|
nipper-ng 0.11.10 - Remote Buffer Overflow (PoC)
|
|
2019-11-18
|
|
TemaTres 3.0 - 'value' Persistent Cross-site Scripting
|
|
2019-11-18
|
|
Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service (PoC)
|
|
2019-11-18
|
|
TemaTres 3.0 - Cross-Site Request Forgery (Add Admin)
|
|
2019-11-18
|
|
Centova Cast 3.2.11 - Arbitrary File Download
|
|
2019-11-18
|
|
NCP_Secure_Entry_Client 9.2 - Unquoted Service Paths
|
|
2019-11-18
|
|
MobileGo 8.5.0 - Insecure File Permissions
|
|
2019-11-18
|
|
Crystal Live HTTP Server 6.01 - Directory Traversal
|
|
2019-11-18
|
|
Open Proficy HMI-SCADA 5.0.0.25920 - 'Password' Denial of Service (PoC)
|
|
2019-11-18
|
|
ASUS HM Com Service 1.00.31 - 'asHMComSvc' Unquoted Service Path
|
|
2019-11-18
|
|
Lexmark Services Monitor 2.27.4.0.39 - Directory Traversal
|
|
2019-11-18
|
|
iSmartViewPro 1.3.34 - Denial of Service (PoC)
|
|
2019-11-18
|
|
Emerson PAC Machine Edition 9.70 Build 8595 - 'FxControlRuntime' Unquoted Service Path
|
|
2019-11-18
|
|
Shrew Soft VPN Client 2.2.2 - 'iked' Unquoted Service Path
|
|
2019-11-15
|
|
Xfilesharing 2.5.1 - Arbitrary File Upload
|
|
2019-11-14
|
|
oXygen XML Editor 21.1.1 - XML External Entity Injection
|
|
2019-11-14
|
|
Siemens Desigo PX 6.00 - Denial of Service (PoC)
|
|
2019-11-14
|
|
ScanGuard Antivirus 2020 - Insecure Folder Permissions
|
|
2019-11-13
|
|
Fastweb Fastgate 0.00.81 - Remote Code Execution
|
|
2019-11-13
|
|
gSOAP 2.8 - Directory Traversal
|
|
2019-11-13
|
|
Technicolor TC7300.B0 - 'hostname' Persistent Cross-Site Scripting
|
|
2019-11-13
|
|
Technicolor TD5130.2 - Remote Command Execution
|
|
2019-11-13
|
|
FUDForum 3.0.9 - Remote Code Execution
|
|
2019-11-13
|
|
Linear eMerge E3 1.00-06 - Remote Code Execution
|
|
2019-11-13
|
|
Bematech Printer MP-4200 - Denial of Service
|
|
2019-11-12
|
|
Wondershare Application Framework Service - "WsAppService" Unquote Service Path
|
|
2019-11-12
|
|
Control Center PRO 6.2.9 - Local Stack Based Buffer Overflow (SEH)
|
|
2019-11-12
|
|
FlexAir Access Control 2.3.35 - Authentication Bypass
|
|
2019-11-12
|
|
Adrenalin Core HCM 5.4.0 - 'ReportID' Reflected Cross-Site Scripting
|
|
2019-11-12
|
|
RTK IIS Codec Service 6.4.10041.133 - 'RtkI2SCodec' Unquote Service Path
|
|
2019-11-12
|
|
Optergy 2.3.0a - Remote Code Execution (Backdoor)
|
|
2019-11-12
|
|
Optergy 2.3.0a - Username Disclosure
|
|
2019-11-12
|
|
Optergy 2.3.0a - Cross-Site Request Forgery (Add Admin)
|
|
2019-11-12
|
|
FlexAir Access Control 2.4.9api3 - Remote Code Execution
|
|
2019-11-12
|
|
Alps Pointing-device Controller 8.1202.1711.04 - 'ApHidMonitorService' Unquoted Service Path
|
|
2019-11-12
|
|
Optergy 2.3.0a - Remote Code Execution
|
|
2019-11-12
|
|
Atlassian Confluence 6.15.1 - Directory Traversal (Metasploit)
|
|
2019-11-12
|
|
Prima Access Control 2.3.35 - Arbitrary File Upload
|
|
2019-11-12
|
|
Prima Access Control 2.3.35 - 'HwName' Persistent Cross-Site Scripting
|
|
2019-11-12
|
|
Joomla 3.9.13 - 'Host' Header Injection
|
|
2019-11-12
|
|
CBAS-Web 19.0.0 - 'id' Boolean-based Blind SQL Injection
|
|
2019-11-12
|
|
CBAS-Web 19.0.0 - Username Enumeration
|
|
2019-11-12
|
|
CBAS-Web 19.0.0 - Information Disclosure
|
|
2019-11-12
|
|
CBAS-Web 19.0.0 - Cross-Site Request Forgery (Add Super Admin)
|
|
2019-11-12
|
|
CBAS-Web 19.0.0 - Remote Code Execution
|
|
2019-11-12
|
|
eMerge E3 Access Controller 4.6.07 - Remote Code Execution (Metasploit)
|
|
2019-11-12
|
|
eMerge E3 Access Controller 4.6.07 - Remote Code Execution
|
|
2019-11-12
|
|
eMerge50P 5000P 4.6.07 - Remote Code Execution
|
|
2019-11-12
|
|
eMerge E3 1.00-06 - 'layout' Reflected Cross-Site Scripting
|
|
2019-11-12
|
|
eMerge E3 1.00-06 - Arbitrary File Upload
|
|
2019-11-12
|
|
Atlassian Confluence 6.15.1 - Directory Traversal
|
|
2019-11-12
|
|
eMerge E3 1.00-06 - Cross-Site Request Forgery
|
|
2019-11-12
|
|
eMerge E3 1.00-06 - Remote Code Execution
|
|
2019-11-12
|
|
eMerge E3 1.00-06 - Privilege Escalation
|
|
2019-11-12
|
|
Wondershare Application Framework Service 2.4.3.231 - 'WsAppService' Unquote Service Path
|
|
2019-11-12
|
|
eMerge E3 1.00-06 - Unauthenticated Directory Traversal
|
|
2019-11-12
|
|
Acronis True Image OEM 19.0.5128 - 'afcdpsrv' Unquoted Service Path
|
|
2019-11-12
|
|
Computrols CBAS-Web 19.0.0 - 'username' Reflected Cross-Site Scripting
|
|
2019-11-12
|
|
Adrenalin Core HCM 5.4.0 - 'prntDDLCntrlName' Reflected Cross-Site Scripting
|
|
2019-11-12
|
|
Prima FlexAir Access Control 2.3.38 - Remote Code Execution
|
|
2019-11-12
|
|
Adrenalin Core HCM 5.4.0 - 'strAction' Reflected Cross-Site Scripting
|
|
2019-11-12
|
|
Adobe Acrobat Reader DC for Windows - Use of Uninitialized Pointer due to Malformed OTF Font (CFF Table)
|
|
2019-11-11
|
|
Adobe Acrobat Reader DC for Windows - Use of Uninitialized Pointer due to Malformed JBIG2Globals Stream
|
|
2019-11-11
|
|
iMessage - Decoding NSSharedKeyDictionary can read ObjC Object at Attacker Controlled Address
|
|
2019-11-11
|
|
iOS IOUSBDeviceFamily 12.4.1 - 'IOInterruptEventSource' Heap Corruption (PoC)
|
|
2019-11-11
|
|
XML Notepad 2.8.0.4 - XML External Entity Injection
|
|
2019-11-11
|
|
Alps HID Monitor Service 8.1.0.10 - 'ApHidMonitorService' Unquote Service Path
|
|
2019-11-11
|
|
_GCafé 3.0 - 'gbClienService' Unquoted Service Path
|
|
2019-11-11
|
|
Nextcloud 17 - Cross-Site Request Forgery
|
|
2019-11-08
|
|
rConfig - install Command Execution (Metasploit)
|
|
2019-11-08
|
|
Android Janus - APK Signature Bypass (Metasploit)
|
|
2019-11-08
|
|
Adive Framework 2.0.7 - Privilege Escalation
|
|
2019-11-08
|
|
SolarWinds Kiwi Syslog Server 8.3.52 - 'Kiwi Syslog Server' Unquoted Service Path
|
|
2019-11-08
|
|
Jenkins build-metrics plugin 1.3 - 'label' Cross-Site Scripting
|
|
2019-11-08
|
|
Adaware Web Companion version 4.8.2078.3950 - 'WCAssistantService' Unquoted Service Path
|
|
2019-11-07
|
|
Smartwares HOME easy 1.0.9 - Database Backup Information Disclosure
|
|
2019-11-06
|
|
Smartwares HOME easy 1.0.9 - Client-Side Authentication Bypass
|
|
2019-11-06
|
|
QNAP NetBak Replicator 4.5.6.0607 - 'QVssService' Unquoted Service Path
|
|
2019-11-06
|
|
Wacom WTabletService 6.6.7-3 - 'WTabletServicePro' Unquoted Service Path
|
|
2019-11-06
|
|
macOS XNU - Missing Locking in checkdirs_callback() Enables Race with fchdir_common()
|
|
2019-11-05
|
|
WebKit - Universal XSS in JSObject::putInlineSlow and JSValue::putToPrimitive
|
|
2019-11-05
|
|
JavaScriptCore - Type Confusion During Bailout when Reconstructing Arguments Objects
|
|
2019-11-05
|
|
SD.NET RIM 4.7.3c - 'idtyp' SQL Injection
|
|
2019-11-05
|
|
html5_snmp 1.11 - 'Router_ID' SQL Injection
|
|
2019-11-05
|
|
html5_snmp 1.11 - 'Remark' Persistent Cross-Site Scripting
|
|
2019-11-05
|
|
FileOptimizer 14.00.2524 - Denial of Service (PoC)
|
|
2019-11-05
|
|
rimbalinux AhadPOS 1.11 - 'alamatCustomer' SQL Injection
|
|
2019-11-05
|
|
Network Inventory Advisor 5.0.26.0 - 'niaservice' Unquoted Service Path
|
|
2019-11-05
|
|
thrsrossi Millhouse-Project 1.414 - 'content' Persistent Cross-Site Scripting
|
|
2019-11-05
|
|
Blue Stacks App Player 2.4.44.62.57 - "BstHdLogRotatorSvc" Unquote Service Path
|
|
2019-11-05
|
|
thejshen Globitek CMS 1.4 - 'id' SQL Injection
|
|
2019-11-05
|
|
Micro Focus (HPE) Data Protector - SUID Privilege Escalation (Metasploit)
|
|
2019-11-04
|
|
Covert Channel and Data Hiding in TCP/IP
|
|
2019-11-04
|
|
Apple macOS 10.15.1 - Denial of Service (PoC)
|
|
2019-11-04
|
|
Launch Manager 6.1.7600.16385 - 'DsiWMIService' Unquoted Service Path
|
|
2019-11-04
|
|
Ayukov NFTP client 1.71 - 'SYST' Buffer Overflow
|
|
2019-11-04
|
|
OpenVPN Connect 3.0.0.272 - 'ovpnagent' Unquoted Service Path
|
|
2019-11-04
|
|
Aida64 6.10.5200 - Buffer Overflow (SEH)
|
|
2019-11-04
|
|
Nostromo - Directory Traversal Remote Command Execution (Metasploit)
|
|
2019-11-01
|
|
Apache Solr 8.2.0 - Remote Code Execution
|
|
2019-11-01
|