Offensive Security
038ac7b860
DB: 2018-10-11
...
4 changes to exploits/shellcodes
FileZilla 3.33 - Buffer Overflow (PoC)
WhatsApp - RTP Processing Heap Corruption
MicroTik RouterOS < 6.43rc3 - Remote Root
Ektron CMS 9.20 SP2 - Improper Access Restrictions
2018-10-11 05:01:43 +00:00
Offensive Security
b311000a22
DB: 2018-10-09
...
16 changes to exploits/shellcodes
net-snmp 5.7.3 - Unauthenticated Denial of Service (PoC)
net-snmp 5.7.3 - Authenticated Denial of Service (PoC)
Linux - Kernel Pointer Leak via BPF
Android - sdcardfs Changes current->fs Without Proper Locking
360 3.5.0.1033 - Sandbox Escape
Git Submodule - Arbitrary Code Execution
Linux Kernel < 4.11.8 - 'mq_notify: double sock_put()' Local Privilege Escalation
Zahir Enterprise Plus 6 - Stack Buffer Overflow (Metasploit)
Microsoft Windows - Net-NTLMv2 Reflection DCOM/RPC (Metasploit)
Cisco Prime Infrastructure - Unauthenticated Remote Code Execution
Unitrends UEB - HTTP API Remote Code Execution (Metasploit)
Navigate CMS - Unauthenticated Remote Code Execution (Metasploit)
FLIR Thermal Traffic Cameras 1.01-0bb5b27 - Information Disclosure
Imperva SecureSphere 13 - Remote Command Execution
Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 bytes)
Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode (181 bytes)
2018-10-09 05:01:44 +00:00
Offensive Security
ed0e1e4d44
DB: 2018-09-25
...
1979 changes to exploits/shellcodes
Couchdb 1.5.0 - 'uuids' Denial of Service
Apache CouchDB 1.5.0 - 'uuids' Denial of Service
Beyond Remote 2.2.5.3 - Denial of Service (PoC)
udisks2 2.8.0 - Denial of Service (PoC)
Termite 3.4 - Denial of Service (PoC)
SoftX FTP Client 3.3 - Denial of Service (PoC)
Silverstripe 2.3.5 - Cross-Site Request Forgery / Open redirection
SilverStripe CMS 2.3.5 - Cross-Site Request Forgery / Open Redirection
Silverstripe CMS 3.0.2 - Multiple Vulnerabilities
SilverStripe CMS 3.0.2 - Multiple Vulnerabilities
Silverstripe CMS 2.4 - File Renaming Security Bypass
SilverStripe CMS 2.4 - File Renaming Security Bypass
Silverstripe CMS 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities
SilverStripe CMS 2.4.5 - Multiple Cross-Site Scripting Vulnerabilities
Silverstripe CMS 2.4.7 - 'install.php' PHP Code Injection
SilverStripe CMS 2.4.7 - 'install.php' PHP Code Injection
Silverstripe Pixlr Image Editor - 'upload.php' Arbitrary File Upload
SilverStripe CMS Pixlr Image Editor - 'upload.php' Arbitrary File Upload
Silverstripe CMS 2.4.x - 'BackURL' Open Redirection
SilverStripe CMS 2.4.x - 'BackURL' Open Redirection
Silverstripe CMS - 'MemberLoginForm.php' Information Disclosure
SilverStripe CMS - 'MemberLoginForm.php' Information Disclosure
Silverstripe CMS - Multiple HTML Injection Vulnerabilities
SilverStripe CMS - Multiple HTML Injection Vulnerabilities
Apache CouchDB 1.7.0 and 2.x before 2.1.1 - Remote Privilege Escalation
Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation
Monstra CMS before 3.0.4 - Cross-Site Scripting
Monstra CMS < 3.0.4 - Cross-Site Scripting (2)
Monstra CMS < 3.0.4 - Cross-Site Scripting
Monstra CMS < 3.0.4 - Cross-Site Scripting (1)
Navigate CMS 2.8 - Cross-Site Scripting
Collectric CMU 1.0 - 'lang' SQL injection
Joomla! Component CW Article Attachments 1.0.6 - 'id' SQL Injection
LG SuperSign EZ CMS 2.5 - Remote Code Execution
MyBB Visual Editor 1.8.18 - Cross-Site Scripting
Joomla! Component AMGallery 1.2.3 - 'filter_category_id' SQL Injection
Joomla! Component Micro Deal Factory 2.4.0 - 'id' SQL Injection
RICOH Aficio MP 301 Printer - Cross-Site Scripting
Joomla! Component Auction Factory 4.5.5 - 'filter_order' SQL Injection
RICOH MP C6003 Printer - Cross-Site Scripting
Linux/ARM - Egghunter (PWN!) + execve(_/bin/sh__ NULL_ NULL) Shellcode (28 Bytes)
Linux/ARM - sigaction() Based Egghunter (PWN!) + execve(_/bin/sh__ NULL_ NULL) Shellcode (52 Bytes)
2018-09-25 05:01:51 +00:00
Offensive Security
2785d40187
DB: 2018-09-14
...
12 changes to exploits/shellcodes
Clone2Go Video to iPod Converter 2.5.0 - Denial of Service (PoC)
MediaTek Wirless Utility rt2870 - Denial of Service (PoC)
TeamViewer App 13.0.100.0 - Denial of Service (PoC)
Linux 4.18 - Arbitrary Kernel Read into dmesg via Missing Address Check in segfault Handler
InduSoft Web Studio 8.1 SP1 - 'Tag Name' Buffer Overflow (SEH)
STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation
Faleemi Desktop Software 1.8.2 - 'SavePath for ScreenShots' Buffer Overflow (SEH)
Free MP3 CD Ripper 2.6 - '.mp3' Buffer Overflow (SEH)
Socusoft Photo to Video Converter 8.07 - 'Registration Name' Buffer Overflow
Chrome OS 10820.0.0 dev-channel - app->VM via garcon TCP Command Socket
MyBB 1.8.17 - Cross-Site Scripting
Apache Portals Pluto 3.0.0 - Remote Code Execution
Apache Syncope 2.0.7 - Remote Code Execution
2018-09-14 05:01:54 +00:00
Offensive Security
18e2848633
DB: 2018-08-28
...
25 changes to exploits/shellcodes
Firefox 55.0.3 - Denial of Service (PoC)
Trend Micro Enterprise Mobile Security 2.0.0.1700 - 'Servidor' Denial of Service (PoC)
Libpango 1.40.8 - Denial of Service (PoC)
Adobe Flash - AVC Processing Out-of-Bounds Read
Foxit Reader 9.0.1.1049 - Buffer Overflow (ASLR)(DEP)
CuteFTP 5.0 - Buffer Overflow
Foxit PDF Reader 9.0.1.1049 - Pointer Overwrite Use-After-Free (Metasploit)
OpenSSH 7.7 - Username Enumeration
OpenSSH 2.3 < 7.7 - Username Enumeration
Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (1)
Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (2)
Node.JS - 'node-serialize' Remote Code Execution
Electron WebPreferences - Remote Code Execution
HP Jetdirect - Path Traversal Arbitrary Code Execution (Metasploit)
Auditor Website 2.0.1 - Cross-Site Scripting
Basic B2B Script 2.0.0 - Cross-Site Scripting
Entrepreneur Job Portal Script 3.0.1 - Cross-Site Scripting
Sentrifugo HRMS 3.2 - 'deptid' SQL Injection
WordPress Plugin Gift Voucher 1.0.5 - 'template_id' SQL Injection
ManageEngine ADManager Plus 6.5.7 - Cross-Site Scripting
WordPress Plugin Gift Voucher 1.0.5 - 'template_id' SQL Injection
ManageEngine ADManager Plus 6.5.7 - Cross-Site Scripting
Gleez CMS 1.2.0 - Cross-Site Request Forgery (Add Admin)
RICOH MP C4504ex Printer - Cross-Site Request Forgery (Add Admin)
LiteCart 2.1.2 - Arbitrary File Upload
Seagate Personal Cloud SRN21C 4.3.16.0 / 4.3.18.0 - SQL Injection
Responsive FileManager < 9.13.4 - Directory Traversal
WordPress Plugin Plainview Activity Monitor 20161228 - Command Injection
2018-08-28 05:01:59 +00:00
Offensive Security
4d43b968d8
DB: 2018-08-24
...
7 changes to exploits/shellcodes
CuteFTP 8.3.1 - Denial of Service (PoC)
Epiphany Web Browser 3.28.1 - Denial of Service (PoC)
StyleWriter 4 1.0 - Denial of Service (PoC)
CMS ISWEB 3.5.3 - Directory Traversal
Twitter-Clone 1 - 'code' SQL Injection
PCViewer vt1000 - Directory Traversal
2018-08-24 05:01:53 +00:00
Offensive Security
b02440845e
DB: 2018-07-31
...
5 changes to exploits/shellcodes
fusermount - user_allow_other Restriction Bypass and SELinux Label Control
ipPulse 1.92 - 'IP Address/HostName-Comment' Denial of Service (PoC)
Microsoft Windows Kernel - 'win32k!NtUserConsoleControl' Denial of Service (PoC)
Charles Proxy 4.2 - Local Privilege Escalation
H2 Database 1.4.197 - Information Disclosure
2018-07-31 05:01:47 +00:00
Offensive Security
1d504e24f2
DB: 2018-07-25
...
3 changes to exploits/shellcodes
Nagios Core 4.4.1 - Denial of Service
Micro Focus Secure Messaging Gateway (SMG) < 471 - Remote Code Execution (Metasploit)
D-link DAP-1360 - Path Traversal / Cross-Site Scripting
Linux/x86 - Bind (4444/TCP) Shell + IPv6 Shellcode (100 bytes)
Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (100 bytes)
2018-07-25 05:01:46 +00:00
Offensive Security
a657b64301
DB: 2018-07-17
...
7 changes to exploits/shellcodes
macOS/iOS - JavaScript Injection Bug in OfficeImporter
Linux/Ubuntu - Other Users coredumps can be read via setgid Directory and killpriv Bypass
Microsoft Enterprise Mode Site List Manager - XML External Entity Injection
Hadoop YARN ResourceManager - Unauthenticated Command Execution (Metasploit)
Hadoop YARN ResourceManager - Command Execution (Metasploit)
VelotiSmart WiFi B-380 Camera - Directory Traversal
Fortify Software Security Center (SSC) 17.x/18.1 - XML External Entity Injection
WordPress Plugin Job Manager 4.1.0 - Cross-Site Scripting
Linux/ARM - Bind (1234/TCP) Shell (/bin/sh) Shellcode (104 bytes)
2018-07-17 05:01:49 +00:00
Offensive Security
727943f775
DB: 2018-07-10
...
8 changes to exploits/shellcodes
Tor Browser < 0.3.2.10 - Use After Free (PoC)
Boxoft WAV to WMA Converter 1.0 - Local Buffer Overflow (SEH)
Activision Infinity Ward Call of Duty Modern Warfare 2 - Buffer Overflow
HP VAN SDN Controller - Root Command Injection (Metasploit)
HID discoveryd - command_blink_on Unauthenticated RCE (Metasploit)
GitList 0.6.0 - Argument Injection (Metasploit)
Umbraco CMS SeoChecker Plugin 1.9.2 - Cross-Site Scripting
Linux/x86 - Kill Process Shellcode (20 bytes)
2018-07-10 05:01:55 +00:00
Offensive Security
6a98e55e9d
DB: 2018-07-04
...
4 changes to exploits/shellcodes
openslp 2.0.0 - Double-Free
Boxoft WAV to MP3 Converter 1.1 - Buffer Overflow (Metasploit)
FTPShell client 6.70 (Enterprise edition) - Stack Buffer Overflow (Metasploit)
FTPShell Client 6.70 (Enterprise Edition) - Stack Buffer Overflow (Metasploit)
ModSecurity 3.0.0 - Cross-Site Scripting
ntop-ng < 3.4.180617 - Authentication Bypass
2018-07-04 05:01:48 +00:00
Offensive Security
e8a3702c6c
DB: 2018-07-03
...
11 changes to exploits/shellcodes
Core FTP LE 2.2 - Buffer Overflow (PoC)
SIPp 3.6 - Local Buffer Overflow (PoC)
Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow (PoC)
Enhanced Mitigation Experience Toolkit (EMET) - XML External Entity Injection
FTPShell client 6.70 (Enterprise edition) - Stack Buffer Overflow (Metasploit)
Nagios XI 5.2.6-5.4.12 - Chained Remote Code Execution (Metasploit)
Geutebruck 5.02024 G-Cam/EFD-2250 - Remote Command Execution (Metasploit)
Geutebruck 5.02024 G-Cam/EFD-2250 - 'testaction.cgi' Remote Command Execution (Metasploit)
Geutebruck 5.02024 G-Cam/EFD-2250 - 'simple_loglistjs.cgi' Remote Command Execution (Metasploit)
VMware NSX SD-WAN Edge < 3.1.2 - Command Injection
DAMICMS 6.0.0 - Cross-Site Request Forgery (Add Admin)
Dolibarr ERP CRM < 7.0.3 - PHP Code Injection
Linux/x86 - Execve /bin/cat /etc/passwd Shellcode (37 bytes)
2018-07-03 05:01:48 +00:00
Offensive Security
2c912f897c
DB: 2018-06-27
...
3 changes to exploits/shellcodes
PoDoFo 0.9.5 - Buffer Overflow
Liferay Portal < 7.0.4 - Server-Side Request Forgery
2018-06-27 05:01:48 +00:00
Offensive Security
d8206fb5eb
DB: 2018-06-26
...
13 changes to exploits/shellcodes
KVM (Nested Virtualization) - L1 Guest Privilege Escalation
DIGISOL DG-BR4000NG - Buffer Overflow (PoC)
Foxit Reader 9.0.1.1049 - Remote Code Execution
WordPress Plugin iThemes Security < 7.0.3 - SQL Injection
phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion
phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion (1)
phpMyAdmin 4.8.1 - Local File Inclusion
phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion (2)
WordPress Plugin Advanced Order Export For WooCommerce < 1.5.4 - CSV Injection
Ecessa Edge EV150 10.7.4 - Cross-Site Request Forgery (Add Superuser)
Intex Router N-150 - Cross-Site Request Forgery (Add Admin)
DIGISOL DG-BR4000NG - Cross-Site Scripting
Ecessa WANWorx WVR-30 < 10.7.4 - Cross-Site Request Forgery (Add Superuser)
AsusWRT RT-AC750GF - Cross-Site Request Forgery (Change Admin Password)
Ecessa ShieldLink SL175EHQ < 10.7.4 - Cross-Site Request Forgery (Add Superuser)
Intex Router N-150 - Arbitrary File Upload
WordPress Plugin Comments Import & Export < 2.0.4 - CSV Injection
2018-06-26 05:01:46 +00:00
Offensive Security
4f92fdbdd2
DB: 2018-06-23
...
6 changes to exploits/shellcodes
QEMU Guest Agent 2.12.50 - Denial of Service
Opencart < 3.0.2.0 - Denial of Service
GreenCMS 2.3.0603 - Information Disclosure
phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion
phpLDAPadmin 1.2.2 - 'server_id' LDAP Injection (Username)
phpMyAdmin 4.8.1 - Local File Inclusion
2018-06-23 05:01:48 +00:00
Offensive Security
ac267cb298
DB: 2018-06-21
...
11 changes to exploits/shellcodes
Redis 5.0 - Denial of Service
ntp 4.2.8p11 - Local Buffer Overflow (PoC)
Windows 10 - Desktop Bridge Activation Arbitrary Directory Creation Privilege Escalation
Windows 10 - Desktop Bridge Virtual Registry CVE-2018-0880 Incomplete Fix Privilege Escalation
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution
Mirasys DVMS Workstation 5.12.6 - Path Traversal
MaDDash 2.0.2 - Directory Listing
NewMark CMS 2.1 - 'sec_id' SQL Injection
TP-Link TL-WA850RE - Remote Command Execution
Apache CouchDB < 2.1.0 - Remote Code Execution
IPConfigure Orchid VMS 2.0.5 - Directory Traversal Information Disclosure (Metasploit)
VideoInsight WebClient 5 - SQL Injection
2018-06-21 05:01:44 +00:00
Offensive Security
1ccdc79fbd
DB: 2018-06-15
...
2 changes to exploits/shellcodes
rtorrent 0.9.6 - Denial of Service
Joomla Component Ek rishta 2.10 - SQL Injection
2018-06-15 05:01:44 +00:00
Offensive Security
1877107e5a
DB: 2018-06-12
...
11 changes to exploits/shellcodes
WebKitGTK+ < 2.21.3 - 'WebKitFaviconDatabase' DoS
WampServer 3.0.6 - Cross-Site Request Forgery
Schools Alert Management Script - SQL Injection
WordPress Plugin Pie Register < 3.0.9 - Blind SQL Injection
Event Manager Admin panel - 'events_new.php' SQL injection
Joomla! Component EkRishta 2.10 - 'cid' SQL Injection
Schools Alert Management Script - Arbitrary File Deletion
userSpice 4.3.24 - 'X-Forwarded-For' Cross-Site Scripting
userSpice 4.3.24 - Username Enumeration
Schools Alert Management Script - 'get_sec.php' SQL Injection
Schools Alert Management Script - Arbitrary File Read
2018-06-12 05:01:49 +00:00
Offensive Security
0381c4c519
DB: 2018-06-09
...
11 changes to exploits/shellcodes
Gnome Web (Epiphany) < 3.28.2.1 - Denial of Service
WebKit - WebAssembly Compilation Info Leak
Google Chrome - Integer Overflow when Processing WebAssembly Locals
WebKit - Use-After-Free when Resuming Generator
WebRTC - VP9 Frame Processing Out-of-Bounds Memory Access
WebRTC - VP9 Missing Frame Processing Out-of-Bounds Memory Access
TrendMicro OfficeScan XG 11.0 - Change Prevention Bypass
MantisBT XmlImportExport Plugin - PHP Code Injection (Metasploit)
Mantis Bug Tracker 1.2.0a3 < 1.2.17 XmlImportExport Plugin - PHP Code Injection (Metasploit) (2)
Mantis 1.1.3 - 'manage_proj_page' PHP Code Execution (Metasploit)
Mantis Bug Tracker 1.1.3 - 'manage_proj_page' PHP Code Execution (Metasploit)
MantisBT 1.2.3 (db_type) - Cross-Site Scripting / Full Path Disclosure
MantisBT 1.2.3 (db_type) - Local File Inclusion
Mantis Bug Tracker 1.2.3 - 'db_type' Cross-Site Scripting / Full Path Disclosure
Mantis Bug Tracker 1.2.3 - 'db_type' Local File Inclusion
Mantis 0.15.x/0.16/0.17.x - JPGraph Remote File Inclusion Command Execution
Mantis Bug Tracker 0.15.x/0.16/0.17.x - JPGraph Remote File Inclusion Command Execution
Mantis 0.19 - Remote Server-Side Script Execution
Mantis 0.x - Multiple Cross-Site Scripting Vulnerabilities
Mantis 0.x - New Account Signup Mass Emailing
Mantis Bug Tracker 0.19 - Remote Server-Side Script Execution
Mantis Bug Tracker 0.x - Multiple Cross-Site Scripting Vulnerabilities
Mantis Bug Tracker 0.x - New Account Signup Mass Emailing
Mantis 0.x/1.0 - Multiple Input Validation Vulnerabilities
Mantis Bug Tracker 0.x/1.0 - Multiple Input Validation Vulnerabilities
Mantis 0.19.2/1.0 - 'Bug_sponsorship_list_view_inc.php' File Inclusion
Mantis Bug Tracker 0.19.2/1.0 - 'Bug_sponsorship_list_view_inc.php' File Inclusion
Mantis 0.x/1.0 - 'View_filters_page.php' Cross-Site Scripting
Mantis Bug Tracker 0.x/1.0 - 'View_filters_page.php' Cross-Site Scripting
Mantis 0.x/1.0 - 'view_all_set.php' Multiple Cross-Site Scripting Vulnerabilities
Mantis 0.x/1.0 - 'manage_user_page.php?sort' Cross-Site Scripting
Mantis Bug Tracker 0.x/1.0 - 'view_all_set.php' Multiple Cross-Site Scripting Vulnerabilities
Mantis Bug Tracker 0.x/1.0 - 'manage_user_page.php?sort' Cross-Site Scripting
MantisBT 1.1.8 - Cross-Site Scripting / SQL Injection
Mantis Bug Tracker 1.1.8 - Cross-Site Scripting / SQL Injection
MantisBT 1.2.19 - Host Header
Mantis Bug Tracker 1.2.19 - Host Header
MantisBT 1.2.0a3 < 1.2.17 - XmlImportExport Plugin PHP Code Injection (Metasploit)
Mantis Bug Tracker 1.2.0a3 < 1.2.17 XmlImportExport Plugin - PHP Code Injection (Metasploit) (1)
Monstra CMS < 3.0.4 - Cross-Site Scripting Automation
Monstra CMS < 3.0.4 - Cross-Site Scripting
XiongMai uc-httpd 1.0.0 - Buffer Overflow
Splunk < 7.0.1 - Information Disclosure
Linux/ARM - Egghunter (\x50\x90\x50\x90) + execve('/bin/sh') Shellcode (32 bytes)
Linux/ARM - Egghunter (0x50905090) + execve('/bin/sh') Shellcode (32 bytes)
Linux/ARM - Egghunter (0x50905090) + execve('/bin/sh') Shellcode (60 bytes)
2018-06-09 05:01:42 +00:00
Offensive Security
ad4b4f15f3
DB: 2018-06-06
...
11 changes to exploits/shellcodes
Linux Kernel < 4.16.11 - 'ext4_read_inline_data()' Memory Corruption
Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (Metasploit)
Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (Metasploit)
Clone2GO Video converter 2.8.2 - Buffer Overflow
10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow (SEH)
10-Strike Network Inventory Explorer 8.54 - 'Registration Key' Buffer Overflow (SEH)
10-Strike Network Scanner 3.0 - Local Buffer Overflow (SEH)
WebKitGTK+ < 2.21.3 - Crash (PoC)
WebKit - not_number defineProperties UAF (Metasploit)
EMS Master Calendar < 8.0.0.20180520 - Reflected Cross-Site Scripting
EMS Master Calendar < 8.0.0.20180520 - Cross-Site Scripting
MyBB Recent Threads Plugin 1.0 - Cross-Site Scripting
Pagekit < 1.0.13 - Cross-Site Scripting Code Generator
Brother HL Series Printers 1.15 - Cross-Site Scripting
Jenkins Mailer Plugin < 1.20 - Cross-Site Request Forgery (Send Email)
2018-06-06 05:01:46 +00:00
Offensive Security
89ee92def8
DB: 2018-05-31
...
6 changes to exploits/shellcodes
Siemens SIMATIC S7-300 CPU - Remote Denial of Service
Procps-ng - Multiple Vulnerabilities
SearchBlox 8.6.6 - Cross-Site Request Forgery
Yosoro 1.0.4 - Remote Code Execution
MachForm < 4.2.3 - SQL Injection / Path Traversal / Upload Bypass
Dolibarr 7.0.0 - SQL Injection
2018-05-31 05:01:44 +00:00
Offensive Security
54b5ed8407
DB: 2018-05-24
...
31 changes to exploits/shellcodes
WordPress Core - 'load-scripts.php' Denial of Service
WordPress Core - 'load-scripts.php' Denial of Service
Broadcom BCM43xx Wi-Fi - 'BroadPWN' Denial of Service
Broadcom BCM43xx Wi-Fi - 'BroadPWN' Denial of Service
Android Bluetooth - BNEP bnep_data_ind() Remote Heap Disclosure
Android Bluetooth - BNEP BNEP_SETUP_CONNECTION_REQUEST_MSG Out-of-Bounds Read
Android Bluetooth - BNEP bnep_data_ind() Remote Heap Disclosure
Android Bluetooth - BNEP BNEP_SETUP_CONNECTION_REQUEST_MSG Out-of-Bounds Read
Linux Kernel < 4.17-rc1 - 'AF_LLC' Double Free
Linux Kernel < 4.17-rc1 - 'AF_LLC' Double Free
FTPShell Server 6.80 - Denial of Service
Siemens SCALANCE S613 - Remote Denial of Service
Samsung Galaxy S7 Edge - Overflow in OMACP WbXml String Extension Processing
Photodex ProShow Gold 4 (Windows XP SP3) - '.psh' Universal Buffer Overflow (SEH)
Photodex ProShow Gold 4 (Windows XP SP3) - '.psh' Universal Buffer Overflow (SEH)
WebKitGTK 2.1.2 (Ubuntu 14.04) - Heap based Buffer Overflow
WebKitGTK 2.1.2 (Ubuntu 14.04) - Heap based Buffer Overflow
Linux Kernel < 3.5.0-23 (Ubuntu 12.04.2 x64) - 'SOCK_DIAG' SMEP Bypass Local Privilege Escalation
Linux Kernel < 4.4.0-21 (Ubuntu 16.04 x64) - 'netfilter target_offset' Local Privilege Escalation
Linux Kernel < 3.5.0-23 (Ubuntu 12.04.2 x64) - 'SOCK_DIAG' SMEP Bypass Local Privilege Escalation
Linux Kernel < 4.4.0-21 (Ubuntu 16.04 x64) - 'netfilter target_offset' Local Privilege Escalation
Brave Browser < 0.13.0 - 'long alert() argument' Denial of Service
Brave Browser < 0.13.0 - 'window.close(self)' Denial of Service
Brave Browser < 0.13.0 - 'long alert() argument' Denial of Service
Brave Browser < 0.13.0 - 'window.close(self)' Denial of Service
FTPShell Server 6.80 - Buffer Overflow (SEH)
SAP NetWeaver AS JAVA CRM - Log injection Remote Command Execution
SAP NetWeaver AS JAVA CRM - Log injection Remote Command Execution
Moxa AWK-3131A 1.4 < 1.7 - 'Username' OS Command Injection
Moxa AWK-3131A 1.4 < 1.7 - 'Username' OS Command Injection
Buddypress Xprofile Custom Fields Type 2.6.3 - Remote Code Execution
Buddypress Xprofile Custom Fields Type 2.6.3 - Remote Code Execution
Joomla Convert Forms version 2.0.3 - Formula Injection (CSV Injection)
Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)
Joomla Convert Forms version 2.0.3 - Formula Injection (CSV Injection)
Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution
Wchat PHP AJAX Chat Script 1.5 - Cross-Site Scripting
Wchat PHP AJAX Chat Script 1.5 - Cross-Site Scripting
EasyService Billing 1.0 - SQL Injection / Cross-Site Scripting
EasyService Billing 1.0 - 'p1' SQL Injection
MySQL Smart Reports 1.0 - 'id' SQL Injection / Cross-Site Scripting
MySQL Blob Uploader 1.7 - 'download.php' SQL Injection / Cross-Site Scripting
MySQL Blob Uploader 1.7 - 'home-file-edit.php' SQL Injection / Cross-Site Scripting
MySQL Blob Uploader 1.7 - 'home-filet-edit.php' SQL Injection / Cross-Site Scripting
MySQL Blob Uploader 1.7 - 'home-filet-edit.php' SQL Injection
PHP Dashboards 4.5 - 'email' SQL Injection
Mobile Card Selling Platform 1 - Cross-Site Request Forgery
PHP Dashboards 4.5 - SQL Injection
Online Store System CMS 1.0 - SQL Injection
Gigs 2.0 - 'username' SQL Injection
GPSTracker 1.0 - 'id' SQL Injection
Shipping System CMS 1.0 - SQL Injection
Wecodex Store Paypal 1.0 - SQL Injection
SAT CFDI 3.3 - SQL Injection
School Management System CMS 1.0 - 'username' SQL Injection
Library CMS 1.0 - SQL Injection
Wecodex Hotel CMS 1.0 - 'Admin Login' SQL Injection
Wecodex Restaurant CMS 1.0 - 'Login' SQL Injection
eWallet Online Payment Gateway 2 - Cross-Site Request Forgery
Mcard Mobile Card Selling Platform 1 - SQL Injection
Honeywell Scada System - Information Disclosure
NewsBee CMS 1.4 - Cross-Site Request Forgery
SKT LTE Wi-Fi SDT-CW3B1 - Unauthorized Admin Credential Change
WordPress Plugin Peugeot Music - Arbitrary File Upload
BSD - Reverse TCP (127.0.0.1:31337/TCP) Shell (/bin/sh) Shellcode (124 bytes)
BSD - Reverse (127.0.0.1:31337/TCP) Shell (/bin/sh) Shellcode (124 bytes)
BSD/x86 - setuid(0) + Bind TCP (31337/TCP) Shell Shellcode (94 bytes)
BSD/x86 - setuid(0) + Bind (31337/TCP) Shell Shellcode (94 bytes)
BSD/x86 - Bind TCP (31337/TCP) Shell Shellcode (83 bytes)
BSD/x86 - Bind TCP (Random TCP Port) Shell Shellcode (143 bytes)
BSD/x86 - Bind (31337/TCP) Shell Shellcode (83 bytes)
BSD/x86 - Bind (Random TCP Port) Shell Shellcode (143 bytes)
BSD/x86 - Reverse TCP (torootteam.host.sk:2222/TCP) Shell Shellcode (93 bytes)
BSD/x86 - Reverse (torootteam.host.sk:2222/TCP) Shell Shellcode (93 bytes)
BSD/x86 - Reverse TCP (192.168.2.33:6969/TCP) Shell Shellcode (129 bytes)
BSD/x86 - Reverse (192.168.2.33:6969/TCP) Shell Shellcode (129 bytes)
FreeBSD/x86 - Reverse TCP (192.168.1.33:8000/TCP) cat /etc/passwd Shellcode (112 bytes)
FreeBSD/x86 - Reverse (192.168.1.33:8000/TCP) cat /etc/passwd Shellcode (112 bytes)
FreeBSD/x86 - Reverse TCP (127.0.0.1:8000/TCP) Shell (/bin/sh) + Null-Free Shellcode (89 bytes)
FreeBSD/x86 - Reverse (127.0.0.1:8000/TCP) Shell (/bin/sh) + Null-Free Shellcode (89 bytes)
FreeBSD/x86 - Bind TCP (4883/TCP) Shell (/bin/sh) + Password Shellcode (222 bytes)
FreeBSD/x86 - Bind (4883/TCP) Shell (/bin/sh) + Password Shellcode (222 bytes)
FreeBSD/x86 - Reverse TCP (127.0.0.1:31337/TCP) Shell (/bin/sh) Shellcode (102 bytes)
FreeBSD/x86 - Reverse (127.0.0.1:31337/TCP) Shell (/bin/sh) Shellcode (102 bytes)
Linux/x86 - Bind TCP Shell Shellcode (Generator)
Windows (XP SP1) - Bind TCP Shell Shellcode (Generator)
Linux/x86 - Bind (/TCP) Shell Shellcode (Generator)
Windows (XP SP1) - Bind (/TCP) Shell Shellcode (Generator)
Windows - Reverse TCP (127.0.0.1:123/TCP) Shell + Alphanumeric Shellcode (Encoder/Decoder) (Generator)
Windows - Reverse (127.0.0.1:123/TCP) Shell + Alphanumeric Shellcode (Encoder/Decoder) (Generator)
Linux/x64 - Reverse TCP Shell (/bin/bash) + Semi-Stealth Shellcode (88+ bytes) (Generator)
Linux/MIPS (Linksys WRT54G/GL) - Bind TCP (4919/TCP) Shell (/bin/sh) Shellcode (276 bytes)
Linux/x64 - Reverse (/TCP) Shell (/bin/bash) + Semi-Stealth Shellcode (88+ bytes) (Generator)
Linux/MIPS (Linksys WRT54G/GL) - Bind (4919/TCP) Shell (/bin/sh) Shellcode (276 bytes)
Linux/PPC - Reverse TCP (192.168.1.1:31337/TCP) Shell (/bin/sh) Shellcode (240 bytes)
Linux/PPC - Reverse (192.168.1.1:31337/TCP) Shell (/bin/sh) Shellcode (240 bytes)
Linux/SPARC - Reverse TCP (192.168.100.1:2313/TCP) Shell Shellcode (216 bytes)
Linux/SPARC - Bind TCP (8975/TCP) Shell + Null-Free Shellcode (284 bytes)
Linux/SPARC - Reverse (192.168.100.1:2313/TCP) Shell Shellcode (216 bytes)
Linux/SPARC - Bind (8975/TCP) Shell + Null-Free Shellcode (284 bytes)
Linux/x86 - Bind TCP Listener (5555/TCP) + Receive Shellcode + Payload Loader Shellcode (83 bytes)
Linux/x86 - Bind (/TCP) Listener (5555/TCP) + Receive Shellcode + Payload Loader Shellcode (83 bytes)
Linux/x86 - Bind TCP (4444/TCP) Shell (/bin/sh) + XOR Encoded Shellcode (152 bytes)
Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) + XOR Encoded Shellcode (152 bytes)
Linux/x86 - Bind TCP (8000/TCP) Shell + Flush IPTables Rules (/sbin/iptables -F) Shellcode (176 bytes)
Linux/x86 - Bind TCP (8000/TCP) Shell + Add Root User Shellcode (225+ bytes)
Linux/x86 - Bind TCP (8000/TCP) Shell (/bin/sh) Shellcode (179 bytes)
Linux/x86 - Bind (8000/TCP) Shell + Flush IPTables Rules (/sbin/iptables -F) Shellcode (176 bytes)
Linux/x86 - Bind (8000/TCP) Shell + Add Root User Shellcode (225+ bytes)
Linux/x86 - Bind (8000/TCP) Shell (/bin/sh) Shellcode (179 bytes)
Linux/x86 - Reverse UDP (54321/UDP) tcpdump Live Packet Capture Shellcode (151 bytes)
Linux/x86 - Reverse (54321/UDP) tcpdump Live Packet Capture Shellcode (151 bytes)
Linux/x86 - Reverse TCP (140.115.53.35:9999/TCP) + Download A File (cb) + Execute Shellcode (149 bytes)
Linux/x86 - Reverse (140.115.53.35:9999/TCP) + Download A File (cb) + Execute Shellcode (149 bytes)
Linux/x86 - Reverse TCP (8192/TCP) cat /etc/shadow Shellcode (155 bytes)
Linux/x86 - Reverse (8192/TCP) cat /etc/shadow Shellcode (155 bytes)
Linux/x86 - Bind TCP (31337/TCP) Shell (/bin/sh) + setuid() Shellcode (96 bytes)
Linux/x86 - Bind TCP (2707/TCP) Shell Shellcode (84 bytes)
Linux/x86 - Bind (31337/TCP) Shell (/bin/sh) + setuid() Shellcode (96 bytes)
Linux/x86 - Bind (2707/TCP) Shell Shellcode (84 bytes)
Linux/x86 - Bind TCP (31337/TCP) Shell (/bin/sh) Shellcode (100 bytes)
Linux/x86 - Reverse TCP (192.168.13.22:31337/TCP) Shell (/bin/sh) Shellcode (82 bytes) (Generator)
Linux/x86 - Bind (31337/TCP) Shell (/bin/sh) Shellcode (100 bytes)
Linux/x86 - Reverse (192.168.13.22:31337/TCP) Shell (/bin/sh) Shellcode (82 bytes) (Generator)
Linux/x86 - Reverse TCP (127.0.0.1:80/TCP) Shell + XOR Encoded Shellcode (371 bytes)
Linux/x86 - Reverse (127.0.0.1:80/TCP) Shell + XOR Encoded Shellcode (371 bytes)
Linux/x86 - Bind TCP (64713/TCP) Shell (/bin/sh) + Password (gotfault) Shellcode (166 bytes)
Linux/x86 - Bind TCP (64713/TCP) Shell (/bin/sh) Shellcode (86 bytes)
Linux/x86 - Bind (64713/TCP) Shell (/bin/sh) + Password (gotfault) Shellcode (166 bytes)
Linux/x86 - Bind (64713/TCP) Shell (/bin/sh) Shellcode (86 bytes)
Linux/x86 - Bind TCP (31337/TCP) Shell (/bin/sh) Shellcode (80 bytes)
Linux/x86 - Bind TCP (31337/TCP) Shell (/bin/sh) + fork() Shellcode (98 bytes)
Linux/x86 - Bind (31337/TCP) Shell (/bin/sh) Shellcode (80 bytes)
Linux/x86 - Bind (31337/TCP) Shell (/bin/sh) + fork() Shellcode (98 bytes)
Linux/x86 - Reverse TCP (127.0.0.1:31337/TCP) Shell Shellcode (74 bytes)
Linux/x86 - Reverse (127.0.0.1:31337/TCP) Shell Shellcode (74 bytes)
Linux/x86 - Reverse TCP Shell Shellcode (90 bytes) (Generator)
Linux/x86 - Reverse (/TCP) Shell Shellcode (90 bytes) (Generator)
Linux/x86 - Bind TCP (5074/TCP) Shell + ToUpper Encoded Shellcode (226 bytes)
Linux/x86 - Bind (5074/TCP) Shell + ToUpper Encoded Shellcode (226 bytes)
Linux/x86 - Reverse TCP (200.182.207.235/TCP) Telnet Shel Shellcode (134 bytes)
Linux/x86 - Reverse TCP Shell (/bin/sh) Shellcode (120 bytes)
Linux/x86 - Reverse (200.182.207.235/TCP) Telnet Shel Shellcode (134 bytes)
Linux/x86 - Reverse (/TCP) Shell (/bin/sh) Shellcode (120 bytes)
Linux/x86 - Bind TCP (5074/TCP) Shell Shellcode (92 bytes)
Linux/x86 - Bind TCP (5074/TCP) Shell + fork() Shellcode (130 bytes)
Linux/x86 - Bind (5074/TCP) Shell Shellcode (92 bytes)
Linux/x86 - Bind (5074/TCP) Shell + fork() Shellcode (130 bytes)
Linux/x64 - Bind TCP (4444/TCP) Shell Shellcode (132 bytes)
Linux/x64 - Bind (4444/TCP) Shell Shellcode (132 bytes)
NetBSD/x86 - Reverse TCP (6666/TCP) Shell Shellcode (83 bytes)
NetBSD/x86 - Reverse (6666/TCP) Shell Shellcode (83 bytes)
OpenBSD/x86 - Bind TCP (6969/TCP) Shell Shellcode (148 bytes)
OpenBSD/x86 - Bind (6969/TCP) Shell Shellcode (148 bytes)
Solaris/MIPS - Reverse TCP (10.0.0.3:44434/TCP) Shell + XNOR Encoded Traffic Shellcode (600 bytes) (Generator)
Solaris/MIPS - Reverse (10.0.0.3:44434/TCP) Shell + XNOR Encoded Traffic Shellcode (600 bytes) (Generator)
Solaris/SPARC - Bind TCP (6666/TCP) Shell Shellcode (240 bytes)
Solaris/SPARC - Bind (6666/TCP) Shell Shellcode (240 bytes)
Solaris/SPARC - Bind TCP (6789/TCP) Shell (/bin/sh) Shellcode (228 bytes)
Solaris/SPARC - Reverse TCP (192.168.1.4:5678/TCP) Shell (/bin/sh) Shellcode (204 bytes)
Solaris/SPARC - Bind TCP Shell Shellcode (240 bytes)
Solaris/x86 - Bind TCP Shell Shellcode (Generator)
Solaris/SPARC - Bind (6789/TCP) Shell (/bin/sh) Shellcode (228 bytes)
Solaris/SPARC - Reverse (192.168.1.4:5678/TCP) Shell (/bin/sh) Shellcode (204 bytes)
Solaris/SPARC - Bind (/TCP) Shell Shellcode (240 bytes)
Solaris/x86 - Bind (/TCP) Shell Shellcode (Generator)
Windows/x86 (5.0 < 7.0) - Bind TCP (28876/TCP) Shell + Null-Free Shellcode
Windows/x86 (5.0 < 7.0) - Bind (28876/TCP) Shell + Null-Free Shellcode
Windows/x86 - Reverse TCP + Download File + Save + Execute Shellcode
Windows/x86 - Reverse (/TCP) + Download File + Save + Execute Shellcode
Windows (XP/2000/2003) - Reverse TCP (127.0.0.1:53/TCP) Shell Shellcode (275 bytes) (Generator)
Windows (XP/2000/2003) - Reverse (127.0.0.1:53/TCP) Shell Shellcode (275 bytes) (Generator)
Windows (XP SP1) - Bind TCP (58821/TCP) Shell Shellcode (116 bytes)
Windows (XP SP1) - Bind (58821/TCP) Shell Shellcode (116 bytes)
FreeBSD/x86 - Bind TCP (1337/TCP) Shell (/bin/sh) Shellcode (167 bytes)
FreeBSD/x86 - Bind (1337/TCP) Shell (/bin/sh) Shellcode (167 bytes)
Linux/x86 - Bind TCP (13377/TCP) Netcat Shell Shellcode
Linux/x86 - Bind (13377/TCP) Netcat Shell Shellcode
Linux/x86 - Reverse TCP (8080/TCP) Netcat Shell Shellcode (76 bytes)
Linux/x86 - Reverse (8080/TCP) Netcat Shell Shellcode (76 bytes)
Linux/x86 - Bind TCP (31337/TCP) Shell + setreuid(0_0) + Polymorphic Shellcode (131 bytes)
Linux/x86 - Bind (31337/TCP) Shell + setreuid(0_0) + Polymorphic Shellcode (131 bytes)
Linux/x86 - Bind TCP (64533/TCP) Shell (/bin/sh) Shellcode (97 bytes)
Linux/x86 - Bind (64533/TCP) Shell (/bin/sh) Shellcode (97 bytes)
Linux/x86 - Bind TCP (6778/TCP) Shell + XOR Encoded + Polymorphic Shellcode (125 bytes)
Linux/x86 - Bind TCP (31337/TCP) Netcat Shell + Polymorphic Shellcode (91 bytes)
Linux/x86 - Bind (6778/TCP) Shell + XOR Encoded + Polymorphic Shellcode (125 bytes)
Linux/x86 - Bind (31337/TCP) Netcat Shell + Polymorphic Shellcode (91 bytes)
Linux/x86 - Bind TCP (8080/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (75 bytes)
Linux/x86 - Bind (8080/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (75 bytes)
BSD/x86 - Bind TCP (2525/TCP) Shell Shellcode (167 bytes)
BSD/x86 - Bind (2525/TCP) Shell Shellcode (167 bytes)
Linux/ARM - Bind TCP (0x1337/TCP) Shell Shellcode
Linux/ARM - Bind UDP (68/UDP) Listener + Reverse TCP (192.168.0.1:67/TCP) Shell Shellcode
Linux/ARM - Bind TCP (0x1337/TCP) Listener + Receive Shellcode + Payload Loader Shellcode
Linux/ARM - Bind (0x1337/TCP) Shell Shellcode
Linux/ARM - Bind (68/UDP) Listener + Reverse (192.168.0.1:67/TCP) Shell Shellcode
Linux/ARM - Bind (0x1337/TCP) Listener + Receive Shellcode + Payload Loader Shellcode
FreeBSD/x86 - Reverse TCP (127.0.0.1:1337/TCP) Shell (/bin/sh) Shellcode (81 bytes) (Generator)
FreeBSD/x86 - Bind TCP (31337/TCP) Shell (/bin/sh) + fork() Shellcode (111 bytes)
FreeBSD/x86 - Reverse (127.0.0.1:1337/TCP) Shell (/bin/sh) Shellcode (81 bytes) (Generator)
FreeBSD/x86 - Bind (31337/TCP) Shell (/bin/sh) + fork() Shellcode (111 bytes)
Linux/x86 - Bind TCP (6666/TCP) Netcat (/usr/bin/netcat) Shell (/bin/sh) + Polymorphic + XOR Encoded Shellcode (69/93 bytes)
OSX/x64 - Reverse TCP (FFFFFFFF:4444/TCP) Shell (/bin/sh) Shellcode (131 bytes)
Linux/x86 - Bind (6666/TCP) Netcat (/usr/bin/netcat) Shell (/bin/sh) + Polymorphic + XOR Encoded Shellcode (69/93 bytes)
OSX/x64 - Reverse (FFFFFFFF:4444/TCP) Shell (/bin/sh) Shellcode (131 bytes)
Linux/x86 - Reverse TCP (localhost:8080/TCP) Shell + SSL Shellcode (422 bytes)
Linux/x86 - Reverse (localhost:8080/TCP) Shell + SSL Shellcode (422 bytes)
OSX/x64 - Universal ROP + Reverse TCP Shell Shellcode
OSX/x64 - Universal ROP + Reverse (/TCP) Shell Shellcode
Linux/MIPS - Reverse TCP (0x7a69/TCP) Shell Shellcode (168 bytes)
Linux/MIPS - Reverse (0x7a69/TCP) Shell Shellcode (168 bytes)
Linux/ARM (Raspberry Pi) - Reverse TCP (10.1.1.2:0x1337/TCP) Shell (/bin/sh) Shellcode (72 bytes)
Linux/ARM (Raspberry Pi) - Reverse (10.1.1.2:0x1337/TCP) Shell (/bin/sh) Shellcode (72 bytes)
Windows/x86 - Bind TCP Shell + Password (damn_it!$$##@;*#) Shellcode (637 bytes)
Windows/x86 - Bind (/TCP) Shell + Password (damn_it!$$##@;*#) Shellcode (637 bytes)
Windows/x64 - Bind TCP (4444/TCP) Shell Shellcode (508 bytes)
Windows/x64 - Bind (4444/TCP) Shell Shellcode (508 bytes)
Linux/x86 - Reverse TCP (192.168.1.10:31337/TCP) Shell Shellcode (92 bytes)
Linux/x86 - Reverse (192.168.1.10:31337/TCP) Shell Shellcode (92 bytes)
Windows/ARM (RT) - Bind TCP (4444/TCP) Shell Shellcode
Windows/ARM (RT) - Bind (4444/TCP) Shell Shellcode
Linux/x86 - Egg Omelet (Multi-Egghunter) + Reverse TCP (192.168.122.1:43981/TCP) Shell (/bin/sh) Shellcode
Windows/x86 - Reverse TCP (192.168.232.129:4444/TCP) Shell + Persistent Access Shellcode (494 bytes)
Linux/x86 - Egg Omelet (Multi-Egghunter) + Reverse (192.168.122.1:43981/TCP) Shell (/bin/sh) Shellcode
Windows/x86 - Reverse (192.168.232.129:4444/TCP) Shell + Persistent Access Shellcode (494 bytes)
Linux/MIPS (Little Endian) - Reverse TCP (192.168.1.177:31337/TCP) Shell (/bin/sh) Shellcode (200 bytes)
Windows/x86 (7) - Bind TCP (4444/TCP) Shell Shellcode (357 bytes)
Linux/MIPS (Little Endian) - Reverse (192.168.1.177:31337/TCP) Shell (/bin/sh) Shellcode (200 bytes)
Windows/x86 (7) - Bind (4444/TCP) Shell Shellcode (357 bytes)
Linux/x64 - Reverse TCP (127.1.1.1:6969/TCP) Shell (/bin/bash) Shellcode (139 bytes)
Linux/x64 - Reverse (127.1.1.1:6969/TCP) Shell (/bin/bash) Shellcode (139 bytes)
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (Z~r0) + Null-Free Shellcode (81/96 bytes)
Linux/x64 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (Z~r0) + Null-Free + Null-Mask Shellcode (77-85/90-98 bytes)
Linux/x64 - Bind (4444/TCP) Shell (/bin/sh) + Password (Z~r0) + Null-Free Shellcode (81/96 bytes)
Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (Z~r0) + Null-Free + Null-Mask Shellcode (77-85/90-98 bytes)
Linux/x86 - Reverse TCP (192.168.1.133:33333/TCP) Shell (/bin/sh) Shellcode (72 bytes)
Linux/x86 - Bind TCP (33333/TCP) Shell (/bin/sh) Shellcode (96 bytes)
Linux/x86 - Reverse (192.168.1.133:33333/TCP) Shell (/bin/sh) Shellcode (72 bytes)
Linux/x86 - Bind (33333/TCP) Shell (/bin/sh) Shellcode (96 bytes)
Linux/x86 - Bind TCP (17771/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (58 bytes)
Linux/x86 - Bind (17771/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (58 bytes)
Linux/x86 - Bind TCP (5555/TCP) Netcat Shell Shellcode (60 bytes)
Linux/x86 - Bind (5555/TCP) Netcat Shell Shellcode (60 bytes)
Mainframe/System Z - Bind TCP (12345/TCP) Shell + Null-Free Shellcode (2488 bytes)
Mainframe/System Z - Bind (12345/TCP) Shell + Null-Free Shellcode (2488 bytes)
OSX/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (144 bytes)
OSX/x64 - Bind (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (144 bytes)
Google Android - Bind TCP (1035/TCP) Telnetd Shell + Environment/Parameters Shellcode (248 bytes)
Google Android - Bind (1035/TCP) Telnetd Shell + Environment/Parameters Shellcode (248 bytes)
Linux/x64 - Bind TCP (31173/TCP) Shell (/bin/sh) + Password (1234) Shellcode (92 bytes)
Linux/x64 - Bind (31173/TCP) Shell (/bin/sh) + Password (1234) Shellcode (92 bytes)
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (103 bytes)
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (hack) + Null-Free Shellcode (162 bytes)
Linux/x64 - Bind (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (103 bytes)
Linux/x64 - Bind (4444/TCP) Shell (/bin/sh) + Password (hack) + Null-Free Shellcode (162 bytes)
Linux/x64 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (hack) + Null-Free Shellcode (151 bytes)
Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (hack) + Null-Free Shellcode (151 bytes)
Linux x86/x64 - Reverse TCP (192.168.1.29:4444/TCP) Shell Shellcode (195 bytes)
Linux x86/x64 - Bind TCP (4444/TCP) Shell Shellcode (251 bytes)
Linux x86/x64 - Reverse (192.168.1.29:4444/TCP) Shell Shellcode (195 bytes)
Linux x86/x64 - Bind (4444/TCP) Shell Shellcode (251 bytes)
Linux/x64 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (hack) + Polymorphic Shellcode (122 bytes)
Linux/x64 - Reverse TCP (127.0.0.1:4444/TCP) Shell + Password (hack) + Polymorphic Shellcode (135 bytes)
Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (hack) + Polymorphic Shellcode (122 bytes)
Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell + Password (hack) + Polymorphic Shellcode (135 bytes)
Linux/ARM - Reverse TCP (10.0.0.10:1337/TCP) Shell (/bin/sh) Shellcode (95 bytes)
Linux/ARM - Reverse (10.0.0.10:1337/TCP) Shell (/bin/sh) Shellcode (95 bytes)
Linux/x64 - Reverse TCP (192.168.1.2:1234/TCP) Shell Shellcode (134 bytes)
Linux/x64 - Reverse (192.168.1.2:1234/TCP) Shell Shellcode (134 bytes)
Linux/x64 - Bind TCP (5600/TCP) Shell Shellcode (81 bytes)
Linux/x64 - Bind (5600/TCP) Shell Shellcode (81 bytes)
Linux/x64 - Bind TCP (5600/TCP) Shell Shellcode (86 bytes)
Linux/x64 - Bind (5600/TCP) Shell Shellcode (86 bytes)
Linux/x86 - Reverse TCP (::ffff:192.168.64.129:1472/TCP) Shell (/bin/sh) + IPv6 Shellcode (159 bytes)
Linux/x86 - Bind TCP (1472/TCP) Shell (/bin/sh) + IPv6 Shellcode (1250 bytes)
Linux/x64 - Bind TCP Shell Shellcode (Generator)
Linux/x86 - Reverse (::ffff:192.168.64.129:1472/TCP) Shell (/bin/sh) + IPv6 Shellcode (159 bytes)
Linux/x86 - Bind (1472/TCP) Shell (/bin/sh) + IPv6 Shellcode (1250 bytes)
Linux/x64 - Bind (/TCP) Shell Shellcode (Generator)
Linux/x64 - Bind TCP (1472/TCP) Shell (/bin/sh) + IPv6 Shellcode (199 bytes)
Linux/x64 - Reverse TCP (192.168.209.131:1472/TCP) Shell (/bin/sh) + IPv6 Shellcode (203 bytes)
Linux/x64 - Bind (1472/TCP) Shell (/bin/sh) + IPv6 Shellcode (199 bytes)
Linux/x64 - Reverse (192.168.209.131:1472/TCP) Shell (/bin/sh) + IPv6 Shellcode (203 bytes)
Linux/x86 - Bind TCP (1234/TCP) Shell (/bin/sh) Shellcode (87 bytes) (Generator)
Linux/x86 - Bind (1234/TCP) Shell (/bin/sh) Shellcode (87 bytes) (Generator)
Linux/x86 - Bind TCP (4444/TCP) Shell (/bin/bash) Shellcode (656 bytes)
Linux/x86 - Bind (4444/TCP) Shell (/bin/bash) Shellcode (656 bytes)
Linux/x86 - Bind TCP (13337/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (56 bytes)
Linux/x86 - Bind (13337/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (56 bytes)
Linux/x64 - Reverse TCP (192.168.86.128:1472/TCP) cat /etc/passwd Shellcode (164 bytes)
Linux/x64 - Bind TCP Netcat Shell + Null-Free Shellcode (64 bytes)
Linux/x86 - Bind TCP (4444/TCP) Shell (/bin/sh) Shellcode (98 bytes)
Linux/x64 - Bind TCP (4442/TCP) Ncat Shell + SSL + Multi-Channel (4444-4447/TCP) + Persistant + fork() + IPv4/6 + Password + Null-Free Shellcode (176 bytes)
Linux/x86 - Reverse TCP (192.168.227.129:4444/TCP) Shell (/bin/sh) Shellcode (75 bytes)
Linux/x64 - Reverse TCP (10.1.1.4/TCP) Shell + Continuously Probing via Socket + Port-Range (391-399) + Password (la crips) + Null-Free Shellcode (172 bytes)
Linux/x86 - Reverse TCP (127.1.1.1:10) Xterm Shell Shellcode (68 bytes)
Linux/x64 - Bind TCP (4442/TCP) Shell + Syscall Persistent + Multi-Terminal/Port-Range (4444-4447/TCP) + Password (la crips) + Daemon Shellcode (83/148/177 bytes)
Linux/CRISv32 Axis Communication - Reverse TCP (192.168.57.1:443/TCP) Shell (/bin/sh) Shellcode (189 bytes)
Linux/x64 - Reverse (192.168.86.128:1472/TCP) cat /etc/passwd Shellcode (164 bytes)
Linux/x64 - Bind (/TCP) Netcat Shell + Null-Free Shellcode (64 bytes)
Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) Shellcode (98 bytes)
Linux/x64 - Bind (4442/TCP) Ncat Shell + SSL + Multi-Channel (4444-4447/TCP) + Persistant + fork() + IPv4/6 + Password + Null-Free Shellcode (176 bytes)
Linux/x86 - Reverse (192.168.227.129:4444/TCP) Shell (/bin/sh) Shellcode (75 bytes)
Linux/x64 - Reverse (10.1.1.4/TCP) Shell + Continuously Probing via Socket + Port-Range (391-399) + Password (la crips) + Null-Free Shellcode (172 bytes)
Linux/x86 - Reverse (127.1.1.1:10/TCP) Xterm Shell Shellcode (68 bytes)
Linux/x64 - Bind (4442/TCP) Shell + Syscall Persistent + Multi-Terminal/Port-Range (4444-4447/TCP) + Password (la crips) + Daemon Shellcode (83/148/177 bytes)
Linux/CRISv32 Axis Communication - Reverse (192.168.57.1:443/TCP) Shell (/bin/sh) Shellcode (189 bytes)
Linux/x64 - Reverse TCP (10.1.1.4:46357/TCP) Shell + Subtle Probing + Timer + Burst + Password (la crips) + Multi-Terminal Shellcode (84/122/172 bytes)
Linux/x64 - Reverse (10.1.1.4:46357/TCP) Shell + Subtle Probing + Timer + Burst + Password (la crips) + Multi-Terminal Shellcode (84/122/172 bytes)
Linux/x86 - Bind TCP/UDP (98/TCP + UDP) Netcat Shell Shellcode (44/52 bytes)
Linux/x86 - Bind TCP (9090/TCP) Shell (/bin/zsh) Shellcode (96 bytes)
Linux/x86 - Reverse TCP (127.255.255.254:9090/TCP) Shell (/bin/zsh) Shellcode (80 bytes)
Linux/x86 - Bind (98/TCP + UDP) Netcat Shell Shellcode (44/52 bytes)
Linux/x86 - Bind (9090/TCP) Shell (/bin/zsh) Shellcode (96 bytes)
Linux/x86 - Reverse (127.255.255.254:9090/TCP) Shell (/bin/zsh) Shellcode (80 bytes)
Linux/x64 - Bind TCP (4444/TCP) + Stager + Egghunter (0x64616564) Shellcode (157 bytes)
Linux/x64 - Bind (4444/TCP) + Stager + Egghunter (0x64616564) Shellcode (157 bytes)
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (Password) Shellcode (173 bytes)
Linux/x64 - Reverse TCP (192.168.1.9:4444/TCP) Shell (/bin/sh) + Password (doomedra) Shellcode (138 bytes)
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (doomedra) Shellcode (175 bytes)
Linux/x64 - Bind TCP (Random TCP Port) Shell + Null-Free Shellcode (57 bytes)
Linux/x64 - Bind TCP (31337/TCP) Shell Shellcode (150 bytes)
Linux/x64 - Reverse TCP (192.168.1.10:31337/TCP) Shell Shellcode (118 bytes)
Linux/x64 - Bind TCP (1337/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (131 bytes)
Linux/x64 - Reverse TCP (127.0.0.1:1337/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (109 bytes)
Linux/x64 - Bind (4444/TCP) Shell (/bin/sh) + Password (Password) Shellcode (173 bytes)
Linux/x64 - Reverse (192.168.1.9:4444/TCP) Shell (/bin/sh) + Password (doomedra) Shellcode (138 bytes)
Linux/x64 - Bind (4444/TCP) Shell (/bin/sh) + Password (doomedra) Shellcode (175 bytes)
Linux/x64 - Bind (Random TCP Port) Shell + Null-Free Shellcode (57 bytes)
Linux/x64 - Bind (31337/TCP) Shell Shellcode (150 bytes)
Linux/x64 - Reverse (192.168.1.10:31337/TCP) Shell Shellcode (118 bytes)
Linux/x64 - Bind (1337/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (131 bytes)
Linux/x64 - Reverse (127.0.0.1:1337/TCP) Netcat (/bin/nc) Shell (/bin/sh) Shellcode (109 bytes)
OSX/PPC - Reverse TCP Shell (/bin/csh) Shellcode
OSX/PPC - Reverse (/TCP) Shell (/bin/csh) Shellcode
OSX/PPC - Bind TCP (8000/TCP) Shell + OSXPPCLongXOR Encoded Shellcode (300 bytes)
OSX/PPC - Bind (8000/TCP) Shell + OSXPPCLongXOR Encoded Shellcode (300 bytes)
BSD/x86 - setuid(0) + Break chroot (../ 10x Loop) + Bind TCP (2222/TCP) Shell Shellcode (133 bytes)
BSD/x86 - Bind TCP (2222/TCP) Shell Shellcode (100 bytes)
BSD/x86 - setuid(0) + Break chroot (../ 10x Loop) + Bind (2222/TCP) Shell Shellcode (133 bytes)
BSD/x86 - Bind (2222/TCP) Shell Shellcode (100 bytes)
Solaris/SPARC - Bind TCP (2001/TCP) Shell (/bin/sh) Shellcode
Solaris/SPARC - Bind TCP Shell Shellcode
Solaris/SPARC - Bind (2001/TCP) Shell (/bin/sh) Shellcode
Solaris/SPARC - Bind (/TCP) Shell Shellcode
Linux/x86 - Bind TCP (3879/TCP) Shell (/bin/sh) Shellcode (113 bytes)
Linux/x86 - Bind (3879/TCP) Shell (/bin/sh) Shellcode (113 bytes)
Linux/x86 - Bind TCP (64713/TCP) Shell (/bin/sh) Shellcode (83 bytes)
Linux/x86 - Bind (64713/TCP) Shell (/bin/sh) Shellcode (83 bytes)
Linux/x86 - Reverse TCP (www.netric.org:45295/TCP) Shell (/bin/sh) Shellcode (131 bytes)
Linux/x86 - Bind TCP (45295/TCP) Shell (/bin/sh) + fork() Shellcode (200 bytes)
Linux/x86 - Reverse (www.netric.org:45295/TCP) Shell (/bin/sh) Shellcode (131 bytes)
Linux/x86 - Bind (45295/TCP) Shell (/bin/sh) + fork() Shellcode (200 bytes)
Linux/x86 - Bind TCP (31337/TCP) Shell + Polymorphic Shellcode (125 bytes)
Linux/x86 - Bind (31337/TCP) Shell + Polymorphic Shellcode (125 bytes)
Linux/x86 - Bind TCP (1111/TCP) Shell + SO_REUSEADDR Set (Avoiding SIGSEGV) + Null-Free Shellcode (103 bytes)
Linux/x86 - Reverse TCP (127.1.1.1:55555/TCP) Shell + Null-Free Shellcode (72 bytes)
Linux/x86 - Bind TCP (Random TCP Port) Shell + Null-Free Shellcode (65 bytes)
Linux/x86 - Bind TCP (1111/TCP) Shell + GetPC/Call/Ret Method + Null-Free Shellcode (89 bytes)
Linux/x86 - Bind TCP (1111/TCP) Shell + Null-Free Shellcode (73 bytes)
Linux/x86 - Bind TCP (Random TCP Port) Shell + Null-Free Shellcode (57 bytes)
Linux/x86 - Bind (1111/TCP) Shell + SO_REUSEADDR Set (Avoiding SIGSEGV) + Null-Free Shellcode (103 bytes)
Linux/x86 - Reverse (127.1.1.1:55555/TCP) Shell + Null-Free Shellcode (72 bytes)
Linux/x86 - Bind (Random TCP Port) Shell + Null-Free Shellcode (65 bytes)
Linux/x86 - Bind (1111/TCP) Shell + GetPC/Call/Ret Method + Null-Free Shellcode (89 bytes)
Linux/x86 - Bind (1111/TCP) Shell + Null-Free Shellcode (73 bytes)
Linux/x86 - Bind (Random TCP Port) Shell + Null-Free Shellcode (57 bytes)
Linux/x86 - Bind TCP (31337/TCP) Shell Shellcode (108 bytes)
Linux/x86 - Bind (31337/TCP) Shell Shellcode (108 bytes)
Linux/x86 - Bind TCP Shell Shellcode (112 bytes)
Linux/x86 - Reverse TCP (127.1.1.1:12345/TCP) cat /etc/passwd Shellcode (111 bytes)
Linux/x86 - Bind (/TCP) Shell Shellcode (112 bytes)
Linux/x86 - Reverse (127.1.1.1:12345/TCP) cat /etc/passwd Shellcode (111 bytes)
Linux/x86 - Bind TCP (1337/TCP) Shell Shellcode (89 bytes)
Linux/x86 - Reverse TCP (127.1.1.1:1337/TCP) Shell Shellcode (74 bytes)
Linux/x86 - Bind (1337/TCP) Shell Shellcode (89 bytes)
Linux/x86 - Reverse (127.1.1.1:1337/TCP) Shell Shellcode (74 bytes)
Windows/x86 (NT/XP/2000/2003) - Bind TCP (8721/TCP) Shell Shellcode (356 bytes)
Windows/x86 (2000) - Reverse TCP (192.168.0.247:8721/TCP) Connect + Vampiric Import Shellcode (179 bytes)
Windows/x86 (NT/XP/2000/2003) - Bind (8721/TCP) Shell Shellcode (356 bytes)
Windows/x86 (2000) - Reverse (192.168.0.247:8721/TCP) Connect + Vampiric Import Shellcode (179 bytes)
Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh) + Password (MyPasswd) + Null-Free Shellcode (156 bytes)
Linux/ARM - Reverse (192.168.1.1:4444/TCP) Shell (/bin/sh) + Password (MyPasswd) + Null-Free Shellcode (156 bytes)
Windows/x86 - Reverse UDP (www.example.com:4444/UDP) Keylogger Shellcode (493 bytes)
Windows/x64 - Reverse TCP (192.168.232.129:4444/TCP) Shell + Injection Shellcode (694 bytes)
Windows/x86 - Reverse (www.example.com:4444/UDP) Keylogger Shellcode (493 bytes)
Windows/x64 - Reverse (192.168.232.129:4444/TCP) Shell + Injection Shellcode (694 bytes)
Linux/x86 - Reverse TCP Netcat + mkfifo (-e option disabled) Shell (localhost:9999) Shellcode (180 bytes)
Linux/x86 - Reverse (/TCP) Netcat + mkfifo (-e option disabled) Shell (localhost:9999) Shellcode (180 bytes)
Windows/x64 - Bind TCP (2493/TCP) Shell + Password (h271508F) Shellcode (825 bytes)
Windows/x64 - Bind (2493/TCP) Shell + Password (h271508F) Shellcode (825 bytes)
Linux/x64 - Bind TCP (5600/TCP) Shell Shellcode (87 bytes)
Linux/x64 - Bind (5600/TCP) Shell Shellcode (87 bytes)
Linux - Reverse TCP Shell + Multi/Dual Mode Shellcode (129 bytes) (Generator)
Linux/x86 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) + Alphanumeric + Staged Shellcode (103 bytes)
Linux - Bind TCP Shell + Dual/Multi Mode Shellcode (156 bytes)
Linux - Reverse (/TCP) Shell + Multi/Dual Mode Shellcode (129 bytes) (Generator)
Linux/x86 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Alphanumeric + Staged Shellcode (103 bytes)
Linux - Bind (/TCP) Shell + Dual/Multi Mode Shellcode (156 bytes)
Linux/x64 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) Shellcode (65 bytes)
Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) Shellcode (65 bytes)
Linux/x64 - Bind TCP (Random TCP Port) Shell (/bin/sh) Shellcode (54 bytes)
Linux/x64 - Reverse TCP (192.168.1.45:4444/TCP) Shell Shellcode (84 bytes)
Windows/x86 - Reverse TCP (127.0.0.1:4444/TCP) Shell + Staged + Alphanumeric Shellcode (332 bytes)
Linux/x64 - Bind (Random TCP Port) Shell (/bin/sh) Shellcode (54 bytes)
Linux/x64 - Reverse (192.168.1.45:4444/TCP) Shell Shellcode (84 bytes)
Windows/x86 - Reverse (127.0.0.1:4444/TCP) Shell + Staged + Alphanumeric Shellcode (332 bytes)
Linux/x86 - Reverse TCP (127.1.1.1:8888/TCP) Shell (/bin/sh) + Null-Free Shellcode (67/69 bytes)
Linux/x86 - Reverse (127.1.1.1:8888/TCP) Shell (/bin/sh) + Null-Free Shellcode (67/69 bytes)
Linux/ARM (Raspberry Pi) - Bind TCP (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (112 bytes)
Linux/ARM (Raspberry Pi) - Bind (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (112 bytes)
FreeBSD/x64 - Bind TCP Shell (/bin/sh) + Password (R2CBw0cr) Shellcode (127 bytes)
FreeBSD/x64 - Bind (/TCP) Shell (/bin/sh) + Password (R2CBw0cr) Shellcode (127 bytes)
FreeBSD/x86 - Bind TCP (41254/TCP) Shell (/bin/sh) Shellcode (115 bytes)
FreeBSD/x86 - Bind (41254/TCP) Shell (/bin/sh) Shellcode (115 bytes)
IRIX - Bind TCP Shell (/bin/sh) Shellcode (364 bytes)
IRIX - Bind (/TCP)Shell (/bin/sh) Shellcode (364 bytes)
Android/ARM - Reverse TCP (10.0.2.2:0x3412/TCP) Shell (/system/bin/sh) Shellcode (79 bytes)
Android/ARM - Reverse (10.0.2.2:0x3412/TCP) Shell (/system/bin/sh) Shellcode (79 bytes)
Linux/StrongARM - Bind TCP Shell (/bin/sh) Shellcode (203 bytes)
Linux/StrongARM - Bind (/TCP) Shell (/bin/sh) Shellcode (203 bytes)
Linux/SuperH (sh4) - Bind TCP (31337/TCP) Shell (/bin/sh) Shellcode (132 bytes)
Linux/SuperH (sh4) - Bind (31337/TCP) Shell (/bin/sh) Shellcode (132 bytes)
Linux/x64 - Bind TCP (1337/TCP) Shell + Password (pAzzW0rd) + Egghunter Using sys_access() Shellcode (49 bytes)
Linux/x64 - Bind (1337/TCP) Shell + Password (pAzzW0rd) + Egghunter Using sys_access() Shellcode (49 bytes)
Linux/x64 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (hell) Shellcode (136 bytes)
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (hell) Shellcode (147 bytes)
Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (hell) Shellcode (136 bytes)
Linux/x64 - Bind (4444/TCP) Shell (/bin/sh) + Password (hell) Shellcode (147 bytes)
Linux/x86 - Bind TCP (Random TCP Port) Shell (/bin/sh) Shellcode (44 bytes)
Linux/x86 - Bind (Random TCP Port) Shell (/bin/sh) Shellcode (44 bytes)
Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh)+ Null-Free Shellcode (80 bytes)
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (136 bytes)
Linux/x64 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (104 bytes)
Linux/ARM - Reverse (192.168.1.1:4444/TCP) Shell (/bin/sh)+ Null-Free Shellcode (80 bytes)
Linux/x64 - Bind (4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (136 bytes)
Linux/x64 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (104 bytes)
Linux/ARM - Bind TCP (4444/TCP) Shell (/bin/sh) + IP Controlled (192.168.1.190) + Null-Free Shellcode (168 bytes)
Linux/x86 - Reverse TCP (127.1.1.1:11111/TCP) Shell + Null-Free Shellcode (67 bytes)
Linux/x86 - Reverse TCP (192.168.3.119:54321/TCP) Shell (/bin/bash) Shellcode (110 bytes)
Linux/ARM - Bind (4444/TCP) Shell (/bin/sh) + IP Controlled (192.168.1.190) + Null-Free Shellcode (168 bytes)
Linux/x86 - Reverse (127.1.1.1:11111/TCP) Shell + Null-Free Shellcode (67 bytes)
Linux/x86 - Reverse (192.168.3.119:54321/TCP) Shell (/bin/bash) Shellcode (110 bytes)
Linux/x64 - Reverse TCP (::1:1472/TCP) Shell + IPv6 + Null-Free Shellcode (113 bytes)
Linux/x64 - Reverse (::1:1472/TCP) Shell + IPv6 + Null-Free Shellcode (113 bytes)
Linux/x86 - Reverse UDP (127.0.0.1:53/UDP) Shell (/bin/sh) Shellcode (668 bytes)
Linux/x86 - Bind TCP (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (75 bytes)
Linux/x64 - Reverse TCP (192.168.1.8:4444/TCP) Shell Shellcode (104 bytes)
Linux/x86 - Reverse (127.0.0.1:53/UDP) Shell (/bin/sh) Shellcode (668 bytes)
Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (75 bytes)
Linux/x64 - Reverse (192.168.1.8:4444/TCP) Shell Shellcode (104 bytes)
Linux/x64 - Reverse TCP (192.168.1.2:4444/TCP) Shell Shellcode (153 bytes)
Linux/x64 - Reverse (192.168.1.2:4444/TCP) Shell Shellcode (153 bytes)
Linux/ARM (Raspberry Pi) - Bind TCP (4444/TCP) Shell (/bin/sh) Shellcode (192 bytes)
Linux/ARM (Raspberry Pi) - Reverse TCP (192.168.0.12:4444/TCP) Shell (/bin/sh) Shellcode (160 bytes)
Linux/ARM (Raspberry Pi) - Bind (4444/TCP) Shell (/bin/sh) Shellcode (192 bytes)
Linux/ARM (Raspberry Pi) - Reverse (192.168.0.12:4444/TCP) Shell (/bin/sh) Shellcode (160 bytes)
Linux/x86 - Bind TCP (1337/TCP) Shell (/bin/sh) + Null-Free Shellcode (92 bytes)
Linux/x86 - Bind (1337/TCP) Shell (/bin/sh) + Null-Free Shellcode (92 bytes)
Linux/x86 - Reverse TCP (127.1.1.1:5555/TCP) Shell Shellcode (73 Bytes)
Linux/x86 - Reverse (127.1.1.1:5555/TCP) Shell Shellcode (73 Bytes)
Linux/x86 - Bind TCP (9443/TCP) Shell + fork() + Null-Free Shellcode (113 bytes)
Linux/x86 - Bind (9443/TCP) Shell + fork() + Null-Free Shellcode (113 bytes)
Linux/x86 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) Shellcode (96 Bytes)
Linux/x86 - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) Shellcode (96 Bytes)
Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (113 bytes)
2018-05-24 05:01:50 +00:00
Offensive Security
7bbc323854
DB: 2018-05-23
...
20 changes to exploits/shellcodes
Siemens SIMATIC S7-1500 CPU - Remote Denial of Service
Microsoft Edge Chakra JIT - Magic Value Type Confusion
AMD / ARM / Intel - Speculative Execution Variant 4 Speculative Store Bypass
Dell EMC RecoverPoint boxmgmt CLI < 5.1.2 - Arbitrary File Read
MakeMyTrip 7.2.4 - Information Disclosure
Linux 4.4.0 < 4.4.0-53 - AF_PACKET chocobo_root Privilege Escalation (Metasploit)
Microsoft Windows - 'POP/MOV SS' Privilege Escalation
Multiplayer BlackJack Online Casino Game 2.5 - Persistent Cross-Site Scripting
Multiplayer BlackJack Online Casino Game 2.5 - Cross-Site Scripting
Zechat 1.5 - SQL Injection / Cross-Site Request Forgery
Healwire Online Pharmacy 3.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery
Healwire Online Pharmacy 3.0 - Cross-Site Scripting / Cross-Site Request Forgery
Private Message PHP Script 2.0 - Persistent Cross-Site Scripting
Flippy DamnFacts - Viral Fun Facts Sharing Script 1.1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery
Private Message PHP Script 2.0 - Cross-Site Scripting
Flippy DamnFacts - Viral Fun Facts Sharing Script 1.1.0 - Cross-Site Scripting / Cross-Site Request Forgery
ManageEngine Recovery Manager Plus 5.3 - Persistent Cross-Site Scripting
ManageEngine Recovery Manager Plus 5.3 - Cross-Site Scripting
Auto Dealership & Vehicle Showroom WebSys 1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Admin Panel Authentication Bypass
Auto Dealership & Vehicle Showroom WebSys 1.0 - Multiple Vulnerabilities
Model Agency Media House & Model Gallery 1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Authentication Bypass
Wchat PHP AJAX Chat Script 1.5 - Persistent Cross-Site Scripting
Model Agency Media House & Model Gallery 1.0 - Multiple Vulnerabilities
Wchat PHP AJAX Chat Script 1.5 - Cross-Site Scripting
Nordex N149/4.0-4.5 - SQL Injection
WebSocket Live Chat - Cross-Site Scripting
Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting
PaulPrinting CMS Printing 1.0 - SQL Injection
iSocial 1.2.0 - Cross-Site Scripting / Cross-Site Request Forgery
ERPnext 11 - Cross-Site Scripting
NewsBee CMS 1.4 - 'home-text-edit.php' SQL Injection
Auto Car 1.2 - 'car_title' SQL Injection / Cross-Site Scripting
NewsBee CMS 1.4 - 'home-text-edit.php' SQL Injection
Feedy RSS News Ticker 2.0 - 'cat' SQL Injection
NewsBee CMS 1.4 - 'download.php' SQL Injection
Easy File Uploader 1.7 - SQL Injection / Cross-Site Scripting
2018-05-23 05:01:45 +00:00
Offensive Security
5aca1b9763
DB: 2018-05-18
...
8 changes to exploits/shellcodes
Linux < 4.16.9 / < 4.14.41 - 4-byte Infoleak via Uninitialized Struct Field in compat adjtimex Syscall
Libuser - roothelper Privilege Escalation (Metasploit)
Libuser - 'roothelper' Privilege Escalation (Metasploit)
Inteno IOPSYS 2.0 - 4.2.0 p910nd - Remote Command Execution
Inteno IOPSYS 2.0 < 4.2.0 - 'p910nd' Remote Command Execution
Nanopool Claymore Dual Miner 7.3 - Remote Code Execution
Jenkins CLI - HTTP Java Deserialization (Metasploit)
Apache Struts 2 - Struts 1 Plugin Showcase OGNL Code Execution (Metasploit)
NodAPS 4.0 - SQL injection / Cross-Site Request Forgery
Intelbras NCLOUD 300 1.0 - Authentication bypass
SuperCom Online Shopping Ecommerce Cart 1 - Persistent Cross-Site scripting / Cross site request forgery / Authentication bypass
Powerlogic/Schneider Electric IONXXXX Series - Cross-Site Request Forgery
2018-05-18 05:01:49 +00:00
Offensive Security
813a3efbb5
DB: 2018-05-04
...
20 changes to exploits/shellcodes
Allok QuickTime to AVI MPEG DVD Converter 3.6.1217 - Buffer Overflow
Jnes 1.0.2 - Stack Buffer Overflow
Socusoft Photo 2 Video Converter 8.0.0 - Local Buffer Overflow
netek 0.8.2 - Denial of Service
Cisco Smart Install - Crash (PoC)
Schneider Electric InduSoft Web Studio and InTouch Machine Edition - Denial of Service
Linux Kernel < 4.17-rc1 - 'AF_LLC' Double Free
Linux Kernel 2.6.32 < 3.x.x (CentOS) - 'PERF_EVENTS' Local Privilege Escalation (1)
Linux Kernel 2.6.32 < 3.x (CentOS 5/6) - 'PERF_EVENTS' Local Privilege Escalation (1)
Adobe Reader PDF - Client Side Request Injection
Windows - Local Privilege Escalation
Apache Struts Jakarta - Multipart Parser OGNL Injection (Metasploit)
Apache Struts 2.3.5 < 2.3.31 / 2.5 < 2.5.10 - 'Jakarta' Multipart Parser OGNL Injection (Metasploit)
Adobe Flash < 28.0.0.161 - Use-After-Free
Norton Core Secure WiFi Router - 'BLE' Command Injection (PoC)
GPON Routers - Authentication Bypass / Command Injection
TBK DVR4104 / DVR4216 - Credentials Leak
Call of Duty Modern Warefare 2 - Buffer Overflow
Squirrelcart 1.x.x - 'cart.php' Remote File Inclusion
Squirrelcart 1.x - 'cart.php' Remote File Inclusion
Infinity 2.x.x - options[style_dir] Local File Disclosure
Infinity 2.x - 'options[style_dir]' Local File Disclosure
PHP-Nuke 8.x.x - Blind SQL Injection
PHP-Nuke 8.x - Blind SQL Injection
WHMCompleteSolution (WHMCS) 3.x.x < 4.0.x - 'cart.php' Local File Disclosure
WHMCompleteSolution (WHMCS) 3.x < 4.0.x - 'cart.php' Local File Disclosure
WHMCompleteSolution (WHMCS) 3.x.x - 'clientarea.php' Local File Disclosure
WHMCompleteSolution (WHMCS) 3.x - 'clientarea.php' Local File Disclosure
Ajax Availability Calendar 3.x.x - Multiple Vulnerabilities
Ajax Availability Calendar 3.x - Multiple Vulnerabilities
vBulletin vBSEO 4.x.x - 'visitormessage.php' Remote Code Injection
vBulletin vBSEO 4.x - 'visitormessage.php' Remote Code Injection
WordPress Theme Photocrati 4.x.x - SQL Injection / Cross-Site Scripting
WordPress Theme Photocrati 4.x - SQL Injection / Cross-Site Scripting
Subrion 3.X.x - Multiple Vulnerabilities
Subrion 3.x - Multiple Vulnerabilities
Ciuis CRM 1.0.7 - SQL Injection
LifeSize ClearSea 3.1.4 - Directory Traversal
WordPress Plugin Activity Log 2.4.0 - Cross-Site Scripting
DLINK DCS-5020L - Remote Code Execution (PoC)
Apache Struts2 2.0.0 < 2.3.15 - Prefixed Parameters OGNL Injection
2018-05-04 05:01:47 +00:00
Offensive Security
c249d94cb7
DB: 2018-04-25
...
28 changes to exploits/shellcodes
gif2apng 1.9 - '.gif' Stack Buffer Overflow
VLC Media Player/Kodi/PopcornTime 'Red Chimera' < 2.2.5 - Memory Corruption (PoC)
Kaspersky KSN for Linux 5.2 - Memory Corruption
Microsoft (Win 10) Internet Explorer 11.371.16299.0 - Denial Of Service
Adobe Flash - Overflow when Playing Sound
Adobe Flash - Overflow in Slab Rendering
Adobe Flash - Info Leak in Image Inflation
Adobe Flash - Out-of-Bounds Write in blur Filtering
Chrome V8 JIT - 'NodeProperties::InferReceiverMaps' Type Confusion
R 3.4.4 - Local Buffer Overflow
Allok Video to DVD Burner 2.6.1217 - Buffer Overflow (SEH)
lastore-daemon D-Bus - Privilege Escalation (Metasploit)
Easy File Sharing Web Server 7.2 - 'UserID' Remote Buffer Overflow (DEP Bypass)
ASUS infosvr - Auth Bypass Command Execution (Metasploit)
UK Cookie Consent - Persistent Cross-Site Scripting
WUZHI CMS 4.1.0 - Cross-Site Request Forgery
Open-AudIT 2.1 - CSV Macro Injection
Monstra CMS 3.0.4 - Arbitrary Folder Deletion
Interspire Email Marketer < 6.1.6 - Remote Admin Authentication Bypass
Ericsson-LG iPECS NMS A.1Ac - Cleartext Credential Disclosure
WordPress Plugin Woo Import Export 1.0 - Arbitrary File Deletion
WSO2 Carbon / WSO2 Dashboard Server 5.3.0 - Persistent Cross-Site Scripting
Linux/x86 - Bind TCP (1337/TCP) Shell + Null-Free Shellcode (92 bytes)
Linux/x86 - Edit /etc/sudoers with NOPASSWD for ALL Shellcode
Linux/x86 - Reverse TCP (5555/TCP) Shellcode - (73 Bytes)
Linux/x86 - chmod 4755 /bin/dash Shellcode (33 bytes)
Linux/x86 - cp /bin/sh /tmp/sh; chmod +s /tmp/sh Shellcode (74 bytes)
Linux/x86 - execve /bin/sh Shellcode Encoded with ROT-13 + RShift-2 + XOR Encoded (44 bytes)
2018-04-25 05:01:39 +00:00
Offensive Security
e8f4ef9188
DB: 2018-04-19
...
14 changes to exploits/shellcodes
PDFunite 0.41.0 - '.pdf' Local Buffer Overflow
RSVG 2.40.13 / 2.42.2 - '.svg' Buffer Overflow
VX Search 10.6.18 - 'directory' Local Buffer Overflow
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (Metasploit)
Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (Metasploit)
Easy File Sharing Web Server 7.2 - Stack Buffer Overflow
Coship RT3052 Wireless Router - Persistent Cross-Site Scripting
Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution
MySQL Squid Access Report 2.1.4 - SQL Injection / Cross-Site Scripting
Rvsitebuilder CMS - Database Backup Download
Match Clone Script 1.0.4 - Cross-Site Scripting
Kodi 17.6 - Persistent Cross-Site Scripting
Lutron Quantum 2.0 - 3.2.243 - Information Disclosure
WordPress Plugin Caldera Forms 1.5.9.1 - Cross-Site Scripting
Joomla! Component JS Jobs 1.2.0 - Cross-Site Request Forgery
Geist WatchDog Console 3.2.2 - Multiple Vulnerabilities
2018-04-19 05:01:48 +00:00
Offensive Security
bef325a736
DB: 2018-04-14
...
9 changes to exploits/shellcodes
GNU Beep 1.3 - 'HoleyBeep' Local Privilege Escalation
Microsoft Credential Security Support Provider - Remote Code Execution
WordPress Plugin Shopping Cart 3.0.4 - Unrestricted Arbitrary File Upload
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)
MikroTik 6.41.4 - FTP daemon Denial of Service PoC
Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution
2018-04-14 05:01:49 +00:00
Offensive Security
c91cad5a90
DB: 2018-04-10
...
19 changes to exploits/shellcodes
WebKit - WebAssembly Parsing Does not Correctly Check Section Order
CyberArk Password Vault < 9.7 / < 10 - Memory Disclosure
H2 Database - 'Alias' Arbitrary Code Execution
GoldWave 5.70 - Local Buffer Overflow (SEH Unicode)
PMS 0.42 - Local Stack-Based Overflow (ROP)
Unitrends UEB 10.0 - Unauthenticated Root Remote Code Execution
WolfCMS 0.8.3.1 - Cross Site Request Forgery
Cobub Razor 0.7.2 - Add New Superuser Account
MyBB Plugin Recent Threads On Index - Cross-Site Scripting
WolfCMS 0.8.3.1 - Open Redirection
Yahei PHP Prober 0.4.7 - Cross-Site Scripting
WordPress Plugin Simple Fields 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code Execution
CyberArk Password Vault Web Access < 9.9.5 / < 9.10 / 10.1 - Remote Code Execution
KYOCERA Multi-Set Template Editor 3.4 - Out-Of-Band XML External Entity Injection
KYOCERA Net Admin 3.4 - Cross Site Request Forgery - Add Admin Exploit
Buddypress Xprofile Custom Fields Type 2.6.3 - Remote Code Execution
WooCommerce CSV-Importer-Plugin 3.3.6 - Remote Code Execution
iScripts SonicBB 1.0 - Reflected Cross-Site Scripting
WordPress Plugin Google Drive 2.2 - Remote Code Execution
2018-04-10 05:01:53 +00:00
Offensive Security
e3fb91f1d7
DB: 2018-03-24
...
14 changes to exploits/shellcodes
Android Bluetooth - BNEP bnep_data_ind() Remote Heap Disclosure
Android Bluetooth - BNEP BNEP_SETUP_CONNECTION_REQUEST_MSG Out-of-Bounds Read
Dell EMC NetWorker - Denial of Service
WM Recorder 16.8.1 - Denial of Service
Easy Avi Divx Xvid to DVD Burner 2.9.11 - '.avi' Denial of Service
Allok Quicktime to AVI MPEG DVD Converter 4.6.1217 - Stack-Based Buffer Overflow
Crashmail 1.6 - Stack-Based Buffer Overflow ( ROP execve )
Easy CD DVD Copy 1.3.24 - Local Buffer Overflow (SEH)
Hikvision IP Camera versions 5.2.0 - 5.3.9 (Builds 140721 - 170109) - Access Control Bypass
TL-WR720N 150Mbps Wireless N Router - Cross-Site Request Forgery
XenForo 2 - CSS Loader Denial of Service
MyBB Plugin Last User's Threads in Profile Plugin 1.2 - Persistent Cross-Site Scripting
Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion
Linux/x86 - EggHunter Shellcode (11 Bytes)
2018-03-24 05:01:48 +00:00
Offensive Security
dd3b710ae8
DB: 2018-03-21
...
14 changes to exploits/shellcodes
Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)' 64-bit Pool Memory Disclosure
Microsoft Windows Kernel - 'NtQueryInformationThread(ThreadBasicInformation)' 64-bit Stack Memory Disclosure
Microsoft Windows Kernel - 'nt!KiDispatchException' 64-bit Stack Memory Disclosure
Microsoft Windows Kernel - 'nt!NtWaitForDebugEvent' 64-bit Stack Memory Disclosure
Internet Explorer - 'RegExp.lastMatch' Memory Disclosure
Kamailio 5.1.1 / 5.1.0 / 5.0.0 - Off-by-One Heap Overflow
Linux Kernel < 3.5.0-23 (Ubuntu 12.04.2 x64) - 'SOCK_DIAG' SMEP Bypass Local Privilege Escalation
Linux Kernel < 4.4.0-21 (Ubuntu 16.04 x64) - 'netfilter target_offset' Local Privilege Escalation
Linux Kernel < 3.5.0-23 (Ubuntu 12.04.2 x64) - 'SOCK_DIAG' SMEP Bypass Local Privilege Escalation
Linux Kernel < 4.4.0-21 (Ubuntu 16.04 x64) - 'netfilter target_offset' Local Privilege Escalation
Google Software Updater macOS - Unsafe use of Distributed Objects Privilege Escalation
Microsoft Windows - Desktop Bridge VFS Privilege Escalation
Microsoft Windows - Desktop Bridge Virtual Registry Arbitrary File Read/Write Privilege Escalation
Microsoft Windows - Desktop Bridge Virtual Registry NtLoadKey Arbitrary File Read/Write Privilege Escalation
Intelbras Telefone IP TIP200 LITE - Local File Disclosure
Vehicle Sales Management System - Multiple Vulnerabilities
Linux/x86 - execve(/bin/sh) Shellcode (18 bytes)
2018-03-21 05:01:50 +00:00
Offensive Security
224c305b0d
DB: 2018-03-20
...
9 changes to exploits/shellcodes
Linux 2.6.37-rc1 - serial_core TIOCGICOUNT Leak
Linux Kenel 2.6.37-rc1 - serial_core TIOCGICOUNT Leak
Linux 2.6.36 IGMP - Remote Denial of Service
Linux Kernel 2.6.36 IGMP - Remote Denial of Service
Linux - SELinux W+X Protection Bypass via AIO
Linux SELinux - W+X Protection Bypass via AIO
Linux group_info refcounter - Overflow Memory Corruption
Linux Kernel - 'group_info' refcounter Overflow Memory Corruption
Linux io_submit L2TP sendmsg - Integer Overflow
Linux Kernel - io_submit L2TP sendmsg Integer Overflow
Linux (x86) - Disable ASLR by Setting the RLIMIT_STACK Resource to Unlimited
Linux Kernel (x86) - Disable ASLR by Setting the RLIMIT_STACK Resource to Unlimited
Linux ARM/ARM64 - 'perf_event_open()' Arbitrary Memory Read
Linux Kernel (ARM/ARM64) - 'perf_event_open()' Arbitrary Memory Read
Linux - 'mincore()' Uninitialized Kernel Heap Page Disclosure
Linux Kernel - 'mincore()' Uninitialized Kernel Heap Page Disclosure
Linux Kernel - 'The Huge Dirty Cow' Overwriting The Huge Zero Page
Linux Kernel - 'The Huge Dirty Cow' Overwriting The Huge Zero Page (1)
Linux Kernel < 4.5.1 - Off-By-One (PoC)
Linux Kernel - 'mincore()' Heap Page Disclosure (PoC)
Linux Kernel - 'The Huge Dirty Cow' Overwriting The Huge Zero Page (2)
Linux libc 5.3.12 / RedHat Linux 4.0 / Slackware Linux 3.1 - libc NLSPATH
Linux libc 5.3.12 (RedHat Linux 4.0 / Slackware Linux 3.1) - libc NLSPATH
Linux libc 5.3.12/5.4 / RedHat Linux 4.0 - 'vsyslog()' Local Buffer Overflow
Linux libc 5.3.12/5.4 (RedHat Linux 4.0) - 'vsyslog()' Local Buffer Overflow
Linux 6.1/6.2/7.0/7.1 Man Page - Source Buffer Overflow
Linux Man Page 6.1/6.2/7.0/7.1- Source Buffer Overflow
Linux VServer Project 1.2x - CHRoot Breakout
Linux VServer Project 1.2x - Chroot Breakout
Linux espfix64 - Nested NMIs Interrupting Privilege Escalation
Linux (x86) - Memory Sinkhole Privilege Escalation
Linux Kernel - 'espfix64' Nested NMIs Interrupting Privilege Escalation
Linux Kernel (x86) - Memory Sinkhole Privilege Escalation
Linux 3.17 - 'Python ctypes and memfd_create' noexec File Security Bypass
Linux Kernel 3.17 - 'Python ctypes and memfd_create' noexec File Security Bypass
Linux - 'ecryptfs' '/proc/$pid/environ' Local Privilege Escalation
Linux Kernel - 'ecryptfs' '/proc/$pid/environ' Local Privilege Escalation
Linux Kernel < 4.4.0-116 (Ubuntu 16.04.4) - Local Privilege Escalation
Linux Kernel < 3.5.0-23 (Ubuntu 12.04.2 x64) - 'SOCK_DIAG' SMEP Bypass Local Privilege Escalation
Linux Kernel < 4.4.0-21 (Ubuntu 16.04 x64) - 'netfilter target_offset' Local Privilege Escalation
Linux Kernel < 3.16.39 (Debian 8 x64) - 'inotfiy' Local Privilege Escalation
Linux Kernel 4.13 (Debian 9) - Local Privilege Escalation
Huawei Mate 7 - '/dev/hifi_misc' Privilege Escalation
2018-03-20 05:01:55 +00:00
Offensive Security
5947825a84
DB: 2018-03-10
...
15 changes to exploits/shellcodes
uTorrent / BitTorrent WebIU HTTP 1.7.7/6.0.1 - Range header Denial of Service
μTorrent (uTorrent) / BitTorrent WebIU HTTP 1.7.7/6.0.1 - Range header Denial of Service
uTorrent 1.8.3 Build 15772 - Create New Torrent Buffer Overflow (PoC)
μTorrent (uTorrent) 1.8.3 Build 15772 - Create New Torrent Buffer Overflow (PoC)
uTorrent WebUI 0.370 - Authorisation Header Denial of Service
μTorrent (uTorrent) WebUI 0.370 - Authorisation Header Denial of Service
Memcached - 'memcrashed' Denial of Service
Memcached 1.5.5 - 'Memcrashed' Insufficient Control Network Message Volume Denial of Service (2)
Memcached 1.5.5 - 'Memcrashed' Insufficient Control Network Message Volume Denial of Service (1)
Memcached 1.5.5 - 'Memcrashed ' Insufficient Control of Network Message Volume Denial of Service With Shodan API
Broadcom BCM43xx Wi-Fi - 'BroadPWN' Denial of Service
WebLog Expert Enterprise 9.4 - Denial of Service
uTorrent 2.0.3 - 'plugin_dll.dll' DLL Hijacking
μTorrent (uTorrent) 2.0.3 - 'plugin_dll.dll' DLL Hijacking
uTorrent 2.0.3 - DLL Hijacking
μTorrent (uTorrent) 2.0.3 - DLL Hijacking
iSumsoft ZIP Password Refixer 3.1.1 - Buffer Overflow
Microsoft Office - 'Composite Moniker Remote Code Execution
Mozilla Firefox - Address Bar Spoofing
Tor (Firefox 41 < 50) - Code Execution
Chrome 35.0.1916.153 - Sandbox Escape / Command Execution
WebLog Expert Enterprise 9.4 - Authentication Bypass
uTorrent 1.6 build 474 - 'announce' Key Remote Heap Overflow
μTorrent (uTorrent) 1.6 build 474 - 'announce' Key Remote Heap Overflow
t. hauck jana WebServer 1.0/1.45/1.46 - Directory Traversal
T. Hauck Jana Server 1.0/1.45/1.46 - Directory Traversal
Oracle WebLogic Server 10.3.6.0.0 / 12.x - Remote Command Execution
Werkzeug - 'Debug Shell' Command Execution
TikiWiki < 1.9.9 - 'tiki-listmovies.php' Directory Traversal
TikiWiki Project < 1.9.9 - 'tiki-listmovies.php' Directory Traversal
toronja CMS - SQL Injection
Toronja CMS - SQL Injection
uTorrent WebUI 0.310 Beta 2 - Cross-Site Request Forgery
μTorrent (uTorrent) WebUI 0.310 Beta 2 - Cross-Site Request Forgery
tinybrowser - 'tinybrowser.php' Directory Listing
tinybrowser - 'edit.php' Directory Listing
TinyBrowser - 'tinybrowser.php' Directory Listing
TinyBrowser - 'edit.php' Directory Listing
Xoops 2.5.7.2 - Directory Traversal Bypass
XOOPS 2.5.7.2 - Directory Traversal Bypass
SAP BusinessObjects launch pad - Server-Side Request Forgery
antMan < 0.9.1a - Authentication Bypass
Bacula-Web < 8.0.0-rc2 - SQL Injection
2018-03-10 05:01:50 +00:00
Offensive Security
9897272892
DB: 2018-03-07
...
8 changes to exploits/shellcodes
Memcached - 'memcrashed' Denial of Service
Softros Network Time System Server 2.3.4 - Denial of Service
Chrome V8 JIT - Simplified-lowererer IrOpcode::kStoreField_ IrOpcode::kStoreElement Optimization Bug
Chrome V8 JIT - JSBuiltinReducer::ReduceObjectCreate Fails to Ensure that the Prototype is _null_
Chrome V8 JIT - 'GetSpecializationContext' Type Confusion
Chrome V8 JIT - Empty BytecodeJumpTable Out-of-Bounds Read
Tenda AC15 Router - Unauthenticated Remote Code Execution
Joomla! Component Joomanager 2.0.0 - ' com_Joomanager' Arbitrary File Download (PoC)
Joomla! Component Joomanager 2.0.0 - 'com_Joomanager' Arbitrary File Download (PoC)
Joomla! Component Joomanager 2.0.0 - ' com_Joomanager' Arbitrary File Download
Joomla! Component Joomanager 2.0.0 - 'com_Joomanager' Arbitrary File Download
Bravo Tejari Web Portal - Cross-Site Request Forgery
2018-03-07 05:01:51 +00:00
Offensive Security
5d48f0abd2
DB: 2018-02-28
...
16 changes to exploits/shellcodes
Transmission - Integer Overflows Parsing Torrent Files
Chrome V8 - 'PropertyArray' Integer Overflow
Chrome V8 - 'TranslatedState::MaterializeCapturedObjectAt' Type Confusion
Asterisk chan_pjsip 15.2.0 - 'INVITE' Denial of Service
Asterisk chan_pjsip 15.2.0 - 'SDP' Denial of Service
Asterisk chan_pjsip 15.2.0 - 'SDP fmtp' Denial of Service
Asterisk chan_pjsip 15.2.0 - 'SUBSCRIBE' Stack Corruption
Microsoft Windows Windows 8.1/2012 R2 - SMB Denial of Service
Sony Playstation 4 4.55 FW - Local Kernel
GetGo Download Manager 5.3.0.2712 - Buffer Overflow (SEH)
Schools Alert Management Script 2.0.2 - Authentication Bypass
MyBB My Arcade Plugin 1.3 - Cross-Site Scripting
Joomla! Component K2 2.8.0 - Arbitrary File Download
School Management Script 3.0.4 - Authentication Bypass
CMS Made Simple 2.1.6 - Remote Code Execution
Concrete5 < 8.3.0 - Username / Comments Enumeration
2018-02-28 05:01:52 +00:00
Offensive Security
e630f8c249
DB: 2018-02-16
...
45 changes to exploits/shellcodes
Cisco ASA - Crash PoC
Cisco ASA - Crash (PoC)
GNU binutils 2.26.1 - Integer Overflow (POC)
GNU binutils 2.26.1 - Integer Overflow (PoC)
K7 Total Security 15.1.0.305 - Device Driver Arbitrary Memory Read
Linux Kernel - 'AF_PACKET' Use-After-Free
Oracle Java JDK/JRE < 1.8.0.131 / Apache Xerces 2.11.0 - 'PDF/Docx' Server Side Denial of Service
Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly (2)
Microsoft Edge Chakra JIT - Memory Corruption
Microsoft Edge Chakra JIT - ImplicitCallFlags Checks Bypass
Microsoft Edge Chakra JIT - Array Type Confusion via InitProto Instructions
Microsoft Edge Chakra JIT - 'Array.prototype.reverse' Array Type Confusion
Microsoft Edge Chakra JIT - 'NewScObjectNoCtor' Array Type Confusion
Microsoft Edge Chakra JIT - 'LdThis' Type Confusion
Pdfium - Pattern Shading Integer Overflows
Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace
Chrome V8 - 'Runtime_RegExpReplace' Integer Overflow
Hotspot Shield - Information Disclosure
Linux Kernel (Ubuntu 17.04) - 'XFRM' Local Privilege Escalation
Nitro Pro PDF - Multiple Vulnerabilities
Odoo CRM 10.0 - Code Execution
Dashlane - DLL Hijacking
LightDM (Ubuntu 16.04/16.10) - Guest Account Local Privilege Escalation
LightDM (Ubuntu 16.04/16.10) - 'Guest Account' Local Privilege Escalation
Trustwave SWG 11.8.0.27 - SSH Unauthorized Access
Ichano AtHome IP Cameras - Multiple Vulnerabilities
Cisco UCS Platform Emulator 3.1(2ePE1) - Remote Code Execution
Ikraus Anti Virus 2.16.7 - Remote Code Execution
McAfee Security Scan Plus - Remote Command Execution
OrientDB - Code Execution
360 Total Security - Local Privilege Escalation
HPE Intelligent Management Center (iMC) 7.2 (E0403P10) - Code Execution
Oracle Knowledge Management 12.1.1 < 12.2.5 - XML External Entity Leading To Remote Code Execution
iBall WRA150N - Multiple Vulnerabilities
GitStack - Unauthenticated Remote Code Execution
Monstra CMS - Remote Code Execution
Ametys CMS 4.0.2 - Unauthenticated Password Reset
DblTek - Multiple Vulnerabilities
FiberHome - Directory Traversal
PHP Melody 2.7.3 - Multiple Vulnerabilities
Tiandy IP Cameras 5.56.17.120 - Sensitive Information Disclosure
Horde Groupware 5.2.21 - Unauthorized File Download
QNAP HelpDesk < 1.1.12 - SQL Injection
Hanbanggaoke IP Camera - Arbitrary Password Change
McAfee LiveSafe 16.0.3 - Man In The Middle Registry Modification Leading to Remote Command Execution
Sophos XG Firewall 16.05.4 MR-4 - Path Traversal
Cisco DPC3928 Router - Arbitrary File Disclosure
IDERA Uptime Monitor 7.8 - Multiple Vulnerabilities
Geneko Routers - Unauthenticated Path Traversal
Dasan Networks GPON ONT WiFi Router H640X versions 12.02-01121 / 2.77p1-1124 / 3.03p2-1146 - Unauthenticated Remote Code Execution
2018-02-16 05:01:50 +00:00
Offensive Security
2c4b08963a
DB: 2018-02-08
...
25 changes to exploits/shellcodes
QNAP NAS Devices - Heap Overflow
QNAP NVR/NAS - Buffer Overflow (PoC)
QNAP NVR/NAS Devices - Buffer Overflow (PoC)
Cisco ASA - Crash PoC
Asterisk 13.17.2 - 'chan_skinny' Remote Memory Corruption
Android - 'getpidcon' Permission Bypass in KeyStore Service
Multiple OEM - 'nsd' Remote Stack Format String (PoC)
HP-UX 11.0 - pppd Stack Buffer Overflow
HP-UX 11.0 - 'pppd' Local Stack Buffer Overflow
SGI IRIX - 'LsD' Multiple Buffer Overflows
SGI IRIX - 'LsD' Multiple Local Buffer Overflows
PostScript Utilities - 'psnup' Argument Buffer Overflow
PostScript Utilities - 'psnup' Local Buffer Overflow
Open Cubic Player 2.6.0pre6/0.1.10_rc5 - Multiple Buffer Overflows
Open Cubic Player 2.6.0pre6/0.1.10_rc5 - Multiple Local Buffer Overflows
MalwareFox AntiMalware 2.74.0.150 - Privilege Escalation
Geovision Inc. IP Camera/Video/Access Control - Multiple Remote Command Execution / Stack Overflow / Double Free / Unauthorized Access
Geovision Inc. IP Camera & Video - Remote Command Execution
Axis SSI - Remote Command Execution / Read Files
Axis Communications MPQT/PACS - Heap Overflow / Information Leakage
Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code Execution
Herospeed - 'TelnetSwitch' Remote Stack Overflow / Overwrite Password / Enable TelnetD
Uniview - Remote Command Execution / Export Config (PoC)
Vitek - Remote Command Execution / Information Disclosure (PoC)
Vivotek IP Cameras - Remote Stack Overflow (PoC)
Dahua Generation 2/3 - Backdoor Access
HiSilicon DVR Devices - Remote Code Execution
JiRos Banner Experience 1.0 - Unauthorised Create Admin
JiRos Banner Experience 1.0 - Unauthorized Create Admin
Doctor Search Script 1.0.2 - Persistent Cross-Site Scripting
Multilanguage Real Estate MLM Script - Persistent Cross-Site Scripting
Naukri Clone Script - Persistent Cross-Site Scripting
Hot Scripts Clone Script Classified - Persistent Cross-Site Scripting
Online Test Script 2.0.7 - 'cid' SQL Injection
Entrepreneur Dating Script 2.0.2 - Authentication Bypass
2018-02-08 05:01:53 +00:00
Offensive Security
2d8b561a5d
DB: 2018-01-09
...
26 changes to exploits/shellcodes
Need for Speed 2 - Remote Client Buffer Overflow
Need for Speed 2 - Remote Client Buffer Overflow (PoC)
Red Faction 1.20 - Server Reply Remote Buffer Overflow
Red Faction 1.20 - Server Reply Remote Buffer Overflow (PoC)
Medal of Honor - Remote Buffer Overflow
Medal of Honor - Remote Buffer Overflow (PoC)
Monolith Games - Local Buffer Overflow
Monolith Games - Local Buffer Overflow (PoC)
BaSoMail - Multiple Buffer Overflow Denial of Service Vulnerabilities
BaSoMail - Multiple Buffer Overflow (Denial of Service) (PoC) Vulnerabilities
Orbz Game 2.10 - Remote Buffer Overflow
Orbz Game 2.10 - Remote Buffer Overflow (PoC)
Painkiller 1.35 - in-game cd-key alpha-numeric Buffer Overflow
Painkiller 1.35 - in-game cd-key alpha-numeric Buffer Overflow (PoC)
KNet Web Server 1.04c - Buffer Overflow Denial of Service
KNet Web Server 1.04c - Buffer Overflow (Denial of Service) (PoC)
ProRat Server 1.9 (Fix-2) - Buffer Overflow Crash
ProRat Server 1.9 (Fix-2) - Buffer Overflow / Crash (PoC)
Mozilla Products - 'Host:' Buffer Overflow Denial of Service String
Mozilla Products - 'Host:' Buffer Overflow (Denial of Service) (PoC) String
Virtools Web Player 3.0.0.100 - Buffer Overflow Denial of Service
Virtools Web Player 3.0.0.100 - Buffer Overflow (Denial of Service) (PoC)
FlatFrag 0.3 - Buffer Overflow / Denial of Service
FlatFrag 0.3 - Buffer Overflow (Denial of Service) (PoC)
zawhttpd 0.8.23 - GET Remote Buffer Overflow Denial of Service
zawhttpd 0.8.23 - GET Remote Buffer Overflow (Denial of Service) (PoC)
TinyFTPD 1.4 - 'USER' Remote Buffer Overflow Denial of Service
TinyFTPD 1.4 - 'USER' Remote Buffer Overflow (Denial of Service) (PoC)
Genecys 0.2 - Buffer Overflow / NULL pointer Denial of Service
Genecys 0.2 - Buffer Overflow / NULL Pointer (Denial of Service)
PunkBuster < 1.229 - WebTool Service Remote Buffer Overflow Denial of Service
PunkBuster < 1.229 - WebTool Service Remote Buffer Overflow (Denial of Service) (PoC)
FlashFXP 3.4.0 build 1145 - Remote Buffer Overflow Denial of Service
FlashFXP 3.4.0 build 1145 - Remote Buffer Overflow (Denial of Service) (PoC)
Snort 2.6.1 - DCE/RPC Preprocessor Remote Buffer Overflow Denial of Service
Snort 2.6.1 - DCE/RPC Preprocessor Remote Buffer Overflow (Denial of Service) (PoC)
TFTP Server 1.3 - Remote Buffer Overflow Denial of Service
TFTP Server 1.3 - Remote Buffer Overflow (Denial of Service) (PoC)
LeadTools Raster - Dialog File_D Object Remote Buffer Overflow
LeadTools Raster - Dialog File_D Object Remote Buffer Overflow (PoC)
LeadTools Raster ISIS Object 'LTRIS14e.DLL 14.5.0.44' - Remote Buffer Overflow
LeadTools Raster ISIS Object 'LTRIS14e.DLL 14.5.0.44' - Remote Buffer Overflow (PoC)
Xserver 0.1 Alpha - POST Remote Buffer Overflow
Xserver 0.1 Alpha - 'POST' Remote Buffer Overflow (PoC)
Microsoft SQL Server - Distributed Management Objects 'sqldmo.dll' Buffer Overflow
Microsoft SQL Server - Distributed Management Objects 'sqldmo.dll' Buffer Overflow (PoC)
QuickTime Player 7.3.1.70 - 'RTSP' Buffer Overflow
QuickTime Player 7.3.1.70 - 'RTSP' Buffer Overflow (PoC)
Crystal Reports XI Release 2 (Enterprise Tree Control) - ActiveX Buffer Overflow / Denial of Service
Crystal Reports XI Release 2 (Enterprise Tree Control) - ActiveX Buffer Overflow (Denial of Service) (PoC)
Surgemail 39e-1 - Authenticated IMAP Remote Buffer Overflow Denial of Service
Surgemail 39e-1 - Authenticated IMAP Remote Buffer Overflow (Denial of Service) (PoC)
Google Picasa 3.5 - Local Buffer Overflow (Denial of Service)
Google Picasa 3.5 - Local Buffer Overflow (Denial of Service) (PoC)
Printoxx - Local Buffer Overflow
Picpuz 2.1.1 - Buffer Overflow Denial of Service (PoC)
Printoxx - Local Buffer Overflow (PoC)
Picpuz 2.1.1 - Buffer Overflow (Denial of Service) (PoC)
Apollo Player 37.0.0.0 - '.aap' Buffer Overflow Denial of Service
Apollo Player 37.0.0.0 - '.aap' Buffer Overflow (Denial of Service) (PoC)
Switch Sound File Converter - '.mpga' Buffer Overflow Denial of Service
Switch Sound File Converter - '.mpga' Buffer Overflow (Denial of Service) (PoC)
Wireshark 1.2.5 - LWRES getaddrbyname Stack Buffer Overflow
Xerox Workcenter 4150 - Remote Buffer Overflow
Wireshark 1.2.5 - 'LWRES getaddrbyname' Stack Buffer Overflow (PoC)
Xerox Workcenter 4150 - Remote Buffer Overflow (PoC)
iPhone / iTouch FtpDisc 1.0 - Buffer Overflow / Denial of Service
iPhone / iTouch FtpDisc 1.0 - Buffer Overflow (Denial of Service) (PoC)
Aircrack-NG Tools svn r1675 - Remote Heap Buffer Overflow
Aircrack-NG Tools svn r1675 - Remote Heap Buffer Overflow (PoC)
Mocha LPD 1.9 - Remote Buffer Overflow Denial of Service (PoC)
FontForge - '.BDF' Font File Stack Buffer Overflow
Mocha LPD 1.9 - Remote Buffer Overflow (Denial of Service) (PoC)
FontForge - '.BDF' Font File Stack Buffer Overflow (PoC)
Multiple Vendor AgentX++ - Stack Buffer Overflow
Multiple Vendor AgentX++ - Stack Buffer Overflow (PoC)
Attachmate Reflection Standard Suite 2008 - ActiveX Buffer Overflow
Attachmate Reflection Standard Suite 2008 - ActiveX Buffer Overflow (PoC)
Haihaisoft PDF Reader OCX Control 1.1.2.0 - Remote Buffer Overflow
Haihaisoft PDF Reader OCX Control 1.1.2.0 - Remote Buffer Overflow (PoC)
FTP Client 0.17-19build1 ACCT (Ubuntu 10.04) - Buffer Overflow
FTP Client 0.17-19build1 ACCT (Ubuntu 10.04) - Buffer Overflow (PoC)
LeadTools ActiveX Raster Twain 16.5 - 'LtocxTwainu.dll' Buffer Overflow
LeadTools ActiveX Raster Twain 16.5 - 'LtocxTwainu.dll' Buffer Overflow (PoC)
Altova DatabaseSpy 2011 - Project File Handling Buffer Overflow
Altova DatabaseSpy 2011 - Project File Handling Buffer Overflow (PoC)
Platinum SDK Library - POST UPnP 'sscanf' Buffer Overflow
Platinum SDK Library - POST UPnP 'sscanf' Buffer Overflow (PoC)
Native Instruments Traktor Pro 1.2.6 - Stack Buffer Overflow
Native Instruments Traktor Pro 1.2.6 - Stack Buffer Overflow (PoC)
Hanso Player 1.4.0.0 - Buffer Overflow Skinfile (Denial of Service)
Hanso Player 1.4.0.0 - 'Skinfile' Buffer Overflow (Denial of Service)
Real player 14.0.2.633 - Buffer Overflow / Denial of Service
GOM Media Player 2.1.6.3499 - Buffer Overflow / Denial of Service
Real player 14.0.2.633 - Buffer Overflow (Denial of Service) (PoC)
GOM Media Player 2.1.6.3499 - Buffer Overflow (Denial of Service) (PoC)
BulletProof FTP Client 2010 - Buffer Overflow
BulletProof FTP Client 2010 - Buffer Overflow (PoC)
KnFTP 1.0.0 Server - Multiple Buffer Overflows (Denial of Service) (PoC)
KnFTP 1.0.0 Server - Multiple Buffer Overflows (Denial of Service) (SEH) (PoC)
Oracle DataDirect - Multiple Native Wire Protocol ODBC Drivers HOST Attribute Stack Buffer Overflows
Oracle DataDirect - Multiple Native Wire Protocol ODBC Drivers HOST Attribute Stack Buffer Overflows (PoC)
CSF Firewall - Buffer Overflow
CSF Firewall - Buffer Overflow (PoC)
Tracker Software pdfSaver ActiveX 3.60 - 'pdfxctrl.dll' Stack Buffer Overflow (SEH)
Tracker Software pdfSaver ActiveX 3.60 - 'pdfxctrl.dll' Stack Buffer Overflow (SEH) (PoC)
Edraw Diagram Component 5 - ActiveX Buffer Overflow Denial of Service
Edraw Diagram Component 5 - ActiveX Buffer Overflow (Denial of Service) (PoC)
Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT - ActiveX Control PlayerPT.ocx sprintf Buffer Overflow
Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT - ActiveX Control PlayerPT.ocx sprintf Buffer Overflow (PoC)
Asterisk - 'ast_parse_digest()' Stack Buffer Overflow
Asterisk - 'ast_parse_digest()' Stack Buffer Overflow (PoC)
GIMP 2.6 script-fu < 2.8.0 - Buffer Overflow
GIMP 2.6 script-fu < 2.8.0 - Buffer Overflow (PoC)
Apple iTunes 10.6.1.7 - '.m3u' Walking Heap Buffer Overflow
Apple iTunes 10.6.1.7 - '.m3u' Walking Heap Buffer Overflow (PoC)
Qbik WinGate 3.0/Pro 4.0.1/Standard 4.0.1 - Buffer Overflow Denial of Service
Qbik WinGate 3.0/Pro 4.0.1/Standard 4.0.1 - Buffer Overflow (Denial of Service) (PoC)
Lattice Diamond Programmer 1.4.2 - Buffer Overflow
Lattice Diamond Programmer 1.4.2 - Buffer Overflow (PoC)
Ipswitch IMail 5.0 - Whois32 Daemon Buffer Overflow Denial of Service
Ipswitch IMail 5.0 - Imapd Buffer Overflow Denial of Service
Ipswitch IMail 5.0 - LDAP Buffer Overflow Denial of Service
Ipswitch IMail 5.0 - IMonitor Buffer Overflow Denial of Service
Ipswitch IMail 5.0/6.0 - Web Service Buffer Overflow Denial of Service
Ipswitch IMail 5.0 - Whois32 Daemon Buffer Overflow (Denial of Service) (PoC)
Ipswitch IMail 5.0 - Imapd Buffer Overflow (Denial of Service) (PoC)
Ipswitch IMail 5.0 - LDAP Buffer Overflow (Denial of Service) (PoC)
Ipswitch IMail 5.0 - IMonitor Buffer Overflow (Denial of Service) (PoC)
Ipswitch IMail 5.0/6.0 - Web Service Buffer Overflow (Denial of Service) (PoC)
Netscape Enterprise Server 3.6 - SSL Buffer Overflow Denial of Service
Netscape Enterprise Server 3.6 - SSL Buffer Overflow (Denial of Service) (PoC)
Ipswitch IMail 5.0.5/5.0.6/5.0.7 - POP3 Denial of Service / Buffer Overflow
Ipswitch IMail 5.0.5/5.0.6/5.0.7 - POP3 Denial of Service / Buffer Overflow (PoC)
Gene6 G6 FTP Server 2.0 - Buffer Overflow Denial of Service
Gene6 G6 FTP Server 2.0 - Buffer Overflow (Denial of Service) (PoC)
RedHat Linux 6.x - X Font Server Denial of Service / Buffer Overflow
RedHat Linux 6.x - X Font Server Buffer Overflow (Denial of Service)
Computalynx CProxy Server 3.3 SP2 - Buffer Overflow Denial of Service
Computalynx CProxy Server 3.3 SP2 - Buffer Overflow (Denial of Service) (PoC)
Cerberus FTP Server 1.x - Buffer Overflow Denial of Service
Cerberus FTP Server 1.x - Buffer Overflow (Denial of Service) (PoC)
Microsoft SQL Server 2000 - SQLXML Buffer Overflow
Microsoft SQL Server 2000 - 'SQLXML' Buffer Overflow (PoC)
Microsoft SQL Server 2000 / Microsoft Jet 4.0 Engine - Unicode Buffer Overflow
Microsoft SQL Server 2000 / Microsoft Jet 4.0 Engine - Unicode Buffer Overflow (PoC)
Intellicom 1.3 - 'NetBiterConfig.exe Hostname' Data Remote Stack Buffer Overflow
Intellicom 1.3 - 'NetBiterConfig.exe Hostname' Data Remote Stack Buffer Overflow (PoC)
Hotfoon Dialer 4.0 - Buffer Overflow
Hotfoon Dialer 4.0 - Buffer Overflow (PoC)
IISPop 1.161/1.181 - Remote Buffer Overflow Denial of Service
IISPop 1.161/1.181 - Remote Buffer Overflow (Denial of Service) (PoC)
Linksys Devices 1.42/1.43 - GET Buffer Overflow
Linksys Devices 1.42/1.43 - 'GET' Buffer Overflow (PoC)
iCal 3.7 - Remote Buffer Overflow
iCal 3.7 - Remote Buffer Overflow (PoC)
Microsoft Windows NT/2000 - 'cmd.exe' CD Buffer Overflow
Microsoft Windows NT/2000 - 'cmd.exe' CD Buffer Overflow (PoC)
Dr.Web 4.x - Virus Scanner Folder Name Buffer Overflow
Dr.Web 4.x - Virus Scanner Folder Name Buffer Overflow (PoC)
Xeneo Web Server 2.2.10 - Undisclosed Buffer Overflow
Xeneo Web Server 2.2.10 - Undisclosed Buffer Overflow (PoC)
Microsoft NetMeeting 2.1/3.0.1 4.4.3385 - CALLTO URL Buffer Overflow
Microsoft NetMeeting 2.1/3.0.1 4.4.3385 - CALLTO URL Buffer Overflow (PoC)
Zoner Photo Studio 15 b3 - Buffer Overflow
Zoner Photo Studio 15 b3 - Buffer Overflow (PoC)
Novell Netware Enterprise Web Server 5.1/6.0 - CGI2Perl.NLM Buffer Overflow
Novell Netware Enterprise Web Server 5.1/6.0 - 'CGI2Perl.NLM' Buffer Overflow (PoC)
IBM U2 UniVerse 10.0.0.9 - uvrestore Buffer Overflow
IBM U2 UniVerse 10.0.0.9 - 'uvrestore' Buffer Overflow (PoC)
Avant Browser 8.0.2 - 'HTTP Request' Buffer Overflow
Avant Browser 8.0.2 - 'HTTP Request' Buffer Overflow (PoC)
NullSoft Winamp 2.81/2.91/3.0/3.1 - MIDI Plugin 'IN_MIDI.dll' Track Data Size Buffer Overflow
NullSoft Winamp 2.81/2.91/3.0/3.1 - MIDI Plugin 'IN_MIDI.dll' Track Data Size Buffer Overflow (PoC)
myServer 0.4.x - 'cgi-lib.dll' Remote Buffer Overflow
myServer 0.4.x - 'cgi-lib.dll' Remote Buffer Overflow (PoC)
EffectOffice Server 2.6 - Remote Service Buffer Overflow
EffectOffice Server 2.6 - Remote Service Buffer Overflow (PoC)
Surfboard HTTPd 1.1.9 - Remote Buffer Overflow
Surfboard HTTPd 1.1.9 - Remote Buffer Overflow (PoC)
1st Class Internet Solutions 1st Class Mail Server 4.0 - Remote Buffer Overflow
1st Class Internet Solutions 1st Class Mail Server 4.0 - Remote Buffer Overflow (PoC)
Blaxxun Contact 3D - X-CC3D Browser Object Buffer Overflow
Blaxxun Contact 3D - X-CC3D Browser Object Buffer Overflow (PoC)
Mcafee FreeScan CoMcFreeScan Browser - Object Buffer Overflow
Mcafee FreeScan CoMcFreeScan Browser - Object Buffer Overflow (PoC)
Foxit Reader 5.4.4.1128 Firefox Plugin - 'npFoxitReaderPlugin.dll' Stack Buffer Overflow
Foxit Reader 5.4.4.1128 Firefox Plugin - 'npFoxitReaderPlugin.dll' Stack Buffer Overflow (PoC)
DeleGate 7.8.x/8.x - SSLway Filter Remote Stack Buffer Overflow
DeleGate 7.8.x/8.x - SSLway Filter Remote Stack Buffer Overflow (PoC)
VMware Workstation - 'vprintproxy.exe' TrueType NAME Tables Heap Buffer Overflow
VMware Workstation - 'vprintproxy.exe' TrueType NAME Tables Heap Buffer Overflow (PoC)
aGSM 2.35 Half-Life Server - Info Response Buffer Overflow
aGSM 2.35 Half-Life Server - Info Response Buffer Overflow (PoC)
cURL - Buffer Overflow
cURL - Buffer Overflow (PoC)
TagScanner 5.1 - Stack Buffer Overflow
TagScanner 5.1 - Stack Buffer Overflow (PoC)
Linux Kernel - 'SCTP_GET_ASSOC_STATS()' Stack Buffer Overflow
Linux Kernel - 'SCTP_GET_ASSOC_STATS()' Stack Buffer Overflow (PoC)
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 2.0 - Stack Buffer Overflow Denial of Service
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 2.0 - Stack Buffer Overflow (Denial of Service) (PoC)
QwikMail 0.3 - HELO Command Buffer Overflow
QwikMail 0.3 - 'HELO' Buffer Overflow (PoC)
NullSoft Winamp 5.0.x - Variant 'IN_CDDA.dll' Remote Buffer Overflow
NullSoft Winamp 5.0.x - Variant 'IN_CDDA.dll' Remote Buffer Overflow (PoC)
Huawei SNMPv3 Service - Multiple Buffer Overflow Vulnerabilities
Huawei SNMPv3 Service - Multiple Buffer Overflow Vulnerabilities (PoC)
Star Wars Jedi Knight: Jedi Academy 1.0.11 - Buffer Overflow
Star Wars Jedi Knight: Jedi Academy 1.0.11 - Buffer Overflow (PoC)
AN HTTPD - 'CMDIS.dll' Remote Buffer Overflow
AN HTTPD - 'CMDIS.dll' Remote Buffer Overflow (PoC)
Serva 32 TFTP 2.1.0 - Buffer Overflow Denial of Service
Serva 32 TFTP 2.1.0 - Buffer Overflow (Denial of Service) (PoC)
Orenosv HTTP/FTP Server 0.8.1 - 'CGISSI.exe' Remote Buffer Overflow
Orenosv HTTP/FTP Server 0.8.1 - 'CGISSI.exe' Remote Buffer Overflow (PoC)
Linux Kernel 2.2.x/2.3.x/2.4.x/2.5.x/2.6.x - ELF Core Dump Local Buffer Overflow
Linux Kernel 2.2.x/2.3.x/2.4.x/2.5.x/2.6.x - ELF Core Dump Local Buffer Overflow (PoC)
PlanetDNS PlanetFileServer - Remote Buffer Overflow
PlanetDNS PlanetFileServer - Remote Buffer Overflow (PoC)
Alt-N MDaemon 8.0 - IMAP Server CREATE Remote Buffer Overflow
Alt-N MDaemon 8.0 - IMAP Server CREATE Remote Buffer Overflow (PoC)
Ubiquiti airCam RTSP Service 1.1.5 - Buffer Overflow
Ubiquiti airCam RTSP Service 1.1.5 - Buffer Overflow (PoC)
LeapFTP Client 2.7.3/2.7.4 - '.LSQ' File Remote Buffer Overflow
LeapFTP Client 2.7.3/2.7.4 - '.LSQ' File Remote Buffer Overflow (PoC)
VbsEdit 5.9.3 - '.smi' Buffer Overflow
VbsEdit 5.9.3 - '.smi' Buffer Overflow (PoC)
Microsoft Windows XP/2000/2003 - MHTML URI Buffer Overflow
Microsoft Windows XP/2000/2003 - MHTML URI Buffer Overflow (PoC)
AGEphone 1.28/1.38 - SIP Packet Handling Buffer Overflow
AGEphone 1.28/1.38 - SIP Packet Handling Buffer Overflow (PoC)
DSocks 1.3 - 'Name' Buffer Overflow
DSocks 1.3 - 'Name' Buffer Overflow (PoC)
IcoFX 2.5.0.0 - '.ico' Buffer Overflow
IcoFX 2.5.0.0 - '.ico' Buffer Overflow (PoC)
Microsoft Class Package Export Tool 5.0.2752 - 'Clspack.exe' Local Buffer Overflow
Microsoft Windows XP - 'cmd.exe' Buffer Overflow
Microsoft Class Package Export Tool 5.0.2752 - 'Clspack.exe' Local Buffer Overflow (PoC)
Microsoft Windows XP - 'cmd.exe' Buffer Overflow (PoC)
Packeteer PacketShaper 8.0 - Multiple Buffer Overflow Denial of Service Vulnerabilities
Packeteer PacketShaper 8.0 - Multiple Buffer Overflow (Denial of Service) (PoC) Vulnerabilities
Bochs 2.3 - Buffer Overflow / Denial of Service
Bochs 2.3 - Buffer Overflow (Denial of Service) (PoC)
Blue Coat Systems K9 Web Protection 32.36 - Remote Buffer Overflow
Blue Coat Systems K9 Web Protection 32.36 - Remote Buffer Overflow (PoC)
Asterisk 1.4 SIP T.38 SDP - Parsing Remote Stack Buffer Overflow (1)
Asterisk 1.4 SIP T.38 SDP - Parsing Remote Stack Buffer Overflow (2)
Asterisk 1.4 SIP T.38 SDP - Parsing Remote Stack Buffer Overflow (PoC) (1)
Asterisk 1.4 SIP T.38 SDP - Parsing Remote Stack Buffer Overflow (PoC) (2)
T1lib - intT1_Env_GetCompletePath Buffer Overflow
T1lib - 'intT1_Env_GetCompletePath' Buffer Overflow (PoC)
Foxmail Email Client 6.5 - 'mailto' Buffer Overflow
Foxmail Email Client 6.5 - 'mailto' Buffer Overflow (PoC)
Microsoft Windows Media Digital Rights Management - ActiveX Control Buffer Overflow
Yahoo! Toolbar 1.4.1 Helper - Class ActiveX Control Remote Buffer Overflow Denial of Service
Microsoft Windows Media Digital Rights Management - ActiveX Control Buffer Overflow (PoC)
Yahoo! Toolbar 1.4.1 Helper - Class ActiveX Control Remote Buffer Overflow (Denial of Service) (PoC)
Xine-Lib 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow
Xine-Lib 1.1.9 - 'rmff_dump_cont()' Remote Heap Buffer Overflow (PoC)
Titan FTP Server 6.05 build 550 - 'DELE' Remote Buffer Overflow
Titan FTP Server 6.05 build 550 - 'DELE' Remote Buffer Overflow (PoC)
MW6 Technologies Aztec - ActiveX 'Data' Buffer Overflow
MW6 Technologies Aztec - ActiveX 'Data' Buffer Overflow (PoC)
MW6 Technologies MaxiCode - ActiveX 'Data' Buffer Overflow
MW6 Technologies MaxiCode - ActiveX 'Data' Buffer Overflow (PoC)
Trend Micro OfficeScan - Buffer Overflow / Denial of Service
Trend Micro OfficeScan - Buffer Overflow (Denial of Service) (PoC)
ICQ 6 - 'Personal Status Manager' Remote Buffer Overflow
ICQ 6 - 'Personal Status Manager' Remote Buffer Overflow (PoC)
Catia V5-6R2013 - 'CATV5_AllApplications' Stack Buffer Overflow
Catia V5-6R2013 - 'CATV5_AllApplications' Stack Buffer Overflow (PoC)
Catia V5-6R2013 - 'CATV5_Backbone_Bus' Stack Buffer Overflow
Catia V5-6R2013 - 'CATV5_Backbone_Bus' Stack Buffer Overflow (PoC)
NASA Ames Research Center BigView 1.8 - '.PNM' Stack Buffer Overflow
NASA Ames Research Center BigView 1.8 - '.PNM' Stack Buffer Overflow (PoC)
ZoneAlarm Security Suite 7.0 - AntiVirus Directory Path Buffer Overflow
ZoneAlarm Security Suite 7.0 - AntiVirus Directory Path Buffer Overflow (PoC)
A10 Networks ACOS 2.7.0-P2 (build: 53) - Buffer Overflow
A10 Networks ACOS 2.7.0-P2 (Build 53) - Buffer Overflow (PoC)
Internet Download Manager 5.15 Build 3 - Language File Parsing Buffer Overflow
Internet Download Manager 5.15 Build 3 - Language File Parsing Buffer Overflow (PoC)
Jzip - Buffer Overflow (SEH Unicode) (Denial of Service)
Jzip - Buffer Overflow (Denial of Service) (SEH Unicode)
Sendmail 8.12.x - 'X-header' Remote Heap Buffer Overflow
Sendmail 8.12.x - 'X-header' Remote Heap Buffer Overflow (PoC)
BaoFeng Storm 3.9.62 - '.Playlist' File Buffer Overflow
BaoFeng Storm 3.9.62 - '.Playlist' File Buffer Overflow (PoC)
Adobe Flash Player 10.0.22 and AIR - URI Parsing Heap Buffer Overflow
Adobe Flash Player 10.0.22 / AIR - URI Parsing Heap Buffer Overflow (PoC)
Novell Groupwise Client 7.0.3.1294 - 'gxmim1.dll' ActiveX Control Buffer Overflow
Novell Groupwise Client 7.0.3.1294 - 'gxmim1.dll' ActiveX Control Buffer Overflow (PoC)
Sun Java System Web Server 6.1/7.0 - 'TRACE' Heap Buffer Overflow
Sun Java System Web Server 6.1/7.0 - 'TRACE' Heap Buffer Overflow (PoC)
Xerox WorkCentre - PJL Daemon Buffer Overflow
Xerox WorkCentre - PJL Daemon Buffer Overflow (PoC)
Zeus Web Server 4.x - 'SSL2_CLIENT_HELLO' Remote Buffer Overflow
Zeus Web Server 4.x - 'SSL2_CLIENT_HELLO' Remote Buffer Overflow (PoC)
Gracenote CDDBControl - ActiveX Control 'ViewProfile' Method Heap Buffer Overflow
Gracenote CDDBControl - ActiveX Control 'ViewProfile' Method Heap Buffer Overflow (PoC)
Mocha W32 LPD 1.9 - Remote Buffer Overflow
Mocha W32 LPD 1.9 - Remote Buffer Overflow (PoC)
Ubisoft Rayman Legends 1.2.103716 - Remote Stack Buffer Overflow
Ubisoft Rayman Legends 1.2.103716 - Remote Stack Buffer Overflow (PoC)
BulletProof FTP Client 2010 - Buffer Overflow (SEH)
BulletProof FTP Client 2010 - Buffer Overflow (SEH) (PoC)
Unreal Engine 2.5 - 'UpdateConnectingMessage()' Remote Stack Buffer Overflow
Unreal Engine 2.5 - 'UpdateConnectingMessage()' Remote Stack Buffer Overflow (PoC)
D-Link WBR-2310 1.0.4 - GET Remote Buffer Overflow
D-Link WBR-2310 1.0.4 - 'GET' Remote Buffer Overflow (PoC)
HTML Help Workshop 1.4 - Buffer Overflow (SEH)
HTML Help Workshop 1.4 - Buffer Overflow (SEH) (PoC)
Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' File Buffer Overflow / Denial of Service EIP Overwrite
Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' File Buffer Overflow (Denial of Service) (PoC) EIP Overwrite
TRENDnet SecurView Wireless Network Camera TV-IP422WN - 'UltraCamX.ocx' Stack Buffer Overflow
TRENDnet SecurView Wireless Network Camera TV-IP422WN - 'UltraCamX.ocx' Stack Buffer Overflow (PoC)
Mediacoder 0.8.33 build 5680 - '.m3u' Buffer Overflow (SEH) (Denial of Service)
Mediacoder 0.8.33 build 5680 - '.lst' Buffer Overflow (SEH) (Denial of Service)
Mediacoder 0.8.33 build 5680 - '.m3u' Buffer Overflow (Denial of Service) (SEH) (PoC)
Mediacoder 0.8.33 build 5680 - '.lst' Buffer Overflow (Denial of Service) (SEH) (PoC)
G-WAN 2.10.6 - Buffer Overflow / Denial of Service
G-WAN 2.10.6 - Buffer Overflow (Denial of Service) (PoC)
Opera Web Browser 11.52 - Escape Sequence Stack Buffer Overflow Denial of Service
Opera Web Browser 11.52 - Escape Sequence Stack Buffer Overflow (Denial of Service) (PoC)
TestDisk 6.14 - Check_OS2MB Stack Buffer Overflow
TestDisk 6.14 - 'Check_OS2MB' Stack Buffer Overflow (PoC)
ZOC SSH Client - Buffer Overflow (SEH)
ZOC SSH Client - Buffer Overflow (SEH) (PoC)
WebDrive 12.2 (B4172) - Buffer Overflow
WebDrive 12.2 (B4172) - Buffer Overflow (PoC)
PFTP Server 8.0f Lite - textfield Local Buffer Overflow (SEH)
PFTP Server 8.0f Lite - textfield Local Buffer Overflow (SEH) (PoC)
Mpxplay MultiMedia Commander 2.00a - '.m3u' Stack Buffer Overflow
Mpxplay MultiMedia Commander 2.00a - '.m3u' Stack Buffer Overflow (PoC)
IKEView.exe Fox Beta 1 - Stack Buffer Overflow
IKEView.exe R60 - Stack Buffer Overflow
IKEView.exe Fox Beta 1 - Stack Buffer Overflow (PoC)
IKEView.exe R60 - Stack Buffer Overflow (PoC)
Apple Mac OSX Regex Engine (TRE) - Stack Buffer Overflow
Apple Mac OSX Regex Engine (TRE) - Stack Buffer Overflow (PoC)
Git 1.9.5 - 'ssh-agent.exe' Buffer Overflow
Git 1.9.5 - 'ssh-agent.exe' Buffer Overflow (PoC)
LanSpy 2.0.0.155 - Buffer Overflow
LanWhoIs.exe 1.0.1.120 - Stack Buffer Overflow
Last PassBroker 3.2.16 - Stack Buffer Overflow
LanSpy 2.0.0.155 - Buffer Overflow (PoC)
LanWhoIs.exe 1.0.1.120 - Stack Buffer Overflow (PoC)
Last PassBroker 3.2.16 - Stack Buffer Overflow (PoC)
Python 2.7 hotshot Module - 'pack_string' Heap Buffer Overflow
Python 2.7 hotshot Module - 'pack_string' Heap Buffer Overflow (PoC)
TECO SG2 FBD Client 3.51 - '.gfb' Overwrite Buffer Overflow (SEH)
TECO TP3-PCLINK 2.1 - '.tpc' File Handling Buffer Overflow
TECO AP-PCLINK 1.094 - '.tpc' File Handling Buffer Overflow
TECO SG2 FBD Client 3.51 - '.gfb' Overwrite Buffer Overflow (SEH) (PoC)
TECO TP3-PCLINK 2.1 - '.tpc' Handling Buffer Overflow (PoC)
TECO AP-PCLINK 1.094 - '.tpc' File Handling Buffer Overflow (PoC)
IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - _FXCLI_SetConfFileChunk Stack Buffer Overflow
IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - _FXCLI_GetConfFileChunk Stack Buffer Overflow
IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - '_FXCLI_SetConfFileChunk' Stack Buffer Overflow (PoC)
IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - '_FXCLI_GetConfFileChunk' Stack Buffer Overflow (PoC)
Advanced Encryption Package Buffer Overflow - Denial of Service
Advanced Encryption Package - Buffer Overflow (Denial of Service) (PoC)
InfraRecorder - '.m3u' File Buffer Overflow
InfraRecorder - '.m3u' File Buffer Overflow (PoC)
Autonics DAQMaster 1.7.3 - DQP Parsing Buffer Overflow Code Execution
Autonics DAQMaster 1.7.3 - DQP Parsing Buffer Overflow Code Execution (PoC)
Baumer VeriSens Application Suite 2.6.2 - Buffer Overflow
yTree 1.94-1.1 - Local Buffer Overflow
Baumer VeriSens Application Suite 2.6.2 - Buffer Overflow (PoC)
yTree 1.94-1.1 - Local Buffer Overflow (PoC)
NTPd ntp-4.2.6p5 - 'ctl_putdata()' Buffer Overflow
NTPd ntp-4.2.6p5 - 'ctl_putdata()' Buffer Overflow (PoC)
CyberCop Scanner Smbgrind 5.5 - Buffer Overflow
CyberCop Scanner Smbgrind 5.5 - Buffer Overflow (PoC)
STIMS Buffer 1.1.20 - Buffer Overflow (SEH) (Denial of Service)
STIMS Cutter 1.1.3.20 - Buffer Overflow Denial of Service
STIMS Buffer 1.1.20 - Buffer Overflow (Denial of Service) (SEH) (PoC)
STIMS Cutter 1.1.3.20 - Buffer Overflow (Denial of Service) (PoC)
4digits 1.1.4 - Local Buffer Overflow
4digits 1.1.4 - Local Buffer Overflow (PoC)
Websockify (C Implementation) 0.8.0 - Buffer Overflow
Websockify (C Implementation) 0.8.0 - Buffer Overflow (PoC)
Google Android - '/system/bin/sdcard' Stack Buffer Overflow
Google Android - '/system/bin/sdcard' Stack Buffer Overflow (PoC)
Oracle Orakill.exe 11.2.0 - Buffer Overflow
Oracle Orakill.exe 11.2.0 - Buffer Overflow (PoC)
Symantec AntiVirus - 'dec2lha Library' Remote Stack Buffer Overflow
Symantec AntiVirus - 'dec2lha Library' Remote Stack Buffer Overflow (PoC)
Symantec AntiVirus - PowerPoint Misaligned Stream-cache Remote Stack Buffer Overflow
Core FTP LE 2.2 - Path Field Local Buffer Overflow
Symantec AntiVirus - PowerPoint Misaligned Stream-cache Remote Stack Buffer Overflow (PoC)
Core FTP LE 2.2 - Path Field Local Buffer Overflow (PoC)
Micro Focus Rumba 9.3 - ActiveX Stack Buffer Overflow
Micro Focus Rumba 9.3 - ActiveX Stack Buffer Overflow (PoC)
ConQuest DICOM Server 1.4.17d - Stack Buffer Overflow
ConQuest DICOM Server 1.4.17d - Stack Buffer (PoC)
QNAP NVR/NAS - Buffer Overflow
QNAP NVR/NAS - Buffer Overflow (PoC)
Cerberus FTP Server 8.0.10.3 - 'MLST' Buffer Overflow
CDex 1.96 - Buffer Overflow
Cerberus FTP Server 8.0.10.3 - 'MLST' Buffer Overflow (PoC)
CDex 1.96 - Buffer Overflow (PoC)
Zoom Linux Client 2.0.106600.0904 - Stack-Based Buffer Overflow
Zoom Linux Client 2.0.106600.0904 - Stack-Based Buffer Overflow (PoC)
D3DGear 5.00 Build 2175 - Buffer Overflow
D3DGear 5.00 Build 2175 - Buffer Overflow (PoC)
VX Search Enterprise 10.1.12 - Denial of Service
Disk Pulse Enterprise 10.1.18 - Denial of Service
Sync Breeze Enterprise 10.1.16 - Denial of Service
DiskBoss Enterprise 8.5.12 - Denial of Service
BarcodeWiz ActiveX Control < 6.7 - Buffer Overflow (PoC)
APNGDis 2.8 - 'filename' Stack Buffer Overflow
APNGDis 2.8 - 'filename' Stack Buffer Overflow (PoC)
wifirxpower - Local Buffer Overflow
wifirxpower - Local Buffer Overflow (PoC)
pinfo 0.6.9 - Local Buffer Overflow
Dmitry 1.3a - Local Buffer Overflow
pinfo 0.6.9 - Local Buffer Overflow (PoC)
Dmitry 1.3a - Local Buffer Overflow (PoC)
Mapscrn 2.03 - Local Buffer Overflow
Mapscrn 2.03 - Local Buffer Overflow (PoC)
Stunnel 3.24/4.00 - Daemon Hijacking (PoC)
Stunnel 3.24/4.00 - Daemon Hijacking
Linux Kernel 2.4.22 - 'do_brk()' Local Privilege Escalation (PoC)
Linux Kernel 2.4.22 - 'do_brk()' Local Privilege Escalation
Linux Kernel 2.4.23/2.6.0 - 'do_mremap()' Bound Checking Validator (PoC) (1)
Linux Kernel 2.4.23/2.6.0 - 'do_mremap()' Bound Checking Validator (PoC) (2)
Linux Kernel 2.4.23/2.6.0 - 'do_mremap()' Bound Checking Validator (1)
Linux Kernel 2.4.23/2.6.0 - 'do_mremap()' Bound Checking Validator (2)
Linux Kernel 2.2.25/2.4.24/2.6.2 - 'mremap()' Validator (PoC)
Linux Kernel 2.2.25/2.4.24/2.6.2 - 'mremap()' Validator
WinZip - MIME Parsing Overflow (PoC)
WinZip - MIME Parsing Overflow
glFTPd (Slackware 9.0/9.1/10.0) - Local Stack Overflow (PoC)
GNU Sharutils 4.2.1 - Local Format String (PoC)
glFTPd (Slackware 9.0/9.1/10.0) - Local Stack Overflow
GNU Sharutils 4.2.1 - Local Format String
GD Graphics Library - Local Heap Overflow (PoC)
libxml 2.6.12 nanoftp - Buffer Overflow (PoC)
GD Graphics Library - Local Heap Overflow
libxml 2.6.12 nanoftp - Buffer Overflow
WinRAR 3.4.1 - Corrupt '.ZIP' File (PoC)
WinRAR 3.4.1 - Corrupt '.ZIP' File
Exim 4.41 - 'dns_build_reverse' Local (PoC)
Exim 4.41 - 'dns_build_reverse' Local
tiffsplit (libtiff 3.8.2) - Local Stack Buffer Overflow (PoC)
Microsoft Windows - NtClose DeadLock (PoC) (MS06-030)
Microsoft Windows XP/2000 - 'Mrxsmb.sys' Local Privilege Escalation (PoC) (MS06-030)
tiffsplit (libtiff 3.8.2) - Local Stack Buffer Overflow
Microsoft Windows - NtClose DeadLock (MS06-030)
Microsoft Windows XP/2000 - 'Mrxsmb.sys' Local Privilege Escalation (MS06-030)
Microsoft Word 2000/2003 - Hlink Local Buffer Overflow (PoC)
Microsoft Word 2000/2003 - Hlink Local Buffer Overflow
Cheese Tracker 0.9.9 - Local Buffer Overflow (PoC)
Cheese Tracker 0.9.9 - Local Buffer Overflow
PHP 4.4.3/5.1.4 - 'objIndex' Local Buffer Overflow (PoC)
PHP 4.4.3/5.1.4 - 'objIndex' Local Buffer Overflow
BlazeVideo HDTV Player 2.1 - '.PLF' Local Buffer Overflow (PoC)
BlazeVideo HDTV Player 2.1 - '.PLF' Local Buffer Overflow
Rumpus 5.1 - Local Privilege Escalation / Remote FTP LIST (PoC)
Rumpus 5.1 - Local Privilege Escalation / Remote FTP LIST
PHP 4.4.6 - 'crack_opendict()' Local Buffer Overflow (PoC)
PHP 4.4.6 - 'snmpget()' Object id Local Buffer Overflow (PoC)
PHP 4.4.6 - 'crack_opendict()' Local Buffer Overflow
PHP 4.4.6 - 'snmpget()' Object id Local Buffer Overflow
PHP 4.4.6 - 'cpdf_open()' Local Source Code Disclosure (PoC)
PHP 4.4.6 - 'cpdf_open()' Local Source Code Disclosure
WinPcap 4.0 - 'NPF.SYS' Local Privilege Escalation (PoC)
Linux Kernel < 2.6.20.2 - 'IPv6_Getsockopt_Sticky' Memory Leak (PoC)
WinPcap 4.0 - 'NPF.SYS' Local Privilege Escalation
Linux Kernel < 2.6.20.2 - 'IPv6_Getsockopt_Sticky' Memory Leak
Kodak Image Viewer - TIF/TIFF Code Execution (PoC) (MS07-055)
Kodak Image Viewer - TIF/TIFF Code Execution (MS07-055)
Microsoft Jet Engine - '.MDB' File Parsing Stack Overflow (PoC)
Microsoft Jet Engine - '.MDB' File Parsing Stack Overflow
Microsoft Windows Media Player 6.4 - '.MP4' File Stack Overflow (PoC)
Microsoft Windows Media Player 6.4 - '.MP4' File Stack Overflow
DESlock+ < 3.2.6 - 'LIST' Local Kernel Memory Leak (PoC)
DESlock+ < 3.2.6 - 'LIST' Local Kernel Memory Leak
XnView 1.93.6 - '.taac' Local Buffer Overflow (PoC)
XnView 1.93.6 - '.taac' Local Buffer Overflow
OllyDBG 1.10 and ImpREC 1.7f - Export Name Buffer Overflow (PoC)
Poppler 0.8.4 - libpoppler Uninitialized pointer Code Execution (PoC)
OllyDBG 1.10 and ImpREC 1.7f - Export Name Buffer Overflow
Poppler 0.8.4 - libpoppler Uninitialized pointer Code Execution
Microsoft Windows Server 2003 - Token Kidnapping Local (PoC)
Microsoft Windows Server 2003 - Token Kidnapping Local
Debian - Symlink In Login Arbitrary File Ownership (PoC)
Debian - Symlink In Login Arbitrary File Ownership
Trend Micro Internet Security Pro 2009 - Priviliege Escalation (PoC)
Trend Micro Internet Security Pro 2009 - Priviliege Escalation
Atomix Virtual Dj Pro 6.0 - Local Stack Buffer Overflow (PoC) (SEH)
Atomix Virtual Dj Pro 6.0 - Local Stack Buffer Overflow (SEH)
Linux Kernel 2.6.31-rc7 - 'AF_LLC getsockname' 5-Byte Stack Disclosure (PoC)
Linux Kernel 2.6.31-rc7 - 'AF_LLC getsockname' 5-Byte Stack Disclosure
Portable E.M Magic Morph 1.95b - '.MOR' File Stack Buffer Overflow (PoC)
Portable E.M Magic Morph 1.95b - '.MOR' File Stack Buffer Overflow
GPG2/Kleopatra 2.0.11 - Malformed Certificate (PoC)
GPG2/Kleopatra 2.0.11 - Malformed Certificate
Alleycode 2.21 - Local Overflow (SEH) (PoC)
Alleycode 2.21 - Local Overflow (SEH)
GPG4Win GNU - Privacy Assistant (PoC)
GPG4Win GNU - Privacy Assistant
VMware Fusion 2.0.5 - vmx86 kext Local (PoC)
VMware Fusion 2.0.5 - vmx86 kext Local
Mozilla Codesighs - Memory Corruption (PoC)
Mozilla Codesighs - Memory Corruption
Winamp 5.05 < 5.13 - '.ini' Local Stack Buffer Overflow (PoC)
Winamp 5.05 < 5.13 - '.ini' Local Stack Buffer Overflow
LDAP - Injection (PoC)
LDAP - Injection
QuickZip 4.x - '.zip' Local Universal Buffer Overflow (PoC)
QuickZip 4.x - '.zip' Local Universal Buffer Overflow
ZippHo 3.0.6 - '.zip' Local Stack Buffer Overflow (PoC)
Crimson Editor r3.70 - Overwrite (SEH) (PoC)
Kenward Zipper 1.4 - Local Stack Buffer Overflow (PoC)
ZippHo 3.0.6 - '.zip' Local Stack Buffer Overflow
Crimson Editor r3.70 - Overwrite (SEH)
Kenward Zipper 1.4 - Local Stack Buffer Overflow
Stud_PE 2.6.05 - Local Stack Overflow (PoC)
Stud_PE 2.6.05 - Local Stack Overflow
Zip Unzip 6.0 - '.zip' Local Stack Buffer Overflow (PoC)
Zip Unzip 6.0 - '.zip' Local Stack Buffer Overflow
EDraw Flowchart ActiveX Control 2.3 - '.edd parsing' Buffer Overflow (PoC)
EDraw Flowchart ActiveX Control 2.3 - '.edd parsing' Buffer Overflow
Easyzip 2000 3.5 - '.zip' Local Stack Buffer Overflow (PoC)
Easyzip 2000 3.5 - '.zip' Local Stack Buffer Overflow
PhotoFiltre Studio X - '.tif' Local Buffer Overflow (PoC)
Beyond Compare 3.0.13 b9599 - '.zip' Local Stack Buffer Overflow (PoC)
PhotoFiltre Studio X - '.tif' Local Buffer Overflow
Beyond Compare 3.0.13 b9599 - '.zip' Local Stack Buffer Overflow
Shellzip 3.0 Beta 3 - '.zip' Local Stack Buffer Overflow (PoC)
Shellzip 3.0 Beta 3 - '.zip' Local Stack Buffer Overflow
Audio Converter 8.1 - Local Stack Buffer Overflow (PoC)
Audio Converter 8.1 - Local Stack Buffer Overflow
Audio Converter 8.1 - Local Stack Buffer Overflow (PoC) ROP/WPM
SureThing CD Labeler - '.m3u/.pls' Unicode Stack Overflow (PoC)
Audio Converter 8.1 - Local Stack Buffer Overflow ROP/WPM
SureThing CD Labeler - '.m3u/.pls' Unicode Stack Overflow
BlazeDVD 5.1 (Windows 7) - '.plf' File Stack Buffer Overflow (PoC) (ASLR + DEP Bypass)
BlazeDVD 5.1 (Windows 7) - '.plf' File Stack Buffer Overflow (ASLR + DEP Bypass)
Acoustica Audio Converter Pro 1.1 (build 25) - '.mp3 / .wav / .ogg / .wma' Local Heap Overflow (PoC)
Acoustica Audio Converter Pro 1.1 (build 25) - '.mp3 / .wav / .ogg / .wma' Local Heap Overflow
Linux Kernel < 2.6.36-rc6 (RedHat / Ubuntu 10.04) - 'pktcdvd' Kernel Memory Disclosure (PoC)
Linux Kernel < 2.6.36-rc6 (RedHat / Ubuntu 10.04) - 'pktcdvd' Kernel Memory Disclosure
Oracle 10/11g - 'exp.exe?file' Local Buffer Overflow (PoC)
Oracle 10/11g - 'exp.exe?file' Local Buffer Overflow
PHP 5.3.6 - Local Buffer Overflow (ROP) (PoC)
PHP 5.3.6 - Local Buffer Overflow (ROP)
Xorg 1.4 < 1.11.2 - File Permission Change (PoC)
Xorg 1.4 < 1.11.2 - File Permission Change
Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3 - LSA Secrets
Linux Kernel 2.2.x - 'sysctl()' Memory Reading (PoC)
Linux Kernel 2.2.x - 'sysctl()' Memory Reading
Microsoft Windows Kernel - Intel x64 SYSRET (MS12-042) (PoC)
Microsoft Windows Kernel - Intel x64 SYSRET (MS12-042)
Linux Kernel 2.2.x/2.3/2.4.x - 'd_path()' Path Truncation (PoC)
Linux Kernel 2.2.x/2.3/2.4.x - 'd_path()' Path Truncation
HT Editor 2.0.20 - Local Buffer Overflow (ROP) (PoC)
HT Editor 2.0.20 - Local Buffer Overflow (ROP)
Linux Kernel 2.4 - SUID 'execve()' System Call Race Condition Executable File Read (PoC)
Linux Kernel 2.4 - SUID 'execve()' System Call Race Condition Executable File Read
Linux Kernel 2.6 - Console Keymap Local Command Injection (PoC)
Linux Kernel 2.6 - Console Keymap Local Command Injection
ACE Stream Media 2.1 - 'acestream://' Format String (PoC)
ACE Stream Media 2.1 - 'acestream://' Format String
Linux Kernel 3.13 - SGID Privilege Escalation (PoC)
Linux Kernel 3.13 - SGID Privilege Escalation
Comodo Internet Security - HIPS/Sandbox Escape (PoC)
Comodo Internet Security - HIPS/Sandbox Escape
Palringo 2.8.1 - Local Stack Buffer Overflow (PoC)
Palringo 2.8.1 - Local Stack Buffer Overflow
Linux Kernel (x86-64) - Rowhammer Privilege Escalation (PoC)
Rowhammer - NaCl Sandbox Escape (PoC)
Linux Kernel (x86-64) - Rowhammer Privilege Escalation
Rowhammer - NaCl Sandbox Escape
Fedora 21 setroubleshootd 3.2.22 - Local Privilege Escalation (PoC)
Fedora 21 setroubleshootd 3.2.22 - Local Privilege Escalation
Microsoft Windows - 'CNG.SYS' Kernel Security Feature Bypass (PoC) (MS15-052)
Microsoft Windows - 'CNG.SYS' Kernel Security Feature Bypass (MS15-052)
Linux (x86) - Memory Sinkhole Privilege Escalation (PoC)
Linux (x86) - Memory Sinkhole Privilege Escalation
Core FTP Server 1.2 - Local Buffer Overflow (PoC)
Core FTP Server 1.2 - Local Buffer Overflow
Microsoft Internet Explorer 11 (Windows 10) - VBScript Memory Corruption (PoC) (MS16-051)
Microsoft Internet Explorer 11 (Windows 10) - VBScript Memory Corruption (MS16-051)
VMware Virtual Machine Communication Interface (VMCI) - 'vmci.sys' (PoC)
VMware Virtual Machine Communication Interface (VMCI) - 'vmci.sys'
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition (PoC) (Write Access Method)
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition (Write Access Method)
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW PTRACE_POKEDATA' Race Condition (PoC) (Write Access Method)
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW PTRACE_POKEDATA' Race Condition (Write Access Method)
GNU Screen 4.5.0 - Local Privilege Escalation (PoC)
GNU Screen 4.5.0 - Local Privilege Escalation
Man-db 2.6.7.1 - Local Privilege Escalation (PoC)
Systemd 228 (SUSE 12 SP2 / Ubuntu Touch 15.04) - Local Privilege Escalation (PoC)
Man-db 2.6.7.1 - Local Privilege Escalation
Systemd 228 (SUSE 12 SP2 / Ubuntu Touch 15.04) - Local Privilege Escalation
Oracle VM VirtualBox < 5.0.32 / < 5.1.14 - Local Privilege Escalation (PoC)
Oracle VM VirtualBox < 5.0.32 / < 5.1.14 - Local Privilege Escalation
TeamViewer 11 < 13 (Windows 10 x86) - Inline Hooking / Direct Memory Modification Permission Change (PoC)
TeamViewer 11 < 13 (Windows 10 x86) - Inline Hooking / Direct Memory Modification Permission Change
Multiple CPUs - 'Spectre' Information Disclosure (PoC)
Multiple CPUs - 'Spectre' Information Disclosure
Linux Kernel 3.10.0-514.21.2.el7.x86_64 / 3.10.0-514.26.1.el7.x86_64 (CentOS 7) - SUID Position Independent Executable 'PIE' Local Privilege Escalation
glibc ld.so - Memory Leak / Buffer Overflow
GNU C Library Dynamic Loader glibc ld.so - Memory Leak / Buffer Overflow
Microsoft IIS 5.0 - WebDAV Remote (PoC)
Microsoft IIS 5.0 - WebDAV Remote
Microsoft Windows Server 2000 - RSVP Server Authority Hijacking (PoC)
Microsoft Windows Server 2000 - RSVP Server Authority Hijacking
ISC BIND 8.2.x - 'TSIG' Remote Stack Overflow (4)
Titan FTP Server - Long Command Heap Overflow (PoC)
Titan FTP Server - Long Command Heap Overflow
SLX Server 6.1 - Arbitrary File Creation (PoC)
SLX Server 6.1 - Arbitrary File Creation
zgv 5.5 - Multiple Arbitrary Code Executions (PoC)
zgv 5.5 - Multiple Arbitrary Code Executions
Microsoft Internet Explorer - Remote Code Execution (PoC)
Microsoft Internet Explorer - Remote Code Execution
Exim 4.43 - 'auth_spa_server()' Remote (PoC)
Exim 4.43 - 'auth_spa_server()' Remote
Microsoft Windows - DTC Remote (PoC) (MS05-051) (2)
Microsoft Windows - DTC Remote (MS05-051) (2)
Watchfire AppScan QA 5.0.x - Remote Code Execution (PoC)
Watchfire AppScan QA 5.0.x - Remote Code Execution
KarjaSoft Sami FTP Server 2.0.1 - Remote Stack Buffer Overflow (PoC)
KarjaSoft Sami FTP Server 2.0.1 - Remote Stack Buffer Overflow
Microsoft Windows Media Player 7.1 < 10 - '.BMP' Heap Overflow (PoC) (MS06-005) (2)
Microsoft Windows Media Player 7.1 < 10 - '.BMP' Heap Overflow (MS06-005) (2)
RevilloC MailServer 1.21 - 'USER' Remote Buffer Overflow (PoC)
RevilloC MailServer 1.21 - 'USER' Remote Buffer Overflow
AIM Triton 1.0.4 - 'SipXtapi' Remote Buffer Overflow (PoC)
AIM Triton 1.0.4 - 'SipXtapi' Remote Buffer Overflow
Mozilla Firefox 1.5.0.4 - JavaScript Navigator Object Code Execution (PoC)
Mozilla Firefox 1.5.0.4 - JavaScript Navigator Object Code Execution
Easy File Sharing FTP Server 2.0 - 'PASS' Remote (PoC)
Easy File Sharing FTP Server 2.0 - 'PASS' Remote
BulletProof FTP Client 2.45 - Remote Buffer Overflow (PoC)
BulletProof FTP Client 2.45 - Remote Buffer Overflow
Intel Centrino ipw2200BG - Wireless Driver Remote Overflow (PoC)
Intel Centrino ipw2200BG - Wireless Driver Remote Overflow
WebMod 0.48 - Content-Length Remote Buffer Overflow (PoC)
WebMod 0.48 - Content-Length Remote Buffer Overflow
OpenBSD - ICMPv6 Fragment Remote Execution (PoC)
OpenBSD - ICMPv6 Fragment Remote Execution
Microsoft Internet Explorer 7 - Arbitrary File Rewrite (PoC) (MS07-027)
Microsoft Internet Explorer 7 - Arbitrary File Rewrite (MS07-027)
Apple Safari 3 for Windows Beta - Remote Command Execution (PoC)
Apple Safari 3 for Windows Beta - Remote Command Execution
Flash Player/Plugin Video - File Parsing Remote Code Execution (PoC)
Flash Player/Plugin Video - File Parsing Remote Code Execution
Apple QuickTime (Multiple Browsers) - Command Execution (PoC)
Apple QuickTime (Multiple Browsers) - Command Execution
Apple QuickTime /w IE .qtl Version XAS - Remote (PoC)
Apple QuickTime /w IE .qtl Version XAS - Remote
QuickTime Player 7.3.1.70 - 'RTSP' Remote Buffer Overflow (PoC)
QuickTime Player 7.3.1.70 - 'RTSP' Remote Buffer Overflow
ImageShack Toolbar 4.5.7 - 'FileUploader' Class InsecureMethod (PoC)
ImageShack Toolbar 4.5.7 - 'FileUploader' Class InsecureMethod
HP Software Update - 'Hpufunction.dll 4.0.0.1' Insecure Method (PoC)
HP Software Update - 'Hpufunction.dll 4.0.0.1' Insecure Method
Microsoft Internet Explorer - Print Table of Links Cross-Zone Scripting (PoC)
Microsoft Internet Explorer - Print Table of Links Cross-Zone Scripting
Apache Tomcat < 6.0.18 - 'utf8' Directory Traversal (PoC)
Apache Tomcat < 6.0.18 - 'utf8' Directory Traversal
MicroTik RouterOS 3.13 - SNMP write (Set request) (PoC)
MicroTik RouterOS 3.13 - SNMP write (Set request)
Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload (PoC)
Microsoft PicturePusher - ActiveX Cross-Site Arbitrary File Upload
Opera 9.52/9.60 - Persistent Cross-Site Scripting Code Execution (PoC)
Opera 9.52/9.60 - Persistent Cross-Site Scripting Code Execution
Opera 9.61 - 'opera:historysearch' Code Execution (PoC)
Opera 9.61 - 'opera:historysearch' Code Execution
Chilkat Crypt - ActiveX Arbitrary File Creation/Execution (PoC)
Chilkat Crypt - ActiveX Arbitrary File Creation/Execution
Microsoft XML Core Services DTD - Cross-Domain Scripting (PoC) (MS08-069)
Microsoft XML Core Services DTD - Cross-Domain Scripting (MS08-069)
Google Chrome 1.0.154.46 - '(ChromeHTML://)' Injection (PoC)
Google Chrome 1.0.154.46 - '(ChromeHTML://)' Injection
GeoVision LiveX 8200 - ActiveX 'LIVEX_~1.OCX' File Corruption (PoC)
GeoVision LiveX 8200 - ActiveX 'LIVEX_~1.OCX' File Corruption
Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption (PoC) (MS09-002)
Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption (MS09-002)
Zervit Web Server 0.4 - Directory Traversal / Memory Corruption (PoC)
Zervit Web Server 0.4 - Directory Traversal / Memory Corruption
Apple Mac OSX - Java applet Remote Deserialization Remote (PoC) (2)
Apple Mac OSX - Java applet Remote Deserialization Remote (2)
VideoLAN VLC Media Player 1.0.2 - 'smb://' URI Stack Overflow (PoC)
VideoLAN VLC Media Player 1.0.2 - 'smb://' URI Stack Overflow
Microsoft Internet Explorer 5/6/7 - Memory Corruption (PoC) (MS09-054)
Microsoft Internet Explorer 5/6/7 - Memory Corruption (MS09-054)
Pegasus Mail Client 4.51 - Remote Buffer Overflow (PoC)
Pegasus Mail Client 4.51 - Remote Buffer Overflow
TLS - Renegotiation (PoC)
TLS - Renegotiation
Adobe GetPlus get_atlcom 1.6.2.48 - ActiveX Remote Execution (PoC)
Trend Micro Web-Deployment - ActiveX Remote Execution (PoC)
Adobe GetPlus get_atlcom 1.6.2.48 - ActiveX Remote Execution
Trend Micro Web-Deployment - ActiveX Remote Execution
MX Simulator Server - Remote Buffer Overflow (PoC)
MX Simulator Server - Remote Buffer Overflow
Apache OFBiz - Remote Execution (via SQL Execution) (PoC)
Apache OFBiz - Admin Creator (PoC)
Apache OFBiz - Remote Execution (via SQL Execution)
Apache OFBiz - Admin Creator
Adobe Flash / Reader - Live Malware (PoC)
Adobe Flash / Reader - Live Malware
Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - 'SoftekATL.dll' Remote Buffer Overflow (PoC)
Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - 'SoftekATL.dll' Remote Buffer Overflow
KingView 6.5.3 - SCADA HMI Heap Overflow (PoC)
KingView 6.5.3 - SCADA HMI Heap Overflow
Microsoft Data Access Components - Remote Overflow (PoC) (MS11-002)
Microsoft Data Access Components - Remote Overflow (MS11-002)
HP Data Protector Client 6.11 - 'EXEC_SETUP' Remote Code Execution (PoC)
HP Data Protector Client 6.11 - 'EXEC_CMD' Remote Code Execution (PoC)
HP Data Protector Client 6.11 - 'EXEC_SETUP' Remote Code Execution
HP Data Protector Client 6.11 - 'EXEC_CMD' Remote Code Execution
Solar FTP Server 2.1.1 - PASV Buffer Overflow (PoC)
Solar FTP Server 2.1.1 - PASV Buffer Overflow
Apache mod_proxy - Reverse Proxy Exposure (PoC)
Apache mod_proxy - Reverse Proxy Exposure
Quest Toad for Oracle Explain Plan Display ActiveX Control - 'QExplain2.dll 6.6.1.1115' Remote File Creation / Overwrite (PoC)
Quest Toad for Oracle Explain Plan Display ActiveX Control - 'QExplain2.dll 6.6.1.1115' Remote File Creation / Overwrite
Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control 'pnllmcli.dll 7.5.304.547' SaveMiniLaunchFile() Method Remote File Creation / Overwrite (PoC)
Quest vWorkspace 7.5 Connection Broker Client - ActiveX Control 'pnllmcli.dll 7.5.304.547' SaveMiniLaunchFile() Method Remote File Creation / Overwrite
Belkin G Wireless Router Firmware 5.00.12 - Remote Code Execution (PoC)
Belkin G Wireless Router Firmware 5.00.12 - Remote Code Execution
OpenVAS Manager 4.0 - Authentication Bypass (PoC)
OpenVAS Manager 4.0 - Authentication Bypass
w3tw0rk / Pitbull Perl IRC Bot - Remote Code Execution (PoC)
w3tw0rk / Pitbull Perl IRC Bot - Remote Code Execution
Legend Perl IRC Bot - Remote Code Execution (PoC)
Legend Perl IRC Bot - Remote Code Execution
dhclient 4.1 - Bash Environment Variable Command Injection (PoC) (Shellshock)
dhclient 4.1 - Bash Environment Variable Command Injection (Shellshock)
WebDrive 12.2 (Build #4172 ) - Remote Buffer Overflow (PoC)
WebDrive 12.2 (Build #4172 ) - Remote Buffer Overflow
Endian Firewall < 3.0.0 - OS Command Injection (Python) (PoC)
Endian Firewall < 3.0.0 - OS Command Injection (Python)
Fortigate OS 4.x < 5.0.7 - SSH Backdoor Access
OpenSSHd 7.2p2 - Username Enumeration (PoC)
OpenSSHd 7.2p2 - Username Enumeration
Apache Struts - REST Plugin With Dynamic Method Invocation Remote Code Execution
Intel Active Management Technology - System Privileges
Xplico - Remote Code Execution (Metasploit)
Oracle WebLogic < 10.3.6 - 'wls-wsat' Component Deserialisation Remote Command Execution
S9Y Serendipity 0.7-beta1 - SQL Injection (PoC)
S9Y Serendipity 0.7-beta1 - SQL Injection
AWStats 5.7 < 6.2 - Multiple Remote (PoC)
AWStats 5.7 < 6.2 - Multiple Remote
WoltLab Burning Book 1.1.2 - SQL Injection (PoC)
WoltLab Burning Book 1.1.2 - SQL Injection
Invision Power Board 2.1.7 - ACTIVE Cross-Site Scripting / SQL Injection
Invision Power Board (IP.Board) 2.1.7 - 'ACTIVE' Cross-Site Scripting / SQL Injection
EQdkp 1.3.2f - 'user_id' Authentication Bypass (PoC)
EQdkp 1.3.2f - 'user_id' Authentication Bypass
Invision Power Board 2.3.5 - Multiple Vulnerabilities (2)
Invision Power Board (IP.Board) 2.3.5 - Multiple Vulnerabilities (2)
FOSS Gallery Public 1.0 - Arbitrary File Upload (PoC)
FOSS Gallery Public 1.0 - Arbitrary File Upload
Flatnux 2009-01-27 - Cross-Site Scripting / Iframe Injection (PoC)
Flatnux 2009-01-27 - Cross-Site Scripting / Iframe Injection
Limbo CMS 1.0.4.2 - Cross-Site Request Forgery / Privilege Escalation (PoC)
Limbo CMS 1.0.4.2 - Cross-Site Request Forgery / Privilege Escalation
Invision Power Board 3.0.0b5 - Active Cross-Site Scripting / Full Path Disclosure
Invision Power Board (IP.Board) 3.0.0b5 - Active Cross-Site Scripting / Full Path Disclosure
Fuzzylime CMS 3.03a - Local Inclusion / Arbitrary File Corruption (PoC)
Fuzzylime CMS 3.03a - Local Inclusion / Arbitrary File Corruption
IPB (nv2) Awards < 1.1.0 - SQL Injection (PoC)
IPB (nv2) Awards < 1.1.0 - SQL Injection
X-Cart Pro 4.0.13 - SQL Injection (PoC)
X-Cart Pro 4.0.13 - SQL Injection
Simple Machines Forum (SMF) 1.1.8 - 'avatar' Remote PHP File Execute (PoC)
Simple Machines Forum (SMF) 1.1.8 - 'avatar' Remote PHP File Execute
IPB 3.0.1 - SQL Injection
Invision Power Board 3.0.1 - SQL Injection
WebsiteBaker 2.8.1 - Cross-Site Request Forgery (PoC)
WebsiteBaker 2.8.1 - Cross-Site Request Forgery
BS Auto Classifieds - 'info.php' SQL Injection (PoC)
BS Business Directory - 'articlesdetails.php' SQL Injection (PoC)
BS Classifieds Ads - 'articlesdetails.php' SQL Injection (PoC)
BS Events Directory - 'articlesdetails.php' SQL Injection (PoC)
BS Auto Classifieds - 'info.php' SQL Injection
BS Business Directory - 'articlesdetails.php' SQL Injection
BS Classifieds Ads - 'articlesdetails.php' SQL Injection
BS Events Directory - 'articlesdetails.php' SQL Injection
BigACE 2.7.3 - Cross-Site Request Forgery (Change Admin Password) (PoC)
BigACE 2.7.3 - Cross-Site Request Forgery (Change Admin Password)
Exponent CMS 2.0 Beta 1.1 - Cross-Site Request Forgery (Add Administrator Account) (PoC)
Exponent CMS 2.0 Beta 1.1 - Cross-Site Request Forgery (Add Administrator Account)
SWAT Samba Web Administration Tool - Cross-Site Request Forgery (PoC)
SWAT Samba Web Administration Tool - Cross-Site Request Forgery
Plone and Zope - Remote Command Execution (PoC)
Plone and Zope - Remote Command Execution
Invision Power Board 1.0/1.1/1.2 - 'admin.php' Cross-Site Scripting
Invision Power Board (IP.Board) 1.0/1.1/1.2 - 'admin.php' Cross-Site Scripting
Invision Power Board 1.x - 'index.php' showtopic Cross-Site Scripting
Invision Power Board (IP.Board) 1.x - 'index.php' showtopic Cross-Site Scripting
Invision Power Board 1.3 - Multiple Cross-Site Scripting Vulnerabilities
Invision Power Board (IP.Board) 1.3 - Multiple Cross-Site Scripting Vulnerabilities
Invision Power Board 1.3 - 'Pop' Cross-Site Scripting
Invision Power Board (IP.Board) 1.3 - 'Pop' Cross-Site Scripting
Invision Power Board 1.3 - 'SSI.php' Cross-Site Scripting
Invision Power Board (IP.Board) 1.3 - 'SSI.php' Cross-Site Scripting
Invision Power Services Invision Board 2.0.4 - Search Action Multiple Cross-Site Scripting Vulnerabilities
Invision Power Board (IP.Board) 2.0.4 - Search Action Multiple Cross-Site Scripting Vulnerabilities
Invision Power Board 1.x/2.0.3 - SML Code Script Injection
Invision Power Board (IP.Board) 1.x/2.0.3 - SML Code Script Injection
IPB (Invision Power Board) 1.x?/2.x/3.x - Admin Account Takeover
Invision Power Board 1.x?/2.x/3.x - Admin Account Takeover
Invision Power Board 2.0.3/2.1 - 'Act' Cross-Site Scripting
Invision Power Board (IP.Board) 2.0.3/2.1 - 'Act' Cross-Site Scripting
Invision Power Board 1.0.3 - Attached File Cross-Site Scripting
Invision Power Board (IP.Board) 1.0.3 - Attached File Cross-Site Scripting
Invision Power Services Invision Board 2.1 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities
Invision Power Board (IP.Board) 2.1 - 'admin.php' Multiple Cross-Site Scripting Vulnerabilities
Invision Power Services Invision Board 2.0.4 - 'index.php?st' Cross-Site Scripting
Invision Power Board (IP.Board) 2.0.4 - 'index.php?st' Cross-Site Scripting
Invision Power Services Invision Board 2.0.4 - Calendar Action Multiple Cross-Site Scripting Vulnerabilities
Invision Power Board (IP.Board) 2.0.4 - Calendar Action Multiple Cross-Site Scripting Vulnerabilities
Invision Power Services Invision Board 2.0.4 - Print Action 't' Cross-Site Scripting
Invision Power Services Invision Board 2.0.4 - Mail Action 'MID' Cross-Site Scripting
Invision Power Services Invision Board 2.0.4 - Help Action 'HID' Cross-Site Scripting
Invision Power Board (IP.Board) 2.0.4 - Print Action 't' Cross-Site Scripting
Invision Power Board (IP.Board) 2.0.4 - Mail Action 'MID' Cross-Site Scripting
Invision Power Board (IP.Board) 2.0.4 - Help Action 'HID' Cross-Site Scripting
Invision Power Board 1.x/2.x - Multiple SQL Injections
Invision Power Board (IP.Board) 1.x/2.x - Multiple SQL Injections
Invision Power Board 3.0 - Multiple HTML Injection / Information Disclosure Vulnerabilities
Invision Power Board (IP.Board) 3.0 - Multiple HTML Injection / Information Disclosure Vulnerabilities
Invision Power Board 3.0.3 - '.txt' MIME-Type Cross-Site Scripting
Invision Power Board (IP.Board) 3.0.3 - '.txt' MIME-Type Cross-Site Scripting
IP Board 3.x - Cross-Site Request Forgery / Token Hjiacking
Invision Power Board (IP.Board) 3.x - Cross-Site Request Forgery / Token Hjiacking
Invision Power Board 4.2.1 - 'searchText' Cross-Site Scripting
Invision Power Board (IP.Board) 4.2.1 - 'searchText' Cross-Site Scripting
TOTOLINK Routers - Backdoor / Remote Code Execution (PoC)
TOTOLINK Routers - Backdoor / Remote Code Execution
IP.Board 4.x - Persistent Cross-Site Scripting
Invision Power Board (IP.Board) 4.x - Persistent Cross-Site Scripting
IP.Board 4.1.4.x - Persistent Cross-Site Scripting
Invision Power Board (IP.Board) 4.1.4.x - Persistent Cross-Site Scripting
NETGEAR R7000 - Command Injection (PoC)
NETGEAR R7000 - Command Injection
WordPress Plugin Smart Google Code Inserter < 3.5 - Authentication Bypass / SQL Injection
WordPress Plugin Smart Google Code Inserter < 3.5 - Authentication Bypass / SQL Injection
Synology DiskStation Manager (DSM) < 6.1.3-15152 - 'forget_passwd.cgi' User Enumeration
Photos in Wifi 1.0.1 - Path Traversal
SonicWall NSA 6600/5600/4600/3600/2600/250M - Multiple Vulnerabilities
FiberHome LM53Q1 - Multiple Vulnerabilities
WordPress Plugin LearnDash 2.5.3 - Arbitrary File Upload
Vanilla < 2.1.5 - Cross-Site Request Forgery
Oracle PeopleSoft - 'PeopleSoftServiceListeningConnector' XML External Entity via DOCTYPE (PoC)
Oracle PeopleSoft - 'PeopleSoftServiceListeningConnector' XML External Entity via DOCTYPE
Joomla! 3.7.0 - 'com_fields' SQL Injection (PoC)
Joomla! 3.7.0 - 'com_fields' SQL Injection
Apache Struts 2.3.x Showcase - Remote Code Execution (PoC)
Apache Struts 2.3.x Showcase - Remote Code Execution
AIX - execve /bin/sh Shellcode (88 bytes)
Linux/x86 - chmod 777 /etc/sudoers Shellcode (36 bytes)
2018-01-09 05:02:30 +00:00
Offensive Security
f76fbb1072
DB: 2017-12-19
...
19 changes to exploits/shellcodes
CDex 1.96 - Buffer Overflow
Zoom Linux Client 2.0.106600.0904 - Command Injection
Zoom Linux Client 2.0.106600.0904 - Stack-Based Buffer Overflow
Firejail - Local Privilege Escalation
Firejail < 0.9.44.4 / < 0.9.38.8 LTS - Local Sandbox Escape
Linux kernel < 4.10.15 - Race Condition Privilege Escalation
Outlook for Android - Attachment Download Directory Traversal
Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit)
GoAhead httpd 2.5 < 3.6.5 - 'LD_PRELOAD' Remote Code Execution
Joomla! Component Guru Pro - SQL Injection
Joomla! Component Guru Pro - 'Itemid' SQL Injection
Joomla! Component User Bench 1.0 - 'userid' SQL Injection
Joomla! Component My Projects 2.0 - SQL Injection
vBulletin 5 - 'routestring' Unauthenticated Remote Code Execution
vBulletin 5 - 'cacheTemplates' Unauthenticated Remote Arbitrary File Deletion
Linksys WVBR0 - 'User-Agent' Remote Command Injection
Joomla! Component JB Visa 1.0 - 'visatype' SQL Injection
Joomla! Component Guru Pro - 'promocode' SQL Injection
Monstra CMS 3.0.4 - Arbitrary File Upload / Remote Code Execution
2017-12-19 05:02:17 +00:00
Offensive Security
9cea53a35b
DB: 2017-12-12
...
35 changes to exploits/shellcodes
MikroTik RouterBoard 6.39.2 / 6.40.5 DNS - Denial of Service
MikroTik 6.40.5 ICMP - Denial of Service
iOS/macOS - Kernel Double Free due to IOSurfaceRootUserClient not Respecting MIG Ownership Rules
macOS XNU Kernel - Memory Disclosure due to bug in Kernel API for Detecting Kernel Memory Disclosures
macOS - 'getrusage' Stack Leak Through struct Padding
macOS - 'necp_get_socket_attributes' so_pcb Type Confusion
LibTIFF pal2rgb 4.0.9 - Heap Buffer Overflow
Entrepreneur Dating Script 2.0.1 - 'marital' / 'gender' / 'country' / 'profileid' SQL Injection
Secure E-commerce Script 2.0.1 - 'searchcat' / 'searchmain' SQL Injection
Laundry Booking Script 1.0 - 'list?city' SQL Injection
Lawyer Search Script 1.1 - 'lawyer-list?city' SQL Injection
Multivendor Penny Auction Clone Script 1.0 - SQL Injection
Online Exam Test Application Script 1.6 - 'exams.php?sort' SQL Injection
Opensource Classified Ads Script 3.2 - SQL Injection
PHP Multivendor Ecommerce 1.0 - 'sid' / 'searchcat' / 'chid1' SQL Injection
Professional Service Script 1.0 - 'service-list?city' SQL Injection
Readymade PHP Classified Script 3.3 - 'subctid' / 'mctid' SQL Injection
Readymade Video Sharing Script 3.2 - SQL Injection
Responsive Realestate Script 3.2 - 'property-list?tbud' SQL Injection
Multireligion Responsive Matrimonial 4.7.2 - 'succid' SQL Injection
Responsive Events & Movie Ticket Booking Script 3.2.1 - 'findcity.php?q' SQL Injection
Multiplex Movie Theater Booking Script 3.1.5 - 'moid' / 'eid' SQL Injection
Single Theater Booking Script 3.2.1 - 'findcity.php?q' SQL Injection
Advanced Real Estate Script 4.0.7 - SQL Injection
Entrepreneur Bus Booking Script 3.0.4 - 'sourcebus' SQL Injection
MLM Forex Market Plan Script 2.0.4 - 'newid' / 'eventid' SQL Injection
MLM Forced Matrix 2.0.9 - 'newid' SQL Injection
Car Rental Script 2.0.4 - 'val' SQL Injection
Groupon Clone Script 3.01 - 'state_id' / 'search' SQL Injection
Muslim Matrimonial Script 3.02 - 'succid' SQL Injection
Advanced World Database 2.0.5 - SQL Injection
Resume Clone Script 2.0.5 - SQL Injection
Basic Job Site Script 2.0.5 - SQL Injection
Vanguard 1.4 - Arbitrary File Upload
Vanguard 1.4 - SQL Injection
2017-12-12 05:02:17 +00:00
Offensive Security
b546191ef2
DB: 2017-12-08
...
9 changes to exploits/shellcodes
Microsoft Windows Defender - Controlled Folder Bypass Through UNC Path
Wireshark 2.4.0 - 2.4.2 / 2.2.0 - 2.2.10 - CIP Safety Dissector Crash
Linux Kernel - DCCP Socket Use-After-Free
LaCie 5big Network 2.2.8 - Command Injection
Polycom Shell HDX Series - Traceroute Command Execution (Metasploit)
Claymore Dual ETH + DCR/SC/LBC/PASC GPU Miner - Stack Buffer Overflow / Path Traversal
FS IMDB Clone - 'id' SQL Injection
FS Facebook Clone - 'token' SQL Injection
OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting
2017-12-08 05:02:13 +00:00
Offensive Security
bb8b231f69
DB: 2017-12-02
...
8 changes to exploits/shellcodes
6 new exploits/shellcodes
Abyss Web Server < 2.11.6 - Heap Memory Corruption
HP iMC Plat 7.2 - Remote Code Execution
HP iMC Plat 7.2 - Remote Code Execution (2)
Kodi 15 - Web Interface Arbitrary File Access (
Kodi 15 - Web Interface Arbitrary File Access
Jobs2Careers / Coroflot Clone - SQL Injection
MistServer 2.12 - Cross-Site Scripting
Artica Web Proxy 3.06 - Remote Code Execution
2017-12-02 05:02:32 +00:00
Offensive Security
a24ecf72c3
DB: 2017-12-01
...
82 changes to exploits/shellcodes
32 new exploits/shellcodes
Mercury/32 Mail SMTPD - Unauthenticated Remote Stack Based Overrun (PoC)
Mercury/32 Mail SMTPD - Unauthenticated Remote Stack Overrun (PoC)
CA BrightStor HSM r11.5 - Remote Stack Based Overflow / Denial of Service
CA BrightStor HSM r11.5 - Remote Stack Overflow / Denial of Service
Rosoft Media Player 4.1.8 - RML Stack Based Buffer Overflow (PoC)
Rosoft Media Player 4.1.8 - RML Stack Buffer Overflow (PoC)
Aircrack-NG Tools svn r1675 - Remote Heap-Based Buffer Overflow
Aircrack-NG Tools svn r1675 - Remote Heap Buffer Overflow
FontForge - '.BDF' Font File Stack Based Buffer Overflow
FontForge - '.BDF' Font File Stack Buffer Overflow
Native Instruments Traktor Pro 1.2.6 - Stack Based Buffer Overflow
Native Instruments Traktor Pro 1.2.6 - Stack Buffer Overflow
Libmodplug 0.8.8.2 - '.abc' Stack Based Buffer Overflow (PoC)
Libmodplug 0.8.8.2 - '.abc' Stack Buffer Overflow (PoC)
Citrix XenApp / XenDesktop - Stack Based Buffer Overflow
Citrix XenApp / XenDesktop - Stack Buffer Overflow
Oracle DataDirect - Multiple Native Wire Protocol ODBC Drivers HOST Attribute Stack Based Buffer Overflows
Oracle DataDirect - Multiple Native Wire Protocol ODBC Drivers HOST Attribute Stack Buffer Overflows
Oracle DataDirect ODBC Drivers - HOST Attribute 'arsqls24.dll' Stack Based Buffer Overflow (PoC)
Oracle DataDirect ODBC Drivers - HOST Attribute 'arsqls24.dll' Stack Buffer Overflow (PoC)
IrfanView 4.33 - Format PlugIn '.TTF' File Parsing Stack Based Overflow
IrfanView 4.33 - Format PlugIn '.TTF' File Parsing Stack Overflow
Oracle Outside-In - '.LWP' File Parsing Stack Based Buffer Overflow
Oracle Outside-In - '.LWP' File Parsing Stack Buffer Overflow
mcrypt 2.6.8 - Stack Based Buffer Overflow (PoC)
mcrypt 2.6.8 - Stack Buffer Overflow (PoC)
MySQL (Linux) - Stack Based Buffer Overrun (PoC)
MySQL (Linux) - Heap Based Overrun (PoC)
MySQL (Linux) - Stack Buffer Overrun (PoC)
MySQL (Linux) - Heap Overrun (PoC)
Sony PC Companion 2.1 - 'DownloadURLToFile()' Stack Based Unicode Buffer Overflow
Sony PC Companion 2.1 - 'Load()' Stack Based Unicode Buffer Overflow
Sony PC Companion 2.1 - 'CheckCompatibility()' Stack Based Unicode Buffer Overflow
Sony PC Companion 2.1 - 'Admin_RemoveDirectory()' Stack Based Unicode Buffer Overflow
Sony PC Companion 2.1 - 'DownloadURLToFile()' Unicode Stack Buffer Overflow
Sony PC Companion 2.1 - 'Load()' Unicode Stack Buffer Overflow
Sony PC Companion 2.1 - 'CheckCompatibility()' Unicode Stack Buffer Overflow
Sony PC Companion 2.1 - 'Admin_RemoveDirectory()' Unicode Stack Buffer Overflow
DeleGate 7.8.x/8.x - SSLway Filter Remote Stack Based Buffer Overflow
DeleGate 7.8.x/8.x - SSLway Filter Remote Stack Buffer Overflow
GNU CFEngine 2.0.x/2.1 - AuthenticationDialogue Remote Heap Based Buffer Overrun (1)
GNU CFEngine 2.0.x/2.1 - AuthenticationDialogue Remote Heap Buffer Overrun (1)
Linux Kernel - 'SCTP_GET_ASSOC_STATS()' Stack Based Buffer Overflow
Linux Kernel - 'SCTP_GET_ASSOC_STATS()' Stack Buffer Overflow
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 2.0 - Stack Based Buffer Overflow Denial of Service
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 2.0 - Stack Buffer Overflow Denial of Service
Multiple Vendor Telnet Client - Env_opt_add Heap Based Buffer Overflow
Multiple Vendor Telnet Client - Env_opt_add Heap Buffer Overflow
SAS Integration Technologies Client 9.31_M1 'SASspk.dll' - Stack Based Overflow
SAS Integration Technologies Client 9.31_M1 'SASspk.dll' - Stack Overflow
Winamp 5.63 - Stack Based Buffer Overflow
Winamp 5.63 - Stack Buffer Overflow
Apple Mac OSX 10.x - '.zip' BOMStackPop()' Overflow
Apple Mac OSX 10.x - '.zip' 'BOMStackPop()' Overflow
Microsoft Internet Explorer 11 - MSHTML CPasteCommand::ConvertBitmaptoPng Heap-Based Buffer Overflow (MS14-056)
Microsoft Internet Explorer 11 - MSHTML CPasteCommand::ConvertBitmaptoPng Heap Buffer Overflow (MS14-056)
MPlayer 1.0 - AVIHeader.C Heap Based Buffer Overflow
MPlayer 1.0 - AVIHeader.C Heap Buffer Overflow
ProWizard 4 PC 1.62 - Multiple Remote Stack Based Buffer Overflow Vulnerabilities
WinUAE 1.4.4 - 'zfile.c' Stack Based Buffer Overflow
ProWizard 4 PC 1.62 - Multiple Remote Stack Buffer Overflow Vulnerabilities
WinUAE 1.4.4 - 'zfile.c' Stack Buffer Overflow
Google Android Web Browser - '.GIF' File Heap Based Buffer Overflow
Google Android Web Browser - '.GIF' File Heap Buffer Overflow
Oracle Outside In MDB - File Parsing Stack Based Buffer Overflow (PoC)
Oracle Outside In MDB - File Parsing Stack Buffer Overflow (PoC)
NASA Ames Research Center BigView 1.8 - '.PNM' Stack Based Buffer Overflow
NASA Ames Research Center BigView 1.8 - '.PNM' Stack Buffer Overflow
FFmpeg libavformat - 'psxstr.c' STR Data Heap Based Buffer Overflow
FFmpeg libavformat - 'psxstr.c' STR Data Heap Buffer Overflow
OpenVms 8.3 Finger Service - Stack Based Buffer Overflow
OpenVms 8.3 Finger Service - Stack Buffer Overflow
Free Download Manager - Stack Based Buffer Overflow
Free Download Manager - Stack Buffer Overflow
Sonique 2.0 - '.xpl' Remote Stack Based Buffer Overflow
Sonique 2.0 - '.xpl' Remote Stack Buffer Overflow
eXPert PDF 7.0.880.0 - '.pj' Heap Based Buffer Overflow
eXPert PDF 7.0.880.0 - '.pj' Heap Buffer Overflow
Adobe Flash - Heap Based Buffer Overflow Loading '.FLV' File with Nellymoser Audio Codec
Adobe Flash - Heap Based Buffer Overflow Due to Indexing Error When Loading FLV File
Adobe Flash - Heap Buffer Overflow Loading '.FLV' File with Nellymoser Audio Codec
Adobe Flash - Heap Buffer Overflow Due to Indexing Error When Loading FLV File
Valhala Honeypot 1.8 - Stack Based Buffer Overflow
Valhala Honeypot 1.8 - Stack Buffer Overflow
Microsoft Office 2007 - Malformed Document Stack Based Buffer Overflow
Microsoft Office 2007 - Malformed Document Stack Buffer Overflow
Xion Audio Player 1.5 build 155 - Stack Based Buffer Overflow
Xion Audio Player 1.5 build 155 - Stack Buffer Overflow
Mpxplay MultiMedia Commander 2.00a - '.m3u' Stack Based Buffer Overflow
Mpxplay MultiMedia Commander 2.00a - '.m3u' Stack Buffer Overflow
Last PassBroker 3.2.16 - Stack Based Buffer Overflow
Last PassBroker 3.2.16 - Stack Buffer Overflow
FreeType 2.6.1 - TrueType tt_cmap14_validate Parsing Heap Based Out-of-Bounds Reads
FreeType 2.6.1 - TrueType tt_cmap14_validate Parsing Heap Out-of-Bounds Reads
FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap Based Out-of-Bounds Read
FBZX 2.10 - Local Stack Based Buffer Overflow
TACK 1.07 - Local Stack Based Buffer Overflow
FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap Out-of-Bounds Read
FBZX 2.10 - Local Stack Buffer Overflow
TACK 1.07 - Local Stack Buffer Overflow
Gnome Nautilus 3.16 - Denial of Service
Wireshark - iseries_parse_packet Heap Based Buffer Overflow
Wireshark - dissect_tds7_colmetadata_token Stack Based Buffer Overflow
Wireshark - iseries_parse_packet Heap Buffer Overflow
Wireshark - dissect_tds7_colmetadata_token Stack Buffer Overflow
Wireshark - file_read 'wtap_read_bytes_or_eof/mp2t_find_next_pcr' Stack Based Buffer Overflow
Wireshark - file_read 'wtap_read_bytes_or_eof/mp2t_find_next_pcr' Stack Buffer Overflow
Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack Based Buffer Overflow
Wireshark - find_signature Stack Based Out-of-Bounds Read
Wireshark - AirPDcapPacketProcess Stack Based Buffer Overflow
Wireshark - getRate Stack Based Out-of-Bounds Read
Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack Buffer Overflow
Wireshark - find_signature Stack Out-of-Bounds Read
Wireshark - AirPDcapPacketProcess Stack Buffer Overflow
Wireshark - getRate Stack Out-of-Bounds Read
Wireshark - 'infer_pkt_encap' Heap Based Out-of-Bounds Read
Wireshark - 'AirPDcapDecryptWPABroadcastKey' Heap Based Out-of-Bounds Read (1)
Wireshark - 'infer_pkt_encap' Heap Out-of-Bounds Read
Wireshark - 'AirPDcapDecryptWPABroadcastKey' Heap Out-of-Bounds Read (1)
pdfium - CPDF_DIBSource::DownSampleScanline32Bit Heap Based Out-of-Bounds Read
pdfium - CPDF_TextObject::CalcPositionData Heap Based Out-of-Bounds Read
pdfium - CPDF_DIBSource::DownSampleScanline32Bit Heap Out-of-Bounds Read
pdfium - CPDF_TextObject::CalcPositionData Heap Out-of-Bounds Read
pdfium - CPDF_Function::Call Stack Based Buffer Overflow
pdfium - CPDF_Function::Call Stack Buffer Overflow
pdfium - opj_jp2_apply_pclr 'libopenjpeg' Heap Based Out-of-Bounds Read
pdfium - opj_j2k_read_mcc 'libopenjpeg' Heap Based Out-of-Bounds Read
Wireshark - 'iseries_check_file_type' Stack Based Out-of-Bounds Read
Wireshark - dissect_nhdr_extopt Stack Based Buffer Overflow
pdfium - opj_jp2_apply_pclr 'libopenjpeg' Heap Out-of-Bounds Read
pdfium - opj_j2k_read_mcc 'libopenjpeg' Heap Out-of-Bounds Read
Wireshark - 'iseries_check_file_type' Stack Out-of-Bounds Read
Wireshark - dissect_nhdr_extopt Stack Buffer Overflow
Wireshark - 'nettrace_3gpp_32_423_file_open' Stack Based Out-of-Bounds Read
Wireshark - dissect_ber_constrained_bitstring Heap Based Out-of-Bounds Read
Wireshark - 'nettrace_3gpp_32_423_file_open' Stack Out-of-Bounds Read
Wireshark - dissect_ber_constrained_bitstring Heap Out-of-Bounds Read
glibc - 'getaddrinfo' Stack Based Buffer Overflow (PoC)
glibc - 'getaddrinfo' Stack Buffer Overflow (PoC)
Wireshark - vwr_read_s2_s3_W_rec Heap Based Buffer Overflow
libxml2 - xmlDictAddString Heap Based Buffer Overread
libxml2 - xmlParseEndTag2 Heap Based Buffer Overread
libxml2 - xmlParserPrintFileContextInternal Heap Based Buffer Overread
libxml2 - htmlCurrentChar Heap Based Buffer Overread
Wireshark - vwr_read_s2_s3_W_rec Heap Buffer Overflow
libxml2 - xmlDictAddString Heap Buffer Overread
libxml2 - xmlParseEndTag2 Heap Buffer Overread
libxml2 - xmlParserPrintFileContextInternal Heap Buffer Overread
libxml2 - htmlCurrentChar Heap Buffer Overread
Kamailio 4.3.4 - Heap Based Buffer Overflow
Wireshark - dissect_pktc_rekey Heap Based Out-of-Bounds Read
Kamailio 4.3.4 - Heap Buffer Overflow
Wireshark - dissect_pktc_rekey Heap Out-of-Bounds Read
Wireshark - dissect_2008_16_security_4 Stack Based Buffer Overflow
Wireshark - dissect_2008_16_security_4 Stack Buffer Overflow
Wireshark - 'AirPDcapDecryptWPABroadcastKey' Heap Based Out-of-Bounds Read (2)
Wireshark - 'AirPDcapDecryptWPABroadcastKey' Heap Out-of-Bounds Read (2)
Microsoft Windows - 'gdi32.dll' Heap Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055)
Microsoft Windows - 'gdi32.dll' Heap Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055)
Graphite2 - GlyphCache::GlyphCache Heap Based Buffer Overflow
Graphite2 - GlyphCache::Loader Heap Based Overreads
Graphite2 - TtfUtil::CheckCmapSubtable12 Heap Based Overread
Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap Based Overread
Graphite2 - NameTable::getName Multiple Heap Based Out-of-Bounds Reads
Graphite2 - GlyphCache::GlyphCache Heap Buffer Overflow
Graphite2 - GlyphCache::Loader Heap Overreads
Graphite2 - TtfUtil::CheckCmapSubtable12 Heap Overread
Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap Overread
Graphite2 - NameTable::getName Multiple Heap Out-of-Bounds Reads
Foxit PDF Reader 1.0.1.0925 - CPDF_StreamContentParser::~CPDF_StreamContentParser Heap Based Memory Corruption
Foxit PDF Reader 1.0.1.0925 - CPDF_StreamContentParser::~CPDF_StreamContentParser Heap Memory Corruption
Microsoft Windows - 'gdi32.dll' Multiple DIB-Related EMF Record Handlers Heap Based Out-of-Bounds Reads/Memory Disclosure (MS16-074)
Microsoft Windows - 'gdi32.dll' Multiple DIB-Related EMF Record Handlers Heap Out-of-Bounds Reads/Memory Disclosure (MS16-074)
Microsoft Windows - GDI+ EMR_EXTTEXTOUTA / EMR_POLYTEXTOUTA Heap Based Buffer Overflow (MS16-097)
Microsoft Windows - GDI+ EMR_EXTTEXTOUTA / EMR_POLYTEXTOUTA Heap Buffer Overflow (MS16-097)
Microsoft Windows - 'gdi32.dll' EMR_SETDIBITSTODEVICE Heap-Based Out-of-Bounds Reads / Memory Disclosure
Microsoft Windows - 'gdi32.dll' EMR_SETDIBITSTODEVICE Heap Out-of-Bounds Reads / Memory Disclosure
Microsoft Windows - 'LoadUvsTable()' Heap-based Buffer Overflow
Microsoft Windows - 'LoadUvsTable()' Heap Buffer Overflow
Microsoft Windows - 'USP10!otlList::insertAt' Uniscribe Font Processing Heap-Based Buffer Overflow (MS17-011)
Microsoft Windows - Uniscribe Font Processing Heap-Based Out-of-Bounds Read/Write in 'USP10!AssignGlyphTypes' (MS17-011)
Microsoft Windows - Uniscribe Font Processing Heap-Based Memory Corruption in 'USP10!otlCacheManager::GlyphsSubstituted' (MS17-011)
Microsoft Windows - Uniscribe Font Processing Heap-Based Memory Corruption in 'USP10!MergeLigRecords' (MS17-011)
Microsoft Windows - Uniscribe Font Processing Heap-Based Buffer Overflow in 'USP10!ttoGetTableData' (MS17-011)
Microsoft Windows - Uniscribe Font Processing Heap-Based Out-of-Bounds Write in 'USP10!UpdateGlyphFlags' (MS17-011)
Microsoft Windows - Uniscribe Font Processing Heap-Based Memory Corruption Around 'USP10!BuildFSM' (MS17-011)
Microsoft Windows - 'USP10!otlList::insertAt' Uniscribe Font Processing Heap Buffer Overflow (MS17-011)
Microsoft Windows - Uniscribe Font Processing Heap Out-of-Bounds Read/Write in 'USP10!AssignGlyphTypes' (MS17-011)
Microsoft Windows - Uniscribe Font Processing Heap Memory Corruption in 'USP10!otlCacheManager::GlyphsSubstituted' (MS17-011)
Microsoft Windows - Uniscribe Font Processing Heap Memory Corruption in 'USP10!MergeLigRecords' (MS17-011)
Microsoft Windows - Uniscribe Font Processing Heap Buffer Overflow in 'USP10!ttoGetTableData' (MS17-011)
Microsoft Windows - Uniscribe Font Processing Heap Out-of-Bounds Write in 'USP10!UpdateGlyphFlags' (MS17-011)
Microsoft Windows - Uniscribe Font Processing Heap Memory Corruption Around 'USP10!BuildFSM' (MS17-011)
Microsoft Windows - Uniscribe Font Processing Multiple Heap-Based Out-of-Bounds and Wild Reads (MS17-011)
Microsoft Windows - Uniscribe Font Processing Multiple Heap Out-of-Bounds and Wild Reads (MS17-011)
Microsoft Windows - Uniscribe Heap-Based Out-of-Bounds Read in 'USP10!ScriptApplyLogicalWidth' Triggered via EMF (MS17-013)
Microsoft Windows - Uniscribe Heap Out-of-Bounds Read in 'USP10!ScriptApplyLogicalWidth' Triggered via EMF (MS17-013)
SAP SAPCAR 721.510 - Heap-Based Buffer Overflow
SAP SAPCAR 721.510 - Heap Buffer Overflow
Microsoft Windows - 'USP10!MergeLigRecords' Uniscribe Font Processing Heap-Based Memory Corruption
Microsoft Windows - 'USP10!MergeLigRecords' Uniscribe Font Processing Heap Memory Corruption
LAME 3.99.5 - 'III_dequantize_sample' Stack Based Buffer Overflow
LAME 3.99.5 - 'III_dequantize_sample' Stack Buffer Overflow
OpenJPEG - 'mqc.c' Heap-Based Buffer Overflow
OpenJPEG - 'mqc.c' Heap Buffer Overflow
tcprewrite - Heap-Based Buffer Overflow
tcprewrite - Heap Buffer Overflow
Dnsmasq < 2.78 - 2-byte Heap-Based Overflow
Dnsmasq < 2.78 - Heap-Based Overflow
Dnsmasq < 2.78 - Stack-Based Overflow
Dnsmasq < 2.78 - 2-byte Heap Overflow
Dnsmasq < 2.78 - Heap Overflow
Dnsmasq < 2.78 - Stack Overflow
binutils 2.29.51.20170921 - 'read_1_byte' Heap-Based Buffer Overflow
binutils 2.29.51.20170921 - 'read_1_byte' Heap Buffer Overflow
PHP 7.1.8 - Heap-Based Buffer Overflow
PHP 7.1.8 - Heap Buffer Overflow
QEMU - NBD Server Long Export Name Stack Buffer Overflow
Linux Kernel - 'The Huge Dirty Cow' Overwriting The Huge Zero Page
TerminatorX 3.81 - Local Stack Overflow / Privilege Escalation
TerminatorX 3.81 - Local Stack Overflow / Local Privilege Escalation
BSDi 3.0 inc - Local Buffer Overflow / Privilege Escalation
BSDi 3.0 inc - Local Buffer Overflow / Local Privilege Escalation
RedHat 6.1 - 'man' Local Overflow / Privilege Escalation
RedHat 6.1 - 'man' Local Overflow / Local Privilege Escalation
IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - '/usr/bin/lpstat' Local Overflow / Privilege Escalation
IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - '/usr/bin/lpstat' Local Overflow / Local Privilege Escalation
AIX lquerylv - Local Buffer Overflow / Privilege Escalation
AIX lquerylv - Local Buffer Overflow / Local Privilege Escalation
IRIX 5.3 - '/usr/sbin/iwsh' Local Buffer Overflow / Privilege Escalation
IRIX 5.3 - '/usr/sbin/iwsh' Local Buffer Overflow / Local Privilege Escalation
libxml 2.6.12 nanoftp - Remote Buffer Overflow (PoC)
libxml 2.6.12 nanoftp - Buffer Overflow (PoC)
Apple Mac OSX 10.3.8 - 'CF_CHARSET_PATH' Local Buffer Overflow / Privilege Escalation
Apple Mac OSX 10.3.8 - 'CF_CHARSET_PATH' Local Buffer Overflow / Local Privilege Escalation
Gopher 3.0.9 - '+VIEWS' Remote Client-Side Buffer Overflow
Gopher 3.0.9 - '+VIEWS' Client-Side Buffer Overflow
XMail 1.21 - '-t' Command Line Option Buffer Overflow / Privilege Escalation
XMail 1.21 - '-t' Command Line Option Local Buffer Overflow / Local Privilege Escalation
Linux Kernel 2.6.9 < 2.6.11 (RHEL 4) - 'SYS_EPoll_Wait' Integer Overflow / Privilege Escalation
Linux Kernel 2.6.9 < 2.6.11 (RHEL 4) - 'SYS_EPoll_Wait' Local Integer Overflow / Local Privilege Escalation
Microsoft Excel - Remote Code Execution
Microsoft Excel - Code Execution
HP-UX 11i - 'swpackage' Local Stack Overflow / Privilege Escalation
HP-UX 11i - 'swmodify' Local Stack Overflow / Privilege Escalation
HP-UX 11i - 'swpackage' Local Stack Overflow / Local Privilege Escalation
HP-UX 11i - 'swmodify' Local Stack Overflow / Local Privilege Escalation
Kaspersky Internet Security 6.0.0.303 - IOCTL KLICK Overflow / Privilege Escalation
Kaspersky Internet Security 6.0.0.303 - IOCTL KLICK Local Overflow / Local Privilege Escalation
News Rover 12.1 Rev 1 - Remote Stack Overflow (1)
News Rover 12.1 Rev 1 - Stack Overflow (1)
News Rover 12.1 Rev 1 - Remote Stack Overflow (2)
News Rover 12.1 Rev 1 - Stack Overflow (2)
FreeBSD mcweject 0.9 'Eject' - Local Buffer Overflow / Privilege Escalation
FreeBSD mcweject 0.9 'Eject' - Local Buffer Overflow / Local Privilege Escalation
Apple Mac OSX - mount_smbfs Stack Based Buffer Overflow
Apple Mac OSX - 'mount_smbfs' Local Stack Buffer Overflow
VideoLAN VLC Media Player 0.9.4 - '.TY' File Stack Based Buffer Overflow
VideoLAN VLC Media Player 0.9.4 - '.TY' Local Stack Buffer Overflow
Free Download Manager - Torrent File Parsing Multiple Remote Buffer Overflow Vulnerabilities (Metasploit)
Free Download Manager - '.Torrent' File Parsing Multiple Buffer Overflow Vulnerabilities (Metasploit)
MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack Based Buffer Overflows
MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack Buffer Overflows
Libmodplug - 's3m' Remote Buffer Overflow
Libmodplug - 's3m' Buffer Overflow
Microsoft Internet Explorer - 'wshom.ocx' (Run) ActiveX Remote Code Execution (Add Admin)
Microsoft Internet Explorer - 'wshom.ocx' (Run) ActiveX Code Execution (Add Admin)
EDraw Flowchart ActiveX Control 2.3 - '.edd parsing' Remote Buffer Overflow (PoC)
EDraw Flowchart ActiveX Control 2.3 - '.edd parsing' Buffer Overflow (PoC)
Microsoft Visio 2002 - '.DXF' File Stack based Overflow
Microsoft Visio 2002 - '.DXF' Local Stack Overflow
AOL 9.5 - 'Phobos.Playlist Import()' Stack Based Buffer Overflow (Metasploit)
AOL 9.5 - 'Phobos.Playlist Import()' Stack Buffer Overflow (Metasploit)
CCMPlayer 1.5 - '.m3u' Stack based Buffer Overflow (SEH) (Metasploit)
CCMPlayer 1.5 - '.m3u' Stack Buffer Overflow (SEH) (Metasploit)
CCMPlayer 1.5 - '.m3u' Stack based Buffer Overflow (Metasploit)
CCMPlayer 1.5 - '.m3u' Stack Buffer Overflow (Metasploit)
Foxit Reader 3.0 - Open Execute Action Stack Based Buffer Overflow (Metasploit)
Foxit Reader 3.0 - Open Execute Action Stack Buffer Overflow (Metasploit)
Sun Solaris 7.0 - '/usr/dt/bin/sdtcm_convert' Local Overflow / Privilege Escalation
Sun Solaris 7.0 - '/usr/dt/bin/sdtcm_convert' Local Overflow / Local Privilege Escalation
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - 'xlock' Local Overflow / Privilege Escalation (1)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - 'xlock' Local Overflow / Local Privilege Escalation (1)
BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Local Overflow / Privilege Escalation (1)
BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Local Overflow / Privilege Escalation (2)
BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Local Overflow / Privilege Escalation (3)
BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Local Overflow / Local Privilege Escalation (1)
BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Local Overflow / Local Privilege Escalation (2)
BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Local Overflow / Local Privilege Escalation (3)
S.u.S.E Linux 5.2 - 'gnuplot' Local Overflow / Privilege Escalation
S.u.S.E Linux 5.2 - 'gnuplot' Local Overflow / Local Privilege Escalation
Novell Netware 4.1/4.11 - SP5B Remote.NLM Weak Encryption
SuSE Linux 6.1/6.2 - 'cwdtools' Local Overflow / Privilege Escalation
SuSE Linux 6.1/6.2 - 'cwdtools' Local Overflow / Local Privilege Escalation
Solaris 7.0 - 'kcms_configure' Local Overflow / Privilege Escalation
Solaris 7.0 - 'kcms_configure' Local Overflow / Local Privilege Escalation
Internet Download Manager - Stack Based Buffer Overflow
Internet Download Manager - Local Stack Buffer Overflow
AFD 1.2.x - Working Directory Local Buffer Overflow / Privilege Escalation
AFD 1.2.x - Working Directory Local Buffer Overflow / Local Privilege Escalation
mcrypt 2.5.8 - Stack Based Overflow
mcrypt 2.5.8 - Local Stack Overflow
Sendmail 8.12.9 - 'Prescan()' Variant Remote Buffer Overrun
Microsoft Windows NT 4.0/2000 - POSIX Subsystem Buffer Overflow / Privilege Escalation (MS04-020)
Microsoft Windows NT 4.0/2000 - POSIX Subsystem Local Buffer Overflow / Local Privilege Escalation (MS04-020)
Newsgrab 0.5.0pre4 - Multiple Local/Remote Vulnerabilities
Linux Kernel 2.6.x - 'SYS_EPoll_Wait' Integer Overflow / Privilege Escalation (1)
Linux Kernel 2.6.x - 'SYS_EPoll_Wait' Local Integer Overflow / Local Privilege Escalation (1)
Winamp 5.12 - '.m3u' Stack Based Buffer Overflow
Winamp 5.12 - '.m3u' Local Stack Buffer Overflow
RealNetworks RealOne Player/RealPlayer - '.RM' Local Stack Buffer Overflow
KingView 6.53 - 'KChartXY' ActiveX Remote File Creation / Overwrite
KingView 6.53 - 'KChartXY' ActiveX File Creation / Overwrite
BlazeDVD Pro Player 6.1 - Stack Based Direct RET Buffer Overflow
BlazeDVD Pro Player 6.1 - Direct RET Local Stack Buffer Overflow
Super Player 3500 - '.m3u' Local Stack Based Buffer Overflow
Super Player 3500 - '.m3u' Local Stack Buffer Overflow
IBM AIX 5.2/5.3 - Capture Command Local Stack Based Buffer Overflow
IBM AIX 5.2/5.3 - Capture Command Local Stack Buffer Overflow
MuPDF 1.3 - Stack Based Buffer Overflow in xps_parse_color()
GKrellM GKrellWeather 0.2.7 Plugin - Local Stack Based Buffer Overflow
MuPDF 1.3 - Stack Buffer Overflow in xps_parse_color()
GKrellM GKrellWeather 0.2.7 Plugin - Local Stack Buffer Overflow
MicroP 0.1.1.1600 - '.mppl' Local Stack Based Buffer Overflow
MicroP 0.1.1.1600 - '.mppl' Local Stack Buffer Overflow
Anti-Trojan Elite 4.2.1 - 'Atepmon.sys' IOCTL Request Local Overflow / Privilege Escalation
Anti-Trojan Elite 4.2.1 - 'Atepmon.sys' IOCTL Request Local Overflow / Local Privilege Escalation
BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow Jump ESP
BlazeDVD Pro Player 6.1 - Stack Buffer Overflow Jump ESP
Symantec Endpoint Protection 11.x/12.x - Kernel Pool Overflow / Privilege Escalation
Symantec Endpoint Protection 11.x/12.x - Kernel Pool Overflow / Local Privilege Escalation
BlazeDVD Pro Player 7.0 - '.plf' Stack Based Direct RET Buffer Overflow
BlazeDVD Pro Player 7.0 - '.plf' Direct RET Local Stack Buffer Overflow
BlueVoda Website Builder 11 - '.bvp' Local Stack Buffer Overflow
Sim Editor 6.6 - Stack Based Buffer Overflow
Sim Editor 6.6 - Local Stack Buffer Overflow
Microsoft Word - Local Machine Zone Remote Code Execution (MS15-022)
Microsoft Word - Local Machine Zone Code Execution (MS15-022)
Symantec Encryption Desktop 10 - Local Buffer Overflow / Privilege Escalation
Symantec Encryption Desktop 10 - Local Buffer Overflow / Local Privilege Escalation
AdobeWorkgroupHelper 2.8.3.3 - Stack Based Buffer Overflow
AdobeWorkgroupHelper 2.8.3.3 - Local Stack Buffer Overflow
EasyCafe Server 2.2.14 - Remote File Read
Linux Kernel 4.4.1 - REFCOUNT Overflow Use-After-Free in Keyrings Privilege Escalation (1)
Linux Kernel 4.4.1 - REFCOUNT Overflow Use-After-Free in Keyrings Privilege Escalation (2)
Linux Kernel 4.4.1 - REFCOUNT Overflow Use-After-Free in Keyrings Local Privilege Escalation (1)
Linux Kernel 4.4.1 - REFCOUNT Overflow Use-After-Free in Keyrings Local Privilege Escalation (2)
Microsoft Excel - Out-of-Bounds Read Remote Code Execution (MS16-042)
Microsoft Excel - Out-of-Bounds Read Code Execution (MS16-042)
TRN Threaded USENET News Reader 3.6-23 - Local Stack Based Overflow
TRN Threaded USENET News Reader 3.6-23 - Local Stack Overflow
NRSS Reader 0.3.9 - Local Stack Based Overflow
NRSS Reader 0.3.9 - Local Stack Overflow
Linux - ecryptfs and /proc/$pid/environ Privilege Escalation
Linux - 'ecryptfs' '/proc/$pid/environ' Local Privilege Escalation
Cuckoo Sandbox Guest 2.0.1 - XMLRPC Privileged Remote Code Execution
Microsoft Word 2007/2010/2013/2016 - Out-of-Bounds Read Remote Code Execution (MS16-099)
Microsoft Word 2007/2010/2013/2016 - Out-of-Bounds Read Code Execution (MS16-099)
NVIDIA Driver - NvStreamKms 'PsSetCreateProcessNotifyRoutineEx Stack Buffer Overflow Callback / Privilege Escalation
NVIDIA Driver - NvStreamKms 'PsSetCreateProcessNotifyRoutineEx Local Stack Buffer Overflow Callback / Local Privilege Escalation
Cemu 1.6.4b - Information Leak / Buffer Overflow (Emulator Breakout)
Microsoft Remote Desktop Client for Mac 8.0.36 - Remote Code Execution
Microsoft Remote Desktop Client for Mac 8.0.36 - Code Execution
Man-db 2.6.7.1 - Local Privilege Escalation (PoC)
Malwarebytes Anti-Malware < 2.0.3 / Anti-Exploit < 1.03.1.1220 - Update Remote Code Execution (Metasploit)
Malwarebytes Anti-Malware < 2.0.3 / Anti-Exploit < 1.03.1.1220 - Update Code Execution (Metasploit)
Nitro Pro PDF Reader 11.0.3.173 - Javascript API Remote Code Execution (Metasploit)
Nitro Pro PDF Reader 11.0.3.173 - Javascript API Code Execution (Metasploit)
PDF-XChange Viewer 2.5 Build 314.0 - Remote Code Execution
PDF-XChange Viewer 2.5 Build 314.0 - Code Execution
Jungo DriverWizard WinDriver < 12.4.0 - Kernel Pool Overflow / Privilege Escalation (1)
Jungo DriverWizard WinDriver < 12.4.0 - Kernel Pool Overflow / Local Privilege Escalation (1)
Jungo DriverWizard WinDriver < 12.4.0 - Kernel Pool Overflow / Privilege Escalation (2)
Jungo DriverWizard WinDriver < 12.4.0 - Kernel Pool Overflow / Local Privilege Escalation (2)
UCOPIA Wireless Appliance < 5.1.8 - Local Privilege Escalation
UCOPIA Wireless Appliance < 5.1.8 - Restricted Shell Escape
UCOPIA Wireless Appliance < 5.1.8 - Local Privilege Escalation
UCOPIA Wireless Appliance < 5.1.8 - Restricted Shell Escape
Microsoft Windows 10 Creators Update (version 1703) (x86) - 'WARBIRD' 'NtQuerySystemInformation ' Kernel Local Privilege Escalation
macOS High Sierra - Root Privilege Escalation (Metasploit)
lftp 2.6.9 - Remote Stack based Overflow
lftp 2.6.9 - Remote Stack Overflow
BlueCoat WinProxy 6.0 R1c - 'Host' Remote Stack/SEH Overflow
BlueCoat WinProxy 6.0 R1c - 'Host' Remote Stack Overflow (SEH)
KarjaSoft Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC)
KarjaSoft Sami FTP Server 2.0.1 - Remote Stack Buffer Overflow (PoC)
HP Photo Creative 2.x audio.Record.1 - ActiveX Control Remote Stack Based Buffer Overflow
HP Photo Creative 2.x audio.Record.1 - ActiveX Control Remote Stack Buffer Overflow
Microsoft MPEG Layer-3 Audio - Stack Based Overflow (MS10-026) (Metasploit)
Microsoft MPEG Layer-3 Audio - Stack Overflow (MS10-026) (Metasploit)
Citrix Gateway - ActiveX Control Stack Based Buffer Overflow (Metasploit)
Citrix Gateway - ActiveX Control Stack Buffer Overflow (Metasploit)
Viscom Software Movie Player Pro SDK ActiveX 6.8 - Stack-Based Buffer Overflow (Metasploit)
Viscom Software Movie Player Pro SDK ActiveX 6.8 - Stack Buffer Overflow (Metasploit)
Novell Netware 4.1/4.11 - SP5B Remote.NLM Weak Encryption
Sendmail 8.12.9 - 'Prescan()' Variant Remote Buffer Overrun
Jordan Windows Telnet Server 1.0/1.2 - 'Username' Stack Based Buffer Overrun (1)
Jordan Windows Telnet Server 1.0/1.2 - 'Username' Stack Based Buffer Overrun (2)
Jordan Windows Telnet Server 1.0/1.2 - 'Username' Stack Based Buffer Overrun (3)
Jordan Windows Telnet Server 1.0/1.2 - 'Username' Stack Buffer Overrun (1)
Jordan Windows Telnet Server 1.0/1.2 - 'Username' Stack Buffer Overrun (2)
Jordan Windows Telnet Server 1.0/1.2 - 'Username' Stack Buffer Overrun (3)
GNU CFEngine 2.0.x/2.1 - AuthenticationDialogue Remote Heap Based Buffer Overrun (2)
GNU CFEngine 2.0.x/2.1 - AuthenticationDialogue Remote Heap Buffer Overrun (2)
Newsgrab 0.5.0pre4 - Multiple Local/Remote Vulnerabilities
RealNetworks RealOne Player/RealPlayer - '.RM' File Remote Stack Based Buffer Overflow
Trend Micro ServerProtect 5.58 - 'SpntSvc.exe' Remote Stack Based Buffer Overflow
Trend Micro ServerProtect 5.58 - 'SpntSvc.exe' Remote Stack Buffer Overflow
Skulltag Huffman 0.97d-beta4.1 - Packet Decompression Remote Heap Based Buffer Overflow
Skulltag Huffman 0.97d-beta4.1 - Packet Decompression Remote Heap Buffer Overflow
AkkyWareHOUSE '7-zip32.dll' 4.42 - Heap Based Buffer Overflow
AkkyWareHOUSE '7-zip32.dll' 4.42 - Heap Buffer Overflow
Xine-Lib 1.1.11 - Multiple Heap Based Remote Buffer Overflow Vulnerabilities
Xine-Lib 1.1.11 - Multiple Heap Remote Buffer Overflow Vulnerabilities
Vim - 'mch_expand_wildcards()' Heap Based Buffer Overflow
Vim - 'mch_expand_wildcards()' Heap Buffer Overflow
Acunetix 8 build 20120704 - Remote Stack Based Overflow
Acunetix 8 build 20120704 - Remote Stack Overflow
Mozilla Firefox 3.5.3 / SeaMonkey 1.1.17 - 'libpr0n' .GIF Parser Heap Based Buffer Overflow
Mozilla Firefox 3.5.3 / SeaMonkey 1.1.17 - 'libpr0n' .GIF Parser Heap Buffer Overflow
TORQUE Resource Manager 2.5.x < 2.5.13 - Stack Based Buffer Overflow Stub
TORQUE Resource Manager 2.5.x < 2.5.13 - Stack Buffer Overflow Stub
glibc - 'getaddrinfo' Stack Based Buffer Overflow
glibc - 'getaddrinfo' Remote Stack Buffer Overflow
BlueVoda Website Builder 11 - '.bvp' File Stack Based Buffer Overflow
Sunway ForceControl 6.1 - Multiple Heap Based Buffer Overflow Vulnerabilities
Sunway ForceControl 6.1 - Multiple Heap Buffer Overflow Vulnerabilities
R2/Extreme 1.65 - Stack Based Buffer Overflow / Directory Traversal
R2/Extreme 1.65 - Stack Buffer Overflow / Directory Traversal
Alligra Calligra - Heap Based Buffer Overflow
Alligra Calligra - Heap Buffer Overflow
Aloaha PDF Suite - Stack Based Buffer Overflow
Aloaha PDF Suite - Remote Stack Buffer Overflow
EasyCafe Server 2.2.14 - Remote File Read
Cuckoo Sandbox Guest 2.0.1 - XMLRPC Privileged Remote Code Execution
ZScada Modbus Buffer 2.0 - Stack-Based Buffer Overflow (Metasploit)
ZScada Modbus Buffer 2.0 - Stack Buffer Overflow (Metasploit)
Fatek Automation PLC WinProladder 3.11 Build 14701 - Stack-Based Buffer Overflow (Metasploit)
Fatek Automation PLC WinProladder 3.11 Build 14701 - Stack Buffer Overflow (Metasploit)
pfSense - Authenticated Group Member Remote Command Execution (Metasploit)
Almnzm - 'COOKIE: customer' SQL Injection
Tutorialms 1.4 (show) - SQL Injection
Tutorialms 1.4 - 'show' SQL Injection
osCommerce 2.3.4.1 - Arbitrary File Upload
Knowledge Base Enterprise Edition 4.62.00 - SQL Injection
Knowledge Base Enterprise Edition 4.62.0 - SQL Injection
WordPress Plugin Users Ultra 1.5.50 - Unrestricted Arbitrary File Upload
phpDolphin 2.0.5 - Multiple Vulnerabilities
OpenFire 3.10.2 < 4.0.1 - Multiple Vulnerabilities
AbanteCart 1.2.7 - Cross-Site Scripting
MyBB < 1.8.3 (with PHP 5.6 < 5.6.11) - Remote Code Execution
EyesOfNetwork (EON) 5.0 - Remote Code Execution
EyesOfNetwork (EON) 5.0 - SQL Injection
EyesOfNetwork (EON) 5.0 - Remote Code Execution
EyesOfNetwork (EON) 5.0 - SQL Injection
ViMbAdmin 3.0.15 - Multiple Cross-Site Request Forgery Vulnerabilities
Symantec Messaging Gateway 10.6.3-2 - Unauthenticated root Remote Command Execution
Symantec Messaging Gateway 10.6.3-2 - Unauthenticated Root Remote Command Execution
phpCollab 2.5.1 - Arbitrary File Upload
phpCollab 2.5.1 - SQL Injection
phpCollab 2.5.1 - Arbitrary File Upload
phpCollab 2.5.1 - SQL Injection
Synology StorageManager 5.2 - Remote Root Command Execution
Synology StorageManager 5.2 - Root Remote Command Execution
WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal
2017-12-01 10:57:46 +00:00
Offensive Security
d304cc3d3e
DB: 2017-11-24
...
116602 new exploits
Too many to list!
2017-11-24 20:56:23 +00:00
Offensive Security