Exploits (Total: 98598)

    
    
    
MagicSpam 2.0.13 - Insecure File Permission Vulnerability
2018-01-16
Photo Vault v1.2 iOS - Insecure Authentication Vulnerability
2018-01-16
Icyphoenix 2.2.0.105 - Multiple SQL Injection Vulnerabilities
2018-01-16
Piwigo v2.8.2 & 2.9.2 CMS - Multiple Cross Site Vulnerabilities
2018-01-16
WpJobBoard v4.4.4 - Multiple SQL Injection Vulnerabilities
2018-01-16
iJoomla com_adagency 6.0.9 - SQL Injection Vulnerabilities
2018-01-16
Flash Operator Panel v2.31.03 - Command Execution
2018-01-16
Synology Photo Station 6.8.2-3461 - 'SYNOPHOTO_Flickr_MultiUpload' Race Condition File Write Remote Code Execution
2018-01-15
OpenBSD/x86 - reboot() Shellcode (15 bytes)
2018-01-15
Linux/x86-64 - sethostname(Rooted !) + killall Shellcode (33 bytes)
2018-01-15
Linux/x86-64 - setreuid(0,0) + execve(/bin/zsh, [/bin/zsh, NULL]) + XOR Encoded Shellcode (87 bytes)
2018-01-15
Linux/x86-64 - setreuid(0,0) + execve(/bin/ksh, [/bin/ksh, NULL]) + XOR Encoded Shellcode (87 bytes)
2018-01-15
Linux/x86-64 - setreuid(0,0) + execve(/bin/csh, [/bin/csh, NULL]) + XOR Encoded Shellcode (87 bytes)
2018-01-15
Linux/x86-64 - setreuid(0,0) + execve(/bin/ash,NULL,NULL) + XOR Encoded Shellcode (85 bytes)
2018-01-15
Linux/x86-64 - Reverse TCP (127.0.0.1:1337/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (109 bytes)
2018-01-15
Linux/x86-64 - Bind TCP (1337/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (131 bytes)
2018-01-15
Flash Operator Panel 2.31.03 - Command Execution
2018-01-15
Linux/x86-64 - Reverse TCP (192.168.1.10:31337/TCP) Shell Shellcode (118 bytes)
2018-01-15
Linux/x86-64 - Bind TCP (31337/TCP) Shell Shellcode (150 bytes)
2018-01-15
Linux/x86-64 - Bind TCP (Random TCP Port) Shell Shellcode (57 bytes)
2018-01-15
OBS studio 20.1.3 - Local Buffer Overflow
2018-01-15
ILIAS < 5.2.4 - Cross-Site Scripting
2018-01-15
Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect
2018-01-15
Oracle PeopleSoft 8.5x - Remote Code Execution
2018-01-15
Adminer 4.3.1 - Server-Side Request Forgery
2018-01-15
RISE 1.9 - 'search' SQL Injection
2018-01-15
PerfexCRM 1.9.7 - Arbitrary File Upload
2018-01-15
Disk Pulse Enterprise 10.1.18 - Buffer Overflow
2018-01-15
SysGauge Server 3.6.18 - Buffer Overflow
2018-01-15
Linux/x86-64 - Bind TCP Password (doomedra) Shell (/bin/sh) (4444/TCP) Shellcode (175 bytes)
2018-01-15
Domains & Hostings Manager PRO 3.0 - Authentication Bypass
2018-01-15
Linux/x86-64 - Reverse TCP Password (doomedra) Shell (/bin/sh) (192.168.1.9:4444/TCP) Shellcode (138 bytes)
2018-01-15
ImgHosting 1.5 - Cross-Site Scripting
2018-01-15
Linux/x86-64 - Bind TCP Password (Password) Shell (/bin/sh) (4444/TCP) Shellcode (173 bytes)
2018-01-15
Linux/x86-64 - Read /etc/passwd Shellcode (82 bytes)
2018-01-15
Linux/x86-64 - Add User (pwned/$pass$) Using echo cmd Shellcode (273 bytes)
2018-01-15
Linux/x86-64 - Add User (pwned/$pass$) Using open,write,close Shellcode (358 bytes)
2018-01-15
Linux/x86-64 - Bind TCP Stager (4444/TCP) + Egghunter Shellcode (157 bytes)
2018-01-15
Linux/x86-64 - Add Root User (shell-storm/leet) Polymorphic Shellcode (273 bytes)
2018-01-15
pfSense < 2.1.4 - 'status_rrd_graph_img.php' Command Injection
2018-01-15
Linux/x86-64 - Bind TCP Password (hell) /bin/sh Shell (4444/TCP) Shellcode (147 bytes)
2018-01-15
Linux/x86-64 - Reverse TCP Password (hell) /bin/sh Shell (127.0.0.1:4444/TCP) Shellcode (136 bytes)
2018-01-15
Linux/x86-64 - Read /etc/passwd + Write To /tmp/outfile Shellcode (105 bytes)
2018-01-15
Linux/x86-64 - shutdown -h now Shellcode (64 bytes)
2018-01-15
Linux/x86-64 - shutdown -h now Shellcode (65 bytes)
2018-01-15
Linux/x86-64 - sys_access() Egghunter Shellcode (49 bytes)
2018-01-15
Zimbra Collaboration Suite Cross Site Scripting Vulnerability
2018-01-14
Piwigo 2.8.2 / 2.9.2 Cross Site Scripting Vulnerability
2018-01-14
Magento Connect T1 Cross Site Scripting Vulnerability
2018-01-14
Magento Commerce Server-Side Request Forgery Vulnerability
2018-01-14
Flash Operator Panel 2.31.03 Command Execution Vulnerability
2018-01-14
ZyXEL P-660HW UDP Denial Of Service Exploit
2018-01-14
IRIX - execve (/bin/sh) Shellcode (68 bytes)
2018-01-12
IRIX - execve (/bin/sh -c) Shellcode (72 bytes)
2018-01-12
Linux/x86-64 - execve (/sbin/iptables, [/sbin/iptables, -F], NULL) Shellcode (43 bytes)
2018-01-12
Linux/ARM - chmod(/etc/passwd, 0777) Shellcode (39 bytes)
2018-01-12
Linux/ARM - creat(/root/pwned, 0777) Shellcode (39 bytes)
2018-01-12
Linux/ARM - execve (/bin/sh, [], [0 vars]) Shellcode (35 bytes)
2018-01-12
Linux/ARM - execve (/bin/sh,NULL,0) Shellcode (31 bytes)
2018-01-12
Linux/StrongARM - execve (/bin/sh) Shellcode (47 bytes)
2018-01-12
Linux/SuperH (sh4) - execve(/bin/sh, 0, 0) Shellcode (19 bytes)
2018-01-12
Linux/SuperH (sh4) - Bind TCP /bin/sh Shell (31337/TCP) Shellcode (132 bytes)
2018-01-12
PyroBatchFTP < 3.19 - Buffer Overflow Exploit
2018-01-12
macOS - process_policy Stack Leak Through Uninitialized Field Exploit
2018-01-12
ALLMediaServer 0.95 - Buffer Overflow Exploit
2018-01-12
Kentico CMS 11.0 - Buffer Overflow Vulnerability
2018-01-12
Taxi Booking Script 1.0 - Cross-site Scripting Vulnerability
2018-01-12
Xnami 1.0 - Cross-Site Scripting Vulnerability
2018-01-12
Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon Exploit
2018-01-12
Microsoft Windows SMB Server (v1 and v2) - Mount Point Arbitrary Device Open Privilege Escalation Ex
2018-01-12
Microsoft Windows - NTFS Owner/Mandatory Label Privilege Bypass Exploit
2018-01-12
Microsoft Windows - NtImpersonateAnonymousToken AC to Non-AC Privilege Escalation Exploit
2018-01-12
Microsoft Windows - NtImpersonateAnonymousToken LPAC to Non-LPAC Privilege Escalation Exploit
2018-01-12
LabF nfsAxe 3.7 FTP Client - Stack Buffer Overflow Exploit
2018-01-12
phpCollab 2.5.1 - Unauthenticated File Upload Exploit
2018-01-12
FreeBSD/x86 - reboot() Shellcode (15 Bytes)
2018-01-12
D-Link Routers 110/412/615/815 < 1.03 - service.cgi Arbitrary Code Execution Exploit
2018-01-12
MiniUPnP MiniUPnPc < 2.0 - Remote Denial of Service Vulnerability
2018-01-12
Python smtplib 2.7.11 / 3.4.4 / 3.5.1 - Man In The Middle StartTLS Stripping Vulnerability
2018-01-12
Parity Browser < 1.6.10 - Bypass Same Origin Policy Vulnerability
2018-01-12
SAP NetWeaver J2EE Engine 7.40 - SQL Injection Exploit
2018-01-12
Jungo Windriver 12.5.1 - Privilege Escalation Exploit
2018-01-12
Multiple CPUs - Information Leak Using Speculative Execution Exploit
2018-01-12
WordPress Admin Menu Tree Page View 2.6.9 Plugin - Cross-Site Request Forgery / Privilege Escalation
2018-01-12
WordPress CMS Tree Page View 1.4 Plugin - Cross-Site Request Forgery / Privilege Escalation Exploit
2018-01-12
WordPress Download Manager 2.9.60 Plugin - Cross-Site Request Forgery Vulnerability
2018-01-12
WordPress Social Media Widget by Acurax 3.2.5 Plugin - Cross-Site Request Forgery Vulnerability
2018-01-12
Joomla Easydiscuss Component < 4.0.21 - Cross-Site Scripting Vulnerability
2018-01-12
Microsoft Edge Chakra JIT - Lowerer::LowerSetConcatStrMultiItem Missing Integer Overflow Check
2018-01-12
BSD/x86 - setreuid(geteuid(), geteuid()) + execve(/bin/sh) Shellcode (36 bytes)
2018-01-12
HPE iMC dbman RestartDB Unauthenticated Remote Command Execution Exploit
2018-01-12
HPE iMC dbman RestoreDBase Unauthenticated Remote Command Execution Exploit
2018-01-12
WordPress Events Calendar Plugin - event_id SQL Injection Vulnerability
2018-01-12
Worpress Service Finder Booking < 3.2 Plugin - Local File Disclosure Vulnerability
2018-01-12
Synology Photostation 6.7.2-3429 - Remote Code Execution Exploit
2018-01-12
DiskBoss Enterprise 8.8.16 - Buffer Overflow Exploit
2018-01-12
Muviko 1.1 - SQL Injection Vulnerability
2018-01-12
Yawcam 0.6.0 Directory Traversal Vulnerability
2018-01-12
Commvault Communications Service (cvd) - Command Injection Exploit
2018-01-12
Microsoft Windows - nt!NtQuerySystemInformation (information class 138, QueryMemoryTopologyInformati
2018-01-12
Microsoft Windows - nt!NtQueryInformationProcess (information class 76, QueryProcessEnergyValues) Ke
2018-01-12
Microsoft Edge Chakra JIT - Escape Analysis Bug Exploit
2018-01-12
Microsoft Edge Chakra asm.js Out-of-Bounds Read Exploit
2018-01-12
Microsoft Edge Chakra JIT - Op_MaxInAnArray and Op_MinInAnArray can Explicitly call User-Defined Jav
2018-01-12
Microsoft Windows - Local XPS Print Spooler Sandbox Escape Exploit
2018-01-12
Android - Inter-Process munmap due to Race Condition in ashmem Exploit
2018-01-12
FiberHome LM53Q1 - Multiple Vulnerabilities
2018-01-12
Vanilla < 2.1.5 - Cross-Site Request Forgery Vulnerability
2018-01-12
BarcodeWiz ActiveX Control < 6.7 - Buffer Overflow (PoC) Vulnerability
2018-01-12
DiskBoss Enterprise 8.5.12 - Denial of Service Exploit
2018-01-12
Disk Pulse Enterprise 10.1.18 - Denial of Service Exploit
2018-01-12
Microsoft Skypexspaces - DNS Squatting Web Vulnerability
2018-01-12
Kentico CMS v11.0 - Stack Buffer Overflow Vulnerability
2018-01-12
SonicWall GMS v8.1 - Filter Bypass & Persistent Vulnerability
2018-01-12
SonicWall SonicOS NSA - Bypass & Persistent Vulnerability
2018-01-12
SonicWall SonicOS NSA - Multiple Web Vulnerabilities
2018-01-12
Photos in Wifi 1.0.1 iOS - Path Traversal Web Vulnerability
2018-01-12
Linux/x86-64 - execve("/sbin/iptables", ["/sbin/iptables", "-F"], NULL) Shellcode (43 bytes)
2018-01-12
Linux/x86-64 - Add Map (127.1.1.1 google.lk) In /etc/hosts Shellcode (96 bytes)
2018-01-12
Linux/x86-64 - Add Map (127.1.1.1 google.lk) In /etc/hosts Shellcode (110 bytes)
2018-01-12
Linux/x86-64 - Execute /bin/sh Shellcode (24 bytes)
2018-01-12
Linux/x86-64 - Execute /bin/sh Shellcode (27 bytes)
2018-01-12
PyroBatchFTP < 3.19 - Buffer Overflow
2018-01-12
Kentico CMS 11.0 - Buffer Overflow
2018-01-12
Linux/SPARC - setreuid(0,0) + standard execve() Shellcode (72 bytes)
2018-01-12
Linux/SPARC - setreuid(0,0) + execve(/bin/sh) Shellcode (64 bytes)
2018-01-12
Taxi Booking Script 1.0 - Cross-site Scripting
2018-01-12
Linux/SuperH (sh4) - Bind TCP /bin/sh Shell (31337/TCP) Shellcode (132 bytes)
2018-01-12
Linux/SuperH (sh4) - execve("/bin/sh", 0, 0) Shellcode (19 bytes)
2018-01-12
Linux/StrongARM - Bind TCP /bin/sh Shell Shellcode (203 bytes)
2018-01-12
Linux/StrongARM - execve(/bin/sh) Shellcode (47 bytes)
2018-01-12
Linux/StrongARM - setuid() Shellcode (20 bytes)
2018-01-12
Android/ARM - Reverse TCP /system/bin/sh Shell (10.0.2.2:0x3412/TCP) Shellcode (79 bytes)
2018-01-12
Xnami 1.0 - Cross-Site Scripting
2018-01-12
Linux/ARM - execve("/bin/sh",NULL,0) Shellcode (31 bytes)
2018-01-12
Linux/ARM - execve("/bin/sh", [], [0 vars]) Shellcode (35 bytes)
2018-01-12
Linux/ARM - creat("/root/pwned", 0777) Shellcode (39 bytes)
2018-01-12
Linux/ARM - chmod("/etc/passwd", 0777) Shellcode (39 bytes)
2018-01-12
Linux/ARM - Add Map (127.1.1.1 google.lk) In /etc/hosts Shellcode (79 bytes)
2018-01-12
Phrack: .NET Instrumentation via MSIL bytecode injection (Antonio "s4tan" Parata)
2018-01-12
ALLMediaServer 0.95 - Buffer Overflow
2018-01-12
Microsoft Edge Chakra - 'AppendLeftOverItemsFromEndSegment' Out-of-Bounds Read
2018-01-11
macOS - 'process_policy' Stack Leak Through Uninitialized Field
2018-01-11
Linux/ARM - execve("/bin/sh", NULL, 0) Shellcode (34 bytes)
2018-01-11
phpCollab 2.5.1 - Unauthenticated File Upload (Metasploit)
2018-01-11
LabF nfsAxe 3.7 FTP Client - Stack Buffer Overflow (Metasploit)
2018-01-11
Microsoft Windows SMB Server (v1 and v2) - Mount Point Arbitrary Device Open Privilege Escalation
2018-01-11
Microsoft Windows - NtImpersonateAnonymousToken LPAC to Non-LPAC Privilege Escalation
2018-01-11
Microsoft Windows - NtImpersonateAnonymousToken AC to Non-AC Privilege Escalation
2018-01-11
Microsoft Windows - NTFS Owner/Mandatory Label Privilege Bypass
2018-01-11
Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon
2018-01-11
IRIX - stdin-read Shellcode (40 bytes)
2018-01-11
IRIX - execve(/bin/sh) Shellcode (68 bytes)
2018-01-11
IRIX - Bind TCP /bin/sh Shell Shellcode (364 bytes)
2018-01-11
IRIX - execve(/bin/sh) Shellcode (43 bytes)
2018-01-11
IRIX - execve(/bin/sh -c) Shellcode (72 bytes)
2018-01-11
FreeBSD - reboot() Shellcode (15 Bytes)
2018-01-11
FreeBSD/x86 - Bind TCP /bin/sh Shell (41254/TCP) Shellcode (115 bytes)
2018-01-11
FreeBSD/x86 - //sbin/pfctl -F all Shellcode (47 Bytes)
2018-01-11
FreeBSD/x86 - execv(/bin/sh) Shellcode (23 bytes)
2018-01-11
FreeBSD/x86-64 - Bind TCP Password (R2CBw0cr) /bin/sh Shell Shellcode (127 bytes)
2018-01-11
FreeBSD/x86-64 - execve /bin/sh Shellcode (28 bytes)
2018-01-11
MiniUPnP MiniUPnPc < 2.0 - Remote Denial of Service
2018-01-11
Python smtplib 2.7.11 / 3.4.4 / 3.5.1 - Man In The Middle StartTLS Stripping
2018-01-11
Parity Browser < 1.6.10 - Bypass Same Origin Policy
2018-01-11
Jungo WinDriver 12.5.1 - Local Privilege Escalation
2018-01-11
Linux/ARM (Raspberry Pi) - Bind TCP /bin/sh Shell (0.0.0.0:4444/TCP) Null-Free Shellcode (112 bytes)
2018-01-11
D-Link Routers 110/412/615/815 < 1.03 - 'service.cgi' Arbitrary Code Execution
2018-01-11
SAP NetWeaver J2EE Engine 7.40 - SQL Injection
2018-01-11
Jungo Windriver 12.5.1 - Privilege Escalation
2018-01-11
HPE iMC - dbman RestartDB Unauthenticated Remote Command Execution (Metasploit)
2018-01-10
HPE iMC - dbman RestoreDBase Unauthenticated Remote Command Execution (Metasploit)
2018-01-10
Microsoft Edge Chakra JIT - 'Lowerer::LowerSetConcatStrMultiItem' Missing Integer Overflow Check
2018-01-10
Multiple CPUs - Information Leak Using Speculative Execution
2018-01-10
Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (53 bytes)
2018-01-10
Joomla! Component Easydiscuss < 4.0.21 - Cross-Site Scripting
2018-01-10
WordPress Plugin WordPress Download Manager 2.9.60 - Cross-Site Request Forgery
2018-01-10
WordPress Plugin Admin Menu Tree Page View 2.6.9 - Cross-Site Request Forgery / Privilege Escalation
2018-01-10
WordPress Plugin CMS Tree Page View 1.4 - Cross-Site Request Forgery / Privilege Escalation
2018-01-10
WordPress Plugin Social Media Widget by Acurax 3.2.5 - Cross-Site Request Forgery
2018-01-10
BSD/x86 - setreuid(geteuid(), geteuid()) + execve("/bin/sh") Shellcode (36 bytes)
2018-01-10
Alpha - setuid() Shellcode (156 bytes)
2018-01-10
Alpha - execve() Shellcode (112 bytes)
2018-01-10
Alpha - /bin/sh Shellcode (80 bytes)
2018-01-10
WordPress Plugin Events Calendar - 'event_id' SQL Injection
2018-01-10
DiskBoss Enterprise 8.8.16 - Buffer Overflow
2018-01-10
Muviko 1.1 - SQL Injection
2018-01-10
Linux/x86 - execve /bin/dash Shellcode (30 bytes)
2018-01-10
Worpress Plugin Service Finder Booking < 3.2 - Local File Disclosure
2018-01-10
Synology Photostation 6.7.2-3429 - Remote Code Execution (Metasploit)
2018-01-10
Commvault Communications Service (cvd) - Command Injection (Metasploit)
2018-01-09
Microsoft Windows - 'nt!NtQuerySystemInformation (information class 138, QueryMemoryTopologyInformation)' Kernel Pool Memory Disclosure
2018-01-09
Microsoft Windows - 'nt!NtQueryInformationProcess (information class 76, QueryProcessEnergyValues)' Kernel Stack Memory Disclosure
2018-01-09
Microsoft Edge Chakra JIT - Escape Analysis Bug
2018-01-09
Microsoft Edge Chakra - 'asm.js' Out-of-Bounds Read
2018-01-09
Microsoft Edge Chakra JIT - BackwardPass::RemoveEmptyLoopAfterMemOp Does not Insert Branches
2018-01-09
Microsoft Edge Chakra JIT - Op_MaxInAnArray and Op_MinInAnArray can Explicitly call User-Defined JavaScript Functions
2018-01-09
Microsoft Windows - Local XPS Print Spooler Sandbox Escape
2018-01-09
Android - Inter-Process munmap due to Race Condition in ashmem
2018-01-09
Magento Connect T1 - (Claim) Persistent Vulnerability
2018-01-08
Sync Breeze Enterprise 10.1.16 - Denial of Service Exploit
2018-01-08
Synology DiskStation Manager (DSM) < 6.1.3-15152 - forget_passwd.cgi User Enumeration
2018-01-08
VX Search Enterprise 10.1.12 - Denial of Service Exploit
2018-01-08
WordPress LearnDash 2.5.3 Plugin - Arbitrary File Upload Vulnerability
2018-01-08
Oracle WebLogic < 10.3.6 - wls-wsat Component Deserialisation Remote Command Execution Exploit
2018-01-08
D-Link DNS-320 ShareCenter < 1.06 - Backdoor Access Vulnerability
2018-01-08
Linux/x86 - chmod 777 /etc/sudoers Shellcode (36 bytes)
2018-01-08
Vanilla < 2.1.5 - Cross-Site Request Forgery
2018-01-08
WordPress Plugin LearnDash 2.5.3 - Arbitrary File Upload
2018-01-08
FiberHome LM53Q1 - Multiple Vulnerabilities
2018-01-08
SonicWall NSA 6600/5600/4600/3600/2600/250M - Multiple Vulnerabilities
2018-01-08
Oracle WebLogic < 10.3.6 - 'wls-wsat' Component Deserialisation Remote Command Execution
2018-01-08
Photos in Wifi 1.0.1 - Path Traversal
2018-01-08
BarcodeWiz ActiveX Control < 6.7 - Buffer Overflow
2018-01-08
Synology DiskStation Manager (DSM) < 6.1.3-15152 - 'forget_passwd.cgi' User Enumeration
2018-01-08
DiskBoss Enterprise 8.5.12 - Denial of Service
2018-01-08
Sync Breeze Enterprise 10.1.16 - Denial of Service
2018-01-08
Disk Pulse Enterprise 10.1.18 - Denial of Service
2018-01-08
VX Search Enterprise 10.1.12 - Denial of Service
2018-01-08
MS Sharepoint 2013 - Limited Access Permission Bypass
2018-01-08
Joomla Ad Agency 6.0.9 SQL Injection Vulnerability
2018-01-07
Joomla JHotelReservation 6.0.5 SQL Injection Vulnerability
2018-01-07
Joomla JMultipleHotelReservation 6.0.5 SQL Injection Vulnerability
2018-01-07
Joomla J-BusinessDirectory 4.7.3 SQL Injection Vulnerability
2018-01-07
Joomla JUX Real Estate 3.3.0 SQL Injection Vulnerability
2018-01-07
Joomla Real Estate 1.5 SQL Injection Vulnerability
2018-01-07
Joomla vRestaurant 1.9.4 SQL Injection Vulnerability
2018-01-07
Joomla VMap 1.9.2 SQL Injection Vulnerability
2018-01-07
WordPress WpJobBoard 4.4.4 SQL Injection Vulnerability
2018-01-07
AMD PSP fTPM Remote Code Execution Vulnerability
2018-01-07
Western Digital WDMyCloud mydlinkBRionyg Backdoor Exploit
2018-01-07
Western Digital WDMyCloud 2.30.165 Multiple Vulnerabilities
2018-01-07
BarcodeWiz ActiveX Control Buffer Overflow Vulnerability
2018-01-07
Gespage 7.4.8 Cross Site Scripting Vulnerability
2018-01-07
Icyphoenix 2.2.0.105 SQL Injection Vulnerability
2018-01-07
Linux/x86 chmod 777 /etc/sudoers Shellcode (36 bytes)
2018-01-07
Cisco IOS - Remote Code Execution Exploit
2018-01-07
Ayukov NFTP FTP Client 2.0 - Buffer Overflow Exploit
2018-01-07
Linux/x86 - Reverse TCP /bin/sh Shell (127.1.1.1:8888/TCP) Null-Free Shellcode (67/69 bytes)
2018-01-06
VMware Workstation - ALSA Config File Local Privilege Escalation Exploit
2018-01-06
Microsoft Windows win32k - Using SetClassLong to Switch Between CS_CLASSDC and CS_OWNDC Corrupts DC
2018-01-06
GetGo Download Manager 5.3.0.2712 - Proxy Buffer Overflow Exploit
2018-01-06
Gespage 7.4.8 - SQL Injection Exploit
2018-01-06
Cisco IOS - Remote Code Execution
2018-01-05
VMware Workstation - ALSA Config File Local Privilege Escalation (Metasploit)
2018-01-05
Ayukov NFTP FTP Client 2.0 - Buffer Overflow (Metasploit)
2018-01-05
Gespage 7.4.8 - SQL Injection
2018-01-05
Microsoft Windows win32k - Using SetClassLong to Switch Between CS_CLASSDC and CS_OWNDC Corrupts DC Cache
2018-01-05
Snitz Forums 2000 < 3.4.0.3 - Multiple Vulnerabilities
2018-01-05
Max Web Portal < 1.30 - Multiple Vulnerabilities
2018-01-05
MegaBrowser < 0.71b - Multiple Vulnerabilities
2018-01-05
FTP Service < 1.2 - Multiple Vulnerabilities
2018-01-05
WinMX < 2.6 - Design Error
2018-01-05
P-Synch < 6.2.5 - Multiple Vulnerabilities
2018-01-05
phpLinks < 2.1.2 - Multiple Vulnerabilities
2018-01-05
PHP Topsites < 2.2 - Multiple Vulnerabilities
2018-01-05
Zen Cart < 1.3.8a - SQL Injection
2018-01-05
WDMyCloud < 2.30.165 - Multiple Vulnerabilities
2018-01-05
D-Link DNS-320 ShareCenter < 1.06 - Backdoor Access
2018-01-05
Linux/x86 - Reverse TCP Shell (127.1.1.1:8888/TCP) Shellcode (69 bytes)
2018-01-05
GetGo Download Manager 5.3.0.2712 - 'Proxy' Buffer Overflow
2018-01-05
gps-server.net GPS Tracking Software < 3.1 - Multiple Vulnerabilities
2018-01-05
Wickr Inc - App Clock & Message Deletion Glitch P2
2018-01-05
Wowonder CMS - Privilege Escalation Vulnerability
2018-01-05
SonicWall SonicOS NSA UTM Firewall - Bypass & Persistent Vulnerability
2018-01-05
Iopsys Router - dhcp Remote Code Execution
2018-01-04
Multiple CPUs - Spectre Information Disclosure (PoC) Exploit
2018-01-04
Xplico - Remote Code Execution (Metasploit)
2018-01-04
Linksys WVBR0-25 - User-Agent Command Execution (Metasploit)
2018-01-04
Iopsys Router - 'dhcp' Remote Code Execution
2018-01-04
Apple iOS v11 6S & 7 - (Health Application) DoS Vulnerability
2018-01-04
Adobe CreativeCloud (Webform) - Persistent Vulnerability
2018-01-04
Linksys WVBR0-25 User-Agent Command Execution Exploit
2018-01-04
Multiple CPUs - 'Spectre' Information Disclosure (PoC)
2018-01-04
Xplico Remote Code Execution Exploit
2018-01-04
Kingsoft Antivirus / Internet Security 9+ - Privilege Escalation Exploit
2018-01-04
EMC xPression 4.5SP1 Patch 13 - 'model.jobHistoryId' SQL Injection
2018-01-03
Kingsoft Antivirus/Internet Security 9+ - Privilege Escalation
2018-01-03
Atlassian Bamboo Code Execution / Argument Injection Vulnerabilities
2018-01-03
b2evolution CMS 6.8.10 PHP Code Execution Vulnerability
2018-01-03
EMC xPression 4.5SP1 Patch 13 SQL Injection Vulnerability
2018-01-03
Joomla Advertisement Board Classifieds 3.2.0 Shell Upload Vulnerability
2018-01-03
Joomla VehicleManager 3.9.15 SQL Injection Vulnerability
2018-01-03
Joomla RealEstateManager 4.2.0 SQL Injection Vulnerability
2018-01-03
Joomla EXP Auto 4.2.3 SQL Injection Vulnerability
2018-01-03
Salesforce Force (EventRSVP) - Multiple Web Vulnerabilities
2018-01-03
Wickr Inc Bug Bounty Program - Zero Day Vulnerabilities
2018-01-03
Wincor Nixdorf PC/E Mobile Cash TryOut - API Vulnerability
2018-01-03
Wickr Inc - Zero Day Vulnerability Research Report P1
2018-01-03
Magento Commerce - SSRF & XSPA Web Vulnerability
2018-01-03
WordPress Smart Google Code Inserter Plugin < 3.5 - Authentication Bypass / SQL Injection
2018-01-03
Samsung Internet Browser 6.2.01.12 SOP Bypass / UXSS Vulnerabilities
2018-01-03
DLink DSL-6850U Multiple Vulnerabilities
2018-01-03
Joomla VP Conversion Tracking 1.7 SQL Injection Vulnerability
2018-01-03
WordPress Plugin Smart Google Code Inserter < 3.5 - Authentication Bypass / SQL Injection
2018-01-03
Linux Kernel < 4.4.0-83 / < 4.8.0-58 (Ubuntu 14.04/16.04) - Privilege Escalation Exploit
2018-01-03
Joomla JomDirectory 4.4 SQL Injection Vulnerability
2018-01-03
Linux Kernel < 4.4.0-83 / < 4.8.0-58 (Ubuntu 14.04/16.04) - Local Privilege Escalation (KASLR / SMEP)
2018-01-02
Apple macOS - IOHIDSystem Kernel Read/Write Exploit
2018-01-02
Huawei HG532 Router - Arbitrary Command Execution Exploit
2018-01-02
D3DGear 5.00 Build 2175 - Buffer Overflow Exploit
2018-01-02
PHP Melody 2.7.1 - playlist SQL Injection Vulnerability
2018-01-02
Apple macOS - IOHIDSystem Kernel Read/Write
2018-01-01
Huawei Router HG532 - Arbitrary Command Execution
2018-01-01
Cambium ePMP1000 - 'get_chart' Shell via Command Injection (Metasploit)
2018-01-01
Cambium ePMP1000 - 'ping' Shell via Command Injection (Metasploit)
2018-01-01
HP Mercury LoadRunner Agent magentproc.exe - Remote Command Execution (Metasploit)
2018-01-01
D3DGear 5.00 Build 2175 - Buffer Overflow
2017-12-31
PHP Melody 2.7.1 - 'playlist' SQL Injection
2017-12-31
Joomla Jtag Members Directory 5.3.7 SQL Injection Vulnerability
2017-12-31
Joomla JomEstate PRO 3.7 SQL Injection Vulnerability
2017-12-31
Joomla JomEvents 3.7 SQL Injection Vulnerability
2017-12-31
Joomla JomHoliday 4.0 SQL Injection Vulnerability
2017-12-31
Joomla Jtag Minicart 4.1.0 SQL Injection Vulnerability
2017-12-31
Joomla Varista Education 2.9 SQL Injection Vulnerability
2017-12-31
Joomla SP Movie Database 1.4 SQL Injection Vulnerability
2017-12-31
HP Mercury LoadRunner Agent magentproc.exe Remote Command Execution Exploit
2017-12-31
Library CMS 1.0 Cross Site Scripting Vulnerability
2017-12-31
Locations Multipurpose CMS Directory Theme 1.0 Cross Site Scripting Vulnerability
2017-12-31
Tripbuddy Travel, Locations, And Events 1.0 Cross Site Scripting Vulnerability
2017-12-31
GoodTravel Travel And Locations 1.0 Cross Site Scripting Vulnerability
2017-12-31
NetWin SurgeFTP 23f2 Cross Site Scripting Vulnerability
2017-12-31
pfSense 2.1.3-RELEASE (amd64) Remote Command Execution Exploit
2017-12-31
Cambium ePMP1000 3.1-3.5-RC7 Command Injection Exploit
2017-12-31
Cambium ePMP1000 2.5 Command Injection Exploit
2017-12-31
HP Insight Control For VMware vCenter Server 7.3 Insecure Permissions Vulnerability
2017-12-31
Joomla YJ Filter For K2 1.0.5 SQL Injection Vulnerability
2017-12-31
Joomla YJ Live Search 2.0 SQL Injection Vulnerability
2017-12-31
Joomla YouBumpit 2.0 SQL Injection Vulnerability
2017-12-31
NetTransport 2.96L - Buffer Overflow (DEP Bypass) Exploit
2017-12-31
ALLMediaServer 0.95 - Buffer Overflow (Metasploit) Exploit
2017-12-31
Huawei P8 wkupccpu debugfs Kernel Buffer Overflow Vulnerability
2017-12-31
Ichano AtHome IP Cameras Multiple Vulnerabilities
2017-12-31
Kingsoft Antivirus/Internet Security 9+ Privilege Escalation Exploit
2017-12-31
Trustwave SWG Unauthorized Access Vulnerability
2017-12-31
Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure Vulnerability
2017-12-31
Telesquare SKT LTE Router SDT-CS3B1 - Cross-Site Request Forgery Vulnerability
2017-12-31
Telesquare SKT LTE Router SDT-CS3B1 - Denial of Service Exploit
2017-12-31
DotNetNuke DreamSlider 01.01.02 - Arbitrary File Download Exploit
2017-12-31
Xerox DC260 EFI Fiery Controller Webtools 2.0 - Arbitrary File Disclosure Vulnerability
2017-12-31
WordPress Easy Appointments 1.2.1 Plugin - Cross-Site Scripting Vulnerability
2017-12-31
ALLMediaServer 0.95 - Buffer Overflow Exploit
2017-12-31
SysGauge Server 3.6.18 - Denial of Service Exploit
2017-12-31
Sony Playstation 4 4.05 FW - Local Kernel Exploit
2017-12-31
Joomla JEXTN FAQ Pro 4.0.0 Component - id SQL Injection Vulnerability
2017-12-31
Sendroid < 6.5.0 - SQL Injection Exploit
2017-12-31
SilverStripe CMS 3.6.2 - CSV Excel Macro Injection Vulnerability
2017-12-31
COMTREND ADSL Router CT-5367 - Remote Code Execution Exploit
2017-12-31
Biometric Shift Employee Management System 3.0 - Local File Disclosure Vulnerability
2017-12-31
Vitek Remote Code Execution / Information Disclosure Vulnerabilities
2017-12-31
Ubiquiti UniFi Video 3.7.3 Local Privilege Escalation Vulnerability
2017-12-31
GetGo Download Manager 5.3.0.2712 Buffer Overflow Exploit
2017-12-31
EMC VNX1 / VNX2 Family Cross Site Scripting Vulnerability
2017-12-31
WordPress mgl-instagram-gallery Plugin Cross Site Scripting Vulnerability
2017-12-31
NetTransport 2.96L - Buffer Overflow (DEP Bypass)
2017-12-29
ALLMediaServer 0.95 - Buffer Overflow (Metasploit)
2017-12-28
ALLMediaServer 0.95 - Buffer Overflow (PoC)
2017-12-28
DotNetNuke DreamSlider 01.01.02 - Arbitrary File Download (Metasploit)
2017-12-28
SysGauge Server 3.6.18 - Denial of Service
2017-12-28
Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure
2017-12-28
Telesquare SKT LTE Router SDT-CS3B1 - Denial of Service
2017-12-28
Telesquare SKT LTE Router SDT-CS3B1 - Cross-Site Request Forgery
2017-12-28
Easy!Appointments 1.2.1 - Cross-Site Scripting
2017-12-28
Xerox DC260 EFI Fiery Controller Webtools 2.0 - Arbitrary File Disclosure
2017-12-28
Sony Playstation 4 4.05 FW - Local Kernel Loader
2017-12-28
SilverStripe CMS 3.6.2 - CSV Excel Macro Injection
2017-12-28
Sendroid < 6.5.0 - SQL Injection
2017-12-28
Biometric Shift Employee Management System 3.0 - Local File Disclosure
2017-12-28
Joomla! Component JEXTN FAQ Pro 4.0.0 - 'id' SQL Injection
2017-12-28
GetGo Download Manager 5.3.0.2712 - Buffer Overflow
2017-12-28
Ubiquiti UniFi Video 3.7.3 - Local Privilege Escalation
2017-12-28
COMTREND ADSL Router CT-5367 - Remote Code Execution
2017-12-28
Oracle MySQL UDF Payload Execution Exploit
2017-12-22
Joomla JB Bus 2.3.0 SQL Injection Vulnerability
2017-12-22
Joomla JB Tour Booking 2.2.2 SQL Injection Vulnerability
2017-12-22
Trend Micro Smart Protection Server 3.2 XSS / Access Control / Disclosure Vulnerabilities
2017-12-22
ServersCheck Monitoring Software Cross Site Scripting Vulnerability
2017-12-22
phpMars 1.0.9 Cross Site Scripting Vulnerability
2017-12-22
Online Hotel Booking System Pro 1.3 Cross Site Scripting Vulnerability
2017-12-22
Roommate And Real Estate Listing Classified Response 1.0 XSS Vulnerability
2017-12-22
Trend Micro Smart Protection Server - Session Hijacking / Log File Disclosure / Remote Command Execution / Cron Job Injection / Local File Inclusion / Stored Cross-Site Scripting / Improper Access Control
2017-12-22
Xbox 360 Aurora 0.6b Default Credentials / FTP BruteForce Exploit
2017-12-22
Cisco IOS 12.2 < 12.4 / 15.0 < 15.6 - Security Association Negotiation Request Device Memory E
2017-12-22
Netcore / Netis Routers - UDP Backdoor Exploit
2017-12-22
Fortinet FortiGate 4.x < 5.0.7 - SSH Backdoor Exploit
2017-12-22
Technicolor DPC3928SL - SNMP Authentication Bypass Exploit
2017-12-22
Ruby < 2.2.8 / < 2.3.5 / < 2.4.2 / < 2.5.0-preview1 - NET::Ftp Command Injection Exploit
2017-12-22
Linux Kernel >= 4.9 eBPF memory corruption bugs Vulnerability
2017-12-22
Palo Alto Networks PAN-OS Cookie Injection Vulnerability
2017-12-22
WordPress Itinerary 1.0.0 Cross Site Scripting Vulnerability
2017-12-22
WordPress WebConnex Form Management 1.6.3 Cross Site Scripting Vulnerability
2017-12-22
WordPress Grifus 4.0.1 Cross Site Scripting Vulnerability
2017-12-22
Conarc iChannel - Improper Access Restrictions Vulnerability
2017-12-22
TeamViewer 11 < 13 (Windows 10 x86) - Inline Hooking / Direct Memory Modification Permission Chan
2017-12-22
Microsoft Windows Kernel - NtQueryVirtualMemory(MemoryMappedFilenameInformation) Double-Write Ring-0
2017-12-22
BEIMS ContractorWeb 5.18.0.0 - SQL Injection Vulnerability
2017-12-22
Ability Mail Server 3.3.2 - Cross-Site Scripting Exploit
2017-12-22
WordPress Booking Calendar 7.0 / 7.1 SQL Injection / Local File Inclusion Vulnerabilities
2017-12-22
WordPress Clean Up Optimizer 4.0.0 SQL Injection Vulnerability
2017-12-22
WordPress Concours 1.1 Cross Site Scripting Vulnerability
2017-12-22
WordPress Custom Map 1.1 Cross Site Scripting Vulnerability
2017-12-22
WordPress CSV Import-Export 1.1 Cross Site Scripting Vulnerability
2017-12-22
Microsoft Windows 10 Hello Face Authentication Bypass Vulnerability
2017-12-22
TP-Link TL-SG108E XSS / Weak Access Control Vulnerability
2017-12-22
Samsung Internet Browser - SOP Bypass Exploit
2017-12-22
Intel Content Protection HECI Service - Type Confusion Privilege Escalation Exploit
2017-12-22
Microsoft Internet Explorer 11 jscript!JSONStringifyObject Use-After-Free Exploit
2017-12-22
Microsoft Windows jscript!JsArraySlice Uninitialized Variable Exploit
2017-12-22
Microsoft Windows jscript!NameTbl::GetValDef Use-After-Free Exploit
2017-12-22
Microsoft Windows jscript!RegExpComp::Compile Heap Overflow Exploit
2017-12-22
Microsoft Windows jscript!RegExpFncObj::LastParen Out-Of-Bounds Read Exploit
2017-12-22
Microsoft Windows Array.sort jscript.dll Heap Overflow Exploit
2017-12-22
Jenkins XStream Groovy classpath Deserialization Exploit
2017-12-22
Tuleap 9.6 Second-Order PHP Object Injection Exploit
2017-12-22
WordPress Yakadanda Google+ Hangout Events 0.3.7 XSS Vulnerability
2017-12-22
WordPress Share This Image 1.03 Cross Site Scripting Vulnerability
2017-12-22
Joomla NextGen Editor 2.1.0 Component - plname SQL Injection Vulnerability
2017-12-22
Linksys WVBR0 - User-Agent Remote Command Injection Exploit
2017-12-22
Joomla My Projects 2.0 Component - SQL Injection Vulnerability
2017-12-22
Joomla User Bench 1.0 Component - userid SQL Injection Vulnerability
2017-12-22
Joomla Guru Pro Component - promocode SQL Injection Vulnerability
2017-12-22
Joomla JB Visa 1.0 Component - visatype SQL Injection Vulnerability
2017-12-22
Linux kernel < 4.10.15 - Race Condition Privilege Escalation Exploit
2017-12-22
Outlook for Android - Attachment Download Directory Traversal Exploit
2017-12-22
GoAhead httpd 2.5 < 3.6.5 - LD_PRELOAD Remote Code Execution Exploit
2017-12-22
CDex 1.96 - Buffer Overflow Exploit
2017-12-22
WordPress Placemarks 2.0.0 Cross Site Scripting Vulnerability
2017-12-22
WordPress Sagepay Server Gateway For WooCommerce 1.0.7 XSS Vulnerability
2017-12-22
Zoom Linux Client 2.0.106600.0904 Command Injection Vulnerability
2017-12-22
Zoom Linux Client 2.0.106600.0904 Buffer Overflow Vulnerability
2017-12-22
Monstra CMS 3.0.4 Remote Shell Upload Vulnerability
2017-12-22
VLC 2.2.8 MP4 Demux Type Conversion Vulnerability
2017-12-22
Joomla JBcatalog Component - Arbitrary File Upload Vulnerability
2017-12-22
WordPress FormCraft Plugins - Cross-Site Scripting Image type Vulnerability
2017-12-22
Western Digital MyCloud multi_uploadify File Upload Exploit
2017-12-22
Movie Guide 2.0 - SQL Injection Vulnerability
2017-12-22
Sync Breeze 10.2.12 - Denial of Service Exploit
2017-12-22
WordPress Pinterest Badge 1.8.0 Cross Site Scripting Vulnerability
2017-12-22
WordPress Wunderbar Basic 1.1.3 Cross Site Scripting Vulnerability
2017-12-22
Kemp Load Balancer WAF 7.2.40 Bypass Vulnerability
2017-12-22
ITGuard-Manager 0.0.0.1 - Remote Code Execution Exploit
2017-12-22
vBulletin 5 routestring Unauthenticated Remote Code Execution Vulnerability
2017-12-22
vBulletin 5 cacheTemplates Unauthenticated Remote Arbitrary File Deletion Vulnerability
2017-12-22
pfSense 2.4.1 - CSRF Error Page Clickjacking Exploit
2017-12-22
Palo Alto Networks Firewalls Remote Root Code Execution Vulnerability
2017-12-22
Zivif PR115-204-P-RS 2.3.4.2103 Bypass / Command Injection / Hardcoded Password Vulnerabilities
2017-12-22
EMC Isilon OneFS Privilege Escalation Vulnerability
2017-12-22
Fortinet FortiClient VPN Credential Disclosure Vulnerability
2017-12-22
Advantech WebAccess 8.2 Stack Buffer Overflow Exploit
2017-12-22
Dup Scout Enterprise 10.0.18 Buffer Overflow Exploit
2017-12-22
Meinberg LANTIME Web Configuration Utility 6.16.008 Authentication Bypass Vulnerability
2017-12-22
Meinberg LANTIME Web Configuration Utility 6.16.008 - Arbitrary File Read Vulnerability (2)
2017-12-22
Piwigo 2.9.1 - cat_true / cat_false SQL Injection Vulnerability
2017-12-22
Bus Booking Script 1.0 - txtname SQL Injection Vulnerability
2017-12-22
FS Lynda Clone 1.0 - SQL Injection Vulnerability
2017-12-22
Paid To Read Script 2.0.5 - uid / fnum / fn SQL Injection Vulnerability
2017-12-22
Readymade Video Sharing Script 3.2 - HTML Injection Vulnerability
2017-12-22
Meinberg LANTIME Web Configuration Utility 6.16.008 - Arbitrary File Read Vulnerability
2017-12-22
WordPress Qiniu Cloudtuchuang 1.8 Cross Site Scripting Vulnerability
2017-12-22
WordPress WordApp Mobile 2.0.3 Cross Site Scripting Vulnerability
2017-12-22
WordPress WooPay Inicis 1.1.3 Cross Site Scripting Vulnerability
2017-12-22
Joomla JEXTN Video Gallery 3.0.5 Component - id SQL Injection Vulnerability
2017-12-22
Joomla JEXTN Question And Answer 3.1.0 Component - SQL Injection Vulnerability
2017-12-22
Microsoft Office DDE Payload Delivery Exploit
2017-12-22
glibc ld.so - Memory Leak / Buffer Overflow Vulnerability
2017-12-22
macOS - Kernel Code Execution due to Lack of Bounds Checking in AppleIntelCapriController::GetLinkCo
2017-12-22
Libraw 0.18.5 Denial Of Service Vulnerability
2017-12-22
Joomla JBuildozer 1.4.1 Component - appid SQL Injection Vulnerability
2017-12-22
WordPress Accesspress Anonymous Post Pro < 3.2.0 - Unauthenticated Arbitrary File Upload Vulnerab
2017-12-22
Apple XNU Kernel - Memory Corruption due to Integer Overflow in __offsetof Usage in posix_spawn on 3
2017-12-22
macOS / iOS - Multiple Kernel Use-After-Frees due to Incorrect IOKit Object Lifetime Management in I
2017-12-22
macOS / iOS - Kernel Double Free due to Incorrect API Usage in Flow Divert Socket Option Handling
2017-12-22
macOS getrusage Stack Leak Exploit
2017-12-22
macOS necp_get_socket_attributes so_pcb Type Confusion Exploit
2017-12-22
Vanguard 1.4 Arbitrary File Upload Vulnerability
2017-12-22
Vanguard 1.4 SQL Injection Vulnerability
2017-12-22
Basic Job Site Script 2.0.5 SQL Injection Vulnerability
2017-12-22
MLM Forex Market Plan Script 2.0.4 - newid / eventid SQL Injection Vulnerability
2017-12-22
Advanced Real Estate Script 4.0.7 - SQL Injection Vulnerability
2017-12-22
Single Theater Booking Script 3.2.1 - findcity.php?q SQL Injection Vulnerability
2017-12-22
Multiplex Movie Theater Booking Script 3.1.5 - moid / eid SQL Injection Vulnerability
2017-12-22
Responsive Events & Movie Ticket Booking Script 3.2.1 - findcity.php?q SQL Injection Vulnerabili
2017-12-22
Multireligion Responsive Matrimonial 4.7.2 - succid SQL Injection Vulnerability
2017-12-22
Responsive Realestate Script 3.2 - property-list?tbud SQL Injection Vulnerability
2017-12-22
Readymade Video Sharing Script 3.2 - SQL Injection Vulnerability
2017-12-22
Readymade PHP Classified Script 3.3 - subctid / mctid SQL Injection Vulnerability
2017-12-22
Professional Service Script 1.0 - service-list?city SQL Injection Vulnerability
2017-12-22
PHP Multivendor Ecommerce 1.0 - sid / searchcat / chid1 SQL Injection Vulnerability
2017-12-22
Opensource Classified Ads Script 3.2 - SQL Injection Vulnerability
2017-12-22
Online Exam Test Application Script 1.6 - exams.php?sort SQL Injection Vulnerability
2017-12-22
Lawyer Search Script 1.1 - lawyer-list?city SQL Injection Vulnerability
2017-12-22
Laundry Booking Script 1.0 - list?city SQL Injection Vulnerability
2017-12-22
Secure E-commerce Script 2.0.1 - searchcat / searchmain SQL Injection Vulnerability
2017-12-22
Foodspotting Clone Script 1.0 - quicksearch.php?q SQL Injection Vulnerability
2017-12-22
Hot Scripts Clone 3.1 - subctid / mctid SQL Injection Vulnerability
2017-12-22
Freelance Website Script 2.0.6 - pr_id / catid SQL Injection Vulnerability
2017-12-22
Yoga Class Script 1.0 - list?city SQL Injection Vulnerability
2017-12-22
Food Order Script 1.0 - list?city SQL Injection Vulnerability
2017-12-22
Facebook Clone Script 1.0 - id / send SQL Injection Vulnerability
2017-12-22
Entrepreneur Dating Script 2.0.1 - SQL Injection Vulnerability
2017-12-22
TeamCity 2017.1.5 Privilege Escalation Vulnerability
2017-12-22
Doctor Search Script 1.0 - city SQL Injection Vulnerability
2017-12-22
Event Calendar Category Script 1.0 - city SQL Injection Vulnerability
2017-12-22
E-commerce MLM Software 1.0 - SQL Injection Vulnerability
2017-12-22
Entrepreneur Job Portal Script 2.0.6 - jobsearch_all.php?rid1 SQL Injection Vulnerability
2017-12-22
Consumer Complaints Clone Script 1.0 - id SQL Injection Vulnerability
2017-12-22
Co-work Space Search Script 1.0 - city SQL Injection Vulnerability
2017-12-22
Child Care Script 1.0 - city SQL Injection Vulnerability
2017-12-22
Cab Booking Script 1.0 - city SQL Injection Vulnerability
2017-12-22
Nearbuy Clone Script 3.2 - search SQL Injection Vulnerability
2017-12-22
CMS Auditor Website 1.0 - SQL Injection Vulnerability
2017-12-22
Chartered Accountant Booking Script 1.0 - city SQL Injection Vulnerability
2017-12-22
Basic B2B Script 2.0.8 - product_details.php?id SQL Injection Vulnerability
2017-12-22
Beauty Parlour Booking Script 1.0 - gender / city SQL Injection Vulnerability
2017-12-22
Affiliate MLM Script 1.0 - product-category.php?key SQL Injection Vulnerability
2017-12-22
Advance Online Learning Management Script 3.1 - subcatid / popcourseid SQL Injection Vulnerability
2017-12-22
Advance B2B Script 2.1.3 - show_id / pid SQL Injection Vulnerability
2017-12-22
Simple Chatting System 1.0.0 Arbitrary File Upload Vulnerability
2017-12-22
DomainSale PHP Script 1.0 SQL Injection Vulnerability
2017-12-22
Realestate Crowdfunding Script 2.7.2 SQL Injection Vulnerability
2017-12-22
Website Auction Marketplace 2.0.5 SQL Injection Vulnerability
2017-12-22
Apple macOS 10.13.1 High Sierra - Blank Root Local Privilege Escalation Vulnerability
2017-12-22
Apple macOS 10.13.1 High Sierra - Insecure Cron System Local Privilege Escalation Vulnerability
2017-12-22
WordPress Crowd Ideas 1.0 Cross Site Scripting Vulnerability
2017-12-22
LabF nfsAxe FTP Client 3.7 Buffer Overflow Exploit
2017-12-22
iTech Travel Script v9.59 - id SQL Injection Vulnerability
2017-12-22
Microsoft Windows Defender - Controlled Folder Bypass Through UNC Path Exploit
2017-12-22
LaCie 5big Network 2.2.8 Command Injection Exploit
2017-12-22
Wireshark 2.4.0 - 2.4.2 / 2.2.0 - 2.2.10 - CIP Safety Dissector Crash Exploit
2017-12-22
Linux Kernel - DCCP Socket Use-After-Free Exploit
2017-12-22
FS Facebook Clone - token SQL Injection Vulnerability
2017-12-22
FS IMDB Clone - XSS REFLECTED/PERSISTENT Vulnerabilties
2017-12-22
FS IMDB Clone - id SQL Injection Vulnerability
2017-12-22
WordPress 3rd-Party Inject Results 0.2 Cross Site Scripting Vulnerability
2017-12-22
WordPress Z-URL Preview 1.6.1 Cross Site Scripting Vulnerability
2017-12-22
WordPress WP Mailster 1.5.4.0 Cross Site Scripting Vulnerability
2017-12-22
WordPress Super Simple Custom CSS 1.2 Cross Site Scripting Vulnerability
2017-12-22
WordPress Smart Marketing SMS And Newsletters Forms 1.1.1 XSS Vulnerability
2017-12-22
Hashicorp vagrant-vmware-fusion 4.0.24 - Local root Privilege Escalation Exploit
2017-12-22
Hashicorp vagrant-vmware-fusion 4.0.23 - Local root Privilege Escalation Exploit
2017-12-22
Hashicorp vagrant-vmware-fusion 5.0.3 - Local root Privilege Escalation Exploit
2017-12-22
Hashicorp vagrant-vmware-fusion 5.0.1 - Local root Privilege Escalation Exploit
2017-12-22
Hashicorp vagrant-vmware-fusion 5.0.0 - Local root Privilege Escalation Exploit
2017-12-22
Arq 5.9.7 - Local root Privilege Escalation Exploit
2017-12-22
Arq 5.9.6 - Local root Privilege Escalation Exploit
2017-12-22
Microsoft Edge Chakra CFG Bypass With leafInterpreterFrame Vulnerability
2017-12-22
Microsoft Edge Chakra CFG Bypass Due To Bug In ServerFreeAllocation Vulnerability
2017-12-22
Microsoft Edge Chakra CFG Bypass By Overwriting JavaScript Bytecode Vulnerability
2017-12-22
Claymore Dual Miner 10.1 Stack Buffer Overflow Vulnerability
2017-12-22
Murus 1.4.11 - Local root Privilege Escalation Exploit
2017-12-22
Sera 1.2 - Local root Privilege Escalation / Password Disclosure Exploit
2017-12-22
Microsoft Office Equation Editor Code Execution Exploit
2017-12-22
Proxifier for Mac 2.19 - Local root Privilege Escalation Exploit
2017-12-22
Polycom Shell HDX Series Traceroute Command Execution Exploit
2017-12-22
FS Makemytrip Clone - SQL Injection Vulnerability
2017-12-22
FS Shaadi Clone - SQL Injection Vulnerability
2017-12-22
VX Search 10.2.14 - command_nameuffer Overflow Exploit
2017-12-22
Techno Portfolio Management Panel - id SQL Injection Vulnerability
2017-12-22
Readymade Classifieds Script 1.0 - SQL Injection Vulnerability
2017-12-22
Perspective ICM Investigation & Case 5.1.1.16 - Privilege Escalation Vulnerability
2017-12-22
Artica Web Proxy 3.06.112216 Remote Code Execution Vulnerability
2017-12-22
aws-cfn-bootstrap Local Code Execution Vulnerability
2017-12-22
Symantec Encryption Desktop And Endpoint Encryption Local Privilege Escalation
2017-12-22
WinduCMS 3.1 Local File Disclosure Exploit
2017-12-22
SocuSoft Co. Photo 2 Video Converter 8.0.0 Code Execution / DoS Exploit
2017-12-22
CEMLink 6 Unrestricted WSDL Service Access / Poor Crypto Implementation Vulnerabilities
2017-12-22
Axis Communications MPQT/PACS Heap Overflow / Information Leakage Vulnerabilities
2017-12-22
FortiGate SSL VPN Portal 5.x Cross Site Scripting Vulnerability
2017-12-22
Apache Struts2 S2-055 DoS Vulnerability
2017-12-22
Apache Struts2 S2-054 DoS Vulnerability
2017-12-22
OpenEMR 5.0.0 Command Injection / Cross Site Scripting Vulnerabilities
2017-12-22
Netcore / Netis Routers - UDP Backdoor
2017-12-21
Fortinet FortiGate 4.x < 5.0.7 - SSH Backdoor
2017-12-21
Technicolor DPC3928SL - SNMP Authentication Bypass
2017-12-21
Cisco IOS 12.2 < 12.4 / 15.0 < 15.6 - Security Association Negotiation Request Device Memory
2017-12-21
Ruby < 2.2.8 / < 2.3.5 / < 2.4.2 / < 2.5.0-preview1 - 'NET::Ftp' Command Injection
2017-12-21
Conarc iChannel - Improper Access Restrictions
2017-12-21
Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)' Double-Write Ring-0 Address Leak
2017-12-20
BEIMS ContractorWeb 5.18.0.0 - SQL Injection
2017-12-20
Ability Mail Server 3.3.2 - Cross-Site Scripting
2017-12-20
Samsung Internet Browser - SOP Bypass (Metasploit)
2017-12-20
Jenkins - XStream Groovy classpath Deserialization (Metasploit)
2017-12-19
Tuleap 9.6 - Second-Order PHP Object Injection (Metasploit)
2017-12-19
Intel Content Protection HECI Service - Type Confusion Privilege Escalation
2017-12-19
Microsoft Windows - 'jscript!RegExpFncObj::LastParen' Out-of-Bounds Read
2017-12-19
Microsoft Windows - 'jscript!JsArraySlice' Uninitialized Variable
2017-12-19
Microsoft Windows - jscript.dll 'Array.sort' Heap Overflow
2017-12-19
Microsoft Windows - 'jscript!RegExpComp::Compile' Heap Overflow Through IE or Local Network via WPAD
2017-12-19
Microsoft Internet Explorer 11 - 'jscript!JSONStringifyObject' Use-After-Free
2017-12-19
Microsoft Windows - 'jscript!NameTbl::GetValDef' Use-After-Free
2017-12-19
TeamViewer 11 < 13 (Windows 10 x86) - Inline Hooking / Direct Memory Modification Permission Change (PoC)
2017-12-19
Joomla! Component NextGen Editor 2.1.0 - 'plname' SQL Injection
2017-12-19
BrightSign Digital Signage - Multiple Vulnerablities
2017-12-19
Linksys WVBR0 - 'User-Agent' Remote Command Injection
2017-12-18
vBulletin 5 - 'cacheTemplates' Unauthenticated Remote Arbitrary File Deletion
2017-12-18
GoAhead httpd 2.5 < 3.6.5 - 'LD_PRELOAD' Remote Code Execution
2017-12-18
vBulletin 5 - 'routestring' Unauthenticated Remote Code Execution
2017-12-18
Firejail < 0.9.44.4 / < 0.9.38.8 LTS - Local Sandbox Escape
2017-12-18
Joomla! Component My Projects 2.0 - SQL Injection
2017-12-18
Outlook for Android - Attachment Download Directory Traversal
2017-12-18
Joomla! Component User Bench 1.0 - 'userid' SQL Injection
2017-12-18
Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit)
2017-12-18
Zoom Linux Client 2.0.106600.0904 - Stack-Based Buffer Overflow
2017-12-18
Zoom Linux Client 2.0.106600.0904 - Command Injection
2017-12-18
Linux kernel < 4.10.15 - Race Condition Privilege Escalation
2017-12-18
CDex 1.96 - Buffer Overflow
2017-12-18
Joomla! Component JB Visa 1.0 - 'visatype' SQL Injection
2017-12-18
Joomla! Component Guru Pro - 'promocode' SQL Injection
2017-12-18
Monstra CMS 3.0.4 - Arbitrary File Upload / Remote Code Execution
2017-12-18
Movie Guide 2.0 - SQL Injection
2017-12-15
Sync Breeze 10.2.12 - Denial of Service
2017-12-15
ITGuard-Manager 0.0.0.1 - Remote Code Execution
2017-12-15
Palo Alto Networks Firewalls - Remote root Code Execution
2017-12-14
pfSense 2.4.1 - CSRF Error Page Clickjacking (Metasploit)
2017-12-14
Advantech WebAccess 8.2-2017.03.31 - Webvrpcs Service Opcode 80061 Stack Buffer Overflow (Metasploit)
2017-12-14
Dup Scout Enterprise - Login Buffer Overflow (Metasploit)
2017-12-14
Microsoft Office - DDE Payload Delivery (Metasploit)
2017-12-14
Piwigo 2.9.1 - 'cat_true' / 'cat_false' SQL Injection
2017-12-14
Bus Booking Script 1.0 - 'txtname' SQL Injection
2017-12-14
FS Lynda Clone 1.0 - SQL Injection
2017-12-14
Paid To Read Script 2.0.5 - 'uid' / 'fnum' / 'fn' SQL Injection
2017-12-14
Readymade Video Sharing Script 3.2 - HTML Injection
2017-12-14
Joomla! Component JEXTN Video Gallery 3.0.5 - 'id' SQL Injection
2017-12-14
Joomla! Component JEXTN Question And Answer 3.1.0 - SQL Injection
2017-12-14
Meinberg LANTIME Web Configuration Utility 6.16.008 - Arbitrary File Read
2017-12-13
glibc ld.so - Memory Leak / Buffer Overflow
2017-12-13
macOS/iOS - Kernel Double Free due to Incorrect API Usage in Flow Divert Socket Option Handling
2017-12-12
macOS - Kernel Code Execution due to Lack of Bounds Checking in AppleIntelCapriController::GetLinkConfig
2017-12-12
macOS/iOS - Multiple Kernel Use-After-Frees due to Incorrect IOKit Object Lifetime Management in IOTimeSyncClockManagerUserClient
2017-12-12
Apple XNU Kernel - Memory Corruption due to Integer Overflow in __offsetof Usage in posix_spawn on 32-bit Platforms
2017-12-12
Accesspress Anonymous Post Pro < 3.2.0 - Unauthenticated Arbitrary File Upload
2017-12-12
Joomla! Component JBuildozer 1.4.1 - 'appid' SQL Injection
2017-12-12
iOS/macOS - Kernel Double Free due to IOSurfaceRootUserClient not Respecting MIG Ownership Rules
2017-12-11
macOS - 'getrusage' Stack Leak Through struct Padding
2017-12-11
macOS - 'necp_get_socket_attributes' so_pcb Type Confusion
2017-12-11
LibTIFF pal2rgb 4.0.9 - Heap Buffer Overflow
2017-12-11
macOS XNU Kernel - Memory Disclosure due to bug in Kernel API for Detecting Kernel Memory Disclosures
2017-12-11
MikroTik 6.40.5 ICMP - Denial of Service
2017-12-11
Muslim Matrimonial Script 3.02 - 'succid' SQL Injection
2017-12-11
Vanguard 1.4 - SQL Injection
2017-12-11
Vanguard 1.4 - Arbitrary File Upload
2017-12-11
Basic Job Site Script 2.0.5 - SQL Injection
2017-12-11
Resume Clone Script 2.0.5 - SQL Injection
2017-12-11
Advanced World Database 2.0.5 - SQL Injection
2017-12-11
Groupon Clone Script 3.01 - 'state_id' / 'search' SQL Injection
2017-12-11
Car Rental Script 2.0.4 - 'val' SQL Injection
2017-12-11
MLM Forced Matrix 2.0.9 - 'newid' SQL Injection
2017-12-11
MLM Forex Market Plan Script 2.0.4 - 'newid' / 'eventid' SQL Injection
2017-12-11
Entrepreneur Bus Booking Script 3.0.4 - 'sourcebus' SQL Injection
2017-12-11
Advanced Real Estate Script 4.0.7 - SQL Injection
2017-12-11
Single Theater Booking Script 3.2.1 - 'findcity.php?q' SQL Injection
2017-12-11
Multiplex Movie Theater Booking Script 3.1.5 - 'moid' / 'eid' SQL Injection
2017-12-11
Responsive Events & Movie Ticket Booking Script 3.2.1 - 'findcity.php?q' SQL Injection
2017-12-11
Multireligion Responsive Matrimonial 4.7.2 - 'succid' SQL Injection
2017-12-11
Entrepreneur Dating Script 2.0.1 - 'marital' / 'gender' / 'country' / 'profileid' SQL Injection
2017-12-11
Responsive Realestate Script 3.2 - 'property-list?tbud' SQL Injection
2017-12-11
Readymade Video Sharing Script 3.2 - SQL Injection
2017-12-11
Readymade PHP Classified Script 3.3 - 'subctid' / 'mctid' SQL Injection
2017-12-11
Professional Service Script 1.0 - 'service-list?city' SQL Injection
2017-12-11
PHP Multivendor Ecommerce 1.0 - 'sid' / 'searchcat' / 'chid1' SQL Injection
2017-12-11
Opensource Classified Ads Script 3.2 - SQL Injection
2017-12-11
Online Exam Test Application Script 1.6 - 'exams.php?sort' SQL Injection
2017-12-11
Multivendor Penny Auction Clone Script 1.0 - SQL Injection
2017-12-11
Lawyer Search Script 1.1 - 'lawyer-list?city' SQL Injection
2017-12-11
Laundry Booking Script 1.0 - 'list?city' SQL Injection
2017-12-11
Secure E-commerce Script 2.0.1 - 'searchcat' / 'searchmain' SQL Injection
2017-12-11
Kickstarter Clone Acript 2.0 - 'projid' SQL Injection
2017-12-11
Foodspotting Clone Script 1.0 - 'quicksearch.php?q' SQL Injection
2017-12-11
Hot Scripts Clone 3.1 - 'subctid' / 'mctid' SQL Injection
2017-12-11
Freelance Website Script 2.0.6 - 'pr_id' / 'catid' SQL Injection
2017-12-11
Yoga Class Script 1.0 - 'list?city' SQL Injection
2017-12-11
Food Order Script 1.0 - 'list?city' SQL Injection
2017-12-11
Facebook Clone Script 1.0 - 'id' / 'send' SQL Injection
2017-12-11
E-commerce MLM Software 1.0 - SQL Injection
2017-12-10
Doctor Search Script 1.0 - 'city' SQL Injection
2017-12-10
Entrepreneur Job Portal Script 2.0.6 - 'jobsearch_all.php?rid1' SQL Injection
2017-12-10
Consumer Complaints Clone Script 1.0 - 'id' SQL Injection
2017-12-10
Event Calendar Category Script 1.0 - 'city' SQL Injection
2017-12-10
Co-work Space Search Script 1.0 - 'city' SQL Injection
2017-12-10
CMS Auditor Website 1.0 - SQL Injection
2017-12-10
Child Care Script 1.0 - 'city' SQL Injection
2017-12-10
Chartered Accountant Booking Script 1.0 - 'city' SQL Injection
2017-12-10
Cab Booking Script 1.0 - 'city' SQL Injection
2017-12-10
Nearbuy Clone Script 3.2 - 'search' SQL Injection
2017-12-10
Beauty Parlour Booking Script 1.0 - 'gender' / 'city' SQL Injection
2017-12-09
Basic B2B Script 2.0.8 - 'product_details.php?id' SQL Injection
2017-12-09
Affiliate MLM Script 1.0 - 'product-category.php?key' SQL Injection
2017-12-09
Advance Online Learning Management Script 3.1 - 'subcatid' / 'popcourseid' SQL Injection
2017-12-09
Advance B2B Script 2.1.3 - 'show_id' / 'pid' SQL Injection
2017-12-09
FS Foodpanda Clone 1.0 - SQL Injection
2017-12-09
FS Amazon Clone 1.0 - SQL Injection
2017-12-09
FS Crowdfunding Script 1.0 - 'latest_news_details.php?id' SQL Injection
2017-12-09
FS Expedia Clone 1.0 - 'fl_orig' / 'fl_dest' / 'id' SQL Injection
2017-12-09
FS Trademe Clone 1.0 - 'search' / 'id' SQL Injection
2017-12-09
FS Care Clone 1.0 - 'jobFrequency' / 'jobType' SQL Injection
2017-12-09
FS Ebay Clone 1.0 - 'id' / 'sub_category_id' / 'category_id' SQL Injection
2017-12-09
FS Freelancer Clone 1.0 - 'profile.php?u' SQL Injection
2017-12-09
FS Gigs Script 1.0 - 'cat' / 'sc' SQL Injection
2017-12-09
FS Groupon Clone 1.0 - 'id' SQL Injection
2017-12-09
FS Grubhub Clone 1.0 - 'keywords' SQL Injection
2017-12-09
FS IMDB Clone 1.0 - 'f' / 's' / 'id' SQL Injection
2017-12-09
FS Indiamart Clone 1.0 - 'token' / 'id' / 'c' SQL Injection
2017-12-09
FS Linkedin Clone 1.0 - 'grid' / 'fid' / 'id' SQL Injection
2017-12-09
FS Makemytrip Clone 1.0 - 'fl_orig' / 'fl_dest' SQL Injection
2017-12-09
Apple macOS 10.13.1 (High Sierra) - 'Blank Root' Local Privilege Escalation
2017-12-09
Apple macOS 10.13.1 (High Sierra) - Insecure Cron System Local Privilege Escalation
2017-12-08
FS Monster Clone 1.0 - 'Employer_Details.php?id' SQL Injection
2017-12-08
FS Olx Clone 1.0 - 'scat' / 'pid' SQL Injection
2017-12-08
FS Quibids Clone 1.0 - SQL Injection
2017-12-08
FS Thumbtack Clone 1.0 - 'cat' / 'sc' SQL Injection
2017-12-08
Website Auction Marketplace 2.0.5 - 'cat_id' SQL Injection
2017-12-08
FS Shutterstock Clone 1.0 - 'keywords' SQL Injection
2017-12-08
FS Stackoverflow Clone 1.0 - 'keywords' SQL Injection
2017-12-08
Realestate Crowdfunding Script 2.7.2 - 'pid' SQL Injection
2017-12-08
Simple Chatting System 1.0.0 - Arbitrary File Upload
2017-12-08
LabF nfsAxe FTP Client 3.7 - Buffer Overflow (DEP Bypass)
2017-12-08
DomainSale PHP Script 1.0 - 'id' SQL Injection
2017-12-08
Linux Kernel - DCCP Socket Use-After-Free
2017-12-07
Wireshark 2.4.0 - 2.4.2 / 2.2.0 - 2.2.10 - CIP Safety Dissector Crash
2017-12-07
OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting
2017-12-07
Claymore Dual ETH + DCR/SC/LBC/PASC GPU Miner - Stack Buffer Overflow / Path Traversal
2017-12-07
Polycom Shell HDX Series - Traceroute Command Execution (Metasploit)
2017-12-07
Microsoft Windows Defender - Controlled Folder Bypass Through UNC Path
2017-12-07
FS Facebook Clone - 'token' SQL Injection
2017-12-07
FS IMDB Clone - 'id' SQL Injection
2017-12-07
LaCie 5big Network 2.2.8 - Command Injection
2017-12-07
WAGO PFC 200 SERIES Multiple Vulnerabilities
2017-12-06
Tinysvcmdns Multi-label DNS Heap Overflow Vulnerability
2017-12-06
HP iMC Plat 7.2 - Remote Code Execution Exploit (2)
2017-12-06
HP iMC Plat 7.2 - Remote Code Execution Exploit
2017-12-06
Jobs2Careers / Coroflot Clone - SQL Injection Vulnerability
2017-12-06
MistServer 2.12 - Cross-Site Scripting Vulnerability
2017-12-06
Artica Web Proxy 3.06 - Remote Code Execution Vulnerability
2017-12-06
ZKTeco ZKTime Web 2.0.1.12280 Cross Site Scripting Vulnerability
2017-12-06
ZKTeco ZKTime Web 2.0.1.12280 Cross Site Request Forgery Vulnerability
2017-12-06
macOS High Sierra - Root Privilege Escalation Exploit
2017-12-06
WordPress WooCommerce 2.0/3.0 Plugin - Directory Traversal Vulnerability
2017-12-06
Linux Kernel - The Huge Dirty Cow Overwriting The Huge Zero Page Exploit
2017-12-06
Proxifier for Mac 2.19 - Local root Privilege Escalation
2017-12-06
Hashicorp vagrant-vmware-fusion 4.0.23 - Local root Privilege Escalation
2017-12-06
Hashicorp vagrant-vmware-fusion 4.0.24 - Local root Privilege Escalation
2017-12-06
Hashicorp vagrant-vmware-fusion 5.0.0 - Local root Privilege Escalation
2017-12-06
Sera 1.2 - Local root Privilege Escalation / Password Disclosure
2017-12-06
Hashicorp vagrant-vmware-fusion 5.0.1 - Local root Privilege Escalation
2017-12-06
Hashicorp vagrant-vmware-fusion 5.0.3 - Local root Privilege Escalation
2017-12-06
Arq 5.9.6 - Local root Privilege Escalation
2017-12-06
Murus 1.4.11 - Local root Privilege Escalation
2017-12-06
Arq 5.9.7 - Local root Privilege Escalation
2017-12-06
FS Shaadi Clone - 'token' SQL Injection
2017-12-06
WinduCMS 3.1 - Local File Disclosure
2017-12-06
FS Makemytrip Clone - 'id' SQL Injection
2017-12-06
Techno Portfolio Management Panel - 'id' SQL Injection
2017-12-05
Readymade Classifieds Script 1.0 - SQL Injection
2017-12-05
Perspective ICM Investigation & Case 5.1.1.16 - Privilege Escalation
2017-12-05
VX Search 10.2.14 - 'command_name' Buffer Overflow
2017-12-05
Abyss Web Server < 2.11.6 - Heap Memory Corruption
2017-12-01
Artica Web Proxy 3.06 - Remote Code Execution
2017-12-01
MistServer 2.12 - Cross-Site Scripting
2017-12-01
Jobs2Careers / Coroflot Clone - SQL Injection
2017-12-01
HP iMC Plat 7.2 - Remote Code Execution (2)
2017-12-01
HP iMC Plat 7.2 - Remote Code Execution
2017-12-01
macOS High Sierra - Root Privilege Escalation (Metasploit)
2017-11-30
Linux Kernel - 'The Huge Dirty Cow' Overwriting The Huge Zero Page
2017-11-30
Asterisk 13.17.2 - Memory Corruption
2017-11-30
WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal
2017-11-30
Hipchat For Mac 4.x Remote Code Execution Vulnerability
2017-11-30
Hipchat Data Center / Hipchat Server Code Execution / SSRF Vulnerabilities
2017-11-30
MacOSX Root Privilege Escalation Exploit
2017-11-30
Apache CouchDB Remote Code Execution Vulnerability
2017-11-30
Exim Use-After-Free Exploit
2017-11-30
osCommerce 2.3.4.1 - Arbitrary File Upload Exploit
2017-11-29
Microsoft Windows 10 Creators Update version 1703 - Kernel Local Privilege Escalation Exploit
2017-11-29
pfSense 2.3.1_1 Remote Command Execution Exploit
2017-11-29
HikVision Wi-Fi IP Camera Wireless Access Point State Vulnerability
2017-11-29
Android Gmail < 7.11.5.176568039 - Directory Traversal in Attachment Download Exploit
2017-11-29
Synology StorageManager 5.2 - Remote Root Command Execution Exploit
2017-11-29
CMS Made Simple 2.1.6 Cross Site Scripting / Template Injection Vulnerabilities
2017-11-29
KMPlayer 4.2.2.4 - Denial of Service Exploit
2017-11-29
Winamp Pro 5.66.Build.3512 - Denial of Service Exploit
2017-11-29
Diving Log 6.0 - XML External Entity Injection Vulnerability
2017-11-29
ZTE ZXDSL 831CII - Improper Access Restrictions Vulnerability
2017-11-29
Exim 4.89 - BDAT Denial of Service Exploit
2017-11-29
Wget HTTP integer overflow Exploit
2017-11-29
JBOSSAS 5.x/6.x Deserializer Vulnerability
2017-11-29
JBOSSAS 4.x Deserializer Vulnerability
2017-11-29
Cambium Multiple Vulnerabilities
2017-11-29
DblTek GoIP GSM Gateway Multiple Vulnerabilities
2017-11-29
WordPress CMS Tree Page View 1.3.4 plugin Privilege Escalation Vulnerability
2017-11-29
WordPress WPDB SQL Injection Vulnerability
2017-11-29
Ubuntu 17.04 Linux Kernel XFRM Privilege Escalation Exploit
2017-11-29
D-Link DIR-850L Credential Disclosure Exploit
2017-11-29
CSC Cart 4.6.2 Shell Upload Vulnerability
2017-11-29
Microsoft Windows win32kfull!GreUpdateSpriteInternal Kernel Stack Memory Disclosure Exploit
2017-11-29
Microsoft Windows win32kbase!NtQueryCompositionInputQueueAndTransform Kernel Stack Memory Disclosure
2017-11-29
Microsoft Edge Chakra JIT Incorrect Function Declaration Scope Exploit
2017-11-29
Microsoft Edge Chakra JIT Inline::InlineCallApplyTarget_Shared Failed Return Exploit
2017-11-29
Microsoft Edge Chakra JIT GlobOpt::OptTagChecks Property Consideration Exploit
2017-11-29
Microsoft Edge Chakra JIT BailOutOnTaggedValue Bailouts Exploit
2017-11-29
CommuniGatePro 6.1.16 Cross Site Scripting Vulnerability
2017-11-29
ALLPlayer 7.5 - Local Buffer Overflow (SEH Unicode) Exploit
2017-11-29
Linux - mincore() Uninitialized Kernel Heap Page Disclosure Exploit
2017-11-29
WebKit - WebCore::FormSubmission::create Use-After-Free Exploit
2017-11-29
WebKit - WebCore::RenderObject::previousSibling Use-After-Free Exploit
2017-11-29
WebKit - WebCore::DocumentLoader::frameLoader Use-After-Free Exploit
2017-11-29
WebKit - WebCore::Style::TreeResolver::styleForElement Use-After-Free Exploit
2017-11-29
WebKit - WebCore::SVGPatternElement::collectPatternAttributes Out-of-Bounds Read Exploit
2017-11-29
WebKit - WebCore::SimpleLineLayout::RunResolver::runForPoint Out-of-Bounds Read Exploit
2017-11-29
WebKit - WebCore::RenderText::localCaretRect Out-of-Bounds Read Exploit
2017-11-29
WebKit - WebCore::AXObjectCache::performDeferredCacheUpdate Use-After-Free Exploit
2017-11-29
WebKit - WebCore::PositionIterator::decrement Use-After-Free Exploit
2017-11-29
WebKit - WebCore::InputType::element Use-After-Free Exploit
2017-11-29
WebKit - WebCore::TreeScope::documentScope Use-After-Free Exploit
2017-11-29
Icon Time Systems RTC-1000 Firmware 2.5.7458 - Cross-Site Scripting Vulnerability
2017-11-29
MyTy 5.1.6 Blind SQL Injection Vulnerability
2017-11-29
MyTy 5.1.7 Cross Site Scripting Vulnerability
2017-11-29
WordPress Breezing Forms 1.2.7.42 Cross Site Scripting Vulnerability
2017-11-29
WordPress Yoast SEO Cross Site Scripting Vulnerability
2017-11-29
Vonage VDV-23 - Denial of Service Exploit
2017-11-29
WordPress In Link 1.0 SQL Injection Vulnerability
2017-11-29
WordPress amtyThumb 8.1.3 Cross Site Scripting Vulnerability
2017-11-29
WordPress Advanced Post Type Ratings 1.1 Cross Site Scripting Vulnerability
2017-11-29
WordPress Emag Marketplace Connector 1.0 Cross Site Scripting Vulnerability
2017-11-29
RSA Authentication Manager 8.2 SP1 P5 Cross Site Scripting Vulnerability
2017-11-29
EMC ScaleIO 2.0.1.x Buffer Overflow / Information Disclosure Vulnerabilities
2017-11-29
Microsoft Windows NTFS File System Metadata Disclosures Exploit
2017-11-29
Microsoft Windows 10 - nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry) Pool Memory Disclosur
2017-11-29
MyBB 1.8.13 - Cross-Site Scripting Vulnerability
2017-11-29
Microsoft Office - OLE Remote Code Execution Exploit
2017-11-29
Microsoft Windows 10 - CiSetFileCache TOCTOU Security Feature Bypass Vulnerability
2017-11-29
iOS < 11.1 / tvOS < 11.1 / watchOS < 4.1 - Denial of Service Exploit
2017-11-29
Dell Active Roles 7.x Unquoted Service Path Privilege Escalation Vulnerability
2017-11-29
phpMyFAQ 2.9.9 Code Injection Exploit
2017-11-29
Cisco Umbrella Virtual Appliance 2.1.0 Hardcoded Credentials Vulnerability
2017-11-29
TP-Link TL-WA830RE - Cross-Site Scripting Vulnerability
2017-11-29
Progress Sitefinity 10.0 / 10.1 Broken Access Control / LINQ Injection Vulnerability
2017-11-29
VX Search 10.2.14 - Proxy Buffer Overflow (SEH) Exploit
2017-11-29
Microsoft Edge Chakra JIT - OP_Memset Type Confusion Exploit
2017-11-29
Microsoft Edge Chakra JIT - Lowerer::LowerBoundCheck Incorrect Integer Overflow Check Exploit
2017-11-29
Microsoft Edge Chakra JIT - Type Confusion with switch Statements Exploit
2017-11-29
Microsoft Edge - Object.setPrototypeOf Memory Corruption Exploit
2017-11-29
Zeta Components Mail 1.8.1 - Remote Code Execution Vulnerability
2017-11-29
LanSweeper 6.0.100.75 - Cross-Site Scripting Vulnerability
2017-11-29
Vonage VDV23 - Cross-Site Scripting Vulnerability
2017-11-29
DLink DIR-605L < 2.08 - Denial of Service Exploit
2017-11-29
DLink DCS-936L Network Camera Cross-Site Request Forgery Vulnerability
2017-11-29
TP-Link TL-WR740N - Cross-Site Scripting Vulnerability
2017-11-29
WIFICAM Wireless IP Camera (P2P) - Unauthenticated Remote Code Execution Exploit
2017-11-29
PHP 7.1.8 - Heap-Based Buffer Overflow Vulnerability
2017-11-29
Vivotek IP Cameras Remote Stack Overflow Vulnerability
2017-11-29
QEMU - NBD Server Long Export Name Stack Buffer Overflow
2017-11-29
pfSense - Authenticated Group Member RCE (Metasploit)
2017-11-29
Microsoft Windows 10 Creators Update (version 1703) (x86) - 'WARBIRD' 'NtQuerySystemInformation ' Kernel Local Privilege Escalation
2017-11-29
osCommerce 2.3.4.1 - Arbitrary File Upload
2017-11-29
DVD Creator 4.1.0 - Insecure File Permissions Vulnerability
2017-11-28
Hola VPN v1.34 - Privilege Escalation Vulnerability
2017-11-28
Synology StorageManager 5.2 - Remote Root Command Execution
2017-11-28
Android Gmail < 7.11.5.176568039 - Directory Traversal in Attachment Download
2017-11-28
ZTE ZXDSL 831CII - Improper Access Restrictions
2017-11-27
Diving Log 6.0 - XML External Entity Injection
2017-11-27
Winamp Pro 5.66.Build.3512 - Denial of Service
2017-11-27
KMPlayer 4.2.2.4 - Denial of Service
2017-11-27
Exim 4.89 - 'BDAT' Denial of Service
2017-11-27
Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly
2017-11-27
Microsoft Edge Chakra JIT - Incorrect Function Declaration Scope
2017-11-27
Microsoft Edge Chakra JIT - 'Inline::InlineCallApplyTarget_Shared' does not Return the return Instruction
2017-11-27
Microsoft Edge Chakra JIT - 'BailOutOnTaggedValue' Bailouts Type Confusion
2017-11-27
CommuniGatePro 6.1.16 - Cross-Site Scripting
2017-11-27
ALLPlayer 7.5 - Local Buffer Overflow (SEH Unicode)
2017-11-26
Linux - 'mincore()' Uninitialized Kernel Heap Page Disclosure
2017-11-24
WebKit - 'WebCore::FormSubmission::create' Use-After-Free
2017-11-22
WebKit - 'WebCore::RenderObject::previousSibling' Use-After-Free
2017-11-22
WebKit - 'WebCore::DocumentLoader::frameLoader' Use-After-Free
2017-11-22
WebKit - 'WebCore::Style::TreeResolver::styleForElement' Use-After-Free
2017-11-22
WebKit - 'WebCore::SVGPatternElement::collectPatternAttributes' Out-of-Bounds Read
2017-11-22
WebKit - 'WebCore::SimpleLineLayout::RunResolver::runForPoint' Out-of-Bounds Read
2017-11-22
WebKit - 'WebCore::RenderText::localCaretRect' Out-of-Bounds Read
2017-11-22
WebKit - 'WebCore::AXObjectCache::performDeferredCacheUpdate' Use-After-Free
2017-11-22
WebKit - 'WebCore::PositionIterator::decrement' Use-After-Free
2017-11-22
WebKit - 'WebCore::InputType::element' Use-After-Free
2017-11-22
WebKit - 'WebCore::TreeScope::documentScope' Use-After-Free
2017-11-22
Vonage VDV-23 - Denial of Service
2017-11-22
Icon Time Systems RTC-1000 Firmware 2.5.7458 - Cross-Site Scripting
2017-11-22
Microsoft Windows 10 - 'nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry)' Pool Memory Disclosure
2017-11-21
Microsoft Office - OLE Remote Code Execution
2017-11-21
Microsoft Windows 10 - CiSetFileCache TOCTOU Security Feature Bypass
2017-11-20
iOS < 11.1 / tvOS < 11.1 / watchOS < 4.1 - Denial of Service
2017-11-20
MyBB 1.8.13 - Cross-Site Scripting
2017-11-19
MyBB 1.8.13 - Remote Code Execution
2017-11-19
VX Search 10.2.14 - 'Proxy' Buffer Overflow (SEH)
2017-11-17
Zeta Components Mail 1.8.1 - Remote Code Execution
2017-11-16
Microsoft Edge Chakra: JIT - 'OP_Memset' Type Confusion
2017-11-16
Microsoft Edge Chakra: JIT - 'Lowerer::LowerBoundCheck' Incorrect Integer Overflow Check
2017-11-16
Microsoft Edge Chakra JIT - Type Confusion with switch Statements
2017-11-16
Microsoft Edge - 'Object.setPrototypeOf' Memory Corruption
2017-11-16
Vonage VDV23 - Cross-Site Scripting
2017-11-16
LanSweeper 6.0.100.75 - Cross-Site Scripting
2017-11-16
TP-Link TL-WR740N - Cross-Site Scripting
2017-11-16
Anti-Virus Privileged File Write Vulnerability
2017-11-16
Identity Governance 12.6 Cross Site Scripting Vulnerability
2017-11-16
WordPress AMP Toolbox 1.9.4 Cross Site Scripting Vulnerability
2017-11-16
WordPress DFD Reddcoin Tips 1.1.1 Cross Site Scripting Vulnerability
2017-11-16
WordPress Affiliate Ads For Clickbank Products 1.3 XSS Vulnerability
2017-11-16
Scala 2.x Privilege Escalation Vulnerability
2017-11-16
Siemens SICAM RTUs SM-2556 COM Modules XSS / Bypass / Code Execution Vulnerabilities
2017-11-16
Allworx Server Manager 6x / 6x12 / 48x Cross Site Scripting Vulnerability
2017-11-16
Dup Scout Enterprise 10.0.18 - Login Buffer Overflow Exploit
2017-11-16
PSFTPd Windows FTP Server 10.0.4 Build 729 - Log Injection / Use-After-Free Vulnerability
2017-11-16
Technicolor TG789vn v3 HTTP DoS Exploit
2017-11-16
WordPress Appointments 2.2.2.2 Cross Site Scripting Vulnerability
2017-11-16
WordPress Cartogiraffe Map 1.0 Cross Site Scripting Vulnerability
2017-11-16
WordPress Boozang 1.0.0 Cross Site Scripting Vulnerability
2017-11-16
D-Link DIR-850L Unauthenticated Command Execution Exploit
2017-11-16
Ulterius Server < 1.9.5.0 - Directory Traversal Exploit
2017-11-16
Kirby CMS < 2.5.7 - Cross-Site Scripting Vulnerability
2017-11-16
Monstra CMS 3.0.4 Cross Site Scripting Vulnerability
2017-11-16
Web Viewer 1.0.0.193 (Samsung SRN-1670D) - Unrestricted File Upload Exploit
2017-11-16
IKARUS anti.virus 2.16.7 - ntguard_x64 Privilege Escalation Exploit
2017-11-16
Xlight FTP Server 3.8.8.5 - Buffer Overflow (PoC) Exploit
2017-11-16
Fierce Buffer Overflow Vulnerability
2017-11-16
Symantec Endpoint Protection v12.1 / Tamper-Protection Bypass Exploit
2017-11-16
Microsoft Internet Explorer 11 jscript!JsErrorToString Use-After-Free Exploit
2017-11-16
Datto Windows Agent Remote Code Execution Vulnerability
2017-11-16
WordPress Secure HTML5 Video Player 3.14 Cross Site Scripting Vulnerability
2017-11-16
D-Link DIR605L - Denial of Service
2017-11-15
D-Link DCS-936L Network Camera - Cross-Site Request Forgery
2017-11-15
Dup Scout Enterprise 10.0.18 - 'Login' Buffer Overflow
2017-11-15
PSFTPd Windows FTP Server 10.0.4 Build 729 - Log Injection / Use-After-Free
2017-11-14
PHP 7.1.8 - Heap-Based Buffer Overflow
2017-11-14
Mako Server 2.5 - OS Command Injection Remote Command Execution (Metasploit)