Exploits (Total: 97839)

    
    
    
MedDream PACS Server Premium 6.7.1.1 - 'email' SQL Injection
2018-09-07
D-Link Dir-600M N150 - Cross-Site Scripting Vulnerability
2018-09-06
Opsview Monitor 5.x Command Execution Vulnerability
2018-09-06
Go Pro Fusion Studio 1.2 Privilege Escalation Vulnerability
2018-09-06
Cisco Umbrella Roaming Client 2.0.168 - Privilege Escalation Exploit
2018-09-06
KONE KGC 4.6.4 - Multiple Vulnerabilities
2018-09-06
WirelessHART Fieldgate SWG70 3.0 - Directory Traversal Vulnerability
2018-09-06
Apache Roller 5.0.3 - XML External Entity Injection Exploit
2018-09-06
Jorani Leave Management 0.6.5 - startdate SQL Injection Vulnerability
2018-09-06
Jorani Leave Management 0.6.5 - Cross-Site Scripting Vulnerability
2018-09-06
osCommerce 2.3.4.1 Cross Site Request Forgery Vulnerability
2018-09-06
NovaRad NovaPACS Diagnostics Viewer 8.5 - XML External Entity Injection Vulnerability
2018-09-06
Microsoft people 10.1807.2131.0 - Denial of service Exploit
2018-09-06
Tenda ADSL Router D152 - Cross-Site Scripting Vulnerability
2018-09-06
FUJI XEROX DocuCentre-V 3065 Printer - Remote Command Execution Exploit
2018-09-06
FTPShell Server 6.80 - Add Account Name Buffer Overflow (SEH) Exploit
2018-09-06
Soroush IM Desktop App 0.17.0 - Authentication Bypass Vulnerability
2018-09-06
mooSocial Store Plugin 2.6 - SQL Injection Vulnerability
2018-09-06
Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode 20 Bytes
2018-09-06
iSmartViewPro 1.5 - DDNS Buffer Overflow Exploit
2018-09-06
Logicspice FAQ Script 2.9.7 - Remote Code Execution Vulnerability
2018-09-06
Simple POS 4.0.24 - columns[0][search][value] SQL Injection Vulnerability
2018-09-06
PHP File Browser Script 1 - Directory Traversal Vulnerability
2018-09-06
Online Quiz Maker 1.0 - File Include Vulnerability
2018-09-06
Trend Micro Virtual Mobile Infrastructure 5.5.1336 - Server address Denial of Service Exploit
2018-09-06
Wikipedia 12.0 - Denial of Service Exploit
2018-09-06
Online Quiz Maker 1.0 - catid SQL Injection Vulnerability
2018-09-06
Admidio 3.3.5 - Cross-Site Request Forgery (Change Permissions) Vulnerability
2018-09-06
Microsoft Windows Explorer Out-of-Bound Read - Denial of Service Exploit
2018-09-06
Symantec Mobile Encryption for iPhone 2.1.0 - Server Denial of Service Exploit
2018-09-06
D-Link DIR-615 - Denial of Service Vulnerability
2018-09-06
Xiaomi MIWiFi Xiaomi_55DD 2.8.50 Out-Of-Band Resource Load Vulnerability
2018-09-06
Visual Ping 0.8.0.0 - Host Denial of Service Exploit
2018-09-06
VSAXESS V2.6.2.70 build20171226_053 - Nickname Denial of Service Exploit
2018-09-06
FsPro Labs Event Log Explorer v4.6.1.2115 - XML External Entity Injection Vulnerability
2018-09-06
AZORult Stealer 2 Botnet SQL Injection Vulnerability
2018-09-06
gVisor Sentry Invalid Access Vulnerability
2018-09-06
Acunetix WVS Reporter 10.0 - Denial of Service Exploit
2018-09-06
Vox TG790 ADSL Router - Cross-Site Scripting Vulnerability
2018-09-06
Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode 28 Bytes
2018-09-06
Network Manager VPNC Username Privilege Escalation
2018-09-06
ownCloud 0.1.2 User Impersonation Authorization Bypass Vulnerability
2018-09-06
WordPress Quizlord 2.0 Cross Site Scripting Vulnerability
2018-09-06
Cybrotech CyBroHttpServer 1.0.3 Cross Site Scripting Vulnerability
2018-09-06
D-Link DIR-601 - Credential Disclosure Vulnerability
2018-09-06
WordPress Jibu Pro 1.7 Plugin - Cross-Site Scripting Vulnerability
2018-09-06
Nord VPN 6.14.31 - Denial of Service Exploit
2018-09-06
Linux/x86 - IPv6 Reverse TCP Shellcode Generator (94 bytes)
2018-09-06
Linux/x86 - Dual Network Stack (IPv4 and IPv6) Bind TCP Shellcode
2018-09-06
Linux/ARM - execve("/bin/sh", ["/bin/sh"], NULL) Shellcode (32 Bytes)
2018-09-06
Linux/MIPS64 - execve(/bin/sh) Shellcode (48 bytes)
2018-09-06
D-Link Dir-600M N150 - Cross-Site Scripting
2018-09-06
WirelessHART Fieldgate SWG70 3.0 - Directory Traversal
2018-09-06
Apache Roller 5.0.3 - XML External Entity Injection (File Disclosure)
CVE-2014-0030
2018-09-06
Jorani Leave Management 0.6.5 - 'startdate' SQL Injection
CVE-2018-15918
2018-09-06
Cisco Umbrella Roaming Client 2.0.168 - Privilege Escalation
CVE-2018-0437
2018-09-06
Jorani Leave Management 0.6.5 - Cross-Site Scripting
CVE-2018-15917
2018-09-06
NovaRad NovaPACS Diagnostics Viewer 8.5 - XML External Entity Injection (File Disclosure)
2018-09-06
Tenda ADSL Router D152 - Cross-Site Scripting
CVE-2018-14497
2018-09-05
Microsoft people 10.1807.2131.0 - Denial of service (PoC)
2018-09-05
Obtaining Command Execution through the NetworkManager Daemon
2018-09-05
FTPShell Server 6.80 - 'Add Account Name' Buffer Overflow (SEH)
2018-09-05
FUJI XEROX DocuCentre-V 3065 Printer - Remote Command Execution
2018-09-05
mooSocial Store Plugin 2.6 - SQL Injection
2018-09-04
Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode (20 Bytes)
2018-09-04
Simple POS 4.0.24 - 'columns[0][search][value]' SQL Injection
2018-09-04
PHP File Browser Script 1 - Directory Traversal
2018-09-04
Logicspice FAQ Script 2.9.7 - Remote Code Execution
2018-09-04
iSmartViewPro 1.5 - 'DDNS' Buffer Overflow
2018-09-04
Wikipedia 12.0 - Denial of Service (PoC)
2018-09-03
Online Quiz Maker 1.0 - 'catid' SQL Injection
2018-09-03
Admidio 3.3.5 - Cross-Site Request Forgery (Change Permissions)
2018-09-03
Trend Micro Virtual Mobile Infrastructure 5.5.1336 - 'Server address' Denial of Service (PoC)
2018-09-03
Microsoft Windows Explorer Out-of-Bound Read - Denial of Service (PoC)
2018-09-03
FsPro Labs Event Log Explorer v4.6.1.2115 - XML External Entity Injection
2018-09-03
Symantec Mobile Encryption for iPhone 2.1.0 - 'Server' Denial of Service (PoC)
2018-09-03
D-Link DIR-615 - Denial of Service (PoC)
2018-09-03
Visual Ping 0.8.0.0 - 'Host' Denial of Service (PoC)
2018-09-03
VSAXESS V2.6.2.70 build20171226_053 - 'Nickname' Denial of Service (PoC)
2018-09-03
DamiCMS 6.0.0 - Cross-Site Request Forgery (Change Admin Password)
2018-08-31
Network Manager VPNC - Username Privilege Escalation (Metasploit)
CVE-2018-10900
2018-08-31
Argus Surveillance DVR 4.0.0.0 - Privilege Escalation
2018-08-31
Acunetix WVS Reporter 10.0 - Denial of Service (PoC)
2018-08-31
Vox TG790 ADSL Router - Cross-Site Scripting
2018-08-31
Cybrotech CyBroHttpServer 1.0.3 - Cross-Site Scripting
CVE-2018-16134
2018-08-30
Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode (28 Bytes)
2018-08-30
WordPress Plugin Quizlord 2.0 - Cross-Site Scripting
2018-08-30
DLink DIR-601 - Credential Disclosure
2018-08-30
WordPress Plugin Jibu Pro 1.7 - Cross-Site Scripting
2018-08-30
Nord VPN 6.14.31 - Denial of Service (PoC)
2018-08-30
Cybrotech CyBroHttpServer 1.0.3 - Directory Traversal Vulnerability
2018-08-30
NetworkActiv Web Server 4.0 Pre-Alpha-3.7.2 - Username Denial of Service Exploit
2018-08-30
Cybrotech CyBroHttpServer 1.0.3 - Directory Traversal
CVE-2018-16133
2018-08-30
NetworkActiv Web Server 4.0 Pre-Alpha-3.7.2 - 'Username' Denial of Service (PoC)
2018-08-30
Trillian 6.1 Build 16 - Sign In Denial of service Exploit
2018-08-29
Trillian 6.1 Build 16 - "Sign In" Denial of service (PoC)
2018-08-29
Cisco AnyConnect Secure Mobility Client 4.6.01099 - Introducir URL Denial of Service Exploit
2018-08-29
Easy PhotoResQ 1.0 - Denial Of Service Exploit
2018-08-29
Drive Power Manager 1.10 - Denial Of Service Exploit
2018-08-29
HD Tune Pro 5.70 - Denial of Service Exploit
2018-08-29
Episerver 7 patch 4 - XML External Entity Injection
2018-08-29
SIPP 3.3 - Stack-Based Buffer Overflow Exploit
2018-08-29
R 3.4.4 - Buffer Overflow (SEH) Exploit
2018-08-29
ipPulse 1.92 - TCP Port Denial of Service Exploit
2018-08-29
Fathom 2.4 - Denial Of Service Exploit
2018-08-29
2018-08-29
Easy PhotoResQ 1.0 - Denial Of Service (PoC)
2018-08-29
Drive Power Manager 1.10 - Denial Of Service (PoC)
2018-08-29
HD Tune Pro 5.70 - Denial of Service (PoC)
2018-08-29
Cisco AnyConnect Secure Mobility Client 4.6.01099 - 'Introducir URL' Denial of Service (PoC)
2018-08-29
Argus Surveillance DVR 4.0.0.0 - Directory Traversal
2018-08-29
Skype Empresarial Office 365 16.0.10730.20053 - 'Dirección de inicio de sesión' Denial of service (PoC)
2018-08-29
Fathom 2.4 - Denial Of Service (PoC)
2018-08-29
Windows/x64 (10) - WoW64 Egghunter Shellcode (50 bytes)
2018-08-29
Linux/x86 - IPv6 Reverse TCP Shellcode Generator (94 bytes)
2018-08-29
Linux/x86 - Dual Network Stack (IPv4 and IPv6) Bind TCP Shellcode
2018-08-29
Linux/ARM - execve("/bin/sh", ["/bin/sh"], NULL) Shellcode (32 Bytes)
2018-08-29
R 3.4.4 - Buffer Overflow (SEH)
2018-08-29
SIPP 3.3 - Stack-Based Buffer Overflow
2018-08-29
Linux/MIPS64 - execve(/bin/sh) Shellcode (48 bytes)
2018-08-29
Episerver 7 patch 4 - XML External Entity Injection
2018-08-29
Argus Surveillance DVR 4.0.0.0 Privilege Escalation Vulnerability
2018-08-29
Argus Surveillance DVR 4.0.0.0 Directory Traversal Vulnerability
2018-08-29
ipPulse 1.92 - 'TCP Port' Denial of Service (PoC)
2018-08-29
phpMyAdmin 4.7.x - Cross-Site Request Forgery
CVE-2017-1000499
2018-08-29
Eaton Xpert Meter 13.4.0.10 - SSH Private Key Disclosure
2018-08-29
phpMyAdmin 4.7.x - Cross-Site Request Forgery Vulnerability
2018-08-29
NASA #openVSP 3.16.1 - Denial of Service Exploit
2018-08-29
Eaton Xpert Meter 13.4.0.10 - SSH Private Key Disclosure Exploit
2018-08-29
Immunity Debugger 1.85 - Denial of Service
2018-08-29
Immunity Debugger 1.85 - Denial of Service (PoC)
2018-08-29
NASA openVSP 3.16.1 - Denial of Service (PoC)
2018-08-29
Instagram App 41.1788.50991.0 - Denial of Service Exploit
2018-08-28
Microsoft Windows - Advanced Local Procedure Call (ALPC) Local Privilege Escalation Exploit
2018-08-28
Microsoft Windows - JScript RegExp.lastIndex Use-After-Free Exploit
2018-08-28
UltraISO 9.7.1.3519 - Buffer Overflow (SEH) Exploit
2018-08-28
Microsoft Windows - Advanced Local Procedure Call (ALPC) Local Privilege Escalation
2018-08-28
UltimatePOS 2.5 Remote Code Execution Vulnerability
2018-08-28
Dojo Toolkit 1.13 Cross Site Scripting Vulnerability
2018-08-28
Adobe Flash - AVC Processing Out-of-Bounds Read Exploit
2018-08-28
Firefox 55.0.3 - Denial of Service Exploit
2018-08-28
Cisco Network Assistant 6.3.3 - Cisco Login Denial of Service Exploit
2018-08-28
CuteFTP 5.0 - Buffer Overflow Exploit
2018-08-28
Trend Micro Enterprise Mobile Security 2.0.0.1700 - Servidor Denial of Service Exploit
2018-08-28
Microsoft Windows - JScript RegExp.lastIndex Use-After-Free
CVE-2018-8353
2018-08-28
UltraISO 9.7.1.3519 - Buffer Overflow (SEH)
2018-08-28
Instagram App 41.1788.50991.0 - Denial of Service (PoC)
2018-08-28
Schneider Electric BMX P34 CPU B - Open Redirect
2018-08-28
Libpango 1.40.8 - Denial of Service Exploit
2018-08-28
Electron WebPreferences - Remote Code Execution Exploit
2018-08-28
HP Jetdirect - Path Traversal Arbitrary Code Execution Exploit
2018-08-28
Cisco Network Assistant 6.3.3 - 'Cisco Login' Denial of Service (PoC)
2018-08-28
Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (2) Exploit
2018-08-27
Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (1) Exploit
2018-08-27
WordPress Gift Voucher 1.0.5 Plugin - template_id SQL Injection Vulnerability
2018-08-27
WordPress Plainview Activity Monitor 20161228 Plugin - Command Injection Exploit
2018-08-27
Sentrifugo HRMS 3.2 - deptid SQL Injection Vulnerability
2018-08-27
LiteCart 2.1.2 - Arbitrary File Upload Exploit
2018-08-27
ManageEngine ADManager Plus 6.5.7 - Cross-Site Scripting Vulnerability
2018-08-27
Gleez CMS 1.2.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
2018-08-27
RICOH MP C4504ex Printer - Cross-Site Request Forgery (Add Admin) Vulnerability
2018-08-27
WordPress Plugin Plainview Activity Monitor 20161228 - Command Injection
CVE-2018-15877
2018-08-27
HP Jetdirect - Path Traversal Arbitrary Code Execution (Metasploit)
CVE-2017-2741
2018-08-27
Electron WebPreferences - Remote Code Execution
CVE-2018-15685
2018-08-27
Responsive FileManager < 9.13.4 - Directory Traversal
CVE-2018-15535
2018-08-27
Seagate Personal Cloud SRN21C 4.3.16.0 / 4.3.18.0 - SQL Injection
2018-08-27
Foxit PDF Reader 9.0.1.1049 - Pointer Overwrite Use-After-Free (Metasploit)
CVE-2018-9948
2018-08-27
Adobe Flash - AVC Processing Out-of-Bounds Read
CVE-2018-12827
2018-08-27
LiteCart 2.1.2 - Arbitrary File Upload
2018-08-27
Sentrifugo HRMS 3.2 - 'deptid' SQL Injection
2018-08-27
Node.JS - 'node-serialize' Remote Code Execution
CVE-2017-5941
2018-08-27
RICOH MP C4504ex Printer - Cross-Site Request Forgery (Add Admin)
2018-08-27
Libpango 1.40.8 - Denial of Service (PoC)
CVE-2018-15120
2018-08-27
Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (2)
CVE-2018-11776
2018-08-27
Trend Micro Enterprise Mobile Security 2.0.0.1700 - 'Servidor' Denial of Service (PoC)
2018-08-27
Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (1)
CVE-2018-11776
2018-08-27
CuteFTP 5.0 - Buffer Overflow
2018-08-27
Gleez CMS 1.2.0 - Cross-Site Request Forgery (Add Admin)
CVE-2018-15845
2018-08-27
Firefox 55.0.3 - Denial of Service (PoC)
2018-08-27
ManageEngine ADManager Plus 6.5.7 - Cross-Site Scripting
2018-08-26
WordPress Plugin Gift Voucher 1.0.5 - 'template_id' SQL Injection
2018-08-26
ManageEngine ADManager Plus 6.5.7 - HTML Injection
CVE-2018-15608
2018-08-26
UltimatePOS 2.5 - Remote Code Execution
2018-08-26
Vox TG790 ADSL Router - Cross-Site Request Forgery (Add Admin)
2018-08-26
SkypeApp 12.8.487.0 - 'Cuenta de Skype o Microsoft' Denial of Service (PoC)
2018-08-26
StyleWriter 4 1.0 - Denial of Service (PoC)
2018-08-26
Epiphany Web Browser 3.28.1 - Denial of Service (PoC)
2018-08-26
PCViewer vt1000 - Directory Traversal
2018-08-26
Twitter-Clone 1 - 'code' SQL Injection
2018-08-26
CuteFTP 8.3.1 - Denial of Service (PoC)
2018-08-26
Softdisk 3.0.3 - Denial Of Service (PoC)
2018-08-26
Windows 10 Diagnostics Hub Standard Collector Service - Privilege Escalation
CVE-2018-0952
2018-08-26
Geutebrueck re_porter 16 - Cross-Site Scripting
CVE-2018-15533
2018-08-26
Easyboot 6.6.0 - Denial Of Service (PoC)
2018-08-26
Geutebrueck re_porter 7.8.974.20 - Credential Disclosure
CVE-2018-15534
2018-08-26
UltraISO 9.7.1.3519 - Denial Of Service (PoC)
2018-08-26
Textpad 7.6.4 - Denial Of Service (PoC)
2018-08-26
KingMedia 4.1 - Remote Code Execution
2018-08-26
ZyXEL VMG3312-B10B - Cross-Site Scripting
2018-08-26
Project64 2.3.2 - Buffer Overflow (SEH)
2018-08-26
Apache Struts 2.x Remote Code Execution Vulnerability
2018-08-24
Couchbase Server Remote Code Execution Vulnerability
2018-08-24
Foxit PDF Reader 9.0.1.1049 Pointer Overwrite Use-After-Free Exploit
2018-08-24
Seagate Personal Cloud SRN21C SQL Injection Vulnerability
2018-08-24
Epiphany Web Browser 3.28.1 - Denial of Service Exploit
2018-08-24
SkypeApp 12.8.487.0 - Cuenta de Skype o Microsoft Denial of Service Exploit
2018-08-24
StyleWriter 4 1.0 - Denial of Service Exploit
2018-08-24
CuteFTP 8.3.1 - Denial of Service Exploit
2018-08-24
Vox TG790 ADSL Router - Cross-Site Request Forgery (Add Admin) Vulnerability
2018-08-24
PCViewer vt1000 - Directory Traversal Vulnerability
2018-08-24
Windows 10 Diagnostics Hub Standard Collector Service - Privilege Escalation Exploit
2018-08-24
Ghostscript - Multiple Vulnerabilities
2018-08-24
Geutebrueck re_porter 7.8.974.20 - Credential Disclosure Vulnerability
2018-08-24
Geutebrueck re_porter 16 - Cross-Site Scripting Vulnerability
2018-08-24
UltraISO 9.7.1.3519 - Denial Of Service Exploit
2018-08-24
Softdisk 3.0.3 - Denial Of Service Exploit
2018-08-24
Easyboot 6.6.0 - Denial Of Service Exploit
2018-08-24
Textpad 7.6.4 - Denial Of Service Exploit
2018-08-24
KingMedia 4.1 - Remote Code Execution Exploit
2018-08-24
OpenSSH 7.7 - Username Enumeration Exploit
2018-08-24
Hikvision IP Camera 5.4.0 - User Enumeration Exploit
2018-08-24
ZyXEL VMG3312-B10B - Cross-Site Scripting Vulnerability
2018-08-24
Wordpress Ninja Forms 3.3.13 Plugin - CSV Injection Vulnerability
2018-08-24
Twitter-Clone 1 - userid SQL Injection Vulnerability
2018-08-24
Twitter-Clone 1 - Cross-Site Request Forgery (Delete Post) Vulnerability
2018-08-24
Project64 2.3.2 - Buffer Overflow (SEH) Exploit
2018-08-24
Project64 2.3.2 - Denial Of Service Exploit
2018-08-24
Linux rc.local Payload Persistence Module Exploit
2018-08-24
Autostart Desktop Item Persistence Exploit
2018-08-24
BMC MyIT Java System Solutions SSO Plugin 4.0.13.1 Cross Site Scripting Vulnerability
2018-08-24
Easylogin Pro 1.3.0 - Unserialize Remote Code Execution Exploit
2018-08-24
SEIG SCADA System 9 - Remote Code Execution Exploit
2018-08-24
SEIG Modbus 3.4 - Remote Code Execution Exploit
2018-08-24
SEIG Modbus 3.4 - Denial of Service Exploit
2018-08-24
Prime95 29.4b7 - Denial Of Service Exploit
2018-08-24
Restorator 1793 - Denial of Service Exploit
2018-08-24
Zortam MP3 Media Studio 23.95 - Denial of Service Exploit
2018-08-24
Countly - Persistent Cross-Site Scripting Vulnerability
2018-08-24
WordPress Chained Quiz 1.0.8 Plugin - answer SQL Injection Vulnerability
2018-08-24
WordPress Tagregator 0.6 Plugin - Cross-Site Scripting Vulnerability
2018-08-24
MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Request Forgery Vulnerability
2018-08-24
Xen xen-netback xenvif_set_hash_mapping Integer Overflow Exploit
2018-08-24
Microsoft Edge Chakra JIT - InitializeNumberFormat and InitializeDateTimeFormat Type Confusion Explo
2018-08-24
Microsoft Edge Chakra JIT - InlineArrayPush Type Confusion Exploit
2018-08-24
Microsoft Edge Chakra JIT - DictionaryPropertyDescriptor::CopyFrom Type Confusion Exploit
2018-08-24
Microsoft Edge Chakra JIT - Scope Parsing Type Confusion Exploit
2018-08-24
Microsoft Edge Chakra JIT - ImplicitCallFlags Check Bypass with Intl Exploit
2018-08-24
ADM 3.1.2RHG1 - Remote Code Execution Exploit
2018-08-24
OpenSSH 2.3 < 7.4 - Username Enumeration Exploit
2018-08-24
CEWE Photoshow 6.3.4 - Denial of Service Exploit
2018-08-24
Linux PAM 0.6.9 Authentication Replay Vulnerability
2018-08-24
Apple Smart Card Services Memory Corruption Vulnerability
2018-08-24
OpenSC 0.18.0 Buffer Overflow / Out Of Bounds Read Vulnerability
2018-08-24
Yubico PIV Tool 1.5.0 Buffer Overflow Vulnerability
2018-08-24
Yubico 0.1.9 libykneomgr Out Of Bounds Read / Write Vulnerability
2018-08-24
Jetty 6.1.6 Cross Site Scripting Vulnerability
2018-08-24
Easy RM To MP3 Converter 2.6 Stack Buffer Overflow Exploit
2018-08-24
Wordpress Plugin Ninja Forms 3.3.13 - CSV Injection
2018-08-21
OpenSSH 7.7 - Username Enumeration
CVE-2018-15473
2018-08-21
Twitter-Clone 1 - Cross-Site Request Forgery (Delete Post)
2018-08-21
Hikvision IP Camera 5.4.0 - User Enumeration (Metasploit)
2018-08-21
Twitter-Clone 1 - 'userid' SQL Injection
2018-08-21
Project64 2.3.2 - Denial Of Service (PoC)
2018-08-21
Countly - Persistent Cross-Site Scripting
2018-08-20
Easylogin Pro 1.3.0 - Encryptor.php Unserialize Remote Code Execution
CVE-2018-15576
2018-08-20
Prime95 29.4b7 - Denial Of Service (PoC)
2018-08-20
WordPress Plugin Tagregator 0.6 - Cross-Site Scripting
CVE-2018-10752
2018-08-20
MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Request Forgery
2018-08-20
Restorator 1793 - Denial of Service (PoC)
2018-08-20
Zortam MP3 Media Studio 23.95 - Denial of Service (PoC)
2018-08-20
WordPress Plugin Chained Quiz 1.0.8 - 'answer' SQL Injection
2018-08-20
SEIG Modbus 3.4 - Remote Code Execution
CVE-2013-0662
2018-08-20
SEIG Modbus 3.4 - Denial of Service (PoC)
CVE-2013-0662
2018-08-20
SEIG SCADA System 9 - Remote Code Execution
CVE-2013-0657
2018-08-20
Microsoft Edge Chakra JIT - InitializeNumberFormat and InitializeDateTimeFormat Type Confusion
CVE-2018-8298
2018-08-17
Microsoft Edge Chakra JIT - 'InlineArrayPush' Type Confusion
2018-08-17
Microsoft Edge Chakra JIT - 'DictionaryPropertyDescriptor::CopyFrom' Type Confusion
CVE-2018-8291
2018-08-17
Microsoft Edge Chakra JIT - Scope Parsing Type Confusion
CVE-2018-8279
2018-08-17
Microsoft Edge Chakra JIT - ImplicitCallFlags Check Bypass with Intl
CVE-2018-8288
2018-08-17
ADM 3.1.2RHG1 - Remote Code Execution
CVE-2018-11510
2018-08-17
CEWE Photoshow 6.3.4 - Denial of Service (PoC)
2018-08-17
OpenSSH 2.3 < 7.4 - Username Enumeration (PoC)
2018-08-17
Mikrotik WinBox 6.42 - Credential Disclosure (golang)
2018-08-17
Wordpress Export Users to CSV 1.1.1 Plugin - CSV Injection Vulnerability
2018-08-17
Pimcore 5.2.3 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities
2018-08-17
WebkitGTK+ 2.20.3 - ImageBufferCairo::getImageData() Buffer Overflow Exploit
2018-08-17
CentralManagement Software 1.4.13 - Denial of Service Exploit
2018-08-17
Oracle Glassfish OSE 4.1 - Path Traversal (Metasploit)
CVE-2017-1000028
2018-08-17
Pimcore 5.2.3 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery
CVE-2018-14057
2018-08-16
Central Management Software 1.4.13 - Denial of Service (PoC)
2018-08-16
Wordpress Plugin Export Users to CSV 1.1.1 - CSV Injection
2018-08-16
WebkitGTK+ 2.20.3 - 'ImageBufferCairo::getImageData()' Buffer Overflow (PoC)
CVE-2018-12293
2018-08-16
ownCloud iOS Application 3.7.3 Cross Site Scripting Vulnerability
2018-08-16
Atmosphere 1.x / 2.x Cross Site Scripting Vulnerability
2018-08-16
TP-Link WR840N 0.9.1 3.16 - Denial of Service Exploit
2018-08-16
OpenEMR 5.0.1.3 - Arbitrary File Actions Vulnerability
2018-08-16
ObserverIP Scan Tool 1.4.0.1 - Denial of Service Exploit
2018-08-16
ObserverIP Scan Tool 1.4.0.1 - Denial of Service (PoC)
2018-08-16
TP-Link WR840N 0.9.1 3.16 - Denial of Service (PoC)
CVE-2018-15172
2018-08-16
OpenEMR 5.0.1.3 - Arbitrary File Actions
CVE-2018-15140
2018-08-16
cPanel Filename Based Stored XSS < v76 Exploit
2018-08-16
ASUSTOR ADM 3.1.0.RFQ3 - Remote Command Execution / SQL Injection Vulnerabilities
2018-08-15
ASUS-DSL N10 1.1.2.2_17 - Authentication Bypass Vulnerability
2018-08-15
JioFi 4G M2S 1.0.2 - Denial of Service Exploit
2018-08-15
ASUS-DSL N10 1.1.2.2_17 - Authentication Bypass
2018-08-15
ASUSTOR ADM 3.1.0.RFQ3 - Remote Command Execution / SQL Injection
CVE-2018-11509
2018-08-15
JioFi 4G M2S 1.0.2 - Denial of Service (PoC)
CVE-2018-15181
2018-08-15
Cloudme 1.9 - Buffer Overflow (DEP) (Metasploit)
CVE-2018-6892
2018-08-15
Oracle GlassFish Server Open Source Edition 4.1 - Path Traversal (Metasploit)
CVE-2017-1000028
2018-08-15
cgit 1.2.1 - Directory Traversal (Metasploit)
CVE-2018-14912
2018-08-15
Wansview 1.0.2 - Denial of Service (PoC)
2018-08-15
Oracle Weblogic Server - Deserialization Remote Code Execution (Metasploit)
CVE-2018-2628
2018-08-15
Android - Directory Traversal over USB via Injection in blkid Output
CVE-2018-9445
2018-08-15
Switch Port Mapping Tool 2.81.2 - 'Name Field' Denial of Service (PoC)
2018-08-15
IBM Sterling B2B Integrator 5.2.0.1/5.2.6.3 - Cross-Site Scripting
CVE-2018-1513
2018-08-15
PLC Wireless Router GPN2.4P21-C-CN - Denial of Service
2018-08-15
Acunetix WVS 10.0 Build 20150623 - Denial of Service (PoC)
2018-08-15
PostgreSQL 9.4-0.5.3 - Privilege Escalation
CVE-2017-14798
2018-08-15
IP Finder 1.5 - Denial of Service (PoC)
2018-08-15
Monitoring software iSmartViewPro 1.5 - 'SavePath for ScreenShots' Buffer Overflow
2018-08-15
Microsoft DirectX SDK - 'Xact.exe' Remote Code Execution
2018-08-15
MyBB Like Plugin 3.0.0 - Cross-Site Scripting
2018-08-15
MyBB Thank You/Like Plugin 3.0.0 - Cross-Site Scripting
CVE-2018-14888
2018-08-15
Zimbra 8.6.0_GA_1153 - Cross-Site Scripting
CVE-2016-3411
2018-08-15
iSmartViewPro 1.5 - 'Password' Buffer Overflow
2018-08-15
Linux Kernel 4.14.7 (Ubuntu 16.04 / CentOS 7) - (KASLR & SMEP Bypass) Arbitrary File Read
CVE-2017-18344.
2018-08-15
reSIProcate 1.10.2 - Heap Overflow
CVE-2018-12584
2018-08-15
TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery (Information Disclosure)
2018-08-15
TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery (Remote Reboot)
2018-08-15
Mikrotik WinBox 6.42 - Credential Disclosure (Metasploit)
2018-08-15
osTicket 1.10.1 - Arbitrary File Upload
CVE-2017-15580
2018-08-15
TP-Link Wireless N Router WR840N - Denial of Service (PoC)
2018-08-15
LG-Ericsson iPECS NMS 30M - Directory Traversal
2018-08-15
iSmartViewPro 1.5 - 'Account' Buffer Overflow
2018-08-15
iSmartViewPro 1.5 - 'Device Alias' Buffer Overflow
2018-08-15
Monstra-Dev 3.0.4 - Cross-Site Request Forgery (Account Hijacking)
2018-08-15
CloudMe Sync 1.10.9 - Buffer Overflow (SEH)(DEP Bypass)
2018-08-15
Wavemaker Studio 6.6 - Server-Side Request Forgery
2018-08-15
Sitecore.Net 8.1 - Directory Traversal
CVE-2018-7669
2018-08-15
AgataSoft Auto PingMaster 1.5 - Buffer Overflow (SEH)
2018-08-15
Cloudme 1.9 - Buffer Overflow (DEP) Exploit
2018-08-15
Android - Directory Traversal over USB via Injection in blkid Output Exploit
2018-08-15
Oracle GlassFish Server Open Source Edition 4.1 - Path Traversal Exploit
2018-08-15
cgit 1.2.1 - Directory Traversal Exploit
2018-08-15
Wansview 1.0.2 - Denial of Service Exploit
2018-08-15
WordPress Ultimate Product Catalog 4.3.11 Plugin - SQL Injection Vulnerability
2018-08-15
Switch Port Mapping Tool 2.81.2 - Name Field Denial of Service Exploit
2018-08-15
PLC Wireless Router GPN2.4P21-C-CN - Denial of Service
2018-08-15
Acunetix WVS 10.0 Build 20150623 - Denial of Service Exploit
2018-08-15
IBM Sterling B2B Integrator 5.2.0.1/5.2.6.3 - Cross-Site Scripting Vulnerability
2018-08-15
Linux/x64 - Add Root User (toor/toor) Shellcode (99 bytes)
2018-08-15
PostgreSQL 9.4-0.5.3 - Privilege Escalation Exploit
2018-08-15
Microsoft DirectX SDK - Xact.exe Remote Code Execution Exploit
2018-08-15
iSmartViewPro 1.5 - SavePath for ScreenShots Buffer Overflow Exploit
2018-08-15
IP Finder 1.5 - Denial of Service Exploit
2018-08-15
Dicoogle PACS 2.5.0 Web Server Directory Traversal Exploit
2018-08-15
Wavemaker Studio 6.6 - Server-Side Request Forgery Vulnerability
2018-08-15
Monstra-Dev 3.0.4 - Cross-Site Request Forgery (Account Hijacking) Vulnerability
2018-08-15
Oracle Weblogic Server Deserialization Remote Code Execution Exploit
2018-08-11
iSmartViewPro 1.5 - Password Buffer Overflow Exploit
2018-08-11
MyBB Like Plugin 3.0.0 - Cross-Site Scripting Vulnerability
2018-08-11
MyBB Thank You/Like Plugin 3.0.0 - Cross-Site Scripting Vulnerability
2018-08-11
Zimbra 8.6.0_GA_1153 - Cross-Site Scripting Vulnerability
2018-08-11
Linux #Kernel #LinuxKernel 4.14.7 ( #Ubuntu 16.04 / #CentOS 7) Arbitrary File Read Exploit
2018-08-09
Mikrotik WinBox 6.42 - Credential Disclosure Exploit
2018-08-09
TPLink Archer C50 V3 Wireless Router 3 - CSRF (Remote Reboot) Vulnerability
2018-08-09
TPLink Archer C50 V3 Wireless Router 3 - CSRF (Information Disclosure) Vulnerability
2018-08-09
CloudMe Sync 1.10.9 - Buffer Overflow (SEH) Exploit
2018-08-09
AgataSoft Auto PingMaster 1.5 - Buffer Overflow (SEH) Exploit
2018-08-09
Sitecore.Net 8.1 - Directory Traversal Vulnerability
2018-08-09
Ericsson-LG iPECS NMS 30M - Directory Traversal Vulnerability
2018-08-09
TP-Link TL-WR840N - Denial of Service Vulnerability
2018-08-09
man-cgi Local File Inclusion Vulnerability
2018-08-09
reSIProcate 1.10.2 Heap Overflow Exploit
2018-08-08
iSmartViewPro 1.5 - Account Buffer Overflow Exploit
2018-08-08
iSmartViewPro 1.5 - Device Alias Buffer Overflow Exploit
2018-08-08
Microsoft Windows SCF File Feature Bypass Vulnerability
2018-08-08
OpenEMR < 5.0.1 - Remote Code Execution Exploit
2018-08-08
OCS Inventory NG Webconsole Shell Upload Vulnerability
2018-08-08
QNap QVR Client 5.0.3.23100 - Denial of Service Exploit
2018-08-08
Open-AudIT Community 2.2.6 - Cross-Site Scripting Vulnerability
2018-08-08
Monstra 3.0.4 - Cross-Site Scripting Vulnerability
2018-08-08
LAMS < 3.1 - Cross-Site Scripting Vulnerability
2018-08-08
Subrion CMS 4.2.1 - Cross-Site Scripting Vulnerability
2018-08-08
onArcade 2.4.2 - Cross-Site Request Forgery (Add Admin) Vulnerability
2018-08-08
CMS ISWEB 3.5.3 - Directory Traversal Vulnerability
2018-08-08
Fortinet FortiClient 5.2.3 (Windows 10 x64 Creators) - Local Privilege Escalation Exploit
2018-08-08
cgit < 1.2.1 - cgit_clone_objects() Directory Traversal Vulnerability
2018-08-08
Vuze Bittorrent Client 5.7.6.0 - SSDP Processing XML External Entity Injection Vulnerability
2018-08-08
Plex Media Server 1.13.2.5154 - SSDP Processing XML External Entity Injection Vulnerability
2018-08-08
PHP Template Store Script 3.0.6 - Cross-Site Scripting Vulnerability
2018-08-08
Wedding Slideshow Studio 1.36 - Buffer Overflow Exploit
2018-08-08
Linux Kernel UDP Fragmentation Offset (UFO) Privilege Escalation Exploit
2018-08-08
Linux/x86 - Reverse TCP (::FFFF:192.168.1.5:4444/TCP) Shell (/bin/sh) + Null-Free + IPv6 (86 bytes)
2018-08-08
Basic B2B Script 2.0.0 - Cross-Site Scripting Vulnerability
2018-08-08
ASUS DSL-N12E C1 1.1.2.3_345 - Remote Command Execution Exploit
2018-08-08
Seq 4.2.476 - Authentication Bypass Vulnerability
2018-08-08
AgataSoft Auto PingMaster 1.5 - Host name Denial of Service PoC Exploit
2018-08-08
PageResponse FB Inboxer Add-on 1.2 - search_field SQL Injection Vulnerability
2018-08-08
TI Online Examination System v2 - Arbitrary File Download Vulnerability
2018-08-08
Chartered Accountant : Auditor Website 2.0.1 - Cross-Site Scripting Vulnerability
2018-08-08
WityCMS 0.6.2 - Cross-Site Request Forgery (Password Change) Vulnerability
2018-08-08
Imperva SecureSphere 12.0.0.50 - SealMode Shell Escape Exploit
2018-08-08
Imperva SecureSphere 11.5 / 12.0 / 13.0 - Privilege Escalation Exploit
2018-08-08
CoSoSys Endpoint Protector 4.5.0.1 - Authenticated Remote Root Command Injection Exploit
2018-08-08
Universal Media Server 7.1.0 - SSDP Processing XML External Entity Injection Vulnerability
2018-08-08
DataLife Engine 13.0 Cross Site Scripting Vulnerability
2018-08-08
WebRTC - H264 NAL Packet Processing Type Confusion Exploit
2018-08-08
WebRTC - FEC Processing Overflow Exploit
2018-08-08
WebRTC - VP8 Block Decoding Use-After-Free Exploit
2018-08-08
Easy DVD Creator 2.5.11 Buffer Overflow Exploit
2018-08-08
My Video Converter 1.5.24 Buffer Overflow Exploit
2018-08-08
Allok Fast AVI MPEG Splitter 1.2 SEH Overwrite Exploit
2018-08-08
Linux/ARM - Reverse (::1:4444/TCP) Shell (/bin/sh) +IPv6 Shellcode (116 Bytes)
2018-08-08
Switch Port Mapping Tool 2.81 - SNMP Community Name Denial of Service PoC Exploit
2018-08-08
ipPulse 1.92 - Licence Key Denial of Service PoC Exploit
2018-08-08
HRSale 1.0.6 Local File Disclosure Vulnerability
2018-08-08
MicroFocus Secure Messaging Gateway Remote Code Execution Exploit
2018-08-08
Vtiger CRM 6.3.0 Authenticated Logo Upload Remote Command Execution Exploit
2018-08-08
SonicWall Global Management System XMLRPC Exploit
2018-08-08
Microsoft Wireless Display Adapter 2 Command Injection / Broken Access Control Vulnerability
2018-08-08
Allok MOV Converter 4.6.1217 Buffer Overflow Exploit
2018-08-08
Responsive Filemanager 9.13.1 Server-Side Request Forgery Vulnerability
2018-08-08
Charles Proxy 4.2 - Local root Privilege Escalation Exploit
2018-08-08
QNap QVR Client 5.0.3.23100 - Denial of Service (PoC)
2018-08-07
OpenEMR < 5.0.1 - Remote Code Execution
2018-08-07
Open-AudIT Community 2.2.6 - Cross-Site Scripting
2018-08-06
Monstra 3.0.4 - Cross-Site Scripting
2018-08-06
CMS ISWEB 3.5.3 - Directory Traversal
2018-08-06
onArcade 2.4.2 - Cross-Site Request Forgery (Add Admin)
2018-08-06
LAMS < 3.1 - Cross-Site Scripting
2018-08-06
Subrion CMS 4.2.1 - Cross-Site Scripting
2018-08-06
Fortinet FortiClient 5.2.3 (Windows 10 x64 Creators) - Local Privilege Escalation
2018-08-05
cgit < 1.2.1 - 'cgit_clone_objects()' Directory Traversal
2018-08-03
Linux Kernel - UDP Fragmentation Offset (UFO) Privilege Escalation (Metasploit)
2018-08-03
Plex Media Server 1.13.2.5154 - SSDP Processing XML External Entity Injection
2018-08-03
Vuze Bittorrent Client 5.7.6.0 - SSDP Processing XML External Entity Injection
2018-08-03
Linux/ARM - Bind (4444/TCP) Shell +IPv6 Shellcode (128 Bytes)
2018-08-03
PHP Template Store Script 3.0.6 - Cross-Site Scripting
2018-08-03
Wedding Slideshow Studio 1.36 - Buffer Overflow
2018-08-03
Entrepreneur Job Portal Script 3.0.1 - Cross-Site Scripting
2018-08-03
Basic B2B Script 2.0.0 - Cross-Site Scripting
2018-08-03
Linux/x86 - Reverse Shell (/bin/sh)+Null Free+IPv6 Shellcode (86 bytes)
2018-08-03
AgataSoft Auto PingMaster 1.5 - 'Host name' Denial of Service (PoC)
2018-08-02
Seq 4.2.476 - Authentication Bypass
2018-08-02
ASUS DSL-N12E_C1 1.1.2.3_345 - Remote Command Execution
2018-08-02
Allok Fast AVI MPEG Splitter 1.2 - Buffer Overflow (PoC)
2018-08-02
Universal Media Server 7.1.0 - SSDP Processing XML External Entity Injection
2018-08-02
SecureSphere 12.0.0.50 - SealMode Shell Escape (Metasploit)
2018-08-02
CoSoSys Endpoint Protector 4.5.0.1 - Authenticated Remote Root Command Injection
2018-08-02
Imperva SecureSphere 11.5 / 12.0 / 13.0 - Privilege Escalation
2018-08-02
PageResponse FB Inboxer Add-on 1.2 - 'search_field' SQL Injection
2018-08-02
TI Online Examination System v2 - Arbitrary File Download
2018-08-02
WityCMS 0.6.2 - Cross-Site Request Forgery (Password Change)
2018-08-02
Sun Solaris 11.3 AVS - Local Kernel root Exploit
2018-08-02
Chartered Accountant : Auditor Website 2.0.1 - Cross-Site Scripting
2018-08-02
SonicWall Global Management System - XMLRPC set_time_zone Command Injection (Metasploit)
2018-08-01
WebRTC - H264 NAL Packet Processing Type Confusion
2018-08-01
WebRTC - FEC Processing Overflow
2018-08-01
WebRTC - VP8 Block Decoding Use-After-Free
2018-08-01
Axis Network Camera - .srv to parhand RCE (Metasploit)
2018-08-01
Linux/ARM - Reverse (::1:4444/TCP) Shell +IPv6 Shellcode (116 Bytes)
2018-08-01
Switch Port Mapping Tool 2.81 - 'SNMP Community Name' Denial of Service (PoC)
2018-08-01
ipPulse 1.92 - 'Licence Key' Denial of Service (PoC)
2018-08-01
Allok MOV Converter 4.6.1217 - Buffer Overflow (SEH)
2018-08-01
fusermount - user_allow_other Restriction Bypass and SELinux Label Control Exploit
2018-07-30
Charles Proxy 4.2 - Local root Privilege Escalation
2018-07-30
fusermount - user_allow_other Restriction Bypass and SELinux Label Control
2018-07-30
H2 Database 1.4.197 - Information Disclosure
2018-07-30
Microsoft Windows Kernel - win32k!NtUserConsoleControl Denial of Service #PoC Exploit
2018-07-30
H2Database 1.4.197 - Information Disclosure Exploit
2018-07-30
ipPulse 1.92 - IP Address/HostName-Comment Denial of Service #PoC Exploit
2018-07-30
Microsoft Windows Kernel - 'win32k!NtUserConsoleControl' Denial of Service (PoC)
2018-07-30
ipPulse 1.92 - 'IP Address/HostName-Comment' Denial of Service (PoC)
2018-07-30
ProjectSend - SQL Injection Vulnerability
2018-07-29
WordPress Plugin Responsive Thumbnail Slider - Arbitrary File Upload (Metasploit)
2018-07-28
Skia - Heap Overflow in SkScan::FillPath due to Precision Error
2018-07-28
SoftNAS Cloud < 4.0.3 - OS Command Injection
2018-07-28
NetScanTools Basic Edition 2.5 - 'Hostname' Denial of Service (PoC)
2018-07-28
Online Trade 1 - Information Disclosure
2018-07-28
QNap QVR Client 5.1.1.30070 - 'Password' Denial of Service (PoC)
2018-07-28
Core FTP 2.0 - 'XRMD' Denial of Service (PoC)
2018-07-28
Inteno’s IOPSYS - (Authenticated) Local Privilege Escalation
2018-07-28
Trivum Multiroom Setup Tool 8.76 - Corss-Site Request Forgery (Admin Bypass)
2018-07-28
GetGo Download Manager 6.2.1.3200 - Denial of Service (PoC)
2018-07-28
10-Strike LANState 8.8 - Local Buffer Overflow (SEH)
2018-07-28
10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow (SEH)
2018-07-28
D-link DAP-1360 - Path Traversal / Cross-Site Scripting
2018-07-28
Micro Focus Secure Messaging Gateway (SMG) < 471 - Remote Code Execution (Metasploit)
2018-07-28
Nagios Core 4.4.1 - Denial of Service
2018-07-28
Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (100 bytes)
2018-07-28
Microsoft Windows - 'dnslint.exe' Drive-By Download
2018-07-28
Tenda Wireless N150 Router 5.07.50 - Cross-Site Request Forgery (Reboot Router)
2018-07-28
Windows Speech Recognition - Buffer Overflow (PoC)
2018-07-28
Davolink DVW 3200 Router - Password Disclosure
2018-07-28
Splinterware System Scheduler Pro 5.12 - Buffer Overflow (SEH)
2018-07-28
NUUO NVRmini - 'upgrade_handle.php' Remote Command Execution
2018-07-28
GeoVision GV-SNVR0811 - Directory Traversal
2018-07-28
TP-Link TL-WR840N - Denial of Service
2018-07-28
Touchpad / Trivum WebTouch Setup 2.53 build 13163 - Authentication Bypass
2018-07-28
MSVOD 10 - 'cid' SQL Injection
2018-07-28
Google Chrome - SwiftShader OpenGL Texture Bindings Reference Count Leak
2018-07-28
Google Chrome - Swiftshader Blitting Floating-Point Precision Errors
2018-07-28
Google Chrome - Swiftshader Texture Allocation Integer Overflow
2018-07-28
WordPress Responsive Thumbnail Slider Plugin - Arbitrary File Upload Exploit
2018-07-27
NetScanTools Basic Edition 2.5 - Hostname Denial of Service (PoC) Exploit
2018-07-27
Skia - Heap Overflow in SkScan::FillPath due to Precision Error Vulnerability
2018-07-27
Online Trade 1 - Information Disclosure Vulnerability
2018-07-27
QNap #QVR Client 5.1.1.30070 - Password Denial of Service #PoC Exploit
2018-07-27
Tracto #ERC20 Integer Overflow Vulnerability
2018-07-27
SoftNAS Cloud OS Command Injection Vulnerability
2018-07-27
Axis Network Camera Remote Command Execution Exploit
2018-07-27
FTPShell Client 5.22 Remote Buffer Overflow Exploit
2018-07-27
CleanMyMac3 Local Privilege Escalation Exploit
2018-07-27
Super CMS Blog Pro PHP Script 1.0 SQL Injection / Shell Upload Vulnerabilities
2018-07-27
WordPress Snazzy Maps 1.1.3 Cross Site Scripting Vulnerability
2018-07-27
WordPress Strong Testimonials 2.31.4 Cross Site Scripting Vulnerability
2018-07-27
WordPress Gwolle Guestbook 2.5.3 Cross Site Scripting Vulnerability
2018-07-27
Core FTP 2.0 - XRMD Denial of Service PoC Exploit
2018-07-26
Trivum Multiroom Setup Tool 8.76 - Cross-Site Request Forgery (Admin Bypass) Vulnerability
2018-07-26
Inteno IOPSYS - (Authenticated) Local Privilege Escalation Exploit
2018-07-26
GetGo Download Manager 6.2.1.3200 - Buffer Overflow Exploit
2018-07-25
10-Strike LANState 8.8 - Local Buffer Overflow (SEH) Exploit
2018-07-25
10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow (SEH) Exploit
2018-07-25
Sourcetree Remote Code Execution Exploit
2018-07-24
GeoVision GV-SNVR0811 Directory Traversal Vulnerability
2018-07-24
SMPlayer 18.6.0 Memory Corruption Exploit
2018-07-24
Micro Focus Secure Messaging Gateway (SMG) < 471 - Remote Code Execution Exploit
2018-07-24
Nagios Core 4.4.1 - Denial of Service Vulnerability
2018-07-24
D-link DAP-1360 - Path Traversal / Cross-Site Scripting Vulnerabilities
2018-07-24
NetworkManager #VPNC 1.2.4 Privilege Escalation Vulnerability
2018-07-24
Cisco Adaptive Security Appliance Path Traversal Exploit
2018-07-24
WordPress LimoLabs 1.0.0 Remote Password Disclosure Vulnerability
2018-07-24
Windows Speech Recognition - Buffer Overflow Exploit
2018-07-24
Splinterware System Scheduler Pro 5.12 - Buffer Overflow (SEH) Exploit
2018-07-24
Tenda #Wireless N150 Router 5.07.50 - Cross-Site Request Forgery (Reboot Router) Exploit
2018-07-24
Davolink DVW 3200 Router - Password Disclosure Exploit
2018-07-24
NUUO NVRmini - upgrade_handle.php Remote Command Execution Vulnerability
2018-07-24
Linux/x86 - Bind (4444/TCP) #Shell (/bin/sh) + IPv6 #Shellcode (100 bytes)
2018-07-24
TP-Link Archer C2 v3.0 UnAuthenticated Remote Code Execution Vulnerability
2018-07-23
Poppler v0.62.0 Memory Corruption Vulnerability
2018-07-23
Zoho #ManageEngine 13 (13790 build) XSS / File Read / File Deletion Vulnerabilities
2018-07-23
Microsoft DNS dnslint.exe Tool Forced Drive-By Download Vulnerability
2018-07-21
Oracle Fusion Middleware 12c (12.2.1.3.0) WebLogic SAML Issues Vulnerability
2018-07-21
Linux Driver National Instruments Remote Code Injection Vulnerability
2018-07-21
CMSMadeSimple 2.2.5 Authenticated Remote Command Execution Exploit
2018-07-20
Linux Kernel < 4.14.8 Sign Extension Local Privilege Escalation Exploit
2018-07-20
WordPress All In One Favicon 4.6 Plugin - Cross-Site Scripting Vulnerability
2018-07-20
MyBB New Threads Plugin 1.1 - Cross-Site Scripting Vulnerability
2018-07-20
FTP2FTP 1.0 - Arbitrary File Download Vulnerability
2018-07-20
Modx Revolution < 2.6.4 - Remote Code Execution Exploit
2018-07-20
Open-AudIT Community 2.1.1 - Cross-Site Scripting Vulnerability
2018-07-20
PrestaShop < 1.6.1.19 - AES CBC Privilege Escalation Exploit
2018-07-20
PrestaShop < 1.6.1.19 - BlowFish ECD Privilege Escalation Exploit
2018-07-20
Smart SMS & Email Manager 3.3 - contact_type_id SQL Injection Vulnerability
2018-07-20
JavaScript Core - Arbitrary Code Execution Exploit
2018-07-20
HomeMatic Zentrale CCU2 Unauthenticated Remote Code Execution Exploit
2018-07-20
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Remote Root Vulnerability
2018-07-20
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - File Manipulation Vulnerability
2018-07-20
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Configuration Download Vulnerability
2018-07-20
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Denial of Service Vulnerability
2018-07-20
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Cross-Site Request Forgery Vulnerabil
2018-07-20
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Restricted Shell Escape Vulnerability
2018-07-20
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Default Credentials Vulnerability
2018-07-20
Linux/x64 - Reverse (::1:1337/TCP) + IPv6 + Password (pwnd) Shellcode (115 bytes)
2018-07-20
QNAP QCenter change_passwd Command Execution Exploit
2018-07-20
Nanopool Claymore Dual Miner APIs Remote Code Execution Exploit
2018-07-20
TP-Link Archer C60 1.0 Code Execution Exploit
2018-07-20
Microsoft Windows .library-ms Information Disclosure Vulnerability
2018-07-20
macOS / iOS - JavaScript Injection Bug in OfficeImporter Exploit
2018-07-20
Linux Ubuntu - Other Users coredumps can be read via setgid Directory and killpriv Bypass Exploit
2018-07-20
Linux/ARM - Bind (/TCP) Shell Shellcode (104 bytes)
2018-07-20
Microsoft Enterprise Mode Site List Manager - XML External Entity Injection Vulnerability
2018-07-20
Wordpress Job Manager 4.1.0 Plugin - Cross-Site Scripting Vulnerability
2018-07-20
VelotiSmart WiFi B-380 Camera - Directory Traversal Vulnerability
2018-07-20
Fortify Software Security Center (SSC) 17.x/18.1 - XML External Entity Injection Vulnerability
2018-07-20
Linux Ubuntu Coredump Reading Access Bypass Vulnerability
2018-07-20
Microsoft Windows POP/MOV SS Local Privilege Elevation Exploit
2018-07-20
Apache Hadoop YARN ResourceManager Unauthenticated Command Execution Exploit
2018-07-20
ISS For Business 14.0.1400.2029 Blue Screen Of Death Vulnerability
2018-07-20
OpenConext-EngineBlock 5.7.3 Cross Site Scripting Vulnerability
2018-07-20
Grundig Smart [email protected] 3.0 - Cross-Site Request Forgery Vulnerability
2018-07-20
G DATA Total Security 25.4.0.3 - Activex Buffer Overflow Exploit
2018-07-20
phpMyAdmin Authenticated Remote Code Execution Exploit
2018-07-20
Apache CouchDB Arbitrary Command Execution Exploit
2018-07-20
Manage Engine Exchange Reporter Plus Unauthenticated Remote Code Execution Exploit
2018-07-20
Zeta Producer Desktop CMS 14.2.0 Code Execution / File Disclosure Vulnerabilities
2018-07-20
QNAP Qcenter Virtual Appliance 1.6.x Information Disclosure / Command Injection Vulnerabilities
2018-07-20
Chrome V8 KeyAccumulator Bug Exploit
2018-07-20
Microsoft Edge Chakra JIT - Type Confusion with Hoisted SetConcatStrMultiItemBE Instructions Exploit
2018-07-20
Microsoft Edge Chakra JIT - BoundFunction::NewInstance Out-of-Bounds Read Exploit
2018-07-20
Microsoft Edge Chakra JIT - Out-of-Bounds Reads/Writes Exploit
2018-07-20
Linux Kernel < 4.13.9 (Ubuntu 16.04/Fedora 27) - Local Privilege Escalation Exploit
2018-07-20
Monstra CMS Authenticated Arbitrary File Upload Exploit
2018-07-20
WAGO e!DISPLAY 7300T XSS / File Upload / Code Execution Vulnerabilities
2018-07-20
Dicoogle PACS 2.5.0 - Directory Traversal Vulnerability
2018-07-20
IBM QRadar SIEM - Unauthenticated Remote Code Execution Exploit
2018-07-20
Instagram-Clone Script 2.0 - Cross-Site Scripting Vulnerability
2018-07-20
Linux - BPF Sign Extension Local Privilege Escalation (Metasploit)
2018-07-19
MyBB New Threads Plugin 1.1 - Cross-Site Scripting
2018-07-19
WordPress Plugin All In One Favicon 4.6 - Cross-Site Scripting
2018-07-19
Modx Revolution < 2.6.4 - Remote Code Execution
2018-07-19
FTP2FTP 1.0 - Arbitrary File Download
2018-07-19
Open-AudIT Community 2.1.1 - Cross-Site Scripting
2018-07-19
HomeMatic Zentrale CCU2 - Remote Code Execution
2018-07-19
Smart SMS & Email Manager 3.3 - 'contact_type_id' SQL Injection
2018-07-19
JavaScript Core - Arbitrary Code Execution
2018-07-19
PrestaShop < 1.6.1.19 - 'BlowFish ECD' Privilege Escalation
2018-07-19
PrestaShop < 1.6.1.19 - 'AES CBC' Privilege Escalation
2018-07-19
Sony Playstation 4 (PS4) - PS4 5.05 BPF Double Free Kernel Exploit Writeup
2018-07-19
Nanopool Claymore Dual Miner - APIs Remote Code Execution (Metasploit)
2018-07-19
QNAP Q'Center - 'change_passwd' Command Execution (Metasploit)
2018-07-19
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Restricted Shell Escape
2018-07-19
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Default Credentials
2018-07-19
Linux/x64 - Reverse (::1:1337/TCP) Shell (/bin/sh) + IPv6 + Password (pwnd) Shellcode (115 bytes)
2018-07-19
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Remote Root
2018-07-19
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - File Manipulation
2018-07-19
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Configuration Download
2018-07-19
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Denial of Service
2018-07-19
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Cross-Site Request Forgery
2018-07-19
Linux (Ubuntu) - Other Users coredumps Can Be Read via setgid Directory and killpriv Bypass
2018-07-19
macOS/iOS - JavaScript Injection Bug in OfficeImporter
2018-07-19
WordPress Plugin Job Manager 4.1.0 - Cross-Site Scripting
2018-07-19
VelotiSmart WiFi B-380 Camera - Directory Traversal
2018-07-19
Linux/ARM - Bind (1234/TCP) Shell (/bin/sh) Shellcode (104 bytes)
2018-07-19
Fortify Software Security Center (SSC) 17.x/18.1 - XML External Entity Injection
2018-07-19
Microsoft Enterprise Mode Site List Manager - XML External Entity Injection
2018-07-19
Hadoop YARN ResourceManager - Unauthenticated Command Execution (Metasploit)
2018-07-13
Microsoft Windows - POP/MOV SS Local Privilege Elevation (Metasploit)
2018-07-13
Grundig Smart [email protected] 3.0 - Cross-Site Request Forgery
2018-07-13
phpMyAdmin - Authenticated Remote Code Execution (Metasploit)
2018-07-13
Apache CouchDB - Arbitrary Command Execution (Metasploit)
2018-07-13
Manage Engine Exchange Reporter Plus - Unauthenticated RCE (Metasploit)
2018-07-13
G DATA Total Security 25.4.0.3 - Activex Buffer Overflow
2018-07-13
Zeta Producer Desktop CMS 14.2.0 - Remote Code Execution / Local File Disclosure
2018-07-13
QNAP Qcenter Virtual Appliance - Multiple Vulnerabilities
2018-07-13
WAGO e!DISPLAY 7300T - Multiple Vulnerabilities
2018-07-13
Microsoft Edge Chakra JIT - Type Confusion with Hoisted SetConcatStrMultiItemBE Instructions
2018-07-12
Microsoft Edge Chakra JIT - BoundFunction::NewInstance Out-of-Bounds Read
2018-07-12
Microsoft Edge Chakra JIT - Out-of-Bounds Reads/Writes
2018-07-12
Linux Kernel < 4.13.9 (Ubuntu 16.04/Fedora 27) - Local Privilege Escalation
2018-07-12
Dicoogle PACS 2.5.0 - Directory Traversal
2018-07-11
Barracuda ADC 5.2 - Cross-Site Scripting
2018-07-11
IBM QRadar SIEM - Unauthenticated Remote Code Execution (Metasploit)
2018-07-11
Instagram-Clone Script 2.0 - Cross-Site Scripting
2018-07-11
D-Link DIR601 2.02 - Credential Disclosure Vulnerability
2018-07-10
OpenSSH < 6.6 SFTP (x64) - Command Execution Exploit
2018-07-10
OpenSSH < 6.6 SFTP - Command Execution Exploit
2018-07-10
D-Link DIR601 2.02 - Credential Disclosure
2018-07-10
OpenSSH < 6.6 SFTP - Command Execution
2018-07-10
OpenSSH < 6.6 SFTP (x64) - Command Execution
2018-07-10
Tor Browser < 0.3.2.10 - Use After Free (PoC ) Exploit
2018-07-10
Oracle WebLogic 12.1.2.0 RMI Registry UnicastRef Object Java Deserialization Remote Code Execution
2018-07-10
Elektronischer Leitz-Ordner 10 - SQL Injection Vulnerability
2018-07-10
WolfSight CMS 3.2 - SQL Injection Vulnerability
2018-07-10
Umbraco CMS SeoChecker Plugin 1.9.2 - Cross-Site Scripting Vulnerability
2018-07-10
Elektronischer Leitz-Ordner 10 - SQL Injection
2018-07-10
Oracle WebLogic 12.1.2.0 - RMI Registry UnicastRef Object Java Deserialization Remote Code Execution
2018-07-10
WolfSight CMS 3.2 - SQL Injection
2018-07-10
Gitea 1.4.0 - Remote Code Execution
2018-07-10
Tor Browser < 0.3.2.10 - Use After Free (PoC)
2018-07-09
GitList 0.6.0 - Argument Injection (Metasploit)
2018-07-09
HID discoveryd - command_blink_on Unauthenticated RCE (Metasploit)
2018-07-09
HP VAN SDN Controller - Root Command Injection (Metasploit)
2018-07-09
Activision Infinity Ward Call of Duty Modern Warfare 2 - Buffer Overflow Exploit
2018-07-09
Boxoft WAV to WMA Converter 1.0 - Local Buffer Overflow (SEH) Exploit
2018-07-09
Umbraco CMS SeoChecker Plugin 1.9.2 - Cross-Site Scripting Vulnerability
2018-07-09
Linux/x86 - Kill Process Shellcode (20 bytes)
2018-07-09
Boxoft WAV to WMA Converter 1.0 - Local Buffer Overflow (SEH)
2018-07-09
Umbraco CMS SeoChecker Plugin 1.9.2 - Cross-Site Scripting
2018-07-09
Activision Infinity Ward Call of Duty Modern Warfare 2 - Stack-based Buffer Overflow
2018-07-09
HID discoveryd command_blink_on Unauthenticated Remote Command Execution Exploit
2018-07-08
HP VAN SDN Controller Root Command Injection Exploit
2018-07-08
GitList 0.6.0 Argument Injection Exploit
2018-07-08
PolarisOffice 2017 8 - Remote Code Execution Exploit
2018-07-06
Airties #AIR5444TT - Cross-Site Scripting Vulnerability
2018-07-06
Airties AIR5444TT - Cross-Site Scripting
2018-07-06
PolarisOffice 2017 8 - Remote Code Execution
2018-07-06
Intel Processor Diagnostic Tool (IPDT) Privilege Escalation Vulnerability
2018-07-05
ADB Broadband Gateways / Routers - Privilege Escalation Vulnerability
2018-07-05
ADB Broadband Gateways / Routers - Local Root Jailbreak Vulnerability
2018-07-05
ADB Broadband Gateways / Routers - Authorization Bypass Vulnerability
2018-07-05
ADB Broadband Gateways / Routers - Privilege Escalation
2018-07-05
ADB Broadband Gateways / Routers - Local root Jailbreak
2018-07-05
ADB Broadband Gateways / Routers - Authorization Bypass
2018-07-05
SoftExpert Excellence Suite 2.0 - cddocument SQL Injection Vulnerability
2018-07-05
SoftExpert Excellence Suite 2.0 - 'cddocument' SQL Injection
2018-07-05
ManageEngine Exchange Reporter Plus < Build 5311 - Remote Code Execution Exploit
2018-07-04
Apache #PDFBox 1.8.14 / 2.0.10 Denial Of Service Vulnerability
2018-07-04
ShopNx - Arbitrary File Upload Vulnerability
2018-07-04
CMSMadeSimple 2.2.5 - Remote Code Execution Exploit
2018-07-04
Online Trade - Information Disclosure Vulnerability
2018-07-04
ShopNx - Arbitrary File Upload
2018-07-04
Online Trade - Information Disclosure
2018-07-04
CMS Made Simple 2.2.5 - Remote Code Execution
2018-07-04
ManageEngine Exchange Reporter Plus < Build 5311 - Remote Code Execution
2018-07-04
Microsoft Forefront Unified Access Gateway 2010 External DNS Interaction Vulnerability
2018-07-03
Microsoft Windows Kernel (win32k.sys) Local Denial Of Service Vulnerability
2018-07-03
OX App Suite 7.8.4 XSS / XML Injection / Information Disclosure Vulnerabilities
2018-07-03
NuCom NC-WR644GACV Unauthenticated Configuration File Download Vulnerability
2018-07-03
extjs getTip() Cross Site Scripting Vulnerability
2018-07-03
WeChat Pay SDK XXE Injection Vulnerability
2018-07-03
openslp 2.0.0 - Double-Free Exploit
2018-07-03
ModSecurity 3.0.0 - Cross-Site Scripting Vulnerability
2018-07-03
openslp 2.0.0 - Double-Free
2018-07-03
ntop-ng < 3.4.180617 - Authentication Bypass
2018-07-03
Boxoft WAV to MP3 Converter 1.1 - Buffer Overflow (Metasploit)
2018-07-03
Enhanced Mitigation Experience Toolkit (EMET) - XML External Entity Injection
2018-07-03
ModSecurity 3.0.0 - Cross-Site Scripting
2018-07-03
Nagios XI 5.2.6-5.4.12 - Chained Remote Code Execution (Metasploit)
2018-07-03
FTPShell Client 6.70 (Enterprise Edition) - Stack Buffer Overflow (Metasploit)
2018-07-03
Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow (PoC)
2018-07-03
Dolibarr ERP CRM < 7.0.3 - PHP Code Injection
2018-07-03
Linux/x86 - Execve /bin/cat /etc/passwd Shellcode (37 bytes)
2018-07-03
SIPp 3.6 - Local Buffer Overflow (PoC)
2018-07-03
DAMICMS 6.0.0 - Cross-Site Request Forgery (Add Admin)
2018-07-03
VMware NSX SD-WAN Edge < 3.1.2 - Command Injection
2018-07-03
Core FTP LE 2.2 - Buffer Overflow (PoC)
2018-07-03
Geutebruck 5.02024 G-Cam/EFD-2250 - 'simple_loglistjs.cgi' Remote Command Execution (Metasploit)
2018-07-03
Linux/x86 - Execve /bin/cat /etc/passwd #Shellcode (37 bytes)
2018-07-03
ntop-ng Authentication Bypass Vulnerability
2018-07-03
Boxoft WAV To MP3 Converter 1.1 Buffer Overflow Exploit
2018-07-03
VMware NSX SD-WAN Edge < 3.1.2 - Command Injection Exploit
2018-07-03
Geutebruck 5.02024 G-Cam/EFD-2250 - simple_loglistjs.cgi Remote Command Execution Exploit
2018-07-03
Dolibarr ERP CRM < 7.0.3 - PHP Code Injection Vulnerability
2018-07-03
DAMICMS 6.0.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
2018-07-03
Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow Exploit
2018-07-03
SIPp 3.6 - Local Buffer Overflow Vulnerability
2018-07-03
Core FTP LE 2.2 - Buffer Overflow Exploit
2018-07-03
Enhanced Mitigation Experience Toolkit ( #EMET ) XML Injection Vulnerability
2018-07-01
IPConfigure Orchid VMS 2.0.5 - Directory Traversal Information Disclosure Exploit
2018-06-30
FTPShell Client 6.70 Enterprise Edition Stack Buffer Overflow Exploit
2018-06-30
Nagios XI Chained Remote Code Execution Exploit
2018-06-30
TP-Link TL-WR841N V13 Command Injection Vulnerability
2018-06-30
TP-Link TL-WR841N V13 Insecure Direct Object Reference Vulnerability
2018-06-30
TP-Link TL-WR841N V13 Cross Site Request Forgery Vulnerability
2018-06-30
Cisco Adaptive Security Appliance - Path Traversal Exploit
2018-06-30
Polaris Office 2017 8.1 Remote Code Execution Exploit
2018-06-30
HongCMS 3.0.0 - SQL Injection Vulnerability
2018-06-30
hycus CMS 1.0.4 - Authentication Bypass Vulnerability
2018-06-30
BEESCMS 4.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
2018-06-30
DIGISOL DG-HR3400 Wireless Router - Cross-Site Scripting Vulnerability
2018-06-30
HPE VAN SDN 2.7.18.0503 - Unauthenticated Remote Root Exploit
2018-06-30
Wordpress < 4.9.6 - Arbitrary File Deletion Vulnerability
2018-06-30
Quest KACE Systems Management - Command Injection Exploit
2018-06-30
PoDoFo 0.9.5 - Buffer Overflow Vulnerability
2018-06-30
Liferay Portal < 7.0.4 - Server-Side Request Forgery Vulnerability
2018-06-30
WordPress Advanced Order Export For #WooCommerce CSV Injection Vulnerability
2018-06-30
KVM (Nested Virtualization) - L1 Guest Privilege Escalation Vulnerability
2018-06-30
WordPress iThemes Security Plugin < 7.0.3 - SQL Injection Vulnerability
2018-06-30
Foxit Reader 9.0.1.1049 - Remote Code Execution Exploit
2018-06-30
Wordpress Comments Import & Export Plugin < 2.0.4 - CSV Injection Vulnerability
2018-06-30
AsusWRT RT-AC750GF - Cross-Site Request Forgery (Change Admin Password) Vulnerability
2018-06-30
Ecessa Edge EV150 10.7.4 - Cross-Site Request Forgery (Add Superuser) Vulnerability
2018-06-30
Ecessa ShieldLink SL175EHQ < 10.7.4 - Cross-Site Request Forgery (Add Superuser) Vulnerability
2018-06-30
Ecessa WANWorx WVR-30 < 10.7.4 - Cross-Site Request Forgery (Add Superuser) Vulnerability
2018-06-30
Wordpress Advanced Order Export For WooCommerce Plugin < 1.5.4 - CSV Injection Vulnerability
2018-06-30
DIGISOL DG-BR4000NG - Buffer Overflow Vulnerability
2018-06-30
DIGISOL DG-BR4000NG - Cross-Site Scripting Vulnerability
2018-06-30
Travel Agency 1.1 - cid SQL Injection Vulnerability
2018-06-30
Intex Router N-150 - Cross-Site Request Forgery (Add Admin) Vulnerability
2018-06-30
phpMyAdmin 4.8.1 Code Execution / Local File Inclusion Vulnerabilities
2018-06-30
phpLDAPadmin 1.2.2 LDAP Injection Vulnerability
2018-06-30
Opencart < 3.0.2.0 - Denial of Service Exploit
2018-06-30
GreenCMS 2.3.0603 - Information Disclosure Vulnerability
2018-06-30
QEMU Guest Agent 2.12.50 - Denial of Service Vulnerability
2018-06-30
phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion Vulnerability
2018-06-30
Dell EMC RecoverPoint < 5.1.2 - Remote Root Command Execution Vulnerability
2018-06-30
Dell EMC RecoverPoint < 5.1.2 - Local Root Command Execution Vulnerability
2018-06-30
VideoInsight WebClient 5 - SQL Injection Vulnerability
2018-06-30
LFCMS 3.7.0 - Cross-Site Request Forgery (Add Admin) Vulnerability
2018-06-30
LFCMS 3.7.0 - Cross-Site Request Forgery (Add User) Vulnerability
2018-06-30
Windows 10 - Desktop Bridge Virtual Registry Incomplete Fix Privilege Escalation
2018-06-30
Apache CouchDB < 2.1.0 - Remote Code Execution Exploit
2018-06-30
TP-Link TL-WA850RE - Remote Command Execution Exploit
2018-06-30
ntp 4.2.8p11 - Local Buffer Overflow (PoC) Vulnerability
2018-06-30
MaDDash 2.0.2 - Directory Listing Vulnerability
2018-06-30
NewMark CMS 2.1 - sec_id SQL Injection Vulnerability
2018-06-30
Redis 5.0 - Denial of Service Vulnerability
2018-06-30
Mirasys DVMS Workstation 5.12.6 - Path Traversal Vulnerability
2018-06-30
phpMyAdmin 4.x Remote Code Execution Exploit
2018-06-30
Microsoft COM for Windows - Privilege Escalation Exploit
2018-06-30
Cisco Adaptive Security Appliance - Path Traversal
2018-06-28
DIGISOL DG-HR3400 Wireless Router - Cross-Site Scripting
2018-06-28
hycus CMS 1.0.4 - Authentication Bypass
2018-06-28
HongCMS 3.0.0 - SQL Injection
2018-06-28
BEESCMS 4.0 - Cross-Site Request Forgery (Add Admin)
2018-06-28
HPE VAN SDN 2.7.18.0503 - Remote Root
2018-06-27
Quest KACE Systems Management - Command Injection (Metasploit)
2018-06-27
Wordpress < 4.9.6 - (Authenticated) Arbitrary File Deletion
2018-06-27
PoDoFo 0.9.5 - Buffer Overflow
2018-06-26
Liferay Portal < 7.0.4 - Server-Side Request Forgery
2018-06-26
KVM (Nested Virtualization) - L1 Guest Privilege Escalation
2018-06-25
WordPress Plugin iThemes Security < 7.0.3 - SQL Injection
2018-06-25
Foxit Reader 9.0.1.1049 - Remote Code Execution
2018-06-25
Wordpress Plugin Comments Import & Export < 2.0.4 - CSV Injection
2018-06-25
Intex Router N-150 - Arbitrary File Upload
2018-06-25
Ecessa ShieldLink SL175EHQ < 10.7.4 - Cross-Site Request Forgery (Add Superuser)
2018-06-25
AsusWRT RT-AC750GF - Cross-Site Request Forgery (Change Admin Password)
2018-06-25
Ecessa WANWorx WVR-30 < 10.7.4 - Cross-Site Request Forgery (Add Superuser)
2018-06-25
DIGISOL DG-BR4000NG - Cross-Site Scripting
2018-06-25
DIGISOL DG-BR4000NG - Buffer Overflow (PoC)
2018-06-25
Intex Router N-150 - Cross-Site Request Forgery (Add Admin)
2018-06-25
Ecessa Edge EV150 10.7.4 - Cross-Site Request Forgery (Add Superuser)
2018-06-25
Wordpress Plugin Advanced Order Export For WooCommerce < 1.5.4 - CSV Injection
2018-06-25
Travel Agency 1.1 - 'cid' SQL Injection
2018-06-25
phpMyAdmin 4.8.1 - Local File Inclusion
2018-06-22
Opencart < 3.0.2.0 - Denial of Service
2018-06-22
phpLDAPadmin 1.2.2 - 'server_id' LDAP Injection (Username)
2018-06-22
QEMU Guest Agent 2.12.50 - Denial of Service
2018-06-22
GreenCMS 2.3.0603 - Information Disclosure
2018-06-22
phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion
2018-06-22
Dell EMC RecoverPoint < 5.1.2 - Remote Root Command Execution
2018-06-21
Dell EMC RecoverPoint < 5.1.2 - Local Root Command Execution
2018-06-21
LFCMS 3.7.0 - Cross-Site Request Forgery (Add Admin)
2018-06-21
LFCMS 3.7.0 - Cross-Site Request Forgery (Add User)
2018-06-21
VideoInsight WebClient 5 - SQL Injection
2018-06-20
IPConfigure Orchid VMS 2.0.5 - Directory Traversal Information Disclosure (Metasploit)
2018-06-20
Windows 10 - Desktop Bridge Virtual Registry CVE-2018-0880 Incomplete Fix Privilege Escalation
2018-06-20
Windows 10 - Desktop Bridge Activation Arbitrary Directory Creation Privilege Escalation
2018-06-20
Apache CouchDB < 2.1.0 - Remote Code Execution
2018-06-20
TP-Link TL-WA850RE - Remote Command Execution
2018-06-20
NewMark CMS 2.1 - 'sec_id' SQL Injection
2018-06-20
MaDDash 2.0.2 - Directory Listing
2018-06-20
ntp 4.2.8p11 - Local Buffer Overflow (PoC)
2018-06-20
Redis 5.0 - Denial of Service
2018-06-20
Mirasys DVMS Workstation 5.12.6 - Path Traversal
2018-06-20
Redatam Web Server < 7 - Directory Traversal Vulnerability
2018-06-19
Redis-cli < 5.0 - Buffer Overflow Exploit
2018-06-19
Microsoft COM for Windows - Privilege Escalation
2018-06-18
Redatam Web Server < 7 - Directory Traversal
2018-06-18
Redis-cli < 5.0 - Buffer Overflow (PoC)
2018-06-18
Audiograbber 1.83 - Local Buffer Overflow (SEH) Exploit
2018-06-18
PaleMoonBrowser 27.9.3 - Use After Free Vulnerability
2018-06-18
Nikto 2.1.6 - CSV Injection Vulnerability
2018-06-18
RabbitMQ Web Management < 3.7.6 - Cross-Site Request Forgery Vulnerability
2018-06-18
Joomla jomres 9.11.2 Component - Cross-Site Request Forgery Vulnerability
2018-06-18
Audiograbber 1.83 - Local Buffer Overflow (SEH)
2018-06-18
RabbitMQ Web Management < 3.7.6 - Cross-Site Request Forgery
2018-06-18
Joomla! Component jomres 9.11.2 - Cross-Site Request Forgery
2018-06-18
Pale Moon Browser < 27.9.3 - Use After Free (PoC)
2018-06-18
Nikto 2.1.6 - CSV Injection
2018-06-18
Dimofinf CMS 3.0.0 - Cross-Site Scripting Vulnerability
2018-06-15
OEcms 3.1 - Cross-Site Scripting Vulnerability
2018-06-15
Joomla Ek rishta 2.10 Component - SQL Injection Vulnerability
2018-06-15
Soroush IM Desktop app 0.15 - Authentication Bypass Vulnerability
2018-06-15
rtorrent 0.9.6 - Denial of Service Exploit
2018-06-15
Easy Chat Server 3.1 Add User Local Buffer Overflow Exploit
2018-06-15
RSLinx Classic and FactoryTalk Linx Gateway - Privilege Escalation Vulnerability
2018-06-15
WordPress Redirection 2.7.1 Deserialization Code Execution Vulnerability
2018-06-15
Dimofinf CMS 3.0.0 - Cross-Site Scripting
2018-06-15
Soroush IM Desktop app 0.15 - Authentication Bypass
2018-06-15
OEcms 3.1 - Cross-Site Scripting
2018-06-15
rtorrent 0.9.6 - Denial of Service
2018-06-14
Joomla Component Ek rishta 2.10 - SQL Injection
2018-06-14
Redaxo CMS Mediapool Addon < 5.5.1 - Arbitrary File Upload Vulnerability
2018-06-13
RSLinx Classic and FactoryTalk Linx Gateway - Privilege Escalation Vulnerability
2018-06-13
RSLinx Classic and FactoryTalk Linx Gateway - Privilege Escalation
2018-06-13
Microsoft Windows 10 - Child Process Restriction Mitigation Bypass Exploit
2018-06-13
DHCP Client - Command Injection (DynoRoot) Exploit
2018-06-13
glibc - realpath() Privilege Escalation Exploit
2018-06-13
Redaxo CMS Mediapool Addon < 5.5.1 - Arbitrary File Upload
2018-06-13
DHCP Client - Command Injection (DynoRoot) (Metasploit)
2018-06-13
glibc - 'realpath()' Privilege Escalation (Metasploit)
2018-06-13
Microsoft Windows 10 - Child Process Restriction Mitigation Bypass
2018-06-13
WordPress Google Map Plugin < 4.0.4 - SQL Injection Vulnerability
2018-06-13
WordPress Ultimate Form Builder Lite Plugin < 1.3.7 - SQL Injection Vulnerability
2018-06-13
MACCMS 10 - Cross-Site Request Forgery (Add User) Vulnerability
2018-06-13
Canon PrintMe EFI - Cross-Site Scripting Vulnerability
2018-06-13
Canon LBP6030w - Authentication Bypass Vulnerability
2018-06-13
Canon LBP7110Cw - Authentication Bypass Vulnerability
2018-06-13
MACCMS 10 - Cross-Site Request Forgery (Add User)
2018-06-13
Canon LBP6030w - Authentication Bypass
2018-06-12
Canon LBP7110Cw - Authentication Bypass
2018-06-12
WordPress Ultimate Form Builder Lite Plugin < 1.3.7 - SQL Injection
2018-06-12
WordPress Google Map Plugin < 4.0.4 - SQL Injection
2018-06-12
Canon PrintMe EFI - Cross-Site Scripting
2018-06-12
OX App Suite 7.8.4 - Multiple Vulnerabilities
2018-06-12
Siaberry 1.2.2 - Command Injection Vulnerability
2018-06-12
Joomla EkRishta 2.10 Component - username SQL Injection Vulnerability
2018-06-12
Siaberry 1.2.2 - Command Injection
2018-06-12
Joomla! Component EkRishta 2.10 - 'username' SQL Injection
2018-06-12
Chrome V8 PromiseAllResolveElementClosure Element Confusion Vulnerability
2018-06-11
WebKitGTK+ < 2.21.3 - #WebKitFaviconDatabase DoS Exploit
2018-06-11
WebKitGTK+ < 2.21.3 - 'WebKitFaviconDatabase' DoS
2018-06-11
WampServer 3.0.6 - Cross-Site Request Forgery
2018-06-11
Joomla EkRishta 2.10 Component - cid SQL Injection Vulnerability
2018-06-11
WordPress Pie Register Plugin < 3.0.9 - Blind SQL Injection Vulnerability
2018-06-11
userSpice 4.3.24 - Username Enumeration Exploit
2018-06-11
userSpice 4.3.24 - X-Forwarded-For Cross-Site Scripting Exploit
2018-06-11
Event Manager Admin panel - events_new.php SQL injection Vulnerability
2018-06-11
SchoolsAlertManagement Script - SQL Injection Vulnerabilities
2018-06-11
Schools Alert Management Script - Arbitrary File Deletion Vulnerability
2018-06-11
Schools Alert Management Script - Arbitrary File Read
2018-06-11
Schools Alert Management Script - 'get_sec.php' SQL Injection
2018-06-11
userSpice 4.3.24 - Username Enumeration
2018-06-11
Joomla! Component EkRishta 2.10 - 'cid' SQL Injection
2018-06-11
userSpice 4.3.24 - 'X-Forwarded-For' Cross-Site Scripting
2018-06-11
Schools Alert Management Script - Arbitrary File Deletion
2018-06-11
Event Manager Admin panel - 'events_new.php' SQL injection
2018-06-11
WordPress Plugin Pie Register < 3.0.9 - Blind SQL Injection
2018-06-11
Schools Alert Management Script - SQL Injection
2018-06-11
Google Chrome - Integer Overflow when Processing WebAssembly Locals Exploit
2018-06-09
WebKit - WebAssembly Compilation Info Leak Exploit
2018-06-09
WebKit - Use-After-Free when Resuming Generator Exploit
2018-06-09
WebRTC - VP9 Frame Processing Out-of-Bounds Memory Access Exploit
2018-06-09
WebRTC - VP9 Missing Frame Processing Out-of-Bounds Memory Access Exploit
2018-06-09
XiongMai uc-httpd 1.0.0 - Buffer Overflow Exploit
2018-06-09
Splunk < 7.0.1 - Information Disclosure Vulnerability
2018-06-09
Splunk < 7.0.1 - Information Disclosure
2018-06-08
XiongMai uc-httpd 1.0.0 - Buffer Overflow
2018-06-08
Linux/ARM - Egghunter (0x50905090) + execve(/bin/sh) Shellcode (60 bytes)
2018-06-08
Jenkins Mailer Plugin < 1.20 - Cross-Site Request Forgery (Send Email) Vulnerability
2018-06-08
Zip-n-Go 4.9 - Buffer Overflow (SEH) Exploit
2018-06-08
Sony Playstation 4 (PS4) 5.1 - Kernel Exploit
2018-06-08
TrendMicro OfficeScan XG 11.0 - Change Prevention Bypass Vulnerability
2018-06-08
Gnome Web (Epiphany) < 3.28.2.1 - Denial of Service Exploit
2018-06-08
WordPress Contact Form Maker Plugin 1.12.20 - SQL Injection Vulnerability
2018-06-08
WordPress Form Maker Plugin 1.12.24 - SQL Injection Vulnerability
2018-06-08
Ftp Server 1.32 - Credential Disclosure Vulnerability
2018-06-08
Monstra CMS < 3.0.4 - Cross-Site Scripting Exploit
2018-06-08
Microsoft Windows 10 scrrun.dll Active-X Creation / Deletion Issues Exploit
2018-06-08
XNU Kernel - Heap Overflow Due to Bad Bounds Checking in MPTCP Exploit
2018-06-08
macOS / iOS Kernel - Heap Overflow Due to Lack of Lower Size Check in getvolattrlist Exploit
2018-06-08
macOS Kernel - Use-After-Free Due to Lack of Locking in nvidia GeForce Driver Exploit
2018-06-08
Pagekit < 1.0.13 - Cross-Site Scripting Code Generator Exploit
2018-06-08
PHP 7.2.2 - php_stream_url_wrap_http_ex Buffer Overflow Exploit
2018-06-08
Canon MF210 / MF220 - Authenticaton Bypass Vulnerability
2018-06-08
Canon LBP6650 / LBP3370 / LBP3460 / LBP7750C - Authenticaton Bypass Vulnerability
2018-06-08
WebKitGTK+ < 2.21.3 - pageURL Mishandling Crash (PoC) Exploit
2018-06-08
10-Strike Network Inventory Explorer 8.54 - Registration Key Buffer Overflow (SEH) Exploit