|
TeamCity 2017.1.5 Privilege Escalation Vulnerability
|
|
2017-12-22
|
|
Doctor Search Script 1.0 - city SQL Injection Vulnerability
|
|
2017-12-22
|
|
Event Calendar Category Script 1.0 - city SQL Injection Vulnerability
|
|
2017-12-22
|
|
E-commerce MLM Software 1.0 - SQL Injection Vulnerability
|
|
2017-12-22
|
|
Entrepreneur Job Portal Script 2.0.6 - jobsearch_all.php?rid1 SQL Injection Vulnerability
|
|
2017-12-22
|
|
Consumer Complaints Clone Script 1.0 - id SQL Injection Vulnerability
|
|
2017-12-22
|
|
Co-work Space Search Script 1.0 - city SQL Injection Vulnerability
|
|
2017-12-22
|
|
Child Care Script 1.0 - city SQL Injection Vulnerability
|
|
2017-12-22
|
|
Cab Booking Script 1.0 - city SQL Injection Vulnerability
|
|
2017-12-22
|
|
Nearbuy Clone Script 3.2 - search SQL Injection Vulnerability
|
|
2017-12-22
|
|
CMS Auditor Website 1.0 - SQL Injection Vulnerability
|
|
2017-12-22
|
|
Chartered Accountant Booking Script 1.0 - city SQL Injection Vulnerability
|
|
2017-12-22
|
|
Basic B2B Script 2.0.8 - product_details.php?id SQL Injection Vulnerability
|
|
2017-12-22
|
|
Beauty Parlour Booking Script 1.0 - gender / city SQL Injection Vulnerability
|
|
2017-12-22
|
|
Affiliate MLM Script 1.0 - product-category.php?key SQL Injection Vulnerability
|
|
2017-12-22
|
|
Advance Online Learning Management Script 3.1 - subcatid / popcourseid SQL Injection Vulnerability
|
|
2017-12-22
|
|
Advance B2B Script 2.1.3 - show_id / pid SQL Injection Vulnerability
|
|
2017-12-22
|
|
Simple Chatting System 1.0.0 Arbitrary File Upload Vulnerability
|
|
2017-12-22
|
|
DomainSale PHP Script 1.0 SQL Injection Vulnerability
|
|
2017-12-22
|
|
Realestate Crowdfunding Script 2.7.2 SQL Injection Vulnerability
|
|
2017-12-22
|
|
Website Auction Marketplace 2.0.5 SQL Injection Vulnerability
|
|
2017-12-22
|
|
Apple macOS 10.13.1 High Sierra - Blank Root Local Privilege Escalation Vulnerability
|
|
2017-12-22
|
|
Apple macOS 10.13.1 High Sierra - Insecure Cron System Local Privilege Escalation Vulnerability
|
|
2017-12-22
|
|
WordPress Crowd Ideas 1.0 Cross Site Scripting Vulnerability
|
|
2017-12-22
|
|
LabF nfsAxe FTP Client 3.7 Buffer Overflow Exploit
|
|
2017-12-22
|
|
iTech Travel Script v9.59 - id SQL Injection Vulnerability
|
|
2017-12-22
|
|
Microsoft Windows Defender - Controlled Folder Bypass Through UNC Path Exploit
|
|
2017-12-22
|
|
LaCie 5big Network 2.2.8 Command Injection Exploit
|
|
2017-12-22
|
|
Wireshark 2.4.0 - 2.4.2 / 2.2.0 - 2.2.10 - CIP Safety Dissector Crash Exploit
|
|
2017-12-22
|
|
Linux Kernel - DCCP Socket Use-After-Free Exploit
|
|
2017-12-22
|
|
FS Facebook Clone - token SQL Injection Vulnerability
|
|
2017-12-22
|
|
FS IMDB Clone - XSS REFLECTED/PERSISTENT Vulnerabilties
|
|
2017-12-22
|
|
FS IMDB Clone - id SQL Injection Vulnerability
|
|
2017-12-22
|
|
WordPress 3rd-Party Inject Results 0.2 Cross Site Scripting Vulnerability
|
|
2017-12-22
|
|
WordPress Z-URL Preview 1.6.1 Cross Site Scripting Vulnerability
|
|
2017-12-22
|
|
WordPress WP Mailster 1.5.4.0 Cross Site Scripting Vulnerability
|
|
2017-12-22
|
|
WordPress Super Simple Custom CSS 1.2 Cross Site Scripting Vulnerability
|
|
2017-12-22
|
|
WordPress Smart Marketing SMS And Newsletters Forms 1.1.1 XSS Vulnerability
|
|
2017-12-22
|
|
Hashicorp vagrant-vmware-fusion 4.0.24 - Local root Privilege Escalation Exploit
|
|
2017-12-22
|
|
Hashicorp vagrant-vmware-fusion 4.0.23 - Local root Privilege Escalation Exploit
|
|
2017-12-22
|
|
Hashicorp vagrant-vmware-fusion 5.0.3 - Local root Privilege Escalation Exploit
|
|
2017-12-22
|
|
Hashicorp vagrant-vmware-fusion 5.0.1 - Local root Privilege Escalation Exploit
|
|
2017-12-22
|
|
Hashicorp vagrant-vmware-fusion 5.0.0 - Local root Privilege Escalation Exploit
|
|
2017-12-22
|
|
Arq 5.9.7 - Local root Privilege Escalation Exploit
|
|
2017-12-22
|
|
Arq 5.9.6 - Local root Privilege Escalation Exploit
|
|
2017-12-22
|
|
Microsoft Edge Chakra CFG Bypass With leafInterpreterFrame Vulnerability
|
|
2017-12-22
|
|
Microsoft Edge Chakra CFG Bypass Due To Bug In ServerFreeAllocation Vulnerability
|
|
2017-12-22
|
|
Microsoft Edge Chakra CFG Bypass By Overwriting JavaScript Bytecode Vulnerability
|
|
2017-12-22
|
|
Claymore Dual Miner 10.1 Stack Buffer Overflow Vulnerability
|
|
2017-12-22
|
|
Murus 1.4.11 - Local root Privilege Escalation Exploit
|
|
2017-12-22
|
|
Sera 1.2 - Local root Privilege Escalation / Password Disclosure Exploit
|
|
2017-12-22
|
|
Microsoft Office Equation Editor Code Execution Exploit
|
|
2017-12-22
|
|
Proxifier for Mac 2.19 - Local root Privilege Escalation Exploit
|
|
2017-12-22
|
|
Polycom Shell HDX Series Traceroute Command Execution Exploit
|
|
2017-12-22
|
|
FS Makemytrip Clone - SQL Injection Vulnerability
|
|
2017-12-22
|
|
FS Shaadi Clone - SQL Injection Vulnerability
|
|
2017-12-22
|
|
VX Search 10.2.14 - command_nameuffer Overflow Exploit
|
|
2017-12-22
|
|
Techno Portfolio Management Panel - id SQL Injection Vulnerability
|
|
2017-12-22
|
|
Readymade Classifieds Script 1.0 - SQL Injection Vulnerability
|
|
2017-12-22
|
|
Perspective ICM Investigation & Case 5.1.1.16 - Privilege Escalation Vulnerability
|
|
2017-12-22
|
|
Artica Web Proxy 3.06.112216 Remote Code Execution Vulnerability
|
|
2017-12-22
|
|
aws-cfn-bootstrap Local Code Execution Vulnerability
|
|
2017-12-22
|
|
Symantec Encryption Desktop And Endpoint Encryption Local Privilege Escalation
|
|
2017-12-22
|
|
WinduCMS 3.1 Local File Disclosure Exploit
|
|
2017-12-22
|
|
SocuSoft Co. Photo 2 Video Converter 8.0.0 Code Execution / DoS Exploit
|
|
2017-12-22
|
|
CEMLink 6 Unrestricted WSDL Service Access / Poor Crypto Implementation Vulnerabilities
|
|
2017-12-22
|
|
Axis Communications MPQT/PACS Heap Overflow / Information Leakage Vulnerabilities
|
|
2017-12-22
|
|
FortiGate SSL VPN Portal 5.x Cross Site Scripting Vulnerability
|
|
2017-12-22
|
|
Apache Struts2 S2-055 DoS Vulnerability
|
|
2017-12-22
|
|
Apache Struts2 S2-054 DoS Vulnerability
|
|
2017-12-22
|
|
OpenEMR 5.0.0 Command Injection / Cross Site Scripting Vulnerabilities
|
|
2017-12-22
|
|
Netcore / Netis Routers - UDP Backdoor
|
|
2017-12-21
|
|
Fortinet FortiGate 4.x < 5.0.7 - SSH Backdoor
|
|
2017-12-21
|
|
Technicolor DPC3928SL - SNMP Authentication Bypass
|
|
2017-12-21
|
|
Cisco IOS 12.2 < 12.4 / 15.0 < 15.6 - Security Association Negotiation Request Device Memory
|
|
2017-12-21
|
|
Ruby < 2.2.8 / < 2.3.5 / < 2.4.2 / < 2.5.0-preview1 - 'NET::Ftp' Command Injection
|
|
2017-12-21
|
|
Conarc iChannel - Improper Access Restrictions
|
|
2017-12-21
|
|
Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)' Double-Write Ring-0 Address Leak
|
|
2017-12-20
|
|
BEIMS ContractorWeb 5.18.0.0 - SQL Injection
|
|
2017-12-20
|
|
Ability Mail Server 3.3.2 - Cross-Site Scripting
|
|
2017-12-20
|
|
Samsung Internet Browser - SOP Bypass (Metasploit)
|
|
2017-12-20
|
|
Jenkins - XStream Groovy classpath Deserialization (Metasploit)
|
|
2017-12-19
|
|
Tuleap 9.6 - Second-Order PHP Object Injection (Metasploit)
|
|
2017-12-19
|
|
Intel Content Protection HECI Service - Type Confusion Privilege Escalation
|
|
2017-12-19
|
|
Microsoft Windows - 'jscript!RegExpFncObj::LastParen' Out-of-Bounds Read
|
|
2017-12-19
|
|
Microsoft Windows - 'jscript!JsArraySlice' Uninitialized Variable
|
|
2017-12-19
|
|
Microsoft Windows - jscript.dll 'Array.sort' Heap Overflow
|
|
2017-12-19
|
|
Microsoft Windows - 'jscript!RegExpComp::Compile' Heap Overflow Through IE or Local Network via WPAD
|
|
2017-12-19
|
|
Microsoft Internet Explorer 11 - 'jscript!JSONStringifyObject' Use-After-Free
|
|
2017-12-19
|
|
Microsoft Windows - 'jscript!NameTbl::GetValDef' Use-After-Free
|
|
2017-12-19
|
|
TeamViewer 11 < 13 (Windows 10 x86) - Inline Hooking / Direct Memory Modification Permission Change (PoC)
|
|
2017-12-19
|
|
Joomla! Component NextGen Editor 2.1.0 - 'plname' SQL Injection
|
|
2017-12-19
|
|
BrightSign Digital Signage - Multiple Vulnerablities
|
|
2017-12-19
|
|
Linksys WVBR0 - 'User-Agent' Remote Command Injection
|
|
2017-12-18
|
|
vBulletin 5 - 'cacheTemplates' Unauthenticated Remote Arbitrary File Deletion
|
|
2017-12-18
|
|
GoAhead httpd 2.5 < 3.6.5 - 'LD_PRELOAD' Remote Code Execution
|
|
2017-12-18
|
|
vBulletin 5 - 'routestring' Unauthenticated Remote Code Execution
|
|
2017-12-18
|
|
Firejail < 0.9.44.4 / < 0.9.38.8 LTS - Local Sandbox Escape
|
|
2017-12-18
|
|
Joomla! Component My Projects 2.0 - SQL Injection
|
|
2017-12-18
|
|
Outlook for Android - Attachment Download Directory Traversal
|
|
2017-12-18
|
|
Joomla! Component User Bench 1.0 - 'userid' SQL Injection
|
|
2017-12-18
|
|
Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit)
|
|
2017-12-18
|
|
Zoom Linux Client 2.0.106600.0904 - Stack-Based Buffer Overflow
|
|
2017-12-18
|
|
Zoom Linux Client 2.0.106600.0904 - Command Injection
|
|
2017-12-18
|
|
Linux kernel < 4.10.15 - Race Condition Privilege Escalation
|
|
2017-12-18
|
|
CDex 1.96 - Buffer Overflow
|
|
2017-12-18
|
|
Joomla! Component JB Visa 1.0 - 'visatype' SQL Injection
|
|
2017-12-18
|
|
Joomla! Component Guru Pro - 'promocode' SQL Injection
|
|
2017-12-18
|
|
Monstra CMS 3.0.4 - Arbitrary File Upload / Remote Code Execution
|
|
2017-12-18
|
|
Movie Guide 2.0 - SQL Injection
|
|
2017-12-15
|
|
Sync Breeze 10.2.12 - Denial of Service
|
|
2017-12-15
|
|
ITGuard-Manager 0.0.0.1 - Remote Code Execution
|
|
2017-12-15
|
|
Palo Alto Networks Firewalls - Remote root Code Execution
|
|
2017-12-14
|
|
pfSense 2.4.1 - CSRF Error Page Clickjacking (Metasploit)
|
|
2017-12-14
|
|
Advantech WebAccess 8.2-2017.03.31 - Webvrpcs Service Opcode 80061 Stack Buffer Overflow (Metasploit)
|
|
2017-12-14
|
|
Dup Scout Enterprise - Login Buffer Overflow (Metasploit)
|
|
2017-12-14
|
|
Microsoft Office - DDE Payload Delivery (Metasploit)
|
|
2017-12-14
|
|
Piwigo 2.9.1 - 'cat_true' / 'cat_false' SQL Injection
|
|
2017-12-14
|
|
Bus Booking Script 1.0 - 'txtname' SQL Injection
|
|
2017-12-14
|
|
FS Lynda Clone 1.0 - SQL Injection
|
|
2017-12-14
|
|
Paid To Read Script 2.0.5 - 'uid' / 'fnum' / 'fn' SQL Injection
|
|
2017-12-14
|
|
Readymade Video Sharing Script 3.2 - HTML Injection
|
|
2017-12-14
|
|
Joomla! Component JEXTN Video Gallery 3.0.5 - 'id' SQL Injection
|
|
2017-12-14
|
|
Joomla! Component JEXTN Question And Answer 3.1.0 - SQL Injection
|
|
2017-12-14
|
|
Meinberg LANTIME Web Configuration Utility 6.16.008 - Arbitrary File Read
|
|
2017-12-13
|
|
glibc ld.so - Memory Leak / Buffer Overflow
|
|
2017-12-13
|
|
macOS/iOS - Kernel Double Free due to Incorrect API Usage in Flow Divert Socket Option Handling
|
|
2017-12-12
|
|
macOS - Kernel Code Execution due to Lack of Bounds Checking in AppleIntelCapriController::GetLinkConfig
|
|
2017-12-12
|
|
macOS/iOS - Multiple Kernel Use-After-Frees due to Incorrect IOKit Object Lifetime Management in IOTimeSyncClockManagerUserClient
|
|
2017-12-12
|
|
Apple XNU Kernel - Memory Corruption due to Integer Overflow in __offsetof Usage in posix_spawn on 32-bit Platforms
|
|
2017-12-12
|
|
Accesspress Anonymous Post Pro < 3.2.0 - Unauthenticated Arbitrary File Upload
|
|
2017-12-12
|
|
Joomla! Component JBuildozer 1.4.1 - 'appid' SQL Injection
|
|
2017-12-12
|
|
iOS/macOS - Kernel Double Free due to IOSurfaceRootUserClient not Respecting MIG Ownership Rules
|
|
2017-12-11
|
|
macOS - 'getrusage' Stack Leak Through struct Padding
|
|
2017-12-11
|
|
macOS - 'necp_get_socket_attributes' so_pcb Type Confusion
|
|
2017-12-11
|
|
LibTIFF pal2rgb 4.0.9 - Heap Buffer Overflow
|
|
2017-12-11
|
|
macOS XNU Kernel - Memory Disclosure due to bug in Kernel API for Detecting Kernel Memory Disclosures
|
|
2017-12-11
|
|
MikroTik 6.40.5 ICMP - Denial of Service
|
|
2017-12-11
|
|
Muslim Matrimonial Script 3.02 - 'succid' SQL Injection
|
|
2017-12-11
|
|
Vanguard 1.4 - SQL Injection
|
|
2017-12-11
|
|
Vanguard 1.4 - Arbitrary File Upload
|
|
2017-12-11
|
|
Basic Job Site Script 2.0.5 - SQL Injection
|
|
2017-12-11
|
|
Resume Clone Script 2.0.5 - SQL Injection
|
|
2017-12-11
|
|
Advanced World Database 2.0.5 - SQL Injection
|
|
2017-12-11
|
|
Groupon Clone Script 3.01 - 'state_id' / 'search' SQL Injection
|
|
2017-12-11
|
|
Car Rental Script 2.0.4 - 'val' SQL Injection
|
|
2017-12-11
|
|
MLM Forced Matrix 2.0.9 - 'newid' SQL Injection
|
|
2017-12-11
|
|
MLM Forex Market Plan Script 2.0.4 - 'newid' / 'eventid' SQL Injection
|
|
2017-12-11
|
|
Entrepreneur Bus Booking Script 3.0.4 - 'sourcebus' SQL Injection
|
|
2017-12-11
|
|
Advanced Real Estate Script 4.0.7 - SQL Injection
|
|
2017-12-11
|
|
Single Theater Booking Script 3.2.1 - 'findcity.php?q' SQL Injection
|
|
2017-12-11
|
|
Multiplex Movie Theater Booking Script 3.1.5 - 'moid' / 'eid' SQL Injection
|
|
2017-12-11
|
|
Responsive Events & Movie Ticket Booking Script 3.2.1 - 'findcity.php?q' SQL Injection
|
|
2017-12-11
|
|
Multireligion Responsive Matrimonial 4.7.2 - 'succid' SQL Injection
|
|
2017-12-11
|
|
Entrepreneur Dating Script 2.0.1 - 'marital' / 'gender' / 'country' / 'profileid' SQL Injection
|
|
2017-12-11
|
|
Responsive Realestate Script 3.2 - 'property-list?tbud' SQL Injection
|
|
2017-12-11
|
|
Readymade Video Sharing Script 3.2 - SQL Injection
|
|
2017-12-11
|
|
Readymade PHP Classified Script 3.3 - 'subctid' / 'mctid' SQL Injection
|
|
2017-12-11
|
|
Professional Service Script 1.0 - 'service-list?city' SQL Injection
|
|
2017-12-11
|
|
PHP Multivendor Ecommerce 1.0 - 'sid' / 'searchcat' / 'chid1' SQL Injection
|
|
2017-12-11
|
|
Opensource Classified Ads Script 3.2 - SQL Injection
|
|
2017-12-11
|
|
Online Exam Test Application Script 1.6 - 'exams.php?sort' SQL Injection
|
|
2017-12-11
|
|
Multivendor Penny Auction Clone Script 1.0 - SQL Injection
|
|
2017-12-11
|
|
Lawyer Search Script 1.1 - 'lawyer-list?city' SQL Injection
|
|
2017-12-11
|
|
Laundry Booking Script 1.0 - 'list?city' SQL Injection
|
|
2017-12-11
|
|
Secure E-commerce Script 2.0.1 - 'searchcat' / 'searchmain' SQL Injection
|
|
2017-12-11
|
|
Kickstarter Clone Acript 2.0 - 'projid' SQL Injection
|
|
2017-12-11
|
|
Foodspotting Clone Script 1.0 - 'quicksearch.php?q' SQL Injection
|
|
2017-12-11
|
|
Hot Scripts Clone 3.1 - 'subctid' / 'mctid' SQL Injection
|
|
2017-12-11
|
|
Freelance Website Script 2.0.6 - 'pr_id' / 'catid' SQL Injection
|
|
2017-12-11
|
|
Yoga Class Script 1.0 - 'list?city' SQL Injection
|
|
2017-12-11
|
|
Food Order Script 1.0 - 'list?city' SQL Injection
|
|
2017-12-11
|
|
Facebook Clone Script 1.0 - 'id' / 'send' SQL Injection
|
|
2017-12-11
|
|
E-commerce MLM Software 1.0 - SQL Injection
|
|
2017-12-10
|
|
Doctor Search Script 1.0 - 'city' SQL Injection
|
|
2017-12-10
|
|
Entrepreneur Job Portal Script 2.0.6 - 'jobsearch_all.php?rid1' SQL Injection
|
|
2017-12-10
|
|
Consumer Complaints Clone Script 1.0 - 'id' SQL Injection
|
|
2017-12-10
|
|
Event Calendar Category Script 1.0 - 'city' SQL Injection
|
|
2017-12-10
|
|
Co-work Space Search Script 1.0 - 'city' SQL Injection
|
|
2017-12-10
|
|
CMS Auditor Website 1.0 - SQL Injection
|
|
2017-12-10
|
|
Child Care Script 1.0 - 'city' SQL Injection
|
|
2017-12-10
|
|
Chartered Accountant Booking Script 1.0 - 'city' SQL Injection
|
|
2017-12-10
|
|
Cab Booking Script 1.0 - 'city' SQL Injection
|
|
2017-12-10
|
|
Nearbuy Clone Script 3.2 - 'search' SQL Injection
|
|
2017-12-10
|
|
Beauty Parlour Booking Script 1.0 - 'gender' / 'city' SQL Injection
|
|
2017-12-09
|
|
Basic B2B Script 2.0.8 - 'product_details.php?id' SQL Injection
|
|
2017-12-09
|
|
Affiliate MLM Script 1.0 - 'product-category.php?key' SQL Injection
|
|
2017-12-09
|
|
Advance Online Learning Management Script 3.1 - 'subcatid' / 'popcourseid' SQL Injection
|
|
2017-12-09
|
|
Advance B2B Script 2.1.3 - 'show_id' / 'pid' SQL Injection
|
|
2017-12-09
|
|
FS Foodpanda Clone 1.0 - SQL Injection
|
|
2017-12-09
|
|
FS Amazon Clone 1.0 - SQL Injection
|
|
2017-12-09
|
|
FS Crowdfunding Script 1.0 - 'latest_news_details.php?id' SQL Injection
|
|
2017-12-09
|
|
FS Expedia Clone 1.0 - 'fl_orig' / 'fl_dest' / 'id' SQL Injection
|
|
2017-12-09
|
|
FS Trademe Clone 1.0 - 'search' / 'id' SQL Injection
|
|
2017-12-09
|
|
FS Care Clone 1.0 - 'jobFrequency' / 'jobType' SQL Injection
|
|
2017-12-09
|
|
FS Ebay Clone 1.0 - 'id' / 'sub_category_id' / 'category_id' SQL Injection
|
|
2017-12-09
|
|
FS Freelancer Clone 1.0 - 'profile.php?u' SQL Injection
|
|
2017-12-09
|
|
FS Gigs Script 1.0 - 'cat' / 'sc' SQL Injection
|
|
2017-12-09
|
|
FS Groupon Clone 1.0 - 'id' SQL Injection
|
|
2017-12-09
|
|
FS Grubhub Clone 1.0 - 'keywords' SQL Injection
|
|
2017-12-09
|
|
FS IMDB Clone 1.0 - 'f' / 's' / 'id' SQL Injection
|
|
2017-12-09
|
|
FS Indiamart Clone 1.0 - 'token' / 'id' / 'c' SQL Injection
|
|
2017-12-09
|
|
FS Linkedin Clone 1.0 - 'grid' / 'fid' / 'id' SQL Injection
|
|
2017-12-09
|
|
FS Makemytrip Clone 1.0 - 'fl_orig' / 'fl_dest' SQL Injection
|
|
2017-12-09
|
|
Apple macOS 10.13.1 (High Sierra) - 'Blank Root' Local Privilege Escalation
|
|
2017-12-09
|
|
Apple macOS 10.13.1 (High Sierra) - Insecure Cron System Local Privilege Escalation
|
|
2017-12-08
|
|
FS Monster Clone 1.0 - 'Employer_Details.php?id' SQL Injection
|
|
2017-12-08
|
|
FS Olx Clone 1.0 - 'scat' / 'pid' SQL Injection
|
|
2017-12-08
|
|
FS Quibids Clone 1.0 - SQL Injection
|
|
2017-12-08
|
|
FS Thumbtack Clone 1.0 - 'cat' / 'sc' SQL Injection
|
|
2017-12-08
|
|
Website Auction Marketplace 2.0.5 - 'cat_id' SQL Injection
|
|
2017-12-08
|
|
FS Shutterstock Clone 1.0 - 'keywords' SQL Injection
|
|
2017-12-08
|
|
FS Stackoverflow Clone 1.0 - 'keywords' SQL Injection
|
|
2017-12-08
|
|
Realestate Crowdfunding Script 2.7.2 - 'pid' SQL Injection
|
|
2017-12-08
|
|
Simple Chatting System 1.0.0 - Arbitrary File Upload
|
|
2017-12-08
|
|
LabF nfsAxe FTP Client 3.7 - Buffer Overflow (DEP Bypass)
|
|
2017-12-08
|
|
DomainSale PHP Script 1.0 - 'id' SQL Injection
|
|
2017-12-08
|
|
Linux Kernel - DCCP Socket Use-After-Free
|
|
2017-12-07
|
|
Wireshark 2.4.0 - 2.4.2 / 2.2.0 - 2.2.10 - CIP Safety Dissector Crash
|
|
2017-12-07
|
|
OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting
|
|
2017-12-07
|
|
Claymore Dual ETH + DCR/SC/LBC/PASC GPU Miner - Stack Buffer Overflow / Path Traversal
|
|
2017-12-07
|
|
Polycom Shell HDX Series - Traceroute Command Execution (Metasploit)
|
|
2017-12-07
|
|
Microsoft Windows Defender - Controlled Folder Bypass Through UNC Path
|
|
2017-12-07
|
|
FS Facebook Clone - 'token' SQL Injection
|
|
2017-12-07
|
|
FS IMDB Clone - 'id' SQL Injection
|
|
2017-12-07
|
|
LaCie 5big Network 2.2.8 - Command Injection
|
|
2017-12-07
|
|
WAGO PFC 200 SERIES Multiple Vulnerabilities
|
|
2017-12-06
|
|
Tinysvcmdns Multi-label DNS Heap Overflow Vulnerability
|
|
2017-12-06
|
|
HP iMC Plat 7.2 - Remote Code Execution Exploit (2)
|
|
2017-12-06
|
|
HP iMC Plat 7.2 - Remote Code Execution Exploit
|
|
2017-12-06
|
|
Jobs2Careers / Coroflot Clone - SQL Injection Vulnerability
|
|
2017-12-06
|
|
MistServer 2.12 - Cross-Site Scripting Vulnerability
|
|
2017-12-06
|
|
Artica Web Proxy 3.06 - Remote Code Execution Vulnerability
|
|
2017-12-06
|
|
ZKTeco ZKTime Web 2.0.1.12280 Cross Site Scripting Vulnerability
|
|
2017-12-06
|
|
ZKTeco ZKTime Web 2.0.1.12280 Cross Site Request Forgery Vulnerability
|
|
2017-12-06
|
|
macOS High Sierra - Root Privilege Escalation Exploit
|
|
2017-12-06
|
|
WordPress WooCommerce 2.0/3.0 Plugin - Directory Traversal Vulnerability
|
|
2017-12-06
|
|
Linux Kernel - The Huge Dirty Cow Overwriting The Huge Zero Page Exploit
|
|
2017-12-06
|
|
Proxifier for Mac 2.19 - Local root Privilege Escalation
|
|
2017-12-06
|
|
Hashicorp vagrant-vmware-fusion 4.0.23 - Local root Privilege Escalation
|
|
2017-12-06
|
|
Hashicorp vagrant-vmware-fusion 4.0.24 - Local root Privilege Escalation
|
|
2017-12-06
|
|
Hashicorp vagrant-vmware-fusion 5.0.0 - Local root Privilege Escalation
|
|
2017-12-06
|
|
Sera 1.2 - Local root Privilege Escalation / Password Disclosure
|
|
2017-12-06
|
|
Hashicorp vagrant-vmware-fusion 5.0.1 - Local root Privilege Escalation
|
|
2017-12-06
|
|
Hashicorp vagrant-vmware-fusion 5.0.3 - Local root Privilege Escalation
|
|
2017-12-06
|
|
Arq 5.9.6 - Local root Privilege Escalation
|
|
2017-12-06
|
|
Murus 1.4.11 - Local root Privilege Escalation
|
|
2017-12-06
|
|
Arq 5.9.7 - Local root Privilege Escalation
|
|
2017-12-06
|
|
FS Shaadi Clone - 'token' SQL Injection
|
|
2017-12-06
|
|
WinduCMS 3.1 - Local File Disclosure
|
|
2017-12-06
|
|
FS Makemytrip Clone - 'id' SQL Injection
|
|
2017-12-06
|
|
Techno Portfolio Management Panel - 'id' SQL Injection
|
|
2017-12-05
|
|
Readymade Classifieds Script 1.0 - SQL Injection
|
|
2017-12-05
|
|
Perspective ICM Investigation & Case 5.1.1.16 - Privilege Escalation
|
|
2017-12-05
|
|
VX Search 10.2.14 - 'command_name' Buffer Overflow
|
|
2017-12-05
|
|
Abyss Web Server < 2.11.6 - Heap Memory Corruption
|
|
2017-12-01
|
|
Artica Web Proxy 3.06 - Remote Code Execution
|
|
2017-12-01
|
|
MistServer 2.12 - Cross-Site Scripting
|
|
2017-12-01
|
|
Jobs2Careers / Coroflot Clone - SQL Injection
|
|
2017-12-01
|
|
HP iMC Plat 7.2 - Remote Code Execution (2)
|
|
2017-12-01
|
|
HP iMC Plat 7.2 - Remote Code Execution
|
|
2017-12-01
|
|
macOS High Sierra - Root Privilege Escalation (Metasploit)
|
|
2017-11-30
|
|
Linux Kernel - 'The Huge Dirty Cow' Overwriting The Huge Zero Page
|
|
2017-11-30
|
|
Asterisk 13.17.2 - Memory Corruption
|
|
2017-11-30
|
|
WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal
|
|
2017-11-30
|
|
Hipchat For Mac 4.x Remote Code Execution Vulnerability
|
|
2017-11-30
|
|
Hipchat Data Center / Hipchat Server Code Execution / SSRF Vulnerabilities
|
|
2017-11-30
|
|
MacOSX Root Privilege Escalation Exploit
|
|
2017-11-30
|
|
Apache CouchDB Remote Code Execution Vulnerability
|
|
2017-11-30
|
|
Exim Use-After-Free Exploit
|
|
2017-11-30
|
|
osCommerce 2.3.4.1 - Arbitrary File Upload Exploit
|
|
2017-11-29
|
|
Microsoft Windows 10 Creators Update version 1703 - Kernel Local Privilege Escalation Exploit
|
|
2017-11-29
|
|
pfSense 2.3.1_1 Remote Command Execution Exploit
|
|
2017-11-29
|
|
HikVision Wi-Fi IP Camera Wireless Access Point State Vulnerability
|
|
2017-11-29
|
|
Android Gmail < 7.11.5.176568039 - Directory Traversal in Attachment Download Exploit
|
|
2017-11-29
|
|
Synology StorageManager 5.2 - Remote Root Command Execution Exploit
|
|
2017-11-29
|
|
CMS Made Simple 2.1.6 Cross Site Scripting / Template Injection Vulnerabilities
|
|
2017-11-29
|
|
KMPlayer 4.2.2.4 - Denial of Service Exploit
|
|
2017-11-29
|
|
Winamp Pro 5.66.Build.3512 - Denial of Service Exploit
|
|
2017-11-29
|
|
Diving Log 6.0 - XML External Entity Injection Vulnerability
|
|
2017-11-29
|
|
ZTE ZXDSL 831CII - Improper Access Restrictions Vulnerability
|
|
2017-11-29
|
|
Exim 4.89 - BDAT Denial of Service Exploit
|
|
2017-11-29
|
|
Wget HTTP integer overflow Exploit
|
|
2017-11-29
|
|
JBOSSAS 5.x/6.x Deserializer Vulnerability
|
|
2017-11-29
|
|
JBOSSAS 4.x Deserializer Vulnerability
|
|
2017-11-29
|
|
Cambium Multiple Vulnerabilities
|
|
2017-11-29
|
|
DblTek GoIP GSM Gateway Multiple Vulnerabilities
|
|
2017-11-29
|
|
WordPress CMS Tree Page View 1.3.4 plugin Privilege Escalation Vulnerability
|
|
2017-11-29
|
|
WordPress WPDB SQL Injection Vulnerability
|
|
2017-11-29
|
|
Ubuntu 17.04 Linux Kernel XFRM Privilege Escalation Exploit
|
|
2017-11-29
|
|
D-Link DIR-850L Credential Disclosure Exploit
|
|
2017-11-29
|
|
CSC Cart 4.6.2 Shell Upload Vulnerability
|
|
2017-11-29
|
|
Microsoft Windows win32kfull!GreUpdateSpriteInternal Kernel Stack Memory Disclosure Exploit
|
|
2017-11-29
|
|
Microsoft Windows win32kbase!NtQueryCompositionInputQueueAndTransform Kernel Stack Memory Disclosure
|
|
2017-11-29
|
|
Microsoft Edge Chakra JIT Incorrect Function Declaration Scope Exploit
|
|
2017-11-29
|
|
Microsoft Edge Chakra JIT Inline::InlineCallApplyTarget_Shared Failed Return Exploit
|
|
2017-11-29
|
|
Microsoft Edge Chakra JIT GlobOpt::OptTagChecks Property Consideration Exploit
|
|
2017-11-29
|
|
Microsoft Edge Chakra JIT BailOutOnTaggedValue Bailouts Exploit
|
|
2017-11-29
|
|
CommuniGatePro 6.1.16 Cross Site Scripting Vulnerability
|
|
2017-11-29
|
|
ALLPlayer 7.5 - Local Buffer Overflow (SEH Unicode) Exploit
|
|
2017-11-29
|
|
Linux - mincore() Uninitialized Kernel Heap Page Disclosure Exploit
|
|
2017-11-29
|
|
WebKit - WebCore::FormSubmission::create Use-After-Free Exploit
|
|
2017-11-29
|
|
WebKit - WebCore::RenderObject::previousSibling Use-After-Free Exploit
|
|
2017-11-29
|
|
WebKit - WebCore::DocumentLoader::frameLoader Use-After-Free Exploit
|
|
2017-11-29
|
|
WebKit - WebCore::Style::TreeResolver::styleForElement Use-After-Free Exploit
|
|
2017-11-29
|
|
WebKit - WebCore::SVGPatternElement::collectPatternAttributes Out-of-Bounds Read Exploit
|
|
2017-11-29
|
|
WebKit - WebCore::SimpleLineLayout::RunResolver::runForPoint Out-of-Bounds Read Exploit
|
|
2017-11-29
|
|
WebKit - WebCore::RenderText::localCaretRect Out-of-Bounds Read Exploit
|
|
2017-11-29
|
|
WebKit - WebCore::AXObjectCache::performDeferredCacheUpdate Use-After-Free Exploit
|
|
2017-11-29
|
|
WebKit - WebCore::PositionIterator::decrement Use-After-Free Exploit
|
|
2017-11-29
|
|
WebKit - WebCore::InputType::element Use-After-Free Exploit
|
|
2017-11-29
|
|
WebKit - WebCore::TreeScope::documentScope Use-After-Free Exploit
|
|
2017-11-29
|
|
Icon Time Systems RTC-1000 Firmware 2.5.7458 - Cross-Site Scripting Vulnerability
|
|
2017-11-29
|
|
MyTy 5.1.6 Blind SQL Injection Vulnerability
|
|
2017-11-29
|
|
MyTy 5.1.7 Cross Site Scripting Vulnerability
|
|
2017-11-29
|
|
WordPress Breezing Forms 1.2.7.42 Cross Site Scripting Vulnerability
|
|
2017-11-29
|
|
WordPress Yoast SEO Cross Site Scripting Vulnerability
|
|
2017-11-29
|
|
Vonage VDV-23 - Denial of Service Exploit
|
|
2017-11-29
|
|
WordPress In Link 1.0 SQL Injection Vulnerability
|
|
2017-11-29
|
|
WordPress amtyThumb 8.1.3 Cross Site Scripting Vulnerability
|
|
2017-11-29
|
|
WordPress Advanced Post Type Ratings 1.1 Cross Site Scripting Vulnerability
|
|
2017-11-29
|
|
WordPress Emag Marketplace Connector 1.0 Cross Site Scripting Vulnerability
|
|
2017-11-29
|
|
RSA Authentication Manager 8.2 SP1 P5 Cross Site Scripting Vulnerability
|
|
2017-11-29
|
|
EMC ScaleIO 2.0.1.x Buffer Overflow / Information Disclosure Vulnerabilities
|
|
2017-11-29
|
|
Microsoft Windows NTFS File System Metadata Disclosures Exploit
|
|
2017-11-29
|
|
Microsoft Windows 10 - nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry) Pool Memory Disclosur
|
|
2017-11-29
|
|
MyBB 1.8.13 - Cross-Site Scripting Vulnerability
|
|
2017-11-29
|
|
Microsoft Office - OLE Remote Code Execution Exploit
|
|
2017-11-29
|
|
Microsoft Windows 10 - CiSetFileCache TOCTOU Security Feature Bypass Vulnerability
|
|
2017-11-29
|
|
iOS < 11.1 / tvOS < 11.1 / watchOS < 4.1 - Denial of Service Exploit
|
|
2017-11-29
|
|
Dell Active Roles 7.x Unquoted Service Path Privilege Escalation Vulnerability
|
|
2017-11-29
|
|
phpMyFAQ 2.9.9 Code Injection Exploit
|
|
2017-11-29
|
|
Cisco Umbrella Virtual Appliance 2.1.0 Hardcoded Credentials Vulnerability
|
|
2017-11-29
|
|
TP-Link TL-WA830RE - Cross-Site Scripting Vulnerability
|
|
2017-11-29
|
|
Progress Sitefinity 10.0 / 10.1 Broken Access Control / LINQ Injection Vulnerability
|
|
2017-11-29
|
|
VX Search 10.2.14 - Proxy Buffer Overflow (SEH) Exploit
|
|
2017-11-29
|
|
Microsoft Edge Chakra JIT - OP_Memset Type Confusion Exploit
|
|
2017-11-29
|
|
Microsoft Edge Chakra JIT - Lowerer::LowerBoundCheck Incorrect Integer Overflow Check Exploit
|
|
2017-11-29
|
|
Microsoft Edge Chakra JIT - Type Confusion with switch Statements Exploit
|
|
2017-11-29
|
|
Microsoft Edge - Object.setPrototypeOf Memory Corruption Exploit
|
|
2017-11-29
|
|
Zeta Components Mail 1.8.1 - Remote Code Execution Vulnerability
|
|
2017-11-29
|
|
LanSweeper 6.0.100.75 - Cross-Site Scripting Vulnerability
|
|
2017-11-29
|
|
Vonage VDV23 - Cross-Site Scripting Vulnerability
|
|
2017-11-29
|
|
DLink DIR-605L < 2.08 - Denial of Service Exploit
|
|
2017-11-29
|
|
DLink DCS-936L Network Camera Cross-Site Request Forgery Vulnerability
|
|
2017-11-29
|
|
TP-Link TL-WR740N - Cross-Site Scripting Vulnerability
|
|
2017-11-29
|
|
WIFICAM Wireless IP Camera (P2P) - Unauthenticated Remote Code Execution Exploit
|
|
2017-11-29
|
|
PHP 7.1.8 - Heap-Based Buffer Overflow Vulnerability
|
|
2017-11-29
|
|
Vivotek IP Cameras Remote Stack Overflow Vulnerability
|
|
2017-11-29
|
|
QEMU - NBD Server Long Export Name Stack Buffer Overflow
|
|
2017-11-29
|
|
pfSense - Authenticated Group Member RCE (Metasploit)
|
|
2017-11-29
|
|
Microsoft Windows 10 Creators Update (version 1703) (x86) - 'WARBIRD' 'NtQuerySystemInformation ' Kernel Local Privilege Escalation
|
|
2017-11-29
|
|
osCommerce 2.3.4.1 - Arbitrary File Upload
|
|
2017-11-29
|
|
DVD Creator 4.1.0 - Insecure File Permissions Vulnerability
|
|
2017-11-28
|
|
Hola VPN v1.34 - Privilege Escalation Vulnerability
|
|
2017-11-28
|
|
Synology StorageManager 5.2 - Remote Root Command Execution
|
|
2017-11-28
|
|
Android Gmail < 7.11.5.176568039 - Directory Traversal in Attachment Download
|
|
2017-11-28
|
|
ZTE ZXDSL 831CII - Improper Access Restrictions
|
|
2017-11-27
|
|
Diving Log 6.0 - XML External Entity Injection
|
|
2017-11-27
|
|
Winamp Pro 5.66.Build.3512 - Denial of Service
|
|
2017-11-27
|
|
KMPlayer 4.2.2.4 - Denial of Service
|
|
2017-11-27
|
|
Exim 4.89 - 'BDAT' Denial of Service
|
|
2017-11-27
|
|
Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly
|
|
2017-11-27
|
|
Microsoft Edge Chakra JIT - Incorrect Function Declaration Scope
|
|
2017-11-27
|
|
Microsoft Edge Chakra JIT - 'Inline::InlineCallApplyTarget_Shared' does not Return the return Instruction
|
|
2017-11-27
|
|
Microsoft Edge Chakra JIT - 'BailOutOnTaggedValue' Bailouts Type Confusion
|
|
2017-11-27
|
|
CommuniGatePro 6.1.16 - Cross-Site Scripting
|
|
2017-11-27
|
|
ALLPlayer 7.5 - Local Buffer Overflow (SEH Unicode)
|
|
2017-11-26
|
|
Linux - 'mincore()' Uninitialized Kernel Heap Page Disclosure
|
|
2017-11-24
|
|
WebKit - 'WebCore::FormSubmission::create' Use-After-Free
|
|
2017-11-22
|
|
WebKit - 'WebCore::RenderObject::previousSibling' Use-After-Free
|
|
2017-11-22
|
|
WebKit - 'WebCore::DocumentLoader::frameLoader' Use-After-Free
|
|
2017-11-22
|
|
WebKit - 'WebCore::Style::TreeResolver::styleForElement' Use-After-Free
|
|
2017-11-22
|
|
WebKit - 'WebCore::SVGPatternElement::collectPatternAttributes' Out-of-Bounds Read
|
|
2017-11-22
|
|
WebKit - 'WebCore::SimpleLineLayout::RunResolver::runForPoint' Out-of-Bounds Read
|
|
2017-11-22
|
|
WebKit - 'WebCore::RenderText::localCaretRect' Out-of-Bounds Read
|
|
2017-11-22
|
|
WebKit - 'WebCore::AXObjectCache::performDeferredCacheUpdate' Use-After-Free
|
|
2017-11-22
|
|
WebKit - 'WebCore::PositionIterator::decrement' Use-After-Free
|
|
2017-11-22
|
|
WebKit - 'WebCore::InputType::element' Use-After-Free
|
|
2017-11-22
|
|
WebKit - 'WebCore::TreeScope::documentScope' Use-After-Free
|
|
2017-11-22
|
|
Vonage VDV-23 - Denial of Service
|
|
2017-11-22
|
|
Icon Time Systems RTC-1000 Firmware 2.5.7458 - Cross-Site Scripting
|
|
2017-11-22
|
|
Microsoft Windows 10 - 'nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry)' Pool Memory Disclosure
|
|
2017-11-21
|
|
Microsoft Office - OLE Remote Code Execution
|
|
2017-11-21
|
|
Microsoft Windows 10 - CiSetFileCache TOCTOU Security Feature Bypass
|
|
2017-11-20
|
|
iOS < 11.1 / tvOS < 11.1 / watchOS < 4.1 - Denial of Service
|
|
2017-11-20
|
|
MyBB 1.8.13 - Cross-Site Scripting
|
|
2017-11-19
|
|
MyBB 1.8.13 - Remote Code Execution
|
|
2017-11-19
|
|
VX Search 10.2.14 - 'Proxy' Buffer Overflow (SEH)
|
|
2017-11-17
|
|
Zeta Components Mail 1.8.1 - Remote Code Execution
|
|
2017-11-16
|
|
Microsoft Edge Chakra: JIT - 'OP_Memset' Type Confusion
|
|
2017-11-16
|
|
Microsoft Edge Chakra: JIT - 'Lowerer::LowerBoundCheck' Incorrect Integer Overflow Check
|
|
2017-11-16
|
|
Microsoft Edge Chakra JIT - Type Confusion with switch Statements
|
|
2017-11-16
|
|
Microsoft Edge - 'Object.setPrototypeOf' Memory Corruption
|
|
2017-11-16
|
|
Vonage VDV23 - Cross-Site Scripting
|
|
2017-11-16
|
|
LanSweeper 6.0.100.75 - Cross-Site Scripting
|
|
2017-11-16
|
|
TP-Link TL-WR740N - Cross-Site Scripting
|
|
2017-11-16
|
|
Anti-Virus Privileged File Write Vulnerability
|
|
2017-11-16
|
|
Identity Governance 12.6 Cross Site Scripting Vulnerability
|
|
2017-11-16
|
|
WordPress AMP Toolbox 1.9.4 Cross Site Scripting Vulnerability
|
|
2017-11-16
|
|
WordPress DFD Reddcoin Tips 1.1.1 Cross Site Scripting Vulnerability
|
|
2017-11-16
|
|
WordPress Affiliate Ads For Clickbank Products 1.3 XSS Vulnerability
|
|
2017-11-16
|
|
Scala 2.x Privilege Escalation Vulnerability
|
|
2017-11-16
|
|
Siemens SICAM RTUs SM-2556 COM Modules XSS / Bypass / Code Execution Vulnerabilities
|
|
2017-11-16
|
|
Allworx Server Manager 6x / 6x12 / 48x Cross Site Scripting Vulnerability
|
|
2017-11-16
|
|
Dup Scout Enterprise 10.0.18 - Login Buffer Overflow Exploit
|
|
2017-11-16
|
|
PSFTPd Windows FTP Server 10.0.4 Build 729 - Log Injection / Use-After-Free Vulnerability
|
|
2017-11-16
|
|
Technicolor TG789vn v3 HTTP DoS Exploit
|
|
2017-11-16
|
|
WordPress Appointments 2.2.2.2 Cross Site Scripting Vulnerability
|
|
2017-11-16
|
|
WordPress Cartogiraffe Map 1.0 Cross Site Scripting Vulnerability
|
|
2017-11-16
|
|
WordPress Boozang 1.0.0 Cross Site Scripting Vulnerability
|
|
2017-11-16
|
|
D-Link DIR-850L Unauthenticated Command Execution Exploit
|
|
2017-11-16
|
|
Ulterius Server < 1.9.5.0 - Directory Traversal Exploit
|
|
2017-11-16
|
|
Kirby CMS < 2.5.7 - Cross-Site Scripting Vulnerability
|
|
2017-11-16
|
|
Monstra CMS 3.0.4 Cross Site Scripting Vulnerability
|
|
2017-11-16
|
|
Web Viewer 1.0.0.193 (Samsung SRN-1670D) - Unrestricted File Upload Exploit
|
|
2017-11-16
|
|
IKARUS anti.virus 2.16.7 - ntguard_x64 Privilege Escalation Exploit
|
|
2017-11-16
|
|
Xlight FTP Server 3.8.8.5 - Buffer Overflow (PoC) Exploit
|
|
2017-11-16
|
|
Fierce Buffer Overflow Vulnerability
|
|
2017-11-16
|
|
Symantec Endpoint Protection v12.1 / Tamper-Protection Bypass Exploit
|
|
2017-11-16
|
|
Microsoft Internet Explorer 11 jscript!JsErrorToString Use-After-Free Exploit
|
|
2017-11-16
|
|
Datto Windows Agent Remote Code Execution Vulnerability
|
|
2017-11-16
|
|
WordPress Secure HTML5 Video Player 3.14 Cross Site Scripting Vulnerability
|
|
2017-11-16
|
|
D-Link DIR605L - Denial of Service
|
|
2017-11-15
|
|
D-Link DCS-936L Network Camera - Cross-Site Request Forgery
|
|
2017-11-15
|
|
Dup Scout Enterprise 10.0.18 - 'Login' Buffer Overflow
|
|
2017-11-15
|
|
PSFTPd Windows FTP Server 10.0.4 Build 729 - Log Injection / Use-After-Free
|
|
2017-11-14
|
|
PHP 7.1.8 - Heap-Based Buffer Overflow
|
|
2017-11-14
|
|
Mako Server 2.5 - OS Command Injection Remote Command Execution (Metasploit)
|
|
2017-11-14
|
|
Microsoft Internet Explorer 11 - 'jscript!JsErrorToString' Use-After-Free
|
|
2017-11-14
|
|
DIR-850L - (Un)authenticated OS Command Execution (Metasploit)
|
|
2017-11-14
|
|
Wireless IP Camera (P2P) WIFICAM - Unauthenticated Remote Code Execution
|
|
2017-11-14
|
|
Ulterius Server < 1.9.5.0 - Directory Traversal
|
|
2017-11-14
|
|
Kirby CMS < 2.5.7 - Cross-Site Scripting
|
|
2017-11-14
|
|
IKARUS anti.virus 2.16.7 - 'ntguard_x64' Privilege Escalation
|
|
2017-11-13
|
|
Web Viewer 1.0.0.193 (Samsung SRN-1670D) - Unrestricted File Upload
|
|
2017-11-13
|
|
Xlight FTP Server 3.8.8.5 - Buffer Overflow (PoC)
|
|
2017-11-13
|
|
Symantec Endpoint Protection 12.1 - Tamper-Protection Bypass
|
|
2017-11-13
|
|
Microsoft Windows LNK File Code Execution Exploit
|
|
2017-11-09
|
|
WordPress Ultimate Instagram Feed 1.2 Cross Site Scripting Vulnerability
|
|
2017-11-09
|
|
IBM Lotus Notes Denial Of Service Exploit
|
|
2017-11-09
|
|
Mako Server 2.5 Command Injection Exploit
|
|
2017-11-09
|
|
Geutebrueck GCore GCoreServer.exe Buffer Overflow Exploit
|
|
2017-11-09
|
|
iText PDF Library 7.0.2 / 5.5.11 / 2.0.8 XXE Injection Vulnerability
|
|
2017-11-09
|
|
WordPress Duplicator Migration 1.2.28 Cross Site Scripting Vulnerability
|
|
2017-11-09
|
|
Linux Kernel 4.13 (Ubuntu 17.10) - waitid() SMEP/SMAP Privilege Escalation Exploit
|
|
2017-11-09
|
|
pfSense 2.3.1_1 - Command Execution Vulnerability
|
|
2017-11-09
|
|
ManageEngine Applications Manager 13 - SQL Injection Vulnerability
|
|
2017-11-09
|
|
Logitech Media Server 7.9.0 - Radio URL Cross-Site Scripting Vulnerability
|
|
2017-11-09
|
|
Logitech Media Server 7.9.0 - favorites Cross-Site Scripting Vulnerability
|
|
2017-11-09
|
|
SMPlayer 17.11.0 - .m3u Buffer Overflow (PoC) Exploit
|
|
2017-11-09
|
|
ManageEngine Applications Manager 13 - SQL Injection
|
|
2017-11-07
|
|
pfSense 2.3.1_1 - Command Execution
|
|
2017-11-07
|
|
Bludit 1.5.2 & 2.0.1 - Filter Bypass & Cross Site Vulnerability
|
|
2017-11-07
|
|
TinyWebGallery v2.4 (TWGE) - Persistent XSS Vulnerability
|
|
2017-11-07
|
|
Linux Kernel 4.13 (Ubuntu 17.10) - 'waitid()' SMEP/SMAP Privilege Escalation
|
|
2017-11-07
|
|
SMPlayer 17.11.0 - '.m3u' Buffer Overflow (PoC)
|
|
2017-11-06
|
|
Logitech Media Server 7.9.0 - 'Radio URL' Cross-Site Scripting
|
|
2017-11-06
|
|
Logitech Media Server 7.9.0 - 'favorites' Cross-Site Scripting
|
|
2017-11-06
|
|
WordPress Userpro Plugin 4.9.17.1 - Authentication Bypass Vulnerability
|
|
2017-11-06
|
|
Actiontec C1000A Modem - Backdoor Account Vulnerability
|
|
2017-11-06
|
|
Debut Embedded httpd 1.20 - Denial of Service Exploit
|
|
2017-11-06
|
|
Avaya OfficeScan (IPO) < 10.1 - 'SoftConsole' Buffer Overflow (SEH)
|
|
2017-11-06
|
|
Avaya OfficeScan (IPO) < 10.1 - ActiveX Buffer Overflow
|
|
2017-11-06
|
|
Debut Embedded httpd 1.20 - Denial of Service
|
|
2017-11-06
|
|
Ipswitch WS_FTP Professional < 12.6.0.3 - Local Buffer Overflow (SEH) Exploit
|
|
2017-11-06
|
|
Actiontec C1000A Modem - Backdoor Account
|
|
2017-11-06
|
|
WordPress Plugin Userpro < 4.9.17.1 - Authentication Bypass
|
|
2017-11-06
|
|
Ipswitch WS_FTP Professional < 12.6.0.3 - Local Buffer Overflow (SEH)
|
|
2017-11-06
|
|
Avaya OfficeScan (IPO) Remote ActiveX Buffer Overflow Exploit
|
|
2017-11-05
|
|
Avaya OfficeScan (IPO) SoftConsole Remote SEH Buffer Overflow Exploit
|
|
2017-11-05
|
|
Tor Browser 7.0.8 IP Address Leak Vulnerability
|
|
2017-11-05
|
|
Splunk 6.6.x Local Privilege Escalation Vulnerability
|
|
2017-11-05
|
|
Oracle PeopleSoft Enterprise PeopleTools < 8.55 - Remote Code Execution Via Blind XML External En
|
|
2017-11-05
|
|
WordPress WP Mobile Detector 3.5 Shell Upload Exploit
|
|
2017-11-05
|
|
WordPress JTRT Responsive Tables 4.1 Plugin - SQL Injection Vulnerability
|
|
2017-11-05
|
|
tnftp (savefile) Arbitrary Command Execution Exploit
|
|
2017-11-05
|
|
GraphicsMagick - Memory Disclosure / Heap Overflow Exploit
|
|
2017-11-05
|
|
Ladon Framework For Python 0.9.40 XXE Injection Vulnerability
|
|
2017-11-05
|
|
Sera 1.2 Local Root / Password Disclosure Exploit
|
|
2017-11-05
|
|
Vir.IT eXplorer Anti-Virus - Privilege Escalation Exploit
|
|
2017-11-05
|
|
WhatsApp 2.17.52 - Memory Corruption Exploit
|
|
2017-11-05
|
|
ZyXEL PK5001Z Modem - Backdoor Account Vulnerability
|
|
2017-11-05
|
|
Ingenious School Management System 2.3.0 - friend_index SQL injection Vulnerability
|
|
2017-11-05
|
|
OctoberCMS 1.0.426 (Build 426) - Cross-Site Request Forgery Vulnerability
|
|
2017-11-05
|
|
WordPress User Login History 1.5.2 Cross Site Scripting Vulnerability
|
|
2017-11-05
|
|
SpiderControl SCADA Web Server 2.02.0007 Improper Privilege Management Vulnerability
|
|
2017-11-05
|
|
JanTek JTC-200 RS232-NET Connector CSRF / Missing Authentication Vulnerability
|
|
2017-11-05
|
|
Progea Movicon 11.5.1181 Search Path Issues Vulnerability
|
|
2017-11-05
|
|
Sync Breeze 10.1.16 Buffer Overflow Vulnerability
|
|
2017-11-05
|
|
EMC VMAX Virtual Appliance (vApp) Authentication Bypass Vulnerability
|
|
2017-11-05
|
|
EMC AppSync Server Hardcoded Password Vulnerability
|
|
2017-11-05
|
|
Oracle Java SE - Web Start jnlp XML External Entity Processing Information Disclosure Exploit
|
|
2017-11-05
|
|
Ingenious 2.3.0 - Arbitrary File Upload Vulnerability
|
|
2017-11-05
|
|
D-Park Pro 1.0 - SQL Injection Vulnerability
|
|
2017-11-05
|
|
Adult Script Pro 2.2.4 - SQL Injection Vulnerability
|
|
2017-11-05
|
|
Article Directory Script 3.0 - id SQL Injection Vulnerability
|
|
2017-11-05
|
|
iProject Management System 1.0 - ID SQL Injection Vulnerability
|
|
2017-11-05
|
|
iStock Management System 1.0 - Arbitrary File Upload Vulnerability
|
|
2017-11-05
|
|
iTech Gigs Script 1.21 - SQL Injection Vulnerability
|
|
2017-11-05
|