Exploits (Total: 98598)

    
    
    
TeamCity 2017.1.5 Privilege Escalation Vulnerability
2017-12-22
Doctor Search Script 1.0 - city SQL Injection Vulnerability
2017-12-22
Event Calendar Category Script 1.0 - city SQL Injection Vulnerability
2017-12-22
E-commerce MLM Software 1.0 - SQL Injection Vulnerability
2017-12-22
Entrepreneur Job Portal Script 2.0.6 - jobsearch_all.php?rid1 SQL Injection Vulnerability
2017-12-22
Consumer Complaints Clone Script 1.0 - id SQL Injection Vulnerability
2017-12-22
Co-work Space Search Script 1.0 - city SQL Injection Vulnerability
2017-12-22
Child Care Script 1.0 - city SQL Injection Vulnerability
2017-12-22
Cab Booking Script 1.0 - city SQL Injection Vulnerability
2017-12-22
Nearbuy Clone Script 3.2 - search SQL Injection Vulnerability
2017-12-22
CMS Auditor Website 1.0 - SQL Injection Vulnerability
2017-12-22
Chartered Accountant Booking Script 1.0 - city SQL Injection Vulnerability
2017-12-22
Basic B2B Script 2.0.8 - product_details.php?id SQL Injection Vulnerability
2017-12-22
Beauty Parlour Booking Script 1.0 - gender / city SQL Injection Vulnerability
2017-12-22
Affiliate MLM Script 1.0 - product-category.php?key SQL Injection Vulnerability
2017-12-22
Advance Online Learning Management Script 3.1 - subcatid / popcourseid SQL Injection Vulnerability
2017-12-22
Advance B2B Script 2.1.3 - show_id / pid SQL Injection Vulnerability
2017-12-22
Simple Chatting System 1.0.0 Arbitrary File Upload Vulnerability
2017-12-22
DomainSale PHP Script 1.0 SQL Injection Vulnerability
2017-12-22
Realestate Crowdfunding Script 2.7.2 SQL Injection Vulnerability
2017-12-22
Website Auction Marketplace 2.0.5 SQL Injection Vulnerability
2017-12-22
Apple macOS 10.13.1 High Sierra - Blank Root Local Privilege Escalation Vulnerability
2017-12-22
Apple macOS 10.13.1 High Sierra - Insecure Cron System Local Privilege Escalation Vulnerability
2017-12-22
WordPress Crowd Ideas 1.0 Cross Site Scripting Vulnerability
2017-12-22
LabF nfsAxe FTP Client 3.7 Buffer Overflow Exploit
2017-12-22
iTech Travel Script v9.59 - id SQL Injection Vulnerability
2017-12-22
Microsoft Windows Defender - Controlled Folder Bypass Through UNC Path Exploit
2017-12-22
LaCie 5big Network 2.2.8 Command Injection Exploit
2017-12-22
Wireshark 2.4.0 - 2.4.2 / 2.2.0 - 2.2.10 - CIP Safety Dissector Crash Exploit
2017-12-22
Linux Kernel - DCCP Socket Use-After-Free Exploit
2017-12-22
FS Facebook Clone - token SQL Injection Vulnerability
2017-12-22
FS IMDB Clone - XSS REFLECTED/PERSISTENT Vulnerabilties
2017-12-22
FS IMDB Clone - id SQL Injection Vulnerability
2017-12-22
WordPress 3rd-Party Inject Results 0.2 Cross Site Scripting Vulnerability
2017-12-22
WordPress Z-URL Preview 1.6.1 Cross Site Scripting Vulnerability
2017-12-22
WordPress WP Mailster 1.5.4.0 Cross Site Scripting Vulnerability
2017-12-22
WordPress Super Simple Custom CSS 1.2 Cross Site Scripting Vulnerability
2017-12-22
WordPress Smart Marketing SMS And Newsletters Forms 1.1.1 XSS Vulnerability
2017-12-22
Hashicorp vagrant-vmware-fusion 4.0.24 - Local root Privilege Escalation Exploit
2017-12-22
Hashicorp vagrant-vmware-fusion 4.0.23 - Local root Privilege Escalation Exploit
2017-12-22
Hashicorp vagrant-vmware-fusion 5.0.3 - Local root Privilege Escalation Exploit
2017-12-22
Hashicorp vagrant-vmware-fusion 5.0.1 - Local root Privilege Escalation Exploit
2017-12-22
Hashicorp vagrant-vmware-fusion 5.0.0 - Local root Privilege Escalation Exploit
2017-12-22
Arq 5.9.7 - Local root Privilege Escalation Exploit
2017-12-22
Arq 5.9.6 - Local root Privilege Escalation Exploit
2017-12-22
Microsoft Edge Chakra CFG Bypass With leafInterpreterFrame Vulnerability
2017-12-22
Microsoft Edge Chakra CFG Bypass Due To Bug In ServerFreeAllocation Vulnerability
2017-12-22
Microsoft Edge Chakra CFG Bypass By Overwriting JavaScript Bytecode Vulnerability
2017-12-22
Claymore Dual Miner 10.1 Stack Buffer Overflow Vulnerability
2017-12-22
Murus 1.4.11 - Local root Privilege Escalation Exploit
2017-12-22
Sera 1.2 - Local root Privilege Escalation / Password Disclosure Exploit
2017-12-22
Microsoft Office Equation Editor Code Execution Exploit
2017-12-22
Proxifier for Mac 2.19 - Local root Privilege Escalation Exploit
2017-12-22
Polycom Shell HDX Series Traceroute Command Execution Exploit
2017-12-22
FS Makemytrip Clone - SQL Injection Vulnerability
2017-12-22
FS Shaadi Clone - SQL Injection Vulnerability
2017-12-22
VX Search 10.2.14 - command_nameuffer Overflow Exploit
2017-12-22
Techno Portfolio Management Panel - id SQL Injection Vulnerability
2017-12-22
Readymade Classifieds Script 1.0 - SQL Injection Vulnerability
2017-12-22
Perspective ICM Investigation & Case 5.1.1.16 - Privilege Escalation Vulnerability
2017-12-22
Artica Web Proxy 3.06.112216 Remote Code Execution Vulnerability
2017-12-22
aws-cfn-bootstrap Local Code Execution Vulnerability
2017-12-22
Symantec Encryption Desktop And Endpoint Encryption Local Privilege Escalation
2017-12-22
WinduCMS 3.1 Local File Disclosure Exploit
2017-12-22
SocuSoft Co. Photo 2 Video Converter 8.0.0 Code Execution / DoS Exploit
2017-12-22
CEMLink 6 Unrestricted WSDL Service Access / Poor Crypto Implementation Vulnerabilities
2017-12-22
Axis Communications MPQT/PACS Heap Overflow / Information Leakage Vulnerabilities
2017-12-22
FortiGate SSL VPN Portal 5.x Cross Site Scripting Vulnerability
2017-12-22
Apache Struts2 S2-055 DoS Vulnerability
2017-12-22
Apache Struts2 S2-054 DoS Vulnerability
2017-12-22
OpenEMR 5.0.0 Command Injection / Cross Site Scripting Vulnerabilities
2017-12-22
Netcore / Netis Routers - UDP Backdoor
2017-12-21
Fortinet FortiGate 4.x < 5.0.7 - SSH Backdoor
2017-12-21
Technicolor DPC3928SL - SNMP Authentication Bypass
2017-12-21
Cisco IOS 12.2 < 12.4 / 15.0 < 15.6 - Security Association Negotiation Request Device Memory
2017-12-21
Ruby < 2.2.8 / < 2.3.5 / < 2.4.2 / < 2.5.0-preview1 - 'NET::Ftp' Command Injection
2017-12-21
Conarc iChannel - Improper Access Restrictions
2017-12-21
Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)' Double-Write Ring-0 Address Leak
2017-12-20
BEIMS ContractorWeb 5.18.0.0 - SQL Injection
2017-12-20
Ability Mail Server 3.3.2 - Cross-Site Scripting
2017-12-20
Samsung Internet Browser - SOP Bypass (Metasploit)
2017-12-20
Jenkins - XStream Groovy classpath Deserialization (Metasploit)
2017-12-19
Tuleap 9.6 - Second-Order PHP Object Injection (Metasploit)
2017-12-19
Intel Content Protection HECI Service - Type Confusion Privilege Escalation
2017-12-19
Microsoft Windows - 'jscript!RegExpFncObj::LastParen' Out-of-Bounds Read
2017-12-19
Microsoft Windows - 'jscript!JsArraySlice' Uninitialized Variable
2017-12-19
Microsoft Windows - jscript.dll 'Array.sort' Heap Overflow
2017-12-19
Microsoft Windows - 'jscript!RegExpComp::Compile' Heap Overflow Through IE or Local Network via WPAD
2017-12-19
Microsoft Internet Explorer 11 - 'jscript!JSONStringifyObject' Use-After-Free
2017-12-19
Microsoft Windows - 'jscript!NameTbl::GetValDef' Use-After-Free
2017-12-19
TeamViewer 11 < 13 (Windows 10 x86) - Inline Hooking / Direct Memory Modification Permission Change (PoC)
2017-12-19
Joomla! Component NextGen Editor 2.1.0 - 'plname' SQL Injection
2017-12-19
BrightSign Digital Signage - Multiple Vulnerablities
2017-12-19
Linksys WVBR0 - 'User-Agent' Remote Command Injection
2017-12-18
vBulletin 5 - 'cacheTemplates' Unauthenticated Remote Arbitrary File Deletion
2017-12-18
GoAhead httpd 2.5 < 3.6.5 - 'LD_PRELOAD' Remote Code Execution
2017-12-18
vBulletin 5 - 'routestring' Unauthenticated Remote Code Execution
2017-12-18
Firejail < 0.9.44.4 / < 0.9.38.8 LTS - Local Sandbox Escape
2017-12-18
Joomla! Component My Projects 2.0 - SQL Injection
2017-12-18
Outlook for Android - Attachment Download Directory Traversal
2017-12-18
Joomla! Component User Bench 1.0 - 'userid' SQL Injection
2017-12-18
Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit)
2017-12-18
Zoom Linux Client 2.0.106600.0904 - Stack-Based Buffer Overflow
2017-12-18
Zoom Linux Client 2.0.106600.0904 - Command Injection
2017-12-18
Linux kernel < 4.10.15 - Race Condition Privilege Escalation
2017-12-18
CDex 1.96 - Buffer Overflow
2017-12-18
Joomla! Component JB Visa 1.0 - 'visatype' SQL Injection
2017-12-18
Joomla! Component Guru Pro - 'promocode' SQL Injection
2017-12-18
Monstra CMS 3.0.4 - Arbitrary File Upload / Remote Code Execution
2017-12-18
Movie Guide 2.0 - SQL Injection
2017-12-15
Sync Breeze 10.2.12 - Denial of Service
2017-12-15
ITGuard-Manager 0.0.0.1 - Remote Code Execution
2017-12-15
Palo Alto Networks Firewalls - Remote root Code Execution
2017-12-14
pfSense 2.4.1 - CSRF Error Page Clickjacking (Metasploit)
2017-12-14
Advantech WebAccess 8.2-2017.03.31 - Webvrpcs Service Opcode 80061 Stack Buffer Overflow (Metasploit)
2017-12-14
Dup Scout Enterprise - Login Buffer Overflow (Metasploit)
2017-12-14
Microsoft Office - DDE Payload Delivery (Metasploit)
2017-12-14
Piwigo 2.9.1 - 'cat_true' / 'cat_false' SQL Injection
2017-12-14
Bus Booking Script 1.0 - 'txtname' SQL Injection
2017-12-14
FS Lynda Clone 1.0 - SQL Injection
2017-12-14
Paid To Read Script 2.0.5 - 'uid' / 'fnum' / 'fn' SQL Injection
2017-12-14
Readymade Video Sharing Script 3.2 - HTML Injection
2017-12-14
Joomla! Component JEXTN Video Gallery 3.0.5 - 'id' SQL Injection
2017-12-14
Joomla! Component JEXTN Question And Answer 3.1.0 - SQL Injection
2017-12-14
Meinberg LANTIME Web Configuration Utility 6.16.008 - Arbitrary File Read
2017-12-13
glibc ld.so - Memory Leak / Buffer Overflow
2017-12-13
macOS/iOS - Kernel Double Free due to Incorrect API Usage in Flow Divert Socket Option Handling
2017-12-12
macOS - Kernel Code Execution due to Lack of Bounds Checking in AppleIntelCapriController::GetLinkConfig
2017-12-12
macOS/iOS - Multiple Kernel Use-After-Frees due to Incorrect IOKit Object Lifetime Management in IOTimeSyncClockManagerUserClient
2017-12-12
Apple XNU Kernel - Memory Corruption due to Integer Overflow in __offsetof Usage in posix_spawn on 32-bit Platforms
2017-12-12
Accesspress Anonymous Post Pro < 3.2.0 - Unauthenticated Arbitrary File Upload
2017-12-12
Joomla! Component JBuildozer 1.4.1 - 'appid' SQL Injection
2017-12-12
iOS/macOS - Kernel Double Free due to IOSurfaceRootUserClient not Respecting MIG Ownership Rules
2017-12-11
macOS - 'getrusage' Stack Leak Through struct Padding
2017-12-11
macOS - 'necp_get_socket_attributes' so_pcb Type Confusion
2017-12-11
LibTIFF pal2rgb 4.0.9 - Heap Buffer Overflow
2017-12-11
macOS XNU Kernel - Memory Disclosure due to bug in Kernel API for Detecting Kernel Memory Disclosures
2017-12-11
MikroTik 6.40.5 ICMP - Denial of Service
2017-12-11
Muslim Matrimonial Script 3.02 - 'succid' SQL Injection
2017-12-11
Vanguard 1.4 - SQL Injection
2017-12-11
Vanguard 1.4 - Arbitrary File Upload
2017-12-11
Basic Job Site Script 2.0.5 - SQL Injection
2017-12-11
Resume Clone Script 2.0.5 - SQL Injection
2017-12-11
Advanced World Database 2.0.5 - SQL Injection
2017-12-11
Groupon Clone Script 3.01 - 'state_id' / 'search' SQL Injection
2017-12-11
Car Rental Script 2.0.4 - 'val' SQL Injection
2017-12-11
MLM Forced Matrix 2.0.9 - 'newid' SQL Injection
2017-12-11
MLM Forex Market Plan Script 2.0.4 - 'newid' / 'eventid' SQL Injection
2017-12-11
Entrepreneur Bus Booking Script 3.0.4 - 'sourcebus' SQL Injection
2017-12-11
Advanced Real Estate Script 4.0.7 - SQL Injection
2017-12-11
Single Theater Booking Script 3.2.1 - 'findcity.php?q' SQL Injection
2017-12-11
Multiplex Movie Theater Booking Script 3.1.5 - 'moid' / 'eid' SQL Injection
2017-12-11
Responsive Events & Movie Ticket Booking Script 3.2.1 - 'findcity.php?q' SQL Injection
2017-12-11
Multireligion Responsive Matrimonial 4.7.2 - 'succid' SQL Injection
2017-12-11
Entrepreneur Dating Script 2.0.1 - 'marital' / 'gender' / 'country' / 'profileid' SQL Injection
2017-12-11
Responsive Realestate Script 3.2 - 'property-list?tbud' SQL Injection
2017-12-11
Readymade Video Sharing Script 3.2 - SQL Injection
2017-12-11
Readymade PHP Classified Script 3.3 - 'subctid' / 'mctid' SQL Injection
2017-12-11
Professional Service Script 1.0 - 'service-list?city' SQL Injection
2017-12-11
PHP Multivendor Ecommerce 1.0 - 'sid' / 'searchcat' / 'chid1' SQL Injection
2017-12-11
Opensource Classified Ads Script 3.2 - SQL Injection
2017-12-11
Online Exam Test Application Script 1.6 - 'exams.php?sort' SQL Injection
2017-12-11
Multivendor Penny Auction Clone Script 1.0 - SQL Injection
2017-12-11
Lawyer Search Script 1.1 - 'lawyer-list?city' SQL Injection
2017-12-11
Laundry Booking Script 1.0 - 'list?city' SQL Injection
2017-12-11
Secure E-commerce Script 2.0.1 - 'searchcat' / 'searchmain' SQL Injection
2017-12-11
Kickstarter Clone Acript 2.0 - 'projid' SQL Injection
2017-12-11
Foodspotting Clone Script 1.0 - 'quicksearch.php?q' SQL Injection
2017-12-11
Hot Scripts Clone 3.1 - 'subctid' / 'mctid' SQL Injection
2017-12-11
Freelance Website Script 2.0.6 - 'pr_id' / 'catid' SQL Injection
2017-12-11
Yoga Class Script 1.0 - 'list?city' SQL Injection
2017-12-11
Food Order Script 1.0 - 'list?city' SQL Injection
2017-12-11
Facebook Clone Script 1.0 - 'id' / 'send' SQL Injection
2017-12-11
E-commerce MLM Software 1.0 - SQL Injection
2017-12-10
Doctor Search Script 1.0 - 'city' SQL Injection
2017-12-10
Entrepreneur Job Portal Script 2.0.6 - 'jobsearch_all.php?rid1' SQL Injection
2017-12-10
Consumer Complaints Clone Script 1.0 - 'id' SQL Injection
2017-12-10
Event Calendar Category Script 1.0 - 'city' SQL Injection
2017-12-10
Co-work Space Search Script 1.0 - 'city' SQL Injection
2017-12-10
CMS Auditor Website 1.0 - SQL Injection
2017-12-10
Child Care Script 1.0 - 'city' SQL Injection
2017-12-10
Chartered Accountant Booking Script 1.0 - 'city' SQL Injection
2017-12-10
Cab Booking Script 1.0 - 'city' SQL Injection
2017-12-10
Nearbuy Clone Script 3.2 - 'search' SQL Injection
2017-12-10
Beauty Parlour Booking Script 1.0 - 'gender' / 'city' SQL Injection
2017-12-09
Basic B2B Script 2.0.8 - 'product_details.php?id' SQL Injection
2017-12-09
Affiliate MLM Script 1.0 - 'product-category.php?key' SQL Injection
2017-12-09
Advance Online Learning Management Script 3.1 - 'subcatid' / 'popcourseid' SQL Injection
2017-12-09
Advance B2B Script 2.1.3 - 'show_id' / 'pid' SQL Injection
2017-12-09
FS Foodpanda Clone 1.0 - SQL Injection
2017-12-09
FS Amazon Clone 1.0 - SQL Injection
2017-12-09
FS Crowdfunding Script 1.0 - 'latest_news_details.php?id' SQL Injection
2017-12-09
FS Expedia Clone 1.0 - 'fl_orig' / 'fl_dest' / 'id' SQL Injection
2017-12-09
FS Trademe Clone 1.0 - 'search' / 'id' SQL Injection
2017-12-09
FS Care Clone 1.0 - 'jobFrequency' / 'jobType' SQL Injection
2017-12-09
FS Ebay Clone 1.0 - 'id' / 'sub_category_id' / 'category_id' SQL Injection
2017-12-09
FS Freelancer Clone 1.0 - 'profile.php?u' SQL Injection
2017-12-09
FS Gigs Script 1.0 - 'cat' / 'sc' SQL Injection
2017-12-09
FS Groupon Clone 1.0 - 'id' SQL Injection
2017-12-09
FS Grubhub Clone 1.0 - 'keywords' SQL Injection
2017-12-09
FS IMDB Clone 1.0 - 'f' / 's' / 'id' SQL Injection
2017-12-09
FS Indiamart Clone 1.0 - 'token' / 'id' / 'c' SQL Injection
2017-12-09
FS Linkedin Clone 1.0 - 'grid' / 'fid' / 'id' SQL Injection
2017-12-09
FS Makemytrip Clone 1.0 - 'fl_orig' / 'fl_dest' SQL Injection
2017-12-09
Apple macOS 10.13.1 (High Sierra) - 'Blank Root' Local Privilege Escalation
2017-12-09
Apple macOS 10.13.1 (High Sierra) - Insecure Cron System Local Privilege Escalation
2017-12-08
FS Monster Clone 1.0 - 'Employer_Details.php?id' SQL Injection
2017-12-08
FS Olx Clone 1.0 - 'scat' / 'pid' SQL Injection
2017-12-08
FS Quibids Clone 1.0 - SQL Injection
2017-12-08
FS Thumbtack Clone 1.0 - 'cat' / 'sc' SQL Injection
2017-12-08
Website Auction Marketplace 2.0.5 - 'cat_id' SQL Injection
2017-12-08
FS Shutterstock Clone 1.0 - 'keywords' SQL Injection
2017-12-08
FS Stackoverflow Clone 1.0 - 'keywords' SQL Injection
2017-12-08
Realestate Crowdfunding Script 2.7.2 - 'pid' SQL Injection
2017-12-08
Simple Chatting System 1.0.0 - Arbitrary File Upload
2017-12-08
LabF nfsAxe FTP Client 3.7 - Buffer Overflow (DEP Bypass)
2017-12-08
DomainSale PHP Script 1.0 - 'id' SQL Injection
2017-12-08
Linux Kernel - DCCP Socket Use-After-Free
2017-12-07
Wireshark 2.4.0 - 2.4.2 / 2.2.0 - 2.2.10 - CIP Safety Dissector Crash
2017-12-07
OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting
2017-12-07
Claymore Dual ETH + DCR/SC/LBC/PASC GPU Miner - Stack Buffer Overflow / Path Traversal
2017-12-07
Polycom Shell HDX Series - Traceroute Command Execution (Metasploit)
2017-12-07
Microsoft Windows Defender - Controlled Folder Bypass Through UNC Path
2017-12-07
FS Facebook Clone - 'token' SQL Injection
2017-12-07
FS IMDB Clone - 'id' SQL Injection
2017-12-07
LaCie 5big Network 2.2.8 - Command Injection
2017-12-07
WAGO PFC 200 SERIES Multiple Vulnerabilities
2017-12-06
Tinysvcmdns Multi-label DNS Heap Overflow Vulnerability
2017-12-06
HP iMC Plat 7.2 - Remote Code Execution Exploit (2)
2017-12-06
HP iMC Plat 7.2 - Remote Code Execution Exploit
2017-12-06
Jobs2Careers / Coroflot Clone - SQL Injection Vulnerability
2017-12-06
MistServer 2.12 - Cross-Site Scripting Vulnerability
2017-12-06
Artica Web Proxy 3.06 - Remote Code Execution Vulnerability
2017-12-06
ZKTeco ZKTime Web 2.0.1.12280 Cross Site Scripting Vulnerability
2017-12-06
ZKTeco ZKTime Web 2.0.1.12280 Cross Site Request Forgery Vulnerability
2017-12-06
macOS High Sierra - Root Privilege Escalation Exploit
2017-12-06
WordPress WooCommerce 2.0/3.0 Plugin - Directory Traversal Vulnerability
2017-12-06
Linux Kernel - The Huge Dirty Cow Overwriting The Huge Zero Page Exploit
2017-12-06
Proxifier for Mac 2.19 - Local root Privilege Escalation
2017-12-06
Hashicorp vagrant-vmware-fusion 4.0.23 - Local root Privilege Escalation
2017-12-06
Hashicorp vagrant-vmware-fusion 4.0.24 - Local root Privilege Escalation
2017-12-06
Hashicorp vagrant-vmware-fusion 5.0.0 - Local root Privilege Escalation
2017-12-06
Sera 1.2 - Local root Privilege Escalation / Password Disclosure
2017-12-06
Hashicorp vagrant-vmware-fusion 5.0.1 - Local root Privilege Escalation
2017-12-06
Hashicorp vagrant-vmware-fusion 5.0.3 - Local root Privilege Escalation
2017-12-06
Arq 5.9.6 - Local root Privilege Escalation
2017-12-06
Murus 1.4.11 - Local root Privilege Escalation
2017-12-06
Arq 5.9.7 - Local root Privilege Escalation
2017-12-06
FS Shaadi Clone - 'token' SQL Injection
2017-12-06
WinduCMS 3.1 - Local File Disclosure
2017-12-06
FS Makemytrip Clone - 'id' SQL Injection
2017-12-06
Techno Portfolio Management Panel - 'id' SQL Injection
2017-12-05
Readymade Classifieds Script 1.0 - SQL Injection
2017-12-05
Perspective ICM Investigation & Case 5.1.1.16 - Privilege Escalation
2017-12-05
VX Search 10.2.14 - 'command_name' Buffer Overflow
2017-12-05
Abyss Web Server < 2.11.6 - Heap Memory Corruption
2017-12-01
Artica Web Proxy 3.06 - Remote Code Execution
2017-12-01
MistServer 2.12 - Cross-Site Scripting
2017-12-01
Jobs2Careers / Coroflot Clone - SQL Injection
2017-12-01
HP iMC Plat 7.2 - Remote Code Execution (2)
2017-12-01
HP iMC Plat 7.2 - Remote Code Execution
2017-12-01
macOS High Sierra - Root Privilege Escalation (Metasploit)
2017-11-30
Linux Kernel - 'The Huge Dirty Cow' Overwriting The Huge Zero Page
2017-11-30
Asterisk 13.17.2 - Memory Corruption
2017-11-30
WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal
2017-11-30
Hipchat For Mac 4.x Remote Code Execution Vulnerability
2017-11-30
Hipchat Data Center / Hipchat Server Code Execution / SSRF Vulnerabilities
2017-11-30
MacOSX Root Privilege Escalation Exploit
2017-11-30
Apache CouchDB Remote Code Execution Vulnerability
2017-11-30
Exim Use-After-Free Exploit
2017-11-30
osCommerce 2.3.4.1 - Arbitrary File Upload Exploit
2017-11-29
Microsoft Windows 10 Creators Update version 1703 - Kernel Local Privilege Escalation Exploit
2017-11-29
pfSense 2.3.1_1 Remote Command Execution Exploit
2017-11-29
HikVision Wi-Fi IP Camera Wireless Access Point State Vulnerability
2017-11-29
Android Gmail < 7.11.5.176568039 - Directory Traversal in Attachment Download Exploit
2017-11-29
Synology StorageManager 5.2 - Remote Root Command Execution Exploit
2017-11-29
CMS Made Simple 2.1.6 Cross Site Scripting / Template Injection Vulnerabilities
2017-11-29
KMPlayer 4.2.2.4 - Denial of Service Exploit
2017-11-29
Winamp Pro 5.66.Build.3512 - Denial of Service Exploit
2017-11-29
Diving Log 6.0 - XML External Entity Injection Vulnerability
2017-11-29
ZTE ZXDSL 831CII - Improper Access Restrictions Vulnerability
2017-11-29
Exim 4.89 - BDAT Denial of Service Exploit
2017-11-29
Wget HTTP integer overflow Exploit
2017-11-29
JBOSSAS 5.x/6.x Deserializer Vulnerability
2017-11-29
JBOSSAS 4.x Deserializer Vulnerability
2017-11-29
Cambium Multiple Vulnerabilities
2017-11-29
DblTek GoIP GSM Gateway Multiple Vulnerabilities
2017-11-29
WordPress CMS Tree Page View 1.3.4 plugin Privilege Escalation Vulnerability
2017-11-29
WordPress WPDB SQL Injection Vulnerability
2017-11-29
Ubuntu 17.04 Linux Kernel XFRM Privilege Escalation Exploit
2017-11-29
D-Link DIR-850L Credential Disclosure Exploit
2017-11-29
CSC Cart 4.6.2 Shell Upload Vulnerability
2017-11-29
Microsoft Windows win32kfull!GreUpdateSpriteInternal Kernel Stack Memory Disclosure Exploit
2017-11-29
Microsoft Windows win32kbase!NtQueryCompositionInputQueueAndTransform Kernel Stack Memory Disclosure
2017-11-29
Microsoft Edge Chakra JIT Incorrect Function Declaration Scope Exploit
2017-11-29
Microsoft Edge Chakra JIT Inline::InlineCallApplyTarget_Shared Failed Return Exploit
2017-11-29
Microsoft Edge Chakra JIT GlobOpt::OptTagChecks Property Consideration Exploit
2017-11-29
Microsoft Edge Chakra JIT BailOutOnTaggedValue Bailouts Exploit
2017-11-29
CommuniGatePro 6.1.16 Cross Site Scripting Vulnerability
2017-11-29
ALLPlayer 7.5 - Local Buffer Overflow (SEH Unicode) Exploit
2017-11-29
Linux - mincore() Uninitialized Kernel Heap Page Disclosure Exploit
2017-11-29
WebKit - WebCore::FormSubmission::create Use-After-Free Exploit
2017-11-29
WebKit - WebCore::RenderObject::previousSibling Use-After-Free Exploit
2017-11-29
WebKit - WebCore::DocumentLoader::frameLoader Use-After-Free Exploit
2017-11-29
WebKit - WebCore::Style::TreeResolver::styleForElement Use-After-Free Exploit
2017-11-29
WebKit - WebCore::SVGPatternElement::collectPatternAttributes Out-of-Bounds Read Exploit
2017-11-29
WebKit - WebCore::SimpleLineLayout::RunResolver::runForPoint Out-of-Bounds Read Exploit
2017-11-29
WebKit - WebCore::RenderText::localCaretRect Out-of-Bounds Read Exploit
2017-11-29
WebKit - WebCore::AXObjectCache::performDeferredCacheUpdate Use-After-Free Exploit
2017-11-29
WebKit - WebCore::PositionIterator::decrement Use-After-Free Exploit
2017-11-29
WebKit - WebCore::InputType::element Use-After-Free Exploit
2017-11-29
WebKit - WebCore::TreeScope::documentScope Use-After-Free Exploit
2017-11-29
Icon Time Systems RTC-1000 Firmware 2.5.7458 - Cross-Site Scripting Vulnerability
2017-11-29
MyTy 5.1.6 Blind SQL Injection Vulnerability
2017-11-29
MyTy 5.1.7 Cross Site Scripting Vulnerability
2017-11-29
WordPress Breezing Forms 1.2.7.42 Cross Site Scripting Vulnerability
2017-11-29
WordPress Yoast SEO Cross Site Scripting Vulnerability
2017-11-29
Vonage VDV-23 - Denial of Service Exploit
2017-11-29
WordPress In Link 1.0 SQL Injection Vulnerability
2017-11-29
WordPress amtyThumb 8.1.3 Cross Site Scripting Vulnerability
2017-11-29
WordPress Advanced Post Type Ratings 1.1 Cross Site Scripting Vulnerability
2017-11-29
WordPress Emag Marketplace Connector 1.0 Cross Site Scripting Vulnerability
2017-11-29
RSA Authentication Manager 8.2 SP1 P5 Cross Site Scripting Vulnerability
2017-11-29
EMC ScaleIO 2.0.1.x Buffer Overflow / Information Disclosure Vulnerabilities
2017-11-29
Microsoft Windows NTFS File System Metadata Disclosures Exploit
2017-11-29
Microsoft Windows 10 - nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry) Pool Memory Disclosur
2017-11-29
MyBB 1.8.13 - Cross-Site Scripting Vulnerability
2017-11-29
Microsoft Office - OLE Remote Code Execution Exploit
2017-11-29
Microsoft Windows 10 - CiSetFileCache TOCTOU Security Feature Bypass Vulnerability
2017-11-29
iOS < 11.1 / tvOS < 11.1 / watchOS < 4.1 - Denial of Service Exploit
2017-11-29
Dell Active Roles 7.x Unquoted Service Path Privilege Escalation Vulnerability
2017-11-29
phpMyFAQ 2.9.9 Code Injection Exploit
2017-11-29
Cisco Umbrella Virtual Appliance 2.1.0 Hardcoded Credentials Vulnerability
2017-11-29
TP-Link TL-WA830RE - Cross-Site Scripting Vulnerability
2017-11-29
Progress Sitefinity 10.0 / 10.1 Broken Access Control / LINQ Injection Vulnerability
2017-11-29
VX Search 10.2.14 - Proxy Buffer Overflow (SEH) Exploit
2017-11-29
Microsoft Edge Chakra JIT - OP_Memset Type Confusion Exploit
2017-11-29
Microsoft Edge Chakra JIT - Lowerer::LowerBoundCheck Incorrect Integer Overflow Check Exploit
2017-11-29
Microsoft Edge Chakra JIT - Type Confusion with switch Statements Exploit
2017-11-29
Microsoft Edge - Object.setPrototypeOf Memory Corruption Exploit
2017-11-29
Zeta Components Mail 1.8.1 - Remote Code Execution Vulnerability
2017-11-29
LanSweeper 6.0.100.75 - Cross-Site Scripting Vulnerability
2017-11-29
Vonage VDV23 - Cross-Site Scripting Vulnerability
2017-11-29
DLink DIR-605L < 2.08 - Denial of Service Exploit
2017-11-29
DLink DCS-936L Network Camera Cross-Site Request Forgery Vulnerability
2017-11-29
TP-Link TL-WR740N - Cross-Site Scripting Vulnerability
2017-11-29
WIFICAM Wireless IP Camera (P2P) - Unauthenticated Remote Code Execution Exploit
2017-11-29
PHP 7.1.8 - Heap-Based Buffer Overflow Vulnerability
2017-11-29
Vivotek IP Cameras Remote Stack Overflow Vulnerability
2017-11-29
QEMU - NBD Server Long Export Name Stack Buffer Overflow
2017-11-29
pfSense - Authenticated Group Member RCE (Metasploit)
2017-11-29
Microsoft Windows 10 Creators Update (version 1703) (x86) - 'WARBIRD' 'NtQuerySystemInformation ' Kernel Local Privilege Escalation
2017-11-29
osCommerce 2.3.4.1 - Arbitrary File Upload
2017-11-29
DVD Creator 4.1.0 - Insecure File Permissions Vulnerability
2017-11-28
Hola VPN v1.34 - Privilege Escalation Vulnerability
2017-11-28
Synology StorageManager 5.2 - Remote Root Command Execution
2017-11-28
Android Gmail < 7.11.5.176568039 - Directory Traversal in Attachment Download
2017-11-28
ZTE ZXDSL 831CII - Improper Access Restrictions
2017-11-27
Diving Log 6.0 - XML External Entity Injection
2017-11-27
Winamp Pro 5.66.Build.3512 - Denial of Service
2017-11-27
KMPlayer 4.2.2.4 - Denial of Service
2017-11-27
Exim 4.89 - 'BDAT' Denial of Service
2017-11-27
Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly
2017-11-27
Microsoft Edge Chakra JIT - Incorrect Function Declaration Scope
2017-11-27
Microsoft Edge Chakra JIT - 'Inline::InlineCallApplyTarget_Shared' does not Return the return Instruction
2017-11-27
Microsoft Edge Chakra JIT - 'BailOutOnTaggedValue' Bailouts Type Confusion
2017-11-27
CommuniGatePro 6.1.16 - Cross-Site Scripting
2017-11-27
ALLPlayer 7.5 - Local Buffer Overflow (SEH Unicode)
2017-11-26
Linux - 'mincore()' Uninitialized Kernel Heap Page Disclosure
2017-11-24
WebKit - 'WebCore::FormSubmission::create' Use-After-Free
2017-11-22
WebKit - 'WebCore::RenderObject::previousSibling' Use-After-Free
2017-11-22
WebKit - 'WebCore::DocumentLoader::frameLoader' Use-After-Free
2017-11-22
WebKit - 'WebCore::Style::TreeResolver::styleForElement' Use-After-Free
2017-11-22
WebKit - 'WebCore::SVGPatternElement::collectPatternAttributes' Out-of-Bounds Read
2017-11-22
WebKit - 'WebCore::SimpleLineLayout::RunResolver::runForPoint' Out-of-Bounds Read
2017-11-22
WebKit - 'WebCore::RenderText::localCaretRect' Out-of-Bounds Read
2017-11-22
WebKit - 'WebCore::AXObjectCache::performDeferredCacheUpdate' Use-After-Free
2017-11-22
WebKit - 'WebCore::PositionIterator::decrement' Use-After-Free
2017-11-22
WebKit - 'WebCore::InputType::element' Use-After-Free
2017-11-22
WebKit - 'WebCore::TreeScope::documentScope' Use-After-Free
2017-11-22
Vonage VDV-23 - Denial of Service
2017-11-22
Icon Time Systems RTC-1000 Firmware 2.5.7458 - Cross-Site Scripting
2017-11-22
Microsoft Windows 10 - 'nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry)' Pool Memory Disclosure
2017-11-21
Microsoft Office - OLE Remote Code Execution
2017-11-21
Microsoft Windows 10 - CiSetFileCache TOCTOU Security Feature Bypass
2017-11-20
iOS < 11.1 / tvOS < 11.1 / watchOS < 4.1 - Denial of Service
2017-11-20
MyBB 1.8.13 - Cross-Site Scripting
2017-11-19
MyBB 1.8.13 - Remote Code Execution
2017-11-19
VX Search 10.2.14 - 'Proxy' Buffer Overflow (SEH)
2017-11-17
Zeta Components Mail 1.8.1 - Remote Code Execution
2017-11-16
Microsoft Edge Chakra: JIT - 'OP_Memset' Type Confusion
2017-11-16
Microsoft Edge Chakra: JIT - 'Lowerer::LowerBoundCheck' Incorrect Integer Overflow Check
2017-11-16
Microsoft Edge Chakra JIT - Type Confusion with switch Statements
2017-11-16
Microsoft Edge - 'Object.setPrototypeOf' Memory Corruption
2017-11-16
Vonage VDV23 - Cross-Site Scripting
2017-11-16
LanSweeper 6.0.100.75 - Cross-Site Scripting
2017-11-16
TP-Link TL-WR740N - Cross-Site Scripting
2017-11-16
Anti-Virus Privileged File Write Vulnerability
2017-11-16
Identity Governance 12.6 Cross Site Scripting Vulnerability
2017-11-16
WordPress AMP Toolbox 1.9.4 Cross Site Scripting Vulnerability
2017-11-16
WordPress DFD Reddcoin Tips 1.1.1 Cross Site Scripting Vulnerability
2017-11-16
WordPress Affiliate Ads For Clickbank Products 1.3 XSS Vulnerability
2017-11-16
Scala 2.x Privilege Escalation Vulnerability
2017-11-16
Siemens SICAM RTUs SM-2556 COM Modules XSS / Bypass / Code Execution Vulnerabilities
2017-11-16
Allworx Server Manager 6x / 6x12 / 48x Cross Site Scripting Vulnerability
2017-11-16
Dup Scout Enterprise 10.0.18 - Login Buffer Overflow Exploit
2017-11-16
PSFTPd Windows FTP Server 10.0.4 Build 729 - Log Injection / Use-After-Free Vulnerability
2017-11-16
Technicolor TG789vn v3 HTTP DoS Exploit
2017-11-16
WordPress Appointments 2.2.2.2 Cross Site Scripting Vulnerability
2017-11-16
WordPress Cartogiraffe Map 1.0 Cross Site Scripting Vulnerability
2017-11-16
WordPress Boozang 1.0.0 Cross Site Scripting Vulnerability
2017-11-16
D-Link DIR-850L Unauthenticated Command Execution Exploit
2017-11-16
Ulterius Server < 1.9.5.0 - Directory Traversal Exploit
2017-11-16
Kirby CMS < 2.5.7 - Cross-Site Scripting Vulnerability
2017-11-16
Monstra CMS 3.0.4 Cross Site Scripting Vulnerability
2017-11-16
Web Viewer 1.0.0.193 (Samsung SRN-1670D) - Unrestricted File Upload Exploit
2017-11-16
IKARUS anti.virus 2.16.7 - ntguard_x64 Privilege Escalation Exploit
2017-11-16
Xlight FTP Server 3.8.8.5 - Buffer Overflow (PoC) Exploit
2017-11-16
Fierce Buffer Overflow Vulnerability
2017-11-16
Symantec Endpoint Protection v12.1 / Tamper-Protection Bypass Exploit
2017-11-16
Microsoft Internet Explorer 11 jscript!JsErrorToString Use-After-Free Exploit
2017-11-16
Datto Windows Agent Remote Code Execution Vulnerability
2017-11-16
WordPress Secure HTML5 Video Player 3.14 Cross Site Scripting Vulnerability
2017-11-16
D-Link DIR605L - Denial of Service
2017-11-15
D-Link DCS-936L Network Camera - Cross-Site Request Forgery
2017-11-15
Dup Scout Enterprise 10.0.18 - 'Login' Buffer Overflow
2017-11-15
PSFTPd Windows FTP Server 10.0.4 Build 729 - Log Injection / Use-After-Free
2017-11-14
PHP 7.1.8 - Heap-Based Buffer Overflow
2017-11-14
Mako Server 2.5 - OS Command Injection Remote Command Execution (Metasploit)
2017-11-14
Microsoft Internet Explorer 11 - 'jscript!JsErrorToString' Use-After-Free
2017-11-14
DIR-850L - (Un)authenticated OS Command Execution (Metasploit)
2017-11-14
Wireless IP Camera (P2P) WIFICAM - Unauthenticated Remote Code Execution
2017-11-14
Ulterius Server < 1.9.5.0 - Directory Traversal
2017-11-14
Kirby CMS < 2.5.7 - Cross-Site Scripting
2017-11-14
IKARUS anti.virus 2.16.7 - 'ntguard_x64' Privilege Escalation
2017-11-13
Web Viewer 1.0.0.193 (Samsung SRN-1670D) - Unrestricted File Upload
2017-11-13
Xlight FTP Server 3.8.8.5 - Buffer Overflow (PoC)
2017-11-13
Symantec Endpoint Protection 12.1 - Tamper-Protection Bypass
2017-11-13
Microsoft Windows LNK File Code Execution Exploit
2017-11-09
WordPress Ultimate Instagram Feed 1.2 Cross Site Scripting Vulnerability
2017-11-09
IBM Lotus Notes Denial Of Service Exploit
2017-11-09
Mako Server 2.5 Command Injection Exploit
2017-11-09
Geutebrueck GCore GCoreServer.exe Buffer Overflow Exploit
2017-11-09
iText PDF Library 7.0.2 / 5.5.11 / 2.0.8 XXE Injection Vulnerability
2017-11-09
WordPress Duplicator Migration 1.2.28 Cross Site Scripting Vulnerability
2017-11-09
Linux Kernel 4.13 (Ubuntu 17.10) - waitid() SMEP/SMAP Privilege Escalation Exploit
2017-11-09
pfSense 2.3.1_1 - Command Execution Vulnerability
2017-11-09
ManageEngine Applications Manager 13 - SQL Injection Vulnerability
2017-11-09
Logitech Media Server 7.9.0 - Radio URL Cross-Site Scripting Vulnerability
2017-11-09
Logitech Media Server 7.9.0 - favorites Cross-Site Scripting Vulnerability
2017-11-09
SMPlayer 17.11.0 - .m3u Buffer Overflow (PoC) Exploit
2017-11-09
ManageEngine Applications Manager 13 - SQL Injection
2017-11-07
pfSense 2.3.1_1 - Command Execution
2017-11-07
Bludit 1.5.2 & 2.0.1 - Filter Bypass & Cross Site Vulnerability
2017-11-07
TinyWebGallery v2.4 (TWGE) - Persistent XSS Vulnerability
2017-11-07
Linux Kernel 4.13 (Ubuntu 17.10) - 'waitid()' SMEP/SMAP Privilege Escalation
2017-11-07
SMPlayer 17.11.0 - '.m3u' Buffer Overflow (PoC)
2017-11-06
Logitech Media Server 7.9.0 - 'Radio URL' Cross-Site Scripting
2017-11-06
Logitech Media Server 7.9.0 - 'favorites' Cross-Site Scripting
2017-11-06
WordPress Userpro Plugin 4.9.17.1 - Authentication Bypass Vulnerability
2017-11-06
Actiontec C1000A Modem - Backdoor Account Vulnerability
2017-11-06
Debut Embedded httpd 1.20 - Denial of Service Exploit
2017-11-06
Avaya OfficeScan (IPO) < 10.1 - 'SoftConsole' Buffer Overflow (SEH)
2017-11-06
Avaya OfficeScan (IPO) < 10.1 - ActiveX Buffer Overflow
2017-11-06
Debut Embedded httpd 1.20 - Denial of Service
2017-11-06
Ipswitch WS_FTP Professional < 12.6.0.3 - Local Buffer Overflow (SEH) Exploit
2017-11-06
Actiontec C1000A Modem - Backdoor Account
2017-11-06
WordPress Plugin Userpro < 4.9.17.1 - Authentication Bypass
2017-11-06
Ipswitch WS_FTP Professional < 12.6.0.3 - Local Buffer Overflow (SEH)
2017-11-06
Avaya OfficeScan (IPO) Remote ActiveX Buffer Overflow Exploit
2017-11-05
Avaya OfficeScan (IPO) SoftConsole Remote SEH Buffer Overflow Exploit
2017-11-05
Tor Browser 7.0.8 IP Address Leak Vulnerability
2017-11-05
Splunk 6.6.x Local Privilege Escalation Vulnerability
2017-11-05
Oracle PeopleSoft Enterprise PeopleTools < 8.55 - Remote Code Execution Via Blind XML External En
2017-11-05
WordPress WP Mobile Detector 3.5 Shell Upload Exploit
2017-11-05
WordPress JTRT Responsive Tables 4.1 Plugin - SQL Injection Vulnerability
2017-11-05
tnftp (savefile) Arbitrary Command Execution Exploit
2017-11-05
GraphicsMagick - Memory Disclosure / Heap Overflow Exploit
2017-11-05
Ladon Framework For Python 0.9.40 XXE Injection Vulnerability
2017-11-05
Sera 1.2 Local Root / Password Disclosure Exploit
2017-11-05
Vir.IT eXplorer Anti-Virus - Privilege Escalation Exploit
2017-11-05
WhatsApp 2.17.52 - Memory Corruption Exploit
2017-11-05
ZyXEL PK5001Z Modem - Backdoor Account Vulnerability
2017-11-05
Ingenious School Management System 2.3.0 - friend_index SQL injection Vulnerability
2017-11-05
OctoberCMS 1.0.426 (Build 426) - Cross-Site Request Forgery Vulnerability
2017-11-05
WordPress User Login History 1.5.2 Cross Site Scripting Vulnerability
2017-11-05
SpiderControl SCADA Web Server 2.02.0007 Improper Privilege Management Vulnerability
2017-11-05
JanTek JTC-200 RS232-NET Connector CSRF / Missing Authentication Vulnerability
2017-11-05
Progea Movicon 11.5.1181 Search Path Issues Vulnerability
2017-11-05
Sync Breeze 10.1.16 Buffer Overflow Vulnerability
2017-11-05
EMC VMAX Virtual Appliance (vApp) Authentication Bypass Vulnerability
2017-11-05
EMC AppSync Server Hardcoded Password Vulnerability
2017-11-05
Oracle Java SE - Web Start jnlp XML External Entity Processing Information Disclosure Exploit
2017-11-05
Ingenious 2.3.0 - Arbitrary File Upload Vulnerability
2017-11-05
D-Park Pro 1.0 - SQL Injection Vulnerability
2017-11-05
Adult Script Pro 2.2.4 - SQL Injection Vulnerability
2017-11-05
Article Directory Script 3.0 - id SQL Injection Vulnerability
2017-11-05
iProject Management System 1.0 - ID SQL Injection Vulnerability
2017-11-05
iStock Management System 1.0 - Arbitrary File Upload Vulnerability
2017-11-05
iTech Gigs Script 1.21 - SQL Injection Vulnerability
2017-11-05
Exploits/page:


Page:
1-4-2 (www02)