Offensive Security
|
91b12c469e
|
DB: 2016-11-29
16 new exploits
rdesktop 1.5.0 - iso_recv_msg() Integer Underflow (PoC)
rdesktop 1.5.0 - process_redirect_pdu() BSS Overflow (PoC)
rdesktop 1.5.0 - 'iso_recv_msg()' Integer Underflow (PoC)
rdesktop 1.5.0 - 'process_redirect_pdu()' BSS Overflow (PoC)
NTP 4.2.8p3 - Denial of Service
Microsoft Internet Explorer 8 MSHTML - 'SRunPointer::SpanQualifier/RunType' Out-Of-Bounds Read (MS15-009)
Microsoft Internet Explorer 11 MSHTML - 'CGeneratedContent::HasGeneratedSVGMarker' Type Confusion
Microsoft Internet Explorer 10 MSHTML - 'CEditAdorner::Detach' Use-After-Free (MS13-047)
Microsoft Internet Explorer 8 / 9 / 10 / 11 MSHTML - 'DOMImplementation' Type Confusion (MS16-009)
Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Privilege Escalation
Linux Kernel 2.6.x < 2.6.7-rc3 (Slackware 9.1 / Debian 3.0) - 'sys_chown()' Group Ownership Alteration Privilege Escalation
Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Privilege Escalation
Linux Kernel 2.4 / 2.6 (x86-64) - System Call Emulation Privilege Escalation
Linux Kernel < 2.6.36-rc4-git2 (x86_64) - 'ia32syscall' Emulation Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (RedHat x86_64) - 'compat' Privilege Escalation
Linux Kernel < 2.6.36-rc4-git2 (x86-64) - 'ia32syscall' Emulation Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (RedHat x86-64) - 'compat' Privilege Escalation
Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86_64) - 'sock_diag_handlers[]' Privilege Escalation (1)
Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86-64) - 'sock_diag_handlers[]' Privilege Escalation (1)
Linux Kernel < 3.8.9 (x86_64) - 'perf_swevent_init' Privilege Escalation (2)
Linux Kernel < 3.8.9 (x86-64) - 'perf_swevent_init' Privilege Escalation (2)
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' Race Condition Privilege Escalation (Write Access)
Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' Race Condition Privilege Escalation (SUID)
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation (Write Access)
Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation (Write Access)
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation
TFTP Server 1.4 - Buffer Overflow Remote Exploit (2)
TFTP Server 1.4 - Remote Buffer Overflow (2)
TFTP Server 1.4 (Windows) - ST WRQ Buffer Overflow (Metasploit)
TFTP Server 1.4 - ST WRQ Buffer Overflow (Metasploit)
Android - 'BadKernel' Remote Code Execution
VX Search Enterprise 9.1.12 - Buffer Overflow
Sync Breeze Enterprise 9.1.16 - Buffer Overflow
Disk Sorter Enterprise 9.1.12 - Buffer Overflow
Dup Scout Enterprise 9.1.14 - Buffer Overflow
Disk Savvy Enterprise 9.1.14 - Buffer Overflow
Disk Pulse Enterprise 9.1.16 - Buffer Overflow
Linux/x86 - Egg-hunter Shellcode (25 bytes)
Linux/x86 - Egg-hunter Shellcode (31 bytes)
RunCMS 1.2 - (class.forumposts.php) Arbitrary Remote File Inclusion
RunCMS 1.2 - 'class.forumposts.php' Arbitrary Remote File Inclusion
CMS Faethon 1.3.2 - (mainpath) Remote File Inclusion
CMS Faethon 1.3.2 - 'mainpath' Parameter Remote File Inclusion
CMS Faethon 2.0 - (mainpath) Remote File Inclusion
CMS Faethon 2.0 - 'mainpath' Parameter Remote File Inclusion
SazCart 1.5 - (cart.php) Remote File Inclusion
SazCart 1.5 - 'cart.php' Remote File Inclusion
Cyberfolio 2.0 RC1 - (av) Remote File Inclusion
Cyberfolio 2.0 RC1 - 'av' Parameter Remote File Inclusion
FipsCMS 4.5 - (index.asp) SQL Injection
FipsCMS 4.5 - 'index.asp' SQL Injection
AJ Classifieds 1.0 - (postingdetails.php) SQL Injection
AJ Classifieds 1.0 - 'postingdetails.php' SQL Injection
RunCMS 1.5.2 - (debug_show.php) SQL Injection
RunCMS 1.5.2 - 'debug_show.php' SQL Injection
OneCMS 2.4 - (userreviews.php abc) SQL Injection
OneCMS 2.4 - 'abc' Parameter SQL Injection
RunCMS 1.6 - disclaimer.php Remote File Overwrite
RunCMS 1.6 - 'disclaimer.php' Remote File Overwrite
PHPEasyData 1.5.4 - 'cat_id' SQL Injection
FipsCMS - 'print.asp lg' SQL Injection
Galleristic 1.0 - (index.php cat) SQL Injection
gameCMS Lite 1.0 - (index.php systemId) SQL Injection
PHPEasyData 1.5.4 - 'cat_id' Parameter SQL Injection
FipsCMS 2.1 - 'print.asp' SQL Injection
Galleristic 1.0 - 'cat' Parameter SQL Injection
GameCMS Lite 1.0 - 'systemId' Parameter SQL Injection
CMS Faethon 2.2 Ultimate - (Remote File Inclusion / Cross-Site Scripting) Multiple Remote Vulnerabilities
CMS Faethon 2.2 Ultimate - Remote File Inclusion / Cross-Site Scripting
MusicBox 2.3.7 - (artistId) SQL Injection
RunCMS 1.6.1 - (msg_image) SQL Injection
MusicBox 2.3.7 - 'artistId' Parameter SQL Injection
RunCMS 1.6.1 - 'msg_image' Parameter SQL Injection
vShare YouTube Clone 2.6 - (tid) SQL Injection
vShare YouTube Clone 2.6 - 'tid' Parameter SQL Injection
Cyberfolio 7.12 - (rep) Remote File Inclusion
miniBloggie 1.0 - (del.php) Arbitrary Delete Post
Cyberfolio 7.12 - 'rep' Parameter Remote File Inclusion
miniBloggie 1.0 - 'del.php' Arbitrary Delete Post
SazCart 1.5.1 - (prodid) SQL Injection
SazCart 1.5.1 - 'prodid' Parameter SQL Injection
Phoenix View CMS Pre Alpha2 - (SQL Injection / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Phoenix View CMS Pre Alpha2 - SQL Injection / Local File Inclusion / Cross-Site Scripting
Ktools Photostore 3.5.1 - (gallery.php gid) SQL Injection
Ktools Photostore 3.5.1 - 'gid' Parameter SQL Injection
Joomla! Component com_datsogallery 1.6 - Blind SQL Injection
Joomla! Component Datsogallery 1.6 - Blind SQL Injection
Vortex CMS - 'index.php pageid' Blind SQL Injection
AJ Article 1.0 - (featured_article.php) SQL Injection
AJ Auction 6.2.1 - (classifide_ad.php) SQL Injection
Vortex CMS - 'pageid' Parameter Blind SQL Injection
AJ Article 1.0 - 'featured_article.php' SQL Injection
AJ Auction 6.2.1 - 'classifide_ad.php' SQL Injection
clanlite 2.x - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
ClanLite 2.x - SQL Injection / Cross-Site Scripting
OneCMS 2.5 - (install_mod.php) Local File Inclusion
OneCMS 2.5 - 'install_mod.php' Local File Inclusion
AJ Auction Web 2.0 - (cate_id) SQL Injection
AJ Auction 1.0 - 'id' SQL Injection
AJ Auction Web 2.0 - 'cate_id' Parameter SQL Injection
AJ Auction 1.0 - 'id' Parameter SQL Injection
FipsCMS Light 2.1 - (r) SQL Injection
FipsCMS Light 2.1 - 'r' Parameter SQL Injection
AJ Auction Pro Platinum Skin - 'detail.php item_id' SQL Injection
AJ Auction Pro Platinum Skin - 'item_id' Parameter SQL Injection
AJ Auction Pro Platinum - (seller_id) SQL Injection
AJ Auction Pro Platinum - 'seller_id' Parameter SQL Injection
miniBloggie 1.0 - (del.php) Blind SQL Injection
miniBloggie 1.0 - 'del.php' Blind SQL Injection
AJ Article - 'featured_article.php mode' SQL Injection
AJ ARTICLE - (Authentication Bypass) SQL Injection
AJ Article 1.0 - Authentication Bypass
Cyberfolio 7.12.2 - (css.php theme) Local File Inclusion
Cyberfolio 7.12.2 - 'theme' Parameter Local File Inclusion
AJ ARTICLE - Remote Authentication Bypass
AJ Article 1.0 - Remote Authentication Bypass
MusicBox 2.3.8 - (viewalbums.php artistId) SQL Injection
MusicBox 2.3.8 - 'viewalbums.php' SQL Injection
AJ Auction Pro OOPD 2.3 - 'id' SQL Injection
AJ Auction Pro OOPD 2.3 - 'id' Parameter SQL Injection
BigACE CMS 2.5 - 'Username' SQL Injection
BigACE 2.5 - SQL Injection
ZeusCart 2.3 - 'maincatid' SQL Injection
ZeusCart 2.3 - 'maincatid' Parameter SQL Injection
BigACE CMS 2.6 - (cmd) Local File Inclusion
BigACE 2.6 - 'cmd' Parameter Local File Inclusion
RunCMS 1.6.3 - (double ext) Remote Shell Injection
RunCMS 1.6.3 - Remote Shell Injection
AJ Auction Pro OOPD 2.x - (store.php id) SQL Injection
AJ Auction Pro OOPD 2.x - 'id' Parameter SQL Injection
RunCMS 2m1 - store() SQL Injection
RunCMS 2ma - post.php SQL Injection
RunCMS 2m1 - 'store()' SQL Injection
RunCMS 2ma - 'post.php' SQL Injection
AJ Article - Persistent Cross-Site Scripting
AJ Article 3.0 - Cross-Site Scripting
admidio 2.3.5 - Multiple Vulnerabilities
Admidio 2.3.5 - Multiple Vulnerabilities
RunCMS 1.1/1.2 Newbb_plus and Messages Modules - Multiple SQL Injections
RunCMS 1.1/1.2 Module Newbb_plus/Messages - SQL Injection
MusicBox 2.3 - Type Parameter SQL Injection
MusicBox 2.3 - 'type' Parameter SQL Injection
RunCMS 1.x - Bigshow.php Cross-Site Scripting
RunCMS 1.x - 'Bigshow.php' Cross-Site Scripting
RunCMS 1.2/1.3 - PMLite.php SQL Injection
RunCMS 1.2/1.3 - 'PMLite.php' SQL Injection
RunCMS 1.x - Ratefile.php Cross-Site Scripting
RunCMS 1.x - 'Ratefile.php' Cross-Site Scripting
BigACE CMS 2.7.8 - Cross-Site Request Forgery (Add Admin)
BigACE 2.7.8 - Cross-Site Request Forgery (Add Admin)
MusicBox 2.3 - 'index.php' Multiple Parameter SQL Injection
MusicBox 2.3 - 'index.php' Multiple Parameter Cross-Site Scripting
MusicBox 2.3 - cart.php Multiple Parameter Cross-Site Scripting
MusicBox 2.3 - 'index.php' SQL Injection
MusicBox 2.3 - 'index.php' Cross-Site Scripting
MusicBox 2.3 - 'cart.php' Cross-Site Scripting
MusicBox 2.3.4 - Page Parameter SQL Injection
MusicBox 2.3.4 - 'page' Parameter SQL Injection
MyWebland miniBloggie 1.0 - Fname Remote File Inclusion
miniBloggie 1.0 - 'Fname' Remote File Inclusion
BigACE 1.8.2 - item_main.php GLOBALS Parameter Remote File Inclusion
BigACE 1.8.2 - upload_form.php GLOBALS Parameter Remote File Inclusion
BigACE 1.8.2 - download.cmd.php GLOBALS Parameter Remote File Inclusion
BigACE 1.8.2 - admin.cmd.php GLOBALS Parameter Remote File Inclusion
BigACE 1.8.2 - 'item_main.php' Remote File Inclusion
BigACE 1.8.2 - 'upload_form.php' Remote File Inclusion
BigACE 1.8.2 - 'download.cmd.php' Remote File Inclusion
BigACE 1.8.2 - 'admin.cmd.php' Remote File Inclusion
ClanLite - Config-PHP.php Remote File Inclusion
ClanLite - 'conf-php.php' Remote File Inclusion
FipsCMS 2.1 - PID Parameter SQL Injection
FipsCMS 2.1 - 'pid' Parameter SQL Injection
RunCMS 1.6.1 - votepolls.php bbPath[path] Parameter Remote File Inclusion
RunCMS 1.6.1 - config.php bbPath[root_theme] Parameter Remote File Inclusion
RunCMS 1.6.1 - 'bbPath[path]' Parameter Remote File Inclusion
RunCMS 1.6.1 - 'bbPath[root_theme]' Parameter Remote File Inclusion
FipsCMS 2.1 - 'forum/neu.asp' SQL Injection
FipsCMS 2.1 - 'neu.asp' SQL Injection
OneCMS 2.6.1 - admin/admin.php cat Parameter Cross-Site Scripting
OneCMS 2.6.1 - search.php search Parameter SQL Injection
OneCMS 2.6.1 - admin/admin.php Short1 Parameter Cross-Site Scripting
OneCMS 2.6.1 - 'cat' Parameter Cross-Site Scripting
OneCMS 2.6.1 - 'search' Parameter SQL Injection
OneCMS 2.6.1 - 'short1' Parameter Cross-Site Scripting
RunCMS 'partners' Module - 'id' Parameter SQL Injection
RunCMS Module Partners - 'id' Parameter SQL Injection
Zeuscart v.4 - Multiple Vulnerabilities
Zeuscart 4.0 - Multiple Vulnerabilities
BigACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal
BigACE 2.7.5 - 'LANGUAGE' Parameter Directory Traversal
Tenda/Dlink/Tplink TD-W8961ND - 'DHCP' Cross-Site Scripting
Red Hat JBoss EAP - Deserialization of Untrusted Data
|
2016-11-29 05:01:20 +00:00 |
|
Offensive Security
|
32fc589910
|
DB: 2016-11-23
8 new exploits
xine-lib 1.1.12 - NSF demuxer Stack Overflow (PoC)
Xine-Lib 1.1.12 - NSF demuxer Stack Overflow (PoC)
3Com OfficeConnect Routers - Denial of Service (Content-Type)
3Com OfficeConnect Routers - (Content-Type) Denial of Service
xine-lib 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow
Xine-Lib 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow
World Of Warcraft 3.3.5a (macros-cache.txt) - Stack Overflow
World Of Warcraft 3.3.5a - 'macros-cache.txt' Stack Overflow
Divx Player - Denial of Service
Divx Player 6.8.2 - Denial of Service
Microsoft Word (Win/Mac) - Crash (PoC)
Microsoft Word (Windows/OSX) - Crash (PoC)
TP-LINK TDDP - Multiple Vulnerabilities
Microsoft Internet Explorer 8 MSHTML - 'Ptls5::LsFindSpanVisualBoundaries' Memory Corruption
Office 2008 sp0 - RTF pFragments MAC Exploit
Microsoft Office 2008 SP0 (Mac) - RTF pFragments Exploit
Huawei UTPS - Unquoted Service Path Privilege Escalation
xine-lib 1.1 - (media player library) Remote Format String
Xine-Lib 1.1 - (media player library) Remote Format String
Office Viewer ActiveX Control 3.0.1 - (Save) Remote File Overwrite
Office Viewer ActiveX Control 3.0.1 - 'Save' Remote File Overwrite
3Com OfficeConnect Secure Router 1.04-168 - Tk Parameter Cross-Site Scripting
3Com OfficeConnect Secure Router 1.04-168 - 'Tk' Parameter Cross-Site Scripting
xine-lib - Multiple Heap Based Remote Buffer Overflow Vulnerabilities
Xine-Lib 1.1.11 - Multiple Heap Based Remote Buffer Overflow Vulnerabilities
Crestron AM-100 - Multiple Vulnerabilities
Linux/x86-64 - /bin/sh -c reboot Shellcode (89 bytes)
Simple Machines Forum 1.0.4 - (modify) SQL Injection
Simple Machines Forum (SMF) 1.0.4 - 'modify' SQL Injection
PHP-Fusion 6.00.109 - (msg_send) SQL Injection
PHP-Fusion 6.00.109 - 'msg_send' Parameter SQL Injection
PHP-Fusion 6.00.3 - (rating) Parameter SQL Injection
PHP-Fusion 6.00.3 - 'rating' Parameter SQL Injection
PHP-Fusion 6.00.306 - (srch_where) SQL Injection
PHP-Fusion 6.00.306 - 'srch_where' Parameter SQL Injection
Simple Machines Forum 1.1 rc2 (Windows) - (lngfile) Remote Exploit
Simple Machines Forum (SMF) 1.1 rc2 (Windows) - 'lngfile' Remote Exploit
Simple Machines Forum 1.1 rc2 - Lock Topics Remote Exploit
Simple Machines Forum (SMF) 1.1 rc2 - Lock Topics Remote Exploit
AllMyGuests 0.4.1 - (cfg_serverpath) Remote File Inclusion
AllMyGuests 0.4.1 - 'cfg_serverpath' Parameter Remote File Inclusion
Virtual Law Office - (phpc_root_path) Remote File Inclusion
Virtual Law Office - 'phpc_root_path' Remote File Inclusion
AllMyGuests 0.3.0 - (AMG_serverpath) Remote File Inclusion
AllMyGuests 0.3.0 - 'AMG_serverpath' Parameter Remote File Inclusion
Simple Machines Forum 1.1.3 - Blind SQL Injection
Simple Machines Forum (SMF) 1.1.3 - Blind SQL Injection
BosClassifieds 3.0 - (index.php cat) SQL Injection
BosNews 4.0 - (article) SQL Injection
BosClassifieds 3.0 - 'index.php' SQL Injection
BosNews 4.0 - 'article' Parameter SQL Injection
Classifieds Caffe - 'index.php cat_id' SQL Injection
Classifieds Caffe - 'cat_id' Parameter SQL Injection
carbon communities 2.4 - Multiple Vulnerabilities
XplodPHP AutoTutorials 2.1 - 'id' SQL Injection
Carbon Communities 2.4 - Multiple Vulnerabilities
XplodPHP AutoTutorials 2.1 - 'id' Parameter SQL Injection
Grape Statistics 0.2a - (location) Remote File Inclusion
5th Avenue Shopping Cart - 'category_id' SQL Injection
Grape Statistics 0.2a - 'location' Parameter Remote File Inclusion
5th Avenue Shopping Cart - 'category_id' Parameter SQL Injection
PhShoutBox 1.5 - (final) Insecure Cookie Handling
Simple Customer 1.2 - (contact.php id) SQL Injection
AllMyGuests 0.4.1 - (AMG_id) SQL Injection
PhShoutBox 1.5 - Insecure Cookie Handling
Simple Customer 1.2 - 'contact.php' SQL Injection
AllMyGuests 0.4.1 - 'AMG_id' Parameter SQL Injection
Simple Machines Forum 1.1.4 - SQL Injection
Simple Machines Forum (SMF) 1.1.4 - SQL Injection
virtual support office-xp 3.0.29 - Multiple Vulnerabilities
Virtual Support Office XP 3.0.29 - Multiple Vulnerabilities
PHP-Fusion Mod Classifieds - (lid) SQL Injection
PHP-Fusion Mod Classifieds - 'lid' Parameter SQL Injection
Simple Machines Forum 1.1.5 (Windows x86) - Admin Reset Password Exploit
Simple Machines Forum (SMF) 1.1.5 (Windows x86) - Admin Reset Password Exploit
PHP-Fusion Mod freshlinks - (linkid) SQL Injection
PHP-Fusion Mod freshlinks - 'linkid' Parameter SQL Injection
PHP-Fusion Mod manuals - (manual) SQL Injection
PHP-Fusion Mod manuals - 'manual' Parameter SQL Injection
PHP-Fusion Mod triscoop_race_system - (raceid) SQL Injection
PHP-Fusion Mod triscoop_race_system - 'raceid' Parameter SQL Injection
BosDev BosClassifieds - 'cat_id' SQL Injection
BosClassifieds - 'cat_id' SQL Injection
Simple Machines Forum 1.1.6 - (Local File Inclusion) Code Execution
Simple Machines Forum (SMF) 1.1.6 - (Local File Inclusion) Code Execution
PHP-Fusion 7.00.1 - (messages.php) SQL Injection
PHP-Fusion 7.00.1 - 'messages.php' SQL Injection
Check New 4.52 - (findoffice.php search) SQL Injection
Check New 4.52 - 'findoffice.php search' SQL Injection
PHP-Fusion Mod E-Cart 1.3 - (items.php CA) SQL Injection
PHP-Fusion Mod E-Cart 1.3 - 'items.php' SQL Injection
PHP-Fusion Mod the_kroax (comment_id) - SQL Injection
PHP-Fusion Mod the_kroax - 'comment_id' Parameter SQL Injection
Simple Machines Forum 1.1.7 - Cross-Site Request Forgery / Cross-Site Scripting / Package Upload
Simple Machines Forum (SMF) 1.1.7 - Cross-Site Request Forgery / Cross-Site Scripting / Package Upload
Simple Machines Forums - (BBCode) Cookie Stealing
Simple Machines Forum (SMF) - 'BBCode' Cookie Stealing
PHP-Fusion Mod Book Panel - (bookid) SQL Injection
PHP-Fusion Mod Book Panel - 'bookid' Parameter SQL Injection
PHP-Fusion Mod Book Panel - (course_id) SQL Injection
PHP-Fusion Mod Book Panel - 'course_id' Parameter SQL Injection
Opencart 1.1.8 - (route) Local File Inclusion
Opencart 1.1.8 - 'route' Local File Inclusion
exjune officer message system 1 - Multiple Vulnerabilities
Exjune Officer Message System 1 - Multiple Vulnerabilities
Simple Machines Forum - Multiple Security Vulnerabilities
Simple Machines Forum (SMF) - Multiple Security Vulnerabilities
PHP-Fusion 6.01.15.4 - (downloads.php) SQL Injection
PHP-Fusion 6.01.15.4 - 'downloads.php' SQL Injection
Simple Machines Forum (SMF) 1.1.8 - (avatar) Remote PHP File Execute (PoC)
Simple Machines Forum (SMF) 1.1.8 - 'avatar' Remote PHP File Execute (PoC)
PHP-fusion dsmsf - (module downloads) SQL Injection
PHP-fusion dsmsf Mod Downloads - SQL Injection
Group Office - (comment_id) SQL Injection
Group Office - 'comment_id' SQL Injection
PHP-Fusion MG - User-Fotoalbum SQL Injection
PHP-Fusion Mod Mg User Fotoalbum 1.0.1 - SQL Injection
Simple Machines forum (SMF) 2.0 - session Hijacking
Simple Machines Forum (SMF) 2.0 - Session Hijacking
AllMyGuests 0.x - info.inc.php Arbitrary Code Execution
AllMyGuests 0.x - 'info.inc.php' Arbitrary Code Execution
Simple Machines Forum 1.0 - Size Tag HTML Injection
Simple Machines Forum (SMF) 1.0 - Size Tag HTML Injection
OpenCart 1.5.5.1 - (FileManager.php) Directory Traversal Arbitrary File Access
OpenCart 1.5.5.1 - 'FileManager.php' Directory Traversal Arbitrary File Access
PHP-Fusion 4.0 - Viewthread.php Information Disclosure
PHP-Fusion 4.0 - 'Viewthread.php' Information Disclosure
PHP-Fusion 4/5 - Setuser.php HTML Injection
PHP-Fusion 4/5 - 'Setuser.php' HTML Injection
PHP-Fusion 4.0/5.0/6.0 - messages.php SQL Injection
PHP-Fusion 4.0/5.0/6.0 - 'messages.php' SQL Injection
PHP-Fusion 6.0.109 - messages.php SQL Injection
PHP-Fusion 6.0.109 - 'messages.php' SQL Injection
PHP-Fusion 6.0 - members.php Cross-Site Scripting
PHP-Fusion 6.0 - 'members.php' Cross-Site Scripting
PHP-Fusion 6.0.x - news.php SQL Injection
PHP-Fusion 6.0.x - 'news.php' SQL Injection
Simple Machines Forum 1.0/1.1 - 'index.php' Cross-Site Scripting
Simple Machines Forum (SMF) 1.0/1.1 - 'index.php' Cross-Site Scripting
PHP-Fusion 6.1.5 - Calendar_Panel Module Show_Event.php SQL Injection
PHP-Fusion 6.1.5 Mod Calendar_Panel - 'Show_Event.php' SQL Injection
Simple Machines Forum 1.1.4 - Multiple Remote File Inclusion
Simple Machines Forum (SMF) 1.1.4 - Multiple Remote File Inclusion
Simple Machines Forum 1.1.6 - HTTP POST Request Filter Security Bypass
Simple Machines Forum (SMF) 1.1.6 - HTTP POST Request Filter Security Bypass
OpenCart 1.5.6.1 - (openbay) Multiple SQL Injection
OpenCart 1.5.6.1 - 'openbay' Multiple SQL Injection
Simple Machines Forum 1.1.7 - '[url]' Tag HTML Injection
Simple Machines Forum (SMF) 1.1.7 - '[url]' Tag HTML Injection
PHP-Fusion - 'articles.php' Cross-Site Scripting
AppFusions Doxygen for Atlassian Confluence 1.3.2 - Cross-Site Scripting
Simple Machines Forum 1.1.14/2.0 - '[img]' BBCode Tag Cross-Site Request Forgery
Simple Machines Forum (SMF) 1.1.14/2.0 - '[img]' BBCode Tag Cross-Site Request Forgery
Simple Machines Forum 1.1.15 - 'fckeditor' Arbitrary File Upload
Simple Machines Forum (SMF) 1.1.15 - 'fckeditor' Arbitrary File Upload
WordPress Plugin Dharma booking 2.38.3 - File Inclusion
WordPress Plugin Dharma Booking 2.38.3 - File Inclusion
EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery / Remote Command Execution
SAP NetWeaver AS JAVA - 'BC-BMT-BPM-DSK' XML External Entity Injection
|
2016-11-23 05:01:19 +00:00 |
|
Offensive Security
|
dab1517032
|
DB: 2016-11-22
13 new exploits
Borland Interbase 2007 - ibserver.exe Buffer Overflow (PoC)
Borland Interbase 2007 - 'ibserver.exe' Buffer Overflow (PoC)
Linux Kernel (Ubuntu / RedHat) - 'keyctl' Null Pointer Dereference
Linux Kernel 4.8.0-22 / 3.10.0-327 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference
Microsoft Edge Scripting Engine - Memory Corruption (MS16-129)
Microsoft Edge - 'CTextExtractor::GetBlockText' Out-of-Bounds Read (MS16-104)
Microsoft Internet Explorer 8 jscript - 'RegExpBase::FBadHeader' Use-After-Free (MS15-018)
NTP 4.2.8p8 - Denial of Service
Tumbleweed SecureTransport FileTransfer - ActiveX Buffer Overflow
Tumbleweed SecureTransport 4.6.1 FileTransfer - ActiveX Buffer Overflow
Borland Interbase 2007 - PWD_db_aliased Buffer Overflow (Metasploit)
Borland Interbase 2007 - 'PWD_db_aliased' Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 SP2 - open_marker_file Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 sp2 - jrd8_create_database Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 SP2 - INET_connect Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 SP2 - 'open_marker_file' Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 sp2 - 'jrd8_create_database' Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 SP2 - 'INET_connect' Buffer Overflow (Metasploit)
Borland Interbase - isc_create_database() Buffer Overflow (Metasploit)
Borland Interbase - 'isc_create_database()' Buffer Overflow (Metasploit)
Borland Interbase - isc_attach_database() Buffer Overflow (Metasploit)
Borland Interbase - 'isc_attach_database()' Buffer Overflow (Metasploit)
Borland Interbase - SVC_attach() Buffer Overflow (Metasploit)
Borland Interbase - 'SVC_attach()' Buffer Overflow (Metasploit)
Borland Interbase - Create-Request Buffer Overflow (Metasploit)
Borland Interbase - 'Create-Request' Buffer Overflow (Metasploit)
Borland Interbase - PWD_db_aliased() Buffer Overflow (Metasploit)
Borland Interbase - open_marker_file() Buffer Overflow (Metasploit)
Borland Interbase - 'PWD_db_aliased()' Buffer Overflow (Metasploit)
Borland Interbase - 'open_marker_file()' Buffer Overflow (Metasploit)
Borland Interbase - jrd8_create_database() Buffer Overflow (Metasploit)
Borland Interbase - INET_connect() Buffer Overflow (Metasploit)
Borland Interbase - 'jrd8_create_database()' Buffer Overflow (Metasploit)
Borland Interbase - 'INET_connect()' Buffer Overflow (Metasploit)
Dlink DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit)
phpunity.postcard - (gallery_path) Remote File Inclusion
phpunity.postcard - 'gallery_path' Parameter Remote File Inclusion
CcMail 1.0.1 - (update.php functions_dir) Remote File Inclusion
CcMail 1.0.1 - 'functions_dir' Parameter Remote File Inclusion
1024 CMS 0.7 - (download.php item) Remote File Disclosure
1024 CMS 0.7 - 'download.php' Remote File Disclosure
cpCommerce 1.1.0 - (category.php id_category) SQL Injection
CPCommerce 1.1.0 - 'id_category' Parameter SQL Injection
1024 CMS 1.3.1 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
1024 CMS 1.3.1 - Local File Inclusion / SQL Injection
Mole 2.1.0 - (viewsource.php) Remote File Disclosure
ChartDirector 4.1 - (viewsource.php) File Disclosure
724CMS 4.01 Enterprise - (index.php ID) SQL Injection
My Gaming Ladder 7.5 - (ladderid) SQL Injection
Mole 2.1.0 - 'viewsource.php' Remote File Disclosure
ChartDirector 4.1 - 'viewsource.php' File Disclosure
724CMS 4.01 Enterprise - 'index.php' SQL Injection
My Gaming Ladder 7.5 - 'ladderid' Parameter SQL Injection
exbb 0.22 - (Local File Inclusion / Remote File Inclusion) Multiple Vulnerabilities
Pligg CMS 9.9.0 - (editlink.php id) SQL Injection
ExBB 0.22 - Local / Remote File Inclusion
Pligg CMS 9.9.0 - 'editlink.php' SQL Injection
Prediction Football 1.x - (matchid) SQL Injection
Prediction Football 1.x - 'matchid' Parameter SQL Injection
Free Photo Gallery Site Script - (path) File Disclosure
Free Photo Gallery Site Script - 'path' Parameter File Disclosure
LiveCart 1.1.1 - (category id) Blind SQL Injection
Ksemail - 'index.php language' Local File Inclusion
LiveCart 1.1.1 - 'id' Parameter Blind SQL Injection
Ksemail - Local File Inclusion
RX Maxsoft - 'popup_img.php fotoID' SQL Injection
PHPKB Knowledge Base Software 1.5 - 'ID' SQL Injection
RX Maxsoft - 'fotoID' Parameter SQL Injection
PHPKB Knowledge Base Software 1.5 - 'ID' Parameter SQL Injection
Pollbooth 2.0 - (pollID) SQL Injection
cpcommerce 1.1.0 - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities
Pollbooth 2.0 - 'pollID' Parameter SQL Injection
CPCommerce 1.1.0 - Cross-Site Scripting / Local File Inclusion
SmallBiz eShop - (content_id) SQL Injection
SmallBiz eShop - 'content_id' Parameter SQL Injection
lightneasy sqlite / no database 1.2.2 - Multiple Vulnerabilities
LightNEasy sqlite / no database 1.2.2 - Multiple Vulnerabilities
PostcardMentor - 'step1.asp cat_fldAuto' SQL Injection
PostcardMentor - 'cat_fldAuto' Parameter SQL Injection
Pligg CMS 9.9.0 - (story.php id) SQL Injection
Pligg CMS 9.9.0 - 'story.php' SQL Injection
LokiCMS 0.3.4 - writeconfig() Remote Command Execution
LokiCMS 0.3.4 - 'writeconfig()' Remote Command Execution
cpCommerce 1.2.6 - (URL Rewrite) Input Variable Overwrite / Authentication Bypass
CPCommerce 1.2.6 - (URL Rewrite) Input Variable Overwrite / Authentication Bypass
cpCommerce 1.2.8 - (id_document) Blind SQL Injection
CPCommerce 1.2.8 - 'id_document' Parameter Blind SQL Injection
cpCommerce 1.2.x - GLOBALS[prefix] Arbitrary File Inclusion
CPCommerce 1.2.x - 'GLOBALS[prefix]' Arbitrary File Inclusion
ChartDirector 5.0.1 - (cacheId) Arbitrary File Disclosure
ChartDirector 5.0.1 - 'cacheId' Parameter Arbitrary File Disclosure
Pligg CMS 1.0.4 - (story.php?id) SQL Injection
Pligg CMS 1.0.4 - 'story.php' SQL Injection
724CMS 4.59 Enterprise - SQL Injection
724CMS Enterprise 4.59 - SQL Injection
lightneasy 3.2.2 - Multiple Vulnerabilities
LightNEasy 3.2.2 - Multiple Vulnerabilities
My Postcards 6.0 - MagicCard.cgi Arbitrary File Disclosure
My Postcards 6.0 - 'MagicCard.cgi' Arbitrary File Disclosure
Mambo Open Source 4.0.14 - PollBooth.php Multiple SQL Injection
Mambo Open Source 4.0.14 - 'PollBooth.php' Multiple SQL Injection
PhotoKorn 1.53/1.54 - postcard.php id Parameter SQL Injection
PhotoKorn 1.53/1.54 - 'id' Parameter SQL Injection
CPCommerce 1.1 - Manufacturer.php SQL Injection
CPCommerce 1.1 - 'manufacturer.php' SQL Injection
LiveCart 1.0.1 - user/remindPassword return Parameter Cross-Site Scripting
LiveCart 1.0.1 - category q Parameter Cross-Site Scripting
LiveCart 1.0.1 - order return Parameter Cross-Site Scripting
LiveCart 1.0.1 - user/remindComplete email Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'q' Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'email' Parameter Cross-Site Scripting
Pligg CMS 1.x - module.php Multiple Parameter Cross-Site Scripting
Pligg CMS 1.x - 'module.php' Multiple Parameter Cross-Site Scripting
Pligg CMS 2.0.2 - (load_data_for_search.php) SQL Injection
Pligg CMS 2.0.2 - 'load_data_for_search.php' SQL Injection
CMS Made Simple 2.1.5 - Cross-Site Scripting
Atlassian Confluence AppFusions Doxygen 1.3.0 - Directory Traversal
WordPress Plugin Instagram Feed 1.4.6.2 - Cross-Site Request Forgery
Mezzanine 4.2.0 - Cross-Site Scripting
LEPTON 2.2.2 - SQL Injection
LEPTON 2.2.2 - Remote Code Execution
FUDforum 3.0.6 - Cross-Site Scripting / Cross-Site Request Forgery
FUDforum 3.0.6 - Local File Inclusion
Wordpress Plugin Olimometer 2.56 - SQL Injection
|
2016-11-22 05:01:18 +00:00 |
|
Offensive Security
|
557f116d02
|
DB: 2016-10-19
8 new exploits
TikiWiki 1.9 Sirius - (jhot.php) Remote Command Execution
TikiWiki 1.9 Sirius - 'jhot.php' Remote Command Execution
TikiWiki 1.9.5 Sirius - (sort_mode) Information Disclosure
TikiWiki 1.9.5 Sirius - 'sort_mode' Information Disclosure
TikiWiki 1.9.8 - tiki-graph_formula.php Command Execution
TikiWiki 1.9.8 - 'tiki-graph_formula.php' Command Execution
TikiWiki < 1.9.9 - tiki-listmovies.php Directory Traversal
TikiWiki < 1.9.9 - 'tiki-listmovies.php' Directory Traversal
TikiWiki Project 1.8 - tiki-switch_theme.php theme Parameter Cross-Site Scripting
TikiWiki Project 1.8 - img/wiki_up Arbitrary File Upload
TikiWiki Project 1.8 - tiki-map.phtml Traversal Arbitrary File / Directory Enumeration
TikiWiki Project 1.8 - 'tiki-switch_theme.php' theme Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'img/wiki_up' Arbitrary File Upload
TikiWiki Project 1.8 - 'tiki-map.phtml' Traversal Arbitrary File / Directory Enumeration
TikiWiki Project 1.8 - categorize.php Direct Request Full Path Disclosure
TikiWiki Project 1.8 - messu-mailbox.php Multiple Parameter Cross-Site Scripting
TikiWiki Project 1.8 - messu-read.php Multiple Parameter Cross-Site Scripting
TikiWiki Project 1.8 - tiki-read_article.php articleId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - tiki-browse_categories.php parentId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - tiki-index.php comments_threshold Parameter Cross-Site Scripting
TikiWiki Project 1.8 - tiki-print_article.php articleId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - tiki-list_file_gallery.php galleryID Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'categorize.php' Direct Request Full Path Disclosure
TikiWiki Project 1.8 - 'messu-mailbox.php' Multiple Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'messu-read.php' Multiple Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'tiki-read_article.php' articleId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'tiki-browse_categories.php' parentId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'tiki-index.php' comments_threshold Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'tiki-print_article.php' articleId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'tiki-list_file_gallery.php' galleryID Parameter Cross-Site Scripting
TikiWiki Project 1.8 - tiki-upload_file.php galleryID Parameter Cross-Site Scripting
TikiWiki Project 1.8 - tiki-view_faq.php faqId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - tiki-view_chart.php chartId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - tiki-usermenu.php sort_mode Parameter SQL Injection
TikiWiki Project 1.8 - tiki-list_file_gallery.php sort_mode Parameter SQL Injection
TikiWiki Project 1.8 - 'tiki-upload_file.php' galleryID Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'tiki-view_faq.php' faqId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'tiki-view_chart.php' chartId Parameter Cross-Site Scripting
TikiWiki Project 1.8 - 'tiki-usermenu.php' sort_mode Parameter SQL Injection
TikiWiki Project 1.8 - 'tiki-list_file_gallery.php' sort_mode Parameter SQL Injection
Symantec pcAnywhere 12.5.0 Windows (x86) - Remote Code Execution
Symantec pcAnywhere 12.5.0 (Windows x86) - Remote Code Execution
Microsoft Windows (x86) - 'afd.sys' Privilege Escalation (MS11-046)
Pluck CMS 4.7.3 - Cross-Site Request Forgery (Add Page)
LanSpy 2.0.0.155 - Local Buffer Overflow
ManageEngine ServiceDesk Plus 9.2 Build 9207 - Unauthorized Information Disclosure
Cgiemail 1.6 - Source Code Disclosure
Windows DFS Client Driver - Arbitrary Drive Mapping Privilege Escalation (MS16-123)
Windows DeviceApi CMApi PiCMOpenDeviceKey - Arbitrary Registry Key Write Privilege Escalation (MS16-124)
Windows DeviceApi CMApi - User Hive Impersonation Privilege Escalation (MS16-124)
|
2016-10-19 05:01:18 +00:00 |
|
Offensive Security
|
d86bdf5f80
|
DB: 2016-09-29
2 new exploits
Symantec Messaging Gateway 10.6.1 - Directory Traversal
VLC Media Player 2.2.1 - Buffer Overflow
|
2016-09-29 05:01:16 +00:00 |
|
Offensive Security
|
c663f43049
|
DB: 2016-09-18
|
2016-09-18 05:06:48 +00:00 |
|
Offensive Security
|
751e61a6bf
|
DB: 2016-09-16
3 new exploits
Avaya IP Office Phone Manager - Local Password Disclosure
BT Voyager 2091 (Wireless ADSL) - Multiple Vulnerabilities
PA168 Chipset IP Phones - Weak Session Management Exploit
CUPS 1.3.7 - Cross-Site Request Forgery (add rss subscription) Remote Crash
phpMyAdmin - '/scripts/setup.php' PHP Code Injection
NScan 0.9.1 - (Target) Buffer Overflow
NScan 0.9.1 - 'Target' Buffer Overflow
Xerox WorkCentre - Multiple Models Denial of Service
Xerox WorkCentre (Multiple Models) - Denial of Service
Cisco EPC 3925 - Multiple Vulnerabilities
httpdx 1.4 - h_handlepeer Buffer Overflow (Metasploit)
Novell eDirectory 8.8sp5 - Buffer Overflow
Uebimiau Webmail 3.2.0-2.0 - Email Disclosure
ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x32/x64) - LZH archive parsing (PoC)
Integard Home and Pro 2 - Remote HTTP Buffer Overflow
Multiple D-Link Router Models - Authentication Bypass
D-Link Router (Multiple Models) - Authentication Bypass
iSO Air Files 2.6 - Directory Traversal
iOS FtpDisc 1.0 - Directory Traversal
iOS SideBooks 1.0 - Directory Traversal
iOS FtpDisc 1.0 - Directory Traversal
iOS SideBooks 1.0 - Directory Traversal
iSO Filer Lite 2.1.0 - Directory Traversal
iOS iDocManager 1.0.0 - Directory Traversal
iOS myDBLite 1.1.10 - Directory Traversal
iSO Filer Lite 2.1.0 - Directory Traversal
iOS iDocManager 1.0.0 - Directory Traversal
iOS myDBLite 1.1.10 - Directory Traversal
iOS Share 1.0 - Directory Traversal
iOS TIOD 1.3.3 - Directory Traversal
Zapya Desktop 1.803 - (ZapyaService.exe) Privilege Escalation
Zapya Desktop 1.803 - 'ZapyaService.exe' Privilege Escalation
Dansie Shopping Cart - Server Error Message Installation Full Path Disclosure
Apache/mod_ssl 2.0.x - Remote Denial of Service
SPIP - CMS < 3.0.9 / 2.1.22 / 2.0.23 - Privilege Escalation
Airlive IP Cameras - Multiple Vulnerabilities
Monkey CMS - Multiple Vulnerabilities
NetBSD mail.local - Privilege Escalation (Metasploit)
Apache Mina 2.0.13 - Remote Command Execution
Apache Mina 2.0.13 - Remote Command Execution
DeepOfix SMTP Server 3.3 - Authentication Bypass
xEpan 1.0.4 - Multiple Vulnerabilities
Humhub 0.10.0-rc.1 - SQL Injection
Humhub 0.10.0-rc.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities
Humhub 0.10.0-rc.1 - SQL Injection
Humhub 0.10.0-rc.1 - Multiple Persistent Cross-Site Scripting Vulnerabilities
Dell iDRAC IPMI 1.5 - Insufficient Session ID Randomness
Koha 3.20.1 - Multiple SQL Injections
Koha 3.20.1 - Directory Traversal
Koha 3.20.1 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities
Koha 3.20.1 - Multiple SQL Injections
Koha 3.20.1 - Directory Traversal
Koha 3.20.1 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities
8 TOTOLINK Router Models - Backdoor and Remote Code Execution
8 TOTOLINK Router Models - Backdoor / Remote Code Execution
Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow
TestLink 1.9.14 - Cross-Site Request Forgery
PaKnPost Pro 1.14 - Multiple Vulnerabilities
zFTP Client 20061220 - (Connection Name) Local Buffer Overflow
zFTP Client 20061220 - 'Connection Name' Local Buffer Overflow
NUUO NVRmini 2 3.0.8 - (strong_user.php) Backdoor Remote Shell Access
NUUO NVRmini 2 3.0.8 - 'strong_user.php' Backdoor Remote Shell Access
Cisco ASA 8.x - Authentication Bypass (EXTRABACON)
Cisco ASA 8.x - 'EXTRABACON' Authentication Bypass
Watchguard Firewalls - ifconfig Privilege Escalation (ESCALATEPLOWMAN)
Cisco ASA / PIX - Privilege Escalation (EPICBANANA)
TOPSEC Firewalls - Remote Code Execution (ELIGIBLECONTESTANT)
TOPSEC Firewalls - Remote Code Execution (ELIGIBLECANDIDATE)
TOPSEC Firewalls - Remote Code Execution (ELIGIBLEBOMBSHELL)
TOPSEC Firewalls - Remote Exploit (ELIGIBLEBACHELOR)
Fortigate Firewalls - Remote Code Execution (EGREGIOUSBLUNDER)
Watchguard Firewalls - 'ESCALATEPLOWMAN' ifconfig Privilege Escalation
Cisco ASA / PIX - 'EPICBANANA' Privilege Escalation
TOPSEC Firewalls - 'ELIGIBLECONTESTANT' Remote Code Execution
TOPSEC Firewalls - 'ELIGIBLECANDIDATE' Remote Code Execution
TOPSEC Firewalls - 'ELIGIBLEBOMBSHELL' Remote Code Execution
TOPSEC Firewalls - 'ELIGIBLEBACHELOR' Remote Exploit
Fortigate Firewalls - 'EGREGIOUSBLUNDER' Remote Code Execution
tcPbX - (tcpbx_lang) Local File Inclusion
tcPbX - 'tcpbx_lang' Local File Inclusion
|
2016-09-16 05:08:37 +00:00 |
|
Offensive Security
|
5e2fc10125
|
DB: 2016-09-03
|
2016-09-03 13:13:25 +00:00 |
|
Offensive Security
|
31a21bb68d
|
DB: 2016-09-03
14 new exploits
Too many to list!
|
2016-09-03 05:08:42 +00:00 |
|
Offensive Security
|
0be2139745
|
DB: 2016-08-23
7 new exploits
Too many to list!
|
2016-08-23 05:06:48 +00:00 |
|
Offensive Security
|
27bb5a6384
|
DB: 2016-08-12
1 new exploits
WordPress Multiple Versions - Pwnpress Exploitation Tookit (0.2pub)
WordPress Core 1.5.1.1 <= 2.2.2 - Multiple Vulnerabilities
WordPress and Pyrmont 2.x - SQL Injection
WordPress Pyrmont 2.x Plugin - SQL Injection
WordPress Copperleaf Photolog 0.16 - SQL injection
WordPress Copperleaf Photolog 0.16 Plugin - SQL injection
WordPress 3.3.1 - Multiple Vulnerabilities
WordPress Core 3.3.1 - Multiple Vulnerabilities
WordPress 2.x - PHP_Self Cross-Site Scripting
WordPress Core 2.x - PHP_Self Cross-Site Scripting
WordPress 2.2 - Request_URI Parameter Cross-Site Scripting
WordPress Core 2.2 - Request_URI Parameter Cross-Site Scripting
WordPress MailPoet - (wysija-newsletters) Unauthenticated File Upload
WordPress MailPoet Newsletters 2.6.8 Plugin - (wysija-newsletters) Unauthenticated File Upload
Drupal Core 7.32 - SQL Injection (1)
Drupal Core 7.0 <= 7.31 - SQL Injection (SA-CORE-2014-005) (1)
Drupal Core 7.32 - SQL Injection (2)
Drupal Core 7.0 <= 7.31 - SQL Injection (SA-CORE-2014-005) (2)
Drupal < 7.32 Pre Auth SQL Injection
Drupal Core < 7.32 - Pre Auth SQL Injection
Live Wire 2.3.1 For WordPress - Multiple Security Vulnerabilities
Wordpress Live Wire 2.3.1 Theme - Multiple Security Vulnerabilities
The Gazette Edition 2.9.4 For WordPress - Multiple Security Vulnerabilities
WordPress The Gazette Edition 2.9.4 Theme - Multiple Security Vulnerabilities
WordPress Webdorado Spider Event Calendar 1.4.9 - SQL Injection
WordPress Webdorado Spider Event Calendar 1.4.9 Plugin - SQL Injection
WordPress Trending 0.1 - 'cpage' Parameter Cross-Site Scripting
WordPress Trending 0.1 Theme - 'cpage' Parameter Cross-Site Scripting
WordPress WPML - Multiple Vulnerabilities
WordPress WPML 3.1.9 Plugin - Multiple Vulnerabilities
WordPress 4.2 - Stored XSS
WordPress Core 4.2 - Stored XSS
WordPress RevSlider File Upload and Execute
WordPress RevSlider 3.0.95 Plugin - File Upload and Execute
WordPress MailChimp Subscribe Forms 1.1 Remote Code Execution
WordPress MailChimp Subscribe Forms 1.1 - Remote Code Execution
WordPress Track That Stat 1.0.8 Cross-Site Scripting
WordPress Track That Stat 1.0.8 - Cross-Site Scripting
WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta Shell Upload
WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta - Shell Upload
WordPress Wp-ImageZoom 'file' Parameter Remote File Disclosure
WordPress Wp-ImageZoom - 'file' Parameter Remote File Disclosure
WordPress Flip Book 'php.php' Arbitrary File Upload
WordPress Flip Book - 'php.php' Arbitrary File Upload
WordPress PHPFreeChat 'url' Parameter Cross-Site Scripting
WordPress PHPFreeChat - 'url' Parameter Cross-Site Scripting
WordPress Finder 'order' Parameter Cross-Site Scripting
WordPress Finder - 'order' Parameter Cross-Site Scripting
WordPress Multiple Path Dislosure Vulnerabilities
WordPress Core 3.4.2 - Multiple Path Dislosure Vulnerabilities
WordPress Video Gallery 2.7 SQL Injection
WordPress Video Gallery 2.7 - SQL Injection
WordPress Cross Site Request Forgery
WordPress - Cross Site Request Forgery
WordPress CStar Design 'id' Parameter SQL Injection
WordPress CStar Design Theme - 'id' Parameter SQL Injection
WordPress White-Label Framework 2.0.6 - XSS
WordPress White-Label Framework 2.0.6 Theme - XSS
WordPress NextGEN Gallery 'upload.php' Arbitrary File Upload
WordPress NextGEN Gallery - 'upload.php' Arbitrary File Upload
WordPress Xorbin Digital Flash Clock 'widgetUrl' Parameter Cross-Site Scripting
WordPress Xorbin Digital Flash Clock - 'widgetUrl' Parameter Cross-Site Scripting
WordPress Lead Octopus Power 'id' Parameter SQL Injection
WordPress Lead Octopus Power - 'id' Parameter SQL Injection
WordPress Booking Calendar Contact Form 1.1.24 - Multiple Vulnerabilities
WordPress Booking Calendar Contact Form 1.1.24 - addslashes SQL Injection
WordPress Booking Calendar Contact Form 1.1.24 Plugin - Multiple Vulnerabilities
WordPress Booking Calendar Contact Form 1.1.24 Plugin - addslashes SQL Injection
Wordpress Ultimate Product Catalog 3.9.8 - (do_shortcode via ajax) Blind SQL Injection
Wordpress Ultimate Product Catalog 3.9.8 Plugin - (do_shortcode via ajax) Blind SQL Injection
Wireshark 1.12.0 - 1.12.12 - NDS Dissector Denial of Service
Wireshark 2.0.0 to 2.0.4 - MMSE_ WAP_ WBXML_ and WSP Dissectors Denial of Service
Wireshark 1.12.0-1.12.12 - NDS Dissector Denial of Service
Wireshark 2.0.0 - 2.0.4 - MMSE_ WAP_ WBXML_ and WSP Dissectors Denial of Service
Microsoft Office Word 2007_2010_2013_2016 - Out-of-Bounds Read Remote Code Execution (MS16-099)
Microsoft Office Word 2007/2010/2013/2016 - Out-of-Bounds Read Remote Code Execution (MS16-099)
WebNMS Framework Server 5.2 and 5.2 SP1 - Multiple Vulnerabilities
WebNMS Framework Server 5.2 / 5.2 SP1 - Multiple Vulnerabilities
ColoradoFTP 1.3 Prime Edition (Build 8) - Directory Traversal
|
2016-08-12 05:09:55 +00:00 |
|
Offensive Security
|
d06dff59f9
|
DB: 2016-07-26
16 new exploits
Ubuntu Breezy 5.10 - Installer Password Disclosure
Ubuntu 5.10 - Installer Password Disclosure
BSD/x86 - setuid/portbind (TCP 31337) shellcode (94 bytes)
BSD/x86 - setuid/portbind 31337/TCP shellcode (94 bytes)
Linux/x86 - shellcode that forks a HTTP Server on port tcp/8800 (166 bytes)
Linux/x86 - listens for shellcode on tcp/5555 and jumps to it (83 bytes)
Linux/x86 - Forks a HTTP Server on port 8800/TCP shellcode (166 bytes)
Linux/x86 - Listens for shellcode on 5555/TCP and jumps to it (83 bytes)
Linux/x86 - Shellcode Polymorphic chmod(_/etc/shadow__666) (54 bytes)
Linux/x86 - Polymorphic chmod(_/etc/shadow__666) Shellcode (54 bytes)
Linux/x86 - Add root user _r00t_ with no password to /etc/passwd shellcode (69 bytes)
Linux/x86 - Add root user 'r00t' with no password to /etc/passwd shellcode (69 bytes)
Linux/x86 - SET_PORT() portbind 31337 tcp shellcode (100 bytes)
Linux/x86 - SET_PORT() portbind 31337/TCP shellcode (100 bytes)
Linux/x86 - Add User _xtz_ without Password to /etc/passwd shellcode (59 bytes)
Linux/x86 - Add User 'xtz' without Password to /etc/passwd shellcode (59 bytes)
Linux/x86 - Bind /bin/sh to 31337/tcp shellcode (80 bytes)
Linux/x86 - Bind /bin/sh to 31337/tcp + fork() shellcode (98 bytes)
Linux/x86 - Bind /bin/sh to 31337/TCP shellcode (80 bytes)
Linux/x86 - Bind /bin/sh to 31337/TCP + fork() shellcode (98 bytes)
Linux/x86 - connect-back shellcode 127.0.0.1:31337/tcp (74 bytes)
Linux/x86 - Connect-back shellcode 127.0.0.1:31337/TCP (74 bytes)
Linux/x86 - Add user _t00r_ encrypt shellcode (116 bytes)
Linux/x86 - Add user 't00r' encrypt shellcode (116 bytes)
Linux/x86 - Add user _t00r_ shellcode (82 bytes)
Linux/x86 - Add user 't00r' shellcode (82 bytes)
Linux/x86 - Add user _z_ shellcode (70 bytes)
Linux/x86 - Add User 'z' shellcode (70 bytes)
Solaris/x86 - portbind/tcp shellcode (Generator)
Solaris/x86 - portbind/TCP shellcode (Generator)
Linux/x86 - append _/etc/passwd_ & exit() shellcode (107 bytes)
Linux/x86 - append '/etc/passwd' & exit() shellcode (107 bytes)
Linux/x86 - sends _Phuck3d!_ to all terminals shellcode (60 bytes)
Linux/x86 - sends 'Phuck3d!' to all terminals shellcode (60 bytes)
Linux/x86 - change mode 0777 of _/etc/shadow_ with sys_chmod syscall shellcode (39 bytes)
Linux/x86 - change mode 0777 of '/etc/shadow' with sys_chmod syscall shellcode (39 bytes)
Linux/x86 - change mode 0777 of _/etc/passwd_ with sys_chmod syscall shellcode (39 bytes)
Linux/x86 - change mode 0777 of '/etc/passwd' with sys_chmod syscall shellcode (39 bytes)
Linux/ARM - Add root user _shell-storm_ with password _toor_ shellcode (151 bytes)
Linux/ARM - Add root user 'shell-storm' with password 'toor' shellcode (151 bytes)
OS-X/Intel - reverse_tcp shell x86_64 shellcode (131 bytes)
OS-X/Intel (x86_64) - reverse_tcp shell shellcode (131 bytes)
Linux/SuperH (sh4) - Add root user _shell-storm_ with password _toor_ shellcode (143 bytes)
Linux/SuperH (sh4) - Add root user 'shell-storm' with password 'toor' shellcode (143 bytes)
Linux/MIPS - Add user(UID 0) _rOOt_ with password _pwn3d_ shellcode (164 bytes)
Linux/MIPS - Add user(UID 0) 'rOOt' with password 'pwn3d' shellcode (164 bytes)
Linux/x86-64 - Bind TCP 4444 Port Shellcode (81 bytes / 96 bytes with password)
Linux/x86-64 - Bind 4444/TCP Port Shellcode (81 bytes / 96 bytes with password)
Linux/x86 - TCP Bind Shell 33333 Port Shellcode (96 bytes)
Linux/x86 - Bind Shell 33333/TCP Port Shellcode (96 bytes)
OS-X/x86-64 - tcp 4444 port bind Nullfree shellcode (144 bytes)
OS-X/x86-64 - 4444/TPC port bind Nullfree shellcode (144 bytes)
Linux/x86-64 - Bind TCP 4444 Port Shellcode (103 bytes)
Linux/x86-64 - TCP 4444 port Bindshell with Password Prompt shellcode (162 bytes)
Linux/x86-64 - Bind 4444/TCP Port Shellcode (103 bytes)
Linux/x86-64 - Bindshell 4444/TCP with Password Prompt shellcode (162 bytes)
Linux/x86-64 - Bind TCP Port 1472 shellcode (IPv6) (199 bytes)
Linux/x86-64 - Bind 1472/TCP shellcode (IPv6) (199 bytes)
Linux/x86 - TCP Bind Shell Port 4444 shellcode (656 bytes)
Linux/x86 - Bind Shell Port 4444/TCP shellcode (656 bytes)
Linux/x86 - TCP Bind Shell Port 4444 shellcode (98 bytes)
Linux/x86 - Bind Shell Port 4444/TCP shellcode (98 bytes)
Rapid7 AppSpider 6.12 - Local Privilege Escalation
Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Remote Command Execution (Metasploit)
Barracuda Spam & Virus Firewall 5.1.3.007 - Remote Command Execution (Metasploit)
MediaCoder 0.8.43.5852 - .m3u SEH Exploit
Drupal CODER Module 2.5 - Remote Command Execution (Metasploit)
CodoForum 3.2.1 - SQL Injection
CoolPlayer+ Portable 2.19.6 - .m3u Stack Overflow (Egghunter+ASLR bypass)
GRR Système de Gestion et de Réservations de Ressources 3.0.0-RC1 - Arbitrary File Upload
PHP gettext (gettext.php) 1.0.12 - Unauthenticated Code Execution
PHP 7.0.8_ 5.6.23 and 5.5.37 - bzread() Out-of-Bounds Write
Ubee EVW3226 Modem/Router 1.0.20 - Multiple Vulnerabilities
Technicolor TC7200 Modem/Router STD6.02.11 - Multiple Vulnerabilities
Hitron CGNV4 Modem/Router 4.3.9.9-SIP-UPC - Multiple Vulnerabilities
Compal CH7465LG-LC Modem/Router CH7465LG-NCIP-4.50.18.13-NOSH - Multiple Vulnerabilities
Bellini/Supercook Wi-Fi Yumi SC200 - Multiple Vulnerabilities
Micro Focus Filr 2 2.0.0.421_ Filr 1.2 1.2.0.846 - Multiple Vulnerabilities
|
2016-07-26 05:04:05 +00:00 |
|
Offensive Security
|
0fe9b46f79
|
DB: 2016-06-22
14 new exploits
Linux Kernel <= 2.4.22 - 'do_brk' Local Root Exploit (2)
Linux Kernel <= 2.4.22 - 'do_brk()' Local Root Exploit (2)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (1)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (2)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Local Proof of Concept (1)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Local Proof of Concept (2)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'mremap()' Bound Checking Root Exploit
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'mremap()' Bound Checking Root Exploit (3)
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Missing 'do_munmap' Exploit
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Missing 'do_munmap' Exploit (1)
Linux Kernel <= 2.4.29-rc2 - uselib() Privilege Elevation
Linux Kernel <= 2.4.29-rc2 - 'uselib()' Privilege Elevation (1)
Linux Kernel 2.4 - uselib() Privilege Elevation Exploit
Linux Kernel 2.4 - uselib() Privilege Elevation Exploit (2)
Linux Kernel 2.4.x / 2.6.x - uselib() Local Privilege Escalation Exploit
Linux Kernel 2.4.x / 2.6.x - uselib() Local Privilege Escalation Exploit (3)
Linux Kernel 2.6.17 <= 2.6.24.1 - vmsplice Local Root Exploit
Linux Kernel 2.6.23 <= 2.6.24 - vmsplice Local Root Exploit
Linux Kernel 2.6.17 <= 2.6.24.1 - 'vmsplice' Local Root Exploit (2)
Linux Kernel 2.6.23 <= 2.6.24 - vmsplice Local Root Exploit (1)
Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - UDEV Local Privilege Escalation Exploit
Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - UDEV Local Privilege Escalation Exploit (1)
Linux Kernel 2.6 UDEV < 141 (Gentoo / Ubuntu 8.10/9.04) - Local Privilege Escalation Exploit
Linux Kernel 2.6 (Gentoo / Ubuntu 8.10/9.04) - UDEV < 141 Local Privilege Escalation Exploit (2)
Linux Kernel 2.x (Redhat) - sock_sendpage() Ring0 Local Root Exploit (1)
Linux Kernel 2.x - sock_sendpage() Local Root Exploit (2)
Linux Kernel 2.x (Redhat) - 'sock_sendpage()' Ring0 Local Root Exploit (1)
Linux Kernel 2.x - 'sock_sendpage()' Local Root Exploit (2)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4~11 / Whitebox 4 / CentOS 4) - sock_sendpage() ring0 Root Exploit (1)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4~11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' ring0 Root Exploit (3)
Linux Kernel <= 2.6.30 - atalk_getname() 8-bytes Stack Disclosure Exploit
Linux Kernel <= 2.6.30 - 'atalk_getname()' 8-bytes Stack Disclosure Exploit (1)
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - ip_append_data() ring0 Root Exploit
Linux Kernel < 2.6.31-rc7 - AF_IRDA 29-Byte Stack Disclosure Exploit
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - ip_append_data() ring0 Root Exploit (1)
Linux Kernel < 2.6.31-rc7 - AF_IRDA 29-Byte Stack Disclosure Exploit (2)
Linux Kernel < 2.6.19 (x86/x64) - udp_sendmsg Local Root Exploit
Linux Kernel < 2.6.19 (Debian 4) - udp_sendmsg Local Root Exploit
Linux Kernel < 2.6.19 (x86/x64) - udp_sendmsg Local Root Exploit (2)
Linux Kernel < 2.6.19 (Debian 4) - 'udp_sendmsg' Local Root Exploit (3)
Linux Kernel 2.4 / 2.6 (Fedora 11) - sock_sendpage() Local Root Exploit (2)
Linux Kernel 2.4 / 2.6 (Fedora 11) - 'sock_sendpage()' Local Root Exploit (4)
Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (3)
Linux Kernel 2.4 / 2.6 - 'sock_sendpage()' Local Root Exploit (5)
Linux Kernel 2.4.1-2.4.37 / 2.6.1-2.6.32-rc5 - Pipe.c Privilege Escalation
Linux Kernel 2.4.1-2.4.37 / 2.6.1-2.6.32-rc5 - Pipe.c Privilege Escalation (3)
Linux Kernel <= 2.6.32 - 'pipe.c' Local Privilege Escalation Vulnerability
Linux Kernel <= 2.6.32 - 'pipe.c' Local Privilege Escalation Vulnerability (4)
Linux Kernel <= 2.6.37 (Redhat / Ubuntu 10.04) - 'Full Nelson' Local Privilege Escalation
Linux Kernel <= 2.6.37 (Redhat / Ubuntu 10.04) - 'Full-Nelson.c' Local Privilege Escalation
Linux Kernel <= 2.6.37 - Local Kernel Denial of Service
Linux Kernel <= 2.6.37 - Local Kernel Denial of Service (1)
Linux Kernel < 2.6.37-rc2 - TCP_MAXSEG Kernel Panic DoS
Linux Kernel < 2.6.37-rc2 - TCP_MAXSEG Kernel Panic DoS (2)
Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - Econet Privilege Escalation Exploit
Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation Exploit
Linux Kernel 2.6.39 <= 3.2.2 (Gentoo / Ubuntu x86/x64) - Mempodipper Local Root (1)
Linux Kernel 2.6.39 <= 3.2.2 (Gentoo / Ubuntu x86/x64) - 'Mempodipper.c' Local Root (1)
Linux Kernel 2.0/2.1_ Digital UNIX <= 4.0 D_ FreeBSD <= 2.2.4_ HP HP-UX 10.20/11.0_ IBM AIX <= 3.2.5_ NetBSD 1.2_ Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability
Linux Kernel 2.0/2.1 (Digital UNIX <= 4.0 D / FreeBSD <= 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX <= 3.2.5 / NetBSD 1.2 / Solaris <= 2.5.1) - Smurf Denial of Service Vulnerability
Linux Kernel <= 2.3_ BSD/OS <= 4.0_ FreeBSD <= 3.2_ NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability
Linux Kernel <= 2.3 (BSD/OS <= 4.0 / FreeBSD <= 3.2 / NetBSD <= 1.4) - Shared Memory Denial of Service Vulnerability
Linux Kernel 2.2.12/2.2.14/2.3.99_ RedHat 6.x - Socket Denial of Service
Linux Kernel 2.2.12/2.2.14/2.3.99 (RedHat 6.x) - Socket Denial of Service
Linux Kernel 2.2.x/2.4.0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1)
Linux Kernel 2.2.x/2.4.0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2)
Linux Kernel 2.2.x <= 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Local Root 'sendmail' Vulnerability (1)
Linux Kernel 2.2.x <= 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2)
Linux Kernel < 3.3.x - 3.7.x (Arch Linux x86_64) - sock_diag_handlers[] Local Root
Linux Kernel < 3.3.x - 3.7.x (Arch Linux x86_64) - 'sock_diag_handlers[]' Local Root (1)
Linux Kernel <= 3.7.10 (Ubuntu 12.10 x64) - sock_diag_handlers Local Root Exploit
Linux Kernel <= 3.7.10 (Ubuntu 12.10 x64) - 'sock_diag_handlers' Local Root Exploit (2)
Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (1)
Linux Kernel 2.6.x - 'SYS_EPoll_Wait' Local Integer Overflow Local Root Vulnerability (1)
Linux Kernel 2.6.32 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit
Linux Kernel 2.6.32 <= 3.x.x (CentOS) - 'PERF_EVENTS' Local Root Exploit (1)
Linux Kernel < 3.8.9 (x86_64) - perf_swevent_init Local Root Exploit
Linux Kernel < 3.8.9 (x86_64) - perf_swevent_init Local Root Exploit (2)
Linux Kernel 3.4 < 3.13.2 - recvmmsg x32 compat - Proof of Concept
Linux Kernel 3.4 < 3.13.2 - recvmmsg x32 compat - Proof of Concept (1)
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - Arbitrary Write with CONFIG_X86_X32 Exploit
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - 'CONFIG_X86_X32=y' Local Root Exploit
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - Arbitrary Write with 'CONFIG_X86_X32' Exploit (2)
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - 'CONFIG_X86_X32=y' Local Root Exploit (3)
Linux Kernel 2.6.x - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty
Linux Kernel 3.3 < 3.8 (Ubuntu/Fedora 18) - SOCK_DIAG Local Root Exploit
Linux Kernel 3.3 < 3.8 (Ubuntu/Fedora 18) - SOCK_DIAG Local Root Exploit (3)
Linux Kernel <= 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04.(0_1_2) x64) - perf_swevent_init Local Root Exploit
Linux Kernel 2.6.x - 'fasync_helper()' Local Privilege Escalation Vulnerability
Linux Kernel <= 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04.0/1/2 x64) - perf_swevent_init Local Root Exploit (3)
Linux Kernel < 2.6.28 - 'fasync_helper()' Local Privilege Escalation Vulnerability
Linux Kernel 2.6.39 <= 3.2.2 (x86/x64) - Mempodipper Local Root (2)
Linux Kernel 2.6.39 <= 3.2.2 (x86/x64) - 'Mempodipper.c' Local Root (2)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root Shell
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - 'overlayfs' Local Root Shell
Linux Kernel <= 4.3.3 (Ubuntu 14.04/15.10) - overlayfs Local Root Exploit
Linux Kernel <= 4.3.3 (Ubuntu 14.04/15.10) - 'overlayfs' Local Root Exploit (1)
Linux Kernel <= 4.3.3 - overlayfs Local Privilege Escalation
Linux Kernel <= 4.3.3 - 'overlayfs' Local Privilege Escalation (2)
DarkComet Server Remote File Download Exploit (msf)
Banshee 2.6.2 - .mp3 Crash PoC
IonizeCMS 1.0.8 - (Add Admin) CSRF
Yona CMS - (Add Admin) CSRF
Joomla Publisher Pro (com_publisher) Component - SQL Injection
Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap-Based Out-of-Bounds Reads/Memory Disclosure (MS16-074)
Windows Kernel - ATMFD.DLL NamedEscape 0x250C Pool Corruption (MS16-074)
Linux - ecryptfs and /proc/$pid/environ Privilege Escalation
Windows - Custom Font Disable Policy Bypass
Internet Explorer 11 - Garbage Collector Attribute Type Confusion (MS16-063)
SAP NetWeaver AS JAVA 7.1 - 7.5 - ctcprotocol Servlet XXE
SAP NetWeaver AS JAVA 7.1 - 7.5 - Directory Traversal
Radiant CMS 1.1.3 - Mutiple Persistent XSS Vulnerabilities
YetiForce CRM < 3.1 - Persistent XSS
|
2016-06-22 05:06:31 +00:00 |
|
Offensive Security
|
62962d90b0
|
DB: 2016-06-07
16 new exploits
Linux Kernel < 2.6.34 (Ubuntu 11.10 x86 & x64) - CAP_SYS_ADMIN Local Privilege Escalation Exploit (2)
Linux Kernel < 2.6.34 (Ubuntu 11.10 x86/x64) - CAP_SYS_ADMIN Local Privilege Escalation Exploit (2)
Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - Sendpage Local Privilege Escalation (Metasploit)
Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - Sendpage Local Privilege Escalation (Metasploit)
Linux Kernel <= 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings
Linux Kernel <= 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings Local Root
WordPress Simple Backup Plugin 2.7.11 - Multiple Vulnerabilities
Dream Gallery 1.0 - CSRF Add Admin Exploit
Apache Continuum 1.4.2 - Multiple Vulnerabilities
Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - ShellShock Exploit
Valve Steam 3.42.16.13 - Local Privilege Escalation
ArticleSetup 1.00 - CSRF Change Admin Password
Electroweb Online Examination System 1.0 - SQL Injection
WordPress WP Mobile Detector Plugin 3.5 - Arbitrary File Upload
WordPress Creative Multi-Purpose Theme 9.1.3 - Stored XSS
WordPress WP PRO Advertising System Plugin 4.6.18 - SQL Injection
WordPress Newspaper Theme 6.7.1 - Privilege Escalation
WordPress Uncode Theme 1.3.1 - Arbitrary File Upload
WordPress Double Opt-In for Download Plugin 2.0.9 - SQL Injection
Notilus Travel Solution Software 2012 R3 - SQL Injection
rConfig 3.1.1 - Local File Inclusion
Nagios XI 5.2.7 - Multiple Vulnerabilities
|
2016-06-07 05:07:41 +00:00 |
|
Offensive Security
|
6dc4d46521
|
DB: 2016-05-18
16 new exploits
Meteocontrol WEB’log - Admin Password Disclosure
Cisco ASA Software 8.x / 9.x - IKEv1 and IKEv2 Buffer Overflow
Adobe Flash - JXR Processing Out-of-Bounds Read
Adobe Flash - Out-of-Bounds Read when Placing Object
Adobe Flash - Overflow in Processing Raw 565 Textures
Adobe Flash - Heap Overflow in ATF Processing (Image Reading)
Adobe Flash - MP4 File Stack Corruption
Adobe Flash - Type Confusion in FileReference Constructor
Adobe Flash - addProperty Use-After-Free
Adobe Flash - SetNative Use-After-Free
Windows - gdi32.dll Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055)
Windows - gdi32.dll Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055)
Windows - gdi32.dll Heap-Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055)
Symantec/Norton Antivirus - ASPack Remote Heap/Pool Memory Corruption Vulnerability
Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection
SAP xMII 15.0 - Directory Traversal
|
2016-05-18 05:02:15 +00:00 |
|
Offensive Security
|
22a4c5d4cc
|
DB: 2016-04-22
5 new exploits
freePBX 2.1.3 (upgrade.php) Remote File Include Vulnerability
FreePBX 2.1.3 - (upgrade.php) Remote File Include Vulnerability
FreePBX <= 2.8.0 Recordings Interface Allows Remote Code Execution
FreePBX <= 2.8.0 - Recordings Interface Allows Remote Code Execution
FreePBX 2.10.0 / 2.9.0 callmenum Remote Code Execution
FreePBX 2.10.0 / 2.9.0 - callmenum Remote Code Execution
FreePBX 2.2 SIP Packet Multiple HTML Injection Vulnerabilities
FreePBX 2.2 - SIP Packet Multiple HTML Injection Vulnerabilities
FreePBX config.php Remote Code Execution
FreePBX - config.php Remote Code Execution
FreePBX 2.5.2 admin/config.php tech Parameter XSS
FreePBX 2.5.2 Zap Channel Addition Description Parameter XSS
FreePBX 2.5.2 - admin/config.php tech Parameter XSS
FreePBX 2.5.2 - Zap Channel Addition Description Parameter XSS
phpLiteAdmin 1.9.6 - Multiple Vulnerabilities
Symantec Brightmail 10.6.0-7- LDAP Credentials Disclosure
Gemtek CPE7000 / WLTCS-106 - Multiple Vulnerabilities
Linux/x86_64 - bindshell (Port 5600) - 86 bytes
Microsoft Windows 7-10 & Server 2008-2012 - Local Privilege Escalation (x32/x64) (MS16-032) (Powershell)
|
2016-04-22 05:03:45 +00:00 |
|
Offensive Security
|
f7b6199767
|
DB: 2016-02-23
7 new exploits
|
2016-02-23 05:02:07 +00:00 |
|
Offensive Security
|
6e68aad606
|
DB: 2016-02-15
2 new exploits
|
2016-02-15 05:04:08 +00:00 |
|
Offensive Security
|
0d39670c20
|
DB: 2016-02-13
1 new exploits
|
2016-02-13 05:03:17 +00:00 |
|
Offensive Security
|
2ec2bcdde4
|
DB: 2016-02-02
11 new exploits
|
2016-02-02 05:02:47 +00:00 |
|
Offensive Security
|
a5b96c2067
|
DB: 2016-01-28
11 new exploits
|
2016-01-28 05:02:01 +00:00 |
|
Offensive Security
|
67dd87a6f5
|
DB: 2016-01-27
15 new exploits
|
2016-01-27 05:03:06 +00:00 |
|
Offensive Security
|
97940c47e2
|
DB: 2016-01-08
10 new exploits
|
2016-01-08 05:03:43 +00:00 |
|
Offensive Security
|
95a1b072fe
|
DB: 2015-11-18
7 new exploits
|
2015-11-18 05:02:21 +00:00 |
|
Offensive Security
|
f98ebec3d2
|
DB: 2015-11-11
11 new exploits
|
2015-11-11 05:02:52 +00:00 |
|
Offensive Security
|
9005d315b8
|
DB: 2015-10-29
12 new exploits
|
2015-10-29 05:02:34 +00:00 |
|
Offensive Security
|
aa57287847
|
DB: 2015-10-16
17 new exploits
|
2015-10-16 05:02:10 +00:00 |
|
Offensive Security
|
7fcce7a954
|
DB: 2015-10-01
14 new exploits
|
2015-10-01 05:02:54 +00:00 |
|
Offensive Security
|
42b241205e
|
DB: 2015-09-11
20 new exploits
|
2015-09-11 05:01:46 +00:00 |
|
Offensive Security
|
d891c95c0e
|
DB: 2015-08-29
11 new exploits
|
2015-08-29 05:01:51 +00:00 |
|
Offensive Security
|
5d9a8808ca
|
DB: 2015-07-14
30 new exploits
|
2015-07-14 05:03:24 +00:00 |
|
Offensive Security
|
e8f22fe4b6
|
DB: 2015-07-11
26 new exploits
|
2015-07-11 05:03:28 +00:00 |
|
Offensive Security
|
7c733046b7
|
DB: 2015-06-30
9 new exploits
|
2015-06-30 05:03:19 +00:00 |
|
Offensive Security
|
441db36a16
|
DB: 2015-06-26
5 new exploits
|
2015-06-26 05:02:53 +00:00 |
|
Offensive Security
|
8a28155962
|
DB: 2015-05-27
15 new exploits
|
2015-05-27 05:02:00 +00:00 |
|
Offensive Security
|
2be48e03b5
|
DB: 2015-05-18
8 new exploits
|
2015-05-18 05:03:27 +00:00 |
|
Offensive Security
|
b3321b3426
|
DB: 2015-05-15
17 new exploits
|
2015-05-15 05:02:32 +00:00 |
|
Offensive Security
|
5acc3a9713
|
DB: 2015-05-10
1 new exploits
|
2015-05-10 05:02:35 +00:00 |
|
Offensive Security
|
01ba689949
|
DB: 2015-05-08
19 new exploits
|
2015-05-08 05:02:43 +00:00 |
|
Offensive Security
|
67447e4b29
|
DB: 2015-04-28
16 new exploits
|
2015-04-28 05:01:34 +00:00 |
|
Offensive Security
|
cc553d1147
|
DB: 2015-04-20
11 new exploits
|
2015-04-20 12:44:13 +00:00 |
|
Offensive Security
|
223a30662a
|
DB: 2015-04-11
12 new exploits
|
2015-04-11 08:36:20 +00:00 |
|
Offensive Security
|
0607d0429f
|
DB: 2015-04-09
19 new exploits
|
2015-04-09 08:36:09 +00:00 |
|
Offensive Security
|
1f826038cf
|
DB: 2015-03-31
25 new exploits
|
2015-03-31 08:35:36 +00:00 |
|
Offensive Security
|
9a428f40c9
|
DB: 2015-03-20
19 new exploits
|
2015-03-20 08:36:08 +00:00 |
|
Offensive Security
|
5924dde297
|
DB: 2015-03-19
2 new exploits
|
2015-03-19 09:39:10 +00:00 |
|
Offensive Security
|
51e5e42e74
|
Update: 2015-03-17
49 new exploits
|
2015-03-17 08:36:10 +00:00 |
|
Offensive Security
|
65bae5bbd0
|
Update: 2015-03-08
9 new exploits
|
2015-03-08 08:37:21 +00:00 |
|
Offensive Security
|
6b868b6b79
|
Update: 2015-01-17
14 new exploits
|
2015-01-17 08:35:34 +00:00 |
|
Offensive Security
|
e112b990da
|
Update: 2015-01-05
9 new exploits
|
2015-01-05 08:36:21 +00:00 |
|