|
xorg-x11-server < 1.20.1 - Local Privilege Escalation Exploit
|
|
2018-11-13
|
|
XAMPP Control Panel 3.2.2 - Buffer Overflow (SEH) (Unicode) Exploit
|
|
2018-11-13
|
|
Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service Exploit
|
|
2018-11-13
|
|
Evince 3.24.0 - Command Injection Exploit
|
|
2018-11-13
|
|
CuteFTP Mac 3.1 - Denial of Service Exploit
|
|
2018-11-13
|
|
SIPve 0.0.2-R19 - SQL Injection
|
|
2018-11-13
|
|
Webiness Inventory 2.3 - SQL Injection
|
|
2018-11-13
|
|
Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery (Add Admin)
|
|
2018-11-13
|
|
Maitra Mail Tracking System 1.7.2 - SQL Injection / Database File Download
|
|
2018-11-13
|
|
Alive Parish 2.0.4 - SQL Injection / Arbitrary File Upload
|
|
2018-11-13
|
|
ClipperCMS 1.3.3 - Cross-Site Request Forgery (File Upload)
|
CVE-2018-19135
|
2018-11-13
|
|
Silurus Classifieds Script 2.0 - 'wcategory' SQL Injection
|
|
2018-11-13
|
|
Gumbo CMS 0.99 - SQL Injection
|
|
2018-11-13
|
|
ABC ERP 0.6.4 - Cross-Site Request Forgery (Update Admin)
|
|
2018-11-13
|
|
Easyndexer 1.0 - Arbitrary File Download
|
|
2018-11-13
|
|
Tina4 Stack 1.0.3 - Cross-Site Request Forgery (Update Admin)
|
|
2018-11-13
|
|
Tina4 Stack 1.0.3 - SQL Injection / Database File Download
|
|
2018-11-13
|
|
xorg-x11-server < 1.20.1 - Local Privilege Escalation
|
CVE-2018-14665
|
2018-11-13
|
|
Data Center Audit 2.6.2 - Cross-Site Request Forgery (Update Admin)
|
|
2018-11-13
|
|
Musicco 2.0.0 - Arbitrary Directory Download
|
|
2018-11-13
|
|
Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service
|
CVE-2018-15437
|
2018-11-13
|
|
XAMPP Control Panel 3.2.2 - Buffer Overflow (SEH) (Unicode)
|
|
2018-11-13
|
|
Alienor Web Libre 2.0 - SQL Injection
|
|
2018-11-13
|
|
Surreal ToDo 0.6.1.2 - Local File Inclusion
|
|
2018-11-13
|
|
Surreal ToDo 0.6.1.2 - SQL Injection
|
|
2018-11-13
|
|
Evince 3.24.0 - Command Injection
|
CVE-2017-1000083
|
2018-11-13
|
|
CuteFTP Mac 3.1 - Denial of Service (PoC)
|
|
2018-11-13
|
|
CentOS Web Panel 0.9.8.740 - Cross-Site Request Forgery / Cross-Site Scripting
|
CVE-2018-18772
|
2018-11-13
|
|
Linux/x86 - Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shellcode (58 bytes)
|
|
2018-11-13
|
|
Cisco Prime Infrastructure Unauthenticated Remote Code Execution Exploit
|
|
2018-11-13
|
|
Android 5.0 Battery Information Broadcast Information Disclosure Vulnerability
|
|
2018-11-13
|
|
Android RSSI Broadcast Information Disclosure Vulnerability
|
|
2018-11-13
|
|
ServerZilla 1.0 - email SQL Injection Vulnerability
|
|
2018-11-12
|
|
Nominas 0.27 - username SQL Injection Vulnerability
|
|
2018-11-12
|
|
GPS Tracking System 2.12 - username SQL Injection Vulnerability
|
|
2018-11-12
|
|
Facturation System 1.0 - modid SQL Injection Vulnerability
|
|
2018-11-12
|
|
The Don 1.0.1 - login SQL Injection Vulnerability
|
|
2018-11-12
|
|
Paroiciel 11.20 - tRecIdListe SQL Injection Vulnerability
|
|
2018-11-12
|
|
Easyndexer 1.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
|
|
2018-11-12
|
|
Vignette Content Management 6 Security Bypass Vulnerability
|
|
2018-11-12
|
|
Advanced Comment System 1.0 SQL Injection Vulnerability
|
|
2018-11-12
|
|
Netscape Enterprise 3.63 Cross Site Scripting Vulnerability
|
|
2018-11-12
|
|
Mongoose Web Server 6.9 - Denial of Service Exploit
|
|
2018-11-12
|
|
CuteFTP 9.3.0.3 - Denial of Service Exploit
|
|
2018-11-12
|
|
TP-Link Archer C50 Wireless Router 171227 - CSRF (Configuration File Disclosure) Vulnerability
|
|
2018-11-12
|
|
WordPress WP User Manager 2.0.8 SQL Injection Vulnerability
|
|
2018-11-12
|
|
WordPress PeepSo 1.11.2 XSS / SQL Injection Vulnerabilities
|
|
2018-11-12
|
|
Wordpress Media File Manager 1.4.2 Plugin - Directory Traversal Vulnerability
|
|
2018-11-12
|
|
Data Center Audit 2.6.2 - username SQL Injection Vulnerability
|
|
2018-11-12
|
|
TufinOS 2.17 Build 1193 - XML External Entity Injection Vulnerability
|
|
2018-11-12
|
|
HeidiSQL 9.5.0.5196 - Denial of Service Exploit
|
|
2018-11-12
|
|
Nominas 0.27 - 'username' SQL Injection
|
|
2018-11-12
|
|
Mongoose Web Server 6.9 - Denial of Service (PoC)
|
|
2018-11-12
|
|
D-LINK Central WifiManager CWM-100 - Server-Side Request Forgery
|
|
2018-11-12
|
|
ServerZilla 1.0 - 'email' SQL Injection
|
|
2018-11-12
|
|
GPS Tracking System 2.12 - 'username' SQL Injection
|
|
2018-11-12
|
|
Easyndexer 1.0 - Cross-Site Request Forgery (Add Admin)
|
|
2018-11-12
|
|
CuteFTP 9.3.0.3 - Denial of Service (PoC)
|
|
2018-11-12
|
|
Facturation System 1.0 - 'modid' SQL Injection
|
|
2018-11-12
|
|
The Don 1.0.1 - 'login' SQL Injection
|
|
2018-11-12
|
|
TP-Link Archer C50 Wireless Router 171227 - Cross-Site Request Forgery (Configuration File Disclosure)
|
|
2018-11-12
|
|
Paroiciel 11.20 - 'tRecIdListe' SQL Injection
|
|
2018-11-12
|
|
Wordpress Plugin Media File Manager 1.4.2 - Directory Traversal
|
|
2018-11-12
|
|
TufinOS 2.17 Build 1193 - XML External Entity Injection
|
|
2018-11-12
|
|
Data Center Audit 2.6.2 - 'username' SQL Injection
|
|
2018-11-12
|
|
HeidiSQL 9.5.0.5196 - Denial of Service (PoC)
|
|
2018-11-12
|
|
Windows/x86 - Messagebox Shellcode 358 bytes
|
|
2018-11-11
|
|
Cisco Immunet / Cisco AMP For Endpoints Scanning Denial Of Service Exploit
|
|
2018-11-11
|
|
Microsoft Windows 10 (Build 17134) - Local Privilege Escalation (UAC Bypass) Exploit
|
|
2018-11-11
|
|
D-LINK Central WifiManager (CWM 100) 1.03 r0098 Man-In-The-Middle Vulnerability
|
|
2018-11-11
|
|
D-LINK Central WifiManager (CWM 100) 1.03 r0098 Server-Side Request Forgery Vulnerability
|
|
2018-11-11
|
|
D-LINK Central WifiManager (CWM 100) 1.03 r0098 DLL Hijacking Exploit
|
|
2018-11-11
|
|
OpenSLP 2.0.0 - Multiple Vulnerabilities
|
|
2018-11-11
|
|
Microsoft Windows 10 (Build 17134) - Local Privilege Escalation (UAC Bypass)
|
|
2018-11-09
|
|
OpenSLP 2.0.0 - Multiple Vulnerabilities
|
CVE-2016-7567
|
2018-11-09
|
|
Cradlepoint Router Password Disclosure Vulnerability
|
|
2018-11-08
|
|
Dell OpenManage Network Manager 6.2.0.51 SP3 Privilege Escalation Exploit
|
|
2018-11-07
|
|
CI User Login and Management 1.0 - Arbitrary File Upload Vulnerability
|
|
2018-11-07
|
|
Arm Whois 3.11 - Buffer Overflow (SEH) Exploit
|
|
2018-11-07
|
|
libiec61850 1.3 - Stack Based Buffer Overflow
|
|
2018-11-07
|
|
LibreHealth 2.0.0 - Arbitrary File Actions Vulnerability
|
|
2018-11-07
|
|
OpenBiz Cubi Lite 3.0.8 - username SQL Injection Vulnerability
|
|
2018-11-07
|
|
Grocery crud 1.6.1 - search_field SQL Injection Vulnerability
|
|
2018-11-07
|
|
VSAXESS V2.6.2.70 build20171226_053 - organization Denial of Service Exploit
|
|
2018-11-07
|
|
OOP CMS BLOG 1.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
|
|
2018-11-07
|
|
eToolz 3.4.8.0 - Denial of Service Exploit
|
|
2018-11-07
|
|
OOP CMS BLOG 1.0 - search SQL Injection Vulnerability
|
|
2018-11-07
|
|
PlayJoom 0.10.1 - catid SQL Injection Vulnerability
|
|
2018-11-07
|
|
Blue Server 1.1 - Denial of Service Exploit
|
|
2018-11-07
|
|
XNU Kernel iOS / macOS heap buffer overflow Exploit
|
|
2018-11-07
|
|
FaceTime - VCPDecompressionDecodeFrame Memory Corruption Exploit
|
|
2018-11-07
|
|
FaceTime - readSPSandGetDecoderParams Stack Corruption Exploit
|
|
2018-11-07
|
|
FaceTime - RTP Video Processing Heap Corruption Exploit
|
|
2018-11-07
|
|
Morris Worm fingerd Stack Buffer Overflow Exploit
|
|
2018-11-07
|
|
Morris Worm sendmail Debug Mode Shell Escape Exploit
|
|
2018-11-07
|
|
blueimp jQuery Arbitrary File Upload Exploit
|
|
2018-11-07
|
|
QBee Camera / iSmartAlarm Credential Disclosure Vulnerability
|
|
2018-11-07
|
|
CMS Made Simple 2.2.7 Remote Code Execution Exploit
|
|
2018-11-07
|
|
CentOS Web Panel Root Account Takeover <= v0.9.8.740 Remote Command Execution Exploit
|
|
2018-11-07
|
|
Easy File Sharing Web Server 7.2 - author Remote Buffer Overflow (SEH) Exploit
|
|
2018-11-07
|
|
Microsoft Internet Explorer 11 - Null Pointer Dereference Exploit
|
|
2018-11-07
|
|
Softros LAN Messenger 9.2 - Denial of Service Exploit
|
|
2018-11-07
|
|
Intel (Skylake / Kaby Lake) - PortSmash CPU SMT Side-Channel Exploit
|
|
2018-11-07
|
|
Virgin Media Hub 3.0 Router - Denial of Service Exploit
|
|
2018-11-07
|
|
Mongo Web Admin 6.0 - Information Disclosure Vulnerability
|
|
2018-11-07
|
|
Poppy Web Interface Generator 0.8 - Arbitrary File Upload Vulnerability
|
|
2018-11-07
|
|
Voovi Social Networking Script 1.0 - user SQL Injection Vulnerability
|
|
2018-11-07
|
|
PHP Proxy 3.0.3 - Local File Inclusion Exploit
|
|
2018-11-07
|
|
Advantech WebAccess SCADA 8.3.2 - Remote Code Execution Exploit
|
|
2018-11-07
|
|
WebVet 0.1a - id SQL Injection Vulnerability
|
|
2018-11-07
|
|
SiAdmin 1.1 - id SQL Injection Vulnerability
|
|
2018-11-07
|
|
LiquidVPN For macOS 1.3.7 Privilege Escalation Vulnerability
|
|
2018-11-07
|
|
Royal TSX Information Disclosure Vulnerability
|
|
2018-11-07
|
|
Yot CMS 3.3.1 - aid SQL Injection Vulnerability
|
|
2018-11-07
|
|
qdPM 9.1 - filter_by SQL Injection Vulnerability
|
|
2018-11-07
|
|
Zint Barcode Generator 2.6 - Denial of Service Exploit
|
|
2018-11-07
|
|
CdCatalog 2.3.1 - Denial of Service Exploit
|
|
2018-11-07
|
|
WinMTR 0.91 - Denial of Service Exploit
|
|
2018-11-07
|
|
Gate Pass Management System 2.1 - login SQL Injection Vulnerability
|
|
2018-11-07
|
|
Jelastic 5.4 - host SQL Injection Vulnerability
|
|
2018-11-07
|
|
Fantastic Blog CMS 1.0 - id SQL Injection Vulnerability
|
|
2018-11-07
|
|
Sourcetree Git Arbitrary Code Execution Vulnerability
|
|
2018-11-07
|
|
Anviz AIM CrossChex Standard 4.3 Excel Macro Injection Vulnerability
|
|
2018-11-07
|
|
WebDrive 18.00.5057 - Denial of Service Exploit
|
|
2018-11-07
|
|
Arm Whois 3.11 - Denial of Service Exploit
|
|
2018-11-07
|
|
Artha The Open Thesaurus 1.0.3.0 - Denial of Service Exploit
|
|
2018-11-07
|
|
gVisor runsc Guest -> Host Breakout Via Filesystem Cache Desync
|
|
2018-11-07
|
|
EE 4GEE HH70VB-2BE8GB3 HH70_E1_02.00_19 Hard-Coded Credentails Vulnerability
|
|
2018-11-07
|
|
Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution Exploit
|
|
2018-11-07
|
|
Asaancart Simple PHP Shopping Cart 0.9 - Arbitrary File Upload / SQL Injection Vulnerabilities
|
|
2018-11-07
|
|
Notes Manager 1.0 - Arbitrary File Upload Vulnerability
|
|
2018-11-07
|
|
Microstrategy Web 7 - Cross-Site Scripting / Directory Traversal Vulnerabilities
|
|
2018-11-07
|
|
University Application System 1.0 - SQL Injection / Cross-Site Request Forgery (Add Admin)
|
|
2018-11-07
|
|
Exploit
|
|
2018-11-07
|
|
Exploit
|
|
2018-11-06
|
|
Exploit
|
|
2018-11-06
|
|
OpenBiz Cubi Lite 3.0.8 - 'username' SQL Injection
|
|
2018-11-06
|
|
OOP CMS BLOG 1.0 - 'search' SQL Injection
|
|
2018-11-06
|
|
libiec61850 1.3 - Stack Based Buffer Overflow
|
CVE-2018-18957
|
2018-11-06
|
|
eToolz 3.4.8.0 - Denial of Service (PoC)
|
|
2018-11-06
|
|
Arm Whois 3.11 - Buffer Overflow (SEH)
|
|
2018-11-06
|
|
Grocery crud 1.6.1 - 'search_field' SQL Injection
|
|
2018-11-06
|
|
OOP CMS BLOG 1.0 - Cross-Site Request Forgery (Add Admin)
|
|
2018-11-06
|
|
CMS Made Simple 2.2.7 - Remote Code Execution
|
CVE-2018-10517
|
2018-11-06
|
|
Blue Server 1.1 - Denial of Service (PoC)
|
|
2018-11-06
|
|
Morris Worm - fingerd Stack Buffer Overflow (Metasploit)
|
|
2018-11-06
|
|
blueimp's jQuery 9.22.0 - (Arbitrary) File Upload (Metasploit)
|
CVE-2018-9206
|
2018-11-06
|
|
Morris Worm - sendmail Debug Mode Shell Escape (Metasploit)
|
|
2018-11-06
|
|
FaceTime - 'VCPDecompressionDecodeFrame' Memory Corruption
|
CVE-2018-4366
|
2018-11-06
|
|
FaceTime - 'readSPSandGetDecoderParams' Stack Corruption
|
CVE-2018-4367
|
2018-11-06
|
|
FaceTime - RTP Video Processing Heap Corruption
|
CVE-2018-4384
|
2018-11-06
|
|
Intel (Skylake / Kaby Lake) - 'PortSmash' CPU SMT Side-Channel
|
CVE-2018-5407
|
2018-11-05
|
|
Voovi Social Networking Script 1.0 - 'user' SQL Injection
|
|
2018-11-05
|
|
Royal TS/X - Information Disclosure
|
CVE-2018-18865
|
2018-11-05
|
|
LiquidVPN 1.36 / 1.37 - Privilege Escalation
|
CVE-2018-18856
|
2018-11-05
|
|
Softros LAN Messenger 9.2 - Denial of Service (PoC)
|
|
2018-11-05
|
|
PHP Proxy 3.0.3 - Local File Inclusion
|
|
2018-11-05
|
|
Mongo Web Admin 6.0 - Information Disclosure
|
|
2018-11-05
|
|
Microsoft Internet Explorer 11 - Null Pointer Difference
|
|
2018-11-05
|
|
Poppy Web Interface Generator 0.8 - Arbitrary File Upload
|
|
2018-11-05
|
|
Virgin Media Hub 3.0 Router - Denial of Service (PoC)
|
|
2018-11-05
|
|
WebVet 0.1a - 'id' SQL Injection
|
|
2018-11-05
|
|
Advantech WebAccess SCADA 8.3.2 - Remote Code Execution
|
CVE-2018-15705
|
2018-11-05
|
|
SiAdmin 1.1 - 'id' SQL Injection
|
|
2018-11-05
|
|
Zint Barcode Generator 2.6 - Denial of Service (PoC)
|
|
2018-11-04
|
|
CdCatalog 2.3.1 - Denial of Service (PoC)
|
|
2018-11-04
|
|
WinMTR 0.91 - Denial of Service (PoC)
|
|
2018-11-04
|
|
Yot CMS 3.3.1 - 'aid' SQL Injection
|
|
2018-11-04
|
|
qdPM 9.1 - 'filter_by' SQL Injection
|
|
2018-11-04
|
|
Gate Pass Management System 2.1 - 'login' SQL Injection
|
|
2018-11-04
|
|
Anviz AIM CrossChex Standard 4.3 - CSV Injection
|
|
2018-11-04
|
|
Jelastic 5.4 - 'host' SQL Injection
|
|
2018-11-04
|
|
Fantastic Blog CMS 1.0 - 'id' SQL Injection
|
|
2018-11-04
|
|
Arm Whois 3.11 - Denial of Service (PoC)
|
|
2018-11-04
|
|
WebDrive 18.00.5057 - Denial of Service (PoC)
|
|
2018-11-04
|
|
Artha The Open Thesaurus 1.0.3.0 - Denial of Service (PoC)
|
|
2018-11-04
|
|
SmartFTP Client 9.0.2615.0 - Denial of Service (PoC)
|
|
2018-11-04
|
|
Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution
|
|
2018-11-04
|
|
CI User Login and Management 1.0 - Arbitrary File Upload
|
|
2018-11-04
|
|
Asaancart Simple PHP Shopping Cart 0.9 - Arbitrary File Upload / SQL Injection
|
|
2018-11-04
|
|
Microstrategy Web 7 - Cross-Site Scripting / Directory Traversal
|
CVE-2018-18775
|
2018-11-04
|
|
Instagram Clone 1.0 - Arbitrary File Upload
|
|
2018-11-04
|
|
Notes Manager 1.0 - Arbitrary File Upload
|
|
2018-11-04
|
|
University Application System 1.0 - SQL Injection / Cross-Site Request Forgery (Add Admin)
|
|
2018-11-04
|
|
Expense Management 1.0 - Arbitrary File Upload
|
|
2018-11-04
|
|
SIPp 3.3.990 - Local Buffer Overflow (PoC)
|
|
2018-11-04
|
|
QNAP NetBak Replicator 4.5.6.0607 - Denial of Service (PoC)
|
|
2018-11-04
|
|
Nutanix AOS & Prism < 5.5.5 (LTS) / < 5.8.1 (STS) - SFTP Authentication Bypass
|
|
2018-11-04
|
|
MyBB Downloads 2.0.3 - SQL Injection
|
|
2018-11-04
|
|
ZyXEL VMG3312-B10B < 1.00(AAPP.7) - Credential Disclosure
|
|
2018-11-04
|
|
Phrack: Viewer Discretion Advised: (De)coding an iOS Kernel Vulnerability (Adam Donenfeld)
|
|
2018-11-04
|
|
Any Sound Recorder 2.93 - Buffer Overflow Local (SEH) (Metasploit)
|
|
2018-11-04
|
|
Windows/x64 - Remote (Bind TCP) Keylogger Shellcode (864 bytes) (Generator)
|
|
2018-11-04
|
|
xorg-x11-server 1.20.3 - Privilege Escalation
|
CVE-2018-14665
|
2018-11-04
|
|
NETGEAR WiFi Router R6120 - Credential Disclosure
|
|
2018-11-04
|
|
Webiness Inventory 2.9 - Arbitrary File Upload
|
|
2018-11-04
|
|
phptpoint Pharmacy Management System 1.0 - 'username' SQL Injection
|
|
2018-11-04
|
|
R 3.4.4 (Windows 10 x64) - Buffer Overflow (DEP/ASLR Bypass)
|
|
2018-11-04
|
|
Electricks eCommerce 1.0 - 'prodid' SQL Injection
|
|
2018-11-04
|
|
South Gate Inn Online Reservation System 1.0 - 'q' SQL Injection
|
|
2018-11-04
|
|
K-iwi Framework 1775 - SQL Injection
|
CVE-2018-18755
|
2018-11-04
|
|
SaltOS Erp Crm 3.1 r8126 - Database File Download
|
CVE-2018-18762
|
2018-11-04
|
|
SaltOS Erp Crm 3.1 r8126 - SQL Injection (2)
|
CVE-2018-18763
|
2018-11-04
|
|
Modbus Slave 7.0.0 - Denial of Service (PoC)
|
CVE-2018-18759
|
2018-11-04
|
|
SaltOS Erp Crm 3.1 r8126 - SQL Injection
|
CVE-2018-18761
|
2018-11-04
|
|
E-Negosyo System 1.0 - SQL Injection
|
CVE-2018-18801
|
2018-11-04
|
|
RhinOS CMS 3.x - Arbitrary File Download
|
CVE-2018-18760
|
2018-11-04
|
|
PayPal-Credit Card-Debit Card Payment 1.0 - SQL Injection
|
CVE-2018-18800
|
2018-11-04
|
|
School Attendance Monitoring System 1.0 - SQL Injection
|
CVE-2018-18798
|
2018-11-04
|
|
School Attendance Monitoring System 1.0 - Arbitrary File Upload
|
CVE-2018-18799
|
2018-11-04
|
|
School Attendance Monitoring System 1.0 - Cross-Site Request Forgery (Update Admin)
|
CVE-2018-18797
|
2018-11-04
|
|
School Event Management System 1.0 - Cross-Site Request Forgery (Update Admin)
|
CVE-2018-18794
|
2018-11-04
|
|
School Event Management System 1.0 - Arbitrary File Upload
|
CVE-2018-18793
|
2018-11-04
|
|
School Event Management System 1.0 - SQL Injection
|
CVE-2018-18795
|
2018-11-04
|
|
Point of Sales (POS) in VB.Net MySQL Database 1.0 - SQL Injection
|
CVE-2018-18805
|
2018-11-04
|
|
Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection
|
CVE-2018-18804
|
2018-11-04
|
|
Curriculum Evaluation System 1.0 - SQL Injection
|
CVE-2018-18803
|
2018-11-04
|
|
Aplaya Beach Resort Online Reservation System 1.0 - SQL Injection / Cross-Site Request Forgery
|
|
2018-11-04
|
|
MTGAS MOGG Web Simulator Script - SQL Injection
|
|
2018-11-04
|
|
ASRock Drivers - Privilege Escalation
|
CVE-2018-10709
|
2018-11-04
|
|
systemd - chown_one() can Dereference Symlinks
|
CVE-2018-15687
|
2018-11-04
|
|
systemd - reexec State Injection
|
CVE-2018-15686
|
2018-11-04
|
|
Card Payment 1.0 - Cross-Site Request Forgery (Update Admin)
|
|
2018-11-04
|
|
Paramiko 2.4.1 - Authentication Bypass
|
CVE-2018-7750
|
2018-11-04
|
|
Local Server 1.0.9 - Denial of Service (PoC)
|
|
2018-11-04
|
|
Modbus Slave PLC 7 - '.msw' Buffer Overflow (PoC)
|
|
2018-11-04
|
|
School Equipment Monitoring System 1.0 - 'login' SQL Injection
|
|
2018-11-04
|
|
AlienIP 2.41 - Denial of Service (PoC)
|
|
2018-11-04
|
|
Open Faculty Evaluation System 7 - 'batch_name' SQL Injection
|
|
2018-11-04
|
|
Library Management System 1.0 - 'frmListBooks' SQL Injection
|
|
2018-11-04
|
|
Navicat 12.0.29 - 'SSH' Denial of Service (PoC)
|
|
2018-11-04
|
|
Grapixel New Media 2 - 'pageref' SQL Injection
|
|
2018-11-04
|
|
Open Faculty Evaluation System 5.6 - 'batch_name' SQL Injection
|
|
2018-11-04
|
|
Veterinary Clinic Management 00.02 - 'editpetnum' SQL Injection
|
|
2018-11-04
|
|
Delta Sql 1.8.2 - 'id' SQL Injection
|
|
2018-11-04
|
|
MPS Box 0.1.8.0 - Arbitrary File Upload
|
|
2018-11-04
|
|
Quick Count 2.0 - 'txtInstID' SQL Injection
|
|
2018-11-04
|
|
xorg-x11-server < 1.20.3 - Local Privilege Escalation
|
CVE-2018-14665
|
2018-11-04
|
|
WebEx - Local Service Permissions Exploit (Metasploit)
|
CVE-2018-15442
|
2018-11-04
|
|
WebExec - Authenticated User Code Execution (Metasploit)
|
CVE-2018-15442
|
2018-11-04
|
|
libtiff 4.0.9 - Decodes Arbitrarily Sized JBIG into a Target Buffer
|
CVE-2018-18557
|
2018-11-04
|
|
Open STA Manager 2.3 - Arbitrary File Download
|
|
2018-11-04
|
|
MPS Box 0.1.8.0 - 'uuid' SQL Injection
|
|
2018-11-04
|
|
AjentiCP 1.2.23.13 - Cross-Site Scripting
|
CVE-2018-18548
|
2018-11-04
|
|
AiOPMSD Final 1.0.0 - 'q' SQL Injection
|
|
2018-11-04
|
|
Simple POS and Inventory 1.0 - 'cat' SQL Injection
|
|
2018-11-04
|
|
ClipBucket 2.8 - 'id' SQL Injection
|
|
2018-11-04
|
|
Adult Filter 1.0 - Buffer Overflow (SEH)
|
|
2018-11-04
|
|
User Management 1.1 - Cross-Site Scripting
|
CVE-2018-18419
|
2018-11-04
|
|
Delta Sql 1.8.2 - Arbitrary File Upload
|
|
2018-11-04
|
|
Simple Chat System 1.0 - 'id' SQL Injection
|
|
2018-11-04
|
|
phptpoint Hospital Management System 1.0 - 'user' SQL injection
|
|
2018-11-04
|
|
phptpoint Pharmacy Management System 1.0 - 'username' SQL injection
|
|
2018-11-04
|
|
Ekushey Project Manager CRM 3.1 - Cross-Site Scripting
|
CVE-2018-18417
|
2018-11-04
|
|
ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution
|
|
2018-11-04
|
|
BORGChat 1.0.0 build 438 - Denial of Service (PoC)
|
|
2018-11-04
|
|
D-Link Routers - Directory Traversal
|
CVE-2018-10822
|
2018-11-04
|
|
D-Link Routers - Plaintext Password
|
CVE-2018-10824
|
2018-11-04
|
|
D-Link Routers - Command Injection
|
CVE-2018-10823
|
2018-11-04
|
|
Microsoft Data Sharing - Local Privilege Escalation (PoC)
|
|
2018-11-04
|
|
Apache OFBiz 16.11.04 - XML External Entity Injection
|
|
2018-11-04
|
|
LANGO Codeigniter Multilingual Script 1.0 - Cross-Site Scripting
|
CVE-2018-18416
|
2018-11-04
|
|
exim 4.90 - Remote Code Execution
|
CVE-2018-6789
|
2018-11-04
|
|
Adult Filter 1.0 - Denial of Service (PoC)
|
|
2018-11-04
|
|
Linux/x86 - execve(/bin/cat /etc/ssh/sshd_config) Shellcode 44 Bytes
|
|
2018-11-04
|
|
Axioscloud Sissiweb Registro Elettronico 7.0.0 - 'Error_desc' Cross-Site Scripting
|
CVE-2018-18437
|
2018-11-04
|
|
Fifa Master XLS 2.3.2 - 'usw' SQL Injection
|
|
2018-11-04
|
|
SG ERP 1.0 - 'info' SQL Injection
|
|
2018-11-04
|
|
MGB OpenSource Guestbook 0.7.0.2 - 'id' SQL Injection
|
|
2018-11-04
|
|
SIM-PKH 2.4.1 - 'id' SQL Injection
|
|
2018-11-04
|
|
School ERP Pro+Responsive 1.0 - 'fid' SQL Injection
|
|
2018-11-04
|
|
School ERP Pro+Responsive 1.0 - Arbitrary File Download
|
|
2018-11-04
|
|
ServersCheck Monitoring Software 14.3.3 - 'id' SQL Injection
|
|
2018-11-04
|
|
Microsoft Windows 10 - Local Privilege Escalation (UAC Bypass)
|
|
2018-11-04
|
|
SIM-PKH 2.4.1 - Arbitrary File Upload
|
|
2018-11-04
|
|
ServersCheck Monitoring Software 14.3.3 - Arbitrary File Write
|
|
2018-11-04
|
|
Appsource School Management System 1.0 - 'student_id' SQL Injection
|
|
2018-11-04
|
|
Viva Visitor & Volunteer ID Tracking 0.95.1 - 'fname' SQL Injection
|
|
2018-11-04
|
|
The Open ISES Project 3.30A - Arbitrary File Download
|
|
2018-11-04
|
|
eNdonesia Portal 8.7 - 'artid' SQL Injection
|
|
2018-11-04
|
|
Windows - SetImeInfoEx Win32k NULL Pointer Dereference (Metasploit)
|
CVE-2018-8120
|
2018-11-04
|
|
Apple iOS Kernel - Use-After-Free due to bad Error Handling in Personas
|
|
2018-11-04
|
|
Apple iOS/macOS - Kernel Memory Corruption due to Integer Overflow in IOHIDResourceQueue::enqueueReport
|
|
2018-11-04
|
|
Apple iOS/macOS - Sandbox Escape due to mach Message sent from Shared Memory
|
|
2018-11-04
|
|
Apple iOS - Kernel Stack Memory Disclosure due to Failure to Check copyin Return Value
|
|
2018-11-04
|
|
Apple iOS/macOS - Sandbox Escape due to Trusted Length Field in Shared Memory used by HID Event Subsystem
|
|
2018-11-04
|
|
Apple Intel GPU Driver - Use-After-Free/Double-Delete due to bad Locking
|
|
2018-11-04
|
|
School ERP Ultimate 2018 - 'fid' SQL Injection
|
|
2018-11-04
|
|
The Open ISES Project 3.30A - 'tick_lat' SQL Injection
|
|
2018-11-04
|
|
Audacity 2.3 - Denial of Service (PoC)
|
|
2018-11-04
|
|
Oracle Siebel CRM 8.1.1 - CSV Injection
|
|
2018-11-04
|
|
School ERP Ultimate 2018 - Arbitrary File Download
|
|
2018-11-04
|
|
Modbus Poll 7.2.2 - Denial of Service (PoC)
|
|
2018-11-04
|
|
MySQL Edit Table 1.0 - 'id' SQL Injection
|
|
2018-11-04
|
|
Expense Management 1.0 - Arbitrary File Upload Vulnerability
|
|
2018-10-31
|
|
MyBB Downloads 2.0.3 - SQL Injection Vulnerability
|
|
2018-10-31
|
|
NETGEAR WiFi Router R6120 - Credential Disclosure Vulnerability
|
|
2018-10-31
|
|
Webiness Inventory 2.9 - Arbitrary File Upload Vulnerability
|
|
2018-10-31
|
|
Electricks eCommerce 1.0 - prodid SQL Injection Vulnerability
|
|
2018-10-31
|
|
South Gate Inn Online Reservation System 1.0 - q SQL Injection Vulnerability
|
|
2018-10-31
|
|
K-iwi Framework 1775 - SQL Injection Vulnerability
|
|
2018-10-31
|
|
SaltOS Erp Crm 3.1 r8126 - Database File Download Vulnerability
|
|
2018-10-31
|
|
SaltOS Erp Crm 3.1 r8126 - SQL Injection Vulnerability (2)
|
|
2018-10-31
|
|
SaltOS Erp Crm 3.1 r8126 - SQL Injection Vulnerability
|
|
2018-10-31
|
|
E-Negosyo System 1.0 - SQL Injection Vulnerability
|
|
2018-10-31
|
|
RhinOS CMS 3.x - Arbitrary File Download Vulnerability
|
|
2018-10-31
|
|
SmartFTP Client 9.0.2615.0 - Denial of Service Exploit
|
|
2018-10-31
|
|
School Attendance Monitoring System 1.0 - SQL Injection Vulnerability
|
|
2018-10-31
|
|
School Attendance Monitoring System 1.0 - Arbitrary File Upload Vulnerability
|
|
2018-10-31
|
|
School Attendance Monitoring System 1.0 - Cross-Site Request Forgery (Update Admin) Vulnerability
|
|
2018-10-31
|
|
School Event Management System 1.0 - Cross-Site Request Forgery (Update Admin) Vulnerability
|
|
2018-10-31
|
|
School Event Management System 1.0 - Arbitrary File Upload Vulnerability
|
|
2018-10-31
|
|
School Event Management System 1.0 - SQL Injection Vulnerability
|
|
2018-10-31
|
|
Point of Sales (POS) in VB.Net MySQL Database 1.0 - SQL Injection Vulnerability
|
|
2018-10-31
|
|
Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection Vulnerability
|
|
2018-10-31
|
|
Curriculum Evaluation System 1.0 - SQL Injection Vulnerability
|
|
2018-10-31
|
|
Aplaya Beach Resort Online Reservation System 1.0 - SQL Injection / Cross-Site Request Forgery
|
|
2018-10-31
|
|
MTGAS MOGG Web Simulator Script - SQL Injection Vulnerability
|
|
2018-10-31
|
|
Card Payment 1.0 - Cross-Site Request Forgery (Update Admin) Vulnerability
|
|
2018-10-31
|
|
Library Management System 1.0 - frmListBooks SQL Injection Vulnerability
|
|
2018-10-31
|
|
Grapixel New Media 2 - pageref SQL Injection Vulnerability
|
|
2018-10-31
|
|
Open Faculty Evaluation System 7 - batch_name SQL Injection Vulnerability
|
|
2018-10-31
|
|
Instagram Clone 1.0 - Arbitrary File Upload Vulnerability
|
|
2018-10-31
|
|
SIPp 3.3.990 - Local Buffer Overflow Exploit
|
|
2018-10-31
|
|
QNAP NetBak Replicator 4.5.6.0607 - Denial of Service Exploit
|
|
2018-10-31
|
|
ZyXEL VMG3312-B10B < 1.00(AAPP.7) - Credential Disclosure Exploit
|
|
2018-10-31
|
|
systemd - reexec State Injection Exploit
|
|
2018-10-31
|
|
xorg #x11 #server 1.20.3 - Privilege Escalation Exploit (3)
|
|
2018-10-30
|
|
R 3.4.4 ( #Windows10 x64) - Buffer Overflow (DEP/ASLR Bypass) Exploit
|
|
2018-10-30
|
|
AnySoundRecorder 2.93 - Buffer Overflow Local (SEH) Exploit
|
|
2018-10-30
|
|
PayPal / Credit Card / Debit Card Payment 1.0 SQL Injection Vulnerability
|
|
2018-10-30
|
|
Windows/x64 - Remote (Bind TCP) Keylogger Shellcode (Generator) 864 bytes
|
|
2018-10-30
|
|
Nutanix AOS & Prism < 5.5.5 (LTS) / < 5.8.1 (STS) SFTP Authentication Bypass Vulnerability
|
|
2018-10-30
|
|
Navicat 12.0.29 - SSH Denial of Service Exploit
|
|
2018-10-30
|
|
AlienIP 2.41 - Denial of Service Exploit
|
|
2018-10-30
|
|
systemd - chown_one() can Dereference Symlinks Exploit
|
|
2018-10-30
|
|
Modbus Slave 7.0.0 - Denial of Service Exploit
|
|
2018-10-30
|
|
Modbus Slave PLC 7 - .msw Buffer Overflow Exploit
|
|
2018-10-30
|
|
Paramiko 2.4.1 - Authentication Bypass Exploit
|
|
2018-10-30
|
|
Local Server 1.0.9 - Denial of Service Exploit
|
|
2018-10-30
|
|
School Equipment Monitoring System 1.0 - login SQL Injection Vulnerability
|
|
2018-10-30
|
|
HID ActivID ActivClient 7.1.0.202 Heap Spray / Denial Of Service Vulnerability
|
|
2018-10-30
|
|
Joomla Responsive eXtro jQuery Gallery 2.1.0 Component - filter_category SQL Injection Vulnerability
|
|
2018-10-30
|
|
Joomla Com_Ajax Component Jsnextfw Plugin Jform_Article Incorrect Default Permission Vulnerability
|
|
2018-10-30
|
|
WordPress Arforms 3.5.1 Arbitrary File Delete Exploit
|
|
2018-10-30
|
|
ASRock Drivers Privilege Escalation / Code Execution Exploit
|
|
2018-10-30
|
|
Webiness Inventory 2.9 Shell Upload Exploit
|
|
2018-10-30
|
|
Shell In A Box 2.2.0 Denial Of Service Exploit
|
|
2018-10-30
|
|
MPS Box 0.1.8.0 - Arbitrary File Upload Vulnerability
|
|
2018-10-30
|
|
Veterinary Clinic Management 00.02 - editpetnum SQL Injection Vulnerability
|
|
2018-10-30
|
|
Quick Count 2.0 - txtInstID SQL Injection Vulnerability
|
|
2018-10-30
|
|
Delta Sql 1.8.2 - id SQL Injection Vulnerability
|
|
2018-10-30
|
|
Linux systemd Line Splitting Exploit
|
|
2018-10-30
|
|
Linux systemd Symlink Dereference Via chown_one() Exploit
|
|
2018-10-30
|
|
xorg-x11-server 1.20.3 - Local Privilege Escalation Exploit (2)
|
|
2018-10-30
|
|
xorg-x11-server 1.20.3 - Local Privilege Escalation Exploit
|
|
2018-10-30
|
|
Oracle Hyperion Planning 11.1.2.4 Cross Site Scripting Vulnerability
|
|
2018-10-30
|
|
Open STA Manager 2.3 - Arbitrary File Download Vulnerability
|
|
2018-10-30
|
|
MPS Box 0.1.8.0 - uuid SQL Injection Vulnerability
|
|
2018-10-30
|
|
AjentiCP 1.2.23.13 - Cross-Site Scripting Vulnerability
|
|
2018-10-30
|
|
AiOPMSD Final 1.0.0 - q SQL Injection Vulnerability
|
|
2018-10-30
|
|
ClipBucket 2.8 - id SQL Injection Vulnerability
|
|
2018-10-30
|
|
User Management 1.1 - Cross-Site Scripting Vulnerability
|
|
2018-10-30
|
|
Delta Sql 1.8.2 - Arbitrary File Upload Vulnerability
|
|
2018-10-30
|
|
Simple POS and Inventory 1.0 - cat SQL Injection Vulnerability
|
|
2018-10-30
|
|
Simple Chat System 1.0 - id SQL Injection Vulnerability
|
|
2018-10-30
|
|
ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution Exploit
|
|
2018-10-30
|
|
Ekushey Project Manager CRM 3.1 - Cross-Site Scripting Vulnerability
|
|
2018-10-30
|
|
PHPTPoint Pharmacy Management System 1.0 - username SQL injection Vulnerability
|
|
2018-10-30
|
|
BORGChat 1.0.0 build 438 - Denial of Service Exploit
|
|
2018-10-30
|
|
libtiff 4.0.9 - Decodes Arbitrarily Sized JBIG into a Target Buffer Exploit
|
|
2018-10-30
|
|
Adult Filter 1.0 - Buffer Overflow (SEH) Exploit
|
|
2018-10-30
|
|
PHPTPoint Hospital Management System 1 SQL Injection Vulnerability
|
|
2018-10-30
|
|
AudioCodes 440HD / 450HD IP Phone 3.1.2.89 Man-In-The-Middle Vulnerability
|
|
2018-10-30
|
|
Polycom VVX 500 / VVX 601 5.8.0.12848 Man-In-The-Middle Vulnerability
|
|
2018-10-30
|
|
Polycom VVX 500 / VVX 601 5.8.0.12848 Information Exposure Vulnerability
|
|
2018-10-30
|
|
WebExec Authenticated User Code Execution Exploit
|
|
2018-10-30
|
|
WebEx Local Service Permissions Code Execution Exploit
|
|
2018-10-30
|
|
WordPress Question Answer 1.2.30 Cross Site Scripting Vulnerability
|
|
2018-10-30
|
|
WordPress Pie Register 3.0.17 Cross Site Scripting Vulnerability
|
|
2018-10-30
|
|
Linux/x86 - execve(/bin/cat /etc/ssh/sshd_config) Shellcode 44 Bytes
|
|
2018-10-30
|
|
jQuery-File-Upload < v9.22.1 (ImageMagick / Ghostscript) - Remote Code Execution Exploit
|
|
2018-10-30
|
|
Fifa Master XLS 2.3.2 - usw SQL Injection Vulnerability
|
|
2018-10-30
|
|
SG ERP 1.0 - info SQL Injection Vulnerability
|
|
2018-10-30
|
|
Axioscloud Sissiweb Registro Elettronico 7.0.0 - Error_desc Cross-Site Scripting Vulnerability
|
|
2018-10-30
|
|
Adult Filter 1.0 - Denial of Service Exploit
|
|
2018-10-30
|
|
Microsoft Data Sharing - Local Privilege Escalation Exploit
|
|
2018-10-30
|
|
Apache OFBiz 16.11.04 - XML External Entity Injection Exploit
|
|
2018-10-30
|
|
exim 4.90 - Remote Code Execution Exploit
|
|
2018-10-30
|
|
D-Link Routers - Command Injection Vulnerability
|
|
2018-10-30
|
|
D-Link Routers - Directory Traversal Vulnerability
|
|
2018-10-30
|
|
D-Link Routers - Plaintext Password Vulnerability
|
|
2018-10-30
|
|
SIM-PKH 2.4.1 SQL Injection Vulnerability
|
|
2018-10-24
|
|
Microsoft Active Directory Federated Services (ADFS) User Enumeration Vulnerability
|
|
2018-10-24
|
|
ServersCheck Monitoring Software 14.3.3 SQL Injection Vulnerability
|
|
2018-10-24
|
|
ServersCheck Monitoring Software 14.3.3 Cross Site Scripting Vulnerability
|
|
2018-10-24
|
|
MGB OpenSource Guestbook 0.7.0.2 - id SQL Injection Vulnerability
|
|
2018-10-23
|
|
SIM-PKH 2.4.1 - Arbitrary File Upload
|
|
2018-10-23
|
|
Appsource School Management System 1.0 - student_id SQL Injection Vulnerability
|
|
2018-10-23
|
|
Traq 3.7.1 CSRF / XSS / SQL Injection Vulnerabilities
|
|
2018-10-23
|
|
VestaCP 0.9.8-22 Cross Site Scripting Vulnerability
|
|
2018-10-23
|
|
AjentiCP 1.2.23.13 Cross Site Scripting Vulnerability
|
|
2018-10-23
|
|
Microsoft Windows 10 UAC Bypass By computerDefault Exploit
|
|
2018-10-23
|
|
Chrome Debugger Extension API Is Too Powerful Vulnerability
|
|
2018-10-23
|
|
ServersCheck Monitoring Software 14.3.3 - Denial of Service Exploit
|
|
2018-10-23
|
|
Apple iOS Kernel - Use-After-Free due to bad Error Handling in Personas Exploit
|
|
2018-10-22
|
|
Apple iOS Kernel - Stack Memory Disclosure due to Failure to Check copyin Return Value Exploit
|
|
2018-10-22
|
|
Apple iOS / macOS - Kernel Memory Corruption due to Integer Overflow Exploit
|
|
2018-10-22
|
|
Apple iOS / macOS - Sandbox Escape due to mach Message sent from Shared Memory Exploit
|
|
2018-10-22
|
|
Apple iOS / macOS - Sandbox Escape due to Trusted Length Field in Shared Memory Exploit
|
|
2018-10-22
|
|
Viva Visitor & Volunteer ID Tracking 0.95.1 - fname SQL Injection Vulnerability
|
|
2018-10-22
|
|
Apple Intel GPU Driver - Use-After-Free/Double-Delete due to bad Locking Exploit
|
|
2018-10-22
|
|
eNdonesia Portal 8.7 - artid SQL Injection Vulnerability
|
|
2018-10-22
|
|
The Open ISES Project 3.30A - Arbitrary File Download Vulnerability
|
|
2018-10-22
|
|
The Open ISES Project 3.30A - tick_lat SQL Injection Vulnerability
|
|
2018-10-22
|
|
School ERP Ultimate 2018 - fid SQL Injection Vulnerability
|
|
2018-10-22
|
|
Oracle Siebel CRM 8.1.1 - CSV Injection Vulnerability
|
|
2018-10-22
|
|
School ERP Ultimate 2018 - Arbitrary File Download Vulnerability
|
|
2018-10-22
|
|
MySQL Edit Table 1.0 - id SQL Injection Vulnerability
|
|
2018-10-22
|
|
Modbus Poll 7.2.2 - Denial of Service Exploit
|
|
2018-10-22
|
|
Microsoft Windows SetImeInfoEx Win32k NULL Pointer Dereference Exploit
|
|
2018-10-22
|
|
WiFiRanger 7.0.8rc3 Incorrect Access Control / Privilege Escalation Vulnerability
|
|
2018-10-22
|
|
Viprinet VPN Hub Router Cross Site Scripting Vulnerability
|
|
2018-10-22
|
|
AudaCity 2.3 - High processor usage Denial of Service Exploit
|
|
2018-10-21
|
|
libSSH - Authentication Bypass Exploit
|
|
2018-10-21
|
|
Linux/x86 print "If psycho say this is the end?" Shellcode (75 bytes)
|
|
2018-10-21
|
|
libSSH - Authentication Bypass
|
CVE-2018-10933
|
2018-10-19
|
|
Linux Semi-Arbitrary Task Stack Read On ARM64 / x86 Exploit
|
|
2018-10-18
|
|
Chrome Mojo DataPipe*Dispatcher Deserialization Lacking Validation Exploit
|
|
2018-10-18
|
|
Snes9K 0.0.9z - Buffer Overflow (SEH) Exploit
|
|
2018-10-18
|
|
OwnTicket 1.0 - TicketID SQL Injection Vulnerability
|
|
2018-10-18
|
|
Learning with Texts 1.6.2 - start SQL Injection Vulnerability
|
|
2018-10-18
|
|
PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add admin) Vulnerability
|
|
2018-10-18
|
|
TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure Vulnerability
|
|
2018-10-18
|
|
ManageEngine OPManager 12.3 Cross Site Scripting Vulnerability
|
|
2018-10-18
|
|
LANGO Codeigniter Multilingual Script 1.0 Cross Site Scripting Vulnerability
|
|
2018-10-18
|
|
Ekushey Project Manager CRM 3.1 Cross Site Scripting Vulnerability
|
|
2018-10-18
|
|
IBM Security AppScan Standard 9.0.3 .udt Denial Of Service Exploit
|
|
2018-10-18
|
|
Acunetix Web Vulnerability Scanner 10 *.slg Buffer Overflow (PoC) Exploit
|
|
2018-10-18
|
|
Any Sound Recorder 2.93 - Buffer Overflow (SEH) Exploit
|
|
2018-10-18
|
|
Time and Expense Management System 3.0 - CSRF (Add Admin) Vulnerability
|
|
2018-10-18
|
|
FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials Vulnerability
|
|
2018-10-18
|
|
VLC Media Player - MKV Use-After-Free Exploit
|
|
2018-10-18
|
|
Microsoft Windows - FSCTL_FIND_FILES_BY_SID Information Disclosure Exploit
|
|
2018-10-18
|
|
HighPortal 12.5 Cross Site Scripting Vulnerability
|
|
2018-10-18
|
|
Heatmiser Wifi Thermostat 1.7 - Credential Disclosure Exploit
|
|
2018-10-18
|
|
GIU Gallery Image Upload 0.3.1 - category SQL Injection Vulnerability
|
|
2018-10-18
|
|
Navigate CMS 2.8.5 - Arbitrary File Download Vulnerability
|
|
2018-10-18
|
|
MV Video Sharing Software 1.2 - searchname SQL Injection Vulnerability
|
|
2018-10-18
|
|
Rukovoditel Project Management CRM 2.3 - path SQL Injection Vulnerability
|
|
2018-10-18
|
|
Vishesh Auto Index 3.1 - fid SQL Injection Vulnerability
|
|
2018-10-18
|
|
Kados R10 GreenBee - release_id SQL Injection Vulnerability
|
|
2018-10-18
|
|
HotelDruid 2.2.4 - anno SQL Injection Vulnerability
|
|
2018-10-18
|
|
Wordpress Support Board 1.2.3 Plugin - Cross-Site Scripting Vulnerability
|
|
2018-10-18
|
|
Library CMS 2.1.1 - Cross-Site Scripting Vulnerability
|
|
2018-10-18
|
|
Solaris RSH Stack Clash Privilege Escalation Exploit
|
|
2018-10-18
|
|
BigTree CMS 4.2.23 Cross Site Scripting Vulnerability
|
|
2018-10-18
|
|
FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure Vulnerability
|
|
2018-10-18
|
|
FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure Vulnerability
|
|
2018-10-18
|
|
FLIR Brickstream 3D+ - RTSP Stream Disclosure Vulnerability
|
|
2018-10-18
|
|
FLIR AX8 Thermal Camera 1.32.16 - RTSP Stream Disclosure Vulnerability
|
|
2018-10-18
|
|
FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution Exploit
|
|
2018-10-18
|
|
Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin) Vulnerability
|
|
2018-10-18
|
|
Academic Timetable Final Build 7.0a-7.0b - id SQL Injection Vulnerability
|
|
2018-10-18
|
|
Academic Timetable Final Build 7.0 - Information Disclosure Exploit
|
|
2018-10-18
|
|
Advanced HRM 1.6 - Remote Code Execution Vulnerability
|
|
2018-10-18
|
|
MaxOn ERP Software 8.x-9.x - nomor SQL Injection Vulnerability
|
|
2018-10-18
|
|
College Notes Management System 1.0 - user SQL Injection Vulnerability
|
|
2018-10-18
|
|
KORA 2.7.0 - cid SQL Injection Vulnerability
|
|
2018-10-18
|
|
AlchemyCMS 4.1 - Cross-Site Scripting Vulnerability
|
|
2018-10-18
|
|
D-Link DSL-2640T Cross Site Scripting Vulnerability
|
|
2018-10-18
|
|
Teltonika RUT9XX Missing Access Control To UART Root Terminal Vulnerability
|
|
2018-10-18
|
|
Teltonika RUT9XX Unauthenticated OS Command Injection Exploit
|
|
2018-10-18
|
|
Teltonika RUT9XX Reflected Cross Site Scripting Vulnerability
|
|
2018-10-18
|
|
Cockpit CMS CSRF / XSS / Path Traversal Vulnerabilities
|
|
2018-10-18
|
|
NoMachine 5.3.26 Remote Code Execution Exploit
|
|
2018-10-18
|
|
Phoenix Contact WebVisit 2985725 - Authentication Bypass Exploit
|
|
2018-10-18
|
|
FluxBB < 1.5.6 - SQL Injection Exploit
|
|
2018-10-18
|
|
SugarCRM 6.5.26 - Cross-Site Scripting Vulnerability
|
|
2018-10-18
|
|
HaPe PKH 1.1 - Arbitrary File Upload Vulnerability
|
|
2018-10-18
|
|
HaPe PKH 1.1 - Cross-Site Request Forgery (Update Admin) Vulnerability
|
|
2018-10-18
|
|
HaPe PKH 1.1 - id SQL Injection Vulnerability
|
|
2018-10-18
|
|
LUYA CMS 1.0.12 - Cross-Site Scripting Vulnerability
|
|
2018-10-18
|
|
CAMALEON CMS 2.4 Cross Site Scripting Vulnerability
|
|
2018-10-18
|
|
gsview -dSAFER Not Used Vulnerability
|
|
2018-10-18
|
|
Microsoft SQL Server Management Studio 17.9 - XML External Entity Injection Vulnerability
|
|
2018-10-18
|
|
Microsoft SQL Server Management Studio 17.9 - .xel XML External Entity Injection Vulnerability
|
|
2018-10-18
|
|
Microsoft SQL Server Management Studio 17.9 - .xmla XML External Entity Injection Vulnerability
|
|
2018-10-18
|
|
CentOS Web Panel 0.9.8.480 Multiple Vulnerabilities
|
|
2018-10-18
|
|
Phoenix Contact WebVisit 6.40.00 - Password Disclosure Vulnerability
|
|
2018-10-18
|
|
E-Registrasi Pencak Silat 18.10 - id_partai SQL Injection Vulnerability
|
|
2018-10-18
|
|
WAGO 750-881 01.09.18 - Cross-Site Scripting Vulnerability
|
|
2018-10-18
|
|
Wikidforum 2.20 - Cross-Site Scripting Vulnerability
|
|
2018-10-18
|
|
OwnTicket 1.0 - 'TicketID' SQL Injection
|
|
2018-10-18
|
|
PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add admin)
|
|
2018-10-18
|
|
Learning with Texts 1.6.2 - 'start' SQL Injection
|
|
2018-10-18
|
|
Time and Expense Management System 3.0 - 'table' SQL Injection
|
|
2018-10-17
|
|
TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure
|
|
2018-10-17
|
|
Git Submodule - Arbitrary Code Execution
|
CVE-2018-17456
|
2018-10-17
|
|
Time and Expense Management System 3.0 - Cross-Site Request Forgery (Add Admin)
|
|
2018-10-17
|
|
FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials
|
|
2018-10-17
|
|
BigTree CMS 4.2.23 - Cross-Site Scripting
|
CVE-2018-18308
|
2018-10-17
|
|
Any Sound Recorder 2.93 - Buffer Overflow (SEH)
|
|
2018-10-17
|
|
VLC Media Player - MKV Use-After-Free (Metasploit)
|
CVE-2018-11529
|
2018-10-16
|
|
Solaris - RSH Stack Clash Privilege Escalation (Metasploit)
|
CVE-2017-1000364
|
2018-10-16
|
|
Microsoft Windows - 'FSCTL_FIND_FILES_BY_SID' Information Disclosure
|
CVE-2018-8411
|
2018-10-16
|
|
Heatmiser Wifi Thermostat 1.7 - Credential Disclosure
|
|
2018-10-16
|
|
GIU Gallery Image Upload 0.3.1 - 'category' SQL Injection
|
|
2018-10-16
|
|
MV Video Sharing Software 1.2 - 'searchname' SQL Injection
|
|
2018-10-16
|
|
Rukovoditel Project Management CRM 2.3 - 'path' SQL Injection
|
|
2018-10-16
|
|
Wordpress Plugin Support Board 1.2.3 - Cross-Site Scripting
|
|
2018-10-16
|
|
Vishesh Auto Index 3.1 - 'fid' SQL Injection
|
|
2018-10-16
|
|
Kados R10 GreenBee - 'release_id' SQL Injection
|
|
2018-10-16
|
|
Library CMS 2.1.1 - Cross-Site Scripting
|
|
2018-10-16
|
|
Navigate CMS 2.8.5 - Arbitrary File Download
|
|
2018-10-16
|
|
HotelDruid 2.2.4 - 'anno' SQL Injection
|
|
2018-10-16
|
|
KORA 2.7.0 - 'cid' SQL Injection
|
|
2018-10-15
|
|
Academic Timetable Final Build 7.0 - Information Disclosure
|
|
2018-10-15
|
|
NoMachine < 5.3.27 - Remote Code Execution
|
CVE-2018-17980
|
2018-10-15
|
|
Centos Web Panel 0.9.8.480 - Multiple Vulnerabilities
|
CVE-2018-18322
|
2018-10-15
|
|
FLIR Brickstream 3D+ - RTSP Stream Disclosure
|
|
2018-10-15
|
|
FLIR AX8 Thermal Camera 1.32.16 - RTSP Stream Disclosure
|
|
2018-10-15
|
|
MaxOn ERP Software 8.x-9.x - 'nomor' SQL Injection
|
|
2018-10-15
|
|
Advanced HRM 1.6 - Remote Code Execution
|
|
2018-10-15
|
|
College Notes Management System 1.0 - 'user' SQL Injection
|
|
2018-10-15
|
|
FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution
|
|
2018-10-15
|
|
AlchemyCMS 4.1 - Cross-Site Scripting
|
|
2018-10-15
|
|
Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin)
|
|
2018-10-15
|
|
FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure
|
|
2018-10-15
|
|
Snes9K 0.0.9z - Buffer Overflow (SEH)
|
|
2018-10-15
|
|
FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure
|
|
2018-10-15
|
|
Academic Timetable Final Build 7.0a-7.0b - 'id' SQL Injection
|
|
2018-10-15
|
|
FluxBB < 1.5.6 - SQL Injection
|
CVE-2014-10029
|
2018-10-12
|
|
SugarCRM 6.5.26 - Cross-Site Scripting
|
CVE-2018-17784
|
2018-10-12
|
|
HaPe PKH 1.1 - Arbitrary File Upload
|
|
2018-10-12
|
|
CAMALEON CMS 2.4 - Cross-Site Scripting
|
|
2018-10-12
|
|
HaPe PKH 1.1 - Cross-Site Request Forgery (Update Admin)
|
|
2018-10-12
|
|
Phoenix Contact WebVisit 2985725 - Authentication Bypass
|
CVE-2016-8371
|
2018-10-12
|
|
LUYA CMS 1.0.12 - Cross-Site Scripting
|
|
2018-10-12
|
|
HaPe PKH 1.1 - 'id' SQL Injection
|
|
2018-10-12
|
|
Microsoft SQL Server Management Studio 17.9 - '.xmla' XML External Entity Injection
|
CVE-2018-8532
|
2018-10-11
|
|
Phoenix Contact WebVisit 6.40.00 - Password Disclosure
|
CVE-2016-8366
|
2018-10-11
|
|
Microsoft SQL Server Management Studio 17.9 - '.xel' XML External Entity Injection
|
|
2018-10-11
|
|
jQuery-File-Upload 9.22.0 - Arbitrary File Upload
|
|
2018-10-11
|
|
Microsoft SQL Server Management Studio 17.9 - XML External Entity Injection
|
|
2018-10-11
|
|
E-Registrasi Pencak Silat 18.10 - 'id_partai' SQL Injection
|
|
2018-10-11
|
|
WAGO 750-881 01.09.18 - Cross-Site Scripting
|
|
2018-10-11
|
|
Wikidforum 2.20 - Cross-Site Scripting
|
|
2018-10-11
|
|
VLC Media Player 2.2.8 MKV Use-After-Free Exploit
|
|
2018-10-11
|
|
DELL EMC OneFS Storage Administration 8.1.2.0 .zshrc Overwrite Exploit
|
|
2018-10-11
|
|
WhatsApp - RTP Processing Heap Corruption Exploit
|
|
2018-10-10
|
|
MicroTik RouterOS < 6.43rc3 - Remote Root Exploit
|
|
2018-10-10
|
|
XMeye P2P Cloud Remote Code Execution / Integrity Issues Vulnerabilities
|
|
2018-10-10
|
|
jQuery-File-Upload 9.22.0 Arbitrary File Upload Vulnerability
|
|
2018-10-10
|
|
NPLUG Wireless Repeater 1.0.0.14 CSRF / XSS / Authentication Bypass Vulnerabilities
|
|
2018-10-10
|
|
Responsive Filemanager 9.8.1 Authentication Bypass Vulnerability
|
|
2018-10-10
|
|
Responsive Filemanager 9.8.1 Cross Site Scripting Vulnerability
|
|
2018-10-10
|
|
Sitepress Multilingual 3.6.3 Cross Site Scripting Vulnerability
|
|
2018-10-10
|
|
Ektron CMS 9.20 SP2 - Improper Access Restrictions Vulnerability
|
|
2018-10-10
|
|
FileZilla 3.33 - Buffer Overflow Exploit
|
|
2018-10-10
|
|
WhatsApp - RTP Processing Heap Corruption
|
|
2018-10-10
|
|
FLIR Systems FLIR Thermal Traffic Cameras Websocket Device Manipulation Exploit
|
|
2018-10-10
|
|
ghostscript - executeonly Bypass with errorhandler Setup Exploit
|
|
2018-10-10
|
|
Free MP3 CD Ripper 2.8 - .wma Buffer Overflow (SEH) (DEP Bypass) Exploit
|
|
2018-10-10
|
|
Microsoft Edge Chakra JIT - Type Confusion Exploit
|
|
2018-10-10
|
|
Microsoft Edge Chakra JIT - BailOutOnInvalidatedArrayHeadSegment Check Bypass Exploit
|
|
2018-10-10
|
|
MicroTik RouterOS < 6.43rc3 - Remote Root
|
CVE-2018-14847
|
2018-10-10
|
|
Ektron CMS 9.20 SP2 - Improper Access Restrictions
|
CVE-2018-12596
|
2018-10-10
|
|
FileZilla 3.33 - Buffer Overflow (PoC)
|
|
2018-10-10
|
|
Virtualmin 6.03 Multiple Vulnerabilities
|
|
2018-10-10
|
|
ifwatchd - Privilege Escalation (Metasploit)
|
CVE-2014-2533
|
2018-10-09
|
|
Delta Electronics Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow (Metasploit)
|
CVE-2018-10594
|
2018-10-09
|
|
ghostscript - executeonly Bypass with errorhandler Setup
|
CVE-2018-17961
|
2018-10-09
|
|
Microsoft Edge Chakra JIT - Type Confusion
|
CVE-2018-8467
|
2018-10-09
|
|
Microsoft Edge Chakra JIT - 'BailOutOnInvalidatedArrayHeadSegment' Check Bypass
|
CVE-2018-8466
|
2018-10-09
|
|
net-snmp 5.7.3 - Denial of Service
|
CVE-2015-5621
|
2018-10-09
|
|
Wikidforum 2.20 - 'message_id' SQL Injection
|
|
2018-10-09
|
|
Delta Electronics Delta Industrial Automation COMMGR 1.08 Stack Buffer Overflow Exploit
|
|
2018-10-09
|
|
ifwatchd Privilege Escalation Exploit
|
|
2018-10-09
|
|
Seqrite End Point Security 7.4 - Privilege Escalation
|
CVE-2018-17775
|
2018-10-09
|
|
Free MP3 CD Ripper 2.8 - '.wma' Buffer Overflow (SEH) (DEP Bypass)
|
|
2018-10-09
|
|
Wikidforum 2.20 - 'select_sort' SQL Injection
|
|
2018-10-09
|
|
360 3.5.0.1033 - Sandbox Escape Exploit
|
|
2018-10-09
|
|
Wikidforum 2.20 Multiple SQL Injection Vulnerability
|
|
2018-10-09
|
|
Navigate CMS - Unauthenticated Remote Code Execution Exploit
|
|
2018-10-09
|
|
Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 bytes)
|
|
2018-10-09
|
|
Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode (181 bytes)
|
|
2018-10-09
|
|
Linux Kernel - Pointer Leak via BPF Exploit
|
|
2018-10-09
|
|
Linux Kernel < 4.11.8 - mq_notify: double sock_put() Local Privilege Escalation
|
|
2018-10-09
|
|
Cisco Prime Infrastructure - Unauthenticated Remote Code Execution Exploit
|
|
2018-10-08
|
|
Android - sdcardfs Changes current->fs Without Proper Locking Exploit
|
|
2018-10-08
|
|
Git Submodule - Arbitrary Code Execution Vulnerability
|
|
2018-10-08
|
|
Imperva SecureSphere 13 - Remote Command Execution Exploit
|
|
2018-10-08
|
|
net-snmp 5.7.3 - Unauthenticated Denial of Service Exploit
|
|
2018-10-08
|
|
net-snmp 5.7.3 - Authenticated Denial of Service Exploit
|
|
2018-10-08
|
|
Microsoft Windows - Net-NTLMv2 Reflection DCOM/RPC (Metasploit)
|
CVE-2016-3225
|
2018-10-08
|
|
Navigate CMS - Unauthenticated Remote Code Execution (Metasploit)
|
CVE-2018-17552
|
2018-10-08
|
|
Zahir Enterprise Plus 6 - Stack Buffer Overflow (Metasploit)
|
CVE-2018-17408
|
2018-10-08
|
|
Unitrends UEB - HTTP API Remote Code Execution (Metasploit)
|
CVE-2017-12478
|
2018-10-08
|
|
Android - sdcardfs Changes current->fs Without Proper Locking
|
CVE-2018-9515
|
2018-10-08
|
|
Linux - Kernel Pointer Leak via BPF
|
|
2018-10-08
|
|
Cisco Prime Infrastructure - Unauthenticated Remote Code Execution
|
CVE-2018-15379
|
2018-10-08
|
|
A Red Teamer’s guide to pivoting
|
|
2018-10-08
|
|
Linux Kernel < 4.11.8 - 'mq_notify: double sock_put()' Local Privilege Escalation
|
CVE-2017-11176
|
2018-10-08
|
|
Git Submodule - Arbitrary Code Execution
|
CVE-2018-17456
|
2018-10-08
|
|
net-snmp 5.7.3 - Authenticated Denial of Service (PoC)
|
|
2018-10-08
|
|
net-snmp 5.7.3 - Unauthenticated Denial of Service (PoC)
|
|
2018-10-08
|
|
Imperva SecureSphere 13 - Remote Command Execution
|
|
2018-10-08
|
|
Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode (181 bytes)
|
|
2018-10-08
|
|
360 3.5.0.1033 - Sandbox Escape
|
|
2018-10-08
|
|
FLIR Thermal Traffic Cameras 1.01-0bb5b27 - Information Disclosure
|
|
2018-10-08
|
|
Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 bytes)
|
|
2018-10-08
|
|
FLIR Thermal Traffic Cameras 1.01-0bb5b27 - RTSP Stream Disclosure Vulnerability
|
|
2018-10-07
|
|
Chamilo LMS 1.11.8 - firstname Cross-Site Scripting Vulnerability
|
|
2018-10-07
|
|
FLIR Thermal Traffic Cameras 1.01-0bb5b27 - RTSP Stream Disclosure
|
|
2018-10-06
|
|
Chamilo LMS 1.11.8 - 'firstname' Cross-Site Scripting
|
|
2018-10-06
|
|
Chrome OS /sbin/crash_reporter Symlink Traversal Vulnerability
|
|
2018-10-06
|
|
Windows Net-NTLMv2 Reflection DCOM/RPC Exploit
|
|
2018-10-06
|
|
Unitrends UEB HTTP API Remote Code Execution Exploit
|
|
2018-10-06
|
|
Claromentis Discuss 1.2.1 Cross Site Scripting Vulnerability
|
|
2018-10-06
|
|
Chamilo LMS 1.11.8 - Cross-Site Scripting Vulnerability
|
|
2018-10-06
|
|
Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Request Forgery (Add Admin) Vulnerabilities
|
|
2018-10-06
|
|
Easy File Sharing Web Server 7.2 - Domain Name Buffer Overflow Exploit
|
|
2018-10-06
|
|
Chamilo LMS 1.11.8 - Cross-Site Scripting
|
|
2018-10-05
|
|
ISPConfig < 3.1.13 - Remote Command Execution
|
|
2018-10-05
|
|
D-Link Central WiFiManager Software Controller 1.03 - Multiple Vulnerabilities
|
CVE-2018-17440
|
2018-10-05
|
|
Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Request Forgery (Add Admin)
|
|
2018-10-05
|
|
ISPConfig Remote Command Execution Exploit
|
|
2018-10-05
|
|
DLink Central WiFiManager Software Controller Code Execution / XSS Exploit
|
|
2018-10-05
|
|
WordPress Pie Register 3.0.15 Cross Site Scripting Vulnerability
|
|
2018-10-05
|
|
Photo #Nettoyeur 1.4.5 Insecure File Permission Vulnerability
|
|
2018-10-05
|
|
Billion ADSL Router 400G 20151105641 - Cross-Site Scripting Vulnerability
|
|
2018-10-05
|
|
WUZHICMS 2.0 - Cross-Site Scripting Vulnerability
|
|
2018-10-05
|
|
Coaster CMS 5.5.0 - Cross-Site Scripting Vulnerability
|
|
2018-10-05
|
|
OPAC EasyWeb Five 5.7 - biblio SQL Injection Vulnerability
|
|
2018-10-05
|
|
OPAC EasyWeb Five 5.7 - nome SQL Injection Vulnerability
|
|
2018-10-05
|
|
Linux Kernel 2.6.x / 3.10.x / 4.14.x (x64) - Mutagen Astronomy Local Privilege Escalation Exploit
|
|
2018-10-05
|
|
Linux/x64 - Execute /bin/nc -lvp 9090 Shellcode (60 bytes)
|
|
2018-10-05
|
|
Flippa Marketplace Clone 1.0 - date_started SQL Injection Vulnerability
|
|
2018-10-05
|
|
Education Website 1.0 - subject SQL Injection Vulnerability
|
|
2018-10-05
|
|
Binary MLM Software 1.0 - pid SQL Injection Vulnerability
|
|
2018-10-05
|
|
Singleleg MLM Software 1.0 - msg_id SQL Injection Vulnerability
|
|
2018-10-05
|
|
Hotel Booking Engine 1.0 - h_room_type SQL Injection Vulnerability
|
|
2018-10-05
|
|
Linux/x64 - execve ("/bin/bash") Shellcode (27 bytes)
|
|
2018-10-05
|
|
Fork CMS 5.4.0 - Cross-Site Scripting Vulnerability
|
|
2018-10-05
|
|
H2 Database 1.4.196 - Remote Code Execution Exploit
|
|
2018-10-05
|
|
Zahir Enterprise Plus 6 build 10b - Buffer Overflow (SEH) Exploit
|
|
2018-10-05
|
|
Snes9K 0.0.9z - Denial of Service (PoC) Exploit
|
|
2018-10-05
|
|
Linux/x64 - execve ("/bin/sh") Shellcode (24 bytes)
|
|
2018-10-05
|
|
Airties AIR5750 1.0.0.18 Cross Site Scripting Vulnerability
|
|
2018-10-05
|
|
Airties AIR5650 1.0.0.18 Cross Site Scripting Vulnerability
|
|
2018-10-05
|
|
Airties AIR5453 1.0.0.18 Cross Site Scripting Vulnerability
|
|
2018-10-05
|
|
Airties AIR5443v2 1.0.0.18 Cross Site Scripting Vulnerability
|
|
2018-10-05
|
|
Airties AIR5442 1.0.0.18 Cross Site Scripting Vulnerability
|
|
2018-10-05
|
|
Airties AIR5343v2 1.0.0.18 Cross Site Scripting Vulnerability
|
|
2018-10-05
|
|
Airties AIR5021 1.0.0.18 Cross Site Scripting Vulnerability
|
|
2018-10-05
|
|
ManageEngine AssetExplorer 6.2.0 Cross Site Scripting Vulnerability
|
|
2018-10-05
|
|
Intel Extreme Tuning Utility 6.4.1.23 Code Execution / Privilege Escalation Vulnerabilities
|
|
2018-10-05
|
|
AppArmor Filesystem Blacklisting Bypass Vulnerability
|
|
2018-10-05
|
|
Seqrite End Point Security 7.4 Privilege Escalation Vulnerability
|
|
2018-10-05
|
|
Skype On Debian Microsoft Apt Repo Addition Vulnerability
|
|
2018-10-05
|
|
Microsoft Edge - Sandbox Escape Exploit
|
|
2018-10-05
|
|
PCProtect 4.8.35 - Privilege Escalation Vulnerability
|
|
2018-10-05
|
|
WebKit - WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded
|
|
2018-10-05
|
|
WebKit - WebCore::SVGTextLayoutAttributes::context Use-After-Free Exploit
|
|
2018-10-05
|
|
WebKit - WebCore::RenderLayer::updateDescendantDependentFlags Use-After-Free Exploit
|
|
2018-10-05
|
|
WebKit - WebCore::SVGTRefElement::updateReferencedText Use-After-Free Exploit
|
|
2018-10-05
|
|
WebKit - WebCore::RenderMultiColumnSet::updateMinimumColumnHeight Use-After-Free Exploit
|
|
2018-10-05
|
|
WebKit - WebCore::InlineTextBox::paint Out-of-Bounds Read Exploit
|
|
2018-10-05
|
|
NICO-FTP 3.0.1.19 - Buffer Overflow (SEH)(ASLR) Exploit
|
|
2018-10-05
|
|
Linux/x86 - execve(/bin/sh) + NOT +SHIFT-N+ XOR-N Encoded Shellcode (50 bytes)
|
|
2018-10-05
|
|
virtualenv 16.0.0 - Sandbox Escape Vulnerability
|
|
2018-10-05
|
|
LayerBB Forum 1.1.1 - search_query SQL Injection Vulnerability
|
|
2018-10-05
|
|
FTP Voyager 16.2.0 - Denial of Service Exploit
|
|
2018-10-05
|
|
Airties AIR5342 1.0.0.18 - Cross-Site Scripting Vulnerability
|
|
2018-10-05
|
|
RICOH MP C1803 JPN Printer - Cross-Site Scripting Vulnerability
|
|
2018-10-05
|
|
PTC ThingWorx Password Disclosure / Cross Site Scripting Vulnerabilities
|
|
2018-10-05
|
|
Joomla Jimtawl 2.2.7 Component - id SQL Injection Vulnerability
|
|
2018-10-05
|
|
Zechat 1.5 - uname SQL Injection Vulnerability
|
|
2018-10-05
|
|
Wikindx 5.3.2 Multiple Cross-Site Scripting Vulnerability
|
|
2018-10-05
|
|
WebKit - WebCore::Node::ensureRareData Use-After-Free Exploit
|
|
2018-10-05
|
|
WebKit - WebCore::AXObjectCache::handleMenuItemSelected Use-After-Free Exploit
|
|
2018-10-05
|
|
WebKit - WebCore::SVGAnimateElementBase::resetAnimatedType Use-After-Free Exploit
|
|
2018-10-05
|
|
WordPress WebARX Website Firewall 4.9.8 XSS / Bypass Vulnerabilities
|
|
2018-10-05
|
|
WordPress Breadcrumb NavXT 6.1.0 Username Disclosure
|
|
2018-10-05
|
|
NICO-FTP 3.0.1.19 - Buffer Overflow (SEH)(ASLR)
|
|
2018-10-04
|
|
LayerBB Forum 1.1.1 - 'search_query' SQL Injection
|
|
2018-10-04
|
|
Linux\x86 - (NOT +SHIFT-N+ XOR-N) + encoded (/bin/sh) Shellcode (50 byes)
|
|
2018-10-04
|
|
virtualenv 16.0.0 - Sandbox Escape
|
CVE-2018-17793
|
2018-10-04
|
|
FTP Voyager 16.2.0 - Denial of Service (PoC)
|
|
2018-10-03
|
|
RICOH MP C1803 JPN Printer - Cross-Site Scripting
|
CVE-2018-17310
|
2018-10-03
|
|
Airties AIR5342 1.0.0.18 - Cross-Site Scripting
|
CVE-2018-17587
|
2018-10-03
|
|
Joomla! Component Jimtawl 2.2.7 - 'id' SQL Injection
|
|
2018-10-03
|
|
Zechat 1.5 - 'uname' SQL Injection
|
|
2018-10-03
|
|
OPAC EasyWeb Five 5.7 - 'nome' SQL Injection
|
|
2018-10-02
|
|
Coaster CMS 5.5.0 - Cross-Site Scripting
|
|
2018-10-02
|
|
OPAC EasyWeb Five 5.7 - 'biblio' SQL Injection
|
|
2018-10-02
|
|
Phrack: Twenty years of Escaping the Java Sandbox (Ieu Eauvidoum & disk noise)
|
|
2018-10-01
|
|
Linux Kernel 2.6.x / 3.10.x / 4.14.x (RedHat / Debian / CentOS) (x64) - 'Mutagen Astronomy' Local Privilege Escalation
|
CVE-2018-14634
|
2018-10-01
|
|
Billion ADSL Router 400G 20151105641 - Cross-Site Scripting
|
|
2018-10-01
|
|
WUZHICMS 2.0 - Cross-Site Scripting
|
CVE-2018-17832
|
2018-10-01
|
|
Flippa Marketplace Clone 1.0 - 'date_started' SQL Injection
|
|
2018-10-01
|
|
Binary MLM Software 1.0 - 'pid' SQL Injection
|
|
2018-10-01
|
|
Singleleg MLM Software 1.0 - 'msg_id' SQL Injection
|
|
2018-10-01
|
|
Education Website 1.0 - 'subject' SQL Injection
|
|
2018-10-01
|
|
Hotel Booking Engine 1.0 - 'h_room_type' SQL Injection
|
|
2018-10-01
|
|
Fork CMS 5.4.0 - Cross-Site Scripting
|
|
2018-10-01
|
|
ManageEngine AssetExplorer 6.2.0 - Cross-Site Scripting
|
|
2018-10-01
|
|
H2 Database 1.4.196 - Remote Code Execution
|
|
2018-10-01
|
|
Zahir Enterprise Plus 6 build 10b - Buffer Overflow (SEH)
|
|
2018-10-01
|
|
Snes9K 0.0.9z - Denial of Service (PoC)
|
|
2018-10-01
|
|
Microsoft Edge - Sandbox Escape
|
CVE-2018-8463
|
2018-09-28
|
|
PCProtect 4.8.35 - Privilege Escalation
|
|
2018-09-28
|
|
Rausoft ID.prove 2.95 - Username SQL injection Vulnerability
|
|
2018-09-27
|
|
Citrix StorageZones Controller Improper Access Restrictions / Traversal Exploit
|
|
2018-09-27
|
|
WordPress WP Insert 2.4.2 Arbitrary File Upload Vulnerability
|
|
2018-09-27
|
|
ManageEngine Desktop Central 10.0.271 - Cross-Site Scripting Vulnerability
|
|
2018-09-27
|
|
iWay Data Quality Suite Web Console 10.6.1.ga - XML External Entity Injection Vulnerability
|
|
2018-09-27
|
|
EE 4GEE Mini EE40_00_02.00_44 - Privilege Escalation
|
|
2018-09-27
|
|
Rausoft ID.prove 2.95 - 'Username' SQL injection
|
|
2018-09-27
|
|
ManageEngine Desktop Central 10.0.271 - Cross-Site Scripting
|
|
2018-09-27
|
|
iWay Data Quality Suite Web Console 10.6.1.ga - XML External Entity Injection
|
|
2018-09-27
|
|
CrossFont 7.5 - Denial of Service Exploit
|
|
2018-09-26
|
|
TransMac 12.2 - Denial of Service Exploit
|
|
2018-09-26
|
|
Linux/ARM - Bind (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free #Shellcode (92 Bytes)
|
|
2018-09-26
|
|
Linux - #VMA Use-After-Free via Buggy vmacache_flush_all() Fastpath Exploit
|
|
2018-09-26
|
|
Joomla Responsive Portfolio 1.6.1 Component - filter_order_Dir SQL Injection Vulnerability
|
|
2018-09-26
|
|
Joomla Timetable Schedule 3.6.8 Component - SQL Injection Vulnerability
|
|
2018-09-26
|
|
Linux - VMA Use-After-Free via Buggy vmacache_flush_all() Fastpath
|
CVE-2018-17182
|
2018-09-26
|
|
Linux/ARM - Bind (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (92 Bytes)
|
|
2018-09-26
|
|
CrossFont 7.5 - Denial of Service (PoC)
|
|
2018-09-26
|
|
TransMac 12.2 - Denial of Service (PoC)
|
|
2018-09-26
|
|
Faleemi Desktop Software 1.8.2 - 'Device alias' Local Buffer Overflow (SEH)
|
|
2018-09-25
|
|
Joomla eXtroForms 2.1.5 Component - filter_type_id SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Music Collection 3.0.3 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Raffle Factory 3.5.2 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Dutch Auction Factory 2.0.2 Component - filter_order_Dir SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Article Factory Manager 4.3.9 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla AlphaIndex Dictionaries 1.0 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Reverse Auction Factory 4.3.8 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Collection Factory 4.1.9 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Swap Factory 2.2.1 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Social Factory 3.8.3 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Jobs Factory 2.0.4 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Questions 1.4.3 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Penny Auction Factory 2.0.4 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Super Cms Blog Pro 1.0 - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Easy PhoroResQ 1.0 - Buffer Overflow Exploit
|
|
2018-09-25
|
|
Joomla! Component Responsive Portfolio 1.6.1 - 'filter_order_Dir' SQL Injection
|
|
2018-09-25
|
|
RICOH MP C406Z Printer - Cross-Site Scripting
|
|
2018-09-25
|
|
WebKit - 'WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded' Use-After-Free
|
CVE-2018-4197
|
2018-09-25
|
|
WebKit - 'WebCore::SVGTextLayoutAttributes::context' Use-After-Free
|
CVE-2018-4318
|
2018-09-25
|
|
RICOH MP 305+ Printer - Cross-Site Scripting
|
|
2018-09-25
|
|
WebKit - 'WebCore::RenderLayer::updateDescendantDependentFlags' Use-After-Free
|
CVE-2018-4317
|
2018-09-25
|
|
WebKit - 'WebCore::SVGTRefElement::updateReferencedText' Use-After-Free
|
CVE-2018-4315
|
2018-09-25
|
|
WebKit - 'WebCore::RenderMultiColumnSet::updateMinimumColumnHeight' Use-After-Free
|
CVE-2018-4323
|
2018-09-25
|
|
WebKit - 'WebCore::InlineTextBox::paint' Out-of-Bounds Read
|
CVE-2018-4328
|
2018-09-25
|
|
WebKit - 'WebCore::Node::ensureRareData' Use-After-Free
|
CVE-2018-4306
|
2018-09-25
|
|
WebKit - 'WebCore::AXObjectCache::handleMenuItemSelected' Use-After-Free
|
CVE-2018-4312
|
2018-09-25
|
|
WebKit - 'WebCore::SVGAnimateElementBase::resetAnimatedType' Use-After-Free
|
CVE-2018-4314
|
2018-09-25
|
|
Solaris - 'EXTREMEPARR' dtappgather Privilege Escalation (Metasploit)
|
CVE-2017-3622
|
2018-09-25
|
|
Joomla! Component Timetable Schedule 3.6.8 - SQL Injection
|
CVE-2018-17394
|
2018-09-25
|
|
Joomla! Component Article Factory Manager 4.3.9 - SQL Injection
|
CVE-2018-17380
|
2018-09-25
|
|
Joomla! Component AlphaIndex Dictionaries 1.0 - SQL Injection
|
CVE-2018-17397
|
2018-09-25
|
|
Joomla! Component Reverse Auction Factory 4.3.8 - SQL Injection
|
CVE-2018-17376
|
2018-09-25
|
|
Joomla! Component Collection Factory 4.1.9 - SQL Injection
|
CVE-2018-17383
|
2018-09-25
|
|
Joomla! Component Swap Factory 2.2.1 - SQL Injection
|
CVE-2018-17384
|
2018-09-25
|
|
Joomla Component eXtroForms 2.1.5 - 'filter_type_id' SQL Injection
|
|
2018-09-25
|
|
RICOH MP C6503 Plus Printer - Cross-Site Scripting
|
|
2018-09-25
|
|
Joomla! Component Social Factory 3.8.3 - SQL Injection
|
CVE-2018-17385
|
2018-09-25
|
|
Joomla! Component Jobs Factory 2.0.4 - SQL Injection
|
CVE-2018-17382
|
2018-09-25
|
|
Joomla! Component Questions 1.4.3 - SQL Injection
|
CVE-2018-17377
|
2018-09-25
|
|
Easy PhoroResQ 1.0 - Buffer Overflow
|
|
2018-09-25
|
|
Joomla! Component Penny Auction Factory 2.0.4 - SQL Injection
|
CVE-2018-17378
|
2018-09-25
|
|
Joomla! Component Music Collection 3.0.3 - SQL Injection
|
CVE-2018-17375
|
2018-09-25
|
|
Joomla! Component Raffle Factory 3.5.2 - SQL Injection
|
CVE-2018-17379
|
2018-09-25
|
|
Super Cms Blog Pro 1.0 - SQL Injection
|
CVE-2018-17391
|
2018-09-25
|
|
Joomla! Component Dutch Auction Factory 2.0.2 - 'filter_order_Dir' SQL Injection
|
|
2018-09-25
|
|
RICOH MP C2003 Printer - Cross-Site Scripting
|
|
2018-09-25
|
|
RICOH MP C307 Printer Cross Site Scripting Vulnerability
|
|
2018-09-25
|
|
RICOH MP 305+ Printer Cross Site Scripting Vulnerability
|
|
2018-09-25
|
|
RICOH MP C6503 Plus Printer Cross Site Scripting Vulnerability
|
|
2018-09-25
|
|
RICOH MP C406Z Printer Cross Site Scripting Vulnerability
|
|
2018-09-25
|
|
RICOH MP C2003 Printer Cross Site Scripting Vulnerability
|
|
2018-09-25
|
|
RICOH MP C1803 JPN Printer Cross Site Scripting Vulnerability
|
|
2018-09-25
|
|
Solaris EXTREMEPARR dtappgather Privilege Escalation Exploit
|
|
2018-09-25
|
|
EE 4GEE Mini Local Privilege Escalation Vulnerability
|
|
2018-09-25
|
|
Postman 6.3.0 Improper Certificate Validation Vulnerability
|
|
2018-09-25
|
|
RICOH MP C6003 Printer - Cross-Site Scripting Vulnerability
|
|
2018-09-24
|
|
RICOH Aficio MP 301 Printer - Cross-Site Scripting Vulnerability
|
|
2018-09-24
|
|
Beyond Remote 2.2.5.3 - Denial of Service Exploit
|
|
2018-09-24
|
|
SoftX FTP Client 3.3 - Denial of Service Exploit
|
|
2018-09-24
|
|
Termite 3.4 - Denial of Service Exploit
|
|
2018-09-24
|
|
Linux/ARM - sigaction() Based Egghunter (PWN!) + execve Shellcode (52 Bytes)
|
|
2018-09-24
|
|
Linux/ARM - Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) Shellcode (28 Bytes)
|
|
2018-09-24
|
|
Joomla Auction Factory 4.5.5 Component - filter_order SQL Injection Vulnerability
|
|
2018-09-24
|
|
RICOH MP C6003 Printer - Cross-Site Scripting
|
|
2018-09-24
|
|
Linux/ARM - sigaction() Based Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) Shellcode (52 Bytes)
|
|
2018-09-24
|
|
Linux/ARM - Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) Shellcode (28 Bytes)
|
|
2018-09-24
|
|
Beyond Remote 2.2.5.3 - Denial of Service (PoC)
|
|
2018-09-24
|
|
Joomla Micro Deal Factory 2.4.0 Component - id SQL Injection Vulnerability
|
|
2018-09-24
|
|
Joomla AMGallery 1.2.3 Component - filter_category_id SQL Injection Exploit
|
|
2018-09-24
|
|
LG SuperSign EZ CMS 2.5 - Remote Code Execution Exploit
|
|
2018-09-24
|
|
Joomla CW Article Attachments 1.0.6 - id SQL Injection Vulnerability
|
|
2018-09-24
|
|
Collectric CMU 1.0 - lang SQL injection Vulnerability
|
|
2018-09-24
|
|
Navigate CMS 2.8 - Cross-Site Scripting Vulnerability
|
|
2018-09-24
|
|
udisks2 2.8.0 - Denial of Service Vulnerability
|
|
2018-09-24
|
|
Antidote 9.5.1 Code Execution Exploit
|
|
2018-09-24
|
|
Microsoft Windows ALPC Task Scheduler Local Privilege Elevation Exploit
|
|
2018-09-24
|
|
Staubli Jacquard Industrial System JC6 Shellshock Vulnerability
|
|
2018-09-24
|
|
WordPress FV Flowplayer 7.2.0.727 Cross Site Scripting Vulnerability
|
|
2018-09-24
|
|
MyBB Visual Editor 1.8.18 Cross Site Scripting Vulnerability
|
|
2018-09-24
|
|
WebRTC - FEC Out-of-Bounds Read Exploit
|
|
2018-09-24
|
|
WebRTC - VP9 Processing Use-After-Free Exploit
|
|
2018-09-24
|
|
mgetty 1.2.0 Buffer Overflow / Privilege Escalation Vulnerabilities
|
|
2018-09-24
|
|
HylaFAX 6.0.6 / 5.6.0 Uninitialized Pointer / Out Of Bounds Write Vulnerabilities
|
|
2018-09-24
|
|
NICO-FTP 3.0.1.19 - Buffer Overflow (SEH) Exploit
|
|
2018-09-24
|
|
Telegram Desktop 1.3.14 denial of service Vulnerability
|
|
2018-09-24
|
|
Linux/x86 - Egghunter + sigaction-based Shellcode (27 bytes)
|
|
2018-09-24
|
|
LimeSurvey 3.14.7 Cross Site Scripting Vulnerability
|
|
2018-09-24
|
|
ManageEngine Desktop Central 10.0.271 Cross Site Scripting Vulnerability
|
|
2018-09-24
|
|
ManageEngine SupportCenter Plus 8.1.0 Cross Site Scripting Vulnerability
|
|
2018-09-24
|
|
LG SuperSign EZ CMS 2.5 - Local File Inclusion Vulnerability
|
|
2018-09-24
|
|
Microsoft Windows - Double Dereference in NtEnumerateKey Elevation of Privilege Exploit
|
|
2018-09-24
|
|
Microsoft Windows - CiSetFileCache WDAC Security Feature Bypass TOCTOU Exploit
|
|
2018-09-24
|
|
WordPress Wechat Broadcast 1.2.0 Plugin - Local File Inclusion Vulnerability
|
|
2018-09-24
|
|
WordPress Localize My Post 1.0 Plugin - Local File Inclusion Vulnerability
|
|
2018-09-24
|
|
Roundcube rcfilters plugin 2.1.6 - Cross-Site Scripting Vulnerability
|
|
2018-09-24
|
|
Western Digital My Cloud Authentication Bypass Vulnerability
|
|
2018-09-24
|
|
Moodle 3.x PHP Unserialize Remote Code Execution Exploit
|
|
2018-09-24
|
|
Solaris libnspr NSPR_LOG_FILE Privilege Escalation Exploit
|
|
2018-09-24
|
|
Faleemi Plus 1.0.2 - Denial of Service Exploit
|
|
2018-09-24
|
|
InfraRecorder 0.53 - (.txt) Denial of Service Exploit
|
|
2018-09-24
|
|
CdBurnerXP 4.5.8.6795 - File Name Denial of Service Exploit
|
|
2018-09-24
|
|
TeamViewer App 13.0.100.0 - Denial of Service Exploit
|
|
2018-09-24
|
|
MediaTek Wirless Utility rt2870 - Denial of Service Exploit
|
|
2018-09-24
|
|
Clone2Go Video to iPod Converter 2.5.0 - Denial of Service Exploit
|
|
2018-09-24
|
|
Apple macOS 10.13.4 - Denial of Service Exploit
|
|
2018-09-24
|
|
Infiltrator Network Security Scanner 4.6 - Denial of Service Exploit
|
|
2018-09-24
|
|
PDF Explorer 1.5.66.2 - Denial of Service Exploit
|
|
2018-09-24
|
|
iCash 7.6.5 - Denial of Service Exploit
|
|
2018-09-24
|
|
PicaJet FX 2.6.5 - Denial of Service Exploit
|
|
2018-09-24
|
|
RoboImport 1.2.0.72 - Denial of Service Exploit
|
|
2018-09-24
|
|
PixGPS 1.1.8 - Denial of Service Exploit
|
|
2018-09-24
|
|
WordPress Arigato Autoresponder And Newsletter 2.5 SQL Injection / XSS Vulnerabilities
|
|
2018-09-24
|
|
Microsoft Edge Chakra PathTypeHandlerBase::SetAttributesHelper Type Confusion Exploit
|
|
2018-09-24
|
|
Microsoft Edge Chakra JIT localeCompare Type Confusion Exploit
|
|
2018-09-24
|
|
Linux/ARM - Jump Back Shellcode + execve("/bin/sh", NULL, NULL) Shellcode (4 Bytes)
|
|
2018-09-24
|
|
Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution Exploit
|
|
2018-09-24
|
|
NUUO NVRMini2 3.8 - cgi_system Buffer Overflow (Enable Telnet) Exploit
|
|
2018-09-24
|
|
CA Release Automation NiMi 6.5 - Remote Command Execution Exploit
|
|
2018-09-24
|
|
jiNa OCR Image to Text 1.0 - Denial of Service Exploit
|
|
2018-09-24
|
|
XAMPP Control Panel 3.2.2 - Denial of Service Exploit
|
|
2018-09-24
|
|
Notebook Pro 2.0 - Denial Of Service Exploit
|
|
2018-09-24
|
|
Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Scripting Vulnerability
|
|
2018-09-24
|
|
Joomla! Component Auction Factory 4.5.5 - 'filter_order' SQL Injection
|
|
2018-09-24
|
|
SoftX FTP Client 3.3 - Denial of Service (PoC)
|
|
2018-09-24
|
|
RICOH Aficio MP 301 Printer - Cross-Site Scripting
|
|
2018-09-24
|
|
Termite 3.4 - Denial of Service (PoC)
|
|
2018-09-24
|
|
Joomla! Component Micro Deal Factory 2.4.0 - 'id' SQL Injection
|
|
2018-09-24
|
|
Joomla! Component AMGallery 1.2.3 - 'filter_category_id' SQL Injection
|
|
2018-09-24
|
|
udisks2 2.8.0 - Denial of Service (PoC)
|
|
2018-09-24
|
|
MyBB Visual Editor 1.8.18 - Cross-Site Scripting
|
CVE-2018-17128
|
2018-09-24
|
|
LG SuperSign EZ CMS 2.5 - Remote Code Execution
|
CVE-2018-17173
|
2018-09-24
|
|
Joomla! CW Article Attachments 1.0.6 - 'id' SQL Injection
|
CVE-2018-14592
|
2018-09-24
|
|
Collectric CMU 1.0 - 'lang' SQL injection
|
|
2018-09-24
|
|
Navigate CMS 2.8 - Cross-Site Scripting
|
CVE-2018-17255
|
2018-09-24
|
|
WebRTC - FEC Out-of-Bounds Read
|
CVE-2018-16083
|
2018-09-21
|
|
WebRTC - VP9 Processing Use-After-Free
|
CVE-2018-16071
|
2018-09-21
|
|
NICO-FTP 3.0.1.19 - Buffer Overflow (SEH)
|
|
2018-09-20
|
|
Linux/x86 - Egghunter + sigaction-based Shellcode (27 bytes)
|
|
2018-09-20
|
|
LG SuperSign EZ CMS 2.5 - Local File Inclusion
|
CVE-2018-16288
|
2018-09-19
|
|
WordPress Plugin Localize My Post 1.0 - Local File Inclusion
|
|
2018-09-19
|
|
WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion
|
|
2018-09-19
|
|
Roundcube rcfilters plugin 2.1.6 - Cross-Site Scripting
|
CVE-2018-16736
|
2018-09-19
|
|
Microsoft Windows - Double Dereference in NtEnumerateKey Elevation of Privilege
|
CVE-2018-8410
|
2018-09-19
|
|
Microsoft Windows - 'CiSetFileCache' WDAC Security Feature Bypass TOCTOU
|
CVE-2018-8449
|
2018-09-19
|
|
WordPress Plugin Arigato Autoresponder and Newsletter 2.5 - Blind SQL Injection / Reflected Cross-Site Scripting
|
CVE-2018-1002000
|
2018-09-18
|
|
Solaris - libnspr NSPR_LOG_FILE Privilege Escalation (Metasploit)
|
CVE-2006-4842
|
2018-09-18
|
|
Microsoft Edge Chakra JIT - 'localeCompare' Type Confusion
|
CVE-2018-8355
|
2018-09-18
|
|
Microsoft Edge Chakra - 'PathTypeHandlerBase::SetAttributesHelper' Type Confusion
|
CVE-2018-8384
|
2018-09-18
|
|
Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution
|
|
2018-09-18
|
|
NUUO NVRMini2 3.8 - 'cgi_system' Buffer Overflow (Enable Telnet)
|
|
2018-09-18
|
|
Linux/ARM - Jump Back Shellcode + execve("/bin/sh", NULL, NULL) Shellcode (4 Bytes)
|
|
2018-09-18
|
|
Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service Exploit
|
|
2018-09-17
|
|
Joomla JCK Editor 6.4.4 Component - parent SQL Injection Vulnerability
|
|
2018-09-17
|
|
CA Release Automation NiMi 6.5 - Remote Command Execution
|
|
2018-09-17
|
|
Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service (PoC)
|
|
2018-09-17
|
|
Joomla Component JCK Editor 6.4.4 - 'parent' SQL Injection
|
|
2018-09-17
|
|
Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Scripting
|
|
2018-09-17
|
|
Oracle VirtualBox Manager 5.2.18 r124319 - Name Attribute Denial of Service Exploit
|
|
2018-09-17
|
|
Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service (PoC)
|
|
2018-09-17
|
|
Notebook Pro 2.0 - Denial Of Service (PoC)
|
|
2018-09-17
|
|
XAMPP Control Panel 3.2.2 - Denial of Service (PoC)
|
|
2018-09-17
|
|
Socusoft Photo to Video Converter 8.07 - Registration Name Buffer Overflow Exploit
|
|
2018-09-16
|
|
Free MP3 CD Ripper 2.6 - .mp3 Buffer Overflow (SEH) Exploit
|
|
2018-09-16
|
|
Faleemi Desktop Software 1.8.2 - SavePath for ScreenShots Buffer Overflow (SEH) Exploit
|
|
2018-09-16
|
|
STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation Exploit
|
|
2018-09-16
|
|
InduSoft Web Studio 8.1 SP1 - Tag Name Buffer Overflow (SEH) Exploit
|
|
2018-09-16
|
|
Android (zygote->init;) Chain from USB Privilege Escalation Exploit
|
|
2018-09-16
|
|
LG Smart IP Camera 1508190 - Backup File Download Exploit
|
|
2018-09-16
|
|
SynaMan 4.0 build 1488 - SMTP Credential Disclosure Vulnerability
|
|
2018-09-16
|
|
SynaMan 4.0 build 1488 - Authenticated Cross-Site Scripting Vulnerability
|
|
2018-09-16
|
|
Rubedo CMS 3.4.0 - Directory Traversal Vulnerability
|
|
2018-09-16
|
|
CirCarLife SCADA 4.3.0 - Credential Disclosure Exploit
|
|
2018-09-16
|
|
Linux/x86 - Random Bytewise XOR + Insertion Encoder Shellcode (54 bytes)
|
|
2018-09-16
|
|
Linux/x86 - File Modification(/etc/hosts) Polymorphic Shellcode (99 bytes)
|
|
2018-09-16
|
|
Linux/x86 - Read File (/etc/passwd) MSF Optimized Shellcode (61 bytes)
|
|
2018-09-16
|
|
IBM Identity Governance and Intelligence 5.2.3.2 / 5.2.4 - SQL Injection Vulnerability
|
|
2018-09-16
|
|
MyBB 1.8.17 - Cross-Site Scripting Vulnerability
|
|
2018-09-16
|
|
Apache Portals Pluto 3.0.0 - Remote Code Execution Exploit
|
|
2018-09-16
|
|
Apache Syncope 2.0.7 Remote Code Execution Exploit
|
|
2018-09-15
|
|
Wordpress Survey & Poll 1.5.7.3 Plugin - sss_params SQL Injection Vulnerability
|
|
2018-09-15
|
|
Watchguard AP100 AP102 AP200 1.2.9.15 - Remote Code Execution Exploit
|
|
2018-09-15
|
|
Linux/x86 - Random Bytewise XOR + Insertion Encoder Shellcode (54 bytes)
|
|
2018-09-14
|
|
Linux/86 - File Modification(/etc/hosts) Polymorphic Shellcode (99 bytes)
|
|
2018-09-14
|
|
Linux/x86 - Read File (/etc/passwd) MSF Optimized Shellcode (61 bytes)
|
|
2018-09-14
|
|
Linux/x86 - Add User(r00t/blank) Polymorphic Shellcode (103 bytes)
|
|
2018-09-14
|
|
Faleemi Plus 1.0.2 - Denial of Service (PoC)
|
|
2018-09-14
|
|
InfraRecorder 0.53 - '.txt' Denial of Service (PoC)
|
|
2018-09-14
|
|
Free MP3 CD Ripper 2.6 - '.wma' Local Buffer Overflow (SEH)
|
|
2018-09-14
|
|
Wordpress Plugin Survey & Poll 1.5.7.3 - 'sss_params' SQL Injection
|
|
2018-09-14
|
|
CdBurnerXP 4.5.8.6795 - 'File Name' Denial of Service (PoC)
|
|
2018-09-14
|
|
Watchguard AP100 AP102 AP200 1.2.9.15 - Remote Code Execution (Metasploit)
|
|
2018-09-14
|
|
Chrome OS 10820.0.0 dev-channel - app->VM via garcon TCP Command Socket
|
|
2018-09-13
|
|
Socusoft Photo to Video Converter 8.07 - 'Registration Name' Buffer Overflow
|
|
2018-09-13
|
|
Linux 4.18 - Arbitrary Kernel Read into dmesg via Missing Address Check in segfault Handler
|
|
2018-09-13
|
|
TeamViewer App 13.0.100.0 - Denial of Service (PoC)
|
|
2018-09-13
|
|
Free MP3 CD Ripper 2.6 - '.mp3' Buffer Overflow (SEH)
|
|
2018-09-13
|
|
Faleemi Desktop Software 1.8.2 - 'SavePath for ScreenShots' Buffer Overflow (SEH)
|
|
2018-09-13
|
|
STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation
|
|