|
Cyberoam Authentication Client 2.1.2.7 - Buffer Overflow (SEH)
|
|
2020-03-02
|
|
Joplin Desktop 1.0.184 - Cross-Site Scripting
|
|
2020-03-02
|
|
qdPM < 9.1 - Remote Code Execution
|
|
2020-02-28
|
|
Cacti 1.2.8 - Unauthenticated Remote Code Execution
|
|
2020-02-27
|
|
Cacti 1.2.8 - Authenticated Remote Code Execution
|
|
2020-02-27
|
|
Apache Tomcat - AJP 'Ghostcat File Read/Inclusion
|
|
2020-02-27
|
|
Comtrend VR-3033 - Command Injection
|
|
2020-02-27
|
|
Business Live Chat Software 1.0 - Cross-Site Request Forgery (Add Admin)
|
|
2020-02-27
|
|
OpenSMTPD < 6.6.3p1 - Local Privilege Escalation + Remote Code Execution
|
|
2020-02-26
|
|
OpenSMTPD 6.6.3 - Arbitrary File Read
|
|
2020-02-26
|
|
PhpIX 2012 Professional - 'id' SQL Injection
|
|
2020-02-26
|
|
Core FTP LE 2.2 - Denial of Service (PoC)
|
|
2020-02-26
|
|
GUnet OpenEclass E-learning platform 1.7.3 - 'uname' SQL Injection
|
|
2020-02-26
|
|
Odin Secure FTP Expert 7.6.3 - Denial of Service (PoC)
|
|
2020-02-25
|
|
Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass
|
|
2020-02-25
|
|
WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass
|
|
2020-02-25
|
|
aSc TimeTables 2020.11.4 - Denial of Service (PoC)
|
|
2020-02-25
|
|
SpotFTP-FTP Password Recover 2.4.8 - Denial of Service (PoC)
|
|
2020-02-25
|
|
Diamorphine Rootkit - Signal Privilege Escalation (Metasploit)
|
|
2020-02-24
|
|
Apache James Server 2.3.2 - Insecure User Creation Arbitrary File Write (Metasploit)
|
|
2020-02-24
|
|
Android Binder - Use-After-Free (Metasploit)
|
|
2020-02-24
|
|
Cacti 1.2.8 - Remote Code Execution
|
|
2020-02-24
|
|
Aptina AR0130 960P 1.3MP Camera - Remote Configuration Disclosure
|
|
2020-02-24
|
|
DotNetNuke 9.5 - File Upload Restrictions Bypass
|
|
2020-02-24
|
|
DotNetNuke 9.5 - Persistent Cross-Site Scripting
|
|
2020-02-24
|
|
eLection 2.0 - 'id' SQL Injection
|
|
2020-02-24
|
|
Go SSH servers 0.0.2 - Denial of Service (PoC)
|
|
2020-02-24
|
|
ManageEngine EventLog Analyzer 10.0 - Information Disclosure
|
|
2020-02-24
|
|
I6032B-P POE 2.0MP Outdoor Camera - Remote Configuration Disclosure
|
|
2020-02-24
|
|
ATutor 2.2.4 - 'id' SQL Injection
|
|
2020-02-24
|
|
Windows\x86 - Null-Free WinExec Calc.exe Shellcode (195 bytes)
|
|
2020-02-24
|
|
SecuSTATION SC-831 HD Camera - Remote Configuration Disclosure
|
|
2020-02-24
|
|
AMSS++ 4.7 - Backdoor Admin Account
|
|
2020-02-24
|
|
CandidATS 2.1.0 - Cross-Site Request Forgery (Add Admin)
|
|
2020-02-24
|
|
Quick N Easy Web Server 3.3.8 - Denial of Service (PoC)
|
|
2020-02-24
|
|
SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure
|
|
2020-02-24
|
|
AMSS++ v 4.31 - 'id' SQL Injection
|
|
2020-02-24
|
|
ESCAM QD-900 WIFI HD Camera - Remote Configuration Disclosure
|
|
2020-02-24
|
|
Avaya IP Office Application Server 11.0.0.0 - Reflective Cross-Site Scripting
|
|
2020-02-24
|
|
Core FTP Lite 1.3 - Denial of Service (PoC)
|
|
2020-02-20
|
|
Easy2Pilot 7 - Cross-Site Request Forgery (Add User)
|
|
2020-02-20
|
|
Nanometrics Centaur 4.3.23 - Unauthenticated Remote Memory Leak
|
|
2020-02-20
|
|
DBPower C300 HD Camera - Remote Configuration Disclosure
|
|
2020-02-20
|
|
Virtual Freer 1.58 - Remote Command Execution
|
|
2020-02-20
|
|
Anviz CrossChex - Buffer Overflow (Metasploit)
|
|
2020-02-20
|
|
LabVantage 8.3 - Information Disclosure
|
|
2020-02-20
|
|
SOPlanning 1.45 - 'users' SQL Injection
|
|
2020-02-20
|
|
Cuckoo Clock v5.0 - Buffer Overflow
|
|
2020-02-20
|
|
SOPlanning 1.45 - Cross-Site Request Forgery (Add User)
|
|
2020-02-20
|
|
TFTP Turbo 4.6.1273 - 'TFTP Turbo 4' Unquoted Service Path
|
|
2020-02-20
|
|
WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting
|
|
2020-02-20
|
|
Ice HRM 26.2.0 - Cross-Site Request Forgery (Add User)
|
|
2020-02-20
|
|
DHCP Turbo 4.61298 - 'DHCP Turbo 4' Unquoted Service Path
|
|
2020-02-20
|
|
MSI Packages Symbolic Links Processing - Windows 10 Privilege Escalation
|
|
2020-02-20
|
|
BOOTP Turbo 2.0.1214 - 'BOOTP Turbo' Unquoted Service Path
|
|
2020-02-20
|
|
Avaya Aura Communication Manager 5.2 - Remote Code Execution
|
|
2020-02-20
|
|
Wordpress Plugin Strong Testimonials 2.40.1 - Persistent Cross-Site Scripting
|
|
2020-02-20
|
|
HP System Event 1.2.9.0 - 'HPWMISVC' Unquoted Service Path
|
|
2020-02-20
|
|
SOPlanning 1.45 - 'by' SQL Injection
|
|
2020-02-20
|
|
Hypervisor Necromancy; Reanimating Kernel Protectors
|
|
2020-02-20
|
|
PHP 7.0 < 7.4 (Unix) - 'debug_backtrace' disable_functions Bypass
|
|
2020-02-20
|
|
Windows Kernel - Information Disclosure
|
|
2020-02-20
|
|
SprintWork 2.3.1 - Local Privilege Escalation
|
|
2020-02-20
|
|
EPSON EasyMP Network Projection 2.81 - 'EMP_NSWLSV' Unquoted Service Path
|
|
2020-02-20
|
|
HomeGuard Pro 9.3.1 - Insecure Folder Permissions
|
|
2020-02-20
|
|
phpMyChat Plus 1.98 - 'pmc_username' SQL Injection
|
|
2020-02-20
|
|
PANDORAFMS 7.0 - Authenticated Remote Code Execution
|
|
2020-02-20
|
|
OpenTFTP 1.66 - Local Privilege Escalation
|
|
2020-02-20
|
|
HP System Event Utility - Local Privilege Escalation
|
|
2020-02-12
|
|
MyVideoConverter Pro 3.14 - 'TVSeries' Buffer Overflow
|
|
2020-02-12
|
|
MyVideoConverter Pro 3.14 - 'Output Folder' Buffer Overflow
|
|
2020-02-12
|
|
MyVideoConverter Pro 3.14 - 'Movie' Buffer Overflow
|
|
2020-02-12
|
|
Microsoft SharePoint - Deserialization Remote Code Execution
|
|
2020-02-11
|
|
Sudo 1.8.25p - 'pwfeedback' Buffer Overflow
|
|
2020-02-11
|
|
OpenSMTPD 6.6.1 - Local Privilege Escalation
|
|
2020-02-11
|
|
Wedding Slideshow Studio 1.36 - 'Name' Buffer Overflow
|
|
2020-02-11
|
|
Disk Savvy Enterprise 12.3.18 - Unquoted Service Path
|
|
2020-02-11
|
|
Disk Sorter Enterprise 12.4.16 - 'Disk Sorter Enterprise' Unquoted Service Path
|
|
2020-02-11
|
|
WordPress InfiniteWP - Client Authentication Bypass (Metasploit)
|
|
2020-02-11
|
|
DVD Photo Slideshow Professional 8.07 - 'Name' Buffer Overflow
|
|
2020-02-11
|
|
Sync Breeze Enterprise 12.4.18 - 'Sync Breeze Enterprise' Unquoted Service Path
|
|
2020-02-11
|
|
FreeSSHd 1.3.1 - 'FreeSSHDService' Unquoted Service Path
|
|
2020-02-11
|
|
freeFTPd v1.0.13 - 'freeFTPdService' Unquoted Service Path
|
|
2020-02-11
|
|
Vanilla Forums 2.6.3 - Persistent Cross-Site Scripting
|
|
2020-02-11
|
|
DVD Photo Slideshow Professional 8.07 - 'Key' Buffer Overflow
|
|
2020-02-11
|
|
CHIYU BF430 TCP IP Converter - Stored Cross-Site Scripting
|
|
2020-02-11
|
|
Torrent iPod Video Converter 1.51 - Stack Overflow
|
|
2020-02-11
|
|
OpenSMTPD - MAIL FROM Remote Code Execution (Metasploit)
|
|
2020-02-10
|
|
D-Link Devices - Unauthenticated Remote Command Execution in ssdpcgi (Metasploit)
|
|
2020-02-10
|
|
Ricoh Driver - Privilege Escalation (Metasploit)
|
|
2020-02-10
|
|
iOS/macOS - Out-of-Bounds Timestamp Write in IOAccelCommandQueue2::processSegmentKernelCommand()
|
|
2020-02-10
|
|
usersctp - Out-of-Bounds Reads in sctp_load_addresses_from_init
|
|
2020-02-10
|
|
Linux/x86 - Bind Shell Generator Shellcode (114 bytes)
|
|
2020-02-10
|
|
Dota 2 7.23f - Denial of Service (PoC)
|
|
2020-02-10
|
|
LearnDash WordPress LMS Plugin 3.1.2 - Reflective Cross-Site Scripting
|
|
2020-02-10
|
|
Forcepoint WebSecurity 8.5 - Reflective Cross-Site Scripting
|
|
2020-02-10
|
|
Wedding Slideshow Studio 1.36 - 'Key' Buffer Overflow
|
|
2020-02-10
|
|
Google Invisible RECAPTCHA 3 - Spoof Bypass
|
|
2020-02-07
|
|
ExpertGPS 6.38 - XML External Entity Injection
|
|
2020-02-07
|
|
EyesOfNetwork 5.3 - Remote Code Execution
|
|
2020-02-07
|