Exploit-Database.net

Exploits (Total: 94964)


Atlassian Confluence Widget Connector Macro - Velocity Template Injection (Metasploit)				2019-04-19
SystemTap 1.3 - MODPROBE_OPTIONS Privilege Escalation (Metasploit)				2019-04-19
Oracle Business Intelligence / XML Publisher 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - XML External Entity Injection				2019-04-19
Oracle Business Intelligence 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - Directory Traversal				2019-04-19
LibreOffice < 6.0.7 / 6.1.3 - Macro Code Execution (Metasploit)				2019-04-18
Netwide Assembler (NASM) 2.14rc15 - NULL Pointer Dereference (PoC)				2019-04-18
ManageEngine Applications Manager 11.0 < 14.0 - SQL Injection / Remote Code Execution (Metasploit)				2019-04-18
Evernote 7.9 - Code Execution via Path Traversal				2019-04-18
Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in GlyphIterator::setCurrGlyphID				2019-04-17
Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in sc_FindExtrema4				2019-04-17
DHCP Server 2.5.2 - Denial of Service (PoC)				2019-04-17
ASUS HG100 - Denial of Service				2019-04-17
MailCarrier 2.51 - POP3 'RETR' SEH Buffer Overflow				2019-04-17
Microsoft Windows 10 1809 - LUAFV PostLuafvPostReadWrite SECTION_OBJECT_POINTERS Race Condition Privilege Escalation				2019-04-16
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cache Manager Poisoning Privilege Escalation				2019-04-16
Microsoft Windows 10 1809 - LUAFV NtSetCachedSigningLevel Device Guard Bypass				2019-04-16
Microsoft Windows 10 1809 - LUAFV LuafvCopyShortName Arbitrary Short Name Privilege Escalation				2019-04-16
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cross Process Handle Duplication Privilege Escalation				2019-04-16
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization MAXIMUM_ACCESS DesiredAccess Privilege Escalation				2019-04-16
Microsoft Windows 10 1809 / 1709 - CSRSS SxSSrv Cached Manifest Privilege Escalation				2019-04-16
AdminExpress 1.2.5 - 'Folder Path' Denial of Service (PoC)				2019-04-16
Joomla Core 1.5.0 - 3.9.4 - Directory Traversal / Authenticated Arbitrary File Deletion				2019-04-16
PCHelpWare V2 1.0.0.5 - 'Group' Denial of Service (PoC)				2019-04-16
PCHelpWare V2 1.0.0.5 - 'SC' Denial of Service (PoC)				2019-04-16
Zoho ManageEngine ADManager Plus 6.6 (Build < 6659) - Privilege Escalation				2019-04-16
Zyxel ZyWall 310 / ZyWall 110 / USG1900 / ATP500 / USG40 - Login Page Cross-Site Scripting				2019-04-16
Cisco RV130W Routers - Management Interface Remote Command Execution (Metasploit)				2019-04-15
Linux/x86 - Cat File Encode to base64 and post via curl to Webserver Shellcode (125 bytes)				2019-04-15
UltraVNC Launcher 1.2.2.4 - 'Path' Denial of Service (PoC)				2019-04-15
UltraVNC Viewer 1.2.2.4 - 'VNC Server' Denial of Service (PoC)				2019-04-15
MailCarrier 2.51 - POP3 'TOP' SEH Buffer Overflow				2019-04-15
MailCarrier 2.51 - POP3 'LIST' SEH Buffer Overflow				2019-04-15
MailCarrier 2.51 - POP3 'USER' Buffer Overflow				2019-04-15
CuteNews 2.1.2 - 'avatar' Remote Code Execution (Metasploit)				2019-04-15
RemoteMouse 3.008 - Arbitrary Remote Command Execution				2019-04-15
Linux/x86 - MMX-PUNPCKLBW Encoder Shellcode (61 bytes)				2019-04-15
MailCarrier 2.51 - 'RCPT TO' Buffer Overflow				2019-04-15
DirectAdmin 1.561 - Multiple Vulnerabilities				2019-04-15
Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)				2019-04-12
Microsoft Windows - Contact File Format Arbitary Code Execution (Metasploit)				2019-04-12
ATutor < 2.2.4 - 'file_manager' Remote Code Execution (Metasploit)				2019-04-12
Microsoft Internet Explorer 11 - XML External Entity Injection				2019-04-12
Linux/x86 - Add User to Passwd File Shellcode (149 bytes)				2019-04-12
CyberArk EPM 10.2.1.603 - Security Restrictions Bypass				2019-04-12
D-Link DI-524 V2.06RU - Multiple Cross-Site Scripting				2019-04-10
FTPShell Server 6.83 - 'Virtual Path Mapping' Local Buffer				2019-04-10
FTPShell Server 6.83 - 'Account name to ban' Local Buffer				2019-04-10
Dell KACE Systems Management Appliance (K1000) 6.4.120756 - Unauthenticated Remote Code Execution				2019-04-10
Microsoft Windows - AppX Deployment Service Privilege Escalation				2019-04-09
Apache Axis 1.4 - Remote Code Execution				2019-04-09
Ashop Shopping Cart Software - 'bannedcustomers.php?blacklistitemid' SQL Injection				2019-04-09
Linux/x64 - XANAX Decoder Shellcode (127 bytes)				2019-04-09
Linux/x64 - XANAX Encoder Shellcode (127 bytes)				2019-04-09
TP-LINK TL-WR940N / TL-WR941ND - Buffer Overflow				2019-04-09
PHP 7.2 - 'imagecolormatch()' Out of Band Heap Write				2019-04-09
Apache 2.4.17 < 2.4.38 - 'apache2ctl graceful' 'logrotate' Local Privilege Escalation				2019-04-08
QNAP Netatalk < 3.1.12 - Authentication Bypass				2019-04-08
ManageEngine ServiceDesk Plus 9.3 - User Enumeration				2019-04-08
Download Accelerator Plus (DAP) 10.0.6.0 - SEH Buffer Overflow				2019-04-08
WordPress Plugin Limit Login Attempts Reloaded 2.7.4 - Login Limit Bypass				2019-04-08
Tradebox CryptoCurrency - 'symbol' SQL Injection				2019-04-08
River Past Cam Do 3.7.6 - 'Activation Code' Local Buffer Overflow				2019-04-08
CentOS Web Panel 0.9.8.793 (Free) / 0.9.8.753 (Pro) - Cross-Site Scripting				2019-04-08
AllPlayer 7.4 - SEH Buffer Overflow (Unicode)				2019-04-08
SaLICru -SLC-20-cube3(5) - HTML Injection				2019-04-08
ShoreTel Connect ONSITE < 19.49.1500.0 - Multiple Vulnerabilities				2019-04-08
FlexHEX 2.71 - SEH Buffer Overflow (Unicode)				2019-04-08
Bolt CMS 3.6.6 - Cross-Site Request Forgery / Remote Code Execution				2019-04-08
Jobgator - 'experience' SQL Injection				2019-04-08
WordPress 5.0.0 - Crop-image Shell Upload (Metasploit)				2019-04-05
WordPress Plugin Contact Form Maker 1.13.1 - Cross-Site Request Forgery				2019-04-05
AIDA64 Extreme 5.99.4900 - 'Logging' SEH Buffer Overflow				2019-04-05
Manage Engine ServiceDesk Plus 9.3 - Privilege Escalation				2019-04-05
FreeSMS 2.1.2 - SQL Injection (Authentication Bypass)				2019-04-04
AIDA64 Engineer 5.99.4900 - 'Load from file' Field Buffer Overflow (SEH)				2019-04-04
Magic ISO Maker 5.5(build 281) - 'Serial Code' Denial of Service (PoC)				2019-04-04
Cisco RV320 and RV325 - Unauthenticated Remote Code Execution (Metasploit)				2019-04-03
Google Chrome 72.0.3626.96 / 74.0.3702.0 - 'JSPromise::TriggerPromiseReactions' Type Confusion				2019-04-03
Google Chrome 73.0.3683.39 / Chromium 74.0.3712.0 - 'ReadableStream' Internal Object Leak Type Confusion				2019-04-03
Google Chrome 72.0.3626.81 - 'V8TrustedTypePolicyOptions::ToImpl' Type Confusion				2019-04-03
WebKitGTK+ - 'ThreadedCompositor' Race Condition				2019-04-03
WebKit JavaScriptCore - CodeBlock Dangling Watchpoints Use-After-Free				2019-04-03
WebKit JavaScriptCore - Out-Of-Bounds Access in FTL JIT due to LICM Moving Array Access Before the Bounds Check				2019-04-03
iOS < 12.2 / macOS < 10.14.4 XNU - pidversion Increment During execve is Unsafe				2019-04-03
WebKit JavaScriptCore - 'createRegExpMatchesArray' Type Confusion				2019-04-03
SpiderMonkey - IonMonkey Compiled Code Fails to Update Inferred Property Types (Type Confusion)				2019-04-03
PhreeBooks ERP 5.2.3 - Remote Command Execution				2019-04-03
PhreeBooks ERP 5.2.3 - Arbitrary File Upload				2019-04-03
Ashop Shopping Cart Software - SQL Injection				2019-04-03
Clinic Pro v4 - 'month' SQL Injection				2019-04-03
TeemIp IPAM < 2.4.0 - 'new_config' Command Injection (Metasploit)				2019-04-03
iScripts ReserveLogic - SQL Injection				2019-04-03
AIDA64 Business 5.99.4900 - SEH Buffer Overflow (EggHunter)				2019-04-03
phpFileManager 1.7.8 - Local File Inclusion				2019-04-03
Fiverr Clone Script 1.2.2 - SQL Injection / Cross-Site Scripting				2019-04-03
AIDA64 Extreme Edition 5.99.4800 - Local SEH Buffer Overflow				2019-04-03
CMS Made Simple < 2.2.10 - SQL Injection				2019-04-03
LimeSurvey < 3.16 - Remote Code Execution				2019-04-03
JioFi 4G M2S 1.0.2 - Cross-Site Request Forgery				2019-04-03
WordPress Plugin PayPal Checkout Payment Gateway 1.6.8 - Parameter Tampering				2019-04-03

Exploits/page:

Page: