Exploits (Total: 96850)

    
    
    
Microsoft Windows - NtImpersonateAnonymousToken AC to Non-AC Privilege Escalation
2018-01-11
Microsoft Windows - NTFS Owner/Mandatory Label Privilege Bypass
2018-01-11
Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon
2018-01-11
IRIX - stdin-read Shellcode (40 bytes)
2018-01-11
IRIX - execve(/bin/sh) Shellcode (68 bytes)
2018-01-11
IRIX - Bind TCP /bin/sh Shell Shellcode (364 bytes)
2018-01-11
IRIX - execve(/bin/sh) Shellcode (43 bytes)
2018-01-11
IRIX - execve(/bin/sh -c) Shellcode (72 bytes)
2018-01-11
FreeBSD - reboot() Shellcode (15 Bytes)
2018-01-11
FreeBSD/x86 - Bind TCP /bin/sh Shell (41254/TCP) Shellcode (115 bytes)
2018-01-11
FreeBSD/x86 - //sbin/pfctl -F all Shellcode (47 Bytes)
2018-01-11
FreeBSD/x86 - execv(/bin/sh) Shellcode (23 bytes)
2018-01-11
FreeBSD/x86-64 - Bind TCP Password (R2CBw0cr) /bin/sh Shell Shellcode (127 bytes)
2018-01-11
FreeBSD/x86-64 - execve /bin/sh Shellcode (28 bytes)
2018-01-11
MiniUPnP MiniUPnPc < 2.0 - Remote Denial of Service
2018-01-11
Python smtplib 2.7.11 / 3.4.4 / 3.5.1 - Man In The Middle StartTLS Stripping
2018-01-11
Parity Browser < 1.6.10 - Bypass Same Origin Policy
2018-01-11
Jungo WinDriver 12.5.1 - Local Privilege Escalation
2018-01-11
Linux/ARM (Raspberry Pi) - Bind TCP /bin/sh Shell (0.0.0.0:4444/TCP) Null-Free Shellcode (112 bytes)
2018-01-11
D-Link Routers 110/412/615/815 < 1.03 - 'service.cgi' Arbitrary Code Execution
2018-01-11
SAP NetWeaver J2EE Engine 7.40 - SQL Injection
2018-01-11
Jungo Windriver 12.5.1 - Privilege Escalation
2018-01-11
HPE iMC - dbman RestartDB Unauthenticated Remote Command Execution (Metasploit)
2018-01-10
HPE iMC - dbman RestoreDBase Unauthenticated Remote Command Execution (Metasploit)
2018-01-10
Microsoft Edge Chakra JIT - 'Lowerer::LowerSetConcatStrMultiItem' Missing Integer Overflow Check
2018-01-10
Multiple CPUs - Information Leak Using Speculative Execution
2018-01-10
Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (53 bytes)
2018-01-10
Joomla! Component Easydiscuss < 4.0.21 - Cross-Site Scripting
2018-01-10
WordPress Plugin WordPress Download Manager 2.9.60 - Cross-Site Request Forgery
2018-01-10
WordPress Plugin Admin Menu Tree Page View 2.6.9 - Cross-Site Request Forgery / Privilege Escalation
2018-01-10
WordPress Plugin CMS Tree Page View 1.4 - Cross-Site Request Forgery / Privilege Escalation
2018-01-10
WordPress Plugin Social Media Widget by Acurax 3.2.5 - Cross-Site Request Forgery
2018-01-10
BSD/x86 - setreuid(geteuid(), geteuid()) + execve("/bin/sh") Shellcode (36 bytes)
2018-01-10
Alpha - setuid() Shellcode (156 bytes)
2018-01-10
Alpha - execve() Shellcode (112 bytes)
2018-01-10
Alpha - /bin/sh Shellcode (80 bytes)
2018-01-10
WordPress Plugin Events Calendar - 'event_id' SQL Injection
2018-01-10
DiskBoss Enterprise 8.8.16 - Buffer Overflow
2018-01-10
Muviko 1.1 - SQL Injection
2018-01-10
Linux/x86 - execve /bin/dash Shellcode (30 bytes)
2018-01-10
Worpress Plugin Service Finder Booking < 3.2 - Local File Disclosure
2018-01-10
Synology Photostation 6.7.2-3429 - Remote Code Execution (Metasploit)
2018-01-10
Commvault Communications Service (cvd) - Command Injection (Metasploit)
2018-01-09
Microsoft Windows - 'nt!NtQuerySystemInformation (information class 138, QueryMemoryTopologyInformation)' Kernel Pool Memory Disclosure
2018-01-09
Microsoft Windows - 'nt!NtQueryInformationProcess (information class 76, QueryProcessEnergyValues)' Kernel Stack Memory Disclosure
2018-01-09
Microsoft Edge Chakra JIT - Escape Analysis Bug
2018-01-09
Microsoft Edge Chakra - 'asm.js' Out-of-Bounds Read
2018-01-09
Microsoft Edge Chakra JIT - BackwardPass::RemoveEmptyLoopAfterMemOp Does not Insert Branches
2018-01-09
Microsoft Edge Chakra JIT - Op_MaxInAnArray and Op_MinInAnArray can Explicitly call User-Defined JavaScript Functions
2018-01-09
Microsoft Windows - Local XPS Print Spooler Sandbox Escape
2018-01-09
Android - Inter-Process munmap due to Race Condition in ashmem
2018-01-09
Magento Connect T1 - (Claim) Persistent Vulnerability
2018-01-08
Sync Breeze Enterprise 10.1.16 - Denial of Service Exploit
2018-01-08
Synology DiskStation Manager (DSM) < 6.1.3-15152 - forget_passwd.cgi User Enumeration
2018-01-08
VX Search Enterprise 10.1.12 - Denial of Service Exploit
2018-01-08
WordPress LearnDash 2.5.3 Plugin - Arbitrary File Upload Vulnerability
2018-01-08
Oracle WebLogic < 10.3.6 - wls-wsat Component Deserialisation Remote Command Execution Exploit
2018-01-08
D-Link DNS-320 ShareCenter < 1.06 - Backdoor Access Vulnerability
2018-01-08
Linux/x86 - chmod 777 /etc/sudoers Shellcode (36 bytes)
2018-01-08
Vanilla < 2.1.5 - Cross-Site Request Forgery
2018-01-08
WordPress Plugin LearnDash 2.5.3 - Arbitrary File Upload
2018-01-08
FiberHome LM53Q1 - Multiple Vulnerabilities
2018-01-08
SonicWall NSA 6600/5600/4600/3600/2600/250M - Multiple Vulnerabilities
2018-01-08
Oracle WebLogic < 10.3.6 - 'wls-wsat' Component Deserialisation Remote Command Execution
2018-01-08
Photos in Wifi 1.0.1 - Path Traversal
2018-01-08
BarcodeWiz ActiveX Control < 6.7 - Buffer Overflow
2018-01-08
Synology DiskStation Manager (DSM) < 6.1.3-15152 - 'forget_passwd.cgi' User Enumeration
2018-01-08
DiskBoss Enterprise 8.5.12 - Denial of Service
2018-01-08
Sync Breeze Enterprise 10.1.16 - Denial of Service
2018-01-08
Disk Pulse Enterprise 10.1.18 - Denial of Service
2018-01-08
VX Search Enterprise 10.1.12 - Denial of Service
2018-01-08
MS Sharepoint 2013 - Limited Access Permission Bypass
2018-01-08
Joomla Ad Agency 6.0.9 SQL Injection Vulnerability
2018-01-07
Joomla JHotelReservation 6.0.5 SQL Injection Vulnerability
2018-01-07
Joomla JMultipleHotelReservation 6.0.5 SQL Injection Vulnerability
2018-01-07
Joomla J-BusinessDirectory 4.7.3 SQL Injection Vulnerability
2018-01-07
Joomla JUX Real Estate 3.3.0 SQL Injection Vulnerability
2018-01-07
Joomla Real Estate 1.5 SQL Injection Vulnerability
2018-01-07
Joomla vRestaurant 1.9.4 SQL Injection Vulnerability
2018-01-07
Joomla VMap 1.9.2 SQL Injection Vulnerability
2018-01-07
WordPress WpJobBoard 4.4.4 SQL Injection Vulnerability
2018-01-07
AMD PSP fTPM Remote Code Execution Vulnerability
2018-01-07
Western Digital WDMyCloud mydlinkBRionyg Backdoor Exploit
2018-01-07
Western Digital WDMyCloud 2.30.165 Multiple Vulnerabilities
2018-01-07
BarcodeWiz ActiveX Control Buffer Overflow Vulnerability
2018-01-07
Gespage 7.4.8 Cross Site Scripting Vulnerability
2018-01-07
Icyphoenix 2.2.0.105 SQL Injection Vulnerability
2018-01-07
Linux/x86 chmod 777 /etc/sudoers Shellcode (36 bytes)
2018-01-07
Cisco IOS - Remote Code Execution Exploit
2018-01-07
Ayukov NFTP FTP Client 2.0 - Buffer Overflow Exploit
2018-01-07
Linux/x86 - Reverse TCP /bin/sh Shell (127.1.1.1:8888/TCP) Null-Free Shellcode (67/69 bytes)
2018-01-06
VMware Workstation - ALSA Config File Local Privilege Escalation Exploit
2018-01-06
Microsoft Windows win32k - Using SetClassLong to Switch Between CS_CLASSDC and CS_OWNDC Corrupts DC
2018-01-06
GetGo Download Manager 5.3.0.2712 - Proxy Buffer Overflow Exploit
2018-01-06
Gespage 7.4.8 - SQL Injection Exploit
2018-01-06
Cisco IOS - Remote Code Execution
2018-01-05
VMware Workstation - ALSA Config File Local Privilege Escalation (Metasploit)
2018-01-05
Ayukov NFTP FTP Client 2.0 - Buffer Overflow (Metasploit)
2018-01-05
Gespage 7.4.8 - SQL Injection
2018-01-05
Microsoft Windows win32k - Using SetClassLong to Switch Between CS_CLASSDC and CS_OWNDC Corrupts DC Cache
2018-01-05
Exploits/page:


Page:
1-4-2 (www01)