Offensive Security
076ef173f9
DB: 2016-06-11
...
23 new exploits
Poison Ivy 2.1.x C2 Buffer Overflow (msf)
Matrix42 Remote Control Host 3.20.0031 - Unquoted Path Privilege Escalation
Dell OpenManage Server Administrator 8.3 - XML External Entity Exploit
Mobiketa 1.0 - CSRF Add Admin Exploit
miniMySQLAdmin 1.1.3 - CSRF Execute SQL Query
phpMyFAQ 2.9.0 - Stored XSS
Windows x86 system(_systeminfo_) Shellcode
Armadito Antimalware - Backdoor/Bypass
Riot Games League of Legends - Insecure File Permissions Privilege Escalation
IPFire proxy.cgi RCE
IPFire Bash Environment Variable Injection (Shellshock)
Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution
OS X Kernel - Exploitable NULL Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Android - /system/bin/sdcard Stack Buffer Overflow
OS X Kernel - Exploitable NULL Pointer Dereference in AppleMuxControl.kext
OS X Kernel - Exploitable NULL Pointer Dereference in AppleGraphicsDeviceControl
OS X Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource
OS X Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
OS X Kernel - Exploitable NULL Pointer Dereference in IOAudioEngine
OS X Kernel - OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type
OS X Kernel - Use-After-Free Due to Bad Locking in IOAcceleratorFamily2
OS X/iOS Kernel - UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient
OS X Kernel - Stack Buffer Overflow in GeForce GPU Driver
2016-06-11 05:06:22 +00:00
Offensive Security
74f927013e
DB: 2016-06-09
...
1 new exploits
Drale DBTableViewer 100123 - Blind SQL Injection
2016-06-09 05:02:54 +00:00
Offensive Security
62962d90b0
DB: 2016-06-07
...
16 new exploits
Linux Kernel < 2.6.34 (Ubuntu 11.10 x86 & x64) - CAP_SYS_ADMIN Local Privilege Escalation Exploit (2)
Linux Kernel < 2.6.34 (Ubuntu 11.10 x86/x64) - CAP_SYS_ADMIN Local Privilege Escalation Exploit (2)
Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - Sendpage Local Privilege Escalation (Metasploit)
Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - Sendpage Local Privilege Escalation (Metasploit)
Linux Kernel <= 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings
Linux Kernel <= 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Local Root
WordPress Simple Backup Plugin 2.7.11 - Multiple Vulnerabilities
Dream Gallery 1.0 - CSRF Add Admin Exploit
Apache Continuum 1.4.2 - Multiple Vulnerabilities
Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - ShellShock Exploit
Valve Steam 3.42.16.13 - Local Privilege Escalation
ArticleSetup 1.00 - CSRF Change Admin Password
Electroweb Online Examination System 1.0 - SQL Injection
WordPress WP Mobile Detector Plugin 3.5 - Arbitrary File Upload
WordPress Creative Multi-Purpose Theme 9.1.3 - Stored XSS
WordPress WP PRO Advertising System Plugin 4.6.18 - SQL Injection
WordPress Newspaper Theme 6.7.1 - Privilege Escalation
WordPress Uncode Theme 1.3.1 - Arbitrary File Upload
WordPress Double Opt-In for Download Plugin 2.0.9 - SQL Injection
Notilus Travel Solution Software 2012 R3 - SQL Injection
rConfig 3.1.1 - Local File Inclusion
Nagios XI 5.2.7 - Multiple Vulnerabilities
2016-06-07 05:07:41 +00:00
Offensive Security
2dba371921
DB: 2016-06-03
...
4 new exploits
Linux Kernel 2.4 / 2.6 x86-64 - System Call Emulation Exploit
Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Exploit
Linux Kernel 2.6.x (<= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10) (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit
Linux Kernel 2.6.x (<= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10) (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit
Linux Kernel <= 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 & Fedora Core 10) (x86-64) - set_selection() UTF-8 Off By One Local Exploit
Linux Kernel <= 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 & Fedora Core 10 x86_64) - set_selection() UTF-8 Off By One Local Exploit
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6) - (32-bit) ip_append_data() ring0 Root Exploit
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - ip_append_data() ring0 Root Exploit
Linux Kernel < 2.6.36-rc4-git2 - x86_64 ia32syscall Emulation Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (x86_64) (Redhat) - compat Local Root Exploit
Linux Kernel < 2.6.36-rc4-git2 (x86_64) - ia32syscall Emulation Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (Redhat x86_64) - compat Local Root Exploit
Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 11.10) - Local Privilege Escalation Exploit (2)
Linux Kernel < 2.6.34 (Ubuntu 11.10 x86 & x64) - CAP_SYS_ADMIN Local Privilege Escalation Exploit (2)
Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) (Gentoo / Ubuntu) - Mempodipper Local Root (1)
Linux Kernel 2.6.39 <= 3.2.2 (Gentoo / Ubuntu x86/x64) - Mempodipper Local Root (1)
Linux Kernel < 3.3.x - 3.7.x (Arch Linux x86-64) - sock_diag_handlers[] Local Root
Linux Kernel < 3.3.x - 3.7.x (Arch Linux x86_64) - sock_diag_handlers[] Local Root
Linux Kernel <= 3.7.10 (Ubuntu 12.10) (64-Bit) - sock_diag_handlers Local Root Exploit
Linux Kernel <= 3.7.10 (Ubuntu 12.10 x64) - sock_diag_handlers Local Root Exploit
Linux Kernel < 3.8.9 - x86_64 perf_swevent_init Local Root Exploit
Linux Kernel < 3.8.9 (x86_64) - perf_swevent_init Local Root Exploit
Linux Kernel <= 3.7.6 (Redhat) (32bit/64bit) - 'MSR' Driver Local Privilege Escalation
Linux Kernel <= 3.7.6 (Redhat x86/x64) - 'MSR' Driver Local Privilege Escalation
Systrace 1.x (64-Bit) - Aware Linux Kernel Privilege Escalation Vulnerability
Systrace 1.x (x64) - Aware Linux Kernel Privilege Escalation Vulnerability
Linux Kernel 2.6.x - (64 bit) Personality Handling Local Denial of Service Vulnerability
Linux Kernel 2.6.x (x64) - Personality Handling Local Denial of Service Vulnerability
Linux Kernel < 3.2.0-23 (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation
Linux Kernel < 3.2.0-23 (Ubuntu 12.04 x64) - ptrace/sysret Local Privilege Escalation
Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) - Mempodipper Local Root (2)
Linux Kernel 2.6.39 <= 3.2.2 (x86/x64) - Mempodipper Local Root (2)
Joomla SecurityCheck Extension 2.8.9 - Multiple Vulnerabilities
Liferay CE < 6.2 CE GA6 - Stored XSS
Relay Ajax Directory Manager relayb01-071706_ 1.5.1_ 1.5.3 - Unauthenticated File Upload
Websockify (C Implementation) 0.8.0 - Buffer Overflow
2016-06-03 05:02:50 +00:00
Offensive Security
3a855523ef
DB: 2016-06-02
...
2 new exploits
GeekLog 2.x ImageImageMagick.php Remote File Inclusion Vulnerability
GeekLog 2.x - ImageImageMagick.php Remote File Inclusion Vulnerability
ImageMagick 6.x PNM Image Decoding Remote Buffer Overflow Vulnerability
ImageMagick 6.x - .PNM Image Decoding Remote Buffer Overflow Vulnerability
ImageMagick 6.x SGI Image File Remote Heap Buffer Overflow Vulnerability
ImageMagick 6.x - .SGI Image File Remote Heap Buffer Overflow Vulnerability
ImageMagick < 6.9.3-9 - Multiple Vulnerabilities
ImageMagick <= 6.9.3-9 / <= 7.0.1-0 - Multiple Vulnerabilities (ImageTragick)
ImageMagick Delegate Arbitrary Command Execution
ImageMagick <= 6.9.3-9 / <= 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick)
AjaxExplorer 1.10.3.2 - Multiple Vulnerabilities
Wireshark - erf_meta_read_tag SIGSEGV
2016-06-02 05:03:04 +00:00
Offensive Security
8164665ff7
DB: 2016-06-01
...
6 new exploits
FlatPress 1.0.3 - CSRF Arbitrary File Upload
AirOS NanoStation M2 5.6-beta - Multiple Vulnerabilities
ProcessMaker 3.0.1.7 - Multiple vulnerabilities
CCextractor 0.80 - Crash PoC
Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (msf)
TCPDump 4.5.1 - Crash PoC
2016-06-01 05:01:50 +00:00
Offensive Security
22d168d0bc
DB: 2016-05-31
...
3 new exploits
MySQL 5.5.45 - procedure analyse Function Denial of Service
Open Source Real Estate Script 3.6.0 - SQL Injection
Linux x86_64 XOR Encode execve Shellcode
2016-05-31 05:03:26 +00:00
Offensive Security
ab85a62fd6
DB: 2016-05-28
...
1 new exploits
PHP Realestate Script Script 4.9.0 - SQL Injection
2016-05-28 05:05:01 +00:00
Offensive Security
2e7bce9702
DB: 2016-05-27
...
9 new exploits
Real Estate Portal 4.1 - Multiple Vulnerabilities
EduSec 4.2.5 - SQL Injection
Micro Focus Rumba+ 9.4 - Multiple Stack Buffer Overflow Vulnerabilities
HP Data Protector A.09.00 - Arbitrary Command Execution
Graphite2 - GlyphCache::GlyphCache Heap-Based Buffer Overflow
Graphite2 - GlyphCache::Loader Heap-Based Overreads
Graphite2 - TtfUtil::CheckCmapSubtable12 Heap-Based Overread
Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap-Based Overread
Graphite2 - NameTable::getName Multiple Heap-Based Out-of-Bounds Reads
2016-05-27 05:03:14 +00:00
Offensive Security
399580a6c2
DB: 2016-05-24
...
5 new exploits
Operation Technology ETAP 14.1.0 - Local Privilege Escalation
Operation Technology ETAP 14.1.0 - Multiple Stack Buffer Overrun Vulnerabilities
Linux x86_64 Information Stealer Shellcode
Job Script by Scubez - Remote Code Execution
XenAPI 1.4.1 for XenForo - Multiple SQL Injections
2016-05-24 05:03:46 +00:00
Offensive Security
931bae6679
DB: 2016-05-21
2016-05-21 05:05:57 +00:00
Offensive Security
a447a01cb8
DB: 2016-05-20
2016-05-20 06:50:49 +00:00
Offensive Security
feb7c15c11
DB: 2016-05-19
...
1 new exploits
Debian OpenSSL - Predictable PRNG Bruteforce SSH Exploit (Perl)
Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Bruteforce SSH Exploit (Perl)
Debian OpenSSL - Predictable PRNG Bruteforce SSH Exploit (Ruby)
Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Bruteforce SSH Exploit (Ruby)
Debian OpenSSL - Predictable PRNG Bruteforce SSH Exploit (Python)
Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Bruteforce SSH Exploit (Python)
PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (1)
PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (2)
PHP 4.x/5.x MySQL Safe_Mode Filesystem Circumvention Vulnerability (3)
PHP 4.x/5.x MySQL Library - 'Safe_Mode' Filesystem Circumvention Vulnerability (1)
PHP 4.x/5.x MySQL Library - 'Safe_Mode' Filesystem Circumvention Vulnerability (2)
PHP 4.x/5.x MySQL Library - 'Safe_Mode' Filesystem Circumvention Vulnerability (3)
phpliteadmin 1.1 - Multiple Vulnerabilities
phpLiteAdmin 1.1 - Multiple Vulnerabilities
PHP <= 7.0.4/5.5.33 - SNMP Format String Exploit
PHP <= 5.5.33 / <= 7.0.4 - SNMP Format String Exploit
Magento < 2.0.6 - Unauthenticated Arbitrary Unserialize -> Arbitrary Write File
2016-05-19 05:05:38 +00:00
Offensive Security
8fea20e59f
DB: 2016-05-17
...
12 new exploits
Microsoft Windows WebDAV - (ntdll.dll) Remote Exploit
Microsoft Windows WebDAV - Remote PoC Exploit
Microsoft Windows IIS WebDAV - 'ntdll.dll' Remote Exploit
Microsoft Windows IIS 5.0 WebDAV - Remote PoC Exploit
Microsoft Windows WebDav II - Remote Root Exploit (2)
Microsoft Windows WebDAV - Remote Root Exploit (2)
Microsoft Windows WebDav III - Remote Root Exploit (xwdav)
Microsoft Windows WebDAV IIS 5.0 - Remote Root Exploit (3) (xwdav)
Dream FTP 1.2 - Remote Format String Exploit
BolinTech Dream FTP Server 1.2 (1.02/TryFTP 1.0.0.1) - Remote User Name Format String Exploit
Apache Tomcat (webdav) - Remote File Disclosure Exploit
Apache Tomcat (WebDAV) - Remote File Disclosure Exploit
Apache Tomcat (webdav) - Remote File Disclosure Exploit (ssl support)
Apache Tomcat (WebDAV) - Remote File Disclosure Exploit (SSL)
Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (patch)
Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (Patch)
Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (PHP)
Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (PHP)
Windows 7 IIS7.5 FTPSVC UNAUTH'D Remote DoS PoC
Windows 7 IIS 7.5 - FTPSVC UNAUTH'D Remote DoS PoC
Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflow
Microsoft Windows IIS 5.0 WebDAV - ntdll.dll Path Overflow
Liferay 6.0.x Webdav File Reading Vulnerability
Liferay 6.0.x WebDAV - File Reading Vulnerability
Microsoft iis 6.0 and 7.5 - Multiple Vulnerabilities
Microsoft IIS 6.0 and 7.5 (+ PHP) - Multiple Vulnerabilities
Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (1)
Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (2)
Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (3)
Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (4)
Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow Vulnerability (1)
Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow Vulnerability (2)
Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow Vulnerability (3)
Microsoft Windows XP/2000/NT 4 IIS 5.0 WebDAV - ntdll.dll Buffer Overflow Vulnerability (4)
BolinTech Dream FTP Server 1.0 User Name Format String Vulnerability (2)
Sun Solaris 8/9 - Unspecified Passwd Local Root Compromise Vulnerability
Invision Power Board 2.1.x IPSClass.PHP SQL Injection Vulnerability (1)
Apache 2.x HTTP Server Arbitrary HTTP Request Headers Security Weakness
Apache HTTP Server (<= 1.3.35 / <= 2.0.58 / <= 2.2.2) - Arbitrary HTTP Request Headers Security Weakness
Apache HTTP Server <= 2.2.4 413 Error HTTP Request Method Cross-Site Scripting Weakness
Apache HTTP Server <= 2.2.4 - 413 Error HTTP Request Method Cross-Site Scripting Weakness
MediaWiki 1.22.1 PdfHandler - Remote Code Execution Exploit
Apache Struts 2.x XWork 's:submit' HTML Tag Cross Site Scripting Vulnerability
Apache Struts 2.0.0 <= 2.2.1.1 - XWork 's:submit' HTML Tag Cross Site Scripting Vulnerability
EasyCafe Server <= 2.2.14 Remote File Read
EasyCafe Server <= 2.2.14 - Remote File Read
x86_64 Linux bind TCP port shellcode
TCP Bindshell with Password Prompt - 162 bytes
x86_64 Linux bind TCP port shellcode
TCP Bindshell with Password Prompt - 162 bytes
Microsoft Windows 7-10 & Server 2008-2012 - Local Privilege Escalation (x32/x64) (MS16-032) (C#)
CakePHP Framework 3.2.4 - IP Spoofing
Multiples Nexon Games - Unquoted Path Privilege Escalation
eXtplorer 2.1.9 - Archive Path Traversal
Web interface for DNSmasq / Mikrotik - SQL Injection
Microsoft Excel 2010 - Crash PoC
Hex : Shard of Fate 1.0.1.026 - Unquoted Path Privilege Escalation
Web2py 2.14.5 - Multiple Vulnerabilities
2016-05-17 05:03:19 +00:00
Offensive Security
6c6fd8d397
DB: 2016-05-15
2016-05-15 05:03:54 +00:00
Offensive Security
5e229672a0
DB: 2016-05-14
...
3 new exploits
Ethereal / tcpdump (rsvp_print) Infinite Loop Denial of Service Exploit
Ethereal 0.10.10 / tcpdump 3.9.1 (rsvp_print) Infinite Loop Denial of Service Exploit
Mozilla Firefox - Install Method Remote Arbitrary Code Execution Exploit
Mozilla Firefox 1.0.3 - Install Method Remote Arbitrary Code Execution Exploit
Active Price Comparison 4 - (ProductID) Blind SQL Injection Vulnerability
Absolute Form Processor XE-V 1.5 - (auth Bypass) SQL Injection Vulnerability
ipsec-tools racoon frag-isakmp Denial of Service PoC
IPsec-Tools < 0.7.2 (racoon frag-isakmp) - Multiple Remote Denial of Service PoC
PaoBacheca Guestbook 2.1 (login_ok) Auth Bypass Vulnerability
PaoLiber 1.1 (login_ok) Authentication Bypass Vulnerability
PaoBacheca Guestbook 2.1 - (login_ok) Auth Bypass Vulnerability
PaoLiber 1.1 - (login_ok) Authentication Bypass Vulnerability
IPsec-Tools < 0.7.2 - Multiple Remote Denial of Service Vulnerabilities
ISC DHCP 'dhclient' 'script_write_params()' - Stack Buffer Overflow Vulnerability
I-net Multi User Email Script SQLi Vulnerability
linux/x86 - break chroot execve /bin/sh 80 bytes
linux/x86 - break chroot execve /bin/sh (80 bytes)
Sysax Multi Server 5.64 - Create Folder Buffer Overflow
TikiWiki Project 1.8 tiki-read_article.php articleId Parameter XSS
TikiWiki Project 1.8 - tiki-read_article.php articleId Parameter XSS
TikiWiki Project 1.8 tiki-print_article.php articleId Parameter XSS
TikiWiki Project 1.8 - tiki-print_article.php articleId Parameter XSS
TikiWiki Project 1.8 tiki-list_faqs.php sort_mode Parameter SQL Injection
TikiWiki Project 1.8 tiki-list_trackers.php sort_mode Parameter SQL Injection
TikiWiki Project 1.8 - tiki-list_faqs.php sort_mode Parameter SQL Injection
TikiWiki Project 1.8 - tiki-list_trackers.php sort_mode Parameter SQL Injection
UBBCentral UBB.threads 6.2.3/6.5 login.php Cat Parameter XSS
UBBCentral UBB.threads 6.2.3/6.5 online.php Cat Parameter XSS
UBBCentral UBB.threads 6.2.3/6.5 - login.php Cat Parameter XSS
UBBCentral UBB.threads 6.2.3/6.5 - online.php Cat Parameter XSS
CityPost PHP Image Editor M1 URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor M2 URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor M3 URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor Imgsrc URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor M4 URI Parameter Cross-Site Scripting Vulnerability
CityPost PHP Image Editor M1/M2/M3/Imgsrc/M4 - URI Parameter Cross-Site Scripting Vulnerability
osCommerce 2.2 admin/countries.php page Parameter XSS
osCommerce 2.2 admin/currencies.php page Parameter XSS
osCommerce 2.2 - admin/countries.php page Parameter XSS
osCommerce 2.2 - admin/currencies.php page Parameter XSS
Microsoft Internet Explorer 6.0 Unspecified Code Execution Vulnerability (1)
Microsoft Internet Explorer 6.0 Unspecified Code Execution Vulnerability (2)
Microsoft Internet Explorer 6.0 - Unspecified Code Execution Vulnerability (1)
Microsoft Internet Explorer 6.0 - Unspecified Code Execution Vulnerability (2)
Joomla Gallery WD - SQL Injection Vulnerability
Photoshop CC2014 and Bridge CC 2014 PNG Parsing Memory Corruption Vulnerabilities
Photoshop CC2014 and Bridge CC 2014 PDF Parsing Memory Corruption Vulnerabilities
Photoshop CC2014 and Bridge CC 2014 - .PNG Parsing Memory Corruption Vulnerabilities
NRSS Reader 0.3.9 - Local Stack-Based Overflow
runAV mod_security - Arbitrary Command Execution
Wireshark - AirPDcapDecryptWPABroadcastKey Heap-Based Out-of-Bounds Read
2016-05-14 05:03:47 +00:00
Offensive Security
3ef2faa870
DB: 2016-05-13
2016-05-13 11:12:47 +00:00
Offensive Security
dc5e5785d4
DB: 2016-05-13
...
3 new exploits
Linux Kernel 2.6.13 <= 2.6.17.4 - prctl() Local Root Exploit (logrotate)
Linux Kernel 2.6.13 <= 2.6.17.4 - logrotate prctl() Local Root Exploit
Linux Kernel 2.6 (Debian / Ubuntu / Gentoo) - UDEV Local Privilege Escalation Exploit
Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - UDEV Local Privilege Escalation Exploit
Linux Kernel 2.x - sock_sendpage() Local Root Exploit (Android Edition)
Linux Kernel 2.x - sock_sendpage() Local Root Exploit (Android)
Linux Kernel Solaris < 5.10 138888-01 - Local Root Exploit
Linux Kernel (Solaris 10 / < 5.10 138888-01) - Local Root Exploit
DEC Alpha Linux <= 3.0 - Local Root Exploit
Linux Kernel <= 2.6.28 / <= 3.0 (DEC Alpha Linux) - Local Root Exploit
Linux Kernel <= 2.2.18 (RH 7.0 and RH 6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (1)
Linux Kernel <= 2.2.18 (RH 7.0 and RH 6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (2)
Linux Kernel <= 2.2.18 (RH 7.0/6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (1)
Linux Kernel <= 2.2.18 (RH 7.0/6.2 & 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (2)
Archlinux x86-64 3.3.x - 3.7.x x86-64 - sock_diag_handlers[] Local Root
Linux Kernel < 3.3.x - 3.7.x (Arch Linux x86-64) - sock_diag_handlers[] Local Root
Ovidentia FX Remote File Include Vulnerability
Ovidentia FX - Remote File Include Vulnerability
Linux Kernel 2.6.x / <= 2.6.9 / <= 2.6.11 (RHEL4) - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (2)
Linux Kernel 2.6.x (RHEL4 <= 2.6.9 / <= 2.6.11) - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (2)
Linux Kernel (Redhat) (32bit/64bit) - 'MSR' Driver Local Privilege Escalation
Linux Kernel <= 3.7.6 (Redhat) (32bit/64bit) - 'MSR' Driver Local Privilege Escalation
ovidentia 5.6.x/5.8 approb.php babInstallPath Parameter Remote File Inclusion
ovidentia 5.6.x/5.8 vacadmb.php babInstallPath Parameter Remote File Inclusion
ovidentia 5.6.x/5.8 vacadma.php babInstallPath Parameter Remote File Inclusion
ovidentia 5.6.x/5.8 vacadm.php babInstallPath Parameter Remote File Inclusion
ovidentia 5.6.x/5.8 statart.php babInstallPath Parameter Remote File Inclusion
ovidentia 5.6.x/5.8 - search.php babInstallPath Parameter Remote File Inclusion
ovidentia 5.6.x/5.8 posts.php babInstallPath Parameter Remote File Inclusion
ovidentia 5.6.x/5.8 options.php babInstallPath Parameter Remote File Inclusion
Ovidentia 5.6.x/5.8 - approb.php babInstallPath Parameter Remote File Inclusion
Ovidentia 5.6.x/5.8 - vacadmb.php babInstallPath Parameter Remote File Inclusion
Ovidentia 5.6.x/5.8 - vacadma.php babInstallPath Parameter Remote File Inclusion
Ovidentia 5.6.x/5.8 - vacadm.php babInstallPath Parameter Remote File Inclusion
Ovidentia 5.6.x/5.8 - statart.php babInstallPath Parameter Remote File Inclusion
Ovidentia 5.6.x/5.8 - search.php babInstallPath Parameter Remote File Inclusion
Ovidentia 5.6.x/5.8 - posts.php babInstallPath Parameter Remote File Inclusion
Ovidentia 5.6.x/5.8 - options.php babInstallPath Parameter Remote File Inclusion
Linux Kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation
Linux Kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition Local Privilege Escalation (x64)
Linux Kernel <= 4.3.3 overlayfs - Local Privilege Escalation
Linux Kernel <= 4.3.3 - overlayfs Local Privilege Escalation
Linux Kernel 3.10.0-229.x (RHEL 7.1. CentOS) - snd-usb-audio Crash PoC
Linux Kernel 3.10.0-229.x (RHEL 7.1. CentOS) - iowarrior driver Crash PoC
Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - snd-usb-audio Crash PoC
Linux Kernel 3.10.0-229.x (RHEL 7.1 / CentOS) - iowarrior driver Crash PoC
Microsoft Windows Media Center .MCL File Processing Remote Code Execution (MS16-059)
TrendMicro - Multiple HTTP Problems with CoreServiceShell.exe
Microsoft Windows 7-10 & Server 2008-2012 - Local Privilege Escalation (x32/x64) (MS16-032) (C#)
2016-05-13 05:01:58 +00:00
Offensive Security
52e862d62a
DB: 2016-05-11
...
9 new exploits
Linux Kernel 2.2.x - 2.4.x - ptrace/kmod Local Root Exploit
Linux Kernel 2.2.x / 2.4.x (Redhat) - ptrace/kmod Local Root Exploit
Sendmail <= 8.12.8 prescan() BSD Remote Root Exploit
Sendmail <= 8.12.8 - prescan() BSD Remote Root Exploit
Gopherd <= 3.0.5 FTP Gateway Remote Overflow Exploit
Gopherd <= 3.0.5 - FTP Gateway Remote Overflow Exploit
mIRC 6.1 - _IRC_ Protocol Remote Buffer Overflow Exploit
mIRC 6.1 - 'IRC' Protocol Remote Buffer Overflow Exploit
Apache mod_gzip (with debug_mode) <= 1.2.26.1a Remote Exploit
Apache mod_gzip (with debug_mode) <= 1.2.26.1a - Remote Exploit
Linux Kernel 2.4.22 - _do_brk()_ Local Root Exploit (PoC)
Linux Kernel 2.4.22 - 'do_brk()' Local Root Exploit (Proof of Concept)
Linux Kernel <= 2.4.22 - (do_brk) Local Root Exploit (working)
Linux Kernel <= 2.4.22 - 'do_brk' Local Root Exploit
Xsok 1.02 - _-xsokdir_ Local Buffer Overflow Game Exploit
Linux Kernel <= 2.4.23 / <= 2.6.0 - _do_mremap_ Local Proof of Concept (1)
Linux Kernel <= 2.4.23 / <= 2.6.0 - _do_mremap_ Local Proof of Concept (2)
Xsok 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (1)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (2)
Linux Kernel <= 2.4.23 / <= 2.6.0 - mremap() Bound Checking Root Exploit
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'mremap()' Bound Checking Root Exploit
Serv-U FTPD 3.x/4.x _SITE CHMOD_ Command Remote Exploit
Serv-U FTPD 3.x/4.x- 'SITE CHMOD' Command Remote Exploit
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - _mremap()_ Local Proof-of-Concept (2)
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Local Proof of Concept (2)
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - _mremap()_ Missing _do_munmap_ Exploit
Red Faction <= 1.20 Server Reply Remote Buffer Overflow Exploit
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Missing 'do_munmap' Exploit
Red Faction <= 1.20 - Server Reply Remote Buffer Overflow Exploit
eMule <= 0.42d IRC Remote Buffer Overflow Exploit
eMule <= 0.42d - IRC Remote Buffer Overflow Exploit
GnomeHack Local Buffer Overflow Exploit (gid=games)
GnomeHack - Local Buffer Overflow Exploit (gid=games)
Kwintv Local Buffer Overflow Exploit (gid=video(33))
Kwintv - Local Buffer Overflow Exploit (gid=video(33))
Redhat 6.1 man Local Exploit (egid 15)
Redhat 6.1 man - Local Exploit (egid 15)
Linux Kernel <= 2.6.3 - (setsockopt) Local Denial of Service Exploit
Linux Kernel <= 2.6.3 - 'setsockopt' Local Denial of Service Exploit
Linux Kernel 2.4.x - 2.6.x - Assembler Inline Function Local DoS Exploit
rlpr <= 2.04 msg() Remote Format String Exploit
MPlayer <= 1.0pre4 GUI filename handling Overflow Exploit
Linux Kernel 2.4.x / 2.6.x - Assembler Inline Function Local DoS Exploit
rlpr <= 2.04 - msg() Remote Format String Exploit
MPlayer <= 1.0pre4 GUI - filename handling Overflow Exploit
Samba <= 3.0.4 SWAT Authorization Buffer Overflow Exploit
Samba <= 3.0.4 - SWAT Authorization Buffer Overflow Exploit
OpenFTPD <= 0.30.1 (message system) Remote Shell Exploit
OpenFTPD <= 0.30.1 - (message system) Remote Shell Exploit
Linux Kernel - File Offset Pointer Handling Memory Disclosure Exploit
Linux Kernel <= 2.4.26- File Offset Pointer Handling Memory Disclosure Exploit
Ollydbg <= 1.10 Format String Bug
Ollydbg <= 1.10 - Format String Bug
Mac OS X <= 10.3.3 AppleFileServer Remote Root Overflow Exploit
Remote CVS <= 1.11.15 (error_prog_name) Remote Exploit
LibPNG <= 1.2.5 png_jmpbuf() Local Buffer Overflow Exploit
Mac OS X <= 10.3.3 - AppleFileServer Remote Root Overflow Exploit
Remote CVS <= 1.11.15 - (error_prog_name) Remote Exploit
LibPNG <= 1.2.5 - png_jmpbuf() Local Buffer Overflow Exploit
AOL Instant Messenger AIM _Away_ Message Local Exploit
AOL Instant Messenger AIM - 'Away' Message Local Exploit
Ground Control <= 1.0.0.7 (Server/Client) Denial of Service Exploit
Ground Control <= 1.0.0.7 - (Server/Client) Denial of Service Exploit
AOL Instant Messenger AIM _Away_ Message Remote Exploit
AOL Instant Messenger AIM - 'Away' Message Remote Exploit (2)
Silent Storm Portal Multiple Vulnerabilities
Silent Storm Portal - Multiple Vulnerabilities
YahooPOPs <= 1.6 SMTP Port Buffer Overflow Exploit
YahooPOPs <= 1.6 - SMTP Port Buffer Overflow Exploit
Monit <= 4.2 Basic Authentication Remote Root Exploit
Monit <= 4.2 - Basic Authentication Remote Root Exploit
YahooPOPs <= 1.6 SMTP Remote Buffer Overflow Exploit
YahooPOPs <= 1.6 - SMTP Remote Buffer Overflow Exploit
Ability Server <= 2.34 (APPE) Remote Buffer Overflow Exploit
Ability Server <= 2.34 - (APPE) Remote Buffer Overflow Exploit
Chatman <= 1.5.1 RC1 Broadcast Crash Exploit
Flash Messaging <= 5.2.0g Remote Denial of Service Exploit
Chatman <= 1.5.1 RC1 - Broadcast Crash Exploit
Flash Messaging <= 5.2.0g - Remote Denial of Service Exploit
CoffeeCup FTP Clients (Direct <= 6.2.0.62) (Free <= 3.0.0.10) BoF Exploit
Halo <= 1.05 Broadcast Client Crash Exploit
CoffeeCup FTP Clients (Direct <= 6.2.0.62) (Free <= 3.0.0.10) - BoF Exploit
Halo <= 1.05 - Broadcast Client Crash Exploit
Soldier of Fortune II <= 1.3 Server/Client Denial of Service Exploit
Soldier of Fortune II <= 1.3 Server/Client - Denial of Service Exploit
Star Wars Battlefront <= 1.1 Fake Players Denial of Service Exploit
Star Wars Battlefront <= 1.1 - Fake Players Denial of Service Exploit
PHP <= 4.3.7/ 5.0.0RC3 memory_limit Remote Exploit
PHP <= 4.3.7/ 5.0.0RC3 - memory_limit Remote Exploit
WS_FTP Server <= 5.03 MKD Remote Buffer Overflow Exploit
WS_FTP Server <= 5.03 - MKD Remote Buffer Overflow Exploit
Jana Server <= 2.4.4 (http/pna) Denial of Service Exploit
Jana Server <= 2.4.4 - (http/pna) Denial of Service Exploit
Kreed <= 1.05 Format String and Denial of Service Exploit
Kreed <= 1.05 - Format String and Denial of Service Exploit
Codename Eagle <= 1.42 Socket Unreacheable DoS Exploit
Codename Eagle <= 1.42 - Socket Unreacheable DoS Exploit
Linux Kernel <= 2.6.9 / 2.4.22-28 - (igmp.c) Local Denial of Service Exploit
Linux Kernel <= 2.6.9 / 2.4.22-28 - 'igmp.c' Local Denial of Service Exploit
WinRAR <= 3.4.1 Corrupt ZIP File Vulnerability PoC
Cscope <= 15.5 Symlink Vulnerability Exploit
WinRAR <= 3.4.1 - Corrupt ZIP File Vulnerability PoC
Cscope <= 15.5 - Symlink Vulnerability Exploit
Linux Kernel 2.6.x - chown() Group Ownership Alteration Exploit
Linux Kernel 2.6.x (Slackware 9.1/ Debian 3.0) - chown() Group Ownership Alteration Exploit
Netcat 1.1 - _-e_ Switch Remote Buffer Overflow Exploit
PHP <= 4.3.7 openlog() Buffer Overflow Exploit
Netcat 1.1 - '-e' Switch Remote Buffer Overflow Exploit
PHP <= 4.3.7 - openlog() Buffer Overflow Exploit
phpBB <= 2.0.10 Bot Install (Altavista) (ssh.D.Worm)
phpBB <= 2.0.10 - Bot Install (Altavista) (ssh.D.Worm)
Gore <= 1.50 Socket Unreacheable Denial of Service Exploit
Gore <= 1.50 - Socket Unreacheable Denial of Service Exploit
Exim <= 4.41 dns_build_reverse Local Exploit PoC
Exim <= 4.41 - dns_build_reverse Local Exploit PoC
Peer2Mail <= 1.4 Encrypted Password Dumper Exploit
Peer2Mail <= 1.4 - Encrypted Password Dumper Exploit
Mac OS X <= 10.3.7 Input Validation Flaw parse_machfile() DoS
Mac OS X <= 10.3.7 - Input Validation Flaw parse_machfile() DoS
Xpand Rally <= 1.0.0.0 (Server/Clients) Crash Exploit
Xpand Rally <= 1.0.0.0 (Server/Clients) - Crash Exploit
Painkiller <= 1.35 in-game cd-key alpha-numeric Buffer Overflow Exploit
Painkiller <= 1.35 - in-game cd-key alpha-numeric Buffer Overflow Exploit
Armagetron Advanced <= 0.2.7.0 Server Crash Exploit
Armagetron Advanced <= 0.2.7.0 - Server Crash Exploit
MercuryBoard <= 1.1.1 Working SQL Injection
MercuryBoard <= 1.1.1 - SQL Injection
GNU a2ps _Anything to PostScript_ Local Exploit (not suid)
GNU a2ps - 'Anything to PostScript' Local Exploit (Not SUID)
vBulletin <= 3.0.4 - _forumdisplay.php_ Code Execution
vBulletin <= 3.0.4 - 'forumdisplay.php' Code Execution (1)
vBulletin <= 3.0.4 - _forumdisplay.php_ Code Execution (part 2)
Serv-U 4.x _site chmod_ Remote Buffer Overflow Exploit
vBulletin <= 3.0.4 - 'forumdisplay.php' Code Execution (2)
Serv-U 4.x - 'site chmod' Remote Buffer Overflow Exploit
3Com 3CDaemon FTP Unauthorized _USER_ Remote BoF Exploit
3Com 3CDaemon FTP - Unauthorized 'USER' Remote BoF Exploit
vBulletin <= 3.0.6 php Code Injection
vBulletin <= 3.0.6 - PHP Code Injection
Soldier of Fortune 2 <= 1.03 - _cl_guid_ - Server Crash
Soldier of Fortune 2 <= 1.03 - 'cl_guid' - Server Crash
Knet <= 1.04c Buffer Overflow Denial of Service Exploit
Knet <= 1.04c - Buffer Overflow Denial of Service Exploit
Scrapland <= 1.0 Server Termination Denial of Service Exploit
Scrapland <= 1.0 - Server Termination Denial of Service Exploit
Apache <= 2.0.52 HTTP GET request Denial of Service Exploit
Nokia Symbian 60 (Bluetooth Nickname) Remote Restart (update)
Apache <= 2.0.52 - HTTP GET request Denial of Service Exploit
Nokia Symbian 60 (Bluetooth Nickname) Remote Restart (2)
Microsoft Internet Explorer _mshtml.dll_ CSS Parsing Buffer Overflow
Microsoft Internet Explorer - 'mshtml.dll' CSS Parsing Buffer Overflow
Ethereal <= 0.10.9 - _3G-A11_ - Remote Buffer Overflow Exploit (2)
Ethereal <= 0.10.9 - '3G-A11' Remote Buffer Overflow Exploit (Windows)
Ethereal <= 0.10.9 - _3G-A11_ Remote Buffer Overflow Exploit
Ethereal <= 0.10.9 - '3G-A11' Remote Buffer Overflow Exploit (Linux)
PHP-Nuke 6.x - 7.6 Top module Remote SQL Injection Exploit (working)
PHP-Nuke 6.x - 7.6 Top module - Remote SQL Injection Exploit
HP-UX FTPD <= 1.1.214.4 - _REST_ Remote Brute Force Exploit
HP-UX FTPD <= 1.1.214.4 - 'REST' Remote Brute Force Exploit
Invision Power Board <= 2.0.3 Login.PHP SQL Injection Exploit
Invision Power Board <= 2.0.3 Login.PHP SQL Injection (tutorial)
Invision Power Board <= 2.0.3 - Login.PHP SQL Injection Exploit
Invision Power Board <= 2.0.3 - Login.PHP SQL Injection (tutorial)
phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (perl)
phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php)
phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php 2)
phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (Perl)
phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1)
phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2)
Ethereal <= 0.10.10 (SIP) Protocol Dissector Remote BoF Exploit
MyBulletinBoard (MyBB) <= 1.00 RC4 SQL Injection Exploit
Ethereal <= 0.10.10 - (SIP) Protocol Dissector Remote BoF Exploit
MyBulletinBoard (MyBB) <= 1.00 RC4 - SQL Injection Exploit
Microsoft Internet Explorer - javascript _window()_ Crash
Microsoft Internet Explorer - javascript 'window()' Crash
Kaspersky AntiVirus - _klif.sys_ Privilege Escalation Vulnerability
Kaspersky AntiVirus - 'klif.sys' Privilege Escalation Vulnerability
Invision Power Board <= 1.3.1 Login.PHP SQL Injection (working)
Invision Power Board <= 1.3.1 - Login.PHP SQL Injection
WordPress <= 1.5.1.1 - _add new admin_ SQL Injection Exploit
WordPress <= 1.5.1.1 - 'add new admin' SQL Injection Exploit
Mozilla Firefox <= 1.0.4 - _Set As Wallpaper_ Code Execution Exploit
Mozilla Firefox <= 1.0.4 - 'Set As Wallpaper' Code Execution Exploit
Scorched 3D <= 39.1 - Multiple Vulnerabilities (All-in-One) (PoC)
Scorched 3D <= 39.1 - Multiple Vulnerabilities (PoC)
XOOPS (wfdownloads) 2.05 Module Multiple Vulnerabilities Exploit
XOOPS (wfdownloads) 2.05 Module - Multiple Vulnerabilities
Linux Kernel <= 2.6.11 - 'k-rad3.c' (CPL 0) Local Root Exploit
Linux Kernel <= 2.6.9 / <= 2.6.11 (RHEL4) - 'k-rad3.c' (CPL 0) Local Root Exploit
Alien Arena 2006 Gold Edition <= 5.00 - Multiple Vulnerabilities Exploit
Alien Arena 2006 Gold Edition <= 5.00 - Multiple Vulnerabilities
nodez <= 4.6.1.1 mercury Multiple Vulnerabilities
nodez <= 4.6.1.1 mercury - Multiple Vulnerabilities
gCards <= 1.45 - Multiple Vulnerabilities All-In-One Exploit
gCards <= 1.45 - Multiple Vulnerabilities
Mambo <= 4.5.3 & Joomla <= 1.0.7 - (feed) Path Disclosure / Denial of Service Exploit
Mambo <= 4.5.3 & Joomla <= 1.0.7 - (feed) Path Disclosure and Denial of Service Exploit
OpenTTD <= 0.4.7 - (multiple vulnerabilities) Denial of Service Exploit
OpenTTD <= 0.4.7 - Multiple Vulnerabilities/Denial of Service Exploit
Apple Mac OS X Safari <= 2.0.3 (417.9.2) Multiple Vulnerabilities PoC
Apple Mac OS X Safari <= 2.0.3 (417.9.2) - Multiple Vulnerabilities (PoC)
PHP-Fusion <= 6.00.306 - Multiple Vulnerabilities Exploit
PHP-Fusion <= 6.00.306 - Multiple Vulnerabilities
outgun <= 1.0.3 bot 2 - Multiple Vulnerabilities Exploit
outgun <= 1.0.3 bot 2 - Multiple Vulnerabilities
raydium <= svn 309 - Multiple Vulnerabilities Exploit
raydium <= svn 309 - Multiple Vulnerabilities
PunkBuster < 1.229 (WebTool Service) Remote Buffer Overflow DoS
PunkBuster < 1.229 - (WebTool Service) Remote Buffer Overflow DoS
Ultimate PHP Board <= 1.96 GOLD Multiple Vulnerabilities Exploit
Ultimate PHP Board <= 1.96 GOLD - Multiple Vulnerabilities
Light Blog Remote Multiple Vulnerabilities Exploit
Light Blog Remote - Multiple Vulnerabilities
Apple Airport - 802.11 Probe Response Kernel Memory Corruption PoC
Apple Airport - 802.11 Probe Response Kernel Memory Corruption Proof of Concept
contentnow 1.30 (local/upload/delete) Multiple Vulnerabilities
contentnow 1.30 - (local/upload/delete) Multiple Vulnerabilities
contentnow 1.30 (upload/XSS) Multiple Vulnerabilities
contentnow 1.30 - (Upload/XSS) Multiple Vulnerabilities
torrentflux <= 2.2 (create/exec/delete) Multiple Vulnerabilities
torrentflux <= 2.2 - (create/exec/delete) Multiple Vulnerabilities
Messagerie Locale (centre.php) Remote File Inclusion Vulnerability
Site News (centre.php) Remote File Inclusion Vulnerability
Messagerie Locale (centre.php) - Remote File Inclusion Vulnerability
Site News (centre.php) - Remote File Inclusion Vulnerability
kubix <= 0.7 - Multiple Vulnerabilities Exploit
kubix <= 0.7 - Multiple Vulnerabilities
BBS E-Market Professional (Path Disclosure/Include) Multiple Vulnerabilities
BBS E-Market Professional - (Path Disclosure/Include) Multiple Vulnerabilities
F-Prot Antivirus 4.6.6 (ACE) Denial of Service Exploit
F-Prot Antivirus 4.6.6 - (ACE) Denial of Service Exploit
open newsletter <= 2.5 - Multiple Vulnerabilities Exploit (update)
open newsletter <= 2.5 - Multiple Vulnerabilities (2)
eNdonesia 8.4 (mod.php/friend.php/admin.php) Multiple Vulnerabilities
eNdonesia 8.4 - (mod.php/friend.php/admin.php) Multiple Vulnerabilities
php-update <= 2.7 - Multiple Vulnerabilities Exploit
php-update <= 2.7 - Multiple Vulnerabilities
ig shop 1.0 (eval/SQL Injection) Multiple Vulnerabilities
ig shop 1.0 - (eval/SQL Injection) Multiple Vulnerabilities
QUOTE&ORDERING SYSTEM 1.0 (ordernum) Multiple Vulnerabilities
QUOTE&ORDERING SYSTEM 1.0 - (ordernum) Multiple Vulnerabilities
vp-asp shopping cart 6.09 (SQL/XSS) Multiple Vulnerabilities
vp-asp shopping cart 6.09 - (SQL/XSS) Multiple Vulnerabilities
Aztek Forum 4.0 - Multiple Vulnerabilities Exploit
Aztek Forum 4.0 - Multiple Vulnerabilities
otscms <= 2.1.5 (SQL/XSS) Multiple Vulnerabilities
otscms <= 2.1.5 - (SQL/XSS) Multiple Vulnerabilities
uTorrent 1.6 build 474 (announce) Key Remote Heap Overflow Exploit
uTorrent 1.6 build 474 - (announce) Key Remote Heap Overflow Exploit
Connectix Boards <= 0.7 (p_skin) Multiple Vulnerabilities Exploit
Connectix Boards <= 0.7 - (p_skin) Multiple Vulnerabilities
qdblog 0.4 (SQL Injection/LFI) Multiple Vulnerabilities
qdblog 0.4 - (SQL Injection/LFI) Multiple Vulnerabilities
Censura 1.15.04 (censura.php vendorid) SQL Injection Vulnerability
Censura 1.15.04 - (censura.php vendorid) SQL Injection Vulnerability
runawaysoft haber portal 1.0 (tr) Multiple Vulnerabilities
runawaysoft haber portal 1.0 - (tr) Multiple Vulnerabilities
netclassifieds (SQL/XSS/full path) Multiple Vulnerabilities
netclassifieds - (SQL/XSS/full path) Multiple Vulnerabilities
bugmall shopping cart 2.5 (SQL/XSS) Multiple Vulnerabilities
bugmall shopping cart 2.5 - (SQL/XSS) Multiple Vulnerabilities
Linux Kernel < 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak PoC
Linux Kernel < 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak Proof of Concept
Pictures Rating (index.php msgid) Remote SQL Injection Vulnerbility
Pictures Rating - (index.php msgid) Remote SQL Injection Vulnerbility
Joomla Component Nice Talk <= 0.9.3 (tagid) SQL Injection Vulnerability
Joomla Component Nice Talk <= 0.9.3 - (tagid) SQL Injection Vulnerability
Xitami Web Server 2.5 (If-Modified-Since) Remote BoF Exploit (0day)
Xitami Web Server 2.5 - (If-Modified-Since) Remote BoF Exploit (0day)
Linux Kernel 2.4/2.6 - x86-64 System Call Emulation Exploit
Linux Kernel 2.4 / 2.6 x86-64 - System Call Emulation Exploit
else if CMS 0.6 - Multiple Vulnerabilities / Exploit
else if CMS 0.6 - Multiple Vulnerabilities
Php-Stats 0.1.9.2 - Multiple Vulnerabilities Exploit
Php-Stats 0.1.9.2 - Multiple Vulnerabilities
Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow PoC
Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow Proof of Concept
WorkingOnWeb 2.0.1400 events.php Remote SQL Injection Vulnerability
WorkingOnWeb 2.0.1400 - events.php Remote SQL Injection Vulnerability
Apple Mac OS X xnu <= 1228.0 - mach-o Local Kernel Denial of Service PoC
Apple Mac OS X xnu <= 1228.0 - mach-o Local Kernel Denial of Service Proof of Concept
portalapp 4.0 (SQL/XSS/auth bypasses) Multiple Vulnerabilities
portalapp 4.0 - (SQL/XSS/auth bypasses) Multiple Vulnerabilities
evilboard 0.1a (SQL/XSS) Multiple Vulnerabilities
evilboard 0.1a - (SQL/XSS) Multiple Vulnerabilities
Evilsentinel <= 1.0.9 (multiple vulnerabilities) Disable Exploit
Evilsentinel <= 1.0.9 - (Multiple Vulnerabilities) Disable Exploit
blogcms 4.2.1b (SQL/XSS) Multiple Vulnerabilities
blogcms 4.2.1b - (SQL/XSS) Multiple Vulnerabilities
bloofox 0.3 (SQL/fd) Multiple Vulnerabilities
bloofox 0.3 - (SQL/fd) Multiple Vulnerabilities
Liquid-Silver CMS 0.1 (update) Local File Inclusion Vulnerability
Liquid-Silver CMS 0.1 - (update) Local File Inclusion Vulnerability
simple forum 3.2 (fd/XSS) Multiple Vulnerabilities
simple forum 3.2 - (fd/XSS) Multiple Vulnerabilities
Mambo Component Sermon 0.2 (gid) SQL Injection Vulnerability
Mambo Component Sermon 0.2 - (gid) SQL Injection Vulnerability
Philips VOIP841 (Firmware <= 1.0.4.800) Multiple Vulnerabilities
Philips VOIP841 - (Firmware <= 1.0.4.800) Multiple Vulnerabilities
pigyard art gallery Multiple Vulnerabilities
pigyard art gallery - Multiple Vulnerabilities
XOOPS Module Gallery 0.2.2 (gid) Remote SQL Injection Vulnerability
XOOPS Module My_eGallery 3.04 (gid) SQL Injection Vulnerability
XOOPS Module Gallery 0.2.2 - (gid) Remote SQL Injection Vulnerability
XOOPS Module My_eGallery 3.04 - (gid) SQL Injection Vulnerability
easycalendar <= 4.0tr Multiple Vulnerabilities
easygallery <= 5.0tr Multiple Vulnerabilities
easycalendar <= 4.0tr - Multiple Vulnerabilities
easygallery <= 5.0tr - Multiple Vulnerabilities
Nuked-Klan <= 1.7.6 - Multiple Vulnerabilities Exploit
Nuked-Klan <= 1.7.6 - Multiple Vulnerabilities
RedDot CMS 7.5 (LngId) Remote SQL Injection Exploit
RedDot CMS 7.5 - (LngId) Remote SQL Injection Exploit
minibb 2.2 (css/SQL/fpd) Multiple Vulnerabilities
minibb 2.2 - (css/SQL/fpd) Multiple Vulnerabilities
siteman 2.x (exec/LFI/XSS) Multiple Vulnerabilities
siteman 2.x - (exec/LFI/XSS) Multiple Vulnerabilities
megabbs forum 2.2 (SQL/XSS) Multiple Vulnerabilities
megabbs forum 2.2 - (SQL/XSS) Multiple Vulnerabilities
Joomla Component paxxgallery 0.2 (gid) Blind SQL Injection Exploit
Joomla Component paxxgallery 0.2 - (gid) Blind SQL Injection Exploit
cplinks 1.03 (bypass/SQL/xxs) Multiple Vulnerabilities
cplinks 1.03 - (bypass/SQL/xxs) Multiple Vulnerabilities
deluxebb <= 1.2 - Multiple Vulnerabilities Exploit
deluxebb <= 1.2 - Multiple Vulnerabilities
Phoenix View CMS <= Pre Alpha2 (SQL/LFI/XSS) Multiple Vulnerabilities
Phoenix View CMS <= Pre Alpha2 - (SQL/LFI/XSS) Multiple Vulnerabilities
Ktools PhotoStore <= 3.5.1 (gallery.php gid) SQL Injection Vulnerability
Ktools PhotoStore <= 3.5.1 - (gallery.php gid) SQL Injection Vulnerability
idautomation bar code ActiveX Multiple Vulnerabilities
idautomation bar code ActiveX - Multiple Vulnerabilities
ecms 0.4.2 (SQL/pb) Multiple Vulnerabilities
Mantis Bug Tracker 1.1.1 (CE/XSS/CSRF) Multiple Vulnerabilities
ecms 0.4.2 - (SQL/pb) Multiple Vulnerabilities
Mantis Bug Tracker 1.1.1 - (CE/XSS/CSRF) Multiple Vulnerabilities
mebiblio 0.4.7 (SQL/upload/XSS) Multiple Vulnerabilities
mebiblio 0.4.7 - (SQL/upload/XSS) Multiple Vulnerabilities
smeweb 1.4b (SQL/XSS) Multiple Vulnerabilities
smeweb 1.4b - (SQL/XSS) Multiple Vulnerabilities
PHP-Address Book <= 3.1.5 (SQL/XSS) Multiple Vulnerabilities
PHP-Address Book <= 3.1.5 - (SQL/XSS) Multiple Vulnerabilities
427bb 2.3.1 (SQL/XSS) Multiple Vulnerabilities
427bb 2.3.1 - (SQL/XSS) Multiple Vulnerabilities
Black Ice Software Inc Barcode SDK (BIDIB.ocx) Multiple Vulnerabilities
Black Ice Software Inc Barcode SDK - (BIDIB.ocx) Multiple Vulnerabilities
real estate Web site 1.0 (SQL/XSS) Multiple Vulnerabilities
telephone directory 2008 (SQL/XSS) Multiple Vulnerabilities
real estate Web site 1.0 - (SQL/XSS) Multiple Vulnerabilities
telephone directory 2008 - (SQL/XSS) Multiple Vulnerabilities
gravity board x 2.0 beta (SQL/XSS) Multiple Vulnerabilities
gravity board x 2.0 beta - (SQL/XSS) Multiple Vulnerabilities
butterfly organizer 2.0.0 (SQL/XSS) Multiple Vulnerabilities
butterfly organizer 2.0.0 - (SQL/XSS) Multiple Vulnerabilities
doITlive CMS <= 2.50 (SQL Injection/XSS) Multiple Vulnerabilities
doITlive CMS <= 2.50 - (SQL Injection/XSS) Multiple Vulnerabilities
ownrs blog beta3 (SQL/XSS) Multiple Vulnerabilities
ownrs blog beta3 - (SQL/XSS) Multiple Vulnerabilities
sitexs CMS 0.1.1 (upload/XSS) Multiple Vulnerabilities
sitexs CMS 0.1.1 - (upload/XSS) Multiple Vulnerabilities
shibby shop <= 2.2 (SQL/update) Multiple Vulnerabilities
shibby shop <= 2.2 - (SQL/update) Multiple Vulnerabilities
polypager <= 1.0rc2 (SQL/XSS) Multiple Vulnerabilities
polypager <= 1.0rc2 - (SQL/XSS) Multiple Vulnerabilities
otmanager CMS 24a (LFI/XSS) Multiple Vulnerabilities
w1l3d4 philboard 1.2 (blind sql/XSS) Multiple Vulnerabilities
otmanager CMS 24a - (LFI/XSS) Multiple Vulnerabilities
w1l3d4 philboard 1.2 - (blind sql/XSS) Multiple Vulnerabilities
Thelia 1.3.5 - Multiple Vulnerabilities Exploit
Thelia 1.3.5 - Multiple Vulnerabilities
contentnow 1.4.1 (upload/XSS) Multiple Vulnerabilities
contentnow 1.4.1 - (upload/XSS) Multiple Vulnerabilities
trixbox (langChoice) - Local File Inclusion Exploit (connect-back) (2)
trixbox - (langChoice) Local File Inclusion Exploit (connect-back) (2)
Trixbox 2.6.1 - (langChoice) Remote Root Exploit (py)
Trixbox 2.6.1 - (langChoice) Remote Root Exploit (Python)
jsite 1.0 oe (SQL/LFI) Multiple Vulnerabilities
jsite 1.0 oe - (SQL/LFI) Multiple Vulnerabilities
Bea Weblogic Apache Connector - Code Execution / Denial of Service Exploit
Bea Weblogic Apache Connector - Code Execution and Denial of Service Exploit
e-vision CMS <= 2.02 (SQL/upload/ig) Multiple Vulnerabilities
k-links directory (SQL/XSS) Multiple Vulnerabilities
e-vision CMS <= 2.02 - (SQL/upload/ig) Multiple Vulnerabilities
k-links directory - (SQL/XSS) Multiple Vulnerabilities
Ppim <= 1.0 (Arbitrary File Delete/XSS) Multiple Vulnerabilities
Ppim <= 1.0 - (Arbitrary File Delete/XSS) Multiple Vulnerabilities
Ppim <= 1.0 (upload/change password) Multiple Vulnerabilities
Ppim <= 1.0 - (upload/change password) Multiple Vulnerabilities
k-rate (SQL/XSS) Multiple Vulnerabilities
k-rate - (SQL/XSS) Multiple Vulnerabilities
Invision Power Board <= 2.3.5 - Multiple Vulnerabilities Exploit (revised)
Invision Power Board <= 2.3.5 - Multiple Vulnerabilities (2)
brim 2.0.0 (SQL/XSS) Multiple Vulnerabilities
brim 2.0.0 - (SQL/XSS) Multiple Vulnerabilities
aspwebalbum 3.2 (upload/SQL/XSS) Multiple Vulnerabilities
aspwebalbum 3.2 - (upload/SQL/XSS) Multiple Vulnerabilities
qwicsite pro (SQL/XSS) Multiple Vulnerabilities
qwicsite pro - (SQL/XSS) Multiple Vulnerabilities
Hot Links SQL-PHP 3 (report.php) Multiple Vulnerabilities
Hot Links SQL-PHP 3 - (report.php) Multiple Vulnerabilities
Availscript Article Script (articles.php) Multiple Vulnerabilities
Availscript Article Script - (articles.php) Multiple Vulnerabilities
Availscript Photo Album (pics.php) Multiple Vulnerabilities
Availscript Photo Album - (pics.php) Multiple Vulnerabilities
phpvid 1.1 0- (XSS/SQL) Multiple Vulnerabilities
phpvid 1.1 0 - (XSS/SQL) Multiple Vulnerabilities
php infoboard 7 - plus Multiple Vulnerabilities
php infoboard 7 plus - Multiple Vulnerabilities
camera life 2.6.2b4 (SQL/XSS) Multiple Vulnerabilities
camera life 2.6.2b4 - (SQL/XSS) Multiple Vulnerabilities
mini-pub 0.3 (lfd/ce) Multiple Vulnerabilities
mini-pub 0.3 - (LFD/CE) Multiple Vulnerabilities
Nuked-klaN <= 1.7.7 / <= SP4.4 - Multiple Vulnerabilities Exploit
Nuked-klaN <= 1.7.7 / <= SP4.4 - Multiple Vulnerabilities
mystats (hits.php) Multiple Vulnerabilities Exploit
mystats - (hits.php) Multiple Vulnerabilities
Vivvo CMS <= 3.4 - Multiple Vulnerabilities Destroyer Exploit
Vivvo CMS <= 3.4 - Multiple Vulnerabilities
websvn <= 2.0 - (XSS/fh/ce) Multiple Vulnerabilities
websvn <= 2.0 - (XSS/fh/CE) Multiple Vulnerabilities
db Software Laboratory VImpX (VImpX.ocx) Multiple Vulnerabilities
db Software Laboratory VImpX - (VImpX.ocx) Multiple Vulnerabilities
phpdaily (SQL/XSS/lfd) Multiple Vulnerabilities
phpdaily - (SQL/XSS/lfd) Multiple Vulnerabilities
questcms - (XSS/directory traversal/SQL) Multiple Vulnerabilities
questcms - (XSS/Directory Traversal/SQL) Multiple Vulnerabilities
apartment search script (rfu/XSS) Multiple Vulnerabilities
apartment search script - (RFU/XSS) Multiple Vulnerabilities
MatPo Link 1.2b (Blind SQL Injection/XSS) Multiple Vulnerabilities
MatPo Link 1.2b - (Blind SQL Injection/XSS) Multiple Vulnerabilities
WEBBDOMAIN WebShop 1.02 (SQL/XSS) Multiple Vulnerabilities
WEBBDOMAIN WebShop 1.02 - (SQL/XSS) Multiple Vulnerabilities
pre multi-vendor shopping malls Multiple Vulnerabilities
pre multi-vendor shopping malls - Multiple Vulnerabilities
Pre ADS Portal <= 2.0 (Auth Bypass/XSS) Multiple Vulnerabilities
Pre ADS Portal <= 2.0 - (Auth Bypass/XSS) Multiple Vulnerabilities
Mini Web Calendar 1.2 (File Disclosure/XSS) Multiple Vulnerabilities
Mini Web Calendar 1.2 - (File Disclosure/XSS) Multiple Vulnerabilities
zeeproperty 1.0 (upload/XSS) Multiple Vulnerabilities
zeeproperty 1.0 - (upload/XSS) Multiple Vulnerabilities
Openfire Server <= 3.6.0a (Auth Bypass/SQL/XSS) Multiple Vulnerabilities
Openfire Server <= 3.6.0a - (Auth Bypass/SQL/XSS) Multiple Vulnerabilities
AJSquare Free Polling Script (DB) Multiple Vulnerabilities
AJSquare Free Polling Script - (DB) Multiple Vulnerabilities
turnkeyforms Web Hosting Directory Multiple Vulnerabilities
turnkeyforms Web Hosting Directory - Multiple Vulnerabilities
GS Real Estate Portal US/International Module Multiple Vulnerabilities
GS Real Estate Portal US/International Module - Multiple Vulnerabilities
bandwebsite 1.5 (SQL/XSS) Multiple Vulnerabilities
bandwebsite 1.5 - (SQL/XSS) Multiple Vulnerabilities
chipmunk topsites (auth bypass/XSS) Multiple Vulnerabilities
clean CMS 1.5 (blind SQL Injection/XSS) Multiple Vulnerabilities
chipmunk topsites - (auth bypass/XSS) Multiple Vulnerabilities
clean CMS 1.5 - (blind SQL Injection/XSS) Multiple Vulnerabilities
Ocean12 Contact Manager Pro (SQL/XSS/DDV) Multiple Vulnerabilities
Ocean12 Contact Manager Pro - (SQL/XSS/DDV) Multiple Vulnerabilities
comersus asp shopping cart (dd/XSS) Multiple Vulnerabilities
comersus asp shopping cart - (DD/XSS) Multiple Vulnerabilities
minimal ablog 0.4 (SQL/fu/bypass) Multiple Vulnerabilities
minimal ablog 0.4 - (SQL/fu/bypass) Multiple Vulnerabilities
Ocean12 Mailing List Manager Gold (DD/SQL/XSS) Vulnerabilities
Ocean12 Mailing List Manager Gold - (DD/SQL/XSS) Vulnerabilities
wbstreet 1.0 (SQL/dd) Multiple Vulnerabilities
wbstreet 1.0 - (SQL/DD) Multiple Vulnerabilities
template creature (SQL/dd) Multiple Vulnerabilities
template creature - (SQL/DD) Multiple Vulnerabilities
merlix educate servert (bypass/dd) Multiple Vulnerabilities
merlix educate servert - (bypass/DD) Multiple Vulnerabilities
nightfall personal diary 1.0 - (XSS/dd) Multiple Vulnerabilities
Merlix Teamworx Server (DD/Bypass) Multiple Remote Vulnerabilities
nightfall personal diary 1.0 - (XSS/DD) Multiple Vulnerabilities
Merlix Teamworx Server - (DD/Bypass) Multiple Remote Vulnerabilities
asp autodealer (SQL/dd) Multiple Vulnerabilities
asp autodealer - (SQL/DD) Multiple Vulnerabilities
aspmanage banners (rfu/dd) Multiple Vulnerabilities
aspmanage banners - (RFU/DD) Multiple Vulnerabilities
asp talk (SQL/css) Multiple Vulnerabilities
asp talk - (SQL/css) Multiple Vulnerabilities
siu guarani Multiple Vulnerabilities
siu guarani - Multiple Vulnerabilities
webcaf <= 1.4 - (LFI/rce) Multiple Vulnerabilities
webcaf <= 1.4 - (LFI/RCE) Multiple Vulnerabilities
postecards (SQL/dd) Multiple Vulnerabilities
postecards - (SQL/DD) Multiple Vulnerabilities
living Local 1.1 - (XSS-rfu) Multiple Vulnerabilities
living Local 1.1 - (XSS/rfu) Multiple Vulnerabilities
cf shopkart 5.2.2 (SQL/dd) Multiple Vulnerabilities
cf shopkart 5.2.2 - (SQL/DD) Multiple Vulnerabilities
the net guys aspired2blog (SQL/dd) Multiple Vulnerabilities
the net guys aspired2blog - (SQL/dd) Multiple Vulnerabilities
joomla live chat (SQL/proxy) Multiple Vulnerabilities
joomla live chat - (SQL/proxy) Multiple Vulnerabilities
isweb CMS 3.0 (SQL/XSS) Multiple Vulnerabilities
isweb CMS 3.0 - (SQL/XSS) Multiple Vulnerabilities
clickandemail (SQL/XSS) Multiple Vulnerabilities
click&rank (SQL/XSS) Multiple Vulnerabilities
clickandemail - (SQL/XSS) Multiple Vulnerabilities
click&rank - (SQL/XSS) Multiple Vulnerabilities
Liberum Help Desk 0.97.3 (SQL/DD) Remote Vulnerabilities
Zelta E Store (RFU/BYPASS/R-SQL/B-SQL) Multiple Vulnerabilities
Liberum Help Desk 0.97.3 - (SQL/DD) Remote Vulnerabilities
Zelta E Store - (RFU/BYPASS/R-SQL/B-SQL) Multiple Vulnerabilities
2532/gigs 1.2.2 - stable Multiple Vulnerabilities
2532/gigs 1.2.2 stable - Multiple Vulnerabilities
constructr CMS <= 3.02.5 stable Multiple Vulnerabilities
constructr CMS <= 3.02.5 stable - Multiple Vulnerabilities
chicomas <= 2.0.4 (DB Backup/DD/XSS) Multiple Vulnerabilities
chicomas <= 2.0.4 - (DB Backup/DD/XSS) Multiple Vulnerabilities
yourplace <= 1.0.2 - Multiple Vulnerabilities + rce Exploit
yourplace <= 1.0.2 - Multiple Vulnerabilities + RCE Exploit
doop CMS <= 1.4.0b (CSRF/upload shell) Multiple Vulnerabilities
doop CMS <= 1.4.0b - (CSRF/upload shell) Multiple Vulnerabilities
Nokia S60 SMS/Mms (Curse of Silence) Denial of Service Vulnerability
Nokia S60 SMS/MMS (Curse of Silence) - Denial of Service Vulnerability
Seo4SMF for SMF forums Multiple Vulnerabilities
Seo4SMF for SMF forums - Multiple Vulnerabilities
mkportal <= 1.2.1 () Multiple Vulnerabilities
mkportal <= 1.2.1 - Multiple Vulnerabilities
rankem (dd/XSS/cm) Multiple Vulnerabilities
blogit! (SQL/dd/XSS) Multiple Vulnerabilities
rankem - (DD/XSS/cm) Multiple Vulnerabilities
blogit! - (SQL/DD/XSS) Multiple Vulnerabilities
E-ShopSystem Auth Bypass / SQL Injection Multiple Vulnerabilities
E-ShopSystem - (Auth Bypass / SQL Injection) Multiple Vulnerabilities
Motorola Wimax modem CPEi300 (FD/XSS) Multiple Vulnerabilities
Motorola Wimax modem CPEi300 - (FD/XSS) Multiple Vulnerabilities
navicopa webserver 3.0.1 (bof/sd) Multiple Vulnerabilities
navicopa webserver 3.0.1 - (bof/sd) Multiple Vulnerabilities
Power System Of Article Management 3.0 - (DD/XSS) Vulnerabilities
team 1.x - (dd/XSS) Multiple Vulnerabilities
Power System Of Article Management 3.0 - (DD/XSS) Multiple Vulnerabilities
team 1.x - (DD/XSS) Multiple Vulnerabilities
gr blog 1.1.4 (upload/bypass) Multiple Vulnerabilities
gr blog 1.1.4 - (upload/bypass) Multiple Vulnerabilities
zeroboard4 pl8 (07.12.17) Multiple Vulnerabilities
zeroboard4 pl8 (07.12.17) - Multiple Vulnerabilities
SilverNews 2.04 (Auth Bypass/LFI/RCE) Multiple Vulnerabilities
SilverNews 2.04 - (Auth Bypass/LFI/RCE) Multiple Vulnerabilities
w3bcms <= 3.5.0 - Multiple Vulnerabilities Exploit
w3bcms <= 3.5.0 - Multiple Vulnerabilities
powermovielist 0.14b (SQL/XSS) Multiple Vulnerabilities
powermovielist 0.14b - (SQL/XSS) Multiple Vulnerabilities
ritsblog 0.4.2 (ab/XSS) Multiple Vulnerabilities
Zabbix 1.6.2 Frontend Multiple Vulnerabilities
blindblog 1.3.1 (SQL/ab/LFI) Multiple Vulnerabilities
ritsblog 0.4.2 - (ab/XSS) Multiple Vulnerabilities
Zabbix 1.6.2 - Frontend - Multiple Vulnerabilities
blindblog 1.3.1 - (SQL/ab/LFI) Multiple Vulnerabilities
phpCommunity 2.1.8 (SQL/DT/XSS) Multiple Vulnerabilities
phpCommunity 2.1.8 - (SQL/DT/XSS) Multiple Vulnerabilities
Telnet-Ftp Service Server 1.x - Multiple Vulnerabilities (Post Auth)
Telnet-Ftp Service Server 1.x - (Post Auth) Multiple Vulnerabilities
Femitter FTP Server 1.x - Multiple Vulnerabilities (post auth)
Femitter FTP Server 1.x - (Post Auth) Multiple Vulnerabilities
Diskos CMS Manager (SQL/DB/Auth Bypass) Multiple Vulnerabilities
Diskos CMS Manager - (SQL/DB/Auth Bypass) Multiple Vulnerabilities
Linux Kernel 2.6 - UDEV Local Privilege Escalation Exploit
Linux Kernel 2.6 (Debian / Ubuntu / Gentoo) - UDEV Local Privilege Escalation Exploit
flatnux 2009-03-27 (upload/id) Multiple Vulnerabilities
flatnux 2009-03-27 - (upload/id) Multiple Vulnerabilities
fungamez rc1 (ab/LFI) Multiple Vulnerabilities
fungamez rc1 - (ab/LFI) Multiple Vulnerabilities
mixedcms 1.0b (LFI/su/ab/fd) Multiple Vulnerabilities
mixedcms 1.0b - (LFI/su/ab/fd) Multiple Vulnerabilities
fowlcms 1.1 (ab/LFI/su) Multiple Vulnerabilities
fowlcms 1.1 - (ab/LFI/su) Multiple Vulnerabilities
dwebpro 6.8.26 (dt/fd) Multiple Vulnerabilities
dwebpro 6.8.26 - (dt/fd) Multiple Vulnerabilities
Linux Kernel 2.6.x - SCTP FWD Memory Corruption Remote Exploit
Linux Kernel 2.6.x (<= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10) (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit
Linux Kernel 2.6 UDEV < 141 - Local Privilege Escalation Exploit
Linux Kernel 2.6 UDEV < 141 (Gentoo / Ubuntu 8.10/9.04) - Local Privilege Escalation Exploit
leap CMS 0.1.4 (SQL/XSS/su) Multiple Vulnerabilities
leap CMS 0.1.4 - (SQL/XSS/su) Multiple Vulnerabilities
tematres 1.0.3 (auth bypass/SQL/XSS) Multiple Vulnerabilities
tematres 1.0.3 - (auth bypass/SQL/XSS) Multiple Vulnerabilities
Linux Kernel 2.6.x - ptrace_attach Local Privilege Escalation Exploit
Linux Kernel 2.6.x (Gentoo 2.6.29rc1) - ptrace_attach Local Privilege Escalation Exploit
2daybiz business community script Multiple Vulnerabilities
Easy Scripts Answer and Question Script Multiple Vulnerabilities
2daybiz business community script - Multiple Vulnerabilities
Easy Scripts Answer and Question Script - Multiple Vulnerabilities
my-colex 1.4.2 (ab/XSS/SQL) Multiple Vulnerabilities
my-gesuad 0.9.14 (ab/SQL/XSS) Multiple Vulnerabilities
my-colex 1.4.2 - (ab/XSS/SQL) Multiple Vulnerabilities
my-gesuad 0.9.14 - (ab/SQL/XSS) Multiple Vulnerabilities
vidshare pro (SQL/XSS) Multiple Vulnerabilities
vidshare pro - (SQL/XSS) Multiple Vulnerabilities
Mac OS X - Java applet Remote Deserialization Remote PoC (updated)
Mac OS X - Java applet Remote Deserialization Remote PoC (Updated)
asp inline corporate calendar (SQL/XSS) Multiple Vulnerabilities
asp inline corporate calendar - (SQL/XSS) Multiple Vulnerabilities
minitwitter 0.3-beta (SQL/XSS) Multiple Vulnerabilities
minitwitter 0.3-beta - (SQL/XSS) Multiple Vulnerabilities
elitecms 1.01 (SQL/XSS) Multiple Vulnerabilities
elitecms 1.01 - (SQL/XSS) Multiple Vulnerabilities
flashlight free edition (LFI/SQL) Multiple Vulnerabilities
flashlight free edition - (LFI/SQL) Multiple Vulnerabilities
propertymax pro free (SQL/XSS) Multiple Vulnerabilities
propertymax pro free - (SQL/XSS) Multiple Vulnerabilities
podcast generator <= 1.2 - globals[] Multiple Vulnerabilities
podcast generator <= 1.2 - globals[] - Multiple Vulnerabilities
kloxo 5.75 (24 issues) Multiple Vulnerabilities
kloxo 5.75 - (24 issues) Multiple Vulnerabilities
virtue news (SQL/XSS) Multiple Vulnerabilities
virtue news - (SQL/XSS) Multiple Vulnerabilities
mrcgiguy the ticket system 2.0 php Multiple Vulnerabilities
mrcgiguy the ticket system 2.0 php - Multiple Vulnerabilities
mrcgiguy freeticket (ch/SQL) Multiple Vulnerabilities
mrcgiguy freeticket - (ch/SQL) Multiple Vulnerabilities
impleo music collection 2.0 (SQL/XSS) Multiple Vulnerabilities
impleo music collection 2.0 - (SQL/XSS) Multiple Vulnerabilities
kasseler CMS (fd/XSS) Multiple Vulnerabilities
kasseler CMS - (fd/XSS) Multiple Vulnerabilities
tribiq CMS 5.0.12c (XSS/LFI) Multiple Vulnerabilities
tribiq CMS 5.0.12c - (XSS/LFI) Multiple Vulnerabilities
Virtue Online Test Generator (AB/SQL/XSS) Multiple Vulnerabilities
Virtue Online Test Generator - (AB/SQL/XSS) Multiple Vulnerabilities
Linux Kernel <= 2.6.28.3 - set_selection() UTF-8 Off By One Local Exploit (x86-64)
Linux Kernel <= 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 & Fedora Core 10) (x86-64) - set_selection() UTF-8 Off By One Local Exploit
Siteframe CMS 3.2.x SQL Injection/phpinfo() Multiple Vulnerabilities
Siteframe CMS 3.2.x - (SQL Injection/phpinfo()) Multiple Vulnerabilities
citrix xencenterweb - (XSS/SQL/rce) Multiple Vulnerabilities
citrix xencenterweb - (XSS/SQL/RCE) Multiple Vulnerabilities
FreeBSD 6/8 (ata device) Local Denial of Service Exploit
FreeBSD 6/8 - (ata device) Local Denial of Service Exploit
good/bad vote (XSS/LFI) Multiple Vulnerabilities
good/bad vote - (XSS/LFI) Multiple Vulnerabilities
Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux / RHEL5 - Test Kernel Local Root Exploit (0day)
Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Kernel Local Root Exploit (0day)
mcshoutbox 1.1 (SQL/XSS/shell) Multiple Vulnerabilities
mcshoutbox 1.1 - (SQL/XSS/shell) Multiple Vulnerabilities
DD-WRT (httpd service) Remote Command Execution Vulnerability
DD-WRT - (httpd service) Remote Command Execution Vulnerability
tenrok 1.1.0 (udd/rce) Multiple Vulnerabilities
tenrok 1.1.0 - (udd/RCE) Multiple Vulnerabilities
logoshows bbs 2.0 (dd/ich) Multiple Vulnerabilities
logoshows bbs 2.0 - (DD/ich) Multiple Vulnerabilities
Linux Kernel 2.x - sock_sendpage() Local Ring0 Root Exploit (1)
Linux Kernel 2.x (Redhat) - sock_sendpage() Ring0 Local Root Exploit (1)
Linux Kernel 2.4 / 2.6 - sock_sendpage() ring0 Root Exploit (1)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4~11 / Whitebox 4 / CentOS 4) - sock_sendpage() ring0 Root Exploit (1)
Linux Kernel <= 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure
Linux Kernel <= 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure Proof of Concept
Linux Kernel 2.6 < 2.6.19 - (32-bit) ip_append_data() ring0 Root Exploit
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6) - (32-bit) ip_append_data() ring0 Root Exploit
Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (PPC Edition)
Linux Kernel 2.4.x / 2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SUSE 10 SP2/11 / Ubuntu 8.10) - sock_sendpage() Local Root (PPC)
Linux Kernel < 2.6.19 - udp_sendmsg Local Root Exploit (x86/x64)
Linux Kernel < 2.6.19 - udp_sendmsg Local Root Exploit
Linux Kernel < 2.6.19 (x86/x64) - udp_sendmsg Local Root Exploit
Linux Kernel < 2.6.19 (Debian 4) - udp_sendmsg Local Root Exploit
Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (2)
Linux Kernel 2.4 / 2.6 (Fedora 11) - sock_sendpage() Local Root Exploit (2)
Joomla Hotel Booking System - XSS/SQL Injection Multiple Vulnerabilities
Joomla Hotel Booking System - (XSS/SQL Injection) Multiple Vulnerabilities
Alteon OS BBI (Nortell) - Multiple Vulnerabilities XSS and CSRF
Alteon OS BBI (Nortell) - (XSS and CSR) Multiple Vulnerabilities
Linux Kernel - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty
Linux Kernel - 'pipe.c' Local Privilege Escalation Vulnerability
Linux Kernel 2.6.x - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty
Linux Kernel <= 2.6.32 - 'pipe.c' Local Privilege Escalation Vulnerability
Linux Kernel - 'unix_stream_connect()' Local Denial of Service Vulnerability
Linux Kernel <= 2.6.31.4 - 'unix_stream_connect()' Local Denial of Service Vulnerability
Unreal Tournament 2004 - _Secure_ Overflow
Unreal Tournament 2004 - 'Secure' Overflow
VMWare Fusion <= 2.0.5 - vmx86 kext Local kernel Root Exploit
VMWare Fusion <= 2.0.5 - vmx86 kext Kernel Local Root Exploit
PHP < 5.3.1 - _multipart/form-data_ Denial of Service Exploit (Python)
PHP < 5.3.1 - 'multipart/form-data' Denial of Service Exploit (Python)
sugar crm 5.5.0.rc2 and 5.2.0j Multiple Vulnerabilities
sugar crm 5.5.0.rc2 and 5.2.0j - Multiple Vulnerabilities
Huawei MT882 Modem/Router Multiple Vulnerabilities
Huawei MT882 Modem/Router - Multiple Vulnerabilities
DigitalHive Multiple Vulnerabilities
DigitalHive - Multiple Vulnerabilities
zabbix server Multiple Vulnerabilities
zabbix server - Multiple Vulnerabilities
Ez Faq Maker Multiple Vulnerabilities
Ez Faq Maker - Multiple Vulnerabilities
Ez Blog 1.0 - XSS/CSRF Multiple Vulnerabilities
Ez Blog 1.0 - (XSS/CSRF) Multiple Vulnerabilities
Recipe Script 5.0 - Shell Upload/CSRF/XSS Multiple Vulnerabilities
Recipe Script 5.0 - (Shell Upload/CSRF/XSS) Multiple Vulnerabilities
eUploader PRO 3.1.1 - CSRF/XSS Multiple Vulnerabilities
eUploader PRO 3.1.1 - (CSRF/XSS) Multiple Vulnerabilities
Horde 3.3.5 - _PHP_SELF_ XSS Vulnerability
Horde 3.3.5 - 'PHP_SELF' XSS Vulnerability
Lizard Cart Upload Shell Vulnerability
Lizard Cart - Upload Shell Vulnerability
Mega Upload Upload Shell Vulnerability
Mega Upload 1.45 - Upload Shell Vulnerability
MyCart shopping cart Upload Shell Vulnerability
oscommerce <= 2.2rc2a Bypass/Create and Download Backup Vulnerability
MyCart shopping cart - Upload Shell Vulnerability
osCommerce <= 2.2rc2a - Bypass/Create and Download Backup Vulnerability
gallery_show.asp GID suffer from Blind SQL Injection Vulnerability
gallery_show.asp - GID Blind SQL Injection Vulnerability
Mini-NUKE 2.3 - Freehost Multiple Vulnerabilities
Mini-NUKE 2.3 Freehost - Multiple Vulnerabilities
VirtualDJ Trial 6.0.6 - _New Year Edition_ - (.m3u) Exploit (0day)
VirtualDJ Trial 6.0.6 - 'New Year Edition' - (.m3u) Exploit (0day)
PHPDirector Game Edition 0.1 - Multiple Vulnerabilities (LFI/SQLi/XSS)
PHPDirector Game Edition 0.1 - (LFI/SQLi/XSS) Multiple Vulnerabilities
Docebo 3.6.0.2 (stable) Local File Inclusion
Docebo 3.6.0.2 (stable) - Local File Inclusion
CLONEBID B2B Marketplace Multiple Vulnerabilities
ITechSctipts Alibaba Clone Multiple Vulnerabilities
CLONEBID B2B Marketplace - Multiple Vulnerabilities
ITechSctipts Alibaba Clone - Multiple Vulnerabilities
ManageEngine OpUtils 5 - _Login.DO_ SQL Injection Vulnerability
ManageEngine OpUtils 5 - 'Login.DO' SQL Injection Vulnerability
CMS by MyWorks Multiple Vulnerabilities
CMS by MyWorks - Multiple Vulnerabilities
DZ Auktionshaus _V4.rgo_ (id) news.php - SQL Injection Vulnerability
DZ Auktionshaus 'V4.rgo' (id) news.php - SQL Injection Vulnerability
PhpCityPortal Multiple Vulnerabilities
PhpCityPortal - Multiple Vulnerabilities
Joomla Component com_ckforms Multiple Vulnerabilities
Joomla Component com_ckforms - Multiple Vulnerabilities
Joomla Component com_vxdate Multiple Vulnerabilities
Joomla Component com_vxdate - Multiple Vulnerabilities
Adult Video Site Script Multiple Vulnerabilities
Adult Video Site Script - Multiple Vulnerabilities
iOS Safari - Bad _VML_ Remote DoS
iOS Safari - Bad 'VML' Remote DoS
Linux Kernel <= 2.6.34-rc3 ReiserFS xattr - Privilege Escalation
Linux Kernel <= 2.6.34-rc3 ReiserFS xattr (Redhat/Ubuntu 9.10) - Privilege Escalation
vBulletin _Cyb - Advanced Forum Statistics_ DoS
vBulletin 'Cyb - Advanced Forum Statistics' DoS
dl_stats Multiple Vulnerabilities
dl_stats - Multiple Vulnerabilities
avtech software (avc781viewer.dll) ActiveX Multiple Vulnerabilities
avtech software (avc781viewer.dll) ActiveX - Multiple Vulnerabilities
lanewsfactory Multiple Vulnerabilities
lanewsfactory - Multiple Vulnerabilities
MacOS X 10.6 HFS File System Attack (Denial of Service)
MacOS X 10.6 - HFS File System Attack (Denial of Service)
WFTPD Server 3.30 - Multiple Vulnerabilities (0day)
WFTPD Server 3.30 - (0day) Multiple Vulnerabilities
CompactCMS 1.4.0 (tiny_mce) Remote File Upload
CompactCMS 1.4.0 (tiny_mce) - Remote File Upload
Tainos Multiple Vulnerabilities
Tainos - Multiple Vulnerabilities
Joomla Component com_event Multiple Vulnerabilities
Joomla Component com_event - Multiple Vulnerabilities
B-Hind CMS (tiny_mce) Remote File Upload
B-Hind CMS (tiny_mce) - Remote File Upload
ComponentOne VSFlexGrid 7 & 8 - _Archive()_ method Remote Buffer Overflow Exploit
ComponentOne VSFlexGrid 7 & 8 - 'Archive()' method Remote Buffer Overflow Exploit
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - _PORT_ Command Remote DoS
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - 'PORT' Command Remote DoS
Blaze Apps Multiple Vulnerabilities
Blaze Apps - Multiple Vulnerabilities
Joomla Component My Car Multiple Vulnerabilities
Joomla Component My Car - Multiple Vulnerabilities
Marketing Web Design Multiple Vulnerabilities
Marketing Web Design - Multiple Vulnerabilities
Aim Web Design Multiple Vulnerabilities
Aim Web Design - Multiple Vulnerabilities
Zeeways Script Multiple Vulnerabilities
Zeeways Script - Multiple Vulnerabilities
QuickTalk 1.2 - Multiple Vulnerabilities (Source Code Disclosure)
QuickTalk 1.2 - (Source Code Disclosure) Multiple Vulnerabilities
Joomla Component ChronoConnectivity
Joomla Component ChronoForms (com_chronocontact)
Joomla Component ChronoConnectivity (com_chronoconnectivity) - Blind SQL Injection Vulnerability
Joomla Component ChronoForms (com_chronocontact) - Blind SQL Injection Vulnerability
Simple Posting System Multiple Vulnerabilities
Simple Posting System - Multiple Vulnerabilities
Joomla Component com_djartgallery Multiple Vulnerabilities
Joomla Component com_djartgallery - Multiple Vulnerabilities
Miniweb 2.0 Business Portal and Social Networking Platform SQL Injection
Miniweb 2.0 Business Portal and Social Networking Platform - SQL Injection
E-PHP B2B Marketplace Multiple Vulnerabilities
E-PHP B2B Marketplace - Multiple Vulnerabilities
DaLogin Multiple Vulnerabilities
DaLogin - Multiple Vulnerabilities
Novell iManager Multiple Vulnerabilities
Novell iManager - Multiple Vulnerabilities
2DayBiz Video Community portal - _user-profile.php_ SQL Injection Vulnerability
2DayBiz Real Estate Portal - _viewpropertydetails.php_ SQL injection
2DayBiz Video Community portal - 'user-profile.php' SQL Injection Vulnerability
2DayBiz Real Estate Portal - 'viewpropertydetails.php' SQL injection
NO-IP.com Dynamic DNS Update Client 2.2.1 - _Request_ Insecure Encoding Algorithm
NO-IP.com Dynamic DNS Update Client 2.2.1 - 'Request' Insecure Encoding Algorithm
TCW PHP Album Multiple Vulnerabilities
Esoftpro Online Guestbook Pro Multiple Vulnerabilities
TCW PHP Album - Multiple Vulnerabilities
Esoftpro Online Guestbook Pro - Multiple Vulnerabilities
Esoftpro Online Contact Manager Multiple Vulnerabilities
Esoftpro Online Contact Manager - Multiple Vulnerabilities
Joomla Component Sef (com_sef) - LFI Vulnerability
Joomla Component SEF (com_sef) - Local File Inclusion Vulnerability
artforms 2.1b7.2 rc2 joomla component Multiple Vulnerabilities
artforms 2.1b7.2 rc2 joomla component - Multiple Vulnerabilities
Qt 4.6.3 - _QSslSocketBackendPrivate::transmit()_ Denial of Service
Qt 4.6.3 - 'QSslSocketBackendPrivate::transmit()' Denial of Service
Macs CMS 1.1.4 - Multiple Vulnerabilities (XSS/CSRF)
Macs CMS 1.1.4 - (XSS/CSRF) Multiple Vulnerabilities
GetSimple CMS 2.01 - Multiple Vulnerabilities (XSS/CSRF)
Ubuntu 9.10 (Karmic Koala) & 10.04 LTS (Lucid Lynx) PAM 1.1.0 MOTD - Local Root Exploit
GetSimple CMS 2.01 - (XSS/CSRF) Multiple Vulnerabilities
PAM 1.1.0 MOTD (Ubuntu 9.10/10.04) - Local Root Exploit
Joomla Component QContacts (com_qcontacts) SQL Injection Vulnerability
Joomla Component QContacts (com_qcontacts) - SQL Injection Vulnerability
Ubuntu 10.04 LTS - Lucid Lynx ftp Client 0.17-19build1 ACCT - Buffer Overflow
ftp Client 0.17-19build1 ACCT (Ubuntu 10.04) - Buffer Overflow
Microsoft Windows - Win32k.sys Driver _CreateDIBPalette()_ Buffer Overflow
Microsoft Windows - Win32k.sys Driver 'CreateDIBPalette()' Buffer Overflow
Easy FTP - BoF Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands
Zendesk Multiple Vulnerabilities
Easy FTP 1.7.0.11 - BoF Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands
Zendesk - Multiple Vulnerabilities
Mediacoder 0.7.5.4710 - _Universal_ SEH Buffer Overflow Exploit
Mediacoder 0.7.5.4710 - 'Universal' SEH Buffer Overflow Exploit
Simple Forum PHP Multiple Vulnerabilities
Simple Forum PHP - Multiple Vulnerabilities
Linux Kernel < 2.6.36-rc1 CAN BCM - Privilege Escalation Exploit
Linux Kernel < 2.6.36-rc1 CAN BCM (Ubuntu 10.04 / 2.6.32-21) - Privilege Escalation Exploit
Apple QuickTime __Marshaled_pUnk_ Backdoor Param Client-Side Arbitrary Code Execution
Apple QuickTime '_Marshaled_pUnk' Backdoor Param Client-Side Arbitrary Code Execution
Adobe Acrobat Reader and Flash Player - _newclass_ invalid pointer
Adobe Acrobat Reader and Flash Player - 'newclass' invalid pointer
Shop a la Cart Multiple Vulnerabilities
Shop a la Cart - Multiple Vulnerabilities
ifnuke - Multiple Vulnerabilities (0day)
ifnuke - (0day) Multiple Vulnerabilities
dynpage <= 1.0 - Multiple Vulnerabilities (0day)
dynpage <= 1.0 - (0day) Multiple Vulnerabilities
sirang web-based d-control Multiple Vulnerabilities
sirang web-based d-control - Multiple Vulnerabilities
Microsoft Office Visio - .DXF File Stack based Overflow
Microsoft Office Visio 2002 - .DXF File Stack based Overflow
Mozilla Firefox - XSLT Sort Remote Code Execution Vulnerability
Mozilla Firefox 3.6.3 - XSLT Sort Remote Code Execution Vulnerability
Zeeways Adserver Multiple Vulnerabilities
Zeeways Adserver - Multiple Vulnerabilities
Microsoft Office Word 2007 - sprmCMajority Buffer Overflow
Microsoft Office Word 2007 SP2 - sprmCMajority Buffer Overflow
Adobe Acrobat and Reader - _pushstring_ Memory Corruption
Adobe Acrobat and Reader - 'pushstring' Memory Corruption
Linux Kernel 2.6.27 < 2.6.36 - x86_64 compat Local Root Exploit
Linux Kernel 2.6.27 < 2.6.36 (x86_64) (Redhat) - compat Local Root Exploit
Firefox Plugin Parameter EnsureCachedAttrParamArrays - Remote Code Execution
Firefox 3.6.4 - Plugin Parameter EnsureCachedAttrParamArrays - Remote Code Execution
xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection _reviews.php_
xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection 'reviews.php'
Java CMM readMabCurveData - Stack Overflow
Java 6.19 CMM readMabCurveData - Stack Overflow
Microsoft drm technology (msnetobj.dll) ActiveX Multiple Vulnerabilities
RarCrack 0.2 - _filename_ init() .bss PoC
Microsoft drm technology (msnetobj.dll) ActiveX - Multiple Vulnerabilities
RarCrack 0.2 - 'filename' init() .bss PoC
je guestbook 1.0 joomla component Multiple Vulnerabilities
je guestbook 1.0 joomla component - Multiple Vulnerabilities
Allpc 2.5 osCommerce SQL/XSS Multiple Vulnerabilities
Allpc 2.5 osCommerce - (SQL/XSS) Multiple Vulnerabilities
Linux Kernel < 2.6.36-rc6 - pktcdvd Kernel Memory Disclosure
Linux Kernel < 2.6.36-rc6 (Redhat/Ubuntu 10.04) - pktcdvd Kernel Memory Disclosure Proof of Concept
TradeMC E-Ticaret SQL and XSS Multiple Vulnerabilities
TradeMC E-Ticaret (SQL/XSS) Multiple Vulnerabilities
Cag CMS 0.2 - XSS & Blind SQL Injection Multiple Vulnerabilities
Cag CMS 0.2 - (XSS/Blind SQL Injection) Multiple Vulnerabilities
js calendar 1.5.1 joomla component Multiple Vulnerabilities
js calendar 1.5.1 joomla component - Multiple Vulnerabilities
Oracle Java 6 - OBJECT tag _launchjnlp_/_docbase_ Param Buffer Overflow Exploit
Oracle Java 6 - OBJECT tag 'launchjnlp'/'docbase' Param Buffer Overflow Exploit
Linux Kernel - VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability
Linux Kernel <= 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability
Sybase Advantage Data Architect - _*.SQL_ Format Heap Oveflow
Sybase Advantage Data Architect - '*.SQL' Format Heap Oveflow
Minishare 1.5.5 - Buffer Overflow Vulnerability (users.txt)
Minishare 1.4.0 - 1.5.5 - Buffer Overflow Vulnerability (users.txt)
Linux Kernel - Stack Infoleaks Vulnerability
Linux Kernel <= 2.4.0 - Stack Infoleaks Vulnerability
Joomla Component ccBoard 1.2-RC Multiple Vulnerabilities
Joomla Component ccBoard 1.2-RC - Multiple Vulnerabilities
CLANSPHERE 2010.0 Final Multiple Vulnerabilities
CLANSPHERE 2010.0 Final - Multiple Vulnerabilities
Linux Kernel - 'setup_arg_pages()' Denial of Service Vulnerability
Linux Kernel <= 2.6.37 - 'setup_arg_pages()' Denial of Service Vulnerability
Linux Kernel - Unix Sockets Local Denial of Service
Linux Kernel <= 2.6.37 - Unix Sockets Local Denial of Service
Site2Nite Big Truck Broker _txtSiteId_ SQL Injection Vulnerability
Site2Nite Big Truck Broker - 'txtSiteId' SQL Injection Vulnerability
Linux Kernel <= 2.6.37 - Local Privilege Escalation (Full Nelson)
Linux Kernel <= 2.6.37 (Redhat / Ubuntu 10.04) - 'Full Nelson' Local Privilege Escalation
Habari Blog Multiple Vulnerabilities
Habari Blog - Multiple Vulnerabilities
Linux Kernel 2.6.34 - CAP_SYS_ADMIN x86 - Local Privilege Escalation Exploit
Linux Kernel < 2.6.34 (Ubuntu 10.10) - CAP_SYS_ADMIN x86 - Local Privilege Escalation Exploit (1)
F3Site 2011 alfa 1 - Multiple Vulnerabilities (XSS & CSRF)
phpMySport 1.4 - Multiple Vulnerabilities (SQLi & Auth Bypass & Path Disclosure)
F3Site 2011 alfa 1 - (XSS & CSRF) Multiple Vulnerabilities
phpMySport 1.4 - (SQLi & Auth Bypass & Path Disclosure) Multiple Vulnerabilities
Linux Kernel < 2.6.34 - CAP_SYS_ADMIN x86 & x64 - Local Privilege Escalation Exploit (2)
Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 110.10) - Local Privilege Escalation Exploit (2)
Comcast DOCSIS 3.0 Business Gateways Multiple Vulnerabilities
Comcast DOCSIS 3.0 Business Gateways - Multiple Vulnerabilities
T-Content Managment System Multiple Vulnerabilities
T-Content Managment System - Multiple Vulnerabilities
Samba _username map script_ Command Execution
Samba 'username map script' Command Execution
Adobe CoolType SING Table _uniqueName_ Stack Buffer Overflow
Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow
Microsoft Internet Explorer - _Aurora_ Memory Corruption
Microsoft Internet Explorer - 'Aurora' Memory Corruption
Adobe Flash Player _newfunction_ Invalid Pointer Use
Adobe Flash Player - 'newfunction' Invalid Pointer Use
Adobe CoolType SING Table _uniqueName_ Stack Buffer Overflow
Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow
Adobe Flash Player _Button_ Remote Code Execution
Adobe Flash Player - 'Button' Remote Code Execution
Adobe Flash Player _newfunction_ Invalid Pointer Use
Adobe Flash Player - 'newfunction' Invalid Pointer Use
Unreal Tournament 2004 - _secure_ Overflow (Win32)
Unreal Tournament 2004 - 'secure' Overflow (Windows)
Unreal Tournament 2004 - _secure_ Overflow (Linux)
Unreal Tournament 2004 - 'secure' Overflow (Linux)
Tugux CMS 1.0_final Multiple Vulnerabilities
Tugux CMS 1.0_final - Multiple Vulnerabilities
Honey Soft Web Solution Multiple Vulnerabilities
Honey Soft Web Solution - Multiple Vulnerabilities
Joomla JCE Component (com_jce) Blind SQL Injection Vulnerability
Joomla JCE Component (com_jce) - Blind SQL Injection Vulnerability
Parnian Opendata CMS SQL Injection Vulnerability
Parnian Opendata CMS - SQL Injection Vulnerability
Time and Expense Management System Multiple Vulnerabilities
Time and Expense Management System - Multiple Vulnerabilities
ZyWALL USG - Appliance Multiple Vulnerabilities
ZyWALL USG - Appliance - Multiple Vulnerabilities
Cisco Unified Operations Manager Multiple Vulnerabilities
Microsoft Windows Vista/Server 2008 - _nsiproxy.sys_ Local Kernel DoS Exploit
Cisco Unified Operations Manager - Multiple Vulnerabilities
Microsoft Windows Vista/Server 2008 - 'nsiproxy.sys' Local Kernel DoS Exploit
HP Data Protector Client EXEC_SETUP Remote Code Execution PoC (ZDI-11-056)
HP Data Protector Client 6.11 - EXEC_SETUP Remote Code Execution PoC (ZDI-11-056)
HP Data Protector Client EXEC_CMD Remote Code Execution PoC (ZDI-11-055)
HP Data Protector Client 6.11 - EXEC_CMD Remote Code Execution PoC (ZDI-11-055)
Mozilla Firefox - _nsTreeRange_ Dangling Pointer Exploit
Mozilla Firefox - 'nsTreeRange' Dangling Pointer Exploit
Ollance Member Login Script Multiple Vulnerabilities
Ollance Member Login Script - Multiple Vulnerabilities
Adobe Reader X Atom Type Confusion Vulnerability Exploit
Adobe Reader X 10.0.0 - 10.0.1 - Atom Type Confusion Vulnerability Exploit
Mozilla Firefox _nsTreeRange_ Dangling Pointer Vulnerability
Mozilla Firefox - 'nsTreeRange' Dangling Pointer Vulnerability
Tradingeye E-commerce Shopping Cart Multiple Vulnerabilities
Tradingeye E-commerce Shopping Cart - Multiple Vulnerabilities
CA ARCserve D2D r15 GWT RPC Multiple Vulnerabilities
Safari - SVG DOM Processing PoC
CA ARCserve D2D r15 GWT RPC - Multiple Vulnerabilities
Safari 5.0.6_ 5.1 - SVG DOM Processing PoC
Link Station Pro Multiple Vulnerabilities
Link Station Pro - Multiple Vulnerabilities
Cart Software Multiple Vulnerabilities
Cart Software - Multiple Vulnerabilities
Omnistar Mailer Multiple Vulnerabilities
Omnistar Mailer - Multiple Vulnerabilities
Linux Kernel - 'perf_count_sw_cpu_clock' event Denial of Service
Linux Kernel 3.0.0 - 'perf_count_sw_cpu_clock' event Denial of Service
Linux Kernel < 2.6.36.2 - Econet Privilege Escalation Exploit
Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - Econet Privilege Escalation Exploit
MYRE Real Estate Software Multiple Vulnerabilities
MYRE Real Estate Software - Multiple Vulnerabilities
Cisco TelePresence Multiple Vulnerabilities - SOS-11-010
Cisco TelePresence SOS-11-010 - Multiple Vulnerabilities
FreeBSD UIPC socket heap Overflow proof-of-concept
FreeBSD - UIPC socket heap Overflow Proof of Concept
GotoCode Online Bookstore Multiple Vulnerabilities
GotoCode Online Bookstore - Multiple Vulnerabilities
DivX Plus Web Player _file://_ Buffer Overflow Vulnerability PoC
DivX Plus Web Player - 'file://' Buffer Overflow Vulnerability PoC
EFront <= 3.6.9 Community Edition Multiple Vulnerabilities
EFront <= 3.6.9 Community Edition - Multiple Vulnerabilities
GotoCode Online Classifieds Multiple Vulnerabilities
GotoCode Online Classifieds - Multiple Vulnerabilities
6kbbs Multiple Vulnerabilities
6kbbs - Multiple Vulnerabilities
POSH Multiple Vulnerabilities
POSH - Multiple Vulnerabilities
NoNumber Framework Joomla! Plugin Multiple Vulnerabilities
NoNumber Framework Joomla! Plugin - Multiple Vulnerabilities
Uiga Personal Portal Multiple Vulnerabilities
Uiga Personal Portal - Multiple Vulnerabilities
Barter Sites 1.3 Joomla Component Multiple Vulnerabilities
Barter Sites 1.3 Joomla Component - Multiple Vulnerabilities
zFTP Server _cwd/stat_ Remote Denial-of-Service
zFTP Server - 'cwd/stat' Remote Denial-of-Service
JEEMA Sms 3.2 Joomla Component Multiple Vulnerabilities
Vik Real Estate 1.0 Joomla Component Multiple Vulnerabilities
JEEMA Sms 3.2 Joomla Component - Multiple Vulnerabilities
Vik Real Estate 1.0 Joomla Component - Multiple Vulnerabilities
ZTE ZXDSL 831IIV7.5.0a_Z29_OV Multiple Vulnerabilities
ZTE ZXDSL 831IIV7.5.0a_Z29_OV - Multiple Vulnerabilities
osCSS2 - __ID_ parameter Local file inclusion
osCSS2 - '_ID' parameter Local file inclusion
Infoproject Business Hero Multiple Vulnerabilities
Infoproject Business Hero - Multiple Vulnerabilities
SugarCRM CE <= 6.3.1 - _unserialize()_ PHP Code Execution
SugarCRM CE <= 6.3.1 - 'unserialize()' PHP Code Execution
ARYADAD Multiple Vulnerabilities
Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) - Mempodipper Local Root (1)
ARYADAD - Multiple Vulnerabilities
Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) (Gentoo / Ubuntu) - Mempodipper Local Root (1)
vBSEO <= 3.6.0 - _proc_deutf()_ Remote PHP Code Injection Exploit
vBSEO <= 3.6.0 - 'proc_deutf()' Remote PHP Code Injection Exploit
swDesk Multiple Vulnerabilities
swDesk - Multiple Vulnerabilities
Fork CMS 3.2.4 - Multiple Vulnerabilities (LFI/XSS)
Fork CMS 3.2.4 - (LFI/XSS) Multiple Vulnerabilities
DFLabs PTK <= 1.0.5 - Multiple Vulnerabilities (Steal Authentication Credentials)
DFLabs PTK <= 1.0.5 - (Steal Authentication Credentials) Multiple Vulnerabilities
HomeSeer HS2 and HomeSeer PRO Multiple Vulnerabilities
HomeSeer HS2 and HomeSeer PRO - Multiple Vulnerabilities
Adobe Flash Player .mp4 - 'cprt' Overflow_
Adobe Flash Player .mp4 - 'cprt' Overflow
Wolfcms <= 0.75 - Multiple Vulnerabilities (CSRF - XSS)
Wolfcms <= 0.75 - (CSRF/XSS) Multiple Vulnerabilities
Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow_
Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow'
MailMax <= 4.6 - POP3 - _USER_ Remote Buffer Overflow Exploit (No Login Needed)
MailMax <= 4.6 - POP3 - 'USER' Remote Buffer Overflow Exploit (No Login Needed)
Samsung D6000 TV Multiple Vulnerabilities
Samsung D6000 TV - Multiple Vulnerabilities
Websense Triton Multiple Vulnerabilities
Websense Triton - Multiple Vulnerabilities
QNX phrelay/phindows/phditto Multiple Vulnerabilities
QNX phrelay/phindows/phditto - Multiple Vulnerabilities
Lynx Message Server Multiple Vulnerabilities
Lynx Message Server - Multiple Vulnerabilities
SAP Netweaver Dispatcher Multiple Vulnerabilities
SAP Netweaver Dispatcher - Multiple Vulnerabilities
elearning server 4g Multiple Vulnerabilities
elearning server 4g - Multiple Vulnerabilities
Pro-face Pro-Server EX WinGP PC Runtime Multiple Vulnerabilities
Pro-face Pro-Server EX WinGP PC Runtime - Multiple Vulnerabilities
Axous 1.1.1 - Multiple Vulnerabilities (CSRF - Persistent XSS)
Axous 1.1.1 - (CSRF/Persistent XSS) Multiple Vulnerabilities
Active Collab _chat module_ <= 2.3.8 - Remote PHP Code Injection Exploit
Active Collab 'chat module' <= 2.3.8 - Remote PHP Code Injection Exploit
SunOS <= 4.1.3 kmem setgid /etc/crash Vulnerability
SunOS <= 4.1.3 - kmem setgid /etc/crash Vulnerability
Linux kernel 2.0/2.1 - SIGIO Vulnerability
Linux Kernel 2.0 / 2.1 - SIGIO Vulnerability
Digital UNIX <= 4.0 D_FreeBSD <= 2.2.4_HP HP-UX 10.20/11.0_IBM AIX <= 3.2.5_Linux kernel 2.0/2.1_NetBSD 1.2_Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability
Linux Kernel 2.0/2.1_ Digital UNIX <= 4.0 D_ FreeBSD <= 2.2.4_ HP HP-UX 10.20/11.0_ IBM AIX <= 3.2.5_ NetBSD 1.2_ Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability
Microsoft Windows - _April Fools 2001_ Vulnerability
Microsoft Windows - 'April Fools 2001' Vulnerability
Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 RAS Dial-up Networking _Save Password_ Vulnerability
Microsoft Windows NT <= 4.0 SP5_Terminal Server 4.0 - _Pass the Hash_ with Modified SMB Client Vulnerability
Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - RAS Dial-up Networking 'Save Password' Vulnerability
Microsoft Windows NT <= 4.0 SP5_Terminal Server 4.0 - 'Pass the Hash' with Modified SMB Client Vulnerability
Linux Kernel 2.2/2.3 / Debian Linux 2.1 / RedHat Linux 6.0 / S.u.S.E. Linux 6.1 - IP Options Vulnerability
Linux kernel 2.0/2.1/2.2 - autofs Vulnerability
Linux Kernel 2.0 / 2.1 / 2.2 - autofs Vulnerability
QNAP Turbo NAS 3.6.1 Build 0302T Multiple Vulnerabilities
QNAP Turbo NAS 3.6.1 Build 0302T - Multiple Vulnerabilities
Linux kernel 2.0 - TCP Port DoS Vulnerability
Linux kernel 2.2 - ldd core Vulnerability
Linux Kernel 2.0 - TCP Port DoS Vulnerability
Linux Kernel 2.2 - ldd core Force Reboot Vulnerability
Linux kernel 2.0.33 - IP Fragment Overlap Vulnerability
Linux Kernel 2.0.33 - IP Fragment Overlap Vulnerability
Linux kernel 2.0/2.0.33 - i_count Overflow Vulnerability
Linux Kernel 2.0 / 2.0.33 - i_count Overflow Proof of Concept
IBM System Storage DS Storage Manager Profiler Multiple Vulnerabilities
IBM System Storage DS Storage Manager Profiler - Multiple Vulnerabilities
Linux kernel 2.0.37 - Segment Limit Vulnerability
Linux Kernel 2.0.37 - Segment Limit Local Root Vulnerability
BSD/OS <= 4.0_FreeBSD <= 3.2_Linux kernel <= 2.3_NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability
Linux Kernel <= 2.3_ BSD/OS <= 4.0_ FreeBSD <= 3.2_ NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability
Quinn _the Eskimo_ and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Vulnerability
Quinn 'the Eskimo' and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Vulnerability
Fujitsu Chocoa 1.0 beta7R _Topic_ Buffer Overflow Vulnerability
Fujitsu Chocoa 1.0 beta7R - 'Topic' Buffer Overflow Vulnerability
Linux kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing Vulnerability
Linux Kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing Vulnerability
Microsoft Internet Explorer 5.0 - ActiveX _Object for constructing type libraries for scriptlets_ Vulnerability
Microsoft Internet Explorer 5.0 - ActiveX 'Object for constructing type libraries for scriptlets' Vulnerability
Microsoft Internet Explorer 4.0/5.0 - ActiveX _Eyedog_ Vulnerability
Microsoft Internet Explorer 4.0/5.0 - ActiveX 'Eyedog' Vulnerability
Linux kernel 2.2 - Predictable TCP Initial Sequence Number Vulnerability
Linux Kernel 2.2 - Predictable TCP Initial Sequence Number Vulnerability
MediaHouse Software Statistics Server 4.28/5.1 - _Server ID_ Buffer Overflow Vulnerability
MediaHouse Software Statistics Server 4.28/5.1 - 'Server ID' Buffer Overflow Vulnerability
Tiki Wiki CMS Groupware <= 8.3 - _unserialize()_ PHP Code Execution
Tiki Wiki CMS Groupware <= 8.3 - 'unserialize()' PHP Code Execution
Debian 2.1_Linux kernel 2.0.x_RedHat 5.2 - Packet Length with Options Vulnerability
Debian 2.1_ Linux Kernel 2.0.x_ RedHat 5.2 - Packet Length with Options Vulnerability
Linux Kernel - fs/eventpoll.c Local Denial of Service
Linux Kernel <= 3.2.24 - fs/eventpoll.c Local Denial of Service
Netscape Enterprise Server _Novell Groupwise 5.2/5.5 GWWEB.EXE Multiple Vulnerabilities
Netscape Enterprise Server_ Novell Groupwise 5.2/5.5 GWWEB.EXE - Multiple Vulnerabilities
Netsweeper WebAdmin Portal Multiple Vulnerabilities
Netsweeper WebAdmin Portal - Multiple Vulnerabilities
Check Point Software Firewall-1 3.0/1 4.0_Cisco PIX Firewall 4.x/5.x _ALG_ Client Vulnerability
Check Point Software Firewall-1 3.0/1 4.0_Cisco PIX Firewall 4.x/5.x - 'ALG' Client Vulnerability
gpm 1.18.1/1.19_Debian 2.x_RedHat 6.x_S.u.S.E 5.3/6.x gpm Setgid Vulnerability
gpm 1.18.1/1.19_ Debian 2.x_ RedHat 6.x_ S.u.S.E 5.3/6.x gpm Setgid Vulnerability
Linux kernel 2.2.12/2.2.14/2.3.99_RedHat 6.x - Socket Denial of Service
Linux Kernel 2.2.12/2.2.14/2.3.99_ RedHat 6.x - Socket Denial of Service
Linux Kernel - Sendpage Local Privilege Escalation
Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - Sendpage Local Privilege Escalation (Metasploit)
kernel 2.2.x/2.4 .0-test1_SGI ProPack 1.2/1.3 - Capabilities Vulnerability (1)
kernel 2.2.x/2.4 .0-test1_SGI ProPack 1.2/1.3 - Capabilities Vulnerability (2)
Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1)
Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2)
Cart32 3.0 - _expdate_ Administrative Information Disclosure Vulnerability
Cart32 3.0 - 'expdate' Administrative Information Disclosure Vulnerability
DALnet Bahamut IRCd 4.6.5 - _SUMMON_ Buffer Overflow Vulnerability
DALnet Bahamut IRCd 4.6.5 - 'SUMMON' Buffer Overflow Vulnerability
BitchX IRC Client 75p1/75p3/1.0 c16 - _/INVITE_ Format String Vulnerability
BitchX IRC Client 75p1/75p3/1.0 c16 - '/INVITE' Format String Vulnerability
CVSWeb Developer CVSWeb 1.80 insecure perl _open_ Vulnerability
CVSWeb Developer CVSWeb 1.80 - Insecure perl 'open' Vulnerability
Microsoft IIS 5.0 - _Translate: f_ Source Disclosure Vulnerability (1)
Microsoft IIS 5.0 - _Translate: f_ Source Disclosure Vulnerability (2)
Microsoft IIS 5.0 - 'Translate: f' Source Disclosure Vulnerability (1)
Microsoft IIS 5.0 - 'Translate: f' Source Disclosure Vulnerability (2)
Solaris 2.6/7.0 - _eject_ Exploit for locale subsystem format string
Solaris 2.6/7.0 - 'eject' Exploit for locale subsystem format string
UoW Pine 4.0.4/4.10/4.21 - _From:_ Field Buffer Overflow Vulnerability
UoW Pine 4.0.4/4.10/4.21 - 'From:' Field Buffer Overflow Vulnerability
Microsoft Windows NT 4.0 / 2000 Predictable LPC Message Identifier Multiple Vulnerabilities
Microsoft Windows NT 4.0 / 2000 Predictable LPC Message Identifier - Multiple Vulnerabilities
Tickets CAD 2.20G Multiple Vulnerabilities
Tickets CAD 2.20G - Multiple Vulnerabilities
Cisco IOS 12 - Software _?/_ HTTP Request DoS Vulnerability
Cisco IOS 12 - Software '?/' HTTP Request DoS Vulnerability
Markus Triska CGIForum 1.0 - _thesection_ Directory Traversal Vulnerability
Markus Triska CGIForum 1.0 - 'thesection' Directory Traversal Vulnerability
Tunnelblick - Local Root Exploit
Tunnelblick - Local Root Exploit (1)
Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (1)
Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (2)
Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (3)
Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (4)
Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (1)
Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (2)
Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (3)
Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (4)
ReiserFS 3.5.28 Kernel - DoS (Possible Code Execution Vulnerability)
(Linux Kernel) ReiserFS 3.5.28 - DoS (Possible Code Execution)
Linux kernel 2.1.89/2.2.x - Zero-Length Fragment Vulnerability
Linux Kernel 2.1.89 / 2.2.x - Zero-Length Fragment Vulnerability
Linux sysctl() Kernel 2.2.x - Memory Reading Vulnerability
Linux Kernel 2.2.x - sysctl() Memory Reading Proof of Concept Vulnerability
IOServer _Root Directory_ Trailing Backslash Multiple Vulnerabilities
IOServer - ('Root Directory'/Trailing Backslash) Multiple Vulnerabilities
Linux kernel <= 2.2.18 - ptrace/execve Race Condition Vulnerability (1)
Linux kernel <= 2.2.18 - ptrace/execve Race Condition Vulnerability (2)
Linux Kernel <= 2.2.18 (RH 7.0 and RH 6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (1)
Linux Kernel <= 2.2.18 (RH 7.0 and RH 6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (2)
Linux kernel 2.4 - IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion
Linux Kernel 2.4 - IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion
Rit Research Labs _The Bat!_ 1.x - Missing Linefeeds DoS Vulnerability
Rit Research Labs 'The Bat!' 1.x - Missing Linefeeds DoS Vulnerability
Ad Manager Pro Multiple Vulnerabilities
Ad Manager Pro - Multiple Vulnerabilities
Linux kernel 2.2/2.4 - procfs Stream Redirection to Process Memory Vulnerability
Linux Kernel 2.2 / 2.4 - procfs Stream Redirection to Process Memory Local Root Vulnerability
HP-UX 11_Linux kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 - Small TCP MSS DoS
HP-UX 11_Linux Kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 - Small TCP MSS DoS
ID Software Quake 3 - _smurf attack_ Denial of Service Vulnerability
ID Software Quake 3 - 'smurf attack' Denial of Service Vulnerability
Linux kernel 2.2/2.4 - Deep Symbolic Link Denial of Service Vulnerability
Linux Kernel 2.2 / 2.4 - Deep Symbolic Link Denial of Service Vulnerability
Linux Kernel 2.2/2.4 - Ptrace/Setuid Exec Vulnerability
Linux Kernel 2.2 / 2.4 - Ptrace/Setuid Exec Local Root Vulnerability
Pinterest Clone Script Multiple Vulnerabilities
Pinterest Clone Script - Multiple Vulnerabilities
User-Mode Linux Kernel 2.4.17-8 - Memory Access Vulnerability
User-Mode Linux Kernel 2.4.17-8 - Memory Access Local Root Vulnerability
Sitecom MD-25x Multiple Vulnerabilities Reverse Root Shell Exploit
Sitecom MD-25x - Multiple Vulnerabilitie/ Reverse Root Shell Exploit
Ezylog Photovoltaic Management Server Multiple Vulnerabilities
Ezylog Photovoltaic Management Server - Multiple Vulnerabilities
Auxilium PetRatePro Multiple Vulnerabilities
Netsweeper WebAdmin Portal Multiple Vulnerabilities
Auxilium PetRatePro - Multiple Vulnerabilities
Netsweeper WebAdmin Portal - Multiple Vulnerabilities
Linux Kernel 2.2.x/2.3/2.4.x - d_path() Path Truncation Vulnerability
Linux Kernel 2.2.x / 2.3 / 2.4.x - d_path() Path Truncation PoC Vulnerability
Fortigate UTM WAF Appliance Multiple Vulnerabilities
Fortigate UTM WAF Appliance - Multiple Vulnerabilities
Working Resources BadBlue 1.7 EXT.DLL Cross-Site Scripting Vulnerability
Working Resources BadBlue 1.7 - EXT.DLL Cross-Site Scripting Vulnerability
Working Resources BadBlue 1.7.3 cleanSearchString() Cross-Site Scripting Vulnerability
Working Resources BadBlue 1.7.3 Get Request Denial of Service Vulnerability
Working Resources BadBlue 1.7.3 - cleanSearchString() Cross-Site Scripting Vulnerability
Working Resources BadBlue 1.7.3 - Get Request Denial of Service Vulnerability
Working Resources 1.7.3 BadBlue Null Byte File Disclosure Vulnerability
Working Resources 1.7.3 BadBlue - Null Byte File Disclosure Vulnerability
Working Resources 1.7.x BadBlue Administrative Interface Arbitrary File Access
Working Resources 1.7.x BadBlue - Administrative Interface Arbitrary File Access
Qualcomm Eudora 5 MIME Multipart Boundary Buffer Overflow Vulnerability
Qualcomm Eudora 5 - MIME Multipart Boundary Buffer Overflow Vulnerability
AFD 1.2.x Working Directory Local Buffer Overflow Vulnerabilities
AFD 1.2.x - Working Directory Local Buffer Overflow Vulnerabilities
Trillian 0.74 IRC PART Message Denial of Service Vulnerability
Trillian 0.74 - IRC PART Message Denial of Service Vulnerability
Linux Kernel 2.0.x/2.2.x/2.4.x_FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure
Linux Kernel 2.0.x/2.2.x/2.4.x / FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure
Linux Kernel 2.2.x/2.4.x - Privileged Process Hijacking Vulnerability (1)
Linux Kernel 2.2.x/2.4.x - Privileged Process Hijacking Vulnerability (2)
Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Vulnerability (1)
Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Vulnerability (2)
Invision Power Board <= 3.3.4 - _unserialize()_ PHP Code Execution
Invision Power Board <= 3.3.4 - 'unserialize()' PHP Code Execution
Linux kernel 2.2.x/2.4.x - I/O System Call File Existence Weakness
Linux Kernel 2.2.x / 2.4.x - I/O System Call File Existence Weakness
CheckPoint/Sofaware Firewall Multiple Vulnerabilities
CheckPoint/Sofaware Firewall - Multiple Vulnerabilities
Working Resources 1.7.x/2.15 BadBlue Ext.DLL Command Execution Vulnerability
Working Resources 1.7.x/2.15 BadBlue - Ext.DLL Command Execution Vulnerability
Working Resources BadBlue 1.7.x/2.x Unauthorized HTS Access Vulnerability
Working Resources BadBlue 1.7.x/2.x - Unauthorized HTS Access Vulnerability
Microsoft IIS 5 WebDAV - PROPFIND and SEARCH Method Denial of Service Vulnerability
MYRE Realty Manager Multiple Vulnerabilities
MYRE Realty Manager - Multiple Vulnerabilities
Myrephp Business Directory Multiple Vulnerabilities
MYREphp Vacation Rental Software Multiple Vulnerabilities
Myrephp Business Directory - Multiple Vulnerabilities
MYREphp Vacation Rental Software - Multiple Vulnerabilities
BabyGekko 1.2.2e Multiple Vulnerabilities
BabyGekko 1.2.2e - Multiple Vulnerabilities
Linux kernel 2.2./2.4.x - /proc Filesystem Potential Information Disclosure Vulnerability
Linux Kernel 2.2. / 2.4.x - /proc Filesystem Potential Information Disclosure Vulnerability
Linux Kernel 2.4 - execve() System Call Race Condition Vulnerability
Linux Kernel 2.4 - execve() System Call Race Condition PoC Vulnerability
Aardvark Topsites 4.1 PHP Multiple Vulnerabilities
Aardvark Topsites 4.1 PHP - Multiple Vulnerabilities
phpwcms <= 1.5.4.6 - _preg_replace_ - Multiple Vulnerabilities
phpwcms <= 1.5.4.6 - 'preg_replace' - Multiple Vulnerabilities
KAME Racoon _Initial Contact_ SA Deletion Vulnerability
lionmax software www file share pro 2.4x Multiple Vulnerabilities (1)
lionmax software www file share pro 2.4x Multiple Vulnerabilities (2)
KAME Racoon 'Initial Contact' SA Deletion Vulnerability
lionmax software www file share pro 2.4x - Multiple Vulnerabilities (1)
lionmax software www file share pro 2.4x - Multiple Vulnerabilities (2)
DUware Software Multiple Vulnerabilities
DUware Software - Multiple Vulnerabilities
Linux Kernel Samba 2.2.8 - Share Local Privilege Elevation Vulnerability
Linux Kernel Samba 2.2.8 (Debian/Mandrake) - Share Local Privilege Elevation Vulnerability
ASP Portal Multiple Vulnerabilities
ASP Portal - Multiple Vulnerabilities
Working Resources BadBlue Server 2.40 phptest.php Path Disclosure Vulnerability
Working Resources BadBlue Server 2.40 - phptest.php Path Disclosure Vulnerability
SpiderSales 2.0 Shopping Cart Multiple Vulnerabilities
SpiderSales 2.0 Shopping Cart - Multiple Vulnerabilities
WarpSpeed 4nAlbum Module 0.92 modules.php gid Parameter SQL Injection
WarpSpeed 4nAlbum Module 0.92 - modules.php gid Parameter SQL Injection
Astium VoIP PBX <= 2.1 build 25399 - Multiple Vulnerabilities Remote Root Exploit
Astium VoIP PBX <= 2.1 build 25399 - Multiple Vulnerabilities/Remote Root Exploit
Linux Kernel 2.4/2.6 - Sigqueue Blocking Denial of Service Vulnerability
Linux Kernel 2.4 / 2.6 - Sigqueue Blocking Denial of Service Vulnerability
phpBugTracker 0.9 user.php bugid Parameter XSS
phpBugTracker 0.9 - user.php bugid Parameter XSS
Linux Kernel 2.5.x/2.6.x - CPUFreq Proc Handler Integer Handling Vulnerability
Linux Kernel 2.5.x / 2.6.x - CPUFreq Proc Handler Integer Handling Vulnerability
e107 website system 0.6 - _email article to a friend_ Feature XSS
e107 website system 0.6 - 'email article to a friend' Feature XSS
Rlpr 2.0 msg() Function Multiple Vulnerabilities
Rlpr 2.0 msg() Function - Multiple Vulnerabilities
Mozilla Browser 0.9/1.x Cache File Multiple Vulnerabilities
Mozilla Browser 0.9/1.x Cache File - Multiple Vulnerabilities
SCO Multi-channel Memorandum Distribution Facility Multiple Vulnerabilities
SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities
Working Resources BadBlue 1.7.x/2.x Unauthorized Proxy Relay Vulnerability
Working Resources BadBlue 1.7.x/2.x - Unauthorized Proxy Relay Vulnerability
Netgear SPH200D Multiple Vulnerabilities
Netgear SPH200D - Multiple Vulnerabilities
Fortinet FortiMail 400 IBE Multiple Vulnerabilities
Fortinet FortiMail 400 IBE - Multiple Vulnerabilities
Cisco Unity Express Multiple Vulnerabilities
Cisco Unity Express - Multiple Vulnerabilities
Linux Kernel - /dev/ptmx Key Stroke Timing Local Disclosure
Linux Kernel <= 2.6.32-5 (Debian 6.0.5) - /dev/ptmx Key Stroke Timing Local Disclosure
SAP Netweaver Message Server Multiple Vulnerabilities
SAP Netweaver Message Server - Multiple Vulnerabilities
Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Vulnerability
Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Remote PoC Vulnerability
Microsoft Internet Explorer 6.0_ Firefox 0.x_Netscape 7.x - IMG Tag Multiple Vulnerabilities
Microsoft Internet Explorer 6.0_ Firefox 0.x_Netscape 7.x - IMG Tag - Multiple Vulnerabilities
Ubuntu 12.10 - (64-Bit) sock_diag_handlers - Local Root Exploit
Linux Kernel <= 3.7.10 (Ubuntu 12.10) (64-Bit) - sock_diag_handlers Local Root Exploit
event calendar Multiple Vulnerabilities
event calendar - Multiple Vulnerabilities
opera Web browser 7.54 java implementation Multiple Vulnerabilities (1)
opera Web browser 7.54 java implementation Multiple Vulnerabilities (2)
opera Web browser 7.54 java implementation Multiple Vulnerabilities (3)
opera Web browser 7.54 java implementation Multiple Vulnerabilities (4)
opera Web browser 7.54 java implementation - Multiple Vulnerabilities (1)
opera Web browser 7.54 java implementation - Multiple Vulnerabilities (2)
opera Web browser 7.54 java implementation - Multiple Vulnerabilities (3)
opera Web browser 7.54 java implementation - Multiple Vulnerabilities (4)
ca3de Multiple Vulnerabilities
ca3de - Multiple Vulnerabilities
Vivotek IP Cameras Multiple Vulnerabilities
Vivotek IP Cameras - Multiple Vulnerabilities
Working Resources BadBlue 2.55 MFCISAPICommand Remote Buffer Overflow Vulnerability (1)
Working Resources BadBlue 2.55 MFCISAPICommand Remote Buffer Overflow Vulnerability (2)
Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow Vulnerability (1)
Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow Vulnerability (2)
Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Vulnerability (1)
Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Vulnerability (2)
Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (1)
Linux Kernel 2.6.x / <= 2.6.9 / <= 2.6.11 (RHEL4) - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (2)
Linux Kernel 2.4.x/2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities
Linux Kernel 2.4.x / 2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities
Icecast 2.x - XSL Parser Multiple Vulnerabilities
Icecast 2.x - XSL Parser - Multiple Vulnerabilities
Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (1)
Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (2)
Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (3)
Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (4)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index PoC Vulnerability (1)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (2)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (3)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (4)
Linux Kernel 2.6.37 <= 3.x.x - PERF_EVENTS Local Root Exploit
Linux Kernel 2.6.37 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit
MetaCart2 IntCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 StrSubCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 CurCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 - IntCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 - StrSubCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 - CurCatalogID Parameter Remote SQL Injection Vulnerability
neteyes nexusway border gateway Multiple Vulnerabilities
neteyes nexusway border gateway - Multiple Vulnerabilities
McAfee IntruShield Security Management System Multiple Vulnerabilities
McAfee IntruShield Security Management System - Multiple Vulnerabilities
Gaim AIM/ICQ Protocols Multiple Vulnerabilities
Gaim AIM/ICQ Protocols - Multiple Vulnerabilities
bfcommand & control server 1.22/2.0/2.14 manager Multiple Vulnerabilities
bfcommand & control server 1.22/2.0/2.14 manager - Multiple Vulnerabilities
Linux Kernel <= 2.6 - Console Keymap Local Command Injection Vulnerability
Linux Kernel <= 2.6 - Console Keymap Local Command Injection PoC
QuickPayPro 3.1 subscribers.tracking.edit.php subtrackingid Parameter SQL Injection
QuickPayPro 3.1 - subscribers.tracking.edit.php subtrackingid Parameter SQL Injection
QuickPayPro 3.1 tracking.details.php trackingid Parameter SQL Injection
QuickPayPro 3.1 - tracking.details.php trackingid Parameter SQL Injection
oracle application server discussion forum portlet Multiple Vulnerabilities
oracle application server discussion forum portlet - Multiple Vulnerabilities
Linux Kernel - 'MSR' Driver Local Privilege Escalation
Linux Kernel (Redhat) (32bit/64bit) - 'MSR' Driver Local Privilege Escalation
Linux Kernel 2.4.x/2.5.x/2.6.x - Ssockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities
Linux Kernel 2.4.x/2.5.x/2.6.x - Sockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities
Apache James 2.2 SMTP Denial of Service Vulnerability
Apache James 2.2 - SMTP Denial of Service Vulnerability
Linux Kernel - NFS and EXT3 Combination Remote Denial of Service Vulnerability
Linux Kernel 2.6.x (<= 2.6.17.7) - NFS and EXT3 Combination Remote Denial of Service Vulnerability
Microsoft windows xp/2000/2003 help Multiple Vulnerabilities
Microsoft Windows XP/2000/2003 help - Multiple Vulnerabilities
ArticleSetup Multiple Vulnerabilities
ArticleSetup - Multiple Vulnerabilities
PhotoStore details.php gid Parameter XSS
PhotoStore view_photog.php photogid Parameter XSS
PhotoStore details.php - gid Parameter XSS
PhotoStore view_photog.php - photogid Parameter XSS
MailEnable 2.x SMTP NTLM Authentication Multiple Vulnerabilities
MailEnable 2.x - SMTP NTLM Authentication - Multiple Vulnerabilities
BlooMooWeb 1.0.9 - ActiveX Control Multiple Vulnerabilities
BlooMooWeb 1.0.9 - ActiveX Control - Multiple Vulnerabilities
Simplog 0.9.3 BlogID Parameter Multiple SQL Injection Vulnerabilities
Simplog 0.9.3 BlogID Parameter - Multiple SQL Injection Vulnerabilities
Oracle January 2007 Security Update Multiple Vulnerabilities
Oracle January 2007 Security Update - Multiple Vulnerabilities
Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference Vulnerability
Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference DoS Vulnerability
E-Xoops 1.0.5/1.0.8 modules/arcade/index.php gid Parameter SQL Injection
E-Xoops 1.0.5/1.0.8 modules/arcade/index.php gid Parameter - SQL Injection
LANAI CMS 1.2.14 GALLERY Module gid Parameter SQL Injection
LANAI CMS 1.2.14 GALLERY Module - gid Parameter SQL Injection
OpenBase 10.0.x - Multiple Vulnerabilities (Buffer Overflow & Remote Command Execution)
OpenBase 10.0.x - (Buffer Overflow & Remote Command Execution) Multiple Vulnerabilities
ZyXEL P-330W Multiple Vulnerabilities
ZyXEL P-330W - Multiple Vulnerabilities
WinComLPD Total 3.0.2.623 - Multiple Vulnerabilities (Buffer Overflow and Authentication Bypass)
WinComLPD Total 3.0.2.623 - (Buffer Overflow and Authentication Bypass) Multiple Vulnerabilities
Zilab Chat and Instant Messaging (ZIM) 2.0/2.1 - Server Multiple Vulnerabilities
Zilab Chat and Instant Messaging (ZIM) 2.0/2.1 Server - Multiple Vulnerabilities
Linux Kernel 3.4 < 3.13.2 - Arbitrary write with CONFIG_X86_X32
Linux Kernel 3.4 < 3.13.2 - Local Root (CONFIG_X86_X32=y)
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - Arbitrary Write with CONFIG_X86_X32 Exploit
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - Local Root (CONFIG_X86_X32=y)
IBM solidDB 6.0.10 - Multiple Vulnerabilities (Format String and Denial of Service)
IBM solidDB 6.0.10 - (Format String and Denial of Service) Multiple Vulnerabilities
Linux Kernel < 3.4.5 - Local Root Exploit (ARM - Android 4.2.2 / 4.4)
Linux Kernel < 3.4.5 (ARM - Android 4.2.2 / 4.4) - Local Root Exploit
Catia V5-6R2013 - _CATV5_AllApplications_ - Stack Buffer Overflow
Catia V5-6R2013 - 'CATV5_AllApplications' - Stack Buffer Overflow
Catia V5-6R2013 - _CATV5_Backbone_Bus_ - Stack Buffer Overflow
Catia V5-6R2013 - 'CATV5_Backbone_Bus' - Stack Buffer Overflow
Linux Kernel - utrace and ptrace Local Denial of Service Vulnerability (1)
Linux Kernel - utrace and ptrace Local Denial of Service Vulnerability (2)
Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service Vulnerability (1)
Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service Vulnerability (2)
EasyE-Cards 3.10 - Multiple Vulnerabilities (SQL Injection and Cross-Site Scripting)
EasyE-Cards 3.10 - (SQL Injection and Cross-Site Scripting) Multiple Vulnerabilities
Jamroom <= 3.3.8 - Multiple Vulnerabilities (Cookie Authentication Bypass and Unspecified Security Issues)
Jamroom <= 3.3.8 - (Cookie Authentication Bypass and Unspecified Security Issues) Multiple Vulnerabilities
LuxCal 3.2.2 - Multiple Vulnerabilities (CSRF/Blind SQL Injection)
LuxCal 3.2.2 - (CSRF/Blind SQL Injection) Multiple Vulnerabilities
Linux Kernel 2.6.x - Cloned Process 'CLONE_PARENT' Local Origin Validation Weakness
PG Roommate Finder Solution quick_search.php part Parameter XSS
PG Roommate Finder Solution viewprofile.php part Parameter XSS
PG Roommate Finder Solution - quick_search.php part Parameter XSS
PG Roommate Finder Solution - viewprofile.php part Parameter XSS
Linux Kernel 2.6.31 - 'perf_counter_open()' Local Buffer Overflow Vulnerability
e107 0.7.x - Multiple Vulnerabilities ('CAPTCHA' Security Bypass and Cross-Site Scripting)
e107 0.7.x - ('CAPTCHA' Security Bypass and Cross-Site Scripting) Multiple Vulnerabilities
IBM Rational RequisitePro 7.10 ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp operation Parameter XSS
IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp operation Parameter XSS
Linux Kernel 2.6.x - 'pipe.c' Local Privilege Escalation Vulnerability (1)
Linux Kernel 2.6.x - pipe.c Local Privilege Escalation Vulnerability (2)
Linux Kernel 2.6.x (2.6.0 <= 2.6.31) - 'pipe.c' Local Privilege Escalation Vulnerability (1)
Linux Kernel 2.6.x - 'pipe.c' Local Privilege Escalation Vulnerability (2)
Linux Kernel 3.3 < 3.8 - SOCK_DIAG Local Root Exploit
Linux Kernel 3.3 < 3.8 (Ubuntu/Fedora 18) - SOCK_DIAG Local Root Exploit
Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation
Linux Kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation
Ubuntu 12.04.0-2LTS x64 - perf_swevent_init Kernel Local Root Exploit
Linux Kernel <= 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04.(0_1_2) x64) - perf_swevent_init Local Root Exploit
Linux Kernel - 'find_keyring_by_name()' Local Memory Corruption Vulnerability
Linux Kernel <= 2.6.34 - 'find_keyring_by_name()' Local Memory Corruption Vulnerability
Linux Kernel - ptrace/sysret - Local Privilege Escalation
Linux Kernel < 3.2.0-23 (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation
Trend Micro InterScan Web Security Virtual Appliance Multiple Vulnerabilities
Trend Micro InterScan Web Security Virtual Appliance - Multiple Vulnerabilities
OpenLDAP 2.4.22 - 'modrdn' Request Multiple Vulnerabilities
OpenLDAP 2.4.22 - ('modrdn' Request) Multiple Vulnerabilities
ServletExec - Multiple Vulnerabilities (Directory Traversal and Authentication-Bypass)
ServletExec - (Directory Traversal and Authentication-Bypass) Multiple Vulnerabilities
Creative Contact Form - Arbitrary File Upload
Creative Contact Form 0.9.7 - Arbitrary File Upload
Aireplay-ng 1.2 beta3 - _tcp_test_ Length Parameter Stack Overflow
Aireplay-ng 1.2 beta3 - 'tcp_test' Length Parameter Stack Overflow
Windows OLE - Remote Code Execution _Sandworm_ Exploit (MS14-060)
Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060)
Drupal Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam Multiple Vulnerabilities
Drupal Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam - Multiple Vulnerabilities
CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities
CBN CH6640E/CG6640E Wireless Gateway Series - Multiple Vulnerabilities
Xerox Multifunction Printers (MFP) _Patch_ DLM Vulnerability
Xerox Multifunction Printers (MFP) 'Patch' DLM Vulnerability
Linux Kernel <= 2.6.39 (32-bit & 64-bit) - Mempodipper Local Root (2)
Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) - Mempodipper Local Root (2)
Newv SmartClient 1.1.0 - 'NewvCommon.ocx' ActiveX Control Multiple Vulnerabilities
Newv SmartClient 1.1.0 - 'NewvCommon.ocx' ActiveX Control - Multiple Vulnerabilities
Eclipse 3.3.2 IDE Help Server help/advanced/workingSetManager.jsp workingSet Parameter XSS
Eclipse 3.3.2 IDE - Help Server help/advanced/workingSetManager.jsp workingSet Parameter XSS
Linux Kernel - libfutex - Local Root for RHEL/CentOS 7.0.1406
Linux Kernel <= 3.14.5 (RHEL/CentOS 7) - libfutex Local Root
RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 - ActiveX Control Multiple Vulnerabilities
RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 ActiveX Control - Multiple Vulnerabilities
OS X networkd _effective_audit_token_ XPC Type Confusion Sandbox Escape
OS X networkd - 'effective_audit_token' XPC Type Confusion Sandbox Escape
Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow Vulnerability
Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow Proof of Concept
AJ Classifieds 'listingid' Parameter SQL Injection Vulnerability
AJ Classifieds 'listingid' Parameter - SQL Injection Vulnerability
BlueSoft Social Networking CMS SQL Injection Vulnerability
BlueSoft Social Networking CMS - SQL Injection Vulnerability
Linux Kernel IRET Instruction #SS Fault Handling - Crash PoC
Linux Kernel PPP-over-L2TP Socket Level Handling - Crash PoC
Linux Kernel Associative Array Garbage Collection - Crash PoC
Linux Kernel <= 3.17.5 - IRET Instruction #SS Fault Handling Crash PoC
Linux Kernel <= 3.15.6 - PPP-over-L2TP Socket Level Handling Crash PoC
Linux Kernel <= 3.16.3 - Associative Array Garbage Collection Crash PoC
Linux Kernel - Network Namespace Remote Denial of Service Vulnerability
Linux Kernel <= 2.6.35 - Network Namespace Remote Denial of Service Vulnerability
Kayako SupportSuite 3.x Multiple Vulnerabilities
Kayako SupportSuite 3.x - Multiple Vulnerabilities
Linux Kernel splice() System Call - Local DoS
Linux Kernel <= 3.13 / <= 3.14 (Ubuntu) - splice() System Call Local DoS
Mac OS X - _Rootpipe_ Privilege Escalation
Mac OS X - 'Rootpipe' Privilege Escalation
Apport - Local Linux Root
Apport 2.14.1 (Ubuntu 14.04.2) - Linux Local Root Exploit
SixApart MovableType Storable Perl Code Execution
SixApart MovableType - Storable Perl Code Execution
WordPress TagGator 'tagid' Parameter SQL Injection Vulnerability
WordPress TagGator 'tagid' Parameter - SQL Injection Vulnerability
JSPMyAdmin 1.1 Multiple Vulnerabilities
JSPMyAdmin 1.1 - Multiple Vulnerabilities
WordPress NewStatPress Plugin 0.9.8 Multiple Vulnerabilities
WordPress Landing Pages Plugin 1.8.4 Multiple Vulnerabilities
WordPress NewStatPress Plugin 0.9.8 - Multiple Vulnerabilities
WordPress Landing Pages Plugin 1.8.4 - Multiple Vulnerabilities
ESC 8832 Data Controller Multiple Vulnerabilities
ESC 8832 Data Controller - Multiple Vulnerabilities
ZTE AC 3633R USB Modem Multiple Vulnerabilities
ZTE AC 3633R USB Modem - Multiple Vulnerabilities
OSSEC 2.7 <= 2.8.1 - _diff_ Command Local Root Escalation
OSSEC 2.7 <= 2.8.1 - 'diff' Command Local Root Escalation
Ubuntu 12.04_ 14.04_ 14.10_ 15.04 - overlayfs Local Root (Shell)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shell)
Ubuntu 12.04_ 14.04_ 14.10_ 15.04 - overlayfs Local Root (Shadow File)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shadow File)
OSSEC WUI 0.8 - Denial of Service
Adobe Flash Use-After-Free in Drawing Methods _this_
Adobe Flash - Use-After-Free in Drawing Methods 'this'
Kaspersky Antivirus _Yoda's Protector_ Unpacking Memory Corruption
Kaspersky Antivirus - Yoda's Protector Unpacking Memory Corruption
Kallithea 0.2.9 (came_from) HTTP Response Splitting Vulnerability
Kallithea 0.2.9 - (came_from) HTTP Response Splitting Vulnerability
Linux/MIPS Kernel NetUSB - Remote Code Execution Exploit
Linux/MIPS Kernel 2.6.36 NetUSB - Remote Code Execution Exploit
Linux Kernel <= 3.2.1 - Tracing Mutiple Local Denial of Service Vulnerabilities
Cisco Linksys WRT310N Router Multiple Denial of Service Vulnerabilities
Cisco Linksys WRT310N Router - Multiple Denial of Service Vulnerabilities
WordPress WP Private Messages Plugin 'msgid' Parameter SQL Injection Vulnerability
WordPress WP Private Messages Plugin - 'msgid' Parameter SQL Injection Vulnerability
Microsoft Windows Media Center Library Parsing RCE Vulnerability aka _self-executing_ MCL File
Microsoft Windows Media Center Library - Parsing RCE Vulnerability aka 'self-executing' MCL File
MyBB 'misc.php' Remote Denial of Service Vulnerability
MyBB 1.6.12 - 'misc.php' Remote Denial of Service Vulnerability
WHMCS 'cart.php' Denial of Service Vulnerability
phpBB <= 3.0.8 Remote Denial of Service Vulnerability
WHMCS 5.12 - 'cart.php' Denial of Service Vulnerability
phpBB <= 3.0.8 - Remote Denial of Service Vulnerability
Ubuntu 14.04 LTS_ 15.10 - overlayfs Local Root Exploit
Linux Kernel <=4.3.3 (Ubuntu 14.04_ 15.10) - overlayfs Local Root Exploit
Linux Kernel overlayfs - Local Privilege Escalation
Linux Kernel <= 4.3.3 overlayfs - Local Privilege Escalation
Inductive Automation Ignition 7.8.1 Remote Leakage Of Shared Buffers
Inductive Automation Ignition 7.8.1 - Remote Leakage Of Shared Buffers
Linux Kernel - REFCOUNT Overflow/Use-After-Free in Keyrings
Linux Kernel <= 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings
Linux Kernel - prima WLAN Driver Heap Overflow
Linux Kernel <= 3.x / <= 4.x - prima WLAN Driver Heap Overflow
Multiple Aztech Routers '/cgi-bin/AZ_Retrain.cgi' Denial of Service Vulnerability
Multiple Aztech Routers - '/cgi-bin/AZ_Retrain.cgi' Denial of Service Vulnerability
WordPress Wordfence Security Plugin Multiple Vulnerabilities
WordPress Wordfence Security Plugin - Multiple Vulnerabilities
STIMS Buffer - Buffer Overflow SEH - DoS
STIMS Cutter - Buffer Overflow DoS
STIMS Buffer 1.1.20 - Buffer Overflow SEH (DoS)
STIMS Cutter 1.1.3.20 - Buffer Overflow DoS
Linux Kernel - digi_acceleport Nullpointer Dereference
Linux Kernel - Wacom Multiple Nullpointer Dereferences
Linux Kernel - visor (treo_attach) Nullpointer Dereference
Linux Kernel - visor clie_5_attach Nullpointer Dereference
Linux Kernel - cypress_m8 Nullpointer Dereference
Linux Kernel - mct_u232 Nullpointer Dereference
Linux Kernel - cdc_acm Nullpointer Dereference
Linux Kernel - aiptek Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - digi_acceleport Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - Wacom Multiple Nullpointer Dereferences
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - visor (treo_attach) Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - visor clie_5_attach Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - cypress_m8 Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - mct_u232 Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - cdc_acm Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - aiptek Nullpointer Dereference
RHEL 7.1 Kernel - snd-usb-audio Crash PoC
RHEL 7.1 Kernel - iowarrior driver Crash PoC
RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - snd-usb-audio Crash PoC
RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - iowarrior driver Crash PoC
LShell <= 0.9.15 - Remote Code Execution
LShell <= 0.9.15 - Remote Code Execution
Exim _perl_startup_ Privilege Escalation
Exim - 'perl_startup' Privilege Escalation
NetCommWireless HSPA 3G10WVE Wireless Router – Multiple Vulnerabilities
NetCommWireless HSPA 3G10WVE Wireless Router - Multiple Vulnerabilities
Linux Kernel 4.4.x (Ubuntu 16.04) - Use-After-Free via double-fdput() in bpf(BPF_PROG_LOAD) Error Path Local Root Exploit
Linux Kernel 4.4.x (Ubuntu 16.04) - double-fdput() in bpf(BPF_PROG_LOAD) Local Root Exploit
i.FTP 2.21 - Host Address / URL Field SEH Exploit
All Windows Null-Free Shellcode - Functional Keylogger to File - 601 (0x0259) bytes
MediaInfo 0.7.61 - Crash PoC
Ipswitch WS_FTP LE 12.3 - Search field SEH Overwrite POC
Core FTP Server 32-bit Build 587 - Heap Overflow
Multiple JVC HDRs and Net Cameras - Multiple Vulnerabilities
Adobe Reader DC 15.010.20060 - Memory Corruption
Nfdump Nfcapd 1.6.14 - Multiple Vulnerabilities
2016-05-11 05:03:54 +00:00
Offensive Security
01664c67b8
DB: 2016-05-10
...
11 new exploits
JITed egg-hunter stage-0 shellcode Adjusted universal for xp/vista/win7
JITed egg-hunter stage-0 shellcode Adjusted universal for XP/Vista/Windows 7
BlazeDVD 5.1- (.plf) Stack Buffer Overflow PoC Exploit - ALSR/DEP Bypass on Win7
BlazeDVD 5.1 - (.plf) Stack Buffer Overflow PoC Exploit (Windows 7 ALSR/DEP Bypass)
Winamp 5.572 - Local BoF Exploit (Win7 ASLR and DEP Bypass)
Winamp 5.572 - Local BoF Exploit (Windows 7 ASLR and DEP Bypass)
RM Downloader 3.1.3 - Local SEH Exploit (Win7 ASLR and DEP Bypass)
RM Downloader 3.1.3 - Local SEH Exploit (Windows 7 ASLR and DEP Bypass)
UFO: Alien Invasion 2.2.1 - BoF Exploit (Win7 ASLR and DEP Bypass)
UFO: Alien Invasion 2.2.1 - BoF Exploit (Windows 7 ASLR and DEP Bypass)
The KMPlayer 3.0.0.1440 - (.mp3) Buffer Overflow Exploit (Win7 + ASLR Bypass)
The KMPlayer 3.0.0.1440 - (.mp3) Buffer Overflow Exploit (Windows 7 + ASLR Bypass)
Mozilla Firefox 3.6.16 mChannel Object Use After Free Exploit (Win7)
Mozilla Firefox 3.6.16 - mChannel Object Use After Free Exploit (Windows 7)
QQPLAYER PICT PnSize Buffer Overflow WIN7 DEP_ASLR BYPASS
QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR BYPASS
GNU Bash - Environment Variable Command Injection (ShellShock)
Bash - Environment Variables Code Injection Exploit (ShellShock)
GNU Bash - Environment Variable Command Injection (Shellshock)
Bash - Environment Variables Code Injection Exploit (Shellshock)
OpenVPN 2.2.29 - ShellShock Exploit
OpenVPN 2.2.29 - Shellshock Exploit
Bash - CGI RCE Shellshock Exploit (Metasploit)
Bash CGI - RCE Shellshock Exploit (Metasploit)
PHP 5.x (< 5.6.2) - Shellshock Exploit (Bypass disable_functions)
PHP 5.x (< 5.6.2) - Bypass disable_functions (Shellshock Exploit)
OSSEC 2.8 - Privilege Escalation
OSSEC 2.8 - hosts.deny Privilege Escalation
ShellShock dhclient Bash Environment Variable Command Injection PoC
dhclient 4.1 - Bash Environment Variable Command Injection PoC (Shellshock)
OSSEC 2.7 <= 2.8.1 - Local Root Escalation
OSSEC 2.7 <= 2.8.1 - _diff_ Command Local Root Escalation
Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) #2
Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (2)
BigTree CMS Cross Site Request Forgery Vulnerability
Advantech Switch Bash Environment Variable Code Injection (Shellshock)
Advantech Switch - Bash Environment Variable Code Injection (Shellshock)
KiTTY Portable <= 0.65.0.2p Local kitty.ini Overflow (Wow64 Egghunter Win7)
KiTTY Portable <= 0.65.0.2p Local kitty.ini Overflow (Win8.1/Win10)
KiTTY Portable <= 0.65.0.2p - Local kitty.ini Overflow (Wow64 Egghunter Windows 7)
KiTTY Portable <= 0.65.0.2p - Local kitty.ini Overflow (Windows 8.1/Windows 10)
Windows Null-Free Shellcode - Primitive Keylogger to File - 431 (0x01AF) bytes
Ajaxel CMS 8.0 - Multiple Vulnerabilities
i.FTP 2.21 - Host Address / URL Field SEH Exploit
Dell SonicWall Scrutinizer <= 11.0.1 - setUserSkin/deleteTab SQL Injection Remote Code Execution
ZeewaysCMS - Multiple Vulnerabilities
ASUS Memory Mapping Driver (ASMMAP/ASMMAP64): Physical Memory Read/Write
Certec EDV atvise SCADA Server 2.5.9 - Privilege Escalation
Microsoft Windows 7 - WebDAV Privilege Escalation Exploit (MS16-016) (2)
RPCScan 2.03 - Hostname/IP Field SEH Overwrite PoC
ImageMagick Delegate Arbitrary Command Execution
Ruby on Rails Development Web Console (v2) Code Execution
2016-05-10 05:02:47 +00:00
Offensive Security
5a82bad23d
DB: 2016-05-05
...
14 new exploits
Alibaba Clone B2B Script - Admin Authentication Bypass
CMS Made Simple < 2.1.3 & < 1.12.1 - Web Server Cache Poisoning
Acunetix WP Security Plugin 3.0.3 - XSS
NetCommWireless HSPA 3G10WVE Wireless Router – Multiple Vulnerabilities
TRN Threaded USENET News Reader 3.6-23 - Local Stack-Based Overflow
IPFire < 2.19 Core Update 101 - Remote Command Execution
PHP Imagick 3.3.0 - disable_functions Bypass
ImageMagick < 6.9.3-9 - Multiple Vulnerabilities
OpenSSL Padding Oracle in AES-NI CBC MAC Check
Zabbix Agent 3.0.1 - mysql.size Shell Command Injection
McAfee LiveSafe 14.0 - Relocations Processing Memory Corruption
Linux (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow)
Linux Kernel 4.4.x (Ubuntu 16.04) - Use-After-Free via double-fdput() in bpf(BPF_PROG_LOAD) Error Path Local Root Exploit
Linux (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps
2016-05-05 05:04:38 +00:00
Offensive Security
28f57d0dba
DB: 2016-05-03
...
5 new exploits
WordPress Ghost Plugin 0.5.5 - Unrestricted Export Download
.Net Framework Execute Native x86 Shellcode
Acunetix WVS 10 - Remote Command Execution (System)
Apache Struts Dynamic Method Invocation Remote Code Execution
QSEE - PRDiag* Commands Privilege Escalation Exploit
2016-05-03 05:04:01 +00:00
Offensive Security
7472667089
DB: 2016-04-30
...
9 new exploits
Linux x86 Reverse TCP Shellcode (ipv6)
Observium 0.16.7533 - Cross Site Request Forgery
Observium 0.16.7533 - Authenticated Arbitrary Command Execution
Merit Lilin IP Cameras - Multiple Vulnerabilities
Rough Auditing Tool for Security (RATS) 2.3 - Array Out of Block Crash
Wireshark - dissect_2008_16_security_4 Stack-Based Buffer Overflow
Wireshark - alloc_address_wmem Assertion Failure
Wireshark - ett_zbee_zcl_pwr_prof_enphases Static Out-of-Bounds Read
GLPi 0.90.2 - SQL Injection
2016-04-30 05:01:53 +00:00
Offensive Security
fe5081847e
DB: 2016-04-27
...
4 new exploits
Yasr Screen Reader 0.6.9 - Local Buffer Overflow
Advantech WebAccess Dashboard Viewer Arbitrary File Upload
libgd 2.1.1 - Signedness Heap Overflow
ImpressCMS 1.3.9 - SQL Injection
2016-04-27 05:02:48 +00:00
Offensive Security
22a4c5d4cc
DB: 2016-04-22
...
5 new exploits
freePBX 2.1.3 (upgrade.php) Remote File Include Vulnerability
FreePBX 2.1.3 - (upgrade.php) Remote File Include Vulnerability
FreePBX <= 2.8.0 Recordings Interface Allows Remote Code Execution
FreePBX <= 2.8.0 - Recordings Interface Allows Remote Code Execution
FreePBX 2.10.0 / 2.9.0 callmenum Remote Code Execution
FreePBX 2.10.0 / 2.9.0 - callmenum Remote Code Execution
FreePBX 2.2 SIP Packet Multiple HTML Injection Vulnerabilities
FreePBX 2.2 - SIP Packet Multiple HTML Injection Vulnerabilities
FreePBX config.php Remote Code Execution
FreePBX - config.php Remote Code Execution
FreePBX 2.5.2 admin/config.php tech Parameter XSS
FreePBX 2.5.2 Zap Channel Addition Description Parameter XSS
FreePBX 2.5.2 - admin/config.php tech Parameter XSS
FreePBX 2.5.2 - Zap Channel Addition Description Parameter XSS
phpLiteAdmin 1.9.6 - Multiple Vulnerabilities
Symantec Brightmail 10.6.0-7- LDAP Credentials Disclosure
Gemtek CPE7000 / WLTCS-106 - Multiple Vulnerabilities
Linux/x86_64 - bindshell (Port 5600) - 86 bytes
Microsoft Windows 7-10 & Server 2008-2012 - Local Privilege Escalation (x32/x64) (MS16-032) (Powershell)
2016-04-22 05:03:45 +00:00
Offensive Security
bd5d486987
DB: 2016-04-21
...
4 new exploits
Webutler CMS 3.2 - Cross-Site Request Forgery
PHPBack 1.3.0 - SQL Injection
Windows Kernel - DrawMenuBarTemp Wild-Write (MS16-039)
Hyper-V - vmswitch.sys VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow
2016-04-21 05:02:17 +00:00
Offensive Security
c5173dee60
DB: 2016-04-20
...
1 new exploits
modified eCommerce Shopsoftware 2.0.0.0 rev 9678 - Blind SQL Injection
2016-04-20 05:02:48 +00:00
Offensive Security
29fc5c4082
DB: 2016-04-19
...
5 new exploits
Linux Kernel <= 2.6.28.3 - set_selection() UTF-8 Off By One Local Exploit
Linux Kernel <= 2.6.28.3 - set_selection() UTF-8 Off By One Local Exploit (x86-64)
WordPress leenk.me Plugin 2.5.0 - CSRF/XSS
WordPress Kento Post View Counter Plugin 2.8 - CSRF/XSS
TH692 Outdoor P2P HD Waterproof IP Camera - Hard Coded Credentials
Novell ServiceDesk Authenticated File Upload
pfSense Community Edition 2.2.6 - Multiple Vulnerabilities
2016-04-19 05:04:12 +00:00
Offensive Security
b185ddf9b2
DB: 2016-04-15
...
6 new exploits
RockMongo PHP MongoDB Administrator 1.1.8 - Multiple Vulnerabilities
Microsoft Office Excel Out-of-Bounds Read Remote Code Execution (MS16-042)
pfSense Firewall <= 2.2.6 - Services CSRF
Brickcom Corporation Network Cameras - Multiple Vulnerabilities
PHPmongoDB 1.0.0 - Multiple Vulnerabilities
Internet Explorer 9_ 10_ 11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)
2016-04-15 05:03:51 +00:00
Offensive Security
95ea5e17e0
DB: 2016-04-13
...
1 new exploits
Ovidentia troubleticketsModule 7.6 - Remote File Inclusion
2016-04-13 05:03:50 +00:00
Offensive Security
921bb6b2e3
DB: 2016-04-12
...
9 new exploits
Hikvision Digital Video Recorder - Cross-Site Request Forgery
WPN-XM Serverstack 0.8.6 - Cross Site Request Forgery
OpenCart 2.1.0.2 to 2.2.0.0 - json_decode Function Remote Code Execution
CAM UnZip 5.1 - Archive Path Traversal
Axis Network Cameras - Multiple Vulnerabilities
Linux/x86_64 - bindshell (PORT: 5600) - 81 bytes
Android - IOMX getConfig/getParameter Information Disclosure
Android - IMemory Native Interface is Insecure for IPC Use
Novell Service Desk 7.1.0_ 7.0.3 and 6.5 - Multiple Vulnerabilities
2016-04-12 05:04:12 +00:00
Offensive Security
830ff3bd6a
DB: 2016-04-10
2016-04-10 05:03:48 +00:00
Offensive Security
1f79ff2236
DB: 2016-04-09
...
3 new exploits
WordPress Freshmail - Unauthenticated SQL Injection
WordPress Plugin Freshmail 1.5.8 - Unauthenticated SQL Injection
Express Zip <= 2.40 - Path Traversal
Apple Intel HD 3000 Graphics driver 10.0.0 - Local Privilege Escalation
op5 7.1.9 - Remote Command Execution
2016-04-09 05:02:52 +00:00
Offensive Security
48af7fb829
DB: 2016-04-07
...
5 new exploits
Asbru Web Content Management System 9.2.7 - Multiple Vulnerabilities
SocialEngine 4.8.9 - SQL Injection
Linux x86 - Disable ASLR by Setting the RLIMIT_STACK Resource to Unlimited
Panda Security URL Filtering < 4.3.1.9 - Privilege Escalation
Panda Endpoint Administration Agent < 7.50.00 - Privilege Escalation
2016-04-07 05:01:52 +00:00
Offensive Security
60fd0ef490
DB: 2016-04-06
...
5 new exploits
Easy File Sharing HTTP Server 7.2 SEH Overflow
PCMAN FTP Server Buffer Overflow - PUT Command
Internet Explorer - MSHTML!CSVGHelpers::SetAttributeStringAndPointer Use-After-Free (MS16-023)
ManageEngine Password Manager Pro 8102 to 8302 - Multiple Vulnerabilities
Windows Kernel Win32k.sys Privilege Escalation Exploit (MS14-058)
2016-04-06 05:04:31 +00:00
Offensive Security
5a85093c53
DB: 2016-04-04
...
1 new exploits
Microsoft Windows 2003/XP - AFD.sys Privilege Escalation Exploit (K-plugin)
Microsoft Windows 2003/XP - afd.sys Privilege Escalation Exploit (K-plugin)
Microsoft Windows XP - AFD.sys Local Kernel DoS Exploit
Microsoft Windows XP - afd.sys Local Kernel DoS Exploit
Microsoft Windows XP/2003 Afd.sys - Local Privilege Escalation Exploit (MS11-080)
Microsoft Windows XP/2003 - afd.sys Local Privilege Escalation Exploit (MS11-080)
Microsoft Windows - AFD.SYS Dangling Pointer Privilege Escalation (MS14-040)
Microsoft Windows - afd.sys Dangling Pointer Privilege Escalation (MS14-040)
Microsoft Windows 7 x64 - AFD.SYS Privilege Escalation (MS14-040)
Microsoft Windows 7 x64 - afd.sys Privilege Escalation (MS14-040)
WordPress Advanced Video Plugin 1.0 - Local File Inclusion (LFI)
2016-04-04 05:02:53 +00:00
Offensive Security
5de0917681
DB: 2016-04-01
...
4 new exploits
Apache 1.3.x mod_mylo Remote Code Execution Exploit
Apache 1.3.x mod_mylo - Remote Code Execution Exploit
Apache <= 1.3.31 mod_include Local Buffer Overflow Exploit
Apache <= 1.3.31 mod_include - Local Buffer Overflow Exploit
Sire 2.0 (lire.php) Remote File Inclusion/Arbitary File Upload Vulnerability
Sire 2.0 (lire.php) - Remote File Inclusion/Arbitrary File Upload Vulnerability
HP Digital Imaging (hpqxml.dll 2.0.0.133) Arbitary Data Write Exploit
HP Digital Imaging (hpqxml.dll 2.0.0.133) - Arbitrary Data Write Exploit
SecureBlackbox (PGPBBox.dll 5.1.0.112) Arbitary Data Write Exploit
SecureBlackbox (PGPBBox.dll 5.1.0.112) - Arbitrary Data Write Exploit
Kwalbum <= 2.0.2 Arbitary File Upload Vulnerability
Kwalbum <= 2.0.2 - Arbitrary File Upload Vulnerability
ZaoCMS (PhpCommander) Arbitary Remote File Upload Vulnerability
ZaoCMS (PhpCommander) - Arbitrary Remote File Upload Vulnerability
CMS Balitbang 3.3 Arbitary File Upload Vulnerability
CMS Balitbang 3.3 - Arbitrary File Upload Vulnerability
CMS Lokomedia 1.5 Arbitary File Upload Vulnerability
CMS Lokomedia 1.5 - Arbitrary File Upload Vulnerability
Apache 1.3.12 WebDAV Directory Listings Vulnerability
Apache 1.3.12 - WebDAV Directory Listings Vulnerability
Apache 1.3 Web Server with Php 3 File Disclosure Vulnerability
Apache 1.3 Web Server with PHP 3 - File Disclosure Vulnerability
NCSA 1.3/1.4.x/1.5_Apache httpd 0.8.11/0.8.14 ScriptAlias Source Retrieval Vulnerability
NCSA 1.3/1.4.x/1.5_ Apache httpd 0.8.11/0.8.14 - ScriptAlias Source Retrieval Vulnerability
Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (1)
Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (2)
Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (3)
Apache 1.3 Artificially Long Slash Path Directory Listing Vulnerability (4)
Apache 1.3 - Artificially Long Slash Path Directory Listing Vulnerability (1)
Apache 1.3 - Artificially Long Slash Path Directory Listing Vulnerability (2)
Apache 1.3 - Artificially Long Slash Path Directory Listing Vulnerability (3)
Apache 1.3 - Artificially Long Slash Path Directory Listing Vulnerability (4)
Shareplex 2.1.3.9/2.2.2 beta - Arbitary Local File Disclosure Vulnerability
Shareplex 2.1.3.9/2.2.2 beta - Arbitrary Local File Disclosure Vulnerability
Apache 1.3 Possible Directory Index Disclosure Vulnerability
Apache 1.3 - Possible Directory Index Disclosure Vulnerability
Apache 1.0/1.2/1.3 Server Address Disclosure Vulnerability
Apache 1.0/1.2/1.3 - Server Address Disclosure Vulnerability
Apache 1.3/2.0.x Server Side Include Cross-Site Scripting Vulnerability
Apache 1.3/2.0.x - Server Side Include Cross-Site Scripting Vulnerability
sendmail 8.11.6 Address Prescan Memory Corruption Vulnerability
SendMail 8.11.6 - Address Prescan Memory Corruption Vulnerability
Apache 1.3.x mod_include Local Buffer Overflow Vulnerability
Apache 1.3.x mod_include - Local Buffer Overflow Vulnerability
Apache 1.3.x HTDigest Realm Command Line Argument Buffer Overflow Vulnerability (1)
Apache 1.3.x HTDigest Realm Command Line Argument Buffer Overflow Vulnerability (2)
Apache 1.3.x - HTDigest Realm Command Line Argument Buffer Overflow Vulnerability (1)
Apache 1.3.x - HTDigest Realm Command Line Argument Buffer Overflow Vulnerability (2)
PodHawk 1.85 - Arbitary File Upload Vulnerability
PodHawk 1.85 - Arbitrary File Upload Vulnerability
LibrettoCMS File Manager Arbitary File Upload Vulnerability
LibrettoCMS File Manager - Arbitrary File Upload Vulnerability
DotNetNuke DNNspot Store 3.0.0 Arbitary File Upload
DotNetNuke DNNspot Store 3.0.0 - Arbitrary File Upload
Axway Secure Transport 5.1 SP2 - Arbitary File Upload via CSRF
Axway Secure Transport 5.1 SP2 - Arbitrary File Upload via CSRF
Apache Spark Cluster 1.3.x - Arbitary Code Execution
Apache Spark Cluster 1.3.x - Arbitrary Code Execution
Elastix 'graph.php' Local File Include Vulnerability
Elastix 2.2.0 - 'graph.php' Local File Include Vulnerability
MOBOTIX Video Security Cameras - CSRF Add Admin Exploit
Apache OpenMeetings 1.9.x - 3.1.0 - ZIP File path Traversal
Apache Jetspeed Arbitrary File Upload
Wireshark - dissect_pktc_rekey Heap-based Out-of-Bounds Read
2016-04-01 05:03:13 +00:00
Offensive Security
5d20c14812
DB: 2016-03-31
...
10 new exploits
Wordpress Plugin IMDb Profile Widget 1.0.8 - Local File Inclusion
WordPress Photocart Link Plugin 1.6 - Local File Inclusion
LShell <= 0.9.15 - Remote Code Execution
Apple Quicktime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 1
Apple Quicktime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 2
Apple Quicktime < 7.7.79.80.95 - PSD File Parsing Memory Corruption
CubeCart 6.0.10 - Multiple Vulnerabilities
Kamailio 4.3.4 - Heap-Based Buffer Overflow
ATutor 2.2.1 Directory Traversal / Remote Code Execution
Metaphor - Stagefright Exploit with ASLR Bypass
2016-03-31 05:01:58 +00:00
Offensive Security
67cc75a29b
DB: 2016-03-29
...
9 new exploits
Serv-U 3x - 5.x - Local Privilege Escalation Exploit
Serv-U 3.x - 5.x - Local Privilege Escalation Exploit
SHOUTcast 1.9.4 File Request Format String Remote Exploit (win)
SHOUTcast 1.9.4 - File Request Format String Remote Exploit (Windows)
Monstra CMS 3.0.3 - Multiple Vulnerabilities
pragmaMX Module Landkarten 2.1 - Local File Inclusion Exploit (win)
GeBlog 0.1 - GLOBALS[tplname] Local File Inclusion Exploit (win)
pragmaMX Module Landkarten 2.1 - Local File Inclusion Exploit (Windows)
GeBlog 0.1 - GLOBALS[tplname] Local File Inclusion Exploit (Windows)
PicoFlat CMS 0.5.9 - Local File Inclusion Vulnerabilitty (win)
PicoFlat CMS 0.5.9 - Local File Inclusion Vulnerabilitty (Windows)
Tribiq CMS 5.0.10a - Local File Inclusion Vulnerability (win)
Tribiq CMS 5.0.10a - Local File Inclusion Vulnerability (Windows)
Apache Tomcat - runtime.getRuntime().exec() Privilege Escalation (win)
Apache Tomcat - runtime.getRuntime().exec() Privilege Escalation (Windows)
AJA Portal 1.2 - Local File Inclusion Vulnerabilities (win)
AJA Portal 1.2 - Local File Inclusion Vulnerabilities (Windows)
Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption PoC (MS09-002)
Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption PoC (MS09-002)
XBMC 8.10 (Get Request) Remote Buffer Overflow Exploit (win)
XBMC 8.10 - (GET Request) Remote Buffer Overflow Exploit (Windows)
MonGoose 2.4 Webserver Directory Traversal Vulnerability (win)
MonGoose 2.4 - Webserver Directory Traversal Vulnerability (Windows)
Apple iTunes 8.1.1.10 - (itms/itcp) Remote Buffer Overflow Exploit (win)
Apple iTunes 8.1.1.10 - (itms/itcp) Remote Buffer Overflow Exploit (Windows)
Adobe Related Service - (getPlus_HelperSvc.exe) Local Privilege Escalation
Adobe 9.x Related Service - (getPlus_HelperSvc.exe) Local Privilege Escalation
PulseAudio setuid - Local Privilege Escalation Exploit
Adobe Acrobat 9.1.2 - NOS Local Privilege Escalation Exploit
Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit (C)
Adobe Acrobat 9.1.2 - NOS Local Privilege Escalation Exploit (py)
Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit (Python)
Serv-u Web client 9.0.0.5 - Buffer Overflow
Serv-U Web Client 9.0.0.5 - Buffer Overflow (2)
Serv-u Web client 9.0.0.5 - Buffer Overflow
Serv-U Web Client 9.0.0.5 - Buffer Overflow (1)
Qihoo 360 Security Guard breg device drivers Privilege Escalation Vulnerability
Qihoo 360 Security Guard 6.1.5.1009 - breg device drivers Privilege Escalation Vulnerability
Sysax Multi Server (SFTP module) Multiple Commands DoS Vulnerabilities
Sysax Multi Server < 5.25 - (SFTP Module) Multiple Commands DoS Vulnerabilities
Integard Pro 2.2.0.9026 - Windows 7 ROP-Code (Metasploit)
Integard Pro 2.2.0.9026 - Windows 7 ROP-Code (Metasploit)
WordPress Plugin mingle forum <= 1.0.26 - Multiple Vulnerabilities
WordPress Plugin mingle forum <= 1.0.26 - Multiple Vulnerabilities
Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067)
Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067)
WordPress Plugin ajax category dropdown 0.1.5 - Multiple Vulnerabilities
WordPress Plugin ajax category dropdown 0.1.5 - Multiple Vulnerabilities
Sysax Multi Server 5.50 Create Folder BOF
Sysax Multi Server 5.50 - Create Folder BOF
Sysax Multi Server <= 5.52 File Rename BoF RCE (Egghunter)
Sysax Multi Server <= 5.52 - File Rename BoF RCE (Egghunter)
Sysax Multi Server 5.53 SFTP Post Auth SEH Exploit
Sysax <= 5.53 SSH Username BoF Pre Auth RCE (Egghunter)
Sysax Multi Server 5.53 - SFTP Post Auth SEH Exploit
Sysax <= 5.53 - SSH Username BoF Pre Auth RCE (Egghunter)
Sysax 5.53 SSH Username Buffer Overflow (Metasploit)
Sysax 5.53 - SSH Username Buffer Overflow (Metasploit)
sysax <= 5.57 - Directory Traversal
Sysax <= 5.57 - Directory Traversal
Sysax <= 5.60 Create SSL Certificate Buffer Overflow
Sysax <= 5.60 - Create SSL Certificate Buffer Overflow
Sysax <= 5.62 Admin Interface Local Buffer Overflow
Sysax <= 5.62 - Admin Interface Local Buffer Overflow
Sysax Multi-Server 5.64 Create Folder Buffer Overflow
Sysax Multi Server 5.64 Create Folder Buffer Overflow
Sysax Multi Server 5.64 - Create Folder Buffer Overflow
ActFax 4.31 - Local Privilege Escalation Exploit
ActFax Server 4.31 Build 0225 - Local Privilege Escalation Exploit
PHP-Nuke Search Module - Modules.PHP Remote Directory Traversal Vulnerability
PHP-Nuke Search Module - Modules.PHP Remote Directory Traversal Vulnerability
STHS v2 Web Portal prospects.php team Parameter SQL Injection
STHS v2 Web Portal prospect.php team Parameter SQL Injection
STHS v2 Web Portal team.php team Parameter SQL Injection
STHS v2 Web Portal - prospects.php team Parameter SQL Injection
STHS v2 Web Portal - prospect.php team Parameter SQL Injection
STHS v2 Web Portal - team.php team Parameter SQL Injection
WK UDID v1.0.1 iOS - Command Inject Vulnerability
WK UDID 1.0.1 iOS - Command Inject Vulnerability
Hawkeye-G v3.0.1.4912 CSRF Vulnerability
Hawkeye-G 3.0.1.4912 - CSRF Vulnerability
Hawkeye-G v3.0.1.4912 Persistent XSS & Information Leakage
Hawkeye-G 3.0.1.4912 - Persistent XSS & Information Leakage
Reaver Pro Local Privilege Escalation Vulnerability
Reaver Pro - Local Privilege Escalation Vulnerability
Sysax Multi Server 6.40 SSH Component Denial of Service
Sysax Multi Server 6.40 - SSH Component Denial of Service
WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection
WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection
w3tw0rk / Pitbul IRC Bot Remote Code Execution
w3tw0rk / Pitbul IRC Bot - Remote Code Execution
Dropbox < 3.3.x - OSX FinderLoadBundle Local Root Exploit
Dropbox < 3.3.x - OSX FinderLoadBundle Local Root Exploit
Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution
Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution
WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities
WordPress Plugin Sell Download v1.0.16 - Local File Disclosure
WordPress Plugin TheCartPress v1.4.7 - Multiple Vulnerabilities
WordPress Plugin Advanced uploader 2.10 - Multiple Vulnerabilities
WordPress Plugin Sell Download 1.0.16 - Local File Disclosure
WordPress Plugin TheCartPress 1.4.7 - Multiple Vulnerabilities
Cyclope Employee Surveillance <= v8.6.1- Insecure File Permissions
Cyclope Employee Surveillance <= 8.6.1- Insecure File Permissions
XM Easy Personal FTP Server 5.8 - (HELP) Remote DoS Vulnerability
XM Easy Personal FTP Server 5.8 - (HELP) Remote DoS Vulnerability
Liferay Portal 5.1.2 - Persistent XSS
Trend Micro Deep Discovery Inspector 3.8_ 3.7 - CSRF Vulnerabilities
Linux/x86_x64 - execve(/bin/sh) - 25 bytes
Linux/x86_x64 - execve(/bin/bash) - 33 bytes
TallSoft SNMP TFTP Server 1.0.0 - Denial of Service
FireEye - Privilege Escalation to root from Malware Input Processor (uid=mip)
Android One mt_wifi IOCTL_GET_STRUCT Privilege Escalation
Cogent Datahub <= 7.3.9 Gamma Script Elevation of Privilege
2016-03-29 05:02:00 +00:00
Offensive Security
ca6eab30f8
DB: 2016-03-23
...
6 new exploits
Linux Kernel 2.2.x - 2.4.x ptrace/kmod Local Root Exploit
Linux Kernel 2.2.x - 2.4.x - ptrace/kmod Local Root Exploit
Apache HTTP Server 2.x Memory Leak Exploit
Apache HTTP Server 2.x - Memory Leak Exploit
Mac OS X <= 10.2.4 DirectoryService (PATH) Local Root Exploit
Mac OS X <= 10.2.4 - DirectoryService (PATH) Local Root Exploit
CommuniGate Pro Webmail 4.0.6 Session Hijacking Exploit
CommuniGate Pro Webmail 4.0.6 - Session Hijacking Exploit
OpenBSD (ibcs2_exec) Kernel Local Exploit
OpenBSD - (ibcs2_exec) Kernel Local Exploit
HP-UX B11.11 /usr/bin/ct Local Format String Root Exploit
HP-UX B11.11 - /usr/bin/ct Local Format String Root Exploit
traceroute Local Root Exploit
traceroute - Local Root Exploit
vixie-cron Local Root Exploit
vixie-cron - Local Root Exploit
BSDi 3.0 inc Local Root Buffer Overflow Exploit
BSDi 3.0 inc - Local Root Buffer Overflow Exploit
GLIBC (via /bin/su) Local Root Exploit
GLIBC (via /bin/su) - Local Root Exploit
Linux Kernel 2.2 (TCP/IP Weakness) Exploit
Linux Kernel 2.2 - (TCP/IP Weakness) Exploit
BSD chpass (pw_error(3)) Local Root Exploit
BSD chpass - (pw_error(3)) Local Root Exploit
Tru64 UNIX 4.0g /usr/bin/at Local Root Exploit
Tru64 UNIX 4.0g - /usr/bin/at Local Root Exploit
FreeBSD 3.5.1/4.2 ports package xklock Local Root Exploit
FreeBSD 3.5.1/4.2 Ports Package elvrec Local Root Exploit
Progress Database Server 8.3b (prodb) Local Root Exploit
FreeBSD 3.5.1/4.2 - ports package xklock Local Root Exploit
FreeBSD 3.5.1/4.2 - Ports Package elvrec Local Root Exploit
Progress Database Server 8.3b - (prodb) Local Root Exploit
Xt Library Local Root Command Execution Exploit
Xt Library - Local Root Command Execution Exploit
AIX lquerylv Local Root Buffer Overflow Exploit
AIX lquerylv - Local Root Buffer Overflow Exploit
IRIX 5.3 /usr/sbin/iwsh Local Root Buffer Overflow
Solaris 5.5.1 X11R6.3 xterm (-xrm) Local Root Exploit
IRIX 5.3 - /usr/sbin/iwsh Local Root Buffer Overflow
Solaris 5.5.1 X11R6.3 - xterm (-xrm) Local Root Exploit
Mac OS X Panther Internet Connect Local Root Exploit
Mac OS X - Panther Internet Connect Local Root Exploit
Linux Kernel File Offset Pointer Handling Memory Disclosure Exploit
Linux Kernel - File Offset Pointer Handling Memory Disclosure Exploit
SquirrelMail (chpasswd) Local Root Bruteforce Exploit
SquirrelMail - (chpasswd) Local Root Bruteforce Exploit
CDRDAO Local Root Exploit
CDRDAO - Local Root Exploit
SCO Openserver 5.0.7 (MMDF deliver) Local Root Exploit
SCO Openserver 5.0.7 - (MMDF deliver) Local Root Exploit
OpenText FirstClass 8.0 HTTP Daemon /Search Remote DoS
OpenText FirstClass 8.0 - HTTP Daemon /Search Remote DoS
Solaris 8/9 passwd circ() Local Root Exploit
Solaris 8/9 - passwd circ() Local Root Exploit
PaX Double-Mirrored VMA munmap Local Root Exploit
PaX - Double-Mirrored VMA munmap Local Root Exploit
Mac OS X <= 10.3.8 (CF_CHARSET_PATH) Local Root Buffer Overflow
Mac OS X <= 10.3.8 - (CF_CHARSET_PATH) Local Root Buffer Overflow
Solaris 10.x ESRI Arcgis Local Root Format String Exploit
Solaris 10.x - ESRI Arcgis Local Root Format String Exploit
dSMTP Mail Server 3.1b Linux Remote Root Format String Exploit
dSMTP Mail Server 3.1b - Linux Remote Root Format String Exploit
AIX 5.2 paginit Local Root Exploit
AIX 5.2 - paginit Local Root Exploit
Solaris 9 / 10 ld.so Local Root Exploit (1)
Solaris 9 / 10 - ld.so Local Root Exploit (1)
phpBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit
phpBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit)
vBulletin <= 3.0.6 (Template) Command Execution Exploit (Metasploit
vBulletin <= 3.0.6 (Template) Command Execution Exploit (Metasploit)
Microsoft Windows XP SP2 (rdpwd.sys) Remote Kernel DoS Exploit
Microsoft Windows XP SP2 - (rdpwd.sys) Remote Kernel DoS Exploit
WordPress <= 1.5.1.3 - Remote Code Execution eXploit (Metasploit
WordPress <= 1.5.1.3 - Remote Code Execution exploit (Metasploit)
Solaris <= 10 LPD Arbitrary File Delete Exploit (Metasploit
Solaris <= 10 LPD Arbitrary File Delete Exploit (Metasploit)
Debian 2.2 /usr/bin/pileup Local Root Exploit
Debian 2.2 - /usr/bin/pileup Local Root Exploit
Solaris 2.6/7/8/9 (ld.so.1) Local Root Exploit (sparc)
Solaris 2.6/7/8/9 - (ld.so.1) Local Root Exploit (sparc)
Wireless Tools 26 (iwconfig) Local Root Exploit (some setuid)
Wireless Tools 26 - (iwconfig) Local Root Exploit (some setuid)
Qpopper <= 4.0.8 (poppassd) Local Root Exploit (freebsd)
Qpopper <= 4.0.8 - (poppassd) Local Root Exploit (freebsd)
Solaris 10 DtPrintinfo/Session Local Root Exploit (x86)
Solaris 10 - DtPrintinfo/Session Local Root Exploit (x86)
XMail 1.21 (-t Command Line Option) Local Root Buffer Overflow Exploit
XMail 1.21 - (-t Command Line Option) Local Root Buffer Overflow Exploit
linux-ftpd-ssl 0.17 (MKD/CWD) Remote Root Exploit
linux-ftpd-ssl 0.17 - (MKD/CWD) Remote Root Exploit
QNX Neutrino 6.2.1 (phfont) Race Condition Local Root Exploit
QNX Neutrino 6.2.1 - (phfont) Race Condition Local Root Exploit
FreeBSD 6.0 (nfsd) Remote Kernel Panic Denial of Service Exploit
FreeBSD 6.0 - (nfsd) Remote Kernel Panic Denial of Service Exploit
Apple Mac OS X (/usr/bin/passwd) Custom Passwd Local Root Exploit
Apple Mac OS X - (/usr/bin/passwd) Custom Passwd Local Root Exploit
Horde <= 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (Metasploit
Horde <= 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (Metasploit)
Rocks Clusters <= 4.1 (mount-loop) Local Root Exploit
Rocks Clusters <= 4.1 - (mount-loop) Local Root Exploit
Solaris <= 10 sysinfo() Local Kernel Memory Disclosure Exploit
Solaris <= 10 - sysinfo() Local Kernel Memory Disclosure Exploit
liblesstif <= 2-0.93.94-4mdk (DEBUG_FILE) Local Root Exploit
liblesstif <= 2-0.93.94-4mdk - (DEBUG_FILE) Local Root Exploit
Mac OS X <= 10.4.7 Mach Exception Handling Local Root Exploit
Mac OS X <= 10.4.7 - Mach Exception Handling Local Root Exploit
Xcode OpenBase <= 9.1.5 (root file create) Local Root Exploit (OSX)
Xcode OpenBase <= 9.1.5 - (root file create) Local Root Exploit (OSX)
HP-UX 11i (swpackage) Stack Overflow Local Root Exploit
HP-UX 11i (swmodify) Stack Overflow Local Root Exploit
HP-UX 11i (swask) Format String Local Root Exploit
HP-UX 11i (LIBC TZ enviroment variable) Local Root Exploit
HP-UX 11i - (swpackage) Stack Overflow Local Root Exploit
HP-UX 11i - (swmodify) Stack Overflow Local Root Exploit
HP-UX 11i - (swask) Format String Local Root Exploit
HP-UX 11i - (LIBC TZ enviroment variable) Local Root Exploit
FreeBSD 6.1 (/dev/crypto) Local Kernel Denial of Service Exploit
FreeBSD 6.1 - (/dev/crypto) Local Kernel Denial of Service Exploit
Apple Airport 802.11 Probe Response Kernel Memory Corruption PoC
Apple Airport - 802.11 Probe Response Kernel Memory Corruption PoC
Xcode OpenBase <= 10.0.0 (symlink) Local Root Exploit (OSX)
Xcode OpenBase <= 10.0.0 (unsafe system call) Local Root Exploit (OSX)
Xcode OpenBase <= 10.0.0 - (symlink) Local Root Exploit (OSX)
Xcode OpenBase <= 10.0.0 - (unsafe system call) Local Root Exploit (OSX)
Intel 2200BG 802.11 Beacon frame Kernel Memory Corruption Exploit
Intel 2200BG 802.11 - Beacon frame Kernel Memory Corruption Exploit
Mac OS X 10.4.x Kernel shared_region_map_file_np() Memory Corruption
Mac OS X 10.4.x Kernel - shared_region_map_file_np() Memory Corruption
Intel 2200BG 802.11 disassociation packet Kernel Memory Corruption
Intel 2200BG 802.11 - disassociation packet Kernel Memory Corruption
Plan 9 Kernel (devenv.c OTRUNC/pwrite) Local Exploit
Ubuntu/Debian Apache 1.3.33/1.3.34 (CGI TTY) Local Root Exploit
Plan 9 Kernel - (devenv.c OTRUNC/pwrite) Local Exploit
Ubuntu/Debian Apache 1.3.33/1.3.34 - (CGI TTY) Local Root Exploit
madwifi <= 0.9.2.1 WPA/RSN IE Remote Kernel Buffer Overflow Exploit
madwifi <= 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow Exploit
PHP FirstPost 0.1 (block.php Include) Remote File Inclusion Exploit
PHP FirstPost 0.1 - (block.php Include) Remote File Inclusion Exploit
IBM AIX <= 5.3 sp6 capture Terminal Sequence Local Root Exploit
IBM AIX <= 5.3 sp6 pioout Arbitrary Library Loading Local Root Exploit
IBM AIX <= 5.3 sp6 ftp gets() Local Root Exploit
IBM AIX <= 5.3 sp6 - capture Terminal Sequence Local Root Exploit
IBM AIX <= 5.3 sp6 - pioout Arbitrary Library Loading Local Root Exploit
IBM AIX <= 5.3 sp6 - ftp gets() Local Root Exploit
Linux Kernel 2.4/2.6 x86-64 System Call Emulation Exploit
Linux Kernel 2.4/2.6 - x86-64 System Call Emulation Exploit
Solaris 10 x86/sparc sysinfo Kernel Memory Disclosure Exploit
Solaris fifofs I_PEEK Kernel Memory Disclosure Exploit (x86/sparc)
Solaris 10 - x86/sparc sysinfo Kernel Memory Disclosure Exploit
Solaris - fifofs I_PEEK Kernel Memory Disclosure Exploit (x86/sparc)
Apple Mac OS X 10.4.x Kernel i386_set_ldt() Integer Overflow PoC
Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow PoC
Apple Mac OS X xnu <= 1228.0 mach-o Local Kernel Denial of Service PoC
Apple Mac OS X xnu <= 1228.0 - mach-o Local Kernel Denial of Service PoC
Cisco VPN Client IPSec Driver Local kernel system pool Corruption PoC
Cisco VPN Client - IPSec Driver Local kernel system pool Corruption PoC
DESlock+ <= 3.2.6 (list) Local Kernel Memory Leak PoC
DESlock+ <= 3.2.6 DLMFENC.sys Local Kernel ring0 link list zero PoC
DESlock+ <= 3.2.6 - (list) Local Kernel Memory Leak PoC
DESlock+ <= 3.2.6 - DLMFENC.sys Local Kernel ring0 link list zero PoC
DESlock+ <= 3.2.6 DLMFDISK.sys Local kernel ring0 SYSTEM Exploit
DESlock+ <= 3.2.6 - DLMFDISK.sys Local kernel ring0 SYSTEM Exploit
SCO UnixWare < 7.1.4 p534589 (pkgadd) Local Root Exploit
SCO UnixWare < 7.1.4 p534589 - (pkgadd) Local Root Exploit
SCO UnixWare Merge mcd Local Root Exploit
SCO UnixWare Merge - mcd Local Root Exploit
Deterministic Network Enhancer dne2000.sys kernel ring0 SYSTEM Exploit
Deterministic Network Enhancer - dne2000.sys kernel ring0 SYSTEM Exploit
OpenBSD 4.0 (FIRST ANIMATED EXPLOIT) Local Root Exploit (vga)
OpenBSD 4.0 - Local Root Exploit (vga)
DESlock+ <= 3.2.7 (probe read) Local Kernel Denial of Service PoC
DESlock+ <= 3.2.7 - (probe read) Local Kernel Denial of Service PoC
QNX 6.4.0 bitflipped elf binary (id) Kernel Panic Exploit
QNX 6.4.0 - bitflipped elf binary (id) Kernel Panic Exploit
FreeBSD 7.x (Dumping Environment) Local Kernel Panic Exploit
FreeBSD 7.x - (Dumping Environment) Local Kernel Panic Exploit
FreeBSD 7.0/7.1 (ktimer) Local Kernel Root Exploit
Mac OS X xnu <= 1228.3.13 (zip-notify) Remote Kernel Overflow PoC
Mac OS X xnu <= 1228.3.13 (macfsstat) Local Kernel Memory Leak/DoS
Mac OS X xnu <= 1228.3.13 (profil) Kernel Memory Leak/DoS PoC
FreeBSD 7.0/7.1 - (ktimer) Local Kernel Root Exploit
Mac OS X xnu <= 1228.3.13 - (zip-notify) Remote Kernel Overflow PoC
Mac OS X xnu <= 1228.3.13 - (macfsstat) Local Kernel Memory Leak/DoS
Mac OS X xnu <= 1228.3.13 - (profil) Kernel Memory Leak/DoS PoC
Mac OS X xnu <= 1228.x (hfs-fcntl) Local Kernel Root Exploit
Mac OS X xnu <= 1228.x - (hfs-fcntl) Local Kernel Root Exploit
Solaris 10 / OpenSolaris (dtrace) Local Kernel Denial of Service PoC
Solaris 10 / OpenSolaris (fasttrap) Local Kernel Denial of Service PoC
Solaris 10 / OpenSolaris - (dtrace) Local Kernel Denial of Service PoC
Solaris 10 / OpenSolaris - (fasttrap) Local Kernel Denial of Service PoC
DESlock+ 4.0.2 dlpcrypt.sys Local Kernel ring0 Code Execution Exploit
DESlock+ 4.0.2 - dlpcrypt.sys Local Kernel ring0 Code Execution Exploit
FreeBSD 7.2-RELEASE SCTP Local Kernel Denial of Service Exploit
FreeBSD 7.2-RELEASE - SCTP Local Kernel Denial of Service Exploit
VMWare Fusion <= 2.0.5 vmx86 kext Local kernel Root Exploit
VMWare Fusion <= 2.0.5 - vmx86 kext Local kernel Root Exploit
Linux Kernel < 2.6.31-rc4 nfs4_proc_lock() Denial of Service
Linux Kernel < 2.6.31-rc4 - nfs4_proc_lock() Denial of Service
Authentium SafeCentral <= 2.6 shdrv.sys Local kernel ring0 SYSTEM Exploit
Authentium SafeCentral <= 2.6 - shdrv.sys Local kernel ring0 SYSTEM Exploit
Windows 2000/XP/2003 Win32k.sys SfnLOGONNOTIFY Local kernel Denial of Service Vulnerability
Windows 2000/XP/2003 Win32k.sys SfnINSTRING Local kernel Denial of Service Vulnerability
Windows 2000/XP/2003 - Win32k.sys SfnLOGONNOTIFY Local kernel Denial of Service Vulnerability
Windows 2000/XP/2003 - Win32k.sys SfnINSTRING Local kernel Denial of Service Vulnerability
linux/x86 chroot & standart 66 bytes
linux/x86 - chroot & standart 66 bytes
linux/x86 break chroot 34 bytes
linux/x86 break chroot 46 bytes
linux/x86 break chroot execve /bin/sh 80 bytes
linux/x86 - break chroot 34 bytes
linux/x86 - break chroot 46 bytes
linux/x86 - break chroot execve /bin/sh 80 bytes
linux chroot()/execve() code
linux - chroot()/execve() code
linux/x86 break chroot setuid(0) + /bin/sh 132 bytes
linux/x86 - break chroot setuid(0) + /bin/sh 132 bytes
linux/x86 break chroot 79 bytes
linux/x86 - break chroot 79 bytes
FreeBSD Kernel nfs_mount() Exploit
FreeBSD Kernel mountnfs() Exploit
FreeBSD Kernel - nfs_mount() Exploit
FreeBSD Kernel - mountnfs() Exploit
FreeBSD 8.1/7.3 vm.pmap Kernel Local Race Condition
FreeBSD 8.1/7.3 - vm.pmap Kernel Local Race Condition
Kingsoft Antivirus <= 2010.04.26.648 Kernel Buffer Overflow Exploit
Kingsoft Antivirus <= 2010.04.26.648 - Kernel Buffer Overflow Exploit
Linux Kernel Stack Infoleaks Vulnerability
Linux Kernel - Stack Infoleaks Vulnerability
Linux Kernel 'setup_arg_pages()' Denial of Service Vulnerability
Linux Kernel - 'setup_arg_pages()' Denial of Service Vulnerability
IBM Tivoli Storage Manager (TSM) Local Root
IBM Tivoli Storage Manager (TSM) - Local Root
DESlock+ <= 4.1.10 vdlptokn.sys Local Kernel ring0 SYSTEM Exploit
DESlock+ <= 4.1.10 - vdlptokn.sys Local Kernel ring0 SYSTEM Exploit
Linux Kernel < 2.6.37-rc2 TCP_MAXSEG Kernel Panic DoS
Linux Kernel < 2.6.37-rc2 - TCP_MAXSEG Kernel Panic DoS
IPComp encapsulation pre-auth kernel memory corruption
IPComp - encapsulation pre-auth kernel memory corruption
Linux Kernel 'perf_count_sw_cpu_clock' event Denial of Service
Linux Kernel - 'perf_count_sw_cpu_clock' event Denial of Service
Mac OS X < 10.6.7 Kernel Panic Exploit
Mac OS X < 10.6.7 - Kernel Panic Exploit
Calibre E-Book Reader Local Root Exploit
Calibre E-Book Reader - Local Root Exploit (1)
Calibre E-Book Reader Local Root Exploit
Calibre E-Book Reader Local Root Race Condition Exploit
Calibre E-Book Reader - Local Root Exploit (2)
Calibre E-Book Reader - Local Root Race Condition Exploit
Calibre E-Book Reader Local Root
Calibre E-Book Reader - Local Root
Vanilla FirstLastNames 1.3.2 Plugin Persistant XSS
Vanilla FirstLastNames 1.3.2 Plugin - Persistant XSS
Webspell FIRSTBORN Movie-Addon Blind SQL Injection Vulnerability
Webspell FIRSTBORN Movie-Addon - Blind SQL Injection Vulnerability
Linux kernel 2.0/2.1 SIGIO Vulnerability
Linux kernel 2.0/2.1 - SIGIO Vulnerability
Digital UNIX <= 4.0 D_FreeBSD <= 2.2.4_HP HP-UX 10.20/11.0_IBM AIX <= 3.2.5_Linux kernel 2.0/2.1_NetBSD 1.2_Solaris <= 2.5.1 Smurf Denial of Service Vulnerability
Digital UNIX <= 4.0 D_FreeBSD <= 2.2.4_HP HP-UX 10.20/11.0_IBM AIX <= 3.2.5_Linux kernel 2.0/2.1_NetBSD 1.2_Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability
Slackware Linux <= 3.5 /etc/group missing results in Root access Vulnerability
Slackware Linux <= 3.5 - /etc/group missing results in Root access Vulnerability
Linux kernel 2.0/2.1/2.2 autofs Vulnerability
Linux kernel 2.0/2.1/2.2 - autofs Vulnerability
Linux kernel 2.0 TCP Port DoS Vulnerability
Linux kernel 2.2 ldd core Vulnerability
Linux kernel 2.0 - TCP Port DoS Vulnerability
Linux kernel 2.2 - ldd core Vulnerability
Linux kernel 2.0.33 IP Fragment Overlap Vulnerability
Linux kernel 2.0.33 - IP Fragment Overlap Vulnerability
Linux kernel 2.0/2.0.33 i_count Overflow Vulnerability
Linux kernel 2.0/2.0.33 - i_count Overflow Vulnerability
Linux kernel 2.0.37 Segment Limit Vulnerability
Linux kernel 2.0.37 - Segment Limit Vulnerability
BSD/OS <= 4.0_FreeBSD <= 3.2_Linux kernel <= 2.3_NetBSD <= 1.4 Shared Memory Denial of Service Vulnerability
BSD/OS <= 4.0_FreeBSD <= 3.2_Linux kernel <= 2.3_NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability
Linux kernel 2.2 Predictable TCP Initial Sequence Number Vulnerability
Linux kernel 2.2 - Predictable TCP Initial Sequence Number Vulnerability
Debian 2.1_Linux kernel 2.0.x_RedHat 5.2 Packet Length with Options Vulnerability
Debian 2.1_Linux kernel 2.0.x_RedHat 5.2 - Packet Length with Options Vulnerability
FreeBSD Kernel SCTP Remote NULL Ptr Dereference DoS
FreeBSD Kernel - SCTP Remote NULL Ptr Dereference DoS
Linux Kernel 2.2.x Non-Readable File Ptrace Vulnerability
Linux Kernel 2.2.x - Non-Readable File Ptrace Vulnerability
Linux kernel 2.1.89/2.2.x Zero-Length Fragment Vulnerability
Linux kernel 2.1.89/2.2.x - Zero-Length Fragment Vulnerability
Linux kernel 2.4 IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion
Linux kernel 2.4 - IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion
Microsoft Windows Kernel Intel x64 SYSRET PoC
Microsoft Windows Kernel - Intel x64 SYSRET PoC
Microsoft Visual Studio RAD Support Buffer Overflow Vulnerability (Metasploit
Microsoft Visual Studio RAD Support Buffer Overflow Vulnerability (Metasploit)
Linux kernel 2.2/2.4 procfs Stream Redirection to Process Memory Vulnerability
Linux kernel 2.2/2.4 - procfs Stream Redirection to Process Memory Vulnerability
CylantSecure 1.0 Kernel Module Syscall Rerouting Vulnerability
CylantSecure 1.0 - Kernel Module Syscall Rerouting Vulnerability
HP-UX 11_Linux kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 Small TCP MSS DoS
HP-UX 11_Linux kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 - Small TCP MSS DoS
Linux kernel 2.2/2.4 Deep Symbolic Link Denial of Service Vulnerability
Linux kernel 2.2/2.4 - Deep Symbolic Link Denial of Service Vulnerability
Linux Kernel 2.2/2.4 Ptrace/Setuid Exec Vulnerability
Linux Kernel 2.2/2.4 - Ptrace/Setuid Exec Vulnerability
Linux Kernel 2.2.x/2.3/2.4.x d_path() Path Truncation Vulnerability
Linux Kernel 2.2.x/2.3/2.4.x - d_path() Path Truncation Vulnerability
grsecurity Kernel Patch 1.9.4 Linux Kernel Memory Protection Weakness
grsecurity Kernel Patch 1.9.4 - Linux Kernel Memory Protection Weakness
BubbleMon 1.x Kernel Memory File Descriptor Leakage Vulnerability
ASCPU 0.60 Kernel Memory File Descriptor Leakage Vulnerability
BubbleMon 1.x Kernel - Memory File Descriptor Leakage Vulnerability
ASCPU 0.60 Kernel - Memory File Descriptor Leakage Vulnerability
Linux Kernel 2.0.x/2.2.x/2.4.x_FreeBSD 4.x Network Device Driver Frame Padding Information Disclosure
Linux Kernel 2.0.x/2.2.x/2.4.x_FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure
Linux kernel 2.2.x/2.4.x I/O System Call File Existence Weakness
Linux kernel 2.2.x/2.4.x - I/O System Call File Existence Weakness
Linux kernel 2.2./2.4.x /proc Filesystem Potential Information Disclosure Vulnerability
Linux kernel 2.2./2.4.x - /proc Filesystem Potential Information Disclosure Vulnerability
Centrinity FirstClass 7.1 HTTP Server Directory Disclosure Vulnerability
Centrinity FirstClass 7.1 - HTTP Server Directory Disclosure Vulnerability
Linux VServer Project 1.2x CHRoot Breakout Vulnerability
Linux VServer Project 1.2x - CHRoot Breakout Vulnerability
Sun Solaris 8/9 Unspecified Passwd Local Root Compromise Vulnerability
Sun Solaris 8/9 - Unspecified Passwd Local Root Compromise Vulnerability
Centrinity FirstClass HTTP Server 5/7 TargetName Parameter Cross-Site Scripting Vulnerability
Centrinity FirstClass HTTP Server 5/7 - TargetName Parameter Cross-Site Scripting Vulnerability
Darwin Kernel 7.1 Mach File Parsing Local Integer Overflow Vulnerability
Darwin Kernel 7.1 - Mach File Parsing Local Integer Overflow Vulnerability
Linux Kernel NFS and EXT3 Combination Remote Denial of Service Vulnerability
Linux Kernel - NFS and EXT3 Combination Remote Denial of Service Vulnerability
Campsite 2.6.1 SubscriptionSection.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 SystemPref.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - SubscriptionSection.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - SystemPref.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 Template.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 TimeUnit.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - Template.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - TimeUnit.php g_documentRoot Parameter Remote File Inclusion
Sienzo Digital Music Mentor DSKernel2.DLL ActiveX Control Stack Buffer Overflow Vulnerabilities
Sienzo Digital Music Mentor - DSKernel2.DLL ActiveX Control Stack Buffer Overflow Vulnerabilities
Campsite 2.6.1 Alias.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 Article.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 ArticleAttachment.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 ArticleComment.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 ArticleData.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 ArticleImage.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 ArticleIndex.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 ArticlePublish.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 ArticleTopic.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 ArticleType.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 ArticleTypeField.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 Country.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 DatabaseObject.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - Alias.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - Article.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - ArticleAttachment.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - ArticleComment.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - ArticleData.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - ArticleImage.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - ArticleIndex.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - ArticlePublish.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - ArticleTopic.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - ArticleType.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - ArticleTypeField.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - Country.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - DatabaseObject.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 Event.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 IPAccess.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 Image.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 Issue.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 IssuePublish.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 Language.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 Log.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 LoginAttempts.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 Publication.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 Section.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 ShortURL.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 Subscription.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 SubscriptionDefaultTime.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 Topic.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 UrlType.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 User.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 UserType.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - Event.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - IPAccess.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - Image.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - Issue.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - IssuePublish.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - Language.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - Log.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - LoginAttempts.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - Publication.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - Section.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - ShortURL.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - Subscription.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - SubscriptionDefaultTime.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - Topic.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - UrlType.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - User.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - UserType.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 implementation/management/configuration.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 implementation/management/db_connect.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - implementation/management/configuration.php g_documentRoot Parameter Remote File Inclusion
Campsite 2.6.1 - implementation/management/db_connect.php g_documentRoot Parameter Remote File Inclusion
Linux Kernel 2.6.22 IPv6 Hop-By-Hop Header Remote Denial of Service Vulnerability
Linux Kernel 2.6.22 - IPv6 Hop-By-Hop Header Remote Denial of Service Vulnerability
CORE FORCE Firewall 0.95.167 and Registry Modules Multiple Local Kernel Buffer Overflow Vulnerabilities
CORE FORCE Firewall 0.95.167 and Registry Modules - Multiple Local Kernel Buffer Overflow Vulnerabilities
Fedora 8/9 Linux Kernel 'utrace_control' NULL Pointer Dereference Denial of Service Vulnerability
Fedora 8/9 Linux Kernel - 'utrace_control' NULL Pointer Dereference Denial of Service Vulnerability
MySQL <= 6.0.9 GeomFromWKB() Function First Argument Geometry Value Handling DoS
MySQL <= 6.0.9 - GeomFromWKB() Function First Argument Geometry Value Handling DoS
VMware Workstations 10.0.0.40273 vmx86.sys Arbitrary Kernel Read
VMware Workstations 10.0.0.40273 - vmx86.sys Arbitrary Kernel Read
Linux Kernel <= 3.0.4 '/proc/interrupts' Password Length Local Information Disclosure Weakness
Linux Kernel <= 3.0.4 - '/proc/interrupts' Password Length Local Information Disclosure Weakness
Linux Kernel Network Namespace Remote Denial of Service Vulnerability
Linux Kernel - Network Namespace Remote Denial of Service Vulnerability
Linux Kernel <= 3.1.8 KVM Local Denial of Service Vulnerability
Linux Kernel <= 3.1.8 - KVM Local Denial of Service Vulnerability
Linux Kernel 2.6.x 'rds_recvmsg()' Function Local Information Disclosure Vulnerability
Linux Kernel 2.6.x - 'rds_recvmsg()' Function Local Information Disclosure Vulnerability
Linux Kernel 3.2.x 'uname()' System Call Local Information Disclosure Vulnerability
Linux Kernel 3.2.x - 'uname()' System Call Local Information Disclosure Vulnerability
Linux Kernel <= 3.3.5 Btrfs CRC32C feature Infinite Loop Local Denial of Service Vulnerability
Linux Kernel <= 3.3.5 - Btrfs CRC32C feature Infinite Loop Local Denial of Service Vulnerability
Linux Kernel 3.3.5 'CLONE_NEWUSER|CLONE_FS' Local Privilege Escalation Vulnerability
Linux Kernel 3.3.5 - 'CLONE_NEWUSER|CLONE_FS' Local Privilege Escalation Vulnerability
Linux Kernel <= 3.2.1 Tracing Mutiple Local Denial of Service Vulnerabilities
Linux Kernel <= 3.2.1 - Tracing Mutiple Local Denial of Service Vulnerabilities
Win10Pcap - Local Privilege Escalation Vulnerability
Samsung m2m1shot Kernel Driver Buffer Overflow
Samsung seiren Kernel Driver Buffer Overflow
Samsung - m2m1shot Kernel Driver Buffer Overflow
Samsung - seiren Kernel Driver Buffer Overflow
Linux Kernel <= 3.3.5 'b43' Wireless Driver Local Privilege Escalation Vulnerability
Linux Kernel <= 3.3.5 - 'b43' Wireless Driver Local Privilege Escalation Vulnerability
NetUSB Kernel Stack Buffer Overflow
NetUSB - Kernel Stack Buffer Overflow
Linux Kernel <= 3.0.5 'test_root()' Function Local Denial of Service Vulnerability
Linux Kernel <= 3.0.5 - 'test_root()' Function Local Denial of Service Vulnerability
Windows Kernel win32k.sys Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Windows Kernel win32k.sys Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Windows Kernel - win32k.sys Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Windows Kernel - win32k.sys Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
Chkrootkit Local Privilege Escalation
Chkrootkit - Local Privilege Escalation
Windows Kernel Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115)
Windows Kernel - Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115)
Linux Kernel <= 3.0.5 'ath9k_htc_set_bssid_mask()' Function Information Disclosure Vulnerability
Linux Kernel <= 3.0.5 - 'ath9k_htc_set_bssid_mask()' Function Information Disclosure Vulnerability
Acunetix WVS 10 - Local Privilege escalation
Acunetix WVS 10 - Local Privilege Escalation
Linux Kernel <= 3.3.5 '/drivers/media/media-device.c' Local Information Disclosure Vulnerability
Linux Kernel <= 3.3.5 - '/drivers/media/media-device.c' Local Information Disclosure Vulnerability
Linux Kernel REFCOUNT Overflow/Use-After-Free in Keyrings
Linux Kernel - REFCOUNT Overflow/Use-After-Free in Keyrings
Android sensord Local Root Exploit
Android - sensord Local Root Exploit
OS X and iOS Unsandboxable Kernel Use-After-Free in Mach Vouchers
OS X and iOS - Unsandboxable Kernel Use-After-Free in Mach Vouchers
Microsoft Windows WebDAV - Privilege Escalation (MS16-016)
Microsoft Windows WebDAV - (BSoD) Privilege Escalation (MS16-016)
Proxmox VE 3/4 Insecure Hostname Checking Remote Root Exploit
Proxmox VE 3/4 - Insecure Hostname Checking Remote Root Exploit
Windows Kernel ATMFD.DLL OTF Font Processing Pool-Based Buffer Overflow (MS16-026)
Windows Kernel ATMFD.DLL OTF Font Processing Stack Corruption (MS16-026)
Windows Kernel - ATMFD.DLL OTF Font Processing Pool-Based Buffer Overflow (MS16-026)
Windows Kernel - ATMFD.DLL OTF Font Processing Stack Corruption (MS16-026)
WordPress HB Audio Gallery Lite Plugin 1.0.0 - Arbitrary File Download
Joomla Easy Youtube Gallery 1.0.2 - SQL Injection Vulnerability
WordPress Brandfolder Plugin 3.0 - RFI / LFI Vulnerability
WordPress Dharma booking Plugin 2.38.3 - File Inclusion Vulnerability
WordPress Memphis Document Library Plugin 3.1.5 - Arbitrary File Download
2016-03-23 05:03:34 +00:00
Offensive Security
2c01698aec
DB: 2016-03-22
...
14 new exploits
Drupal <= 4.5.3 & <= 4.6.1 Comments PHP Injection Exploit
Drupal <= 4.5.3 & <= 4.6.1 - Comments PHP Injection Exploit
phpBB 2.0.15 - Remote PHP Code Execution Exploit (metasploit)
phpBB 2.0.15 - Remote PHP Code Execution Exploit (Metasploit
vBulletin <= 3.0.6 (Template) Command Execution Exploit (metasploit)
vBulletin <= 3.0.6 (Template) Command Execution Exploit (Metasploit
WordPress <= 1.5.1.3 - Remote Code Execution eXploit (metasploit)
WordPress <= 1.5.1.3 - Remote Code Execution eXploit (Metasploit
Solaris <= 10 LPD Arbitrary File Delete Exploit (metasploit)
Solaris <= 10 LPD Arbitrary File Delete Exploit (Metasploit
Horde <= 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (metasploit)
Horde <= 3.0.9/3.1.0 - (Help Viewer) Remote Code Execution (Metasploit
Softerra PHP Developer Library <= 1.5.3 File Include Vulnerabilities
Softerra PHP Developer Library <= 1.5.3 - File Include Vulnerabilities
IDEAL Administration 2009 9.7 - Buffer Overflow - Metasploit Universal
IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)
PHP RapidKill Pro 5.x Shell Upload Vulnerability
PHP RapidKill Pro 5.x - Shell Upload Vulnerability
Shellcode - Win32 MessageBox (Metasploit module)
Shellcode - Win32 MessageBox (Metasploit)
Php Nuke 8.x.x - BlindSQL Injection Vulnerability
PHP-Nuke 8.x.x - BlindSQL Injection Vulnerability
Integard Pro 2.2.0.9026 - (Win7 ROP-Code Metasploit Module)
Integard Pro 2.2.0.9026 - Windows 7 ROP-Code (Metasploit)
Digital Music Pad 8.2.3.3.4 - SEH Overflow Metasploit Module
Digital Music Pad 8.2.3.3.4 - SEH Overflow (Metasploit)
MaticMarket 2.02 for PHP Nuke LFI Vulnerability
MaticMarket 2.02 for PHP-Nuke - LFI Vulnerability
Microsoft Word 2003 - Record Parsing Buffer Overflow (Metasploit) (MS09-027)
Microsoft Word 2003 - Record Parsing Buffer Overflow (MS09-027) (Metasploit)
Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (Metasploit) (0day)
Actfax FTP Server <= 4.27 - USER Command Stack Buffer Overflow (0day) (Metasploit)
Metasploit 4.1.0 Web UI stored XSS Vulnerability
Metasploit 4.1.0 Web UI - Stored XSS Vulnerability
PHP Nuke 1.0/2.5/3.0/4.x - Remote Ad Banner URL Change Vulnerability
PHP-Nuke 1.0/2.5/3.0/4.x - Remote Ad Banner URL Change Vulnerability
Microsoft Visual Studio RAD Support Buffer Overflow Vulnerability (metasploit)
Microsoft Visual Studio RAD Support Buffer Overflow Vulnerability (Metasploit
PHP Nuke 5.0 - 'user.php' Form Element Substitution Vulnerabilty
PHP-Nuke 5.0 - 'user.php' Form Element Substitution Vulnerabilty
PHP Nuke 5.x Error Message Web Root Disclosure Vulnerability
PHP-Nuke 5.x - Error Message Web Root Disclosure Vulnerability
PHP Nuke 8.2.4 - CSRF Vulnerability
PHP-Nuke 8.2.4 - CSRF Vulnerability
DCP-Portal 3.7/4.x/5.x Calendar.PHP HTTP Response Splitting Vulnerability
DCP-Portal 3.7/4.x/5.x - Calendar.PHP HTTP Response Splitting Vulnerability
PHP Nuke 0-7 Double Hex Encoded Input Validation Vulnerability
PHP-Nuke 0-7 - Double Hex Encoded Input Validation Vulnerability
PHP 4.x/5.x Html_Entity_Decode() Information Disclosure Vulnerability
PHP 4.x/5.x - Html_Entity_Decode() Information Disclosure Vulnerability
Western Digital Arkeia Remote Code Execution (Metasploit)
Western Digital Arkeia - Remote Code Execution (Metasploit)
Apache + PHP 5.x (< 5.3.12 & < 5.4.2) - cgi-bin Remote Code Execution Exploit
Apache + PHP 5.x (< 5.3.12 / < 5.4.2) - Remote Code Execution (Multithreaded Scanner)
Apache + PHP 5.x (< 5.3.12 & < 5.4.2) - Remote Code Execution (Multithreaded Scanner)
PHP PEAR <= 1.5.3 INSTALL-AS Attribute Arbitrary File Overwrite Vulnerability
PHP PEAR <= 1.5.3 - INSTALL-AS Attribute Arbitrary File Overwrite Vulnerability
GNU bash Environment Variable Command Injection (Metasploit)
GNU Bash - Environment Variable Command Injection (Metasploit)
Bash - CGI RCE (Metasploit) Shellshock Exploit
Bash - CGI RCE Shellshock Exploit (Metasploit)
Endian Firewall < 3.0.0 - OS Command Injection (Metasploit Module)
Endian Firewall < 3.0.0 - OS Command Injection (Metasploit)
Windows - Secondary Logon Standard Handles Missing Sanitization Privilege Escalation (MS16-032)
WordPress eBook Download Plugin 1.1 - Directory Traversal
WordPress Import CSV Plugin 1.0 - Directory Traversal
WordPress Abtest Plugin - Local File Inclusion
Internet Download Manager 6.25 Build 14 - 'Find file' Unicode SEH Exploit
Disc ORGanizer - DORG - Multiple Vulnerabilities
D-Link DWR-932 Firmware 4.00 - Authentication Bypass
Xoops 2.5.7.2 - Arbitrary User Deletions CSRF
Xoops 2.5.7.2 - Directory Traversal Bypass
WordPress Image Export Plugin 1.1.0 - Arbitrary File Disclosure
Sysax Multi Server 6.50 - HTTP File Share SEH Overflow RCE Exploit
Dating Pro Genie 2015.7 - CSRF Vulnerabilities
iTop 2.2.1 - CSRF Vulnerability
ProjectSend r582 - Multiple XSS Vulnerabilities
2016-03-22 05:02:50 +00:00
Offensive Security
49a8e7debd
DB: 2016-03-18
...
2 new exploits
file
Zenphoto 1.4.11 - Remote File Inclusion
Synology Photo Station 5 DSM 3.2 'photo_one.php' Script Cross Site Scripting Vulnerability
Synology Photo Station 5 DSM 3.2 - 'photo_one.php' Script Cross Site Scripting Vulnerability
file
PivotX 2.3.11 - Directory Traversal
2016-03-18 05:03:26 +00:00
Offensive Security
9deb7ec89d
DB: 2016-03-17
2016-03-17 14:19:33 +00:00
Offensive Security
477bcbdcc0
DB: 2016-03-17
...
5 new exploits
phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerability Exploit
phpMyNewsletter <= 0.8 (beta5) - Multiple Vulnerabilities
My Book World Edition NAS Multiple Vulnerability
My Book World Edition NAS - Multiple Vulnerabilities
Katalog Stron Hurricane 1.3.5 - Multiple Vulnerability RFI / SQL
Katalog Stron Hurricane 1.3.5 - (RFI / SQL) Multiple Vulnerabilities
cmsfaethon-2.2.0-ultimate.7z Multiple Vulnerability
cmsfaethon-2.2.0-ultimate.7z - Multiple Vulnerabilities
DynPG CMS 4.1.0 - Multiple Vulnerability (popup.php and counter.php)
DynPG CMS 4.1.0 - (popup.php and counter.php) Multiple Vulnerabilities
Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerability
Nucleus CMS 3.51 (DIR_LIBS) - Multiple Vulnerabilities
N/X - Web CMS (N/X WCMS 4.5) Multiple Vulnerability
N/X - Web CMS (N/X WCMS 4.5) - Multiple Vulnerabilities
New-CMS - Multiple Vulnerability
New-CMS - Multiple Vulnerabilities
Edgephp Clickbank Affiliate Marketplace Script Multiple Vulnerability
Edgephp Clickbank Affiliate Marketplace Script - Multiple Vulnerabilities
JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerability
JV2 Folder Gallery 3.1.1 - (popup_slideshow.php) Multiple Vulnerabilities
i-Gallery - Multiple Vulnerability
i-Gallery - Multiple Vulnerabilities
My Kazaam Notes Management System Multiple Vulnerability
My Kazaam Notes Management System - Multiple Vulnerabilities
Omnidocs - Multiple Vulnerability
Omnidocs - Multiple Vulnerabilities
Web Cookbook Multiple Vulnerability
Web Cookbook - Multiple Vulnerabilities
KikChat - (LFI/RCE) Multiple Vulnerability
KikChat - (LFI/RCE) Multiple Vulnerabilities
Webformatique Reservation Manager - 'index.php' Cross-Site Scripting Vulnerability
Webformatique Reservation Manager 2.4 - 'index.php' Cross-Site Scripting Vulnerability
xEpan 1.0.4 - Multiple Vulnerability
xEpan 1.0.4 - Multiple Vulnerabilities
AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection
Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow
Cisco UCS Manager 2.1(1b) - Shellshock Exploit
OpenSSH <= 7.2p1 - xauth Injection
FreeBSD 10.2 amd64 Kernel - amd64_set_ldt Heap Overflow
2016-03-17 07:07:56 +00:00
Offensive Security
406c75cd13
DB: 2016-03-16
...
1 new exploits
2016-03-16 05:02:50 +00:00
Offensive Security
214a99ac52
DB: 2016-03-15
...
8 new exploits
2016-03-15 05:02:46 +00:00
Offensive Security
fe74e95fff
DB: 2016-03-12
...
3 new exploits
2016-03-12 05:03:14 +00:00
Offensive Security
d1a9542b86
DB: 2016-03-11
...
7 new exploits
2016-03-11 05:02:50 +00:00
Offensive Security
da08dab2c6
DB: 2016-03-10
...
16 new exploits
2016-03-10 05:03:17 +00:00
Offensive Security
a7c11413af
DB: 2016-03-09
...
1 new exploits
2016-03-09 05:02:46 +00:00
Offensive Security