bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1817 commits 1 branch 0 tags 264 MiB
Commit graph

373 commits

Author SHA1 Message Date
Offensive Security
ab955a9b5d DB: 2019-04-19 
5 changes to exploits/shellcodes

Netwide Assembler (NASM) 2.14rc15 - NULL Pointer Dereference (PoC)

Evernote 7.9 - Code Execution via Path Traversal

LibreOffice < 6.0.7 / 6.1.3 - Macro Code Execution (Metasploit)

ManageEngine Applications Manager 11.0 < 14.0 - SQL Injection / Remote Code Execution (Metasploit)
 2019-04-19 05:02:10 +00:00
Offensive Security
5e1aca383e DB: 2019-04-18 
5 changes to exploits/shellcodes

ASUS HG100 - Denial of Service
DHCP Server 2.5.2 - Denial of Service (PoC)
Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in sc_FindExtrema4
Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in GlyphIterator::setCurrGlyphID

MailCarrier 2.51 - POP3 'RETR' SEH Buffer Overflow
 2019-04-18 05:01:57 +00:00
Offensive Security
ab1398c24c DB: 2019-04-17 
13 changes to exploits/shellcodes

PCHelpWare V2 1.0.0.5 - 'SC' Denial of Service (PoC)
PCHelpWare V2 1.0.0.5 - 'Group' Denial of Service (PoC)
AdminExpress 1.2.5 - 'Folder Path' Denial of Service (PoC)
Zoho ManageEngine ADManager Plus 6.6 (Build < 6659) - Privilege Escalation
Microsoft Windows 10 1809 / 1709 - CSRSS SxSSrv Cached Manifest Privilege Escalation
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization MAXIMUM_ACCESS DesiredAccess Privilege Escalation
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cross Process Handle Duplication Privilege Escalation
Microsoft Windows 10 1809 - LUAFV LuafvCopyShortName Arbitrary Short Name Privilege Escalation
Microsoft Windows 10 1809 - LUAFV NtSetCachedSigningLevel Device Guard Bypass
Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cache Manager Poisoning Privilege Escalation
Microsoft Windows 10 1809 - LUAFV PostLuafvPostReadWrite SECTION_OBJECT_POINTERS Race Condition Privilege Escalation
Zyxel ZyWall 310 / ZyWall 110 / USG1900 / ATP500 / USG40 - Login Page Cross-Site Scripting
Joomla Core 1.5.0 - 3.9.4 - Directory Traversal / Authenticated Arbitrary File Deletion
 2019-04-17 05:02:03 +00:00
Offensive Security
0d739de6f9 DB: 2019-04-16 
13 changes to exploits/shellcodes

UltraVNC Viewer 1.2.2.4 - 'VNC Server' Denial of Service (PoC)
UltraVNC Launcher 1.2.2.4 - 'Path' Denial of Service (PoC)
MailCarrier 2.51 - 'RCPT TO' Buffer Overflow
RemoteMouse 3.008 - Arbitrary Remote Command Execution
CuteNews 2.1.2 - 'avatar' Remote Code Execution (Metasploit)
MailCarrier 2.51 - POP3 'USER' Buffer Overflow
MailCarrier 2.51 - POP3 'LIST' SEH Buffer Overflow
MailCarrier 2.51 - POP3 'TOP' SEH Buffer Overflow
Cisco RV130W Routers - Management Interface Remote Command Execution (Metasploit)

Manage Engine ServiceDesk Plus 10.0 - Privilege Escalation

DirectAdmin 1.561 - Multiple Vulnerabilities

Linux/x86 - MMX-PUNPCKLBW Encoder Shellcode (61 bytes)
Linux/x86 - Cat File Encode to base64 and post via curl to Webserver Shellcode (125 bytes)
 2019-04-16 05:02:04 +00:00
Offensive Security
fd2946662d DB: 2019-04-13 
7 changes to exploits/shellcodes

CyberArk EPM 10.2.1.603 - Security Restrictions Bypass
Microsoft Internet Explorer 11 - XML External Entity Injection
Microsoft Windows - Contact File Format Arbitary Code Execution (Metasploit)

Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)

ATutor < 2.2.4 - 'file_manager' Remote Code Execution (Metasploit)

Linux/x86 - Add User to Passwd File Shellcode (149 bytes)
 2019-04-13 05:02:03 +00:00
Offensive Security
285aecc39e DB: 2019-04-12 
2 changes to exploits/shellcodes

Manage Engine ServiceDesk Plus 9.3 - Privilege Escalation
 2019-04-12 05:02:00 +00:00
Offensive Security
4bc27f9b2b DB: 2019-04-11 
4 changes to exploits/shellcodes

FTPShell Server 6.83 - 'Account name to ban' Local Buffer
FTPShell Server 6.83 - 'Virtual Path Mapping' Local Buffer
Dell KACE Systems Management Appliance (K1000) 6.4.120756 - Unauthenticated Remote Code Execution
D-Link DI-524 V2.06RU - Multiple Cross-Site Scripting
 2019-04-11 05:02:00 +00:00
Offensive Security
be8aa5121b DB: 2019-04-10 
7 changes to exploits/shellcodes

Microsoft Windows - AppX Deployment Service Privilege Escalation
PHP 7.2 - 'imagecolormatch()' Out of Band Heap Write
TP-LINK TL-WR940N / TL-WR941ND - Buffer Overflow
Apache Axis 1.4 - Remote Code Execution

Ashop Shopping Cart Software - 'bannedcustomers.php?blacklistitemid' SQL Injection

Linux/x64 - XANAX Encoder Shellcode (127 bytes)
Linux/x64 - XANAX Decoder Shellcode (127 bytes)
 2019-04-10 05:02:03 +00:00
Offensive Security
23f668ca8d DB: 2019-04-09 
14 changes to exploits/shellcodes

FlexHEX 2.71 - SEH Buffer Overflow (Unicode)
AllPlayer 7.4 - SEH Buffer Overflow (Unicode)
River Past Cam Do 3.7.6 - 'Activation Code' Local Buffer Overflow
Download Accelerator Plus (DAP) 10.0.6.0 - SEH Buffer Overflow
Apache 2.4.17 < 2.4.38 - 'apache2ctl graceful' 'logrotate' Local Privilege Escalation

QNAP Netatalk < 3.1.12 - Authentication Bypass
Jobgator - 'experience' SQL Injection
Bolt CMS 3.6.6 - Cross-Site Request Forgery / Remote Code Execution
ShoreTel Connect ONSITE < 19.49.1500.0 - Multiple Vulnerabilities
SaLICru -SLC-20-cube3(5) - HTML Injection
CentOS Web Panel 0.9.8.793 (Free) / 0.9.8.753 (Pro) - Cross-Site Scripting
Tradebox CryptoCurrency - 'symbol' SQL Injection
WordPress Plugin Limit Login Attempts Reloaded 2.7.4 - Login Limit Bypass
ManageEngine ServiceDesk Plus 9.3 - User Enumeration
 2019-04-09 05:02:03 +00:00
Offensive Security
d1b8d5e115 DB: 2019-04-06 
4 changes to exploits/shellcodes

AIDA64 Extreme 5.99.4900 - 'Logging' SEH Buffer Overflow

WordPress 5.0.0 - Crop-image Shell Upload (Metasploit)
Manage Engine ServiceDesk Plus 9.3 - Privilege Escalation
WordPress Plugin Contact Form Maker 1.13.1 - Cross-Site Request Forgery
 2019-04-06 05:02:01 +00:00
Offensive Security
63dedd0b6b DB: 2019-04-05 
3 changes to exploits/shellcodes

Magic ISO Maker 5.5(build 281) - 'Serial Code' Denial of Service (PoC)

AIDA64 Engineer 5.99.4900 - 'Load from file' Field Buffer Overflow (SEH)

FreeSMS 2.1.2 - SQL Injection (Authentication Bypass)
 2019-04-05 05:01:59 +00:00
Offensive Security
9d7b2f64d5 DB: 2019-04-04 
18 changes to exploits/shellcodes

Canarytokens 2019-03-01 - Detection Bypass
SpiderMonkey - IonMonkey Compiled Code Fails to Update Inferred Property Types (Type Confusion)
WebKit JavaScriptCore - 'createRegExpMatchesArray' Type Confusion
iOS < 12.2 / macOS < 10.14.4 XNU - pidversion Increment During execve is Unsafe
WebKit JavaScriptCore - Out-Of-Bounds Access in FTL JIT due to LICM Moving Array Access Before the Bounds Check
WebKit JavaScriptCore - CodeBlock Dangling Watchpoints Use-After-Free
WebKitGTK+ - 'ThreadedCompositor' Race Condition
Google Chrome 72.0.3626.81 - 'V8TrustedTypePolicyOptions::ToImpl' Type Confusion
Google Chrome 73.0.3683.39 / Chromium 74.0.3712.0 - 'ReadableStream' Internal Object Leak Type Confusion

AIDA64 Business 5.99.4900 - SEH Buffer Overflow (EggHunter)

AIDA64 Extreme Edition 5.99.4800 - Local SEH Buffer Overflow
AIDA64 Extreme / Engineer / Network Audit 5.99.4900 - SEH Buffer Overflow (EggHunter)
TeemIp IPAM < 2.4.0 - 'new_config' Command Injection (Metasploit)
PhreeBooks ERP 5.2.3 - Remote Command Execution
Google Chrome 72.0.3626.96 / 74.0.3702.0 - 'JSPromise::TriggerPromiseReactions' Type Confusion
Cisco RV320 and RV325 - Unauthenticated Remote Code Execution (Metasploit)
iScripts ReserveLogic - SQL Injection
Clinic Pro v4 - 'month' SQL Injection
Ashop Shopping Cart Software - SQL Injection
PhreeBooks ERP 5.2.3 - Arbitrary File Upload
 2019-04-04 05:02:18 +00:00
Offensive Security
764ac4bf5c DB: 2019-04-03 
13 changes to exploits/shellcodes

AIDA64 Extreme Edition 5.99.4800 - Local SEH Buffer Overflow
Mozilla Firefox 3 - 'ftp://' URL Multiple File Format Handling Cross-Site Scripting Vulnerabilities
Google Chrome 0.2.149 - 'ftp://' URL Multiple File Format Handling Cross-Site Scripting Vulnerabilities
Inout EasyRooms - SQL Injection
Inout RealEstate - 'city' SQL Injection
WordPress Plugin PayPal Checkout Payment Gateway 1.6.8 - Parameter Tampering
JioFi 4G M2S 1.0.2 - Cross-Site Request Forgery
LimeSurvey < 3.16 - Remote Code Execution
CMS Made Simple < 2.2.10 - SQL Injection
Fiverr Clone Script 1.2.2 - SQL Injection / Cross-Site Scripting
phpFileManager 1.7.8 - Local File Inclusion
 2019-04-03 05:02:02 +00:00
Offensive Security
d68f18cb8e DB: 2019-03-30 
6 changes to exploits/shellcodes

Fat Free CRM 0.19.0 - HTML Injection

CentOS Web Panel 0.9.8.789 - NameServer Field Persistent Cross-Site Scripting
 2019-03-30 05:02:01 +00:00
Offensive Security
e4e3f1c741 DB: 2019-03-29 
15 changes to exploits/shellcodes

Microsoft Visio 2016 16.0.4738.1000 - 'Log in accounts' Denial of Service
gnutls 3.6.6 - 'verify_crt()' Use-After-Free

Microsoft Windows Task Scheduler (Windows XP/2000) - '.job' (MS04-022)
Microsoft Windows Task Scheduler (XP/2000) - '.job' (MS04-022)
Multiple Vendor BIOS - Keyboard Buffer Password Persistence Weakness (1)
Multiple Vendor BIOS - Keyboard Buffer Password Persistence Weakness (2)
Multiple Vendor BIOS - Keyboard Buffer Password Persistence (1)
Multiple Vendor BIOS - Keyboard Buffer Password Persistence (2)

NXP Semiconductors MIFARE Classic Smartcard - Multiple Security Weaknesses
NXP Semiconductors MIFARE Classic Smartcard - Multiple Vulnerabilities

Accellion Secure File Transfer Appliance - Multiple Command Restriction Weakness Privilege Escalations
Accellion Secure File Transfer Appliance - Multiple Command Restriction / Privilege Escalations

EncFS 1.6.0 - Flawed CBC/CFB Cryptography Implementation Weaknesses
EncFS 1.6.0 - Flawed CBC/CFB Cryptography Implementation
PonyOS 3.0 - VFS Permissions
PonyOS 3.0 - ELF Loader Privilege Escalation
PonyOS 3.0 - TTY 'ioctl()' Kernel Local Privilege Escalation
Linux Kernel (PonyOS 3.0) - VFS Permissions Local Privilege Escalation
Linux Kernel (PonyOS 3.0) - ELF Loader Local Privilege Escalation
Linux Kernel (PonyOS 3.0) - TTY 'ioctl()' Local Privilege Escalation

PonyOS 4.0 - 'fluttershy' LD_LIBRARY_PATH Kernel Privilege Escalation
Linux Kernel (PonyOS 4.0) - 'fluttershy' LD_LIBRARY_PATH Local Privilege Escalation
Microsoft Windows Manager (Windows 7 x86) - Menu Management Component UAF Privilege Elevation
Microsoft Windows Kernel (Windows 7 x86) - Local Privilege Escalation (MS17-017)
Microsoft Windows Kernel (Windows 7 x86) - Local Privilege Escalation (MS16-039)
Microsoft Windows Manager (7 x86) - Menu Management Component UAF Privilege Elevation
Microsoft Windows Kernel (7 x86) - Local Privilege Escalation (MS17-017)
Microsoft Windows Kernel (7 x86) - Local Privilege Escalation (MS16-039)

Microsoft Windows MSHTML Engine - _Edit_ Remote Code Execution
Microsoft Windows MSHTML Engine - 'Edit' Remote Code Execution

Base64 Decoder 1.1.2 - Local Buffer Overflow (SEH Egghunter)

Linux Kernel 2.2 - TCP/IP Weakness Spoof IP
Linux Kernel 2.2 - TCP/IP Spoof IP

Microsoft Windows Media Encoder (Windows XP SP2) - 'wmex.dll' ActiveX Buffer Overflow (MS08-053)
Microsoft Windows Media Encoder (XP SP2) - 'wmex.dll' ActiveX Buffer Overflow (MS08-053)
Qualcomm Eudora 6.0.1/6.1.1 - Attachment LaunchProtect Warning Bypass Weakness (1)
Qualcomm Eudora 6.0.1/6.1.1 - Attachment LaunchProtect Warning Bypass Weakness (2)
Qualcomm Eudora 6.0.1/6.1.1 - Attachment LaunchProtect Warning Bypass (1)
Qualcomm Eudora 6.0.1/6.1.1 - Attachment LaunchProtect Warning Bypass (2)
Microsoft Internet Explorer 5/6 / Mozilla 1.2.1 - URI Display Obfuscation Weakness (1)
Microsoft Internet Explorer 5/6 / Mozilla 1.2.1 - URI Display Obfuscation Weakness (2)
Microsoft Internet Explorer 5/6 / Mozilla 1.2.1 - URI Display Obfuscation (1)
Microsoft Internet Explorer 5/6 / Mozilla 1.2.1 - URI Display Obfuscation (2)
PHP 5.2.6 - 'create_function()' Code Injection Weakness (2)
PHP 5.2.6 - 'create_function()' Code Injection Weakness (1)
PHP 5.2.6 - 'create_function()' Code Injection (2)
PHP 5.2.6 - 'create_function()' Code Injection (1)
GNU Classpath 0.97.2 - 'gnu.java.security.util.PRNG' Class Entropy Weakness (1)
GNU Classpath 0.97.2 - 'gnu.java.security.util.PRNG' Class Entropy Weakness (2)
GNU Classpath 0.97.2 - 'gnu.java.security.util.PRNG' Class Entropy (1)
GNU Classpath 0.97.2 - 'gnu.java.security.util.PRNG' Class Entropy (2)
WebKit - Insufficient Entropy Random Number Generator Weakness (1)
WebKit - Insufficient Entropy Random Number Generator Weakness (2)
WebKit - Insufficient Entropy Random Number Generator (1)
WebKit - Insufficient Entropy Random Number Generator (2)

SonicWALL - SessId Cookie Brute Force Weakness Admin Session Hijacking
SonicWALL - 'SessId' Cookie Brute Force / Admin Session Hijacking

Microsoft Windows Windows 8/8.1/2012 R2 (x64) - 'EternalBlue' SMB Remote Code Execution (MS17-010)
Microsoft Windows 8/8.1/2012 R2 (x64) - 'EternalBlue' SMB Remote Code Execution (MS17-010)

Microsoft Windows Windows 7/2008 R2 - 'EternalBlue' SMB Remote Code Execution (MS17-010)
Microsoft Windows 7/2008 R2 - 'EternalBlue' SMB Remote Code Execution (MS17-010)

Microsoft Windows Windows 7/8.1/2008 R2/2012 R2/2016 R2 - 'EternalBlue' SMB Remote Code Execution (MS17-010)
Microsoft Windows 7/8.1/2008 R2/2012 R2/2016 R2 - 'EternalBlue' SMB Remote Code Execution (MS17-010)

elFinder PHP Connector < 2.1.48 - exiftran Command Injection (Metasploit)
elFinder PHP Connector < 2.1.48 - 'exiftran' Command Injection (Metasploit)

Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming RCE (Metasploit)
Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming Remote Code Execution (Metasploit)
CMS Made Simple (CMSMS) Showtime2 - File Upload RCE (Metasploit)
Oracle Weblogic Server Deserialization RCE - Raw Object (Metasploit)
Typo3 3.5 b5 - HTML Hidden Form Field Information Disclosure Weakness (1)
Typo3 3.5 b5 - HTML Hidden Form Field Information Disclosure Weakness (2)
Typo3 3.5 b5 - HTML Hidden Form Field Information Disclosure (1)
Typo3 3.5 b5 - HTML Hidden Form Field Information Disclosure (2)

LemonLDAP:NG 0.9.3.1 - User Enumeration Weakness / Cross-Site Scripting
LemonLDAP:NG 0.9.3.1 - User Enumeration / Cross-Site Scripting

Novell Teaming 1.0 - User Enumeration Weakness / Multiple Cross-Site Scripting Vulnerabilities
Novell Teaming 1.0 - User Enumeration / Multiple Cross-Site Scripting Vulnerabilities

MotoCMS - admin/data/users.xml Access Restriction Weakness Information Disclosure
MotoCMS - 'admin/data/users.xml' Access Restriction / Information Disclosure

Coppermine Gallery < 1.5.44 - Directory Traversal Weaknesses
Coppermine Gallery < 1.5.44 - Directory Traversal

Tenda W308R v2 Wireless Router 5.07.48 - Cookie Session Weakness Remote DNS Change
Tenda W308R v2 Wireless Router 5.07.48 - (Cookie Session) Remote DNS Change

Cobub Razor 0.8.0 - Physical path Leakage
Cobub Razor 0.8.0 - Physical Path Leakage
Thomson Reuters Concourse & Firm Central < 2.13.0097 - Directory Traversal / Local File Inclusion
Airbnb Clone Script - Multiple SQL Injection
Fat Free CRM 0.19.0 - HTML Injection
WordPress Plugin Anti-Malware Security and Brute-Force Firewall 4.18.63 - Local File Inclusion
WordPress Plugin Loco Translate 2.2.1 - Local File Inclusion
i-doit 1.12 - 'qr.php' Cross-Site Scripting
Job Portal 3.1 - 'job_submit' SQL Injection
BigTree 4.3.4 CMS - Multiple SQL Injection
Jettweb PHP Hazır Rent A Car Sitesi Scripti V2 - 'arac_kategori_id' SQL Injection
 2019-03-29 05:01:59 +00:00
Offensive Security
4333ceb122 DB: 2019-03-28 
1 changes to exploits/shellcodes

Jettweb Hazır Rent A Car Scripti V4 - SQL Injection
 2019-03-28 05:02:18 +00:00
Offensive Security
c09f5132f7 DB: 2019-03-27 
9 changes to exploits/shellcodes

Microsoft Windows 7/2008 - 'Win32k' Denial of Service (PoC)
Firefox < 66.0.1 - 'Array.prototype.slice' Buffer Overflow
Spidermonkey - IonMonkey Type Inference is Incorrect for Constructors Entered via OSR
Jettweb Php Hazır İlan Sitesi Scripti V2 - SQL Injection
Rukovoditel ERP & CRM 2.4.1 - 'path' Cross-Site Scripting
XooGallery - Multiple SQL Injection
XooDigital - 'p' SQL Injection
Titan FTP Server Version 2019 Build 3505 - Directory Traversal / Local File Inclusion
SJS Simple Job Script - SQL Injection / Cross-Site Scripting
 2019-03-27 05:01:59 +00:00
Offensive Security
b5bccf8f35 DB: 2019-03-26 
9 changes to exploits/shellcodes

X-NetStat Pro 5.63 - Local Buffer Overflow
VMware Workstation 14.1.5 / VMware Player 15.0.2 - Host VMX Process Impersonation Hijack Privilege Escalation
VMware Workstation 14.1.5 / VMware Player 15 - Host VMX Process COM Class Hijack Privilege Escalation
Apache CouchDB 2.3.1 - Cross-Site Request Forgery / Cross-Site Scripting
Jettweb PHP Hazır Haber Sitesi Scripti V1 - SQL Injection
Jettweb PHP Hazır Haber Sitesi Scripti V2 - SQL Injection (Authentication Bypass)
Jettweb PHP Hazır Haber Sitesi Scripti V3 - SQL Injection
Zeeways Jobsite CMS - 'id' SQL Injection
Zeeways Matrimony CMS - SQL Injection
 2019-03-26 05:02:04 +00:00
Offensive Security
70225061cc DB: 2019-03-23 
4 changes to exploits/shellcodes

snap - seccomp BBlacklist for TIOCSTI can be Circumvented
Matri4Web Matrimony Website Script - Multiple SQL Injection
Meeplace Business Review Script - 'id' SQL Injection
Inout Article Base CMS - SQL Injection
 2019-03-23 05:02:03 +00:00
Offensive Security
34e4bc14d9 DB: 2019-03-22 
8 changes to exploits/shellcodes

Canarytokens 2019-03-01 - Detection Bypass

DVD X Player 5.5.3 - '.plf' Buffer Overflow
Netartmedia Vlog System - 'email' SQL Injection
Rails 5.2.1 - Arbitrary File Content Disclosure
The Company Business Website CMS - Multiple Vulnerabilities
uHotelBooking System - 'system_page' SQL Injection
Placeto CMS Alpha v4 - 'page' SQL Injection
Bootstrapy CMS - Multiple SQL Injection
 2019-03-22 05:02:11 +00:00
Offensive Security
7bd54d5a91 DB: 2019-03-21 
10 changes to exploits/shellcodes

NetShareWatcher 1.5.8.0 - Local SEH Buffer Overflow
Netartmedia PHP Car Dealer - SQL Injection
Netartmedia PHP Real Estate Agency 4.0 - SQL Injection
Netartmedia Jobs Portal 6.1 - SQL Injection
Netartmedia PHP Dating Site - SQL Injection
Netartmedia PHP Business Directory 4.2 - SQL Injection
202CMS v10beta - Multiple SQL Injection
PLC Wireless Router GPN2.4P21-C-CN - Incorrect Access Control
PLC Wireless Router GPN2.4P21-C-CN - Cross-Site Request Forgery
Netartmedia Deals Portal - 'Email' SQL Injection
 2019-03-21 05:02:08 +00:00
Offensive Security
2afed97ceb DB: 2019-03-20 
16 changes to exploits/shellcodes

libseccomp < 2.4.0 - Incorrect Compilation of Arithmetic Comparisons
Google Chrome < M73 - Double-Destruction Race in StoragePartitionService
Google Chrome < M73 - Data Race in ExtensionsGuestViewMessageFilter
Microsoft Internet Explorer 11 - VBScript Execution Policy Bypass in MSHTML
Microsoft VBScript - VbsErase Memory Corruption
Microsoft Edge - Flash click2play Bypass with CObjectElement::FinalCreateObject
Google Chrome < M73 - MidiManagerWin Use-After-Free
Google Chrome < M73 - FileSystemOperationRunner Use-After-Free

Advanced Host Monitor 11.92 beta - Local Buffer Overflow

Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming RCE (Metasploit)

TheCarProject v2 - Multiple SQL Injection
TheCarProject 2 - Multiple SQL Injection
Gila CMS 1.9.1 - Cross-Site Scripting
MyBB Upcoming Events Plugin 1.32 - Cross-Site Scripting
eNdonesia Portal 8.7 - Multiple Vulnerabilities
Netartmedia Event Portal 2.0 - 'Email' SQL Injection
Netartmedia PHP Mall 4.1 - SQL Injection
Netartmedia Real Estate Portal 5.0 - SQL Injection
 2019-03-20 05:01:53 +00:00
Offensive Security
2a394cba09 DB: 2019-03-19 
4 changes to exploits/shellcodes

WinMPG Video Convert 9.3.5 - Denial of Service
WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 - Denial of Service

BMC Patrol Agent - Privilege Escalation Code Execution Execution (Metasploit)

TheCarProject v2 - Multiple SQL Injection
 2019-03-19 05:01:56 +00:00
Offensive Security
5981a27702 DB: 2019-03-18 2019-03-18 05:01:56 +00:00
Offensive Security
ab4683fee8 DB: 2019-03-17 
1 changes to exploits/shellcodes

WinRAR 5.61 - Path Traversal

Nuuo Central Management - Authenticated SQL Server SQL Injection (Metasploit)
Nuuo Central Management - (Authenticated) SQL Server SQL Injection (Metasploit)

Splunk Enterprise 7.2.3 - Authenticated Custom App RCE
Splunk Enterprise 7.2.3 - (Authenticated) Custom App Remote Code Execution

LogonBox Limited / Hypersocket Nervepoint Access Manager - Unauthenticated Insecure Direct Object Reference
LogonBox Limited / Hypersocket Nervepoint Access Manager - (Unauthenticated) Insecure Direct Object Reference

VA MAX 8.3.4 - Authenticated Remote Code Execution
VA MAX 8.3.4 - (Authenticated) Remote Code Execution

WordPress Plugin Booking Calendar 8.4.3 - Authenticated SQL Injection
WordPress Plugin Booking Calendar 8.4.3 - (Authenticated) SQL Injection

PRTG Network Monitor 18.2.38 - Authenticated Remote Code Execution
PRTG Network Monitor 18.2.38 - (Authenticated) Remote Code Execution

CMS Made Simple Showtime2 Module 3.6.2 - Authenticated Arbitrary File Upload
CMS Made Simple Showtime2 Module 3.6.2 - (Authenticated) Arbitrary File Upload
 2019-03-17 05:01:51 +00:00
Offensive Security
790034e7df DB: 2019-03-16 
7 changes to exploits/shellcodes

Mail Carrier 2.5.1 - 'MAIL FROM' Buffer Overflow
NetData 1.13.0 - HTML Injection
CMS Made Simple Showtime2 Module 3.6.2 - Authenticated Arbitrary File Upload
ICE HRM 23.0 - Multiple Vulnerabilities
Vembu Storegrid Web Interface 4.4.0 - Multiple Vulnerabilities
Laundry CMS - Multiple Vulnerabilities
Moodle 3.4.1 - Remote Code Execution
 2019-03-16 05:01:58 +00:00
Offensive Security
b4e61d43c1 DB: 2019-03-15 
6 changes to exploits/shellcodes

Microsoft Windows - .reg File / Dialog Box Message Spoofing
Microsoft Windows - '.reg' File / Dialog Box Message Spoofing
FTPGetter Standard 5.97.0.177 - Remote Code Execution
Apache UNO / LibreOffice Version: 6.1.2 / OpenOffice 4.1.6 API - Remote Code Execution
Intel Modular Server System 10.18 - Cross-Site Request Forgery (Change Admin Password)
Pegasus CMS 1.0 - 'extra_fields.php' Plugin Remote Code Execution
 2019-03-15 05:01:51 +00:00
Offensive Security
c5fbc00e3e DB: 2019-03-14 
8 changes to exploits/shellcodes

Microsoft Windows - .reg File / Dialog Box Message Spoofing
Core FTP Server FTP / SFTP Server v2 Build 674 - 'MDTM' Directory Traversal
Core FTP Server FTP / SFTP Server v2 Build 674 - 'SIZE' Directory Traversal

Microsoft Windows MSHTML Engine - _Edit_ Remote Code Execution
elFinder PHP Connector < 2.1.48 - exiftran Command Injection (Metasploit)
Apache Tika-server < 1.18 - Command Injection
WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion
pfSense 2.4.4-p1 (HAProxy Package 0.59_14) - Persistent Cross-Site Scripting
 2019-03-14 05:01:58 +00:00
Offensive Security
7ca7a51209 DB: 2019-03-13 
2 changes to exploits/shellcodes

Core FTP 2.0 build 653 - 'PBSZ' Denial of Service (PoC)

PilusCart 1.4.1 - Cross-Site Request Forgery (Add Admin)
 2019-03-13 05:01:58 +00:00
Offensive Security
ce1901fc4f DB: 2019-03-12 
10 changes to exploits/shellcodes

Linux Kernel 4.4 (Ubuntu 16.04) - 'snd_timer_user_ccallback()' Kernel Pointer Leak
Sony Playstation 4 (PS4) < 6.20 - WebKit Code Execution (PoC)
NetSetMan 4.7.1 - Local Buffer Overflow (SEH Unicode)
Liferay CE Portal < 7.1.2 ga3 - Remote Command Execution (Metasploit)
OpenKM 6.3.2 < 6.3.7 - Remote Command Execution (Metasploit)
PRTG Network Monitor 18.2.38 - Authenticated Remote Code Execution
Flexpaper PHP Publish Service 2.3.6 - Remote Code Execution

Linux/x86 - MMX-XOR Encoder / Decoder execve(/bin/sh) Shellcode (44 bytes)
Linux/x86 - Polymorphic execve(/bin/sh) Shellcode (63 bytes)
 2019-03-12 05:01:58 +00:00
Offensive Security
790ba4b35e DB: 2019-03-09 
5 changes to exploits/shellcodes

Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass)

phpBB 3.2.3  - Remote Code Execution
OrientDB 3.0.17 GA Community Edition - Cross-Site Request Forgery / Cross-Site Scripting
McAfee ePO 5.9.1 - Registered Executable Local Access Bypass
DirectAdmin 1.55 - 'CMD_ACCOUNT_ADMIN' Cross-Site Request Forgery

Linux/x86 - INSERTION Encoder / Decoder execve(/bin/sh) Shellcode (88 bytes)
 2019-03-09 05:02:48 +00:00
Offensive Security
880bbe402e DB: 2019-03-08 
14991 changes to exploits/shellcodes

HTC Touch - vCard over IP Denial of Service

TeamSpeak 3.0.0-beta25 - Multiple Vulnerabilities

PeerBlock 1.1 - Blue Screen of Death

WS10 Data Server - SCADA Overflow (PoC)

Symantec Endpoint Protection 12.1.4013 - Service Disabling
Memcached 1.4.33 - 'Crash' (PoC)
Memcached 1.4.33 - 'Add' (PoC)
Memcached 1.4.33 - 'sasl' (PoC)
Memcached 1.4.33 - 'Crash' (PoC)
Memcached 1.4.33 - 'Add' (PoC)
Memcached 1.4.33 - 'sasl' (PoC)

Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow

man-db 2.4.1 - 'open_cat_stream()' Local uid=man

CDRecord's ReadCD - '$RSH exec()' SUID Shell Creation

CDRecord's ReadCD - Local Privilege Escalation
Anyburn 4.3 x86 - 'Copy disc to image file' Buffer Overflow (Unicode) (SEH)
FreeBSD - Intel SYSRET Privilege Escalation (Metasploit)

CCProxy 6.2 - 'ping' Remote Buffer Overflow

Savant Web Server 3.1 - Remote Buffer Overflow (2)

Litespeed Web Server 4.0.17 with PHP (FreeBSD) - Remote Overflow

Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow
QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)
Imperva SecureSphere 13.x - 'PWS' Command Injection (Metasploit)
Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit)
Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass)
TeamCity < 9.0.2 - Disabled Registration Bypass
OpenSSH SCP Client - Write Arbitrary Files
Kados R10 GreenBee - Multiple SQL Injection
WordPress Core 5.0 - Remote Code Execution
phpBB 3.2.3  - Remote Code Execution

Linux/x86 - Create File With Permission 7775 + exit() Shellcode (Generator)
Linux/x86 - setreuid(0_0) + execve(/bin/ash_NULL_NULL) + XOR Encoded Shellcode (58 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/csh__ [/bin/csh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/ksh__ [/bin/ksh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/zsh__ [/bin/zsh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(/bin/ash_NULL_NULL) + XOR Encoded Shellcode (58 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/csh__ [/bin/csh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/ksh__ [/bin/ksh_ NULL]) + XOR Encoded Shellcode (53 bytes)
Linux/x86 - setreuid(0_0) + execve(_/bin/zsh__ [/bin/zsh_ NULL]) + XOR Encoded Shellcode (53 bytes)
 2019-03-08 05:01:50 +00:00
Offensive Security
d5509de389 DB: 2019-03-07 
6 changes to exploits/shellcodes

Linux < 4.20.14 - Virtual Address 0 is Mappable via Privileged write() to /proc/*/mem
Android - binder Use-After-Free via racy Initialization of ->allow_user_free
Android - getpidcon() Usage in Hardware binder ServiceManager Permits ACL Bypass

Java Debug Wire Protocol (JDWP) - Remote Code Execution

Linux/x86 - XOR Encoder / Decoder execve() /bin/sh Shellcode (45 bytes)
Linux/x86 - XOR Encoder / Decoder execve(/bin/sh) Shellcode (45 bytes)
 2019-03-07 05:01:53 +00:00
Offensive Security
dd4f02248d DB: 2019-03-06 
2 changes to exploits/shellcodes

STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation (2)

Splunk Enterprise 7.2.4 - Custom App RCE (Persistent Backdoor - Custom Binary Payload)
Splunk Enterprise 7.2.4 - Custom App Remote Command Execution (Persistent Backdoor / Custom Binary)

elFinder 2.1.47 - Command Injection vulnerability in the PHP connector
elFinder 2.1.47 - 'PHP connector' Command Injection

OpenDocMan 1.3.4 - 'search.php where' SQL Injection

Linux/x86 - NOT Encoder / Decoder - execve() /bin/sh Shellcode (44 bytes)
Linux/x86 - NOT Encoder / Decoder - execve(/bin/sh) Shellcode (44 bytes)

Linux/x86 - XOR Encoder / Decoder execve() /bin/sh Shellcode (45 bytes)
 2019-03-06 05:01:57 +00:00
Offensive Security
a37e3008e5 DB: 2019-03-05 
20 changes to exploits/shellcodes

Microsoft Edge Chakra 1.11.4 - Read Permission via Type Confusion

FileZilla 3.40.0 - 'Local search' / 'Local site' Denial of Service (PoC)

Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow

STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation
STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation (1)

STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation (2)

symphony CMS 2.3 - Multiple Vulnerabilities
Symphony CMS 2.3 - Multiple Vulnerabilities

Mpay24 PrestaShop Payment Module 1.5 - Multiple Vulnerabilities

Raisecom  XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 - Remote Code Execution

zzzphp CMS 1.6.1 - Cross-Site Request Forgery

Splunk Enterprise 7.2.4 - Custom App RCE (Persistent Backdoor - Custom Binary Payload)

Booked Scheduler 2.7.5 - Remote Command Execution (Metasploit)

OOP CMS BLOG 1.0 - Multiple SQL Injection

OOP CMS BLOG 1.0 - Multiple Cross-Site Request Forgery
CMSsite 1.0 - Multiple Cross-Site Request Forgery
elFinder 2.1.47 - Command Injection vulnerability in the PHP connector
MarcomCentral FusionPro VDP Creator < 10.0 - Directory Traversal
Bolt CMS 3.6.4 - Cross-Site Scripting
Craft CMS 3.1.12 Pro - Cross-Site Scripting
WordPress Plugin Cerber Security_ Antispam & Malware Scan 8.0 - Multiple Bypass Vulnerabilities
Fiberhome AN5506-04-F RP2669 - Persistent Cross-Site Scripting

Linux/x86 - NOT Encoder / Decoder - execve() /bin/sh Shellcode (44 bytes)

Linux/x64 - Kill All Processes Shellcode (11 bytes)

Linux/x86 - iptables -F Shellcode (43 bytes)
 2019-03-05 05:01:50 +00:00
Offensive Security
3622d5285d DB: 2019-03-04 2019-03-04 05:01:46 +00:00
Offensive Security
cfb12623fd DB: 2019-03-03 2019-03-03 05:01:56 +00:00
Offensive Security
55fab34db7 DB: 2019-03-02 
10 changes to exploits/shellcodes

Linux Kernel 3.10.0 (CentOS7) - Denial of Service
Linux Kernel 3.10.0 (CentOS 7) - Denial of Service
Google Chrome < M72 - PaymentRequest Service Use-After-Free
Google Chrome < M72 - RenderFrameHostImpl::CreateMediaStreamDispatcherHost Use-After-Free
Google Chrome < M72 - Use-After-Free in RenderProcessHostImpl Binding for P2PSocketDispatcherHost
Google Chrome < M72 - FileWriterImpl Use-After-Free
tcpdump < 4.9.3 - Multiple Heap-Based Out-of-Bounds Reads
Linux < 4.14.103 / < 4.19.25 - Out-of-Bounds Read and Write in SNMP NAT Module
macOS XNU - Copy-on-Write Behavior Bypass via Mount of User-Owned Filesystem Image

Cisco WebEx Meetings < 33.6.6 / < 33.9.1 - Privilege Escalation
 2019-03-02 05:01:54 +00:00
Offensive Security
31edb35a91 DB: 2019-03-01 
9 changes to exploits/shellcodes

FTP Server 1.32 - Denial of Service
WebKitGTK 2.23.90 / WebKitGTK+ 2.22.6 - Denial of Service
TransMac 12.3 - Denial of Service (PoC)
Simple Online Hotel Reservation System  - SQL Injection
Simple Online Hotel Reservation System  - Cross-Site Request Forgery (Add Admin)
Simple Online Hotel Reservation System  - Cross-Site Request Forgery (Delete Admin)
Joomla! Component J2Store < 3.3.7 - SQL Injection
Usermin 1.750 - Remote Command Execution (Metasploit)
Feng Office 3.7.0.5 - Remote Command Execution (Metasploit)
 2019-03-01 05:01:57 +00:00
Offensive Security
bb86158c6e DB: 2019-02-26 
7 changes to exploits/shellcodes

Xlight FTP Server 3.9.1 - Buffer Overflow (PoC)

Jenkins - Remote Code Execution
Jenkins Plugin Script Security < 1.50/Declarative < 1.3.4.1/Groovy < 2.61.1 - Remote Code Execution (PoC)
Jenkins Plugin Script Security 1.49/Declarative 1.3.4/Groovy 2.60 - Remote Code Execution
zzzphp CMS 1.6.1 - Remote Code Execution
PHP Ecommerce Script 2.0.6 - Cross-Site Scripting / SQL Injection
News Website Script 2.0.5 - SQL Injection
Advance Gift Shop Pro Script 2.0.3 - SQL Injection
Drupal < 8.6.9 - REST Module Remote Code Execution
 2019-02-26 05:01:47 +00:00
Offensive Security
4353909e3f DB: 2019-02-24 
1 changes to exploits/shellcodes

Drupal < 8.6.10 / < 8.5.11 - REST Module Remote Code Execution
 2019-02-24 05:01:51 +00:00
Offensive Security
e2ed64fffa DB: 2019-02-23 
5 changes to exploits/shellcodes

WebKit JSC - reifyStaticProperty Needs to set the PropertyAttribute::CustomAccessor flag for CustomGetterSetter

Nuuo Central Management - Authenticated SQL Server SQL Injection (Metasploit)
Quest NetVault Backup Server < 11.4.5 - Process Manager Service SQL Injection / Remote Code Execution
Micro Focus Filr 3.4.0.217 - Path Traversal / Local Privilege Escalation
Teracue ENC-400 - Command Injection / Missing Authentication
 2019-02-23 05:01:55 +00:00
Offensive Security
f7381cfe15 DB: 2019-02-22 
9 changes to exploits/shellcodes

Valentina Studio 9.0.5 Linux - 'Host' Buffer Overflow (PoC)
Virtual VCR Max .0a - '.vcr' Buffer Overflow (PoC)
ScreenStream 3.0.15 - Denial of Service
AirDrop 2.0 - Denial of Service (DoS)

RealTerm Serial Terminal 2.0.0.70 - 'Echo Port' Buffer Overflow (SEH)

Memu Play 6.0.7 - Privilege Escalation

MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT Bypass

C4G Basic Laboratory Information System (BLIS) 3.4 - SQL Injection

EI-Tube 3 - SQL Injection
 2019-02-22 05:01:55 +00:00
Offensive Security
26efc559c7 DB: 2019-02-21 
8 changes to exploits/shellcodes

FTPShell Server 6.83 - 'Account name to ban' Denial of Service (PoC)
WinRAR 5.61 - '.lng' Denial of Service
FaceTime - Texture Processing Memory Corruption
Android Kernel < 4.8 - ptrace seccomp Filter Bypass
MatrixSSL < 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates

MaxxAudio Drivers WavesSysSvc64.exe 1.6.2.0 - File Permissions SYSTEM Privilege Escalation
MaxxAudio Drivers WavesSysSvc64.exe 1.6.2.0 - Local Privilege Escalation
Apple macOS 10.13.5 - Local Privilege Escalation

mIRC < 7.55 - Remote Command Execution Using Argument Injection Through Custom URI Protocol Handlers
mIRC < 7.55 - 'Custom URI Protocol Handlers' Remote Command Execution
Belkin Wemo UPnP - Remote Code Execution (Metasploit)

HotelDruid 2.3 - Cross-Site Scripting
 2019-02-21 05:01:57 +00:00
Offensive Security
79a4beaea4 DB: 2019-02-20 
13 changes to exploits/shellcodes

NetSetMan 4.7.1 - 'Workgroup' Denial of Service (PoC)
Valentina Studio 9.0.4 - 'Host' Denial of Service (PoC)
BulletProof FTP Server 2019.0.0.50 - 'SMTP Server' Denial of Service (PoC)

MaxxAudio Drivers WavesSysSvc64.exe 1.6.2.0 - File Permissions SYSTEM Privilege Escalation
Find a Place CMS Directory 1.5 - 'assets/external/data_2.php cate' SQL Injection
Listing Hub CMS 1.0 - 'pages.php id' SQL Injection
Zuz Music 2.1 - 'zuzconsole/___contact ' Persistent Cross-Site Scripting
eDirectory - SQL Injection
XAMPP 5.6.8 - SQL Injection / Persistent Cross-Site Scripting
Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 - Path Traversal / Cross-Site Scripting
Ask Expert Script 3.0.5 - Cross Site Scripting / SQL Injection
Jenkins - Remote Code Execution
 2019-02-20 05:01:54 +00:00
Offensive Security
cd868436ff DB: 2019-02-19 
25 changes to exploits/shellcodes

Realterm Serial Terminal 2.0.0.70 - Denial of Service
Realterm Serial Terminal 2.0.0.70 - Local Buffer Overflow (SEH)
NBMonitor 1.6.5.0 - 'Key' Denial of Service (PoC)
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During OTF Font Rendering in glyph_CloseContour
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in OpenTypeLayoutEngine::adjustGlyphPositions
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in ExtractBitMap_blocClass
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in AlternateSubstitutionSubtable::process

mIRC < 7.55 - Remote Command Execution Using Argument Injection Through Custom URI Protocol Handlers
qdPM 9.1 - 'type' Cross-Site Scripting
qdPM 9.1 - 'search[keywords]' Cross-Site Scripting
Master IP CAM 01 3.3.4.2103 - Remote Command Execution
MISP 2.4.97 - SQL Command Execution via Command Injection in STIX Module
CMSsite 1.0 - 'post' SQL Injection
M/Monit 3.7.2 - Privilege Escalation
Webiness Inventory 2.3 - 'ProductModel' Arbitrary File Upload
Apache CouchDB 2.3.0 - Cross-Site Scripting
ArangoDB Community Edition 3.4.2-1 - Cross-Site Scripting
Comodo Dome Firewall 2.7.0 - Cross-Site Scripting
Zoho ManageEngine ServiceDesk Plus (SDP) < 10.0 build 10012 - Arbitrary File Upload
WordPress Plugin WooCommerce - GloBee (cryptocurrency) Payment Gateway 1.1.1 - Payment Bypass / Unauthorized Order Status Spoofing

macOS - Reverse (::1:4444/TCP) Shell (/bin/sh) +IPv6 Shellcode (119 bytes)
macOS - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (129 bytes)
macOS - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (103 bytes)
macOS - Bind (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (123 bytes)
macOS - execve(/bin/sh) + Null-Free Shellcode (31 bytes)
 2019-02-19 05:02:08 +00:00
Offensive Security
f3f1427938 DB: 2019-02-16 
9 changes to exploits/shellcodes

ApowerManager 3.1.7 - Phone Manager Remote Denial of Service (DoS)
ApowerManager 3.1.7 - Phone Manager Remote Denial of Service (PoC)
AirMore 1.6.1 - Denial of Service (PoC)
Free IP Switcher 3.1 - 'Computer Name' Denial of Service (PoC)
Navicat for Oracle 12.1.15 - _Password_ Denial of Service (PoC)
VSCO 1.1.1.0 - Denial of Service (PoC)
Linux - 'kvm_ioctl_create_device()' NULL Pointer Dereference

Webiness Inventory 2.3 - SQL Injection
Webiness Inventory 2.3 - 'order' SQL Injection
MyBB Trash Bin Plugin 1.1.3 - Cross-Site Scripting / Cross-Site Request Forgery
Jinja2 2.10 - 'from_string' Server Side Template Injection
qdPM 9.1 - 'search_by_extrafields[]' SQL Injection
UniSharp Laravel File Manager 2.0.0-alpha7 - Arbitrary File Upload
 2019-02-16 05:01:55 +00:00
Offensive Security
5f3f5c8f09 DB: 2019-02-15 
18 changes to exploits/shellcodes

Core FTP/SFTP Server 1.2 Build 589.42 - 'User domain' Denial of Service (PoC)
MediaMonkey 4.1.23 - '.mp3' URL Denial of Service (PoC)
ApowerManager 3.1.7 - Phone Manager Remote Denial of Service (DoS)

runc < 1.0-rc6 (Docker < 18.09.2) - Host Command Execution
runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout (1)
exacqVision ESM 5.12.2 - Privilege Escalation
runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout (2)
Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Reflected Cross-Site Scripting
Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Password Disclosure)

Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Admin Token Disclosure)
DomainMOD 4.11.01 - 'ssl-provider-name' Cross-Site Scripting
DomainMOD 4.11.01 - 'ssl-accounts.php username' Cross-Site Scripting
DomainMOD 4.11.01 - 'category.php CatagoryName_ StakeHolder' Cross-Site Scripting
DomainMOD 4.11.01 - 'assets/add/dns.php' Cross-Site Scripting
DomainMOD 4.11.01 - 'assets/edit/host.php?whid=5' Cross-Site Scripting
WordPress Plugin Booking Calendar 8.4.3 - Authenticated SQL Injection
LayerBB 1.1.2 - Cross-Site Request Forgery (Add Admin)
 2019-02-15 05:01:54 +00:00
Offensive Security
a4b18dada5 DB: 2019-02-14 
11 changes to exploits/shellcodes

AirDroid 4.2.1.6 - Denial of Service

NetworkSleuth 3.0 - 'Name' Denial of Service (PoC)
runc< 1.0-rc6 (Docker < 18.09.2) - Host Command Execution
Ubuntu snapd < 2.37.1 - Local Privilege Escalation
runc < 1.0-rc6 (Docker < 18.09.2) - Host Command Execution
snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (1)
snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (2)

Netatalk < 3.1.12 - Authentication Bypass
Netatalk 3.1.12 - Authentication Bypass
Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Reflected Cross-Site Scripting
Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Password Disclosure)
Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Admin Token Disclosure)
Rukovoditel Project Management CRM 2.4.1 - Cross-Site Scripting
PilusCart 1.4.1 - 'send' SQL Injection
 2019-02-14 05:01:54 +00:00
Offensive Security
1982f33252 DB: 2019-02-13 
16 changes to exploits/shellcodes

AirDroid 4.2.1.6 - Denial of Service

River Past Video Cleaner 7.6.3 - Local Buffer Overflow (SEH)
Android - binder Use-After-Free via fdget() Optimization
Android - binder Use-After-Free of VMA via race Between reclaim and munmap
Skyworth GPON HomeGateways and Optical Network Terminals - Stack Overflow
River Past Video Cleaner 7.6.3 - Local Buffer Overflow (SEH)
runc< 1.0-rc6 (Docker < 18.09.2) - Host Command Execution
Ubuntu snapd < 2.37.1 - Local Privilege Escalation
IPFire 2.21 - Cross-Site Scripting
MyBB Bans List 1.0 - Cross-Site Scripting
IPFire 2.21 - Cross-Site Scripting
MyBB Bans List 1.0 - Cross-Site Scripting

Webiness Inventory 2.3 - 'email' SQL Injection
OPNsense < 19.1.1 - Cross-Site Scripting
Jenkins 2.150.2 -  Remote Command Execution (Metasploit)
BlogEngine.NET 3.3.6 - Directory Traversal / Remote Code Execution
LayerBB 1.1.2 - Cross-Site Scripting
 2019-02-13 05:01:49 +00:00