|
Anyburn 4.3 - 'Convert image to file format' Denial of Service
|
|
2019-02-05
|
|
R 3.5.0 - Local Buffer Overflow (SEH)
|
|
2019-02-05
|
|
Necrosoft DIG 0.4 - Denial of Service SEH Overwrite (PoC)
|
|
2019-02-05
|
|
IP-Tools 2.50 - Denial of Service SEH Overwrite (PoC)
|
|
2019-02-05
|
|
iOS/macOS 10.13.6 - 'if_ports_used_update_wakeuuid()' 16-byte Uninitialized Kernel Stack Disclosure
|
|
2019-02-05
|
|
Advanced File Manager 3.4.1 - Denial of Service (PoC)
|
|
2019-02-05
|
|
10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow (SEH) (DEP Bypass)
|
|
2019-02-05
|
|
Rukovoditel Project Management CRM 2.4.1 - 'lists_id' SQL Injection
|
|
2019-02-05
|
|
Windows/x86 - 'msiexec.exe' Download and Execute Shellcode (95 bytes)
|
|
2019-02-05
|
|
HTML5 Video Player 1.2.5 - Local Buffer Overflow (Non SEH)
|
|
2019-02-05
|
|
MiniUPnPd 2.1 - Out-of-Bounds Read
|
|
2019-02-05
|
|
Linux/x86 - execve(/bin/sh) + RShift-1 Encoded Shellcode (29 bytes)
|
|
2019-02-05
|
|
PDF Signer 3.0 - Server-Side Template Injection leading to Remote Command Execution (via Cross-Site Request Forgery Cookie)
|
|
2019-02-05
|
|
Linux/x86 - execve() - Terminal Calculator (bc) Shellcode (53 bytes)
|
|
2019-02-05
|
|
ResourceSpace 8.6 - 'collection_edit.php' SQL Injection
|
|
2019-02-05
|
|
MyBB IP History Logs Plugin 1.0.2 - Cross-Site Scripting
|
|
2019-02-05
|
|
Smart VPN 1.1.3.0 - Denial of Service (PoC)
|
|
2019-02-05
|
|
Mess Management System 1.0 - SQL Injection
|
|
2019-02-05
|
|
Teameyo Project Management System 1.0 - SQL Injection
|
|
2019-02-05
|
|
Faleemi Desktop Software 1.8 - Local Buffer Overflow (SEH) (DEP Bypass)
|
|
2019-02-05
|
|
Care2x 2.7 (HIS) Hospital Information System - Multiple SQL Injection
|
|
2019-02-05
|
|
BEWARD Intercom 2.3.1 - Credentials Disclosure
|
|
2019-02-05
|
|
Newsbull Haber Script 1.0.0 - 'search' SQL Injection
|
|
2019-02-05
|
|
R 3.4.4 XP SP3 - Buffer Overflow (Non SEH)
|
|
2019-02-05
|
|
Linux/ARM - Bind TCP (0.0.0.0:4321) Shell (/bin/sh) + Null-Free Shellcode (84 bytes)
|
|
2019-02-05
|
|
Cisco Firepower Management Center 6.2.2.2 / 6.2.3 - Cross-Site Scripting
|
|
2019-02-05
|
|
Cisco RV300 / RV320 - Information Disclosure
|
|
2019-02-05
|
|
Sricam gSOAP 2.8 - Denial of Service
|
|
2019-02-05
|
|
CMSsite 1.0 - 'search' SQL Injection
|
|
2019-02-05
|
|
CMSsite 1.0 - 'cat_id' SQL Injection
|
|
2019-02-05
|
|
Linux/ARM - Reverse TCP (192.168.1.124:4321) Shell (/bin/sh) Shellcode (64 bytes)
|
|
2019-02-05
|
|
Linux/x86 - Read /etc/passwd Shellcode (58 Bytes) (2)
|
|
2019-02-05
|
|
Linux/x86 - exit(0) Shellcode (5 bytes)
|
|
2019-02-05
|
|
Easy Video to iPod Converter 1.6.20 - Buffer Overflow (SEH)
|
|
2019-02-05
|
|
LogonBox Limited / Hypersocket Nervepoint Access Manager - Unauthenticated Insecure Direct Object Reference
|
|
2019-02-05
|
|
AirTies Air5341 Modem 1.0.0.12 - Cross-Site Request Forgery
|
|
2019-02-05
|
|
WordPress Plugin Ad Manager WD 1.0.11 - Arbitrary File Download
|
|
2019-02-05
|
|
Rundeck Community Edition < 3.0.13 - Persistent Cross-Site Scripting
|
|
2019-02-05
|
|
CloudMe Sync 1.11.2 Buffer Overflow - WoW64 (DEP Bypass)
|
|
2019-02-05
|
|
MySQL User-Defined (Linux) (x32/x86_64) - 'sys_exec' Local Privilege Escalation
|
|
2019-02-05
|
|
iOS/macOS - 'task_swap_mach_voucher()' Use-After-Free
|
|
2019-02-05
|
|
Wordpress Plugin Wisechat 2.6.3 - Reverse Tabnabbing
|
|
2019-02-05
|
|
Lua 5.3.5 - 'debug.upvaluejoin' Use After Free
|
|
2019-02-05
|
|
GreenCMS 2.x - Arbitrary File Download
|
|
2019-02-05
|
|
GreenCMS 2.x - SQL Injection
|
|
2019-02-05
|
|
Cisco RV320 Dual Gigabit WAN VPN Router 1.4.2.15 - Command Injection
|
|
2019-02-05
|
|
Ghostscript 9.26 - Pseudo-Operator Remote Code Execution
|
|
2019-02-05
|
|
AddressSanitizer (ASan) - SUID Executable Privilege Escalation (Metasploit)
|
|
2019-02-05
|
|
Zyxel NBG-418N v2 Modem 1.00(AAXM.6)C0 - Cross-Site Request Forgery
|
|
2019-02-05
|
|
ImpressCMS 1.3.11 - 'bid' SQL Injection
|
|
2019-02-05
|