Exploits (Total: 97069)

    
    
    
Archive.is Open Redirect Vulnerability
2016-10-04
AuraDVD Ripper Professional 1.6.3 - DLL Hijacking Vulnerability
2016-10-04
Aura Video Converter 1.6.3 - DLL Hijacking Vulnerability
2016-10-04
Serimux SSH Console Switch 2.4 - Multiple XSS Vulnerabilities
2016-10-04
Android - Insufficient Binder Message Verification Pointer Leak
2016-10-04
AuraDVD Ripper Professional v1.6.3 - DLL Hijacking Exploit
2016-10-04
Aura Video Converter 1.6.3 - DLL Hijacking Exploit
2016-10-04
Disk Pulse Enterprise 9.0.34 - Buffer Overflow Exploit
2016-10-04
SAP Netweaver 2004s Invalid Address Logging
2016-10-04
SAP Netweaver 7.40 SP 12 SCTC_TMS_MAINTAIN_ALOG Command Injection
2016-10-04
SAP Netweaver 7.40 SP 12 SCTC_REFRESH_CHECK_ENV Command Injection
2016-10-04
SAP Netweaver 7.40 SP 12 SCTC_REFRESH_EXPORT_TAB_COMP Command Injection
2016-10-04
DWebPro 8.4.2 Remote Binary Execution / File Inclusion
2016-10-04
Cyberoam iview UTM v0.1.2.7 - (Ajax) XSS Web Vulnerability
2016-10-04
Windows Capcom.sys - Kernel Execution (Metasploit)
2016-10-03
Apache Tomcat on Debian-Based Distros - Privilege Escalation
CVE-2016-1240
2016-10-03
Android - Insufficient Binder Message Verification Pointer Leak
2016-10-03
DWebPro 8.4.2 - Multiple Vulnerabilities
2016-10-03
Developed by Quicktech Islamabad SQL Injection
2016-10-03
Designed by Jadon Technologies SQL Injection
2016-10-03
Baobab CMS v2.0 SQL injection Vulnerability
2016-10-03
Glassfish Server - Unquoted Service Path Privilege Escalation
2016-10-03
Windows Firewall Control - Unquoted Service Path Privilege Escalation
2016-10-03
Grandsteam GXV3611_HD - SQL Injection
CVE-2015-2866
2016-10-03
"UPlink Creative Studio" Admin Page Bypass
2016-10-03
CHERRY B.UNLIMITED AES JD-0400EU-2/01 Spoof Attack
2016-10-03
Logitech M520 Y-R0012 Spoof Attack
2016-10-03
Perixx PERIDUO-710W KG-1027 Spoof Attack
2016-10-03
Abus Security Cams 0101a Cross Site Scripting
2016-10-03
Joomla DVFolderContent 1.0.2 Local File Disclosure
2016-10-03
cJSON buffer out of bound read
2016-10-02
Hems&hub Design World Cms Admin Page Bypass
2016-10-02
Dream Web Solutions login bypass
2016-10-02
THEHMOOB Crose-Site-Scripting
2016-10-01
易企网络 Cms Admin Page Bypass
2016-10-01
Tomcat packaging on Debian-based distros - Local Root Privilege Escalation
2016-10-01
Netgear Genie 2.4.32 Unquoted Service Path Elevation of Privilege
2016-10-01
Windows Firewall Control Unquoted Service Path Privilege Escalation
2016-10-01
WordPress Plugin KBoard 2.7 - SQL Injection
2016-10-01
WordPress Plugin KBoard - Cross Site Scripting
2016-10-01
Ubiquiti UniFi Critical Vulnerability
2016-10-01
imagemagick mogrify global buffer overflow
2016-10-01
Designed by webenlive 2016 © Admin Page Bypass
2016-10-01
ESTsoft ALTools Updater Insecure File Permissions Privilege Escalation
2016-09-30
WampServer 3.0.6 - Insecure File Permissions
2016-09-30
Steam Insecure File Permissions Privilege Escalation
2016-09-30
Mauritel Mobile XSS Vulnerability
2016-09-30
KeepNote 0.7.8 Remote Command Execution
2016-09-30
Netgear Genie 2.4.32 - Unquoted Service Path Elevation of Privilege
2016-09-30
Flv Player 2011 v1.3 - DLL Hijacking Vulnerability
2016-09-30
WampServer v3.0.6 - Insecure File Permissions
2016-09-30
Flv Player 2011 v1.3 - DLL Hijacking Exploit
2016-09-30
KeepNote 0.7.8 - Remote Command Execution
2016-09-29
Zortam MP3 Studio v21.15 - Insecure File Permissions
2016-09-29
iPod Video Converter v1.34 - DLL Hijacking Exploit
2016-09-29
Snort v2.9.7.0-WIN32 DLL Hijacking
2016-09-29
Symantec Messaging Gateway < = 10.6.1 Directory Traversal
2016-09-29
Revive Adserver 3.2.4 XSS / File Download / Element Injection
2016-09-29
Exponent CMS 2.3.9 Cross Site Scripting
2016-09-29
VLC Media Player 2.2.1 Buffer Overflow
2016-09-29
D-Link DWR-932B Backdoors / Default WPS PIN
2016-09-29
Webáruház SQL Injection
2016-09-29
VLC Media Player 2.2.1 - Buffer Overflow
2016-09-28
Symantec Messaging Gateway <= 10.6.1 - Directory Traversal
CVE-2016-5312
2016-09-28
Joomla com_remository Component - Full Path Disclosure Vulnerability
2016-09-28
Skype DLL Hijacking
2016-09-28
TP-Link Archer CR-700 Cross Site Scripting
2016-09-28
Ipod Video Converter DLL Hijacking
2016-09-28
NetMan 204 Backdoor Account
2016-09-28
AVer Information EH6108H+ Authentication Bypass / Inforation Exposure
2016-09-28
Freepbx < 13.0.188 , Remote root exploit
2016-09-28
Android 5.0 <= 5.1.1 - Stagefright .MP4 tx3g Integer Overflow (Metasploit)
CVE-2015-3864
2016-09-28
Linux Kernel 4.6.3 - Netfilter Privilege Escalation (Metasploit)
CVE-2016-4997
2016-09-28
FreePBX < 13.0.188 - Remote Command Execution (Metasploit)
2016-09-27
TP-Link Archer CR-700 - Cross-Site Scripting
2016-09-27
NetMan 204 - Backdoor Account
2016-09-27
MSI - NTIOLib.sys / WinIO.sys Local Privilege Escalation
2016-09-27
WinSMS 3.43 - Insecure File Permissions Privilege Escalation Exploit
2016-09-27
Parliament of the United Kingdom XSS Vulnerability
2016-09-27
Ipod Video Converter - DLL Hijacking Vulnerability
2016-09-27
Pop Under Ads Network 1.0 MySQL Credential Disclosure
2016-09-27
MSI NTIOLib.sys / WinIO.sys Local Privilege Escalation
2016-09-27
u5 CMS 5.1.4 Open Redirect
2016-09-27
Joomla Event Booking 2.10.1 SQL Injection
2016-09-27
Macro Expert 4.0 Privilege Escalation
2016-09-27
NetDrive 2.6.12 Privilege Escalation
2016-09-27
Iperius Remote 1.7.0 Privilege Escalation
2016-09-27
Android Stagefright MP4 tx3g Integer Overflow
2016-09-27
VenShop System 2010 Database Disclosure
2016-09-27
Epson WorkForce Lack Of Firmware Signing / CSRF
2016-09-27
Linux Kernel 4.6.3 Netfilter Privilege Escalation
2016-09-27
Windows - RegLoadAppKey Hive Enumeration Privilege Escalation (MS16-111)
CVE-2016-3373
2016-09-26
Windows 10 10586 (32/64) / 8.1 Update 2 - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111)
CVE-2016-3371
2016-09-26
Macro Expert 4.0 - Multiple Privilege Escalation
2016-09-26
Iperius Remote 1.7.0 - Unquoted Service Path Privilege Escalation
2016-09-26
MSI NTIOLib.sys, WinIO.sys - Local Privilege Escalation
2016-09-26
Elantech-Smart Pad 11.9.0.0 - Unquoted Service Path Privilege Escalation
2016-09-26
Joomla Component Event Booking 2.10.1 - SQL Injection
2016-09-26
NetDrive 2.6.12 - Unquoted Service Path Privilege Escalation
2016-09-26
Thailand Government Sites CMS SQL İnjection
2016-09-26
Webboard CMS SQL İnjection
2016-09-26
ESTsoft ALPlayer URL crash PoC
2016-09-26
ESTsoft ALPlayer .ASX Playlist crash PoC
2016-09-26
ImageMagick SGI Coder Out-Of-Bounds Read Vulnerability
2016-09-26
ffmpeg endless loop when dealing with craft swf file
2016-09-26
ImageMagick BMP Coder Out-Of-Bounds Write Vulnerability
2016-09-26
FaceDancer 21 - New Universal Case for PenTests
2016-09-26
Adobe Flash - Crash When Freeing Memory After AVC decoding
CVE-2016-4275
2016-09-25
Adobe Flash - Video Decompression Memory Corruption
2016-09-25
Linux - SELinux W+X Protection Bypass via AIO
2016-09-25
Elantech-Smart Pad Unquoted Service Path Privilege Escalation
2016-09-25
SELinux sandbox escape
2016-09-25
OpenSSL 1.1.0 OCSP DoS resource exhaustion
2016-09-25
TeempIp XSS Cookie Theft
2016-09-25
Kerio Control Unified Threat Management Code Execution / XSS / Memory Corruption
2016-09-25
resane-pardaz SQL injection
2016-09-25
BT Wifi Extenders 300 / 600 / 1200 Cross Site Scripting
2016-09-25
TeemIp 2.0.2 Cross Site Scripting
2016-09-25
AnyDesk 2.5.0 Privilege Escalation
2016-09-25
RealEstate CMS 3.00.50 - Cross Site Web Vulnerability
2016-09-25
Microix Timesheet Module SQL Injection
2016-09-25
3GP Player 4.7.0 - DLL Hijacking Vulnerability
2016-09-25
Matrimonial Website Script 1.0.2 SQL Injection
2016-09-25
Zortam MP3 Media Studio 21.15 Privilege Escalation
2016-09-25
Wise Care 365 4.27 / Wise Disk Cleaner 9.29 Privilege Escalation
2016-09-25
Sparkasse (Bank) - Service Security Advisory WB021 2016
2016-09-24
Zortam Mp3 Media Studio 21.15 - Insecure File Permissions Privilege Escalation
2016-09-23
Wise Care 365 4.27 / Wise Disk Cleaner 9.29 - Unquoted Service Path Privilege Escalation
2016-09-23
3GP Player 4.7.0 - DLL Hijacking Vulnerability
2016-09-23
Silverstripe Theme Newedge Cross Site Scripting
2016-09-23
RSA Adaptive Authentication (On-Premise) Cross Site Scripting
2016-09-23
Joomla Huge-IT Video Gallery 1.0.9 SQL Injection
2016-09-23
Microsoft Internet Explorer 11 CORS Disrespect
2016-09-23
Metasploit Web UI Diagnostic Console Command Execution
2016-09-23
JCraft/JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal
CVE-2016-5725
2016-09-23
Matrimonial Website Script 1.0.2 - SQL Injection
2016-09-22
Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - 'cdc_acm' Nullpointer Dereference
2016-09-22
Metasploit Web UI - Diagnostic Console Command Execution
2016-09-22
Kerio Control Unified Threat Management 9.1.0 build 1087, 9.1.1 build 1324 - Multiple Vulnerabilities
2016-09-22
Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection
2016-09-22
Exponent CMS 2.3.9 - Blind SQL Injection
CVE-2016-7400
2016-09-22
AnyDesk 2.5.0 - Unquoted Service Path Privilege Escalation
2016-09-22
Kerberos in Microsoft Windows - Security Feature Bypass (MS16-101)
CVE-2016-3237
2016-09-22
Microix Timesheet Module - SQL Injection
2016-09-22
Wordpress W3 Total Cache < = 0.9.4.1 XSS
2016-09-22
JCraft/JSch Java Secure Channel < = 0.1.53 recursive sftp-get path traversal
2016-09-22
Microsoft Office PowerPoint 2010 - Invalid Pointer Reference
CVE-2016-3357
2016-09-22
Symantec rar Decomposer Engine (Multiple Products) - Out-of-Bounds Read / Out-of-Bounds Write
CVE-2016-5309
2016-09-22
Dolphin 7.3.0 - Error-Based SQL Injection
2016-09-22
VegaDNS 0.13.2 - Remote Command Injection
2016-09-22
ZineBasic 1.1 - Arbitrary File Disclosure
2016-09-22
SolarWinds Kiwi CatTools 3.11.0 - Unquoted Service Path Privilege Escalation
2016-09-22
VMware Workstation - vprintproxy.exe JPEG2000 Images Multiple Memory Corruptions
CVE-2016-7084
2016-09-22
VMware Workstation - vprintproxy.exe TrueType NAME Tables Heap Buffer Overflow
CVE-2016-7083
2016-09-22
MyBB 1.8.6 - SQL Injection
2016-09-22
Kajona 4.7 - Cross-Site Scripting / Directory Traversal
2016-09-22
Docker Daemon - Privilege Escalation (Metasploit)
2016-09-22
SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation
2016-09-22
EKG Gadu 1.9~pre+r2855-3+b1 - Local Buffer Overflow
2016-09-22
WordPress Plugin Order Export Import for WooCommerce - Order Information Disclosure
2016-09-22
PHP 5.0.0 - 'tidy_parse_file()' Buffer Overflow
2016-09-22
AnoBBS 1.0.1 - Remote File Inclusion
2016-09-22
Cisco ASA - Authentication Bypass 'EXTRABACON' (Improved Shellcode) (69 bytes)
2016-09-22
Cisco ASA 9.2(3) - 'EXTRABACON' Authentication Bypass
2016-09-22
NetBSD mail.local - Privilege Escalation (Metasploit)
CVE-2016-6253
2016-09-22
Cisco EPC 3925 - Multiple Vulnerabilities
2016-09-22
Apache Mina 2.0.13 - Remote Command Execution
2016-09-22
Android - getpidcon Usage binder Service Replacement Race Condition
2016-09-22
PrivateTunnel Client 2.7.0 (x64) - Local Credentials Disclosure
2016-09-22
Open-Xchange App Suite 7.8.2 - Cross Site Scripting
CVE-2016-5740
2016-09-22
Open-Xchange Guard 2.4.2 - Multiple Cross Site Scripting
CVE-2016-6851
2016-09-22
WinSMS 3.43 - Insecure File Permissions Privilege Escalation
2016-09-22
Microsoft Internet Explorer 11.0.9600.18482 - Use After Free
2016-09-22
ASUS DSL-X11 ADSL Router - Unauthenticated DNS Change
2016-09-22
COMTREND ADSL Router CT-5367 C01_R12, CT-5624 C01_R03 - Unauthenticated DNS Change
2016-09-22
Tenda ADSL2/2+ Modem 963281TAN - Unauthenticated DNS Change
2016-09-22
PLANET VDR-300NU ADSL Router - Unauthenticated DNS Change
2016-09-22
PIKATEL 96338WS, 96338L-2M-8M - Unauthenticated DNS Change
2016-09-22
Inteno EG101R1 VoIP Router - Unauthenticated DNS Change
2016-09-22
Exper EWM-01 ADSL/MODEM - Unauthenticated DNS Change
2016-09-22
Zapya Desktop 1.803 - 'ZapyaService.exe' Privilege Escalation
2016-09-22
wdCalendar 2 - SQL Injection
2016-09-22
Windows x86 - Password Protected TCP Bind Shell (637 bytes)
2016-09-22
Battle.Net 1.5.0.7963 - Insecure File Permissions Privilege Escalation
2016-09-22
Kaltura 11.1.0-2 - Remote Code Execution (Metasploit)
2016-09-22
Microsoft Office PowerPoint 2010 - Invalid Pointer Reference
2016-09-22
AppDynamic 4.3.2.1 Build 57 Cross Site Scripting
2016-09-22
Cherry Music 0.35.1 - Arbitrary File Disclosure
CVE-2015-8309
2016-09-22
Exponent CMS < = v2.3.9 Blind SQL Injection
2016-09-21
Joomla! session id not hashed
2016-09-21
ShoreTel Connect ONSITE Blind SQL Injection Vulnerability
2016-09-21
DllHijackAuditor 3.5 - Stack Overflow Vulnerability
2016-09-21
Dolphin 7.3.0 Error Based SQL Injection
2016-09-21
VegaDNS 0.13.2 - Remote Command Injection
2016-09-21
EKG Gadu 1.9pre+r2855-3+b1 Local Buffer Overflow
2016-09-20
Webspert script SQL Injection
2016-09-20
VinDrive SQL Injecti0n Vulnerability - Manually AND sqlmap
2016-09-20
MuM MapEdit 3.2.6.0 - Multiple Vulnerabilities
2016-09-20
SolarWinds Kiwi Syslog Server Unquoted Service Path Privilege Escalation Vulnerability
2016-09-20
ZineBasic 1.1 Remote File Disclosure
2016-09-20
MetInfo 3.0 SQL Injection
2016-09-20
WordPress Neosense Theme 1.7 Shell Upload
2016-09-20
ComActivity 2.14.35 Cross Site Scripting
2016-09-20
ECShop 2.7.2 Open Redirect
2016-09-20
CodeCanyon iBilling 2.4 Cross Site Scripting
2016-09-20
Coupon CMS 5.00 Open Redirect
2016-09-20
Oracle Outside In File ID Library 8.5.3 Memory Corruption
2016-09-20
ShoreTel Connect ONSITE Blind SQL Injection
2016-09-20
Apple Mac OSX / iOS - Kernel iokit Registry Iterator Manipulation Double-Free Exploit
CVE-2015-7084
2016-09-20
Apple Mac OSX - gst_configure Kernel Buffer Overflow
CVE-2015-7077
2016-09-20
Netbaran SQL injection Vulnerability
2016-09-18
Peel Shopping 8.0.2 Object Injection
2016-09-17
Kajona 4.7 Cross Site Scripting / Directory Traversal
2016-09-17
MP3 Cutter 1.1.0 - Reverse Engineering Issue
2016-09-17
Wordpress pulgin bordeaux theme upload shell Vulnerability
2016-09-17
3Webs CMS 2.0 & 3.0 Bypass & SQL Injection
2016-09-17
Docker Daemon Privilege Escalation
2016-09-17
ZooKeeper 3.4.8 / 3.5.2 Buffer Overflow
2016-09-17
Windows/x86 - URLDownloadToFileA() + SetFileAttributesA() + WinExec() + ExitProcess() Shellcode (394
2016-09-16
Linux/x86 - Reverse Shell using Xterm ///usr/bin/xterm -display 127.1.1.1:10 Shellcode (68 bytes)
2016-09-16
AnoBBS 1.0.1 Remote File Inclusion Exploit
2016-09-16
BINOM3 Electric Power Quality Meter Vulnerabilities
2016-09-16
Oxwall 1.8.0 (build 9900) XSS & Open Redirect
2016-09-16
MyBB 1.8.6 Improper validation of data passed to eval
2016-09-16
MyBB 1.8.6 SQL Injection
2016-09-16
MyBB 1.8.6 CSRF Weak Hashing, Plaintext Passwords
2016-09-16
Cisco ASA 9.2(3) Authentication Bypass (EXTRABACON Module)
2016-09-16
Joomla com_cckjseblod Config File Download Vulnerability
2016-09-16
NetBSD mail.local Privilege Escalation
2016-09-16
Linux/x86 - Bind Shell Port 4444/TCP Shellcode (656 bytes)
2016-09-16
Linux/x86-64 - Bind 1472/TCP Shellcode (IPv6) (199 bytes)
2016-09-16
Android Adobe Air 22.0.0.153 Insecure Tranport
2016-09-16
Web Motion Jquery image upload
2016-09-16
ASUS RT-N10 Multiple Vulnerabilities
2016-09-16
Cisco EPC 3925 Multiple Vulnerabilities
2016-09-16
Windows/x86 - Primitive Keylogger to File Null Free Shellcode (431 bytes)
2016-09-15
Linux/x86-64 - Reverse Shell Shellcode
2016-09-15
Exim 4 (Debian 8 / Ubuntu 16.04) - Spool Privilege Escalation Vulnerability
2016-09-15
PHP 7.0.10 Heap overflow in mysqlnd related to BIT fields
2016-09-15
PHP 7.0.10 Out of bound when verify signature of zip phar in phar_parse_zipfile
2016-09-15
PHP 7.0.10 SEH buffer overflow msgfmt_format_message
2016-09-15
PHP 7.0.10 Missing type check when unserializing SplArray
2016-09-15
PHP 7.0.10 Out-Of-Bounds Read in php_wddx_push_element of wddx.c
2016-09-15
Android getpidcon Usage binder Service Replacement Race Condition
2016-09-15
Siemens IP Camera 0.1.69 Arbitrary File Download
2016-09-15
Bezaat Script V2 Arbitrary Shell Upload Vulnerability
2016-09-15
Bezaat Script V2 SQL Injection Vulnerability
2016-09-15
Microsoft Internet Explorer 11.0.9600.18482 Use-After-Free
2016-09-15
PrivateTunnel Client v2.7.0 (x64) Local Credentials Disclosure After Sign out Exploit
2016-09-15
ASUS DSL-X11 ADSL Router Unauthenticated Remote DNS Changer
2016-09-14
Exploits/page:


Page:
1-4-2 (www02)