|
DomainMOD 4.11.01 - 'DisplayName' Cross-Site Scripting
|
|
2018-12-09
|
|
Adiscon LogAnalyzer 4.1.7 - Cross-Site Scripting
|
|
2018-12-09
|
|
i-doit CMDB 1.11.2 - Remote Code Execution
|
|
2018-12-09
|
|
Textpad 8.1.2 - Denial Of Service (PoC)
|
|
2018-12-09
|
|
HasanMWB 1.0 - SQL Injection
|
|
2018-12-08
|
|
FreshRSS 1.11.1 - Cross-Site Scripting
|
|
2018-12-08
|
|
Emacs - movemail Privilege Escalation (Metasploit)
|
|
2018-12-08
|
|
HP Intelligent Management - Java Deserialization RCE (Metasploit)
|
|
2018-12-08
|
|
Wireshark - 'find_signature' Heap Out-of-Bounds Read
|
|
2018-12-08
|
|
Wireshark - 'cdma2k_message_ACTIVE_SET_RECORD_FIELDS' Stack Corruption
|
|
2018-12-08
|
|
DomainMOD 4.11.01 - Registrar Cross-Site Scripting
|
|
2018-12-08
|
|
NUUO NVRMini2 3.9.1 - Authenticated Command Injection
|
|
2018-12-08
|
|
DomainMOD 4.11.01 - Custom SSL Fields Cross-Site Scripting
|
|
2018-12-08
|
|
DomainMOD 4.11.01 - Custom Domain Fields Cross-Site Scripting
|
|
2018-12-08
|
|
Dolibarr ERP/CRM 8.0.3 - Cross-Site Scripting
|
|
2018-12-08
|
|
KeyBase Botnet 1.5 - SQL Injection
|
|
2018-12-08
|
|
Linux/x64 - Reverse (0.0.0.0:1907/TCP) Shell Shellcode (119 Bytes)
|
|
2018-12-08
|
|
NEC Univerge Sv9100 WebPro - 6.00 - Predictable Session ID / Clear Text Password Storage
|
|
2018-12-08
|
|
DomainMOD 4.11.01 - Owner name Field Cross-Site Scripting
|
|
2018-12-08
|
|
Linux/x86 - /usr/bin/head -n99 cat etc/passwd Shellcode (61 Bytes)
|
|
2018-12-08
|
|
OpenSSH < 7.7 - User Enumeration (2)
|
|
2018-12-08
|
|
Xorg X11 Server (AIX) - Local Privilege Escalation
|
|
2018-12-08
|
|
Rockwell Automation Allen-Bradley PowerMonitor 1000 - Incorrect Access Control Authentication Bypass
|
|
2018-12-08
|
|
Microsoft Lync for Mac 2011 - Injection Forced Browsing/Download
|
|
2018-12-08
|
|
WordPress Plugin Advanced-Custom-Fields 5.7.7 - Cross-Site Scripting
|
|
2018-12-08
|
|
Budabot 4.0 - Denial of Service (PoC)
|
|
2018-12-08
|
|
Apache Superset < 0.23 - Remote Code Execution
|
|
2018-12-08
|
|
PHP Server Monitor 3.3.1 - Cross-Site Request Forgery
|
|
2018-12-08
|
|
Mozilla Firefox 63.0.1 - Denial of Service (PoC)
|
|
2018-12-08
|
|
Joomla! Component JE Photo Gallery 1.1 - 'categoryid' SQL Injection
|
|
2018-12-08
|
|
PaloAlto Networks Expedition Migration Tool 1.0.106 - Information Disclosure
|
|
2018-12-08
|
|
Rockwell Automation Allen-Bradley PowerMonitor 1000 - Cross-Site Scripting
|
|
2018-12-08
|
|
Fleetco Fleet Maintenance Management 1.2 - Remote Code Execution
|
|
2018-12-08
|
|
CyberArk 9.7 - Memory Disclosure
|
|
2018-12-08
|
|
Apache Spark - Unauthenticated Command Execution (Metasploit)
|
|
2018-12-08
|
|
VBScript - 'rtFilter' Out-of-Bounds Read
|
|
2018-12-08
|
|
VBScript - 'OLEAUT32!VariantClear' and 'scrrun!VBADictionary::put_Item' Use-After-Free
|
|
2018-12-08
|
|
xorg-x11-server < 1.20.3 - 'modulepath' Local Privilege Escalation
|
|
2018-12-08
|
|
HTML5 Video Player 1.2.5 - Buffer Overflow (Metasploit)
|
|
2018-12-08
|
|
Synaccess netBooter NP-02x/NP-08x 6.8 - Authentication Bypass
|
|
2018-12-08
|
|
Linux Kernel 4.8 (Ubuntu 16.04) - Leak sctp Kernel Pointer
|
|
2018-12-08
|
|
Schneider Electric PLC - Session Calculation Authentication Bypass
|
|
2018-12-08
|
|
TeamCity Agent - XML-RPC Command Execution (Metasploit)
|
|
2018-12-08
|
|
Mac OS X - libxpc MITM Privilege Escalation (Metasploit)
|
|
2018-12-08
|
|
Linux - Nested User Namespace idmap Limit Local Privilege Escalation (Metasploit)
|
|
2018-12-08
|
|
PHP imap_open - Remote Code Execution (Metasploit)
|
|
2018-12-08
|
|
Unitrends Enterprise Backup - bpserverd Privilege Escalation (Metasploit)
|
|
2018-12-08
|
|
WebKit JSC - BytecodeGenerator::hoistSloppyModeFunctionIfNecessary Does not Invalidate the 'ForInContext' Object
|
|
2018-12-08
|
|
WebKit JIT - 'ByteCodeParser::handleIntrinsicCall' Type Confusion
|
|
2018-12-08
|
|
WebKit JSC JIT - 'JSPropertyNameEnumerator' Type Confusion
|
|
2018-12-08
|