|
VMware WorkStation 12.5.3 - Virtual Machine Escape
|
|
2019-11-25
|
|
VMware WorkStation 12.5.5 - Virtual Machine Escape
|
|
2019-11-25
|
|
ClamAV < 0.102.0 - 'bytecode_vm' Code Execution
|
|
2019-11-25
|
|
Microsoft Windows AppXsvc Deployment Extension - Privilege Escalation
|
|
2019-11-25
|
|
Easy-Hide-IP 5.0.0.3 - 'EasyRedirect' Unquoted Service Path
|
|
2019-11-25
|
|
InTouch Machine Edition 8.1 SP1 - 'Atributos' Denial of Service (PoC)
|
|
2019-11-25
|
|
Waves MaxxAudio Drivers 1.1.6.0 - 'WavesSysSvc64' Unquoted Service Path
|
|
2019-11-25
|
|
SMPlayer 19.5.0 - Denial of Service (PoC)
|
|
2019-11-25
|
|
macOS 10.14.6 - root->kernel Privilege Escalation via update_dyld_shared_cache
|
|
2019-11-22
|
|
Internet Explorer - Use-After-Free in JScript Arguments During toJSON Callback
|
|
2019-11-22
|
|
LiteManager 4.5.0 - Insecure File Permissions
|
|
2019-11-22
|
|
ProShow Producer 9.0.3797 - ('ScsiAccess') Unquoted Service Path
|
|
2019-11-22
|
|
Network Management Card 6.2.0 - Host Header Injection
|
|
2019-11-21
|
|
GNU Mailutils 3.7 - Privilege Escalation
|
|
2019-11-21
|
|
TestLink 1.9.19 - Persistent Cross-Site Scripting
|
|
2019-11-21
|
|
Xorg X11 Server - Local Privilege Escalation (Metasploit)
|
|
2019-11-20
|
|
Pulse Secure VPN - Arbitrary Command Execution (Metasploit)
|
|
2019-11-20
|
|
Bludit - Directory Traversal Image File Upload (Metasploit)
|
|
2019-11-20
|
|
FreeSWITCH - Event Socket Command Execution (Metasploit)
|
|
2019-11-20
|
|
FusionPBX - Operator Panel exec.php Command Execution (Metasploit)
|
|
2019-11-20
|
|
Windows - Escalate UAC Protection Bypass (Via Shell Open Registry Key) (Metasploit)
|
|
2019-11-20
|
|
Windows - Escalate UAC Protection Bypass (Via dot net profiler) (Metasploit)
|
|
2019-11-20
|
|
iOS 12.4 - Sandbox Escape due to Integer Overflow in mediaserverd
|
|
2019-11-20
|
|
Ubuntu 19.10 - Refcount Underflow and Type Confusion in shiftfs
|
|
2019-11-20
|
|
Ubuntu 19.10 - ubuntu-aufs-modified mmap_region() Breaks Refcounting in overlayfs/shiftfs Error Path
|
|
2019-11-20
|
|
OpenNetAdmin 18.1.1 - Remote Code Execution
|
|
2019-11-20
|
|
WordPress Core < 5.2.3 - Viewing Unauthenticated/Password/Private Posts
|
|
2019-11-19
|
|
Apache Httpd mod_rewrite - Open Redirects
|
|
2019-11-19
|
|
Apache Httpd mod_proxy - Error Page Cross-Site Scripting
|
|
2019-11-19
|
|
Cisco Prime Infrastructure Health Monitor HA TarArchive - Directory Traversal / Remote Code Execution
|
|
2019-11-19
|
|
DOUBLEPULSAR (x64) - Hooking 'srv!SrvTransactionNotImplemented' in 'srv!SrvTransaction2DispatchTable'
|
|
2019-11-19
|
|
Microsoft Windows 10 Build 1803 < 1903 - 'COMahawk' Local Privilege Escalation
|
|
2019-11-19
|
|
Microsoft Windows 7 (x86) - 'BlueKeep' Remote Desktop Protocol (RDP) Remote Windows Kernel Use After Free
|
|
2019-11-19
|
|
HackBack - A DIY guide to rob banks
|
|
2019-11-19
|
|
[Spanish] HackBack - A DIY guide to rob banks
|
|
2019-11-19
|
|
XMedia Recode 3.4.8.6 - '.m3u' Denial Of Service
|
|
2019-11-19
|
|
scadaApp for iOS 1.1.4.0 - 'Servername' Denial of Service (PoC)
|
|
2019-11-19
|
|
Centova Cast 3.2.12 - Denial of Service (PoC)
|
|
2019-11-19
|
|
Studio 5000 Logix Designer 30.01.00 - 'FactoryTalk Activation Service' Unquoted Service Path
|
|
2019-11-19
|
|
BartVPN 1.2.2 - 'BartVPNService' Unquoted Service Path
|
|
2019-11-19
|
|
ipPulse 1.92 - 'Enter Key' Denial of Service (PoC)
|
|
2019-11-19
|
|
nipper-ng 0.11.10 - Remote Buffer Overflow (PoC)
|
|
2019-11-18
|
|
TemaTres 3.0 - 'value' Persistent Cross-site Scripting
|
|
2019-11-18
|
|
Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service (PoC)
|
|
2019-11-18
|
|
TemaTres 3.0 - Cross-Site Request Forgery (Add Admin)
|
|
2019-11-18
|
|
Centova Cast 3.2.11 - Arbitrary File Download
|
|
2019-11-18
|
|
NCP_Secure_Entry_Client 9.2 - Unquoted Service Paths
|
|
2019-11-18
|
|
MobileGo 8.5.0 - Insecure File Permissions
|
|
2019-11-18
|
|
Crystal Live HTTP Server 6.01 - Directory Traversal
|
|
2019-11-18
|
|
Open Proficy HMI-SCADA 5.0.0.25920 - 'Password' Denial of Service (PoC)
|
|
2019-11-18
|