|
osTicket 1.11 - Cross-Site Scripting / Local File Inclusion
|
|
2019-04-25
|
|
JioFi 4G M2S 1.0.2 - Denial of Service
|
|
2019-04-25
|
|
JioFi 4G M2S 1.0.2 - 'mask' Cross-Site Scripting
|
|
2019-04-25
|
|
Backup Key Recovery 2.2.4 - Denial of Service (PoC)
|
|
2019-04-25
|
|
HeidiSQL 10.1.0.5464 - Denial of Service (PoC)
|
|
2019-04-25
|
|
Google Chrome 72.0.3626.121 / 74.0.3725.0 - 'NewFixedDoubleArray' Integer Overflow
|
|
2019-04-24
|
|
VirtualBox 6.0.4 r128413 - COM RPC Interface Code Injection Host Privilege Escalation
|
|
2019-04-24
|
|
Linux/x86 - Rabbit Shellcode Crypter (200 bytes)
|
|
2019-04-24
|
|
Linux - 'page->_refcount' Overflow via FUSE
|
|
2019-04-23
|
|
Linux - Missing Locking in Siemens R3964 Line Discipline Race Condition
|
|
2019-04-23
|
|
systemd - Lack of Seat Verification in PAM Module Permits Spoofing Active Session to polkit
|
|
2019-04-23
|
|
Ross Video DashBoard 8.5.1 - Insecure Permissions
|
|
2019-04-23
|
|
UliCMS 2019.2 / 2019.1 - Multiple Cross-Site Scripting
|
|
2019-04-22
|
|
ManageEngine Applications Manager 14.0 - Authentication Bypass / Remote Command Execution (Metasploit)
|
|
2019-04-22
|
|
Msvod 10 - Cross-Site Request Forgery (Change User Information)
|
|
2019-04-22
|
|
74CMS 5.0.1 - Cross-Site Request Forgery (Add New Admin User)
|
|
2019-04-22
|
|
LabF nfsAxe 3.7 Ping Client - 'Host IP' Buffer Overflow (Direct Ret)
|
|
2019-04-22
|
|
Linux/ARM - Password-Protected Reverse TCP Shellcode (100 bytes)
|
|
2019-04-22
|
|
Google Chrome 73.0.3683.103 V8 JavaScript Engine - Out-of-Memory in Invalid Table Size Denial of Service (PoC)
|
|
2019-04-22
|
|
WordPress Plugin Contact Form Builder 1.0.67 - Cross-Site Request Forgery / Local File Inclusion
|
|
2019-04-22
|
|
QNAP myQNAPcloud Connect 1.3.4.0317 - 'Username/Password' Denial of Service
|
|
2019-04-22
|
|
Ease Audio Converter 5.30 - '.mp4' Denial of Service (PoC)
|
|
2019-04-22
|
|
Atlassian Confluence Widget Connector Macro - Velocity Template Injection (Metasploit)
|
|
2019-04-19
|
|
SystemTap 1.3 - MODPROBE_OPTIONS Privilege Escalation (Metasploit)
|
|
2019-04-19
|
|
Oracle Business Intelligence / XML Publisher 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - XML External Entity Injection
|
|
2019-04-19
|
|
Oracle Business Intelligence 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - Directory Traversal
|
|
2019-04-19
|
|
LibreOffice < 6.0.7 / 6.1.3 - Macro Code Execution (Metasploit)
|
|
2019-04-18
|
|
Netwide Assembler (NASM) 2.14rc15 - NULL Pointer Dereference (PoC)
|
|
2019-04-18
|
|
ManageEngine Applications Manager 11.0 < 14.0 - SQL Injection / Remote Code Execution (Metasploit)
|
|
2019-04-18
|
|
Evernote 7.9 - Code Execution via Path Traversal
|
|
2019-04-18
|
|
Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in GlyphIterator::setCurrGlyphID
|
|
2019-04-17
|
|
Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in sc_FindExtrema4
|
|
2019-04-17
|
|
DHCP Server 2.5.2 - Denial of Service (PoC)
|
|
2019-04-17
|
|
ASUS HG100 - Denial of Service
|
|
2019-04-17
|
|
MailCarrier 2.51 - POP3 'RETR' SEH Buffer Overflow
|
|
2019-04-17
|
|
Microsoft Windows 10 1809 - LUAFV PostLuafvPostReadWrite SECTION_OBJECT_POINTERS Race Condition Privilege Escalation
|
|
2019-04-16
|
|
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cache Manager Poisoning Privilege Escalation
|
|
2019-04-16
|
|
Microsoft Windows 10 1809 - LUAFV NtSetCachedSigningLevel Device Guard Bypass
|
|
2019-04-16
|
|
Microsoft Windows 10 1809 - LUAFV LuafvCopyShortName Arbitrary Short Name Privilege Escalation
|
|
2019-04-16
|
|
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cross Process Handle Duplication Privilege Escalation
|
|
2019-04-16
|
|
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization MAXIMUM_ACCESS DesiredAccess Privilege Escalation
|
|
2019-04-16
|
|
Microsoft Windows 10 1809 / 1709 - CSRSS SxSSrv Cached Manifest Privilege Escalation
|
|
2019-04-16
|
|
AdminExpress 1.2.5 - 'Folder Path' Denial of Service (PoC)
|
|
2019-04-16
|
|
Joomla Core 1.5.0 - 3.9.4 - Directory Traversal / Authenticated Arbitrary File Deletion
|
|
2019-04-16
|
|
PCHelpWare V2 1.0.0.5 - 'Group' Denial of Service (PoC)
|
|
2019-04-16
|
|
PCHelpWare V2 1.0.0.5 - 'SC' Denial of Service (PoC)
|
|
2019-04-16
|
|
Zoho ManageEngine ADManager Plus 6.6 (Build < 6659) - Privilege Escalation
|
|
2019-04-16
|
|
Zyxel ZyWall 310 / ZyWall 110 / USG1900 / ATP500 / USG40 - Login Page Cross-Site Scripting
|
|
2019-04-16
|
|
Cisco RV130W Routers - Management Interface Remote Command Execution (Metasploit)
|
|
2019-04-15
|
|
Linux/x86 - Cat File Encode to base64 and post via curl to Webserver Shellcode (125 bytes)
|
|
2019-04-15
|