|
Open STA Manager 2.3 - Arbitrary File Download
|
|
2018-11-04
|
|
MPS Box 0.1.8.0 - 'uuid' SQL Injection
|
|
2018-11-04
|
|
AjentiCP 1.2.23.13 - Cross-Site Scripting
|
CVE-2018-18548
|
2018-11-04
|
|
AiOPMSD Final 1.0.0 - 'q' SQL Injection
|
|
2018-11-04
|
|
Simple POS and Inventory 1.0 - 'cat' SQL Injection
|
|
2018-11-04
|
|
ClipBucket 2.8 - 'id' SQL Injection
|
|
2018-11-04
|
|
Adult Filter 1.0 - Buffer Overflow (SEH)
|
|
2018-11-04
|
|
User Management 1.1 - Cross-Site Scripting
|
CVE-2018-18419
|
2018-11-04
|
|
Delta Sql 1.8.2 - Arbitrary File Upload
|
|
2018-11-04
|
|
Simple Chat System 1.0 - 'id' SQL Injection
|
|
2018-11-04
|
|
phptpoint Hospital Management System 1.0 - 'user' SQL injection
|
|
2018-11-04
|
|
phptpoint Pharmacy Management System 1.0 - 'username' SQL injection
|
|
2018-11-04
|
|
Ekushey Project Manager CRM 3.1 - Cross-Site Scripting
|
CVE-2018-18417
|
2018-11-04
|
|
ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution
|
|
2018-11-04
|
|
BORGChat 1.0.0 build 438 - Denial of Service (PoC)
|
|
2018-11-04
|
|
D-Link Routers - Directory Traversal
|
CVE-2018-10822
|
2018-11-04
|
|
D-Link Routers - Plaintext Password
|
CVE-2018-10824
|
2018-11-04
|
|
D-Link Routers - Command Injection
|
CVE-2018-10823
|
2018-11-04
|
|
Microsoft Data Sharing - Local Privilege Escalation (PoC)
|
|
2018-11-04
|
|
Apache OFBiz 16.11.04 - XML External Entity Injection
|
|
2018-11-04
|
|
LANGO Codeigniter Multilingual Script 1.0 - Cross-Site Scripting
|
CVE-2018-18416
|
2018-11-04
|
|
exim 4.90 - Remote Code Execution
|
CVE-2018-6789
|
2018-11-04
|
|
Adult Filter 1.0 - Denial of Service (PoC)
|
|
2018-11-04
|
|
Linux/x86 - execve(/bin/cat /etc/ssh/sshd_config) Shellcode 44 Bytes
|
|
2018-11-04
|
|
Axioscloud Sissiweb Registro Elettronico 7.0.0 - 'Error_desc' Cross-Site Scripting
|
CVE-2018-18437
|
2018-11-04
|
|
Fifa Master XLS 2.3.2 - 'usw' SQL Injection
|
|
2018-11-04
|
|
SG ERP 1.0 - 'info' SQL Injection
|
|
2018-11-04
|
|
MGB OpenSource Guestbook 0.7.0.2 - 'id' SQL Injection
|
|
2018-11-04
|
|
SIM-PKH 2.4.1 - 'id' SQL Injection
|
|
2018-11-04
|
|
School ERP Pro+Responsive 1.0 - 'fid' SQL Injection
|
|
2018-11-04
|
|
School ERP Pro+Responsive 1.0 - Arbitrary File Download
|
|
2018-11-04
|
|
ServersCheck Monitoring Software 14.3.3 - 'id' SQL Injection
|
|
2018-11-04
|
|
Microsoft Windows 10 - Local Privilege Escalation (UAC Bypass)
|
|
2018-11-04
|
|
SIM-PKH 2.4.1 - Arbitrary File Upload
|
|
2018-11-04
|
|
ServersCheck Monitoring Software 14.3.3 - Arbitrary File Write
|
|
2018-11-04
|
|
Appsource School Management System 1.0 - 'student_id' SQL Injection
|
|
2018-11-04
|
|
Viva Visitor & Volunteer ID Tracking 0.95.1 - 'fname' SQL Injection
|
|
2018-11-04
|
|
The Open ISES Project 3.30A - Arbitrary File Download
|
|
2018-11-04
|
|
eNdonesia Portal 8.7 - 'artid' SQL Injection
|
|
2018-11-04
|
|
Windows - SetImeInfoEx Win32k NULL Pointer Dereference (Metasploit)
|
CVE-2018-8120
|
2018-11-04
|
|
Apple iOS Kernel - Use-After-Free due to bad Error Handling in Personas
|
|
2018-11-04
|
|
Apple iOS/macOS - Kernel Memory Corruption due to Integer Overflow in IOHIDResourceQueue::enqueueReport
|
|
2018-11-04
|
|
Apple iOS/macOS - Sandbox Escape due to mach Message sent from Shared Memory
|
|
2018-11-04
|
|
Apple iOS - Kernel Stack Memory Disclosure due to Failure to Check copyin Return Value
|
|
2018-11-04
|
|
Apple iOS/macOS - Sandbox Escape due to Trusted Length Field in Shared Memory used by HID Event Subsystem
|
|
2018-11-04
|
|
Apple Intel GPU Driver - Use-After-Free/Double-Delete due to bad Locking
|
|
2018-11-04
|
|
School ERP Ultimate 2018 - 'fid' SQL Injection
|
|
2018-11-04
|
|
The Open ISES Project 3.30A - 'tick_lat' SQL Injection
|
|
2018-11-04
|
|
Audacity 2.3 - Denial of Service (PoC)
|
|
2018-11-04
|
|
Oracle Siebel CRM 8.1.1 - CSV Injection
|
|
2018-11-04
|
|
School ERP Ultimate 2018 - Arbitrary File Download
|
|
2018-11-04
|
|
Modbus Poll 7.2.2 - Denial of Service (PoC)
|
|
2018-11-04
|
|
MySQL Edit Table 1.0 - 'id' SQL Injection
|
|
2018-11-04
|
|
Expense Management 1.0 - Arbitrary File Upload Vulnerability
|
|
2018-10-31
|
|
MyBB Downloads 2.0.3 - SQL Injection Vulnerability
|
|
2018-10-31
|
|
NETGEAR WiFi Router R6120 - Credential Disclosure Vulnerability
|
|
2018-10-31
|
|
Webiness Inventory 2.9 - Arbitrary File Upload Vulnerability
|
|
2018-10-31
|
|
Electricks eCommerce 1.0 - prodid SQL Injection Vulnerability
|
|
2018-10-31
|
|
South Gate Inn Online Reservation System 1.0 - q SQL Injection Vulnerability
|
|
2018-10-31
|
|
K-iwi Framework 1775 - SQL Injection Vulnerability
|
|
2018-10-31
|
|
SaltOS Erp Crm 3.1 r8126 - Database File Download Vulnerability
|
|
2018-10-31
|
|
SaltOS Erp Crm 3.1 r8126 - SQL Injection Vulnerability (2)
|
|
2018-10-31
|
|
SaltOS Erp Crm 3.1 r8126 - SQL Injection Vulnerability
|
|
2018-10-31
|
|
E-Negosyo System 1.0 - SQL Injection Vulnerability
|
|
2018-10-31
|
|
RhinOS CMS 3.x - Arbitrary File Download Vulnerability
|
|
2018-10-31
|
|
SmartFTP Client 9.0.2615.0 - Denial of Service Exploit
|
|
2018-10-31
|
|
School Attendance Monitoring System 1.0 - SQL Injection Vulnerability
|
|
2018-10-31
|
|
School Attendance Monitoring System 1.0 - Arbitrary File Upload Vulnerability
|
|
2018-10-31
|
|
School Attendance Monitoring System 1.0 - Cross-Site Request Forgery (Update Admin) Vulnerability
|
|
2018-10-31
|
|
School Event Management System 1.0 - Cross-Site Request Forgery (Update Admin) Vulnerability
|
|
2018-10-31
|
|
School Event Management System 1.0 - Arbitrary File Upload Vulnerability
|
|
2018-10-31
|
|
School Event Management System 1.0 - SQL Injection Vulnerability
|
|
2018-10-31
|
|
Point of Sales (POS) in VB.Net MySQL Database 1.0 - SQL Injection Vulnerability
|
|
2018-10-31
|
|
Bakeshop Inventory System in VB.Net and MS Access Database 1.0 - SQL Injection Vulnerability
|
|
2018-10-31
|
|
Curriculum Evaluation System 1.0 - SQL Injection Vulnerability
|
|
2018-10-31
|
|
Aplaya Beach Resort Online Reservation System 1.0 - SQL Injection / Cross-Site Request Forgery
|
|
2018-10-31
|
|
MTGAS MOGG Web Simulator Script - SQL Injection Vulnerability
|
|
2018-10-31
|
|
Card Payment 1.0 - Cross-Site Request Forgery (Update Admin) Vulnerability
|
|
2018-10-31
|
|
Library Management System 1.0 - frmListBooks SQL Injection Vulnerability
|
|
2018-10-31
|
|
Grapixel New Media 2 - pageref SQL Injection Vulnerability
|
|
2018-10-31
|
|
Open Faculty Evaluation System 7 - batch_name SQL Injection Vulnerability
|
|
2018-10-31
|
|
Instagram Clone 1.0 - Arbitrary File Upload Vulnerability
|
|
2018-10-31
|
|
SIPp 3.3.990 - Local Buffer Overflow Exploit
|
|
2018-10-31
|
|
QNAP NetBak Replicator 4.5.6.0607 - Denial of Service Exploit
|
|
2018-10-31
|
|
ZyXEL VMG3312-B10B < 1.00(AAPP.7) - Credential Disclosure Exploit
|
|
2018-10-31
|
|
systemd - reexec State Injection Exploit
|
|
2018-10-31
|
|
xorg #x11 #server 1.20.3 - Privilege Escalation Exploit (3)
|
|
2018-10-30
|
|
R 3.4.4 ( #Windows10 x64) - Buffer Overflow (DEP/ASLR Bypass) Exploit
|
|
2018-10-30
|
|
AnySoundRecorder 2.93 - Buffer Overflow Local (SEH) Exploit
|
|
2018-10-30
|
|
PayPal / Credit Card / Debit Card Payment 1.0 SQL Injection Vulnerability
|
|
2018-10-30
|
|
Windows/x64 - Remote (Bind TCP) Keylogger Shellcode (Generator) 864 bytes
|
|
2018-10-30
|
|
Nutanix AOS & Prism < 5.5.5 (LTS) / < 5.8.1 (STS) SFTP Authentication Bypass Vulnerability
|
|
2018-10-30
|
|
Navicat 12.0.29 - SSH Denial of Service Exploit
|
|
2018-10-30
|
|
AlienIP 2.41 - Denial of Service Exploit
|
|
2018-10-30
|
|
systemd - chown_one() can Dereference Symlinks Exploit
|
|
2018-10-30
|
|
Modbus Slave 7.0.0 - Denial of Service Exploit
|
|
2018-10-30
|
|
Modbus Slave PLC 7 - .msw Buffer Overflow Exploit
|
|
2018-10-30
|
|
Paramiko 2.4.1 - Authentication Bypass Exploit
|
|
2018-10-30
|
|
Local Server 1.0.9 - Denial of Service Exploit
|
|
2018-10-30
|
|
School Equipment Monitoring System 1.0 - login SQL Injection Vulnerability
|
|
2018-10-30
|
|
HID ActivID ActivClient 7.1.0.202 Heap Spray / Denial Of Service Vulnerability
|
|
2018-10-30
|
|
Joomla Responsive eXtro jQuery Gallery 2.1.0 Component - filter_category SQL Injection Vulnerability
|
|
2018-10-30
|
|
Joomla Com_Ajax Component Jsnextfw Plugin Jform_Article Incorrect Default Permission Vulnerability
|
|
2018-10-30
|
|
WordPress Arforms 3.5.1 Arbitrary File Delete Exploit
|
|
2018-10-30
|
|
ASRock Drivers Privilege Escalation / Code Execution Exploit
|
|
2018-10-30
|
|
Webiness Inventory 2.9 Shell Upload Exploit
|
|
2018-10-30
|
|
Shell In A Box 2.2.0 Denial Of Service Exploit
|
|
2018-10-30
|
|
MPS Box 0.1.8.0 - Arbitrary File Upload Vulnerability
|
|
2018-10-30
|
|
Veterinary Clinic Management 00.02 - editpetnum SQL Injection Vulnerability
|
|
2018-10-30
|
|
Quick Count 2.0 - txtInstID SQL Injection Vulnerability
|
|
2018-10-30
|
|
Delta Sql 1.8.2 - id SQL Injection Vulnerability
|
|
2018-10-30
|
|
Linux systemd Line Splitting Exploit
|
|
2018-10-30
|
|
Linux systemd Symlink Dereference Via chown_one() Exploit
|
|
2018-10-30
|
|
xorg-x11-server 1.20.3 - Local Privilege Escalation Exploit (2)
|
|
2018-10-30
|
|
xorg-x11-server 1.20.3 - Local Privilege Escalation Exploit
|
|
2018-10-30
|
|
Oracle Hyperion Planning 11.1.2.4 Cross Site Scripting Vulnerability
|
|
2018-10-30
|
|
Open STA Manager 2.3 - Arbitrary File Download Vulnerability
|
|
2018-10-30
|
|
MPS Box 0.1.8.0 - uuid SQL Injection Vulnerability
|
|
2018-10-30
|
|
AjentiCP 1.2.23.13 - Cross-Site Scripting Vulnerability
|
|
2018-10-30
|
|
AiOPMSD Final 1.0.0 - q SQL Injection Vulnerability
|
|
2018-10-30
|
|
ClipBucket 2.8 - id SQL Injection Vulnerability
|
|
2018-10-30
|
|
User Management 1.1 - Cross-Site Scripting Vulnerability
|
|
2018-10-30
|
|
Delta Sql 1.8.2 - Arbitrary File Upload Vulnerability
|
|
2018-10-30
|
|
Simple POS and Inventory 1.0 - cat SQL Injection Vulnerability
|
|
2018-10-30
|
|
Simple Chat System 1.0 - id SQL Injection Vulnerability
|
|
2018-10-30
|
|
ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution Exploit
|
|
2018-10-30
|
|
Ekushey Project Manager CRM 3.1 - Cross-Site Scripting Vulnerability
|
|
2018-10-30
|
|
PHPTPoint Pharmacy Management System 1.0 - username SQL injection Vulnerability
|
|
2018-10-30
|
|
BORGChat 1.0.0 build 438 - Denial of Service Exploit
|
|
2018-10-30
|
|
libtiff 4.0.9 - Decodes Arbitrarily Sized JBIG into a Target Buffer Exploit
|
|
2018-10-30
|
|
Adult Filter 1.0 - Buffer Overflow (SEH) Exploit
|
|
2018-10-30
|
|
PHPTPoint Hospital Management System 1 SQL Injection Vulnerability
|
|
2018-10-30
|
|
AudioCodes 440HD / 450HD IP Phone 3.1.2.89 Man-In-The-Middle Vulnerability
|
|
2018-10-30
|
|
Polycom VVX 500 / VVX 601 5.8.0.12848 Man-In-The-Middle Vulnerability
|
|
2018-10-30
|
|
Polycom VVX 500 / VVX 601 5.8.0.12848 Information Exposure Vulnerability
|
|
2018-10-30
|
|
WebExec Authenticated User Code Execution Exploit
|
|
2018-10-30
|
|
WebEx Local Service Permissions Code Execution Exploit
|
|
2018-10-30
|
|
WordPress Question Answer 1.2.30 Cross Site Scripting Vulnerability
|
|
2018-10-30
|
|
WordPress Pie Register 3.0.17 Cross Site Scripting Vulnerability
|
|
2018-10-30
|
|
Linux/x86 - execve(/bin/cat /etc/ssh/sshd_config) Shellcode 44 Bytes
|
|
2018-10-30
|
|
jQuery-File-Upload < v9.22.1 (ImageMagick / Ghostscript) - Remote Code Execution Exploit
|
|
2018-10-30
|
|
Fifa Master XLS 2.3.2 - usw SQL Injection Vulnerability
|
|
2018-10-30
|
|
SG ERP 1.0 - info SQL Injection Vulnerability
|
|
2018-10-30
|
|
Axioscloud Sissiweb Registro Elettronico 7.0.0 - Error_desc Cross-Site Scripting Vulnerability
|
|
2018-10-30
|
|
Adult Filter 1.0 - Denial of Service Exploit
|
|
2018-10-30
|
|
Microsoft Data Sharing - Local Privilege Escalation Exploit
|
|
2018-10-30
|
|
Apache OFBiz 16.11.04 - XML External Entity Injection Exploit
|
|
2018-10-30
|
|
exim 4.90 - Remote Code Execution Exploit
|
|
2018-10-30
|
|
D-Link Routers - Command Injection Vulnerability
|
|
2018-10-30
|
|
D-Link Routers - Directory Traversal Vulnerability
|
|
2018-10-30
|
|
D-Link Routers - Plaintext Password Vulnerability
|
|
2018-10-30
|
|
SIM-PKH 2.4.1 SQL Injection Vulnerability
|
|
2018-10-24
|
|
Microsoft Active Directory Federated Services (ADFS) User Enumeration Vulnerability
|
|
2018-10-24
|
|
ServersCheck Monitoring Software 14.3.3 SQL Injection Vulnerability
|
|
2018-10-24
|
|
ServersCheck Monitoring Software 14.3.3 Cross Site Scripting Vulnerability
|
|
2018-10-24
|
|
MGB OpenSource Guestbook 0.7.0.2 - id SQL Injection Vulnerability
|
|
2018-10-23
|
|
SIM-PKH 2.4.1 - Arbitrary File Upload
|
|
2018-10-23
|
|
Appsource School Management System 1.0 - student_id SQL Injection Vulnerability
|
|
2018-10-23
|
|
Traq 3.7.1 CSRF / XSS / SQL Injection Vulnerabilities
|
|
2018-10-23
|
|
VestaCP 0.9.8-22 Cross Site Scripting Vulnerability
|
|
2018-10-23
|
|
AjentiCP 1.2.23.13 Cross Site Scripting Vulnerability
|
|
2018-10-23
|
|
Microsoft Windows 10 UAC Bypass By computerDefault Exploit
|
|
2018-10-23
|
|
Chrome Debugger Extension API Is Too Powerful Vulnerability
|
|
2018-10-23
|
|
ServersCheck Monitoring Software 14.3.3 - Denial of Service Exploit
|
|
2018-10-23
|
|
Apple iOS Kernel - Use-After-Free due to bad Error Handling in Personas Exploit
|
|
2018-10-22
|
|
Apple iOS Kernel - Stack Memory Disclosure due to Failure to Check copyin Return Value Exploit
|
|
2018-10-22
|
|
Apple iOS / macOS - Kernel Memory Corruption due to Integer Overflow Exploit
|
|
2018-10-22
|
|
Apple iOS / macOS - Sandbox Escape due to mach Message sent from Shared Memory Exploit
|
|
2018-10-22
|
|
Apple iOS / macOS - Sandbox Escape due to Trusted Length Field in Shared Memory Exploit
|
|
2018-10-22
|
|
Viva Visitor & Volunteer ID Tracking 0.95.1 - fname SQL Injection Vulnerability
|
|
2018-10-22
|
|
Apple Intel GPU Driver - Use-After-Free/Double-Delete due to bad Locking Exploit
|
|
2018-10-22
|
|
eNdonesia Portal 8.7 - artid SQL Injection Vulnerability
|
|
2018-10-22
|
|
The Open ISES Project 3.30A - Arbitrary File Download Vulnerability
|
|
2018-10-22
|
|
The Open ISES Project 3.30A - tick_lat SQL Injection Vulnerability
|
|
2018-10-22
|
|
School ERP Ultimate 2018 - fid SQL Injection Vulnerability
|
|
2018-10-22
|
|
Oracle Siebel CRM 8.1.1 - CSV Injection Vulnerability
|
|
2018-10-22
|
|
School ERP Ultimate 2018 - Arbitrary File Download Vulnerability
|
|
2018-10-22
|
|
MySQL Edit Table 1.0 - id SQL Injection Vulnerability
|
|
2018-10-22
|
|
Modbus Poll 7.2.2 - Denial of Service Exploit
|
|
2018-10-22
|
|
Microsoft Windows SetImeInfoEx Win32k NULL Pointer Dereference Exploit
|
|
2018-10-22
|
|
WiFiRanger 7.0.8rc3 Incorrect Access Control / Privilege Escalation Vulnerability
|
|
2018-10-22
|
|
Viprinet VPN Hub Router Cross Site Scripting Vulnerability
|
|
2018-10-22
|
|
AudaCity 2.3 - High processor usage Denial of Service Exploit
|
|
2018-10-21
|
|
libSSH - Authentication Bypass Exploit
|
|
2018-10-21
|
|
Linux/x86 print "If psycho say this is the end?" Shellcode (75 bytes)
|
|
2018-10-21
|
|
libSSH - Authentication Bypass
|
CVE-2018-10933
|
2018-10-19
|
|
Linux Semi-Arbitrary Task Stack Read On ARM64 / x86 Exploit
|
|
2018-10-18
|
|
Chrome Mojo DataPipe*Dispatcher Deserialization Lacking Validation Exploit
|
|
2018-10-18
|
|
Snes9K 0.0.9z - Buffer Overflow (SEH) Exploit
|
|
2018-10-18
|
|
OwnTicket 1.0 - TicketID SQL Injection Vulnerability
|
|
2018-10-18
|
|
Learning with Texts 1.6.2 - start SQL Injection Vulnerability
|
|
2018-10-18
|
|
PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add admin) Vulnerability
|
|
2018-10-18
|
|
TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure Vulnerability
|
|
2018-10-18
|
|
ManageEngine OPManager 12.3 Cross Site Scripting Vulnerability
|
|
2018-10-18
|
|
LANGO Codeigniter Multilingual Script 1.0 Cross Site Scripting Vulnerability
|
|
2018-10-18
|
|
Ekushey Project Manager CRM 3.1 Cross Site Scripting Vulnerability
|
|
2018-10-18
|
|
IBM Security AppScan Standard 9.0.3 .udt Denial Of Service Exploit
|
|
2018-10-18
|
|
Acunetix Web Vulnerability Scanner 10 *.slg Buffer Overflow (PoC) Exploit
|
|
2018-10-18
|
|
Any Sound Recorder 2.93 - Buffer Overflow (SEH) Exploit
|
|
2018-10-18
|
|
Time and Expense Management System 3.0 - CSRF (Add Admin) Vulnerability
|
|
2018-10-18
|
|
FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials Vulnerability
|
|
2018-10-18
|
|
VLC Media Player - MKV Use-After-Free Exploit
|
|
2018-10-18
|
|
Microsoft Windows - FSCTL_FIND_FILES_BY_SID Information Disclosure Exploit
|
|
2018-10-18
|
|
HighPortal 12.5 Cross Site Scripting Vulnerability
|
|
2018-10-18
|
|
Heatmiser Wifi Thermostat 1.7 - Credential Disclosure Exploit
|
|
2018-10-18
|
|
GIU Gallery Image Upload 0.3.1 - category SQL Injection Vulnerability
|
|
2018-10-18
|
|
Navigate CMS 2.8.5 - Arbitrary File Download Vulnerability
|
|
2018-10-18
|
|
MV Video Sharing Software 1.2 - searchname SQL Injection Vulnerability
|
|
2018-10-18
|
|
Rukovoditel Project Management CRM 2.3 - path SQL Injection Vulnerability
|
|
2018-10-18
|
|
Vishesh Auto Index 3.1 - fid SQL Injection Vulnerability
|
|
2018-10-18
|
|
Kados R10 GreenBee - release_id SQL Injection Vulnerability
|
|
2018-10-18
|
|
HotelDruid 2.2.4 - anno SQL Injection Vulnerability
|
|
2018-10-18
|
|
Wordpress Support Board 1.2.3 Plugin - Cross-Site Scripting Vulnerability
|
|
2018-10-18
|
|
Library CMS 2.1.1 - Cross-Site Scripting Vulnerability
|
|
2018-10-18
|
|
Solaris RSH Stack Clash Privilege Escalation Exploit
|
|
2018-10-18
|
|
BigTree CMS 4.2.23 Cross Site Scripting Vulnerability
|
|
2018-10-18
|
|
FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure Vulnerability
|
|
2018-10-18
|
|
FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure Vulnerability
|
|
2018-10-18
|
|
FLIR Brickstream 3D+ - RTSP Stream Disclosure Vulnerability
|
|
2018-10-18
|
|
FLIR AX8 Thermal Camera 1.32.16 - RTSP Stream Disclosure Vulnerability
|
|
2018-10-18
|
|
FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution Exploit
|
|
2018-10-18
|
|
Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin) Vulnerability
|
|
2018-10-18
|
|
Academic Timetable Final Build 7.0a-7.0b - id SQL Injection Vulnerability
|
|
2018-10-18
|
|
Academic Timetable Final Build 7.0 - Information Disclosure Exploit
|
|
2018-10-18
|
|
Advanced HRM 1.6 - Remote Code Execution Vulnerability
|
|
2018-10-18
|
|
MaxOn ERP Software 8.x-9.x - nomor SQL Injection Vulnerability
|
|
2018-10-18
|
|
College Notes Management System 1.0 - user SQL Injection Vulnerability
|
|
2018-10-18
|
|
KORA 2.7.0 - cid SQL Injection Vulnerability
|
|
2018-10-18
|
|
AlchemyCMS 4.1 - Cross-Site Scripting Vulnerability
|
|
2018-10-18
|
|
D-Link DSL-2640T Cross Site Scripting Vulnerability
|
|
2018-10-18
|
|
Teltonika RUT9XX Missing Access Control To UART Root Terminal Vulnerability
|
|
2018-10-18
|
|
Teltonika RUT9XX Unauthenticated OS Command Injection Exploit
|
|
2018-10-18
|
|
Teltonika RUT9XX Reflected Cross Site Scripting Vulnerability
|
|
2018-10-18
|
|
Cockpit CMS CSRF / XSS / Path Traversal Vulnerabilities
|
|
2018-10-18
|
|
NoMachine 5.3.26 Remote Code Execution Exploit
|
|
2018-10-18
|
|
Phoenix Contact WebVisit 2985725 - Authentication Bypass Exploit
|
|
2018-10-18
|
|
FluxBB < 1.5.6 - SQL Injection Exploit
|
|
2018-10-18
|
|
SugarCRM 6.5.26 - Cross-Site Scripting Vulnerability
|
|
2018-10-18
|
|
HaPe PKH 1.1 - Arbitrary File Upload Vulnerability
|
|
2018-10-18
|
|
HaPe PKH 1.1 - Cross-Site Request Forgery (Update Admin) Vulnerability
|
|
2018-10-18
|
|
HaPe PKH 1.1 - id SQL Injection Vulnerability
|
|
2018-10-18
|
|
LUYA CMS 1.0.12 - Cross-Site Scripting Vulnerability
|
|
2018-10-18
|
|
CAMALEON CMS 2.4 Cross Site Scripting Vulnerability
|
|
2018-10-18
|
|
gsview -dSAFER Not Used Vulnerability
|
|
2018-10-18
|
|
Microsoft SQL Server Management Studio 17.9 - XML External Entity Injection Vulnerability
|
|
2018-10-18
|
|
Microsoft SQL Server Management Studio 17.9 - .xel XML External Entity Injection Vulnerability
|
|
2018-10-18
|
|
Microsoft SQL Server Management Studio 17.9 - .xmla XML External Entity Injection Vulnerability
|
|
2018-10-18
|
|
CentOS Web Panel 0.9.8.480 Multiple Vulnerabilities
|
|
2018-10-18
|
|
Phoenix Contact WebVisit 6.40.00 - Password Disclosure Vulnerability
|
|
2018-10-18
|
|
E-Registrasi Pencak Silat 18.10 - id_partai SQL Injection Vulnerability
|
|
2018-10-18
|
|
WAGO 750-881 01.09.18 - Cross-Site Scripting Vulnerability
|
|
2018-10-18
|
|
Wikidforum 2.20 - Cross-Site Scripting Vulnerability
|
|
2018-10-18
|
|
OwnTicket 1.0 - 'TicketID' SQL Injection
|
|
2018-10-18
|
|
PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add admin)
|
|
2018-10-18
|
|
Learning with Texts 1.6.2 - 'start' SQL Injection
|
|
2018-10-18
|
|
Time and Expense Management System 3.0 - 'table' SQL Injection
|
|
2018-10-17
|
|
TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure
|
|
2018-10-17
|
|
Git Submodule - Arbitrary Code Execution
|
CVE-2018-17456
|
2018-10-17
|
|
Time and Expense Management System 3.0 - Cross-Site Request Forgery (Add Admin)
|
|
2018-10-17
|
|
FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials
|
|
2018-10-17
|
|
BigTree CMS 4.2.23 - Cross-Site Scripting
|
CVE-2018-18308
|
2018-10-17
|
|
Any Sound Recorder 2.93 - Buffer Overflow (SEH)
|
|
2018-10-17
|
|
VLC Media Player - MKV Use-After-Free (Metasploit)
|
CVE-2018-11529
|
2018-10-16
|
|
Solaris - RSH Stack Clash Privilege Escalation (Metasploit)
|
CVE-2017-1000364
|
2018-10-16
|
|
Microsoft Windows - 'FSCTL_FIND_FILES_BY_SID' Information Disclosure
|
CVE-2018-8411
|
2018-10-16
|
|
Heatmiser Wifi Thermostat 1.7 - Credential Disclosure
|
|
2018-10-16
|
|
GIU Gallery Image Upload 0.3.1 - 'category' SQL Injection
|
|
2018-10-16
|
|
MV Video Sharing Software 1.2 - 'searchname' SQL Injection
|
|
2018-10-16
|
|
Rukovoditel Project Management CRM 2.3 - 'path' SQL Injection
|
|
2018-10-16
|
|
Wordpress Plugin Support Board 1.2.3 - Cross-Site Scripting
|
|
2018-10-16
|
|
Vishesh Auto Index 3.1 - 'fid' SQL Injection
|
|
2018-10-16
|
|
Kados R10 GreenBee - 'release_id' SQL Injection
|
|
2018-10-16
|
|
Library CMS 2.1.1 - Cross-Site Scripting
|
|
2018-10-16
|
|
Navigate CMS 2.8.5 - Arbitrary File Download
|
|
2018-10-16
|
|
HotelDruid 2.2.4 - 'anno' SQL Injection
|
|
2018-10-16
|
|
KORA 2.7.0 - 'cid' SQL Injection
|
|
2018-10-15
|
|
Academic Timetable Final Build 7.0 - Information Disclosure
|
|
2018-10-15
|
|
NoMachine < 5.3.27 - Remote Code Execution
|
CVE-2018-17980
|
2018-10-15
|
|
Centos Web Panel 0.9.8.480 - Multiple Vulnerabilities
|
CVE-2018-18322
|
2018-10-15
|
|
FLIR Brickstream 3D+ - RTSP Stream Disclosure
|
|
2018-10-15
|
|
FLIR AX8 Thermal Camera 1.32.16 - RTSP Stream Disclosure
|
|
2018-10-15
|
|
MaxOn ERP Software 8.x-9.x - 'nomor' SQL Injection
|
|
2018-10-15
|
|
Advanced HRM 1.6 - Remote Code Execution
|
|
2018-10-15
|
|
College Notes Management System 1.0 - 'user' SQL Injection
|
|
2018-10-15
|
|
FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution
|
|
2018-10-15
|
|
AlchemyCMS 4.1 - Cross-Site Scripting
|
|
2018-10-15
|
|
Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin)
|
|
2018-10-15
|
|
FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure
|
|
2018-10-15
|
|
Snes9K 0.0.9z - Buffer Overflow (SEH)
|
|
2018-10-15
|
|
FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure
|
|
2018-10-15
|
|
Academic Timetable Final Build 7.0a-7.0b - 'id' SQL Injection
|
|
2018-10-15
|
|
FluxBB < 1.5.6 - SQL Injection
|
CVE-2014-10029
|
2018-10-12
|
|
SugarCRM 6.5.26 - Cross-Site Scripting
|
CVE-2018-17784
|
2018-10-12
|
|
HaPe PKH 1.1 - Arbitrary File Upload
|
|
2018-10-12
|
|
CAMALEON CMS 2.4 - Cross-Site Scripting
|
|
2018-10-12
|
|
HaPe PKH 1.1 - Cross-Site Request Forgery (Update Admin)
|
|
2018-10-12
|
|
Phoenix Contact WebVisit 2985725 - Authentication Bypass
|
CVE-2016-8371
|
2018-10-12
|
|
LUYA CMS 1.0.12 - Cross-Site Scripting
|
|
2018-10-12
|
|
HaPe PKH 1.1 - 'id' SQL Injection
|
|
2018-10-12
|
|
Microsoft SQL Server Management Studio 17.9 - '.xmla' XML External Entity Injection
|
CVE-2018-8532
|
2018-10-11
|
|
Phoenix Contact WebVisit 6.40.00 - Password Disclosure
|
CVE-2016-8366
|
2018-10-11
|
|
Microsoft SQL Server Management Studio 17.9 - '.xel' XML External Entity Injection
|
|
2018-10-11
|
|
jQuery-File-Upload 9.22.0 - Arbitrary File Upload
|
|
2018-10-11
|
|
Microsoft SQL Server Management Studio 17.9 - XML External Entity Injection
|
|
2018-10-11
|
|
E-Registrasi Pencak Silat 18.10 - 'id_partai' SQL Injection
|
|
2018-10-11
|
|
WAGO 750-881 01.09.18 - Cross-Site Scripting
|
|
2018-10-11
|
|
Wikidforum 2.20 - Cross-Site Scripting
|
|
2018-10-11
|
|
VLC Media Player 2.2.8 MKV Use-After-Free Exploit
|
|
2018-10-11
|
|
DELL EMC OneFS Storage Administration 8.1.2.0 .zshrc Overwrite Exploit
|
|
2018-10-11
|
|
WhatsApp - RTP Processing Heap Corruption Exploit
|
|
2018-10-10
|
|
MicroTik RouterOS < 6.43rc3 - Remote Root Exploit
|
|
2018-10-10
|
|
XMeye P2P Cloud Remote Code Execution / Integrity Issues Vulnerabilities
|
|
2018-10-10
|
|
jQuery-File-Upload 9.22.0 Arbitrary File Upload Vulnerability
|
|
2018-10-10
|
|
NPLUG Wireless Repeater 1.0.0.14 CSRF / XSS / Authentication Bypass Vulnerabilities
|
|
2018-10-10
|
|
Responsive Filemanager 9.8.1 Authentication Bypass Vulnerability
|
|
2018-10-10
|
|
Responsive Filemanager 9.8.1 Cross Site Scripting Vulnerability
|
|
2018-10-10
|
|
Sitepress Multilingual 3.6.3 Cross Site Scripting Vulnerability
|
|
2018-10-10
|
|
Ektron CMS 9.20 SP2 - Improper Access Restrictions Vulnerability
|
|
2018-10-10
|
|
FileZilla 3.33 - Buffer Overflow Exploit
|
|
2018-10-10
|
|
WhatsApp - RTP Processing Heap Corruption
|
|
2018-10-10
|
|
FLIR Systems FLIR Thermal Traffic Cameras Websocket Device Manipulation Exploit
|
|
2018-10-10
|
|
ghostscript - executeonly Bypass with errorhandler Setup Exploit
|
|
2018-10-10
|
|
Free MP3 CD Ripper 2.8 - .wma Buffer Overflow (SEH) (DEP Bypass) Exploit
|
|
2018-10-10
|
|
Microsoft Edge Chakra JIT - Type Confusion Exploit
|
|
2018-10-10
|
|
Microsoft Edge Chakra JIT - BailOutOnInvalidatedArrayHeadSegment Check Bypass Exploit
|
|
2018-10-10
|
|
MicroTik RouterOS < 6.43rc3 - Remote Root
|
CVE-2018-14847
|
2018-10-10
|
|
Ektron CMS 9.20 SP2 - Improper Access Restrictions
|
CVE-2018-12596
|
2018-10-10
|
|
FileZilla 3.33 - Buffer Overflow (PoC)
|
|
2018-10-10
|
|
Virtualmin 6.03 Multiple Vulnerabilities
|
|
2018-10-10
|
|
ifwatchd - Privilege Escalation (Metasploit)
|
CVE-2014-2533
|
2018-10-09
|
|
Delta Electronics Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow (Metasploit)
|
CVE-2018-10594
|
2018-10-09
|
|
ghostscript - executeonly Bypass with errorhandler Setup
|
CVE-2018-17961
|
2018-10-09
|
|
Microsoft Edge Chakra JIT - Type Confusion
|
CVE-2018-8467
|
2018-10-09
|
|
Microsoft Edge Chakra JIT - 'BailOutOnInvalidatedArrayHeadSegment' Check Bypass
|
CVE-2018-8466
|
2018-10-09
|
|
net-snmp 5.7.3 - Denial of Service
|
CVE-2015-5621
|
2018-10-09
|
|
Wikidforum 2.20 - 'message_id' SQL Injection
|
|
2018-10-09
|
|
Delta Electronics Delta Industrial Automation COMMGR 1.08 Stack Buffer Overflow Exploit
|
|
2018-10-09
|
|
ifwatchd Privilege Escalation Exploit
|
|
2018-10-09
|
|
Seqrite End Point Security 7.4 - Privilege Escalation
|
CVE-2018-17775
|
2018-10-09
|
|
Free MP3 CD Ripper 2.8 - '.wma' Buffer Overflow (SEH) (DEP Bypass)
|
|
2018-10-09
|
|
Wikidforum 2.20 - 'select_sort' SQL Injection
|
|
2018-10-09
|
|
360 3.5.0.1033 - Sandbox Escape Exploit
|
|
2018-10-09
|
|
Wikidforum 2.20 Multiple SQL Injection Vulnerability
|
|
2018-10-09
|
|
Navigate CMS - Unauthenticated Remote Code Execution Exploit
|
|
2018-10-09
|
|
Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 bytes)
|
|
2018-10-09
|
|
Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode (181 bytes)
|
|
2018-10-09
|
|
Linux Kernel - Pointer Leak via BPF Exploit
|
|
2018-10-09
|
|
Linux Kernel < 4.11.8 - mq_notify: double sock_put() Local Privilege Escalation
|
|
2018-10-09
|
|
Cisco Prime Infrastructure - Unauthenticated Remote Code Execution Exploit
|
|
2018-10-08
|
|
Android - sdcardfs Changes current->fs Without Proper Locking Exploit
|
|
2018-10-08
|
|
Git Submodule - Arbitrary Code Execution Vulnerability
|
|
2018-10-08
|
|
Imperva SecureSphere 13 - Remote Command Execution Exploit
|
|
2018-10-08
|
|
net-snmp 5.7.3 - Unauthenticated Denial of Service Exploit
|
|
2018-10-08
|
|
net-snmp 5.7.3 - Authenticated Denial of Service Exploit
|
|
2018-10-08
|
|
Microsoft Windows - Net-NTLMv2 Reflection DCOM/RPC (Metasploit)
|
CVE-2016-3225
|
2018-10-08
|
|
Navigate CMS - Unauthenticated Remote Code Execution (Metasploit)
|
CVE-2018-17552
|
2018-10-08
|
|
Zahir Enterprise Plus 6 - Stack Buffer Overflow (Metasploit)
|
CVE-2018-17408
|
2018-10-08
|
|
Unitrends UEB - HTTP API Remote Code Execution (Metasploit)
|
CVE-2017-12478
|
2018-10-08
|
|
Android - sdcardfs Changes current->fs Without Proper Locking
|
CVE-2018-9515
|
2018-10-08
|
|
Linux - Kernel Pointer Leak via BPF
|
|
2018-10-08
|
|
Cisco Prime Infrastructure - Unauthenticated Remote Code Execution
|
CVE-2018-15379
|
2018-10-08
|
|
A Red Teamer’s guide to pivoting
|
|
2018-10-08
|
|
Linux Kernel < 4.11.8 - 'mq_notify: double sock_put()' Local Privilege Escalation
|
CVE-2017-11176
|
2018-10-08
|
|
Git Submodule - Arbitrary Code Execution
|
CVE-2018-17456
|
2018-10-08
|
|
net-snmp 5.7.3 - Authenticated Denial of Service (PoC)
|
|
2018-10-08
|
|
net-snmp 5.7.3 - Unauthenticated Denial of Service (PoC)
|
|
2018-10-08
|
|
Imperva SecureSphere 13 - Remote Command Execution
|
|
2018-10-08
|
|
Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode (181 bytes)
|
|
2018-10-08
|
|
360 3.5.0.1033 - Sandbox Escape
|
|
2018-10-08
|
|
FLIR Thermal Traffic Cameras 1.01-0bb5b27 - Information Disclosure
|
|
2018-10-08
|
|
Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 bytes)
|
|
2018-10-08
|
|
FLIR Thermal Traffic Cameras 1.01-0bb5b27 - RTSP Stream Disclosure Vulnerability
|
|
2018-10-07
|
|
Chamilo LMS 1.11.8 - firstname Cross-Site Scripting Vulnerability
|
|
2018-10-07
|
|
FLIR Thermal Traffic Cameras 1.01-0bb5b27 - RTSP Stream Disclosure
|
|
2018-10-06
|
|
Chamilo LMS 1.11.8 - 'firstname' Cross-Site Scripting
|
|
2018-10-06
|
|
Chrome OS /sbin/crash_reporter Symlink Traversal Vulnerability
|
|
2018-10-06
|
|
Windows Net-NTLMv2 Reflection DCOM/RPC Exploit
|
|
2018-10-06
|
|
Unitrends UEB HTTP API Remote Code Execution Exploit
|
|
2018-10-06
|
|
Claromentis Discuss 1.2.1 Cross Site Scripting Vulnerability
|
|
2018-10-06
|
|
Chamilo LMS 1.11.8 - Cross-Site Scripting Vulnerability
|
|
2018-10-06
|
|
Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Request Forgery (Add Admin) Vulnerabilities
|
|
2018-10-06
|
|
Easy File Sharing Web Server 7.2 - Domain Name Buffer Overflow Exploit
|
|
2018-10-06
|
|
Chamilo LMS 1.11.8 - Cross-Site Scripting
|
|
2018-10-05
|
|
ISPConfig < 3.1.13 - Remote Command Execution
|
|
2018-10-05
|
|
D-Link Central WiFiManager Software Controller 1.03 - Multiple Vulnerabilities
|
CVE-2018-17440
|
2018-10-05
|
|
Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Request Forgery (Add Admin)
|
|
2018-10-05
|
|
ISPConfig Remote Command Execution Exploit
|
|
2018-10-05
|
|
DLink Central WiFiManager Software Controller Code Execution / XSS Exploit
|
|
2018-10-05
|
|
WordPress Pie Register 3.0.15 Cross Site Scripting Vulnerability
|
|
2018-10-05
|
|
Photo #Nettoyeur 1.4.5 Insecure File Permission Vulnerability
|
|
2018-10-05
|
|
Billion ADSL Router 400G 20151105641 - Cross-Site Scripting Vulnerability
|
|
2018-10-05
|
|
WUZHICMS 2.0 - Cross-Site Scripting Vulnerability
|
|
2018-10-05
|
|
Coaster CMS 5.5.0 - Cross-Site Scripting Vulnerability
|
|
2018-10-05
|
|
OPAC EasyWeb Five 5.7 - biblio SQL Injection Vulnerability
|
|
2018-10-05
|
|
OPAC EasyWeb Five 5.7 - nome SQL Injection Vulnerability
|
|
2018-10-05
|
|
Linux Kernel 2.6.x / 3.10.x / 4.14.x (x64) - Mutagen Astronomy Local Privilege Escalation Exploit
|
|
2018-10-05
|
|
Linux/x64 - Execute /bin/nc -lvp 9090 Shellcode (60 bytes)
|
|
2018-10-05
|
|
Flippa Marketplace Clone 1.0 - date_started SQL Injection Vulnerability
|
|
2018-10-05
|
|
Education Website 1.0 - subject SQL Injection Vulnerability
|
|
2018-10-05
|
|
Binary MLM Software 1.0 - pid SQL Injection Vulnerability
|
|
2018-10-05
|
|
Singleleg MLM Software 1.0 - msg_id SQL Injection Vulnerability
|
|
2018-10-05
|
|
Hotel Booking Engine 1.0 - h_room_type SQL Injection Vulnerability
|
|
2018-10-05
|
|
Linux/x64 - execve ("/bin/bash") Shellcode (27 bytes)
|
|
2018-10-05
|
|
Fork CMS 5.4.0 - Cross-Site Scripting Vulnerability
|
|
2018-10-05
|
|
H2 Database 1.4.196 - Remote Code Execution Exploit
|
|
2018-10-05
|
|
Zahir Enterprise Plus 6 build 10b - Buffer Overflow (SEH) Exploit
|
|
2018-10-05
|
|
Snes9K 0.0.9z - Denial of Service (PoC) Exploit
|
|
2018-10-05
|
|
Linux/x64 - execve ("/bin/sh") Shellcode (24 bytes)
|
|
2018-10-05
|
|
Airties AIR5750 1.0.0.18 Cross Site Scripting Vulnerability
|
|
2018-10-05
|
|
Airties AIR5650 1.0.0.18 Cross Site Scripting Vulnerability
|
|
2018-10-05
|
|
Airties AIR5453 1.0.0.18 Cross Site Scripting Vulnerability
|
|
2018-10-05
|
|
Airties AIR5443v2 1.0.0.18 Cross Site Scripting Vulnerability
|
|
2018-10-05
|
|
Airties AIR5442 1.0.0.18 Cross Site Scripting Vulnerability
|
|
2018-10-05
|
|
Airties AIR5343v2 1.0.0.18 Cross Site Scripting Vulnerability
|
|
2018-10-05
|
|
Airties AIR5021 1.0.0.18 Cross Site Scripting Vulnerability
|
|
2018-10-05
|
|
ManageEngine AssetExplorer 6.2.0 Cross Site Scripting Vulnerability
|
|
2018-10-05
|
|
Intel Extreme Tuning Utility 6.4.1.23 Code Execution / Privilege Escalation Vulnerabilities
|
|
2018-10-05
|
|
AppArmor Filesystem Blacklisting Bypass Vulnerability
|
|
2018-10-05
|
|
Seqrite End Point Security 7.4 Privilege Escalation Vulnerability
|
|
2018-10-05
|
|
Skype On Debian Microsoft Apt Repo Addition Vulnerability
|
|
2018-10-05
|
|
Microsoft Edge - Sandbox Escape Exploit
|
|
2018-10-05
|
|
PCProtect 4.8.35 - Privilege Escalation Vulnerability
|
|
2018-10-05
|
|
WebKit - WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded
|
|
2018-10-05
|
|
WebKit - WebCore::SVGTextLayoutAttributes::context Use-After-Free Exploit
|
|
2018-10-05
|
|
WebKit - WebCore::RenderLayer::updateDescendantDependentFlags Use-After-Free Exploit
|
|
2018-10-05
|
|
WebKit - WebCore::SVGTRefElement::updateReferencedText Use-After-Free Exploit
|
|
2018-10-05
|
|
WebKit - WebCore::RenderMultiColumnSet::updateMinimumColumnHeight Use-After-Free Exploit
|
|
2018-10-05
|
|
WebKit - WebCore::InlineTextBox::paint Out-of-Bounds Read Exploit
|
|
2018-10-05
|
|
NICO-FTP 3.0.1.19 - Buffer Overflow (SEH)(ASLR) Exploit
|
|
2018-10-05
|
|
Linux/x86 - execve(/bin/sh) + NOT +SHIFT-N+ XOR-N Encoded Shellcode (50 bytes)
|
|
2018-10-05
|
|
virtualenv 16.0.0 - Sandbox Escape Vulnerability
|
|
2018-10-05
|
|
LayerBB Forum 1.1.1 - search_query SQL Injection Vulnerability
|
|
2018-10-05
|
|
FTP Voyager 16.2.0 - Denial of Service Exploit
|
|
2018-10-05
|
|
Airties AIR5342 1.0.0.18 - Cross-Site Scripting Vulnerability
|
|
2018-10-05
|
|
RICOH MP C1803 JPN Printer - Cross-Site Scripting Vulnerability
|
|
2018-10-05
|
|
PTC ThingWorx Password Disclosure / Cross Site Scripting Vulnerabilities
|
|
2018-10-05
|
|
Joomla Jimtawl 2.2.7 Component - id SQL Injection Vulnerability
|
|
2018-10-05
|
|
Zechat 1.5 - uname SQL Injection Vulnerability
|
|
2018-10-05
|
|
Wikindx 5.3.2 Multiple Cross-Site Scripting Vulnerability
|
|
2018-10-05
|
|
WebKit - WebCore::Node::ensureRareData Use-After-Free Exploit
|
|
2018-10-05
|
|
WebKit - WebCore::AXObjectCache::handleMenuItemSelected Use-After-Free Exploit
|
|
2018-10-05
|
|
WebKit - WebCore::SVGAnimateElementBase::resetAnimatedType Use-After-Free Exploit
|
|
2018-10-05
|
|
WordPress WebARX Website Firewall 4.9.8 XSS / Bypass Vulnerabilities
|
|
2018-10-05
|
|
WordPress Breadcrumb NavXT 6.1.0 Username Disclosure
|
|
2018-10-05
|
|
NICO-FTP 3.0.1.19 - Buffer Overflow (SEH)(ASLR)
|
|
2018-10-04
|
|
LayerBB Forum 1.1.1 - 'search_query' SQL Injection
|
|
2018-10-04
|
|
Linux\x86 - (NOT +SHIFT-N+ XOR-N) + encoded (/bin/sh) Shellcode (50 byes)
|
|
2018-10-04
|
|
virtualenv 16.0.0 - Sandbox Escape
|
CVE-2018-17793
|
2018-10-04
|
|
FTP Voyager 16.2.0 - Denial of Service (PoC)
|
|
2018-10-03
|
|
RICOH MP C1803 JPN Printer - Cross-Site Scripting
|
CVE-2018-17310
|
2018-10-03
|
|
Airties AIR5342 1.0.0.18 - Cross-Site Scripting
|
CVE-2018-17587
|
2018-10-03
|
|
Joomla! Component Jimtawl 2.2.7 - 'id' SQL Injection
|
|
2018-10-03
|
|
Zechat 1.5 - 'uname' SQL Injection
|
|
2018-10-03
|
|
OPAC EasyWeb Five 5.7 - 'nome' SQL Injection
|
|
2018-10-02
|
|
Coaster CMS 5.5.0 - Cross-Site Scripting
|
|
2018-10-02
|
|
OPAC EasyWeb Five 5.7 - 'biblio' SQL Injection
|
|
2018-10-02
|
|
Phrack: Twenty years of Escaping the Java Sandbox (Ieu Eauvidoum & disk noise)
|
|
2018-10-01
|
|
Linux Kernel 2.6.x / 3.10.x / 4.14.x (RedHat / Debian / CentOS) (x64) - 'Mutagen Astronomy' Local Privilege Escalation
|
CVE-2018-14634
|
2018-10-01
|
|
Billion ADSL Router 400G 20151105641 - Cross-Site Scripting
|
|
2018-10-01
|
|
WUZHICMS 2.0 - Cross-Site Scripting
|
CVE-2018-17832
|
2018-10-01
|
|
Flippa Marketplace Clone 1.0 - 'date_started' SQL Injection
|
|
2018-10-01
|
|
Binary MLM Software 1.0 - 'pid' SQL Injection
|
|
2018-10-01
|
|
Singleleg MLM Software 1.0 - 'msg_id' SQL Injection
|
|
2018-10-01
|
|
Education Website 1.0 - 'subject' SQL Injection
|
|
2018-10-01
|
|
Hotel Booking Engine 1.0 - 'h_room_type' SQL Injection
|
|
2018-10-01
|
|
Fork CMS 5.4.0 - Cross-Site Scripting
|
|
2018-10-01
|
|
ManageEngine AssetExplorer 6.2.0 - Cross-Site Scripting
|
|
2018-10-01
|
|
H2 Database 1.4.196 - Remote Code Execution
|
|
2018-10-01
|
|
Zahir Enterprise Plus 6 build 10b - Buffer Overflow (SEH)
|
|
2018-10-01
|
|
Snes9K 0.0.9z - Denial of Service (PoC)
|
|
2018-10-01
|
|
Microsoft Edge - Sandbox Escape
|
CVE-2018-8463
|
2018-09-28
|
|
PCProtect 4.8.35 - Privilege Escalation
|
|
2018-09-28
|
|
Rausoft ID.prove 2.95 - Username SQL injection Vulnerability
|
|
2018-09-27
|
|
Citrix StorageZones Controller Improper Access Restrictions / Traversal Exploit
|
|
2018-09-27
|
|
WordPress WP Insert 2.4.2 Arbitrary File Upload Vulnerability
|
|
2018-09-27
|
|
ManageEngine Desktop Central 10.0.271 - Cross-Site Scripting Vulnerability
|
|
2018-09-27
|
|
iWay Data Quality Suite Web Console 10.6.1.ga - XML External Entity Injection Vulnerability
|
|
2018-09-27
|
|
EE 4GEE Mini EE40_00_02.00_44 - Privilege Escalation
|
|
2018-09-27
|
|
Rausoft ID.prove 2.95 - 'Username' SQL injection
|
|
2018-09-27
|
|
ManageEngine Desktop Central 10.0.271 - Cross-Site Scripting
|
|
2018-09-27
|
|
iWay Data Quality Suite Web Console 10.6.1.ga - XML External Entity Injection
|
|
2018-09-27
|
|
CrossFont 7.5 - Denial of Service Exploit
|
|
2018-09-26
|
|
TransMac 12.2 - Denial of Service Exploit
|
|
2018-09-26
|
|
Linux/ARM - Bind (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free #Shellcode (92 Bytes)
|
|
2018-09-26
|
|
Linux - #VMA Use-After-Free via Buggy vmacache_flush_all() Fastpath Exploit
|
|
2018-09-26
|
|
Joomla Responsive Portfolio 1.6.1 Component - filter_order_Dir SQL Injection Vulnerability
|
|
2018-09-26
|
|
Joomla Timetable Schedule 3.6.8 Component - SQL Injection Vulnerability
|
|
2018-09-26
|
|
Linux - VMA Use-After-Free via Buggy vmacache_flush_all() Fastpath
|
CVE-2018-17182
|
2018-09-26
|
|
Linux/ARM - Bind (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (92 Bytes)
|
|
2018-09-26
|
|
CrossFont 7.5 - Denial of Service (PoC)
|
|
2018-09-26
|
|
TransMac 12.2 - Denial of Service (PoC)
|
|
2018-09-26
|
|
Faleemi Desktop Software 1.8.2 - 'Device alias' Local Buffer Overflow (SEH)
|
|
2018-09-25
|
|
Joomla eXtroForms 2.1.5 Component - filter_type_id SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Music Collection 3.0.3 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Raffle Factory 3.5.2 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Dutch Auction Factory 2.0.2 Component - filter_order_Dir SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Article Factory Manager 4.3.9 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla AlphaIndex Dictionaries 1.0 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Reverse Auction Factory 4.3.8 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Collection Factory 4.1.9 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Swap Factory 2.2.1 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Social Factory 3.8.3 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Jobs Factory 2.0.4 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Questions 1.4.3 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Joomla Penny Auction Factory 2.0.4 Component - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Super Cms Blog Pro 1.0 - SQL Injection Vulnerability
|
|
2018-09-25
|
|
Easy PhoroResQ 1.0 - Buffer Overflow Exploit
|
|
2018-09-25
|
|
Joomla! Component Responsive Portfolio 1.6.1 - 'filter_order_Dir' SQL Injection
|
|
2018-09-25
|
|
RICOH MP C406Z Printer - Cross-Site Scripting
|
|
2018-09-25
|
|
WebKit - 'WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded' Use-After-Free
|
CVE-2018-4197
|
2018-09-25
|
|
WebKit - 'WebCore::SVGTextLayoutAttributes::context' Use-After-Free
|
CVE-2018-4318
|
2018-09-25
|
|
RICOH MP 305+ Printer - Cross-Site Scripting
|
|
2018-09-25
|
|
WebKit - 'WebCore::RenderLayer::updateDescendantDependentFlags' Use-After-Free
|
CVE-2018-4317
|
2018-09-25
|
|
WebKit - 'WebCore::SVGTRefElement::updateReferencedText' Use-After-Free
|
CVE-2018-4315
|
2018-09-25
|
|
WebKit - 'WebCore::RenderMultiColumnSet::updateMinimumColumnHeight' Use-After-Free
|
CVE-2018-4323
|
2018-09-25
|
|
WebKit - 'WebCore::InlineTextBox::paint' Out-of-Bounds Read
|
CVE-2018-4328
|
2018-09-25
|
|
WebKit - 'WebCore::Node::ensureRareData' Use-After-Free
|
CVE-2018-4306
|
2018-09-25
|
|
WebKit - 'WebCore::AXObjectCache::handleMenuItemSelected' Use-After-Free
|
CVE-2018-4312
|
2018-09-25
|
|
WebKit - 'WebCore::SVGAnimateElementBase::resetAnimatedType' Use-After-Free
|
CVE-2018-4314
|
2018-09-25
|
|
Solaris - 'EXTREMEPARR' dtappgather Privilege Escalation (Metasploit)
|
CVE-2017-3622
|
2018-09-25
|
|
Joomla! Component Timetable Schedule 3.6.8 - SQL Injection
|
CVE-2018-17394
|
2018-09-25
|
|
Joomla! Component Article Factory Manager 4.3.9 - SQL Injection
|
CVE-2018-17380
|
2018-09-25
|
|
Joomla! Component AlphaIndex Dictionaries 1.0 - SQL Injection
|
CVE-2018-17397
|
2018-09-25
|
|
Joomla! Component Reverse Auction Factory 4.3.8 - SQL Injection
|
CVE-2018-17376
|
2018-09-25
|
|
Joomla! Component Collection Factory 4.1.9 - SQL Injection
|
CVE-2018-17383
|
2018-09-25
|
|
Joomla! Component Swap Factory 2.2.1 - SQL Injection
|
CVE-2018-17384
|
2018-09-25
|
|
Joomla Component eXtroForms 2.1.5 - 'filter_type_id' SQL Injection
|
|
2018-09-25
|
|
RICOH MP C6503 Plus Printer - Cross-Site Scripting
|
|
2018-09-25
|
|
Joomla! Component Social Factory 3.8.3 - SQL Injection
|
CVE-2018-17385
|
2018-09-25
|
|
Joomla! Component Jobs Factory 2.0.4 - SQL Injection
|
CVE-2018-17382
|
2018-09-25
|
|
Joomla! Component Questions 1.4.3 - SQL Injection
|
CVE-2018-17377
|
2018-09-25
|
|
Easy PhoroResQ 1.0 - Buffer Overflow
|
|
2018-09-25
|
|
Joomla! Component Penny Auction Factory 2.0.4 - SQL Injection
|
CVE-2018-17378
|
2018-09-25
|
|
Joomla! Component Music Collection 3.0.3 - SQL Injection
|
CVE-2018-17375
|
2018-09-25
|
|
Joomla! Component Raffle Factory 3.5.2 - SQL Injection
|
CVE-2018-17379
|
2018-09-25
|
|
Super Cms Blog Pro 1.0 - SQL Injection
|
CVE-2018-17391
|
2018-09-25
|
|
Joomla! Component Dutch Auction Factory 2.0.2 - 'filter_order_Dir' SQL Injection
|
|
2018-09-25
|
|
RICOH MP C2003 Printer - Cross-Site Scripting
|
|
2018-09-25
|
|
RICOH MP C307 Printer Cross Site Scripting Vulnerability
|
|
2018-09-25
|
|
RICOH MP 305+ Printer Cross Site Scripting Vulnerability
|
|
2018-09-25
|
|
RICOH MP C6503 Plus Printer Cross Site Scripting Vulnerability
|
|
2018-09-25
|
|
RICOH MP C406Z Printer Cross Site Scripting Vulnerability
|
|
2018-09-25
|
|
RICOH MP C2003 Printer Cross Site Scripting Vulnerability
|
|
2018-09-25
|
|
RICOH MP C1803 JPN Printer Cross Site Scripting Vulnerability
|
|
2018-09-25
|
|
Solaris EXTREMEPARR dtappgather Privilege Escalation Exploit
|
|
2018-09-25
|
|
EE 4GEE Mini Local Privilege Escalation Vulnerability
|
|
2018-09-25
|
|
Postman 6.3.0 Improper Certificate Validation Vulnerability
|
|
2018-09-25
|
|
RICOH MP C6003 Printer - Cross-Site Scripting Vulnerability
|
|
2018-09-24
|
|
RICOH Aficio MP 301 Printer - Cross-Site Scripting Vulnerability
|
|
2018-09-24
|
|
Beyond Remote 2.2.5.3 - Denial of Service Exploit
|
|
2018-09-24
|
|
SoftX FTP Client 3.3 - Denial of Service Exploit
|
|
2018-09-24
|
|
Termite 3.4 - Denial of Service Exploit
|
|
2018-09-24
|
|
Linux/ARM - sigaction() Based Egghunter (PWN!) + execve Shellcode (52 Bytes)
|
|
2018-09-24
|
|
Linux/ARM - Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) Shellcode (28 Bytes)
|
|
2018-09-24
|
|
Joomla Auction Factory 4.5.5 Component - filter_order SQL Injection Vulnerability
|
|
2018-09-24
|
|
RICOH MP C6003 Printer - Cross-Site Scripting
|
|
2018-09-24
|
|
Linux/ARM - sigaction() Based Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) Shellcode (52 Bytes)
|
|
2018-09-24
|
|
Linux/ARM - Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) Shellcode (28 Bytes)
|
|
2018-09-24
|
|
Beyond Remote 2.2.5.3 - Denial of Service (PoC)
|
|
2018-09-24
|
|
Joomla Micro Deal Factory 2.4.0 Component - id SQL Injection Vulnerability
|
|
2018-09-24
|
|
Joomla AMGallery 1.2.3 Component - filter_category_id SQL Injection Exploit
|
|
2018-09-24
|
|
LG SuperSign EZ CMS 2.5 - Remote Code Execution Exploit
|
|
2018-09-24
|
|
Joomla CW Article Attachments 1.0.6 - id SQL Injection Vulnerability
|
|
2018-09-24
|
|
Collectric CMU 1.0 - lang SQL injection Vulnerability
|
|
2018-09-24
|
|
Navigate CMS 2.8 - Cross-Site Scripting Vulnerability
|
|
2018-09-24
|
|
udisks2 2.8.0 - Denial of Service Vulnerability
|
|
2018-09-24
|
|
Antidote 9.5.1 Code Execution Exploit
|
|
2018-09-24
|
|
Microsoft Windows ALPC Task Scheduler Local Privilege Elevation Exploit
|
|
2018-09-24
|
|
Staubli Jacquard Industrial System JC6 Shellshock Vulnerability
|
|
2018-09-24
|
|
WordPress FV Flowplayer 7.2.0.727 Cross Site Scripting Vulnerability
|
|
2018-09-24
|
|
MyBB Visual Editor 1.8.18 Cross Site Scripting Vulnerability
|
|
2018-09-24
|
|
WebRTC - FEC Out-of-Bounds Read Exploit
|
|
2018-09-24
|
|
WebRTC - VP9 Processing Use-After-Free Exploit
|
|
2018-09-24
|
|
mgetty 1.2.0 Buffer Overflow / Privilege Escalation Vulnerabilities
|
|
2018-09-24
|
|
HylaFAX 6.0.6 / 5.6.0 Uninitialized Pointer / Out Of Bounds Write Vulnerabilities
|
|
2018-09-24
|
|
NICO-FTP 3.0.1.19 - Buffer Overflow (SEH) Exploit
|
|
2018-09-24
|
|
Telegram Desktop 1.3.14 denial of service Vulnerability
|
|
2018-09-24
|
|
Linux/x86 - Egghunter + sigaction-based Shellcode (27 bytes)
|
|
2018-09-24
|
|
LimeSurvey 3.14.7 Cross Site Scripting Vulnerability
|
|
2018-09-24
|
|
ManageEngine Desktop Central 10.0.271 Cross Site Scripting Vulnerability
|
|
2018-09-24
|
|
ManageEngine SupportCenter Plus 8.1.0 Cross Site Scripting Vulnerability
|
|
2018-09-24
|
|
LG SuperSign EZ CMS 2.5 - Local File Inclusion Vulnerability
|
|
2018-09-24
|
|
Microsoft Windows - Double Dereference in NtEnumerateKey Elevation of Privilege Exploit
|
|
2018-09-24
|
|
Microsoft Windows - CiSetFileCache WDAC Security Feature Bypass TOCTOU Exploit
|
|
2018-09-24
|
|
WordPress Wechat Broadcast 1.2.0 Plugin - Local File Inclusion Vulnerability
|
|
2018-09-24
|
|
WordPress Localize My Post 1.0 Plugin - Local File Inclusion Vulnerability
|
|
2018-09-24
|
|
Roundcube rcfilters plugin 2.1.6 - Cross-Site Scripting Vulnerability
|
|
2018-09-24
|
|
Western Digital My Cloud Authentication Bypass Vulnerability
|
|
2018-09-24
|
|
Moodle 3.x PHP Unserialize Remote Code Execution Exploit
|
|
2018-09-24
|
|
Solaris libnspr NSPR_LOG_FILE Privilege Escalation Exploit
|
|
2018-09-24
|
|
Faleemi Plus 1.0.2 - Denial of Service Exploit
|
|
2018-09-24
|
|
InfraRecorder 0.53 - (.txt) Denial of Service Exploit
|
|
2018-09-24
|
|
CdBurnerXP 4.5.8.6795 - File Name Denial of Service Exploit
|
|
2018-09-24
|
|
TeamViewer App 13.0.100.0 - Denial of Service Exploit
|
|
2018-09-24
|
|
MediaTek Wirless Utility rt2870 - Denial of Service Exploit
|
|
2018-09-24
|
|
Clone2Go Video to iPod Converter 2.5.0 - Denial of Service Exploit
|
|
2018-09-24
|
|
Apple macOS 10.13.4 - Denial of Service Exploit
|
|
2018-09-24
|
|
Infiltrator Network Security Scanner 4.6 - Denial of Service Exploit
|
|
2018-09-24
|
|
PDF Explorer 1.5.66.2 - Denial of Service Exploit
|
|
2018-09-24
|
|
iCash 7.6.5 - Denial of Service Exploit
|
|
2018-09-24
|
|
PicaJet FX 2.6.5 - Denial of Service Exploit
|
|
2018-09-24
|
|
RoboImport 1.2.0.72 - Denial of Service Exploit
|
|
2018-09-24
|
|
PixGPS 1.1.8 - Denial of Service Exploit
|
|
2018-09-24
|
|
WordPress Arigato Autoresponder And Newsletter 2.5 SQL Injection / XSS Vulnerabilities
|
|
2018-09-24
|
|
Microsoft Edge Chakra PathTypeHandlerBase::SetAttributesHelper Type Confusion Exploit
|
|
2018-09-24
|
|
Microsoft Edge Chakra JIT localeCompare Type Confusion Exploit
|
|
2018-09-24
|
|
Linux/ARM - Jump Back Shellcode + execve("/bin/sh", NULL, NULL) Shellcode (4 Bytes)
|
|
2018-09-24
|
|
Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution Exploit
|
|
2018-09-24
|
|
NUUO NVRMini2 3.8 - cgi_system Buffer Overflow (Enable Telnet) Exploit
|
|
2018-09-24
|
|
CA Release Automation NiMi 6.5 - Remote Command Execution Exploit
|
|
2018-09-24
|
|
jiNa OCR Image to Text 1.0 - Denial of Service Exploit
|
|
2018-09-24
|
|
XAMPP Control Panel 3.2.2 - Denial of Service Exploit
|
|
2018-09-24
|
|
Notebook Pro 2.0 - Denial Of Service Exploit
|
|
2018-09-24
|
|
Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Scripting Vulnerability
|
|
2018-09-24
|
|
Joomla! Component Auction Factory 4.5.5 - 'filter_order' SQL Injection
|
|
2018-09-24
|
|
SoftX FTP Client 3.3 - Denial of Service (PoC)
|
|
2018-09-24
|
|
RICOH Aficio MP 301 Printer - Cross-Site Scripting
|
|
2018-09-24
|
|
Termite 3.4 - Denial of Service (PoC)
|
|
2018-09-24
|
|
Joomla! Component Micro Deal Factory 2.4.0 - 'id' SQL Injection
|
|
2018-09-24
|
|
Joomla! Component AMGallery 1.2.3 - 'filter_category_id' SQL Injection
|
|
2018-09-24
|
|
udisks2 2.8.0 - Denial of Service (PoC)
|
|
2018-09-24
|
|
MyBB Visual Editor 1.8.18 - Cross-Site Scripting
|
CVE-2018-17128
|
2018-09-24
|
|
LG SuperSign EZ CMS 2.5 - Remote Code Execution
|
CVE-2018-17173
|
2018-09-24
|
|
Joomla! CW Article Attachments 1.0.6 - 'id' SQL Injection
|
CVE-2018-14592
|
2018-09-24
|
|
Collectric CMU 1.0 - 'lang' SQL injection
|
|
2018-09-24
|
|
Navigate CMS 2.8 - Cross-Site Scripting
|
CVE-2018-17255
|
2018-09-24
|
|
WebRTC - FEC Out-of-Bounds Read
|
CVE-2018-16083
|
2018-09-21
|
|
WebRTC - VP9 Processing Use-After-Free
|
CVE-2018-16071
|
2018-09-21
|
|
NICO-FTP 3.0.1.19 - Buffer Overflow (SEH)
|
|
2018-09-20
|
|
Linux/x86 - Egghunter + sigaction-based Shellcode (27 bytes)
|
|
2018-09-20
|
|
LG SuperSign EZ CMS 2.5 - Local File Inclusion
|
CVE-2018-16288
|
2018-09-19
|
|
WordPress Plugin Localize My Post 1.0 - Local File Inclusion
|
|
2018-09-19
|
|
WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion
|
|
2018-09-19
|
|
Roundcube rcfilters plugin 2.1.6 - Cross-Site Scripting
|
CVE-2018-16736
|
2018-09-19
|
|
Microsoft Windows - Double Dereference in NtEnumerateKey Elevation of Privilege
|
CVE-2018-8410
|
2018-09-19
|
|
Microsoft Windows - 'CiSetFileCache' WDAC Security Feature Bypass TOCTOU
|
CVE-2018-8449
|
2018-09-19
|
|
WordPress Plugin Arigato Autoresponder and Newsletter 2.5 - Blind SQL Injection / Reflected Cross-Site Scripting
|
CVE-2018-1002000
|
2018-09-18
|
|
Solaris - libnspr NSPR_LOG_FILE Privilege Escalation (Metasploit)
|
CVE-2006-4842
|
2018-09-18
|
|
Microsoft Edge Chakra JIT - 'localeCompare' Type Confusion
|
CVE-2018-8355
|
2018-09-18
|
|
Microsoft Edge Chakra - 'PathTypeHandlerBase::SetAttributesHelper' Type Confusion
|
CVE-2018-8384
|
2018-09-18
|
|
Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution
|
|
2018-09-18
|
|
NUUO NVRMini2 3.8 - 'cgi_system' Buffer Overflow (Enable Telnet)
|
|
2018-09-18
|
|
Linux/ARM - Jump Back Shellcode + execve("/bin/sh", NULL, NULL) Shellcode (4 Bytes)
|
|
2018-09-18
|
|
Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service Exploit
|
|
2018-09-17
|
|
Joomla JCK Editor 6.4.4 Component - parent SQL Injection Vulnerability
|
|
2018-09-17
|
|
CA Release Automation NiMi 6.5 - Remote Command Execution
|
|
2018-09-17
|
|
Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service (PoC)
|
|
2018-09-17
|
|
Joomla Component JCK Editor 6.4.4 - 'parent' SQL Injection
|
|
2018-09-17
|
|
Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Scripting
|
|
2018-09-17
|
|
Oracle VirtualBox Manager 5.2.18 r124319 - Name Attribute Denial of Service Exploit
|
|
2018-09-17
|
|
Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service (PoC)
|
|
2018-09-17
|
|
Notebook Pro 2.0 - Denial Of Service (PoC)
|
|
2018-09-17
|
|
XAMPP Control Panel 3.2.2 - Denial of Service (PoC)
|
|
2018-09-17
|
|
Socusoft Photo to Video Converter 8.07 - Registration Name Buffer Overflow Exploit
|
|
2018-09-16
|
|
Free MP3 CD Ripper 2.6 - .mp3 Buffer Overflow (SEH) Exploit
|
|
2018-09-16
|
|
Faleemi Desktop Software 1.8.2 - SavePath for ScreenShots Buffer Overflow (SEH) Exploit
|
|
2018-09-16
|
|
STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation Exploit
|
|
2018-09-16
|
|
InduSoft Web Studio 8.1 SP1 - Tag Name Buffer Overflow (SEH) Exploit
|
|
2018-09-16
|
|
Android (zygote->init;) Chain from USB Privilege Escalation Exploit
|
|
2018-09-16
|
|
LG Smart IP Camera 1508190 - Backup File Download Exploit
|
|
2018-09-16
|
|
SynaMan 4.0 build 1488 - SMTP Credential Disclosure Vulnerability
|
|
2018-09-16
|
|
SynaMan 4.0 build 1488 - Authenticated Cross-Site Scripting Vulnerability
|
|
2018-09-16
|
|
Rubedo CMS 3.4.0 - Directory Traversal Vulnerability
|
|
2018-09-16
|
|
CirCarLife SCADA 4.3.0 - Credential Disclosure Exploit
|
|
2018-09-16
|
|
Linux/x86 - Random Bytewise XOR + Insertion Encoder Shellcode (54 bytes)
|
|
2018-09-16
|
|
Linux/x86 - File Modification(/etc/hosts) Polymorphic Shellcode (99 bytes)
|
|
2018-09-16
|
|
Linux/x86 - Read File (/etc/passwd) MSF Optimized Shellcode (61 bytes)
|
|
2018-09-16
|
|
IBM Identity Governance and Intelligence 5.2.3.2 / 5.2.4 - SQL Injection Vulnerability
|
|
2018-09-16
|
|
MyBB 1.8.17 - Cross-Site Scripting Vulnerability
|
|
2018-09-16
|
|
Apache Portals Pluto 3.0.0 - Remote Code Execution Exploit
|
|
2018-09-16
|
|
Apache Syncope 2.0.7 Remote Code Execution Exploit
|
|
2018-09-15
|
|
Wordpress Survey & Poll 1.5.7.3 Plugin - sss_params SQL Injection Vulnerability
|
|
2018-09-15
|
|
Watchguard AP100 AP102 AP200 1.2.9.15 - Remote Code Execution Exploit
|
|
2018-09-15
|
|
Linux/x86 - Random Bytewise XOR + Insertion Encoder Shellcode (54 bytes)
|
|
2018-09-14
|
|
Linux/86 - File Modification(/etc/hosts) Polymorphic Shellcode (99 bytes)
|
|
2018-09-14
|
|
Linux/x86 - Read File (/etc/passwd) MSF Optimized Shellcode (61 bytes)
|
|
2018-09-14
|
|
Linux/x86 - Add User(r00t/blank) Polymorphic Shellcode (103 bytes)
|
|
2018-09-14
|
|
Faleemi Plus 1.0.2 - Denial of Service (PoC)
|
|
2018-09-14
|
|
InfraRecorder 0.53 - '.txt' Denial of Service (PoC)
|
|
2018-09-14
|
|
Free MP3 CD Ripper 2.6 - '.wma' Local Buffer Overflow (SEH)
|
|
2018-09-14
|
|
Wordpress Plugin Survey & Poll 1.5.7.3 - 'sss_params' SQL Injection
|
|
2018-09-14
|
|
CdBurnerXP 4.5.8.6795 - 'File Name' Denial of Service (PoC)
|
|
2018-09-14
|
|
Watchguard AP100 AP102 AP200 1.2.9.15 - Remote Code Execution (Metasploit)
|
|
2018-09-14
|
|
Chrome OS 10820.0.0 dev-channel - app->VM via garcon TCP Command Socket
|
|
2018-09-13
|
|
Socusoft Photo to Video Converter 8.07 - 'Registration Name' Buffer Overflow
|
|
2018-09-13
|
|
Linux 4.18 - Arbitrary Kernel Read into dmesg via Missing Address Check in segfault Handler
|
|
2018-09-13
|
|
TeamViewer App 13.0.100.0 - Denial of Service (PoC)
|
|
2018-09-13
|
|
Free MP3 CD Ripper 2.6 - '.mp3' Buffer Overflow (SEH)
|
|
2018-09-13
|
|
Faleemi Desktop Software 1.8.2 - 'SavePath for ScreenShots' Buffer Overflow (SEH)
|
|
2018-09-13
|
|
STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation
|
|
2018-09-13
|
|
Apache Syncope 2.0.7 - Remote Code Execution
|
CVE-2018-1321
|
2018-09-13
|
|
CloudMe 1.5.6 - Buffer Overflow
|
|
2018-09-13
|
|
MediaTek Wirless Utility rt2870 - Denial of Service (PoC)
|
|
2018-09-13
|
|
Clone2Go Video to iPod Converter 2.5.0 - Denial of Service (PoC)
|
|
2018-09-13
|
|
Apache Portals Pluto 3.0.0 - Remote Code Execution
|
CVE-2018-1306
|
2018-09-13
|
|
InduSoft Web Studio 8.1 SP1 - 'Tag Name' Buffer Overflow (SEH)
|
|
2018-09-13
|
|
LG Smart IP Camera 1508190 - Backup File Download
|
CVE-2018-16946
|
2018-09-12
|
|
MyBB 1.8.17 - Cross-Site Scripting
|
CVE-2018-15596
|
2018-09-12
|
|
IBM Identity Governance and Intelligence 5.2.3.2 / 5.2.4 - SQL Injection
|
CVE-2018-1756
|
2018-09-12
|
|
Apple macOS 10.13.4 - Denial of Service (PoC)
|
CVE-2018-4240
|
2018-09-12
|
|
Infiltrator Network Security Scanner 4.6 - Denial of Service (PoC)
|
|
2018-09-12
|
|
PDF Explorer 1.5.66.2 - Denial of Service (PoC)
|
|
2018-09-12
|
|
iCash 7.6.5 - Denial of Service (PoC)
|
|
2018-09-12
|
|
SynaMan 4.0 build 1488 - SMTP Credential Disclosure
|
CVE-2018-10814
|
2018-09-12
|
|
SynaMan 4.0 build 1488 - Authenticated Cross-Site Scripting (XSS)
|
CVE-2018-10763
|
2018-09-12
|
|
Rubedo CMS 3.4.0 - Directory Traversal
|
CVE-2018-16836
|
2018-09-12
|
|
CirCarLife SCADA 4.3.0 - Credential Disclosure
|
CVE-2018-12634
|
2018-09-12
|
|
PicaJet FX 2.6.5 - Denial of Service (PoC)
|
|
2018-09-12
|
|
RoboImport 1.2.0.72 - Denial of Service (PoC)
|
|
2018-09-12
|
|
PixGPS 1.1.8 - Denial of Service (PoC)
|
|
2018-09-12
|
|
jiNa OCR Image to Text 1.0 - Denial of Service (PoC)
|
|
2018-09-12
|
|
Android - 'zygote->init;' Chain from USB Privilege Escalation
|
CVE-2018-9488
|
2018-09-11
|
|
HTML5 Video Player 1.2.5 - Denial of Service Exploit
|
|
2018-09-11
|
|
InTouch Machine Edition 8.1 SP1 - Nombre del Tag Buffer Overflow (SEH) Exploit
|
|
2018-09-11
|
|
InTouch Machine Edition 8.1 SP1 - 'Nombre del Tag' Buffer Overflow (SEH)
|
|
2018-09-11
|
|
Sony PlayStation Vita 3.65 / 3.67 / 3.68 - 'h-encore' kernel and user modifications
|
|
2018-09-11
|
|
HTML5 Video Player 1.2.5 - Denial of Service (PoC)
|
|
2018-09-11
|
|
Bayanno Hospital Management System 4.0 - Cross-Site Scripting Vulnerability
|
|
2018-09-11
|
|
Bayanno Hospital Management System 4.0 - Cross-Site Scripting
|
|
2018-09-11
|
|
VirtualBox 5.2.6.r120293 - VM Escape Exploit
|
|
2018-09-11
|
|
RPi Cam Control < 6.4.25 - Remote Command Execution Exploit
|
|
2018-09-11
|
|
Avaya one-X 9.x / 10.0.x / 10.1.x Arbitrary File Disclosure / Deletion Vulnerabilities
|
|
2018-09-11
|
|
Tor #Browser #Firefox #TorBrowser 7.0.8 Information Disclosure Vulnerability
|
|
2018-09-11
|
|
Easy File Sharing Web Server 6.9 Buffer Overflow Exploit
|
|
2018-09-11
|
|
Zenmap Nmap 7.70 - Denial of Service Exploit
|
|
2018-09-10
|
|
Flash Slideshow Maker Professional 5.20 - Buffer Overflow (SEH) Exploit
|
|
2018-09-10
|
|
Microsoft Baseline Security Analyzer 2.3 - XML External Entity Injection Vulnerability
|
|
2018-09-10
|
|
Any Sound Recorder 2.93 - Denial of Service Exploit
|
|
2018-09-10
|
|
Photo To Video Converter Professional 8.07 - Buffer Overflow (SEH) Exploit
|
|
2018-09-10
|
|
LinkNet LW-N605R 12.20.2.1486 - Remote Code Execution Exploit
|
|
2018-09-10
|
|
Socusoft 3GP Photo Slideshow 8.05 - Buffer Overflow (SEH) Exploit
|
|
2018-09-10
|
|
VirtualBox 5.2.6.r120293 - VM Escape
|
|
2018-09-10
|
|
Ghostscript - Failed Restore Command Execution (Metasploit)
|
CVE-2018-16509
|
2018-09-10
|
|
Apache Struts 2 - Namespace Redirect OGNL Injection (Metasploit)
|
CVE-2018-11776
|
2018-09-10
|
|
RPi Cam Control < 6.4.25 - 'preview.php' Remote Command Execution
|
|
2018-09-10
|
|
Open Source Intelligence Gathering 201
|
|
2018-09-10
|
|
Open Source Intelligence Gathering 101
|
|
2018-09-10
|
|
Nmap 7.70 - Denial of Service (PoC)
|
|
2018-09-10
|
|
Any Sound Recorder 2.93 - Denial of Service (PoC)
|
|
2018-09-10
|
|
Flash Slideshow Maker Professional 5.20 - Buffer Overflow (SEH)
|
|
2018-09-10
|
|
SocuSoft iPod Photo Slideshow 8.05 - Buffer Overflow (SEH) Exploit
|
|
2018-09-10
|
|
Microsoft Baseline Security Analyzer 2.3 - XML External Entity Injection
|
|
2018-09-10
|
|
Photo To Video Converter Professional 8.07 - Buffer Overflow (SEH)
|
|
2018-09-10
|
|
Socusoft 3GP Photo Slideshow 8.05 - Buffer Overflow (SEH)
|
|
2018-09-10
|
|
LW-N605R 12.20.2.1486 - Remote Code Execution
|
|
2018-09-10
|
|
SocuSoft iPod Photo Slideshow 8.05 - Buffer Overflow (SEH)
|
|
2018-09-10
|
|
MedDream PACS Server Premium 6.7.1.1 - Directory Traversal Vulnerability
|
|
2018-09-09
|
|
DVD Photo Slideshow Professional 8.07 - Buffer Overflow (SEH) Exploit
|
|
2018-09-09
|
|
QNAP Photo Station 5.7.0 - Cross-Site Scripting Vulnerability
|
|
2018-09-09
|
|
Apache Struts 2 Namespace Redirect OGNL Injection Exploit
|
|
2018-09-08
|
|
iSmartViewPro 1.5 - 'SavePath for ScreenShots' Local Buffer Overflow (SEH)
|
|
2018-09-07
|
|
QNAP Photo Station 5.7.0 - Cross-Site Scripting
|
CVE-2018-0715
|
2018-09-07
|
|
Softneta MedDream PACS Server Premium 6.7.1.1 - Directory Traversal
|
|
2018-09-07
|
|
DVD Photo Slideshow Professional 8.07 - Buffer Overflow (SEH)
|
|
2018-09-07
|
|
Ghostscript Failed Restore Command Execution Exploit
|
|
2018-09-07
|
|
Tenable WAS-Scanner 7.4.1708 - Remote Command Execution Vulnerability
|
|
2018-09-07
|
|
DokuWiki 2018-04-22a Greebo Arbitrary Code Execution Vulnerability
|
|
2018-09-07
|
|
MedDream PACS Server Premium 6.7.1.1 - email SQL Injection Vulnerability
|
|
2018-09-07
|
|
Tenable WAS-Scanner 7.4.1708 - Remote Command Execution
|
|
2018-09-07
|
|
MedDream PACS Server Premium 6.7.1.1 - 'email' SQL Injection
|
|
2018-09-07
|
|
D-Link Dir-600M N150 - Cross-Site Scripting Vulnerability
|
|
2018-09-06
|
|
Opsview Monitor 5.x Command Execution Vulnerability
|
|
2018-09-06
|
|
Go Pro Fusion Studio 1.2 Privilege Escalation Vulnerability
|
|
2018-09-06
|
|
Cisco Umbrella Roaming Client 2.0.168 - Privilege Escalation Exploit
|
|
2018-09-06
|
|
KONE KGC 4.6.4 - Multiple Vulnerabilities
|
|
2018-09-06
|
|
WirelessHART Fieldgate SWG70 3.0 - Directory Traversal Vulnerability
|
|
2018-09-06
|
|
Apache Roller 5.0.3 - XML External Entity Injection Exploit
|
|
2018-09-06
|
|
Jorani Leave Management 0.6.5 - startdate SQL Injection Vulnerability
|
|
2018-09-06
|
|
Jorani Leave Management 0.6.5 - Cross-Site Scripting Vulnerability
|
|
2018-09-06
|
|
osCommerce 2.3.4.1 Cross Site Request Forgery Vulnerability
|
|
2018-09-06
|
|
NovaRad NovaPACS Diagnostics Viewer 8.5 - XML External Entity Injection Vulnerability
|
|
2018-09-06
|
|
Microsoft people 10.1807.2131.0 - Denial of service Exploit
|
|
2018-09-06
|
|
Tenda ADSL Router D152 - Cross-Site Scripting Vulnerability
|
|
2018-09-06
|
|
FUJI XEROX DocuCentre-V 3065 Printer - Remote Command Execution Exploit
|
|
2018-09-06
|
|
FTPShell Server 6.80 - Add Account Name Buffer Overflow (SEH) Exploit
|
|
2018-09-06
|
|
Soroush IM Desktop App 0.17.0 - Authentication Bypass Vulnerability
|
|
2018-09-06
|
|
mooSocial Store Plugin 2.6 - SQL Injection Vulnerability
|
|
2018-09-06
|
|
Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode 20 Bytes
|
|
2018-09-06
|
|
iSmartViewPro 1.5 - DDNS Buffer Overflow Exploit
|
|
2018-09-06
|
|
Logicspice FAQ Script 2.9.7 - Remote Code Execution Vulnerability
|
|
2018-09-06
|
|
Simple POS 4.0.24 - columns[0][search][value] SQL Injection Vulnerability
|
|
2018-09-06
|
|
PHP File Browser Script 1 - Directory Traversal Vulnerability
|
|
2018-09-06
|
|
Online Quiz Maker 1.0 - File Include Vulnerability
|
|
2018-09-06
|
|
Trend Micro Virtual Mobile Infrastructure 5.5.1336 - Server address Denial of Service Exploit
|
|
2018-09-06
|
|
Wikipedia 12.0 - Denial of Service Exploit
|
|
2018-09-06
|
|
Online Quiz Maker 1.0 - catid SQL Injection Vulnerability
|
|
2018-09-06
|
|
Admidio 3.3.5 - Cross-Site Request Forgery (Change Permissions) Vulnerability
|
|
2018-09-06
|
|
Microsoft Windows Explorer Out-of-Bound Read - Denial of Service Exploit
|
|
2018-09-06
|
|
Symantec Mobile Encryption for iPhone 2.1.0 - Server Denial of Service Exploit
|
|
2018-09-06
|
|
D-Link DIR-615 - Denial of Service Vulnerability
|
|
2018-09-06
|
|
Xiaomi MIWiFi Xiaomi_55DD 2.8.50 Out-Of-Band Resource Load Vulnerability
|
|
2018-09-06
|
|
Visual Ping 0.8.0.0 - Host Denial of Service Exploit
|
|
2018-09-06
|
|
VSAXESS V2.6.2.70 build20171226_053 - Nickname Denial of Service Exploit
|
|
2018-09-06
|
|
FsPro Labs Event Log Explorer v4.6.1.2115 - XML External Entity Injection Vulnerability
|
|
2018-09-06
|
|
AZORult Stealer 2 Botnet SQL Injection Vulnerability
|
|
2018-09-06
|
|
gVisor Sentry Invalid Access Vulnerability
|
|
2018-09-06
|
|
Acunetix WVS Reporter 10.0 - Denial of Service Exploit
|
|
2018-09-06
|
|
Vox TG790 ADSL Router - Cross-Site Scripting Vulnerability
|
|
2018-09-06
|
|
Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode 28 Bytes
|
|
2018-09-06
|
|
Network Manager VPNC Username Privilege Escalation
|
|
2018-09-06
|
|
ownCloud 0.1.2 User Impersonation Authorization Bypass Vulnerability
|
|
2018-09-06
|
|
WordPress Quizlord 2.0 Cross Site Scripting Vulnerability
|
|
2018-09-06
|
|
Cybrotech CyBroHttpServer 1.0.3 Cross Site Scripting Vulnerability
|
|
2018-09-06
|
|
D-Link DIR-601 - Credential Disclosure Vulnerability
|
|
2018-09-06
|
|
WordPress Jibu Pro 1.7 Plugin - Cross-Site Scripting Vulnerability
|
|
2018-09-06
|
|
Nord VPN 6.14.31 - Denial of Service Exploit
|
|
2018-09-06
|
|
Linux/x86 - IPv6 Reverse TCP Shellcode Generator (94 bytes)
|
|
2018-09-06
|
|
Linux/x86 - Dual Network Stack (IPv4 and IPv6) Bind TCP Shellcode
|
|
2018-09-06
|
|
Linux/ARM - execve("/bin/sh", ["/bin/sh"], NULL) Shellcode (32 Bytes)
|
|
2018-09-06
|
|
Linux/MIPS64 - execve(/bin/sh) Shellcode (48 bytes)
|
|
2018-09-06
|
|
D-Link Dir-600M N150 - Cross-Site Scripting
|
|
2018-09-06
|
|
WirelessHART Fieldgate SWG70 3.0 - Directory Traversal
|
|
2018-09-06
|
|
Apache Roller 5.0.3 - XML External Entity Injection (File Disclosure)
|
CVE-2014-0030
|
2018-09-06
|
|
Jorani Leave Management 0.6.5 - 'startdate' SQL Injection
|
CVE-2018-15918
|
2018-09-06
|
|
Cisco Umbrella Roaming Client 2.0.168 - Privilege Escalation
|
CVE-2018-0437
|
2018-09-06
|
|
Jorani Leave Management 0.6.5 - Cross-Site Scripting
|
CVE-2018-15917
|
2018-09-06
|
|
NovaRad NovaPACS Diagnostics Viewer 8.5 - XML External Entity Injection (File Disclosure)
|
|
2018-09-06
|
|
Tenda ADSL Router D152 - Cross-Site Scripting
|
CVE-2018-14497
|
2018-09-05
|
|
Microsoft people 10.1807.2131.0 - Denial of service (PoC)
|
|
2018-09-05
|
|
Obtaining Command Execution through the NetworkManager Daemon
|
|
2018-09-05
|
|
FTPShell Server 6.80 - 'Add Account Name' Buffer Overflow (SEH)
|
|
2018-09-05
|
|
FUJI XEROX DocuCentre-V 3065 Printer - Remote Command Execution
|
|
2018-09-05
|
|
mooSocial Store Plugin 2.6 - SQL Injection
|
|
2018-09-04
|
|
Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode (20 Bytes)
|
|
2018-09-04
|
|
Simple POS 4.0.24 - 'columns[0][search][value]' SQL Injection
|
|
2018-09-04
|
|
PHP File Browser Script 1 - Directory Traversal
|
|
2018-09-04
|
|
Logicspice FAQ Script 2.9.7 - Remote Code Execution
|
|
2018-09-04
|
|
iSmartViewPro 1.5 - 'DDNS' Buffer Overflow
|
|
2018-09-04
|
|
Wikipedia 12.0 - Denial of Service (PoC)
|
|
2018-09-03
|
|
Online Quiz Maker 1.0 - 'catid' SQL Injection
|
|
2018-09-03
|
|
Admidio 3.3.5 - Cross-Site Request Forgery (Change Permissions)
|
|
2018-09-03
|
|
Trend Micro Virtual Mobile Infrastructure 5.5.1336 - 'Server address' Denial of Service (PoC)
|
|
2018-09-03
|
|
Microsoft Windows Explorer Out-of-Bound Read - Denial of Service (PoC)
|
|
2018-09-03
|
|
FsPro Labs Event Log Explorer v4.6.1.2115 - XML External Entity Injection
|
|
2018-09-03
|
|
Symantec Mobile Encryption for iPhone 2.1.0 - 'Server' Denial of Service (PoC)
|
|
2018-09-03
|
|
D-Link DIR-615 - Denial of Service (PoC)
|
|
2018-09-03
|
|
Visual Ping 0.8.0.0 - 'Host' Denial of Service (PoC)
|
|
2018-09-03
|
|
VSAXESS V2.6.2.70 build20171226_053 - 'Nickname' Denial of Service (PoC)
|
|
2018-09-03
|
|
DamiCMS 6.0.0 - Cross-Site Request Forgery (Change Admin Password)
|
|
2018-08-31
|
|
Network Manager VPNC - Username Privilege Escalation (Metasploit)
|
CVE-2018-10900
|
2018-08-31
|
|
Argus Surveillance DVR 4.0.0.0 - Privilege Escalation
|
|
2018-08-31
|
|
Acunetix WVS Reporter 10.0 - Denial of Service (PoC)
|
|
2018-08-31
|
|
Vox TG790 ADSL Router - Cross-Site Scripting
|
|
2018-08-31
|
|
Cybrotech CyBroHttpServer 1.0.3 - Cross-Site Scripting
|
CVE-2018-16134
|
2018-08-30
|
|
Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode (28 Bytes)
|
|
2018-08-30
|
|
WordPress Plugin Quizlord 2.0 - Cross-Site Scripting
|
|
2018-08-30
|
|
DLink DIR-601 - Credential Disclosure
|
|
2018-08-30
|
|
WordPress Plugin Jibu Pro 1.7 - Cross-Site Scripting
|
|
2018-08-30
|
|
Nord VPN 6.14.31 - Denial of Service (PoC)
|
|
2018-08-30
|
|
Cybrotech CyBroHttpServer 1.0.3 - Directory Traversal Vulnerability
|
|
2018-08-30
|
|
NetworkActiv Web Server 4.0 Pre-Alpha-3.7.2 - Username Denial of Service Exploit
|
|
2018-08-30
|
|
Cybrotech CyBroHttpServer 1.0.3 - Directory Traversal
|
CVE-2018-16133
|
2018-08-30
|
|
NetworkActiv Web Server 4.0 Pre-Alpha-3.7.2 - 'Username' Denial of Service (PoC)
|
|
2018-08-30
|
|
Trillian 6.1 Build 16 - Sign In Denial of service Exploit
|
|
2018-08-29
|
|
Trillian 6.1 Build 16 - "Sign In" Denial of service (PoC)
|
|
2018-08-29
|
|
Cisco AnyConnect Secure Mobility Client 4.6.01099 - Introducir URL Denial of Service Exploit
|
|
2018-08-29
|
|
Easy PhotoResQ 1.0 - Denial Of Service Exploit
|
|
2018-08-29
|
|
Drive Power Manager 1.10 - Denial Of Service Exploit
|
|
2018-08-29
|
|
HD Tune Pro 5.70 - Denial of Service Exploit
|
|
2018-08-29
|
|
Episerver 7 patch 4 - XML External Entity Injection
|
|
2018-08-29
|
|
SIPP 3.3 - Stack-Based Buffer Overflow Exploit
|
|
2018-08-29
|
|
R 3.4.4 - Buffer Overflow (SEH) Exploit
|
|
2018-08-29
|
|
ipPulse 1.92 - TCP Port Denial of Service Exploit
|
|
2018-08-29
|
|
Fathom 2.4 - Denial Of Service Exploit
|
|
2018-08-29
|
|
|
|
2018-08-29
|
|
Easy PhotoResQ 1.0 - Denial Of Service (PoC)
|
|
2018-08-29
|
|
Drive Power Manager 1.10 - Denial Of Service (PoC)
|
|
2018-08-29
|
|
HD Tune Pro 5.70 - Denial of Service (PoC)
|
|
2018-08-29
|
|
Cisco AnyConnect Secure Mobility Client 4.6.01099 - 'Introducir URL' Denial of Service (PoC)
|
|
2018-08-29
|
|
Argus Surveillance DVR 4.0.0.0 - Directory Traversal
|
|
2018-08-29
|
|
Skype Empresarial Office 365 16.0.10730.20053 - 'Dirección de inicio de sesión' Denial of service (PoC)
|
|
2018-08-29
|
|
Fathom 2.4 - Denial Of Service (PoC)
|
|
2018-08-29
|
|
Windows/x64 (10) - WoW64 Egghunter Shellcode (50 bytes)
|
|
2018-08-29
|
|
Linux/x86 - IPv6 Reverse TCP Shellcode Generator (94 bytes)
|
|
2018-08-29
|
|
Linux/x86 - Dual Network Stack (IPv4 and IPv6) Bind TCP Shellcode
|
|
2018-08-29
|
|
Linux/ARM - execve("/bin/sh", ["/bin/sh"], NULL) Shellcode (32 Bytes)
|
|
2018-08-29
|
|
R 3.4.4 - Buffer Overflow (SEH)
|
|
2018-08-29
|
|
SIPP 3.3 - Stack-Based Buffer Overflow
|
|
2018-08-29
|
|
Linux/MIPS64 - execve(/bin/sh) Shellcode (48 bytes)
|
|
2018-08-29
|
|
Episerver 7 patch 4 - XML External Entity Injection
|
|
2018-08-29
|
|
Argus Surveillance DVR 4.0.0.0 Privilege Escalation Vulnerability
|
|
2018-08-29
|
|
Argus Surveillance DVR 4.0.0.0 Directory Traversal Vulnerability
|
|
2018-08-29
|
|
ipPulse 1.92 - 'TCP Port' Denial of Service (PoC)
|
|
2018-08-29
|
|
phpMyAdmin 4.7.x - Cross-Site Request Forgery
|
CVE-2017-1000499
|
2018-08-29
|
|
Eaton Xpert Meter 13.4.0.10 - SSH Private Key Disclosure
|
|
2018-08-29
|
|
phpMyAdmin 4.7.x - Cross-Site Request Forgery Vulnerability
|
|
2018-08-29
|
|
NASA #openVSP 3.16.1 - Denial of Service Exploit
|
|
2018-08-29
|
|
Eaton Xpert Meter 13.4.0.10 - SSH Private Key Disclosure Exploit
|
|
2018-08-29
|
|
Immunity Debugger 1.85 - Denial of Service
|
|
2018-08-29
|
|
Immunity Debugger 1.85 - Denial of Service (PoC)
|
|
2018-08-29
|
|
NASA openVSP 3.16.1 - Denial of Service (PoC)
|
|
2018-08-29
|
|
Instagram App 41.1788.50991.0 - Denial of Service Exploit
|
|
2018-08-28
|
|
Microsoft Windows - Advanced Local Procedure Call (ALPC) Local Privilege Escalation Exploit
|
|
2018-08-28
|
|
Microsoft Windows - JScript RegExp.lastIndex Use-After-Free Exploit
|
|
2018-08-28
|
|
UltraISO 9.7.1.3519 - Buffer Overflow (SEH) Exploit
|
|
2018-08-28
|
|
Microsoft Windows - Advanced Local Procedure Call (ALPC) Local Privilege Escalation
|
|
2018-08-28
|
|
UltimatePOS 2.5 Remote Code Execution Vulnerability
|
|
2018-08-28
|
|
Dojo Toolkit 1.13 Cross Site Scripting Vulnerability
|
|
2018-08-28
|
|
Adobe Flash - AVC Processing Out-of-Bounds Read Exploit
|
|
2018-08-28
|
|
Firefox 55.0.3 - Denial of Service Exploit
|
|
2018-08-28
|
|
Cisco Network Assistant 6.3.3 - Cisco Login Denial of Service Exploit
|
|
2018-08-28
|
|
CuteFTP 5.0 - Buffer Overflow Exploit
|
|
2018-08-28
|
|
Trend Micro Enterprise Mobile Security 2.0.0.1700 - Servidor Denial of Service Exploit
|
|
2018-08-28
|
|
Microsoft Windows - JScript RegExp.lastIndex Use-After-Free
|
CVE-2018-8353
|
2018-08-28
|
|
UltraISO 9.7.1.3519 - Buffer Overflow (SEH)
|
|
2018-08-28
|
|
Instagram App 41.1788.50991.0 - Denial of Service (PoC)
|
|
2018-08-28
|
|
Schneider Electric BMX P34 CPU B - Open Redirect
|
|
2018-08-28
|
|
Libpango 1.40.8 - Denial of Service Exploit
|
|
2018-08-28
|
|
Electron WebPreferences - Remote Code Execution Exploit
|
|
2018-08-28
|
|
HP Jetdirect - Path Traversal Arbitrary Code Execution Exploit
|
|
2018-08-28
|
|
Cisco Network Assistant 6.3.3 - 'Cisco Login' Denial of Service (PoC)
|
|
2018-08-28
|
|
Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (2) Exploit
|
|
2018-08-27
|
|
Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (1) Exploit
|
|
2018-08-27
|
|
WordPress Gift Voucher 1.0.5 Plugin - template_id SQL Injection Vulnerability
|
|
2018-08-27
|
|
WordPress Plainview Activity Monitor 20161228 Plugin - Command Injection Exploit
|
|
2018-08-27
|
|
Sentrifugo HRMS 3.2 - deptid SQL Injection Vulnerability
|
|
2018-08-27
|
|
LiteCart 2.1.2 - Arbitrary File Upload Exploit
|
|
2018-08-27
|
|
ManageEngine ADManager Plus 6.5.7 - Cross-Site Scripting Vulnerability
|
|
2018-08-27
|
|
Gleez CMS 1.2.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
|
|
2018-08-27
|
|
RICOH MP C4504ex Printer - Cross-Site Request Forgery (Add Admin) Vulnerability
|
|
2018-08-27
|
|
WordPress Plugin Plainview Activity Monitor 20161228 - Command Injection
|
CVE-2018-15877
|
2018-08-27
|
|
HP Jetdirect - Path Traversal Arbitrary Code Execution (Metasploit)
|
CVE-2017-2741
|
2018-08-27
|
|
Electron WebPreferences - Remote Code Execution
|
CVE-2018-15685
|
2018-08-27
|
|
Responsive FileManager < 9.13.4 - Directory Traversal
|
CVE-2018-15535
|
2018-08-27
|
|
Seagate Personal Cloud SRN21C 4.3.16.0 / 4.3.18.0 - SQL Injection
|
|
2018-08-27
|
|
Foxit PDF Reader 9.0.1.1049 - Pointer Overwrite Use-After-Free (Metasploit)
|
CVE-2018-9948
|
2018-08-27
|
|
Adobe Flash - AVC Processing Out-of-Bounds Read
|
CVE-2018-12827
|
2018-08-27
|
|
LiteCart 2.1.2 - Arbitrary File Upload
|
|
2018-08-27
|
|
Sentrifugo HRMS 3.2 - 'deptid' SQL Injection
|
|
2018-08-27
|
|
Node.JS - 'node-serialize' Remote Code Execution
|
CVE-2017-5941
|
|