Exploits (Total: 94964)

    
    
    
Atlassian Confluence Widget Connector Macro - Velocity Template Injection (Metasploit)
2019-04-19
SystemTap 1.3 - MODPROBE_OPTIONS Privilege Escalation (Metasploit)
2019-04-19
Oracle Business Intelligence / XML Publisher 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - XML External Entity Injection
2019-04-19
Oracle Business Intelligence 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - Directory Traversal
2019-04-19
LibreOffice < 6.0.7 / 6.1.3 - Macro Code Execution (Metasploit)
2019-04-18
Netwide Assembler (NASM) 2.14rc15 - NULL Pointer Dereference (PoC)
2019-04-18
ManageEngine Applications Manager 11.0 < 14.0 - SQL Injection / Remote Code Execution (Metasploit)
2019-04-18
Evernote 7.9 - Code Execution via Path Traversal
2019-04-18
Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in GlyphIterator::setCurrGlyphID
2019-04-17
Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in sc_FindExtrema4
2019-04-17
DHCP Server 2.5.2 - Denial of Service (PoC)
2019-04-17
ASUS HG100 - Denial of Service
2019-04-17
MailCarrier 2.51 - POP3 'RETR' SEH Buffer Overflow
2019-04-17
Microsoft Windows 10 1809 - LUAFV PostLuafvPostReadWrite SECTION_OBJECT_POINTERS Race Condition Privilege Escalation
2019-04-16
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cache Manager Poisoning Privilege Escalation
2019-04-16
Microsoft Windows 10 1809 - LUAFV NtSetCachedSigningLevel Device Guard Bypass
2019-04-16
Microsoft Windows 10 1809 - LUAFV LuafvCopyShortName Arbitrary Short Name Privilege Escalation
2019-04-16
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cross Process Handle Duplication Privilege Escalation
2019-04-16
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization MAXIMUM_ACCESS DesiredAccess Privilege Escalation
2019-04-16
Microsoft Windows 10 1809 / 1709 - CSRSS SxSSrv Cached Manifest Privilege Escalation
2019-04-16
AdminExpress 1.2.5 - 'Folder Path' Denial of Service (PoC)
2019-04-16
Joomla Core 1.5.0 - 3.9.4 - Directory Traversal / Authenticated Arbitrary File Deletion
2019-04-16
PCHelpWare V2 1.0.0.5 - 'Group' Denial of Service (PoC)
2019-04-16
PCHelpWare V2 1.0.0.5 - 'SC' Denial of Service (PoC)
2019-04-16
Zoho ManageEngine ADManager Plus 6.6 (Build < 6659) - Privilege Escalation
2019-04-16
Zyxel ZyWall 310 / ZyWall 110 / USG1900 / ATP500 / USG40 - Login Page Cross-Site Scripting
2019-04-16
Cisco RV130W Routers - Management Interface Remote Command Execution (Metasploit)
2019-04-15
Linux/x86 - Cat File Encode to base64 and post via curl to Webserver Shellcode (125 bytes)
2019-04-15
UltraVNC Launcher 1.2.2.4 - 'Path' Denial of Service (PoC)
2019-04-15
UltraVNC Viewer 1.2.2.4 - 'VNC Server' Denial of Service (PoC)
2019-04-15
MailCarrier 2.51 - POP3 'TOP' SEH Buffer Overflow
2019-04-15
MailCarrier 2.51 - POP3 'LIST' SEH Buffer Overflow
2019-04-15
MailCarrier 2.51 - POP3 'USER' Buffer Overflow
2019-04-15
CuteNews 2.1.2 - 'avatar' Remote Code Execution (Metasploit)
2019-04-15
RemoteMouse 3.008 - Arbitrary Remote Command Execution
2019-04-15
Linux/x86 - MMX-PUNPCKLBW Encoder Shellcode (61 bytes)
2019-04-15
MailCarrier 2.51 - 'RCPT TO' Buffer Overflow
2019-04-15
DirectAdmin 1.561 - Multiple Vulnerabilities
2019-04-15
Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)
2019-04-12
Microsoft Windows - Contact File Format Arbitary Code Execution (Metasploit)
2019-04-12
ATutor < 2.2.4 - 'file_manager' Remote Code Execution (Metasploit)
2019-04-12
Microsoft Internet Explorer 11 - XML External Entity Injection
2019-04-12
Linux/x86 - Add User to Passwd File Shellcode (149 bytes)
2019-04-12
CyberArk EPM 10.2.1.603 - Security Restrictions Bypass
2019-04-12
D-Link DI-524 V2.06RU - Multiple Cross-Site Scripting
2019-04-10
FTPShell Server 6.83 - 'Virtual Path Mapping' Local Buffer
2019-04-10
FTPShell Server 6.83 - 'Account name to ban' Local Buffer
2019-04-10
Dell KACE Systems Management Appliance (K1000) 6.4.120756 - Unauthenticated Remote Code Execution
2019-04-10
Microsoft Windows - AppX Deployment Service Privilege Escalation
2019-04-09
Apache Axis 1.4 - Remote Code Execution
2019-04-09
Ashop Shopping Cart Software - 'bannedcustomers.php?blacklistitemid' SQL Injection
2019-04-09
Linux/x64 - XANAX Decoder Shellcode (127 bytes)
2019-04-09
Linux/x64 - XANAX Encoder Shellcode (127 bytes)
2019-04-09
TP-LINK TL-WR940N / TL-WR941ND - Buffer Overflow
2019-04-09
PHP 7.2 - 'imagecolormatch()' Out of Band Heap Write
2019-04-09
Apache 2.4.17 < 2.4.38 - 'apache2ctl graceful' 'logrotate' Local Privilege Escalation
2019-04-08
QNAP Netatalk < 3.1.12 - Authentication Bypass
2019-04-08
ManageEngine ServiceDesk Plus 9.3 - User Enumeration
2019-04-08
Download Accelerator Plus (DAP) 10.0.6.0 - SEH Buffer Overflow
2019-04-08
WordPress Plugin Limit Login Attempts Reloaded 2.7.4 - Login Limit Bypass
2019-04-08
Tradebox CryptoCurrency - 'symbol' SQL Injection
2019-04-08
River Past Cam Do 3.7.6 - 'Activation Code' Local Buffer Overflow
2019-04-08
CentOS Web Panel 0.9.8.793 (Free) / 0.9.8.753 (Pro) - Cross-Site Scripting
2019-04-08
AllPlayer 7.4 - SEH Buffer Overflow (Unicode)
2019-04-08
SaLICru -SLC-20-cube3(5) - HTML Injection
2019-04-08
ShoreTel Connect ONSITE < 19.49.1500.0 - Multiple Vulnerabilities
2019-04-08
FlexHEX 2.71 - SEH Buffer Overflow (Unicode)
2019-04-08
Bolt CMS 3.6.6 - Cross-Site Request Forgery / Remote Code Execution
2019-04-08
Jobgator - 'experience' SQL Injection
2019-04-08
WordPress 5.0.0 - Crop-image Shell Upload (Metasploit)
2019-04-05
WordPress Plugin Contact Form Maker 1.13.1 - Cross-Site Request Forgery
2019-04-05
AIDA64 Extreme 5.99.4900 - 'Logging' SEH Buffer Overflow
2019-04-05
Manage Engine ServiceDesk Plus 9.3 - Privilege Escalation
2019-04-05
FreeSMS 2.1.2 - SQL Injection (Authentication Bypass)
2019-04-04
AIDA64 Engineer 5.99.4900 - 'Load from file' Field Buffer Overflow (SEH)
2019-04-04
Magic ISO Maker 5.5(build 281) - 'Serial Code' Denial of Service (PoC)
2019-04-04
Cisco RV320 and RV325 - Unauthenticated Remote Code Execution (Metasploit)
2019-04-03
Google Chrome 72.0.3626.96 / 74.0.3702.0 - 'JSPromise::TriggerPromiseReactions' Type Confusion
2019-04-03
Google Chrome 73.0.3683.39 / Chromium 74.0.3712.0 - 'ReadableStream' Internal Object Leak Type Confusion
2019-04-03
Google Chrome 72.0.3626.81 - 'V8TrustedTypePolicyOptions::ToImpl' Type Confusion
2019-04-03
WebKitGTK+ - 'ThreadedCompositor' Race Condition
2019-04-03
WebKit JavaScriptCore - CodeBlock Dangling Watchpoints Use-After-Free
2019-04-03
WebKit JavaScriptCore - Out-Of-Bounds Access in FTL JIT due to LICM Moving Array Access Before the Bounds Check
2019-04-03
iOS < 12.2 / macOS < 10.14.4 XNU - pidversion Increment During execve is Unsafe
2019-04-03
WebKit JavaScriptCore - 'createRegExpMatchesArray' Type Confusion
2019-04-03
SpiderMonkey - IonMonkey Compiled Code Fails to Update Inferred Property Types (Type Confusion)
2019-04-03
PhreeBooks ERP 5.2.3 - Remote Command Execution
2019-04-03
PhreeBooks ERP 5.2.3 - Arbitrary File Upload
2019-04-03
Ashop Shopping Cart Software - SQL Injection
2019-04-03
Clinic Pro v4 - 'month' SQL Injection
2019-04-03
TeemIp IPAM < 2.4.0 - 'new_config' Command Injection (Metasploit)
2019-04-03
iScripts ReserveLogic - SQL Injection
2019-04-03
AIDA64 Business 5.99.4900 - SEH Buffer Overflow (EggHunter)
2019-04-03
phpFileManager 1.7.8 - Local File Inclusion
2019-04-03
Fiverr Clone Script 1.2.2 - SQL Injection / Cross-Site Scripting
2019-04-03
AIDA64 Extreme Edition 5.99.4800 - Local SEH Buffer Overflow
2019-04-03
CMS Made Simple < 2.2.10 - SQL Injection
2019-04-03
LimeSurvey < 3.16 - Remote Code Execution
2019-04-03
JioFi 4G M2S 1.0.2 - Cross-Site Request Forgery
2019-04-03
WordPress Plugin PayPal Checkout Payment Gateway 1.6.8 - Parameter Tampering
2019-04-03
Exploits/page:


Page:
1.3.0 (www02)