phpBB 3.2.3 - Remote Code Execution
|
|
2019-03-08
|
WordPress Core 5.0 - Remote Code Execution
|
|
2019-03-08
|
Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit)
|
|
2019-03-08
|
Imperva SecureSphere 13.x - 'PWS' Command Injection (Metasploit)
|
|
2019-03-08
|
FreeBSD - Intel SYSRET Privilege Escalation (Metasploit)
|
|
2019-03-08
|
Anyburn 4.3 x86 - 'Copy disc to image file' Buffer Overflow (Unicode) (SEH)
|
|
2019-03-08
|
QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)
|
|
2019-03-08
|
Kados R10 GreenBee - Multiple SQL Injection
|
|
2019-03-08
|
Android - getpidcon() Usage in Hardware binder ServiceManager Permits ACL Bypass
|
|
2019-03-08
|
Android - binder Use-After-Free via racy Initialization of ->allow_user_free
|
|
2019-03-08
|
Linux < 4.20.14 - Virtual Address 0 is Mappable via Privileged write() to /proc/*/mem
|
|
2019-03-08
|
Java Debug Wire Protocol (JDWP) - Remote Code Execution
|
|
2019-03-06
|
OpenDocMan 1.3.4 - 'search.php where' SQL Injection
|
|
2019-03-05
|
Linux/x86 - XOR Encoder / Decoder execve() /bin/sh Shellcode (45 bytes)
|
|
2019-03-05
|
Fiberhome AN5506-04-F RP2669 - Persistent Cross-Site Scripting
|
|
2019-03-04
|
WordPress Plugin Cerber Security, Antispam & Malware Scan 8.0 - Multiple Bypass Vulnerabilities
|
|
2019-03-04
|
Craft CMS 3.1.12 Pro - Cross-Site Scripting
|
|
2019-03-04
|
Bolt CMS 3.6.4 - Cross-Site Scripting
|
|
2019-03-04
|
MarcomCentral FusionPro VDP Creator < 10.0 - Directory Traversal
|
|
2019-03-04
|
Linux/x86 - NOT Encoder / Decoder - execve() /bin/sh Shellcode (44 bytes)
|
|
2019-03-04
|
Linux/x64 - Kill All Processes Shellcode (11 bytes)
|
|
2019-03-04
|
Linux/x86 - iptables -F Shellcode (43 bytes)
|
|
2019-03-04
|
Raisecom XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 - Remote Code Execution
|
|
2019-03-04
|
zzzphp CMS 1.6.1 - Cross-Site Request Forgery
|
|
2019-03-04
|
Splunk Enterprise 7.2.4 - Custom App RCE (Persistent Backdoor - Custom Binary Payload)
|
|
2019-03-04
|
Booked Scheduler 2.7.5 - Remote Command Execution (Metasploit)
|
|
2019-03-04
|
Microsoft Edge Chakra 1.11.4 - Read Permission via Type Confusion
|
|
2019-03-04
|
FileZilla 3.40.0 - 'Local search' / 'Local site' Denial of Service (PoC)
|
|
2019-03-04
|
OOP CMS BLOG 1.0 - Multiple Cross-Site Request Forgery
|
|
2019-03-04
|
OOP CMS BLOG 1.0 - Multiple SQL Injection
|
|
2019-03-04
|
elFinder 2.1.47 - Command Injection vulnerability in the PHP connector
|
|
2019-03-04
|
CMSsite 1.0 - Multiple Cross-Site Request Forgery
|
|
2019-03-04
|
Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow
|
|
2019-03-04
|
Cisco WebEx Meetings < 33.6.6 / < 33.9.1 - Privilege Escalation
|
|
2019-03-01
|
macOS XNU - Copy-on-Write Behavior Bypass via Mount of User-Owned Filesystem Image
|
|
2019-03-01
|
Linux < 4.14.103 / < 4.19.25 - Out-of-Bounds Read and Write in SNMP NAT Module
|
|
2019-03-01
|
tcpdump < 4.9.3 - Multiple Heap-Based Out-of-Bounds Reads
|
|
2019-03-01
|
Google Chrome < M72 - FileWriterImpl Use-After-Free
|
|
2019-03-01
|
Google Chrome < M72 - Use-After-Free in RenderProcessHostImpl Binding for P2PSocketDispatcherHost
|
|
2019-03-01
|
Google Chrome < M72 - RenderFrameHostImpl::CreateMediaStreamDispatcherHost Use-After-Free
|
|
2019-03-01
|
Google Chrome < M72 - PaymentRequest Service Use-After-Free
|
|
2019-03-01
|
Feng Office 3.7.0.5 - Remote Command Execution (Metasploit)
|
|
2019-02-28
|
TransMac 12.3 - Denial of Service (PoC)
|
|
2019-02-28
|
Usermin 1.750 - Remote Command Execution (Metasploit)
|
|
2019-02-28
|
Joomla! Component J2Store < 3.3.7 - SQL Injection
|
|
2019-02-28
|
WebKitGTK 2.23.90 / WebKitGTK+ 2.22.6 - Denial of Service
|
|
2019-02-28
|
FTP Server 1.32 - Denial of Service
|
|
2019-02-28
|
Simple Online Hotel Reservation System - Cross-Site Request Forgery (Delete Admin)
|
|
2019-02-28
|
Simple Online Hotel Reservation System - Cross-Site Request Forgery (Add Admin)
|
|
2019-02-28
|
Simple Online Hotel Reservation System - SQL Injection
|
|
2019-02-28
|