.7 Ping Client - 'Host IP' Buffer Overflow (Direct Ret)
|
5 |
LOCAL
|
Dino Covotsos
|
|
2019-04-22
|
|
LabF nfsAxe 3.7 Ping Client - 'Host IP' Buffer Overflow (Direct Ret)
|
6 |
LOCAL
|
Dino Covotsos
|
|
2019-04-19
|
|
SystemTap 1.3 - MODPROBE_OPTIONS Privilege Escalation (Metasploit)
|
5 |
LOCAL
|
Metasploit
|
|
2019-04-19
|
|
SystemTap 1.3 - MODPROBE_OPTIONS Privilege Escalation (Metasploit)
|
4 |
LOCAL
|
Metasploit
|
|
2019-04-18
|
|
LibreOffice < 6.0.7 / 6.1.3 - Macro Code Execution (Metasploit)
|
4 |
LOCAL
|
Metasploit
|
|
2019-04-18
|
|
LibreOffice < 6.0.7 / 6.1.3 - Macro Code Execution (Metasploit)
|
4 |
LOCAL
|
Metasploit
|
|
2019-04-18
|
|
Evernote 7.9 - Code Execution via Path Traversal
|
4 |
LOCAL
|
Dhiraj Mishra
|
|
2019-04-16
|
|
Microsoft Windows 10 1809 - LUAFV PostLuafvPostReadWrite SECTION_OBJECT_POINTERS Race Condition Priv
|
5 |
LOCAL
|
Google Security Research
|
|
2019-04-16
|
|
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cache Manager Poisoning Privilege Escalatio
|
5 |
LOCAL
|
Google Security Research
|
|
2019-04-16
|
|
Microsoft Windows 10 1809 - LUAFV NtSetCachedSigningLevel Device Guard Bypass
|
3 |
LOCAL
|
Google Security Research
|
|
2019-04-16
|
|
Microsoft Windows 10 1809 - LUAFV LuafvCopyShortName Arbitrary Short Name Privilege Escalation
|
4 |
LOCAL
|
Google Security Research
|
|
2019-04-16
|
|
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cross Process Handle Duplication Privilege
|
4 |
LOCAL
|
Google Security Research
|
|
2019-04-16
|
|
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization MAXIMUM_ACCESS DesiredAccess Privilege Esca
|
5 |
LOCAL
|
Google Security Research
|
|
2019-04-16
|
|
Microsoft Windows 10 1809 / 1709 - CSRSS SxSSrv Cached Manifest Privilege Escalation
|
5 |
LOCAL
|
Google Security Research
|
|
2019-04-16
|
|
Zoho ManageEngine ADManager Plus 6.6 (Build < 6659) - Privilege Escalation
|
5 |
LOCAL
|
Digital Interruption
|
|
2019-04-12
|
|
Microsoft Windows - Contact File Format Arbitary Code Execution (Metasploit)
|
5 |
LOCAL
|
Metasploit
|
|
2019-04-12
|
|
Microsoft Windows - Contact File Format Arbitary Code Execution (Metasploit)
|
5 |
LOCAL
|
Metasploit
|
|
2019-04-12
|
|
Microsoft Internet Explorer 11 - XML External Entity Injection
|
4 |
LOCAL
|
hyp3rlinx
|
|
2019-04-12
|
|
CyberArk EPM 10.2.1.603 - Security Restrictions Bypass
|
5 |
LOCAL
|
Alpcan Onaran
|
|
2019-04-10
|
|
FTPShell Server 6.83 - 'Virtual Path Mapping' Local Buffer
|
4 |
LOCAL
|
Dino Covotsos
|
|
2019-04-10
|
|
FTPShell Server 6.83 - 'Virtual Path Mapping' Local Buffer
|
3 |
LOCAL
|
Dino Covotsos
|
|
2019-04-10
|
|
FTPShell Server 6.83 - 'Account name to ban' Local Buffer
|
3 |
LOCAL
|
Dino Covotsos
|
|
2019-04-10
|
|
FTPShell Server 6.83 - 'Account name to ban' Local Buffer
|
4 |
LOCAL
|
Dino Covotsos
|
|
2019-04-09
|
|
Microsoft Windows - AppX Deployment Service Privilege Escalation
|
3 |
LOCAL
|
Nabeel Ahmed
|
