|
iOS 12.1.3 - 'cfprefsd' Memory Corruption
|
|
2019-05-06
|
|
NSClient++ 0.5.2.35 - Privilege Escalation
|
|
2019-05-06
|
|
Linux/x86 - shred file Shellcode (72 bytes)
|
|
2019-05-06
|
|
Linux/x86 - Multiple keys XOR Encoder / Decoder execve(/bin/sh) Shellcode (59 bytes)
|
|
2019-05-06
|
|
microASP (Portal+) CMS - 'pagina.phtml?explode_tree' SQL Injection
|
|
2019-05-06
|
|
PHPads 2.0 - 'click.php3?bannerID' SQL Injection
|
|
2019-05-06
|
|
Xitami Web Server 2.5 - Remote Buffer Overflow (SEH + Egghunter)
|
|
2019-05-06
|
|
ReadyAPI 2.5.0 / 2.6.0 - Remote Code Execution
|
|
2019-05-06
|
|
LG Supersign EZ CMS - Remote Code Execution (Metasploit)
|
|
2019-05-06
|
|
Wordpress Plugin Social Warfare < 3.5.3 - Remote Code Execution
|
|
2019-05-03
|
|
SolarWinds DameWare Mini Remote Control 10.0 - Denial of Service
|
|
2019-05-03
|
|
Blue Angel Software Suite - Command Execution
|
|
2019-05-03
|
|
Linux/x86 - Openssl Encrypt Files With aes256cbc Shellcode (185 bytes)
|
|
2019-05-03
|
|
Windows PowerShell ISE - Remote Code Execution
|
|
2019-05-03
|
|
Linux/x86 - Reverse Shell Shellcode (91 Bytes) + Python Wrapper
|
|
2019-05-03
|
|
Zotonic < 0.47.0 mod_admin - Cross-Site Scripting
|
|
2019-05-03
|
|
Instagram Auto Follow - Authentication Bypass
|
|
2019-05-03
|
|
Crestron AM/Barco wePresent WiPG/Extron ShareLink/Teq AV IT/SHARP PN-L703WA/Optoma WPS-Pro/Blackbox HD WPS/InFocus LiteShow - Remote Command Injection
|
|
2019-05-03
|
|
Ruby On Rails - DoubleTap Development Mode secret_key_base Remote Code Execution (Metasploit)
|
|
2019-05-02
|
|
CentOS Web Panel 0.9.8.793 (Free) / v0.9.8.753 (Pro) / 0.9.8.807 (Pro) - Domain Field (Add DNS Zone) Cross-Site Scripting
|
|
2019-05-01
|
|
Pimcore < 5.71 - Unserialize RCE (Metasploit)
|
|
2019-04-30
|
|
AIS logistics ESEL-Server - Unauth SQL Injection RCE (Metasploit)
|
|
2019-04-30
|
|
Linux - Missing Locking Between ELF coredump code and userfaultfd VMA Modification
|
|
2019-04-30
|
|
Oracle Weblogic 10.3.6.0.0 / 12.1.3.0.0 - Remote Code Execution
|
|
2019-04-30
|
|
DeviceViewer 3.12.0.1 - 'user' SEH Overflow
|
|
2019-04-30
|
|
SpotAuditor 5.2.6 - 'Name' Denial of Service (PoC)
|
|
2019-04-30
|
|
Agent Tesla Botnet - Information Disclosure
|
|
2019-04-30
|
|
Hyvikk Fleet Manager - Shell Upload
|
|
2019-04-30
|
|
Moodle 3.6.3 - 'Install Plugin' Remote Command Execution (Metasploit)
|
|
2019-04-30
|
|
Joomla! Component JiFile 2.3.1 - Arbitrary File Download
|
|
2019-04-30
|
|
Domoticz 4.10577 - Unauthenticated Remote Command Execution
|
|
2019-04-30
|
|
Spring Cloud Config 2.1.x - Path Traversal (Metasploit)
|
|
2019-04-30
|
|
HumHub 1.3.12 - Cross-Site Scripting
|
|
2019-04-30
|
|
Intelbras IWR 3000N 1.5.0 - Cross-Site Request Forgery
|
|
2019-04-30
|
|
Joomla! Component ARI Quiz 3.7.4 - SQL Injection
|
|
2019-04-30
|
|
Intelbras IWR 3000N - Denial of Service (Remote Reboot)
|
|
2019-04-30
|
|
Veeam ONE Reporter 9.5.0.3201 - Persistent Cross-site Scripting (Add/Edit Widget)
|
|
2019-04-30
|
|
Veeam ONE Reporter 9.5.0.3201 - Persistent Cross-Site Scripting
|
|
2019-04-30
|
|
Veeam ONE Reporter 9.5.0.3201 - Multiple Cross-Site Request Forgery
|
|
2019-04-30
|
|
Netgear DGN2200 / DGND3700 - Admin Password Disclosure
|
|
2019-04-30
|
|
Freefloat FTP Server 1.0 - 'STOR' Remote Buffer Overflow
|
|
2019-04-30
|
|
Freefloat FTP Server 1.0 - 'SIZE' Remote Buffer Overflow
|
|
2019-04-30
|
|
systemd - DynamicUser can Create setuid Binaries when Assisted by Another Process
|
|
2019-04-26
|
|
Apache Pluto 3.0.0 / 3.0.1 - Persistent Cross-Site Scripting
|
|
2019-04-26
|
|
NSauditor 3.1.2.0 - 'Name' Denial of Service (PoC)
|
|
2019-04-26
|
|
NSauditor 3.1.2.0 - 'Community' Denial of Service (PoC)
|
|
2019-04-26
|
|
RARLAB WinRAR 5.61 - ACE Format Input Validation Remote Code Execution (Metasploit)
|
|
2019-04-25
|
|
Lavavo CD Ripper 4.20 - 'License Activation Name' Buffer Overflow (SEH)
|
|
2019-04-25
|
|
AnMing MP3 CD Burner 2.0 - Denial of Service (PoC)
|
|
2019-04-25
|
|
osTicket 1.11 - Cross-Site Scripting / Local File Inclusion
|
|
2019-04-25
|