Offensive Security
8ce122cbaf
DB: 2017-04-04
...
3 new exploits
BackBox OS - Denial of Service
Apache Tomcat 6/7/8/9 - Information Disclosure
Zyxel_ EMG2926 < V1.00(AAQT.4)b8 - OS Command Injection
2017-04-04 05:01:25 +00:00
Offensive Security
0320cba051
DB: 2017-04-02
...
6 new exploits
Microsoft Internet Explorer 11 - Crash PoC (1)
Microsoft Internet Explorer 11 - Crash (PoC) (1)
Microsoft Windows SQL Server - Denial of Service Remote Exploit (MS03-031)
Microsoft Windows SQL Server - Remote Denial of Service (MS03-031)
Microsoft Exchange Server 2000 - XEXCH50 Heap Overflow PoC (MS03-046)
Microsoft Exchange Server 2000 - XEXCH50 Heap Overflow (PoC) (MS03-046)
Microsoft Windows - MSDTC Service Remote Memory Modification PoC (MS05-051)
Microsoft Windows - MSDTC Service Remote Memory Modification (PoC) (MS05-051)
Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow PoC (MS06-005) (1)
Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow (PoC) (MS06-005) (1)
Microsoft Windows - '.png' File IHDR Block Denial of Service PoC (1)
Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (1)
Microsoft Windows - '.png' File IHDR Block Denial of Service PoC (3)
Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (3)
Microsoft Windows - '.png' File IHDR Block Denial of Service PoC (2)
Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (2)
Apple Airport - 802.11 Probe Response Kernel Memory Corruption PoC (Metasploit)
Apple Airport - 802.11 Probe Response Kernel Memory Corruption (PoC) (Metasploit)
Microsoft Windows - DNS Resolution Remote Denial of Service PoC (MS06-041)
Microsoft Windows - DNS Resolution Remote Denial of Service (PoC) (MS06-041)
Microsoft Excel - Malformed Palette Record Denial of Service PoC (MS07-002)
Microsoft Excel - Malformed Palette Record Denial of Service (PoC) (MS07-002)
BaoFeng2 - 'mps.dll' ActiveX Multiple Remote Buffer Overflow PoCs
BaoFeng2 - 'mps.dll' ActiveX Multiple Remote Buffer Overflow (PoCs)
Visual Basic - 'vbe6.dll' Local Stack Overflow PoC / Denial of Service
Visual Basic - 'vbe6.dll' Local Stack Overflow (PoC) / Denial of Service
freeSSHd 1.2.1 - Remote Stack Overflow PoC Authenticated
freeSSHd 1.2.1 - Authenticated Remote Stack Overflow (PoC)
Microsoft Internet Explorer GDI+ - PoC (MS08-052)
Microsoft Internet Explorer GDI+ - (PoC) (MS08-052)
Microsoft Windows - GDI+ PoC (MS08-052) (2)
Microsoft Windows - GDI+ (PoC) (MS08-052) (2)
Microsoft Windows - InternalOpenColorProfile Heap Overflow PoC (MS08-046)
GuildFTPd 0.999.8.11/0.999.14 - Heap Corruption PoC/Denial of Service
Microsoft Windows - InternalOpenColorProfile Heap Overflow (PoC) (MS08-046)
GuildFTPd 0.999.8.11/0.999.14 - Heap Corruption (PoC) / Denial of Service
Apple Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray)
Apple Safari - 'ARGUMENTS' Array Integer Overflow (PoC) (New Heap Spray)
Adobe Acrobat Reader - JBIG2 Local Buffer Overflow PoC (2)
Adobe Acrobat Reader - JBIG2 Local Buffer Overflow (PoC) (2)
eZip Wizard 3.0 - Local Stack Buffer Overflow PoC (SEH)
eZip Wizard 3.0 - Local Stack Buffer Overflow (PoC) (SEH)
Chasys Media Player 1.1 - '.pls' Local Buffer Overflow PoC (SEH)
Chasys Media Player 1.1 - '.pls' Local Buffer Overflow (PoC) (SEH)
Mozilla Firefox XSL - Parsing Remote Memory Corruption PoC (1)
Mozilla Firefox XSL - Parsing Remote Memory Corruption (PoC) (1)
Mozilla Firefox XSL - Parsing Remote Memory Corruption PoC (2)
Mozilla Firefox XSL - Parsing Remote Memory Corruption (PoC) (2)
Microsoft Internet Explorer - EMBED Memory Corruption PoC (MS09-014)
Microsoft Internet Explorer - EMBED Memory Corruption (PoC) (MS09-014)
DigiMode Maya 1.0.2 - '.m3u' / '.m3l' Buffer Overflow PoCs
DigiMode Maya 1.0.2 - '.m3u' / '.m3l' Buffer Overflow (PoCs)
AIMP 2.51 build 330 - ID3v1/ID3v2 Tag Remote Stack Buffer Overflow PoC (SEH)
AIMP 2.51 build 330 - ID3v1/ID3v2 Tag Remote Stack Buffer Overflow (PoC) (SEH)
MySQL 5.0.45 - Authenticated COM_CREATE_DB Format String PoC
MySQL 5.0.45 - Authenticated COM_CREATE_DB Format String (PoC)
otsAV DJ/TV/Radio - Multiple Local Heap Overflow PoCs
otsAV DJ/TV/Radio - Multiple Local Heap Overflow (PoCs)
JetAudio 7.5.3 COWON Media Center - '.wav' Crash
Streaming Audio Player 0.9 - (skin) Local Stack Overflow PoC (SEH)
Soritong MP3 Player 1.0 - (SKIN) Local Stack Overflow PoC (SEH)
Streaming Audio Player 0.9 - 'skin' Local Stack Overflow (PoC) (SEH)
Soritong MP3 Player 1.0 - 'SKIN' Local Stack Overflow (PoC) (SEH)
Tuniac 090517c - '.m3u' Local File Crash (PoC)
HTML Email Creator & Sender 2.3 - Local Buffer Overflow PoC (SEH)
HTML Email Creator & Sender 2.3 - Local Buffer Overflow (PoC) (SEH)
PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow PoC (1)
PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow PoC (2)
PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow (PoC) (1)
PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow (PoC) (2)
BigAnt Server 2.50 SP6 - '.zip' Local Buffer Overflow PoC (2)
BigAnt Server 2.50 SP6 - '.zip' Local Buffer Overflow (PoC) (2)
Eureka Email Client 2.2q - PoC Buffer Overflow
Eureka Email Client 2.2q - Buffer Overflow (PoC)
Microsoft Windows 7 / Server 2008 R2 - Remote Kernel Crash
Microsoft Windows 7 / 2008 R2 - Remote Kernel Crash
Picpuz 2.1.1 - Buffer Overflow Denial of Service/PoC
Picpuz 2.1.1 - Buffer Overflow Denial of Service (PoC)
Total MultiMedia Features - Denial of Service PoC for Sony Ericsson Phones
Total MultiMedia Features - Sony Ericsson Phones Denial of Service (PoC)
Mozilla Firefox 3.6 - (XML parser) Memory Corruption PoC/Denial of Service
Mozilla Firefox 3.6 - (XML parser) Memory Corruption (PoC) / Denial of Service
iPhone FTP Server (WiFi FTP) by SavySoda - Denial of Service/PoC
iPhone FTP Server (WiFi FTP) by SavySoda - Denial of Service (PoC)
RCA DCM425 Cable Modem - micro_httpd Denial of Service/PoC
RCA DCM425 Cable Modem - 'micro_httpd' Denial of Service (PoC)
Free MP3 CD Ripper 2.6 - '.wav' PoC
Free MP3 CD Ripper 2.6 - '.wav' (PoC)
Anyzip 1.1 - '.zip' PoC (SEH)
Anyzip 1.1 - '.zip' (PoC) (SEH)
Microsoft Windows - SMB Client-Side Bug PoC (MS10-006)
Microsoft Windows - SMB Client-Side Bug (PoC) (MS10-006)
Webby WebServer - PoC SEH control
Webby WebServer - SEH Control (PoC)
FreeBSD 8.0 ftpd - off-by one PoC (FreeBSD-SA-10:05)
FreeBSD 8.0 ftpd (FreeBSD-SA-10:05) - Off- By One (PoC)
Microsoft Windows Vista/Server 2008 - NtUserCheckAccessForIntegrityLevel Use-After-Free
Microsoft Windows Vista/2008 - NtUserCheckAccessForIntegrityLevel Use-After-Free
AoAAudioExtractor 2.0.0.0 - ActiveX PoC (SEH)
AoAAudioExtractor 2.0.0.0 - ActiveX (PoC) (SEH)
Mozilla Firefox - Memory Corruption PoC (Simplified)
Mozilla Firefox - (Simplified) Memory Corruption (PoC)
Microsoft Windows - Win32k Pointer Dereferencement PoC (MS10-098)
Microsoft Windows - Win32k Pointer Dereferencement (PoC) (MS10-098)
Elecard MPEG Player 5.7 - Local Buffer Overflow PoC (SEH)
Elecard MPEG Player 5.7 - Local Buffer Overflow (PoC) (SEH)
Microsoft Windows XP - WmiTraceMessageVa Integer Truncation PoC (MS11-011)
Microsoft Windows XP - WmiTraceMessageVa Integer Truncation (PoC) (MS11-011)
Real player 14.0.2.633 - Buffer Overflow / Denial of ServiceExploit
Real player 14.0.2.633 - Buffer Overflow / Denial of Service
IrfanView 4.28 - .ICO With Transparent Colour Denial of Service / Remote Denial of Service
IrfanView 4.28 - .ICO Without Transparent Colour Denial of Service / Remote Denial of Service
IrfanView 4.28 - '.ICO' With Transparent Colour Denial of Service / Remote Denial of Service
IrfanView 4.28 - '.ICO' Without Transparent Colour Denial of Service / Remote Denial of Service
Microsoft Windows Vista/Server 2008 - 'nsiproxy.sys' Local Kernel Denial of Service
Microsoft Windows Vista/2008 - 'nsiproxy.sys' Local Kernel Denial of Service
D-Link DSL-2650U - Denial of Service/PoC
D-Link DSL-2650U - Denial of Service (PoC)
Microsoft Windows - '.fon' Kernel-Mode Buffer Overrun PoC (MS11-077)
Microsoft Windows - '.fon' Kernel-Mode Buffer Overrun (PoC) (MS11-077)
Opera 11.52 - PoC Denial of Service
Opera 11.52 - Denial of Service (PoC)
Microsoft Win32k - Null Pointer De-reference PoC (MS11-077)
Microsoft Win32k - Null Pointer De-reference (PoC) (MS11-077)
Microsoft Windows - 'afd.sys' PoC (MS11-046)
Microsoft Windows - 'afd.sys' (PoC) (MS11-046)
Microsoft Windows XP - Keyboard Layouts Pool Corruption LPE PoC (MS12-034)
Microsoft Windows XP - Keyboard Layouts Pool Corruption LPE (PoC) (MS12-034)
Wyse - Machine Remote Power off (DOS) without any Privilege (Metasploit)
Wyse - Unauthenticated Machine Remote Power Off )Denial of Service) (Metasploit)
Microsoft Windows Server 2000/NT 4.0 - TCP/IP Printing Service Denial of Service
Microsoft Windows NT 4/2000 - TCP/IP Printing Service Denial of Service
Pure-FTPd 1.0.21 (CentOS 6.2 / Ubuntu 8.04) - Crash PoC (Null Pointer Dereference)
Pure-FTPd 1.0.21 (CentOS 6.2 / Ubuntu 8.04) - Null Pointer Dereference Crash (PoC)
FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (1)
FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (2)
FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (3)
FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (4)
FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (5)
FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (1)
FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (2)
FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (3)
FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (4)
FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (5)
Microsoft Windows Server 2000/NT - Terminal Server Service RDP Denial of Service
Microsoft Windows NT / 2000 - Terminal Server Service RDP Denial of Service
Microsoft Windows Server 2000/NT 4 - TCP Stack Denial of Service (1)
Microsoft Windows Server 2000/NT 4 - TCP Stack Denial of Service (2)
Microsoft Windows NT 4/2000 - TCP Stack Denial of Service (1)
Microsoft Windows NT 4/2000 - TCP Stack Denial of Service (2)
Microsoft Windows Server 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (1)
Microsoft Windows Server 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (2)
Microsoft Windows XP/2000/NT 4 - Network Share Provider SMB Request Buffer Overflow (1)
Microsoft Windows XP/2000/NT 4 - Network Share Provider SMB Request Buffer Overflow (2)
Microsoft PoCket Internet Explorer 3.0 - Denial of Service
Microsoft Pocket Internet Explorer 3.0 - Denial of Service
Microsoft Windows - HWND_BROADCAST PoC (MS13-005)
Microsoft Windows - HWND_BROADCAST (PoC) (MS13-005)
Boilsoft RM TO MP3 Converter 1.72 - '.wav' Crash PoC
Boilsoft RM TO MP3 Converter 1.72 - '.wav' Crash (PoC)
Apple Safari 3 for Windows - Document.Location Denial of Service
Apple Safari 3 for Windows - 'Document.Location' Denial of Service
PotPlayer 1.5.42509 Beta - Denial of Service (Integer Division by Zero Exploit)
PotPlayer 1.5.42509 Beta - Integer Division by Zero Denial of Service
Apple Safari 3.0.x - for Windows Document.Location.Hash Buffer Overflow
Apple Safari 3.0.x for Windows - 'Document.Location.Hash' Buffer Overflow
Android Web Browser - GIF File Heap Based Buffer Overflow
Google Android Web Browser - '.GIF' File Heap Based Buffer Overflow
Android Web Browser - BMP File Integer Overflow
Google Android Web Browser - '.BMP' File Integer Overflow
Gold MP4 Player 3.3 - Buffer Overflow PoC (SEH)
Gold MP4 Player 3.3 - Buffer Overflow (PoC) (SEH)
Microsoft Windows Server 2003/Vista - 'UnhookWindowsHookEx' Local Denial of Service
Microsoft Windows Vista/2003 - 'UnhookWindowsHookEx' Local Denial of Service
Microsoft Internet Explorer 8 / 9 / 10 - CInput Use-After-Free Crash PoC (MS14-035)
Microsoft Internet Explorer 8 / 9 / 10 - CInput Use-After-Free Crash (PoC) (MS14-035)
Microsoft Internet Explorer 9/10 - CFormElement Use-After-Free and Memory Corruption PoC (MS14-035)
Microsoft Internet Explorer 9/10 - CFormElement Use-After-Free and Memory Corruption (PoC) (MS14-035)
Microsoft Internet Explorer - Memory Corruption PoC (MS14-029)
Microsoft Internet Explorer - Memory Corruption (PoC) (MS14-029)
UniPDF 1.1 - Crash (PoC) (SEH)
Brasero CD/DVD Burner 3.4.1 - '.m3u' Buffer Overflow Crash (PoC)
Microsoft Windows - 'HTTP.sys' PoC (MS15-034)
Microsoft Windows - 'HTTP.sys' (PoC) (MS15-034)
UniPDF 1.2 - 'xml' Buffer Overflow Crash (PoC)
Microsoft Internet Explorer 11 - Crash PoC (2)
Microsoft Internet Explorer 11 - Crash (PoC) (2)
Apple macOS/IOS 10.12.2(16C67) - mach_msg Heap Overflow
Apple macOS/IOS 10.12.2 (16C67) - 'mach_msg' Heap Overflow
QNX RTOS 6.3.0 - Insecure rc.local Permissions Plus System Crash
QNX RTOS 6.3.0 - Insecure 'rc.local' Permissions System Crash / Privilege Escalation
Microsoft Windows - NtClose DeadLock PoC (MS06-030)
Microsoft Windows XP/2000 - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030)
Microsoft Windows - NtClose DeadLock (PoC) (MS06-030)
Microsoft Windows XP/2000 - 'Mrxsmb.sys' Privilege Escalation (PoC) (MS06-030)
PHP 5.2.0 / PHP with PECL ZIP 1.8.3 - zip:// URL Wrapper Buffer Overflow
PHP 5.2.0 / PHP with PECL ZIP 1.8.3 - 'zip://' URL Wrapper Buffer Overflow
Apache Tomcat (Windows) - runtime.getRuntime().exec() Privilege Escalation
Apache Tomcat (Windows) - 'runtime.getRuntime().exec()' Privilege Escalation
Atomix Virtual Dj Pro 6.0 - Stack Buffer Overflow PoC (SEH)
Atomix Virtual Dj Pro 6.0 - Stack Buffer Overflow (PoC) (SEH)
Streaming Audio Player 0.9 - (skin) Local Stack Overflow (SEH)
Streaming Audio Player 0.9 - 'skin' Local Stack Overflow (SEH)
Tuniac 090517c - '.m3u' Local File Crash (PoC)
Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) (1)
Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit)
Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) (1)
Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit)
Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit) (1)
Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit)
Media Jukebox 8.0.400 - Buffer Overflow (SEH) (Metasploit)
Microsoft HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (3)
Microsoft HTML Help Workshop 4.74 - '.hhp' Index Buffer Overflow (Metasploit) (3)
Microsoft HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (2)
Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) (2)
Microsoft HTML Help Workshop 4.74 - '.hhp' Cotent Buffer Overflow (Metasploit) (2)
Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) (2)
Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit) (2)
Microsoft HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (4)
Microsoft HTML Help Workshop 4.74 - '.hhp' compiled Buffer Overflow (Metasploit) (4)
Magix Musik Maker 16 - '.mmm' Stack Buffer Overflow (without egg-hunter) (Metasploit)
Magix Musik Maker 16 - '.mmm' Stack Buffer Overflow (Without Egg-Hunter) (Metasploit)
PHP 5.3.6 - Buffer Overflow PoC (ROP)
PHP 5.3.6 - Buffer Overflow (ROP) (PoC)
Microsoft Windows Server 2000/NT 4 - DLL Search Path
Microsoft Windows NT 4/2000 - DLL Search Path
Microsoft Windows Server 2000/NT 4 - NTFS File Hiding
Microsoft Windows NT 4/2000 - NTFS File Hiding
Microsoft Windows Server 2000/NT 4.0 - Process Handle Local Privilege Elevation
Microsoft Windows NT 4/2000 - Process Handle Local Privilege Elevation
Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (1)
Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (2)
Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (3)
Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (4)
Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (5)
Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (6)
Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (7)
Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (8)
Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (1)
Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (2)
Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (3)
Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (4)
Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (5)
Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (6)
Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (7)
Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (8)
Microsoft Windows Server 2000/NT 4/XP - NetDDE Privilege Escalation (1)
Microsoft Windows Server 2000/NT 4/XP - NetDDE Privilege Escalation (2)
Microsoft Windows XP/2000/NT 4 - NetDDE Privilege Escalation (1)
Microsoft Windows XP/2000/NT 4 - NetDDE Privilege Escalation (2)
Microsoft Windows Server 2000/NT 4 - Local Descriptor Table Privilege Escalation (MS04-011)
Microsoft Windows NT 4/2000 - Local Descriptor Table Privilege Escalation (MS04-011)
Microsoft Windows Server 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020)
Microsoft Windows NT 4/2000 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020)
PHP 4.x/5.0/5.1 with Sendmail Mail Function - additional_parameters Argument Arbitrary File Creation
PHP 4.x/5.0/5.1 with Sendmail Mail Function - 'additional_parameters' Argument Arbitrary File Creation
Mozilla Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution (Metasploit)
Microsoft Windows Server 2003/2008/XP/Vista - WMI Service Isolation Privilege Escalation
Microsoft Windows XP/Vista/2003/2008 - WMI Service Isolation Privilege Escalation
Adobe Reader for Android - addJavascriptInterface Exploit (Metasploit)
Adobe Reader for Android - 'addJavascriptInterface' Exploit (Metasploit)
UniPDF 1.1 - Crash PoC (SEH overwritten)
Brasero CD/DVD Burner 3.4.1 - 'm3u' Buffer Overflow Crash (PoC)
UniPDF 1.2 - 'xml' Buffer Overflow Crash (PoC)
Microsoft Windows - 'CNG.SYS' Kernel Security Feature Bypass PoC (MS15-052)
Microsoft Windows - 'CNG.SYS' Kernel Security Feature Bypass (PoC) (MS15-052)
Android - get_user/put_user Exploit (Metasploit)
Google Android - get_user/put_user Exploit (Metasploit)
Microsoft Windows 7 < 10 / Server 2008 < 2012 R2 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell)
Microsoft Windows 7 < 10 / 2008 < 2012 R2 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell)
Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (C#)
Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (C#)
Android 4.2 Browser and WebView - 'addJavascriptInterface' Code Execution (Metasploit)
Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) (2)
Mozilla Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution (Metasploit)
Google Android 4.2 Browser and WebView - 'addJavascriptInterface' Code Execution (Metasploit)
MOXA MediaDBPlayback - ActiveX Control Buffer Overflow (Metasploit)
MOXA Device Manager Tool 2.1 - Buffer Overflow (Metasploit)
ProFTPd 1.2.9rc2 - ASCII File Remote Code Execution
ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution (1)
Veritas Backup Exec - Remote File Access Exploit (Windows) (Metasploit)
Novell ZENworks 6.5 - Desktop/Server Management Remote Stack Overflow (Metasploit)
MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (1)
Novell eDirectory 8.7.3 - iMonitor Remote Stack Overflow (Metasploit)
Novell ZENworks 6.5 - Desktop/Server Management Remote Stack Overflow (Metasploit)
MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit)
Novell eDirectory 8.7.3 - iMonitor Remote Stack Overflow (Metasploit)
Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow PoC (MS06-005) (2)
Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow (PoC) (MS06-005) (2)
Ultr@VNC 1.0.1 - client Log::ReallyPrint Buffer Overflow
Ultr@VNC 1.0.1 - 'client Log::ReallyPrint' Buffer Overflow
Sybase EAServer 5.2 - (WebConsole) Remote Stack Overflow (Metasploit)
Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit) (1)
D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (1)
Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit)
D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit)
ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution
ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution (2)
Microsoft Internet Explorer 7 - Arbitrary File Rewrite PoC (MS07-027)
Microsoft Internet Explorer 7 - Arbitrary File Rewrite (PoC) (MS07-027)
CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit) (1)
CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit)
ImageStation - 'SonyISUpload.cab 1.0.0.38' ActiveX Buffer Overflow
ImageStation - 'SonyISUpload.cab' 1.0.0.38 ActiveX Buffer Overflow
IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow
IntelliTamper 2.0.7 - HTML Parser Remote Buffer Overflow
Microsoft XML Core Services DTD - Cross-Domain Scripting PoC (MS08-069)
Microsoft XML Core Services DTD - Cross-Domain Scripting (PoC) (MS08-069)
Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption PoC (MS09-002)
Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption (PoC) (MS09-002)
Apple Mac OSX - Java applet Remote Deserialization Remote PoC (2)
Apple Mac OSX - Java applet Remote Deserialization Remote (PoC) (2)
Microsoft Windows live messenger plus! fileserver 1.0 - Directory Traversal
Microsoft Windows Live Messenger Plus! Fileserver 1.0 - Directory Traversal
JetAudio 7.5.3 COWON Media Center - '.wav' Crash
DistCC Daemon - Command Execution (Metasploit) (1)
DistCC Daemon - Command Execution (Metasploit)
Apple QuickTime RTSP 10.4.0 < 10.5.0 (OSX) - Content-Type Overflow (Metasploit)
mDNSResponder 10.4.0 / 10.4.8 (OSX) - UPnP Location Overflow (Metasploit)
Apple QuickTime RTSP 10.4.0 < 10.5.0 (OSX) - Content-Type Overflow (Metasploit)
mDNSResponder 10.4.0 / 10.4.8 (OSX) - UPnP Location Overflow (Metasploit)
Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (1)
Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit)
Veritas NetBackup - Remote Command Execution (Metasploit) (1)
Veritas NetBackup - Remote Command Execution (Metasploit)
Pegasus Mail Client 4.51 - PoC Buffer Overflow
Pegasus Mail Client 4.51 - Buffer Overflow (PoC)
Irix LPD tagprinter - Command Execution (Metasploit) (1)
Irix LPD tagprinter - Command Execution (Metasploit)
Xtacacsd 4.1.2 - report() Buffer Overflow (Metasploit) (1)
Xtacacsd 4.1.2 - 'report()' Buffer Overflow (Metasploit)
Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (1)
Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit)
Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) (2)
Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit)
Tandberg E & EX & C Series Endpoints - Default Credentials for Root Account
Tandberg E & EX & C Series Endpoints - Default Root Account Credentials
Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (2)
Veritas NetBackup - Remote Command Execution (Metasploit) (2)
Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (2)
Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (1)
D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (2)
Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit) (2)
CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) (1)
CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit)
MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2)
Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (2)
Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) (1)
CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit) (2)
httpdx - tolog() Function Format String (Metasploit) (1)
httpdx - 'tolog()' Function Format String (Metasploit) (1)
Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit) (1)
Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit)
httpdx - tolog() Function Format String (Metasploit) (2)
httpdx - 'tolog()' Function Format String (Metasploit) (2)
Irix LPD tagprinter - Command Execution (Metasploit) (2)
Xtacacsd 4.1.2 - report() Buffer Overflow (Metasploit) (2)
DistCC Daemon - Command Execution (Metasploit) (2)
HP Data Protector Client 6.11 - EXEC_SETUP Remote Code Execution PoC (ZDI-11-056)
HP Data Protector Client 6.11 - EXEC_CMD Remote Code Execution PoC (ZDI-11-055)
HP Data Protector Client 6.11 - 'EXEC_SETUP' Remote Code Execution (PoC)
HP Data Protector Client 6.11 - 'EXEC_CMD' Remote Code Execution (PoC)
Mozilla Firefox 3.6.16 - mChannel Use-After-Free (Metasploit) (1)
Mozilla Firefox 3.6.16 (Windows) - mChannel Use-After-Free (Metasploit) (1)
Opera 10/11 - (bad nesting with frameset tag) Memory Corruption (Metasploit)
Opera 10/11 - Bad Nesting with Frameset Tag Memory Corruption (Metasploit)
Mozilla Firefox 3.6.16 - mChannel Use-After-Free (Metasploit) (2)
Mozilla Firefox 3.6.16 (OSX) - mChannel Use-After-Free (Metasploit) (2)
HP SiteScope - Remote Code Execution (Metasploit) (1)
HP SiteScope (Linux/Windows) - Remote Code Execution (Metasploit)
Microsoft Windows Server 2000/NT 4/XP - Help Facility ActiveX Control Buffer Overflow
Microsoft Windows XP/2000/NT 4 - Help Facility ActiveX Control Buffer Overflow
Microsoft Windows Server 2000/NT 4 Media Services - 'nsiislog.dll' Remote Buffer Overflow
Microsoft Windows NT 4/2000 - Media Services 'nsiislog.dll' Remote Buffer Overflow
thttpd 2.2x - defang Remote Buffer Overflow
thttpd 2.2x - 'defang' Remote Buffer Overflow
Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit) (2)
Novell ZENworks Configuration Management 10 SP3 / 11 SP2 - Remote Execution (Metasploit)
Dovecot with Exim - sender_address Parameter Remote Command Execution
Dovecot with Exim - 'sender_address' Parameter Remote Command Execution
HP SiteScope - Remote Code Execution (Metasploit) (2)
HP SiteScope (Windows) - Remote Code Execution (Metasploit)
Western Digital Arkeia - Remote Code Execution (Metasploit) (1)
Western Digital Arkeia < 10.0.10 - Remote Code Execution (Metasploit)
CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) (2)
Mozilla Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution (Metasploit)
Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) (1)
Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit)
Western Digital Arkeia - Remote Code Execution (Metasploit) (2)
Western Digital Arkeia < 11.0.12 - Remote Code Execution (Metasploit)
Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (1)
E-Uploader Pro 1.0 - Image Upload with Code Execution
E-Uploader Pro 1.0 - Image Upload / Code Execution
ASPapp Knowledge Base - 'CatId' Parameter SQL Injection
ASPapp Knowledge Base - 'CatId' Parameter SQL Injection (1)
ASPapp KnowledgeBase - 'catid' Parameter SQL Injection
ASPapp Knowledge Base - 'CatId' Parameter SQL Injection (2)
ea-gBook 0.1 - Remote Command Execution with Remote File Inclusion (c99)
ea-gBook 0.1 - Remote Command Execution / Remote File Inclusion (c99)
Flatchat 3.0 - 'pmscript.php with' Local File Inclusion
Flatchat 3.0 - 'pmscript.php' Local File Inclusion
Joomla! Component huruhelpdesk - SQL Injection
Joomla! Component Huru Helpdesk - SQL Injection (1)
PGAUTOPro - SQL Injection / Cross-Site Scripting
PGAUTOPro - SQL Injection / Cross-Site Scripting (1)
Joomla! Component Huru Helpdesk - SQL Injection
Joomla! Component Huru Helpdesk - SQL Injection (2)
SoftwareDEP Classified Script 2.5 - SQL Injection
SoftwareDEP Classified Script 2.5 - SQL Injection (1)
WordPress Plugin pay with tweet 1.1 - Multiple Vulnerabilities
WordPress Plugin Pay with Tweet 1.1 - Multiple Vulnerabilities
Software DEP Classified Script 2.5 - SQL Injection
SoftwareDEP Classified Script 2.5 - SQL Injection (2)
Virtual Programming VP-ASP 5.00 - shopexd.asp SQL Injection (1)
Virtual Programming VP-ASP 5.00 - shopexd.asp SQL Injection (2)
Virtual Programming VP-ASP 5.00 - 'shopexd.asp' SQL Injection (1)
Virtual Programming VP-ASP 5.00 - 'shopexd.asp' SQL Injection (2)
OnlineArts DailyDose 1.1 - Denial of Servicee.pl Remote Command Execution
OnlineArts DailyDose 1.1 - 'dose.pl' Remote Command Execution
PHPOpenChat 2.3.4/3.0.1 - PoC_loginform.php phpbb_root_path Parameter Remote File Inclusion
PHPOpenChat 2.3.4/3.0.1 - PoC.php Remote File Inclusion
PHPOpenChat 2.3.4/3.0.1 - 'poc_loginform.php' phpbb_root_path Parameter Remote File Inclusion
PHPOpenChat 2.3.4/3.0.1 - 'poc.php' Remote File Inclusion
ActiveNews Manager - 'articleId' Parameter SQL Injection
ActiveNews Manager - 'articleId' Parameter SQL Injection (1)
Active News Manager - 'articleId' Parameter SQL Injection
ActiveNews Manager - 'articleId' Parameter SQL Injection (2)
Sagem Fast 3304-V2 - Authentication Bypass
Sagem Fast 3304-V2 - Authentication Bypass (1)
PG Auto Pro - SQL Injection / Cross-Site Scripting
PGAUTOPro - SQL Injection / Cross-Site Scripting (2)
Sagem FAST3304-V2 - Authentication Bypass
Sagem FAST3304-V2 - Authentication Bypass (2)
Trend Micro - Multiple HTTP Problems with CoreServiceShell.exe
Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Issues
phpATM 1.32 - Arbitrary File Upload / Remote Command Execution (Windows Servers)
phpATM 1.32 (Windows) - Arbitrary File Upload / Remote Command Execution
Seagate Business NAS - Unauthenticated Remote Command Execution (Metasploit)
2017-04-02 05:01:18 +00:00
Offensive Security
6d17bc529d
DB: 2017-03-31
...
4 new exploits
dBpowerAMP Audio Player Release 2 - '.m3u' Buffer Overflow (PoC)
dBpowerAMP Audio Player 2 - '.m3u' Buffer Overflow (PoC)
Spider Solitaire - Denial of Service (PoC)
Spider Solitaire - Denial of Service (PoC)
Baby FTP Server 1.24 - Denial of Service
Baby FTP Server 1.24 - Denial of Service (1)
Baby FTP server 1.24 - Denial of Service
Baby FTP server 1.24 - Denial of Service (2)
Google Android - Unprotected MSRs in EL1 RKP Privilege Escalation
Google Android - Unprotected MSRs in EL1 RKP Privilege Escalation
Evostream Media Server 1.7.1 (x64) - Denial of Service
Evostream Media Server 1.7.1 (x64) - Denial of Service
Cerberus FTP Server 8.0.10.1 - Denial of Service
Cerberus FTP Server 8.0.10.1 - Denial of Service
Apple macOS/IOS 10.12.2(16C67) - mach_msg Heap Overflow
Apache < 2.0.64 / < 2.2.21 mod_setenvif - Integer Overflow
Apache < 2.0.64 / < 2.2.21 mod_setenvif - Integer Overflow
Solaris 10 sysinfo() - Local Kernel Memory Disclosure
Solaris 10 sysinfo() - Local Kernel Memory Disclosure (1)
Solaris 10 sysinfo(2) - Local Kernel Memory Disclosure
Solaris 10 sysinfo(2) - Local Kernel Memory Disclosure (2)
Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit)
Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) (1)
Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail) Capabilities Privilege Escalation(1)
Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail 8.10.1) Capabilities Privilege Escalation (2)
Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail) Capabilities Privilege Escalation(1)
Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail 8.10.1) Capabilities Privilege Escalation (2)
Linux Kernel 3.13 - (SGID) Privilege Escalation (PoC)
Linux Kernel 3.13 - (SGID) Privilege Escalation (PoC)
Linux espfix64 - (Nested NMIs Interrupting) Privilege Escalation
Linux espfix64 - (Nested NMIs Interrupting) Privilege Escalation
Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (2) (MS16-008)
Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (1) (MS16-008)
Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (MS16-008) (2)
Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (MS16-008) (1)
Forticlient 5.2.3 Windows 10 x64 (Pre Anniversary) - Privilege Escalation
Forticlient 5.2.3 Windows 10 x64 (Post Anniversary) - Privilege Escalation
Forticlient 5.2.3 (Windows 10 x64 Pre Anniversary) - Privilege Escalation
Forticlient 5.2.3 (Windows 10 x64 Post Anniversary) - Privilege Escalation
Ubuntu < 15.10 - PT Chown Arbitrary PTs Access Via UserNamespace Privilege Escalation
Ubuntu < 15.10 - PT Chown Arbitrary PTs Access Via User Namespace Privilege Escalation
Ubuntu 15.04 (Dev) - 'Upstart' Logrotation Privilege Escalation
Ubuntu 15.04 (Development) - 'Upstart' Logrotation Privilege Escalation
Linux Kernel 2.6.32 (Ubuntu 10.04) - /proc Handling SUID Privilege Escalation
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065)
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (1)
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065)
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (2)
Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote Buffer Overflow (1)
Yahoo! Music Jukebox 2.2 - 'AddImage()' ActiveX Remote Buffer Overflow (1)
dBpowerAMP Audio Player Release 2 - '.m3u' Buffer Overflow
dBpowerAMP Audio Player 2 - '.m3u' Buffer Overflow
Apache Tomcat < 6.0.18 - utf8 Directory Traversal (1)
Apache Tomcat < 6.0.18 - 'utf8' Directory Traversal (PoC)
Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (1)
Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray (1)
Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray
Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray (2)
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (1)
Apache Tomcat < 6.0.18 - utf8 Directory Traversal (2)
Apache Tomcat < 6.0.18 - 'utf8' Directory Traversal
Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit)
Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) (2)
Samba 2.2.2 < 2.2.6 - nttrans Buffer Overflow (Metasploit)
Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (2)
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow
EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (2)
Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit)
Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit) (1)
Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit)
Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit) (2)
D-Link Devices - Unauthenticated Remote Command Execution (Metasploit) (2)
D-Link Devices - 'command.php' Unauthenticated Remote Command Execution (Metasploit)
D-Link Devices - Unauthenticated Remote Command Execution (Metasploit) (1)
D-Link Devices - 'tools_vct.xgi' Unauthenticated Remote Command Execution (Metasploit)
Azure Data Expert Ultimate 2.2.16 - Buffer Overflow
Azure Data Expert Ultimate 2.2.16 - Buffer Overflow
Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit)
Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (1)
Article Script 1.6.3 - 'rss.php' SQL Injection (1)
Article Script 1.6.3 - 'rss.php' SQL Injection
DBHcms 1.1.4 - Remote File Inclusion
DBHcms 1.1.4 - 'code' Remote File Inclusion
LaserNet CMS 1.5 - SQL Injection (2)
LaserNet CMS 1.5 - SQL Injection
Clever Copy 3.0 - 'postview.php' SQL Injection (1)
Clever Copy 3.0 - 'postview.php' SQL Injection
phpAuction - 'profile.php' SQL Injection
phpAuction - 'profile.php' SQL Injection (1)
Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection
Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection (1)
Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection
Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection (2)
Matterdaddy Market 1.1 - Multiple SQL Injections (1)
Matterdaddy Market 1.1 - 'index.php' Multiple SQL Injections
PHPWebGallery 1.3.4 - Blind SQL Injection
PHPWebGallery 1.3.4 - Blind SQL Injection (1)
PHPWebGallery 1.3.4 - Blind SQL Injection
PHPWebGallery 1.3.4 - Blind SQL Injection (2)
Zeeways Shaadi Clone 2.0 - Authentication Bypass
Zeeways Shaadi Clone 2.0 - Authentication Bypass (1)
Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities
Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities (1)
DBHcms 1.1.4 - Remote File Inclusion
DBHcms 1.1.4 - 'dbhcms_core_dir' Remote File Inclusion
E-book Store - Multiple Vulnerabilities (1)
Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion
Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion (1)
E-book Store - Multiple Vulnerabilities (2)
E-book Store - Multiple Vulnerabilities
Classifieds Script - SQL Injection
Classifieds Script - 'rate' SQL Injection
Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion
Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion (2)
DBHcms 1.1.4 - SQL Injection
DBHcms 1.1.4 - 'dbhcms_pid' SQL Injection
LaserNet CMS 1.5 - SQL Injection (1)
Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection
Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection (2)
Article Script 1.6.3 - 'rss.php' SQL Injection (2)
Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection
Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection (1)
Openads (PHPAdsNew) < 2.0.8 - 'lib-remotehost.inc.php' Remote File Inclusion
Openads (PHPAdsNew) < 2.0.8 - 'lib-remotehost.inc.php' Remote File Inclusion
LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting (1)
LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting (2)
Fonality trixbox 2.4.2 - Cross-Site Scripting
Fonality trixbox 2.4.2 - Cross-Site Scripting (1)
Fonality trixbox 2.4.2 - Cross-Site Scripting (2)
Clever Copy 3.0 - 'postview.php' SQL Injection (2)
phpAuction - 'profile.php' SQL Injection
phpAuction - 'profile.php' SQL Injection (2)
Zeeways Shaadi Clone 2.0 - Authentication Bypass
Zeeways Shaadi Clone 2.0 - Authentication Bypass (2)
DBHcms 1.1.4 - 'dbhcms_core_dir' Parameter Remote File Inclusion
Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities
Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities (2)
Matterdaddy Market 1.1 - Multiple SQL Injections (2)
Matterdaddy Market 1.1 - 'cat_name' Multiple SQL Injections
WordPress Plugin WP Private Messages 1.0.1 - SQL Injection
WordPress Plugin WP Private Messages 1.0.1 - SQL Injection (1)
Huawei Flybox B660 - Cross-Site Request Forgery
Huawei Flybox B660 - Cross-Site Request Forgery (1)
Huawei Flybox B660 - Cross-Site Request Forgery
Huawei Flybox B660 - Cross-Site Request Forgery (2)
Classifieds Script - SQL Injection
Classifieds Script - 'term' SQL Injection
WordPress Plugin WP Private Messages 1.0.1 - SQL Injection
WordPress Plugin WP Private Messages 1.0.1 - SQL Injection (2)
2017-03-31 05:01:16 +00:00
Offensive Security
8e03027ae5
DB: 2017-03-30
...
18 new exploits
FUSE fusermount Tool - Race Condition
Linux Kernel (Ubuntu 11.10/12.04) - binfmt_script Stack Data Disclosure
Apache 2.2 - Scoreboard Invalid Free On Shutdown
Apache < 2.0.64 / < 2.2.21 mod_setenvif - Integer Overflow
FUSE fusermount Tool - Race Condition
Ubuntu < 15.10 - PT Chown Arbitrary PTs Access Via UserNamespace Privilege Escalation
AUFS (Ubuntu 15.10) - 'allow_userns' Fuse/Xattr User Namespaces Privilege Escalation
Ubuntu 14.04/15.10 - User Namespace Overlayfs Xattr Setgid Privilege Escalation
Ubuntu 15.10 - 'USERNS ' Overlayfs Over Fuse Privilege Escalation
NTP - Privilege Escalation
Ubuntu 15.04 (Dev) - 'Upstart' Logrotation Privilege Escalation
Vm86 - Syscall Task Switch Kernel Panic / Privilege Escalation
Disk Sorter Enterprise 9.5.12 - 'Import Command' Buffer Overflow
DiskBoss Enterprise 7.8.16 - 'Import Command' Buffer Overflow
Sync Breeze Enterprise 9.5.16 - 'Import Command' Buffer Overflow
Sync Breeze Enterprise 9.5.16 - 'GET' Buffer Overflow (SEH)
Linux/x86 - execve(/bin/sh_) Shellcode (19 bytes)
Just Dial Clone Script - 'fid' SQL Injection
Just Dial Clone Script - 'fid' Parameter SQL Injection
Just Dial Clone Script - 'srch' SQL Injection
Just Dial Clone Script - 'srch' Parameter SQL Injection
Opensource Classified Ads Script - 'keyword' Parameter SQL Injection
EyesOfNetwork (EON) 5.1 - SQL Injection
2017-03-30 05:01:15 +00:00
Offensive Security
570f8aec26
DB: 2017-03-25
...
6 new exploits
wifirxpower - Local Buffer Overflow
Miele Professional PG 8528 - Directory Traversal
NETGEAR WNR2000v5 - (Un)authenticated hidden_lang_avi Stack Overflow (Metasploit)
Logsign 4.4.2 / 4.4.137 - Remote Command Injection (Metasploit)
Gr8 Tutorial Script - SQL Injection
Gr8 Gallery Script - SQL Injection
2017-03-25 05:01:17 +00:00
Offensive Security
3f1035a488
DB: 2017-02-27
...
2 new exploits
Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free PoC
Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free Privilege Escalation
2017-02-27 05:01:20 +00:00
Offensive Security
2f4b2745b1
DB: 2017-02-15
...
11 new exploits
Linux Kernel 3.10.0 (CentOS7) - Denial of Service
LG G4 - lgdrmserver Binder Service Multiple Race Conditions
LG G4 - lghashstorageserver Directory Traversal
LG G4 - Touchscreen Driver write_log Kernel Read/Write
Google Android - Inter-process munmap in android.util.MemoryIntArray
Google Android - android.util.MemoryIntArray Ashmem Race Conditions
Microsoft Edge - TypedArray.sort Use-After-Free (MS16-145)
ShadeYouVPN Client 2.0.1.11 - Privilege Escalation
ntfs-3g - Unsanitized modprobe Environment Privilege Escalation
MLdonkey 2.9.7 - HTTP DOUBLE SLASH Arbitrary File Disclosure
MLdonkey 2.9.7 - Arbitrary File Disclosure
Mldonkey 2.5 -4 - Web Interface Error Message Cross-Site Scripting
MLdonkey 2.5-4 - Cross-Site Scripting
Piwik 2.14.0 / 2.16.0 / 2.17.1 / 3.0.1 - Superuser Plugin Upload (Metasploit)
Joomla! Component NeoRecruit 1.4 - 'id' SQL Injection
Joomla! Component NeoRecruit 1.4 - 'id' Parameter SQL Injection
taifajobs 1.0 - (jobid) SQL Injection
taifajobs 1.0 - 'jobid' Parameter SQL Injection
Pyrophobia 2.1.3.1 - modules/out.php id Parameter Cross-Site Scripting
Pyrophobia 2.1.3.1 - admin/index.php Multiple Parameter Traversal Arbitrary File Access
Pyrophobia 2.1.3.1 - Cross-Site Scripting
Pyrophobia 2.1.3.1 - Traversal Arbitrary File Access
Itech B2B Script 4.29 - Multiple Vulnerabilities
2017-02-15 05:01:16 +00:00
Offensive Security
d1a0e8f9fd
DB: 2017-02-09
...
3 new exploits
Zookeeper 3.5.2 - Denial of Service
Linux/x86 - Reverse TCP Alphanumeric Staged Shellcode (103 bytes)
YapBB 1.2 - (forumID) Blind SQL Injection
YapBB 1.2 - 'forumID' Parameter Blind SQL Injection
ClearBudget 0.6.1 - (Misspelled htaccess) Insecure DD
ClearBudget 0.6.1 - Insecure Database Download
phpYabs 0.1.2 - (Azione) Remote File Inclusion
phpYabs 0.1.2 - 'Azione' Parameter Remote File Inclusion
IF-CMS 2.0 - 'frame.php id' Blind SQL Injection
IF-CMS 2.0 - 'id' Parameter Blind SQL Injection
BusinessSpace 1.2 - 'id' SQL Injection
A Better Member-Based ASP Photo Gallery - 'entry' SQL Injection
BusinessSpace 1.2 - 'id' Parameter SQL Injection
A Better Member-Based ASP Photo Gallery - 'entry' Parameter SQL Injection
FlexCMS - (catId) SQL Injection
FlexCMS 2.5 - 'catId' Parameter SQL Injection
Thyme 1.3 - (export_to) Local File Inclusion
Papoo CMS 3.x - (pfadhier) Local File Inclusion
q-news 2.0 - Remote Command Execution
Potato News 1.0.0 - (user) Local File Inclusion
Thyme 1.3 - 'export_to' Parameter Local File Inclusion
Papoo CMS 3.x - 'pfadhier' Parameter Local File Inclusion
Q-News 2.0 - Remote Command Execution
Potato News 1.0.0 - Local File Inclusion
Mynews 0_10 - Authentication Bypass
Mynews 0.10 - Authentication Bypass
Muviko Video CMS - SQL Injection
Multi Outlets POS 3.1 - 'id' Parameter SQL Injection
2017-02-09 05:01:17 +00:00
Offensive Security
2ff74c7c1b
DB: 2017-02-08
...
9 new exploits
Zookeeper 3.5.2 - Denial of Service
OpenBSD HTTPd < 6.0 - Memory Exhaustion Denial of Service
ThisIsWhyImBroke Clone Script 4.0.0 - 'id' Parameter SQL Injection
Fully Featured News CMS 1.0 - 'id' Parameter SQL Injection
MySQL File Uploader 1.0 - 'id' Parameter SQL Injection
Easy Support Tools 1.0 - 'stt' Parameter SQL Injection
Easy Web Search 3 - 'id' Parameter SQL Injection
FTP Made Easy PRO 1.2 - Arbitrary File Download
Easy File Uploader 1.2 - Arbitrary File Download
Responsive Filemanger <= 9.11.0 - Arbitrary File Disclosure
2017-02-08 05:01:17 +00:00
Offensive Security
1a4e6f50a9
DB: 2017-02-01
...
65 new exploits
Quake 3 Engine Client (Windows x86) - CS_ITEms Remote Overflow
Mercur IMAPD 5.00.14 (Windows x86) - Remote Denial of Service
PHP 5.2.0 (Windows x86) - (PHP_win32sti) Local Buffer Overflow
PHP 5.2.0 (Windows x86) - 'PHP_iisfunc.dll' Local Buffer Overflow
32bit FTP (09.04.24) - 'Banner' Remote Buffer Overflow (PoC)
Apple Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service
Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x32/x64) - LZH archive parsing (PoC)
ESET Smart Security 4.2 and NOD32 AntiVirus 4.2 (x86/x64) - LZH archive parsing (PoC)
Linux Kernel 2.6.x (x64) - Personality Handling Local Denial of Service
VMware Workstations 10.0.0.40273 - 'vmx86.sys' Arbitrary Kernel Read
Samba < 3.6.2 (x86) - Denial of Serviec (PoC)
Adobe Flash - Bad Dereference at 0x23c on Linux x64
Adobe Flash (Linux x64) - Bad Dereference at 0x23c
Linux (x86) - Disable ASLR by Setting the RLIMIT_STACK Resource to Unlimited
Core FTP Server 32-bit Build 587 - Heap Overflow
Windows 10 x86/x64 WLAN AutoConfig - Denial of Service (POC)
Windows 10 (x86/x64) WLAN AutoConfig - Denial of Service (POC)
RedHat 6.2 /usr/bin/rcp - SUID Privilege Escalation
RedHat 6.2 /usr/bin/rcp - 'SUID' Privilege Escalation
Setuid perl - PerlIO_Debug() Root Owned File Creation Privilege Escalation
Setuid perl - 'PerlIO_Debug()' Root Owned File Creation Privilege Escalation
Wireless Tools 26 (IWConfig) - Privilege Escalation (some setuid)
Qpopper 4.0.8 (Linux) - (poppassd) Privilege Escalation
Wireless Tools 26 (IWConfig) - Privilege Escalation
Qpopper 4.0.8 (Linux) - 'poppassd' Privilege Escalation
Navicat Premium 11.2.11 (x64) - Local Database Password Disclosure
Rocks Clusters 4.1 - (umount-loop) Privilege Escalation
Rocks Clusters 4.1 - (mount-loop) Privilege Escalation
Rocks Clusters 4.1 - 'umount-loop' Privilege Escalation
Rocks Clusters 4.1 - 'mount-loop' Privilege Escalation
PrivateTunnel Client 2.7.0 (x64) - Local Credentials Disclosure
Linux Kernel 2.4 / 2.6 (x86-64) - System Call Emulation Privilege Escalation
Postfix 2.6-20080814 - (symlink) Privilege Escalation
Postfix 2.6-20080814 - 'symlink' Privilege Escalation
Oracle Database Vault - ptrace(2) Privilege Escalation
Oracle Database Vault - 'ptrace(2)' Privilege Escalation
Linux Kernel 2.6.24_16-23 / 2.6.27_7-10 / 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86_64) - set_selection() UTF-8 Off-by-One Local Exploit
Linux Kernel 2.6.24_16-23 / 2.6.27_7-10 / 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86-64) - set_selection() UTF-8 Off-by-One Local Exploit
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Privilege Escalation (1)
Linux Kernel < 2.6.36-rc4-git2 (x86-64) - 'ia32syscall' Emulation Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (RedHat x86-64) - 'compat' Privilege Escalation
Linux Kernel < 2.6.36-rc4-git2 (x86-64) - 'ia32syscall' Emulation Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (RedHat x86-64) - 'compat' Privilege Escalation
GNU C Library 2.x (libc6) - Dynamic Linker LD_AUDIT Arbitrary DSO Load (Privilege Escalation)
GNU C Library 2.x (libc6) - (Dynamic Linker LD_AUDIT Arbitrary DSO Load) Privilege Escalation
Linux Kernel < 2.6.34 (Ubuntu 10.10 x86) - 'CAP_SYS_ADMIN' Privilege Escalation (1)
Free Download Manager - Torrent Parsing Buffer Overflow (Metasploit)
Free Download Manager 3.0 Build 844 - Torrent Parsing Buffer Overflow (Metasploit)
VideoLAN VLC Client (Windows x86) - 'smb://' URI Buffer Overflow (Metasploit)
PolicyKit polkit-1 < 0.101 - Linux Privilege Escalation
PolicyKit polkit-1 < 0.101 - Privilege Escalation
Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Privilege Escalation (Sendmail) (1)
Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Privilege Escalation (Sendmail 8.10.1) (2)
Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail) Capabilities Privilege Escalation(1)
Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail 8.10.1) Capabilities Privilege Escalation (2)
QNX RTOS 4.25/6.1 - phgrafxPrivilege Escalation
QNX RTOS 4.25/6.1 - phgrafx-startup Privilege Escalation
QNX RTOS 4.25/6.1 - 'phgrafx' Privilege Escalation
QNX RTOS 4.25/6.1 - 'phgrafx-startup' Privilege Escalation
Dropbox Desktop Client 9.4.49 (x64) - Local Credentials Disclosure
Microsoft Windows 10 10586 (x32/x64) / 8.1 Update 2 - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111)
Microsoft Windows 10 10586 (x86/x64) / 8.1 Update 2 - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111)
MySQL 3.23.x - mysqld Privilege Escalation
MySQL 3.23.x - 'mysqld' Privilege Escalation
Platform Load Sharing Facility 4/5/6 - EAuth Privilege Escalation
MTools 3.9.x - MFormat Privilege Escalation
Platform Load Sharing Facility 4/5/6 - 'EAuth' Privilege Escalation
MTools 3.9.x - 'MFormat' Privilege Escalation
Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86-64) - 'sock_diag_handlers[]' Privilege Escalation (1)
sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Privilege Escalation + glibc FORTIFY_SOURCE Bypass
sudo 1.8.0 < 1.8.3p1 (sudo_debug) - glibc FORTIFY_SOURCE Bypass + Privilege Escalation
Linux Kernel < 3.8.9 (x86-64) - 'perf_swevent_init' Privilege Escalation (2)
ZABBIX 1.1.4/1.4.2 - daemon_start Privilege Escalation
ZABBIX 1.1.4/1.4.2 - 'daemon_start' Privilege Escalation
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - 'CONFIG_X86_X32=y' Privilege Escalation (3)
LogMeIn Client 1.3.2462 (x64) - Local Credentials Disclosure
Systrace 1.x (x64) - Aware Linux Kernel Privilege Escalation
Microsoft Windows - NTUserMessageCall Win32k Kernel Pool Overflow 'schlamperei.x86.dll' (MS13-053) (Metasploit)
Linux Kernel 3.14-rc1 < 3.15-rc4 (x64) - Raw Mode PTY Local Echo Race Condition Privilege Escalation
Linux Kernel 3.2.0-23 / 3.5.0-23 (Ubuntu 12.04/12.04.1/12.04.2 x64) - 'perf_swevent_init' Privilege Escalation (3)
TeamViewer 11.0.65452 (x64) - Local Credentials Disclosure
Linux Kernel 3.13 - Privilege Escalation PoC (SGID)
Linux Kernel 3.13 - (SGID) Privilege Escalation (PoC)
OSSEC 2.8 - hosts.deny Privilege Escalation
OSSEC 2.8 - 'hosts.deny' Privilege Escalation
Ninja Privilege Escalation Detection and Prevention System 0.1.3 - Race Condition
Ninja Privilege Escalation Detection and Prevention System 0.1.3 - Race Condition Privilege Escalation
Linux espfix64 - Privilege Escalation (Nested NMIs Interrupting)
Linux (x86) - Memory Sinkhole Privilege Escalation (PoC)
Linux espfix64 - (Nested NMIs Interrupting) Privilege Escalation
Linux (x86) - Memory Sinkhole Privilege Escalation (PoC)
RHEL 7.0/7.1 - abrt/sosreport Privilege Escalation
RHEL 7.0/7.1 - 'abrt/sosreport' Privilege Escalation
MySQL 5.5.45 (x64) - Local Credentials Disclosure
Linux Kernel 4.4.x (Ubuntu 16.04) - 'double-fdput()' in bpf(BPF_PROG_LOAD) Privilege Escalation
Linux Kernel 4.4.x (Ubuntu 16.04) - 'double-fdput()' bpf(BPF_PROG_LOAD) Privilege Escalation
ACROS Security 0patch 2016.05.19.539 - '0PatchServicex64.exe' Unquoted Service Path Privilege Escalation
Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - Netfilter target_offset Out-of-Bounds Privilege Escalation
Microsoft Windows 7 (x32/x64) - Group Policy Privilege Escalation (MS16-072)
Microsoft Windows 7 (x86/x64) - Group Policy Privilege Escalation (MS16-072)
Linux Kernel 2.6.32-rc1 (x86-64) - Register Leak
Linux Kernel 4.4.0 (Ubuntu 14.04/16.04 x86-64) - 'AF_PACKET' Race Condition Privilege Escalation
Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098)
Viscosity 1.6.7 - Privilege Escalation
BeroFTPD 1.3.4(1) (Linux/x86) - Remote Code Execution
BeroFTPD 1.3.4(1) (Linux x86) - Remote Code Execution
Solaris /bin/login (SPARC/x86) - Remote Code Execution
gpsdrive 2.09 (x86) - (friendsd2) Remote Format String
PrivateWire Gateway 3.7 (Windows x86) - Remote Buffer Overflow (Metasploit)
dproxy-nexgen (Linux/x86) - Buffer Overflow
dproxy-nexgen (Linux x86) - Buffer Overflow
32bit FTP (09.04.24) - 'CWD Response' Remote Buffer Overflow
32bit FTP (09.04.24) - 'Banner' Remote Buffer Overflow
32bit FTP (09.04.24) - 'CWD Response' Universal Overwrite (SEH)
32bit FTP - 'PASV' Reply Client Remote Overflow (Metasploit)
32bit FTP (09.04.24) - 'CWD Response' Remote Buffer Overflow
32bit FTP (09.04.24) - 'Banner' Remote Buffer Overflow
32bit FTP (09.04.24) - 'CWD Response' Universal Overwrite (SEH)
32bit FTP - 'PASV' Reply Client Remote Overflow (Metasploit)
Oracle 9i XDB (Windows x86) - FTP UNLOCK Overflow (Metasploit)
AASync 2.2.1.0 (Windows x86) - Stack Buffer Overflow 'LIST' (Metasploit)
32bit FTP Client - Stack Buffer Overflow (Metasploit)
Free Download Manager - Remote Control Server Buffer Overflow (Metasploit)
Free Download Manager 2.5 Build 758 - Remote Control Server Buffer Overflow (Metasploit)
Apache (Windows x86) - Chunked Encoding (Metasploit)
PeerCast 0.1216 (Windows x86) - URL Handling Buffer Overflow (Metasploit)
CA CAM (Windows x86) - log_security() Stack Buffer Overflow (Metasploit)
Samba 3.3.12 (Linux/x86) - 'chain_reply' Memory Corruption (Metasploit)
Samba 2.2.8 (Linux x86) - 'trans2open' Overflow (Metasploit)
Samba 3.3.12 (Linux x86) - 'chain_reply' Memory Corruption (Metasploit)
Samba 2.2.8 (Linux x86) - 'trans2open' Overflow (Metasploit)
Samba 2.2.8 (*BSD x86) - 'trans2open' Overflow Exploit (Metasploit)
Webmin 0.x - RPC Function Privilege Escalation
Webmin 0.x - 'RPC' Function Privilege Escalation
Nginx 1.3.9/1.4.0 (x86) - Brute Force Remote Exploit
Nginx 1.4.0 (x64) - (Generic Linux) Remote Exploit
Nginx 1.4.0 (x64) (Generic Linux) - Remote Exploit
technote 7.2 - Remote File Inclusion
Technote 7.2 - Remote File Inclusion
JAWS 0.2/0.3 - 'index.php' gadget Parameter Traversal Arbitrary File Access
JAWS 0.2/0.3 - Cookie Manipulation Authentication Bypass
JAWS 0.2/0.3 - 'index.php' action Parameter Cross-Site Scripting
Jaws 0.2/0.3 - 'gadget' Parameter Traversal Arbitrary File Access
Jaws 0.2/0.3 - Cookie Manipulation Authentication Bypass
Jaws 0.2/0.3 - 'action' Parameter Cross-Site Scripting
JAWS 0.2/0.3/0.4 - ControlPanel.php SQL Injection
Jaws 0.2/0.3/0.4 - ControlPanel.php SQL Injection
JAWS Glossary 0.4/0.5 - Cross-Site Scripting
Jaws Glossary 0.4/0.5 - Cross-Site Scripting
JAWS 0.x - Remote File Inclusion
Jaws 0.x - Remote File Inclusion
FlatNux 2009-03-27 - Multiple Cross-Site Scripting Vulnerabilities
Flatnux 2009-03-27 - Multiple Cross-Site Scripting Vulnerabilities
Multiple Netgear Routers - Password Disclosure
Video Sharing Script 4.94 - 'uid' Parameter SQL Injection
Netman 204 - Backdoor Account / Password Reset
2017-02-01 05:01:19 +00:00
Offensive Security
bac881f89a
DB: 2017-01-03
...
3 new exploits
QNAP NAS Devices - Heap Overflow
Castle Rock Computing SNMPc 7.0.19 - Community String Stack Based Buffer Overflow
Internet Download Accelerator 6.10.1.1527 - FTP Buffer Overflow (SEH)
PHPFanBase 2.x - (protection.php) Remote File Inclusion
PHPFanBase 2.x - 'protection.php' Remote File Inclusion
DigiAffiliate 1.4 - (visu_user.asp id) SQL Injection
DigiAffiliate 1.4 - 'id' Parameter SQL Injection
ExoPHPDesk 1.2.1 - (faq.php) SQL Injection
ExoPHPDesk 1.2.1 - 'faq.php' SQL Injection
MiniGal b13 - (image backdoor) Remote Code Execution
MiniGal b13 - Remote Code Execution
PHP Auto Listings - 'moreinfo.php pg' SQL Injection
Pre Simple CMS - SQL Injection (Authentication Bypass)
PHP Auto Listings - 'pg' Parameter SQL Injection
Pre Simple CMS - Authentication Bypass
Harlandscripts drinks - (recid) SQL Injection
Harlandscripts drinks - 'recid' Parameter SQL Injection
Mole Group Taxi Calc Dist Script - (Authentication Bypass) SQL Injection
Mole Group Taxi Calc Dist Script - Authentication Bypass
DevelopItEasy Membership System 1.3 - (Authentication Bypass) SQL Injection
DevelopItEasy Membership System 1.3 - Authentication Bypass
NICE FAQ Script - (Authentication Bypass) SQL Injection
NICE FAQ Script - Authentication Bypass
SoftComplex PHP Image Gallery 1.0 - (Authentication Bypass) SQL Injection
SoftComplex PHP Image Gallery 1.0 - Authentication Bypass
DELTAScripts PHP Classifieds 7.5 - (Authentication Bypass) SQL Injection
DELTAScripts PHP Links 1.3 - (Authentication Bypass) SQL Injection
DELTAScripts PHP Shop 1.0 - (Authentication Bypass) SQL Injection
SoftComplex PHP Image Gallery - (ctg) SQL Injection
DELTAScripts PHP Classifieds 7.5 - Authentication Bypass
DELTAScripts PHP Links 1.3 - Authentication Bypass
DELTAScripts PHP Shop 1.0 - Authentication Bypass
SoftComplex PHP Image Gallery - 'ctg' Parameter SQL Injection
TurnkeyForms Business Survey Pro 1.0 - 'id' SQL Injection
Mole Group Pizza - (manufacturers_id) Script SQL Injection
TurnkeyForms Business Survey Pro 1.0 - 'id' Parameter SQL Injection
Mole Group Pizza - 'manufacturers_id' Parameter SQL Injection
E-topbiz Online Store 1 - (Authentication Bypass) SQL Injection
PHP Auto Listings Script - (Authentication Bypass) SQL Injection
Mole Group Rental Script - (Authentication Bypass) SQL Injection
MyioSoft Ajax Portal 3.0 - (Authentication Bypass) SQL Injection
MyioSoft EasyBookMarker - (Authentication Bypass) SQL Injection
MyioSoft EasyCalendar - (Authentication Bypass) SQL Injection
E-topbiz Online Store 1 - Authentication Bypass
PHP Auto Listings Script - Authentication Bypass
Mole Group Rental Script - Authentication Bypass
MyioSoft Ajax Portal 3.0 - Authentication Bypass
MyioSoft EasyBookMarker 4.0 - Authentication Bypass
MyioSoft EasyCalendar - Authentication Bypass
E-topbiz Online Store 1 - 'cat_id' SQL Injection
E-topbiz Online Store 1 - 'cat_id' Parameter SQL Injection
Myiosoft EasyBookMarker 4 - (Parent) SQL Injection
Myiosoft EasyBookMarker 4 - 'Parent' Parameter SQL Injection
Enthusiast 3.1.4 - (show_joined.php path) Remote File Inclusion
V3 Chat Profiles/Dating Script 3.0.2 - (Authentication Bypass) SQL Injection
Enthusiast 3.1.4 - 'show_joined.php' Remote File Inclusion
V3 Chat Profiles/Dating Script 3.0.2 - Authentication Bypass
DigiAffiliate 1.4 - (Authentication Bypass) SQL Injection
Mole Group Airline Ticket Script - (Authentication Bypass) SQL Injection
DigiAffiliate 1.4 - Authentication Bypass
Mole Group Airline Ticket Script - Authentication Bypass
ExoPHPDesk 1.2 Final - (Authentication Bypass) SQL Injection
ZEEMATRI 3.0 - (bannerclick.php adid) SQL Injection
ExoPHPDesk 1.2 Final - Authentication Bypass
ZEEMATRI 3.0 - 'adid' Parameter SQL Injection
Joomla! Component com_books - (book_id) SQL Injection
Joomla! Component com_books - 'book_id' Parameter SQL Injection
Joomla! / Mambo Component 'com_catalogproduction' - 'id' SQL Injection
Joomla! / Mambo Component com_catalogproduction - 'id' Parameter SQL Injection
PozScripts Business Directory Script - 'cid' SQL Injection
PozScripts Business Directory Script - 'cid' Parameter SQL Injection
Alstrasoft Web Host Directory - (Authentication Bypass) SQL Injection
Quick Poll Script - 'code.php id' SQL Injection
Alstrasoft Web Host Directory - Authentication Bypass
Quick Poll Script - 'id' Parameter SQL Injection
Bankoi Webhost Panel 1.20 - (Authentication Bypass) SQL Injection
Bankoi Webhost Panel 1.20 - Authentication Bypass
Minigal b13 - 'index.php list' Remote File Disclosure
yahoo answers - 'id' SQL Injection
Minigal b13 - Remote File Disclosure
yahoo answers - 'id' Parameter SQL Injection
PHPstore Wholesale - 'track.php?id' SQL Injection
PHPstore Wholesale - 'id' Parameter SQL Injection
E-topbiz ADManager 4 - (group) Blind SQL Injection
E-topbiz ADManager 4 - 'group' Parameter Blind SQL Injection
PHPfan 3.3.4 - (init.php includepath) Remote File Inclusion
Jadu Galaxies - 'categoryId' Blind SQL Injection
PHPfan 3.3.4 - 'init.php' Remote File Inclusion
Jadu Galaxies - 'categoryId' Parameter Blind SQL Injection
MemHT Portal 4.0.1 - (avatar) Remote Code Execution
MemHT Portal 4.0.1 - Remote Code Execution
MemHT Portal 4.0.1 - (pvtmsg) Delete All Private Messages Exploit
MemHT Portal 4.0.1 - Delete All Private Messages Exploit
MyioSoft Ajax Portal 3.0 - (page) SQL Injection
MyioSoft Ajax Portal 3.0 - 'page' Parameter SQL Injection
X10media Mp3 Search Engine < 1.6.2 Admin Access
X10media Mp3 Search Engine < 1.6.2 - Admin Access
Arab Portal 2.2 - (Authentication Bypass) SQL Injection
Arab Portal 2.2 - Authentication Bypass
Arab Portal 2.x - (forum.php qc) SQL Injection
Arab Portal 2.x - 'forum.php' SQL Injection
Arab Portal 2.2 - (mod.php module) Local File Inclusion
Arab Portal 2.2 - 'mod.php' Local File Inclusion
Collabtive - SQL Injection
Collabtive 0.65 - SQL Injection
All Enthusiast ReviewPost PHP Pro 2.5 - showproduct.php SQL Injection
All Enthusiast ReviewPost PHP Pro 2.5 - showcat.php SQL Injection
All Enthusiast ReviewPost PHP Pro 2.5 - 'showproduct.php' SQL Injection
All Enthusiast ReviewPost PHP Pro 2.5 - 'showcat.php' SQL Injection
All Enthusiast PhotoPost PHP Pro 5.0 - adm-photo.php Arbitrary Image Manipulation
All Enthusiast PhotoPost PHP Pro 5.0 - 'adm-photo.php' Arbitrary Image Manipulation
Collabtive 1.0 - (manageuser.php task Parameter) SQL Injection
Collabtive 1.0 - 'manageuser.php' SQL Injection
Arab Portal 2.0 - Link.php SQL Injection
Arab Portal 2.0 - 'Link.php' SQL Injection
Arab Portal System 2.0 - online.php title Parameter Cross-Site Scripting
Arab Portal System 2.0 - download.php title Parameter Cross-Site Scripting
Arab Portal 2.0 - 'online.php' Cross-Site Scripting
Arab Portal 2.0 - 'download.php' Cross-Site Scripting
ExoPHPDesk 1.2 - Pipe.php Remote File Inclusion
ExoPHPDesk 1.2 - 'Pipe.php' Remote File Inclusion
Collabtive 1.1 - (managetimetracker.php id Parameter) SQL Injection
Collabtive 1.1 - 'managetimetracker.php' SQL Injection
Zeeways Shaadi Clone 2.0 - 'admin/home.php' Authentication Bypass
Zeeways Shaadi Clone 2.0 - Authentication Bypass
PHPMailer < 5.2.20 / SwiftMailer < 5.4.5-DEV / Zend Framework / zend-mail < 2.4.11 - (AIO) 'PwnScriptum' Remote Code Execution
2017-01-03 05:01:17 +00:00
Offensive Security
18d8085c6d
DB: 2016-12-18
...
13 new exploits
Microsoft Internet Explorer 9 MSHTML - CMarkup::ReloadInCompatView Use-After-Free
Microsoft Internet Explorer 9 IEFRAME - CMarkup::RemovePointerPos Use-After-Free (MS13-055)
Orthanc DICOM Server 1.1.0 - Memory Corruption
Microsoft Internet Explorer 9 - MSHTML CMarkup::ReloadInCompatView Use-After-Free
Microsoft Internet Explorer 9 - IEFRAME CMarkup::RemovePointerPos Use-After-Free (MS13-055)
OsiriX DICOM Viewer 8.0.1 - Memory Corruption
ConQuest DICOM Server 1.4.17d - Stack Buffer Overflow
DCMTK 3.6.0 storescp - Stack Buffer Overflow
Horos 2.1.0 DICOM Medical Image Viewer - Denial of Service
Microsoft Internet Explorer 9 IEFRAME - CMarkupPointer::MoveToGap Use-After-Free
Microsoft Internet Explorer 9 IEFRAME - CView::EnsureSize Use-After-Free (MS13-021)
Nagios < 4.2.4 - Privilege Escalation
iOS 10.1.1 / macOS 10.12 16A323 XNU Kernel - set_dp_control_port Lack of Locking Use-After-Free
Alienvault OSSIM - SQL Injection / Remote Code Execution (Metasploit)
Alienvault Open Source SIEM (OSSIM) - SQL Injection / Remote Code Execution (Metasploit)
Alienvault OSSIM < 4.7.0 - av-centerd 'get_log_line()' Remote Code Execution
Alienvault Open Source SIEM (OSSIM) < 4.7.0 - av-centerd 'get_log_line()' Remote Code Execution
Alienvault OSSIM - av-centerd Command Injection (Metasploit)
Alienvault Open Source SIEM (OSSIM) - av-centerd Command Injection (Metasploit)
Horos 2.1.0 Web Portal - Directory Traversal
Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode (72 bytes)
Alienvault OSSIM Open Source SIEM 3.1 - Multiple Security Vulnerabilities
Alienvault Open Source SIEM (OSSIM) 3.1 - Multiple Security Vulnerabilities
Alienvault OSSIM Open Source SIEM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection
Alienvault Open Source SIEM (OSSIM) 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection
Alienvault OSSIM 4.1.2 - Multiple SQL Injections
Alienvault Open Source SIEM (OSSIM) 4.1.2 - Multiple SQL Injections
Alienvault OSSIM Open Source SIEM 4.1 - Multiple SQL Vulnerabilities
Alienvault Open Source SIEM (OSSIM) 4.1 - Multiple SQL Vulnerabilities
Alienvault 4.3.1 - Unauthenticated SQL Injection
Alienvault 4.3.1 - Unauthenticated SQL Injection / Cross-Site Scripting
Alienvault OSSIM 4.6.1 - Authenticated SQL Injection (Metasploit)
Alienvault Open Source SIEM (OSSIM) 4.6.1 - Authenticated SQL Injection (Metasploit)
Alienvault OSSIM 4.3 - Cross-Site Request Forgery
Alienvault Open Source SIEM (OSSIM) 4.3 - Cross-Site Request Forgery
WHMCS Addon VMPanel 2.7.4 - SQL Injection
WordPress Plugin Quiz And Survey Master 4.5.4 / 4.7.8 - Cross-Site Request Forgery
2016-12-18 05:01:16 +00:00
Offensive Security
32e86030d5
DB: 2016-12-15
...
3 new exploits
minix 3.1.2a - tty panic Local Denial of Service
minix 3.1.2a - tty panic Remote Denial of Service
Minix 3.1.2a - tty panic Local Denial of Service
Minix 3.1.2a - tty panic Remote Denial of Service
Microsoft IIS 5.0 - WebDav Lock Method Memory Leak Denial of Service
Microsoft IIS 5.0 - WebDAV Lock Method Memory Leak Denial of Service
MINIX 3.3.0 - Local Denial of Service (PoC)
Minix 3.3.0 - Local Denial of Service (PoC)
MINIX 3.3.0 - Remote TCP/IP Stack Denial of Service
Minix 3.3.0 - Remote TCP/IP Stack Denial of Service
Apache 2.4.23 (mod_http2) - Denial of Service
Adobe Animate 15.2.1.95 - Memory Corruption
CoolPlayer - m3u File Local Buffer Overflow
CoolPlayer 2.18 - '.m3u' File Local Buffer Overflow
Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDav Privilege Escalation (MS16-016) (Metasploit)
Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDAV Privilege Escalation (MS16-016) (Metasploit)
Apache Tomcat (WebDAV) - Remote File Disclosure
Apache Tomcat - (WebDAV) Remote File Disclosure
Apache Tomcat (WebDAV) - Remote File Disclosure (SSL)
Apache Tomcat - (WebDAV) Remote File Disclosure (SSL)
APT - Repository Signing Bypass via Memory Allocation Failure
PHPFootball 1.6 - (show.php) Remote Database Disclosure
PHPFootball 1.6 - Remote Database Disclosure
Aprox CMS Engine 5 (1.0.4) - Local File Inclusion
Aprox CMS Engine 5.1.0.4 - Local File Inclusion
PHP Help Agent 1.1 - (content) Local File Inclusion
PHP Help Agent 1.1 - 'content' Parameter Local File Inclusion
Alstrasoft Affiliate Network Pro - (pgm) SQL Injection
Alstrasoft Affiliate Network Pro - 'pgm' Parameter SQL Injection
PHPHoo3 <= 5.2.6 - (PHPHoo3.php viewCat) SQL Injection
Alstrasoft Video Share Enterprise 4.5.1 - (UID) SQL Injection
PHPHoo3 <= 5.2.6 - 'viewCat' Parameter SQL Injection
Alstrasoft Video Share Enterprise 4.5.1 - 'UID' Parameter SQL Injection
Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection
Aprox CMS Engine 5.(1.0.4) - 'index.php' SQL Injection
Siteframe - 'folder.php id' SQL Injection
PHPFootball 1.6 - (show.php) SQL Injection
DigiLeave 1.2 - (info_book.asp book_id) Blind SQL Injection
HRS Multi - 'picture_pic_bv.asp key' Blind SQL Injection
Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection
Aprox CMS Engine 5.1.0.4 - 'index.php' SQL Injection
Siteframe CMS 3.2.3 - 'folder.php' SQL Injection
PHPFootball 1.6 - SQL Injection
DigiLeave 1.2 - 'book_id' Parameter Blind SQL Injection
HRS Multi - 'key' Parameter Blind SQL Injection
MojoPersonals - 'mojoClassified.cgi mojo' Blind SQL Injection
MojoJobs - 'mojoJobs.cgi mojo' Blind SQL Injection
MojoAuto - 'mojoAuto.cgi mojo' Blind SQL Injection
EZWebAlbum (dlfilename) - Remote File Disclosure
Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection
ShopCartDx 4.30 - 'pid' SQL Injection
MojoPersonals - Blind SQL Injection
MojoJobs - Blind SQL Injection
MojoAuto - Blind SQL Injection
EZWebAlbum - Remote File Disclosure
Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection
ShopCartDx 4.30 - 'pid' Parameter SQL Injection
YouTube blog 0.1 - (Remote File Inclusion / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Pre Survey Poll - 'default.asp catid' SQL Injection
Atom Photoblog 1.1.5b1 - (photoId) SQL Injection
ibase 2.03 - 'download.php' Remote File Disclosure
YouTube blog 0.1 - Remote File Inclusion / SQL Injection / Cross-Site Scripting
Pre Survey Poll - 'catid' Parameter SQL Injection
Atom Photoblog 1.1.5b1 - 'photoId' Parameter SQL Injection
ibase 2.03 - Remote File Disclosure
Live Music Plus 1.1.0 - 'id' SQL Injection
xrms 1.99.2 - (Remote File Inclusion / Cross-Site Scripting / Information Gathering) Multiple Vulnerabilities
Live Music Plus 1.1.0 - 'id' Parameter SQL Injection
XRms 1.99.2 - Remote File Inclusion / Cross-Site Scripting / Information Gathering
FizzMedia 1.51.2 - (comment.php mid) SQL Injection
PHPTest 0.6.3 - (picture.php image_id) SQL Injection
FizzMedia 1.51.2 - SQL Injection
PHPTest 0.6.3 - SQL Injection
Mobius 1.4.4.1 - (browse.php id) SQL Injection
EPShop < 3.0 - 'pid' SQL Injection
Mobius 1.4.4.1 - SQL Injection
EPShop < 3.0 - 'pid' Parameter SQL Injection
TriO 2.1 - (browse.php id) SQL Injection
CMScout 2.05 - (common.php bit) Local File Inclusion
Getacoder clone - (sb_protype) SQL Injection
GC Auction Platinum - (cate_id) SQL Injection
SiteAdmin CMS - (art) SQL Injection
TriO 2.1 - 'browse.php' SQL Injection
CMScout 2.05 - 'bit' Parameter Local File Inclusion
Getacoder clone - 'sb_protype' Parameter SQL Injection
GC Auction Platinum - 'cate_id' Parameter SQL Injection
SiteAdmin CMS - 'art' Parameter SQL Injection
Youtuber Clone - 'ugroups.php UID' SQL Injection
Youtuber Clone - SQL Injection
PixelPost 1.7.1 - (language_full) Local File Inclusion
PixelPost 1.7.1 - 'language_full' Parameter Local File Inclusion
ViArt Shop 3.5 - (category_id) SQL Injection
Minishowcase 09b136 - 'lang' Local File Inclusion
ViArt Shop 3.5 - 'category_id' Parameter SQL Injection
Minishowcase 09b136 - 'lang' Parameter Local File Inclusion
Gregarius 0.5.4 - rsargs[] SQL Injection
PHP Hosting Directory 2.0 - (admin.php rd) Remote File Inclusion
HIOX Random Ad 1.3 - (hioxRandomAd.php hm) Remote File Inclusion
hiox browser Statistics 2.0 - Remote File Inclusion
Gregarius 0.5.4 - SQL Injection
PHP Hosting Directory 2.0 - Remote File Inclusion
HIOX Random Ad 1.3 - Remote File Inclusion
HIOX Browser Statistics 2.0 - Remote File Inclusion
nzFotolog 0.4.1 - (action_file) Local File Inclusion
ZeeReviews - 'comments.php ItemID' SQL Injection
nzFotolog 0.4.1 - 'action_file' Parameter Local File Inclusion
ZeeReviews - SQL Injection
Article Friendly Pro/Standard - (Cat) SQL Injection
Article Friendly Pro/Standard - SQL Injection
PozScripts Classified Ads Script - 'cid' SQL Injection
TubeGuru Video Sharing Script - (UID) SQL Injection
PozScripts Classified Ads Script - 'cid' Parameter SQL Injection
TubeGuru Video Sharing Script - 'UID' Parameter SQL Injection
pligg 9.9.0 - (Cross-Site Scripting / Local File Inclusion / SQL Injection) Multiple Vulnerabilities
pligg 9.9.0 - Cross-Site Scripting / Local File Inclusion / SQL Injection
camera life 2.6.2b4 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
camera Life 2.6.2b4 - SQL Injection / Cross-Site Scripting
Alstrasoft Article Manager Pro - (Authentication Bypass) SQL Injection
Alstrasoft Article Manager Pro 1.6 - Authentication Bypass
viart shopping cart 3.5 - Multiple Vulnerabilities
Viart shopping cart 3.5 - Multiple Vulnerabilities
PHPFootball 1.6 - (filter.php) Remote Hash Disclosure
PHPFootball 1.6 - Remote Hash Disclosure
talkback 2.3.14 - Multiple Vulnerabilities
Siteframe CMS 3.2.x - (SQL Injection / phpinfo()) Multiple Vulnerabilities
TalkBack 2.3.14 - Multiple Vulnerabilities
Siteframe CMS 3.2.x - SQL Injection / phpinfo()
CMScout - (Cross-Site Scripting / HTML Injection) Multiple Vulnerabilities
CMScout - Cross-Site Scripting / HTML Injection
ShopCartDx 4.30 - (products.php) Blind SQL Injection
ShopCartDx 4.30 - 'products.php' Blind SQL Injection
viart shop 4.0.5 - Multiple Vulnerabilities
ViArt Shop 4.0.5 - Multiple Vulnerabilities
Siteframe 3.2.3 - (user.php) SQL Injection
Siteframe CMS 3.2.3 - 'user.php' SQL Injection
viart shop 4.0.5 - Cross-Site Request Forgery
ViArt Shop 4.0.5 - Cross-Site Request Forgery
Siteframe 2.2.4 - search.php Cross-Site Scripting
Siteframe 2.2.4 - download.php Information Disclosure
Siteframe CMS 2.2.4 - 'download.php' Information Disclosure
phpx 3.2.3 - Multiple Vulnerabilities
PHPX 3.2.3 - Multiple Vulnerabilities
PHPX 3.x - admin/page.php Cross-Site Request Forgery / Arbitrary Command Execution
PHPX 3.x - admin/news.php Cross-Site Request Forgery / Arbitrary Command Execution
PHPX 3.x - admin/user.php Cross-Site Request Forgery / Arbitrary Command Execution
PHPX 3.x - admin/images.php Cross-Site Request Forgery / Arbitrary Command Execution
PHPX 3.x - admin/forums.php Cross-Site Request Forgery / Arbitrary Command Execution
PHPX 3.x - 'page.php' Cross-Site Request Forgery / Arbitrary Command Execution
PHPX 3.x - 'news.php' Cross-Site Request Forgery / Arbitrary Command Execution
PHPX 3.x - 'user.php' Cross-Site Request Forgery / Arbitrary Command Execution
PHPX 3.x - 'images.php' Cross-Site Request Forgery / Arbitrary Command Execution
PHPX 3.x - 'forums.php' Cross-Site Request Forgery / Arbitrary Command Execution
Alstrasoft Video Share Enterprise 4.x - MyajaxPHP.php Remote File Inclusion
Alstrasoft Video Share Enterprise 4.x - 'MyajaxPHP.php' Remote File Inclusion
Alstrasoft Affiliate Network Pro 8.0 - merchants/index.php Multiple Parameter Cross-Site Scripting
Alstrasoft Affiliate Network Pro 8.0 - merchants/temp.php rowid Parameter Cross-Site Scripting
Alstrasoft Affiliate Network Pro 8.0 - merchants/index.php uploadProducts Action pgmid Parameter SQL Injection
Alstrasoft Affiliate Network Pro 8.0 - 'index.php' Cross-Site Scripting
Alstrasoft Affiliate Network Pro 8.0 - 'temp.php' Cross-Site Scripting
Alstrasoft Affiliate Network Pro 8.0 - 'pgmid' Parameter SQL Injection
PHPX 3.5.15/3.5.16 - print.php news_id Parameter SQL Injection
PHPX 3.5.15/3.5.16 - forums.php Multiple Parameter SQL Injection
PHPX 3.5.15/3.5.16 - users.php user_id Parameter SQL Injection
PHPX 3.5.15/3.5.16 - news.php Multiple Parameter SQL Injection
PHPX 3.5.15/3.5.16 - gallery.php Multiple Parameter SQL Injection
PHPX 3.5.15/3.5.16 - 'print.php' SQL Injection
PHPX 3.5.15/3.5.16 - 'forums.php' SQL Injection
PHPX 3.5.15/3.5.16 - 'users.php' SQL Injection
PHPX 3.5.15/3.5.16 - 'news.php' SQL Injection
PHPX 3.5.15/3.5.16 - 'gallery.php' SQL Injection
XRms 1.99.2 - activities/some.php title Parameter Cross-Site Scripting
XRms 1.99.2 - companies/some.php company_name Parameter Cross-Site Scripting
XRms 1.99.2 - contacts/some.php last_name Parameter Cross-Site Scripting
XRms 1.99.2 - campaigns/some.php campaign_title Parameter Cross-Site Scripting
XRms 1.99.2 - opportunities/some.php opportunity_title Parameter Cross-Site Scripting
XRms 1.99.2 - cases/some.php case_title Parameter Cross-Site Scripting
XRms 1.99.2 - files/some.php file_id Parameter Cross-Site Scripting
XRms 1.99.2 - reports/custom/mileage.php starting Parameter Cross-Site Scripting
XRms 1.99.2 - 'title' Parameter Cross-Site Scripting
XRms 1.99.2 - 'company_name' Parameter Cross-Site Scripting
XRms 1.99.2 - 'last_name' Parameter Cross-Site Scripting
XRms 1.99.2 - 'campaign_title' Parameter Cross-Site Scripting
XRms 1.99.2 - 'opportunity_title' Parameter Cross-Site Scripting
XRms 1.99.2 - 'case_title' Parameter Cross-Site Scripting
XRms 1.99.2 - 'file_id' Parameter Cross-Site Scripting
XRms 1.99.2 - 'starting' Parameter Cross-Site Scripting
Pligg 1.0.4 - 'install1.php' Cross-Site Scripting
Joomla! Component DT Register - 'cat' SQL Injection
Joomla! Component DT Register - 'cat' Parameter SQL Injection
2016-12-15 13:07:17 +00:00
Offensive Security
b080c70f8b
DB: 2016-12-14
...
7 new exploits
Microsoft Internet Explorer 9 IEFRAME - CSelectionInteractButtonBehavior::_UpdateButtonLocation Use-After-Free (MS13-047)
Xitami Web Server 5.0a0 - Denial of Service
OpenSSL 1.1.0a/1.1.0b - Denial of Service
Serva 3.0.0 HTTP Server - Denial of Service
iOS 10.1.x - Certificate File Memory Corruption
OpenBSD 4.0 - (vga) Privilege Escalation
OpenBSD 4.0 - 'vga' Privilege Escalation
10-Strike Network File Search Pro 2.3 - SEH Local Buffer Overflow
MyBloggie 2.1.4 - (trackback.php) Multiple SQL Injections
MyBloggie 2.1.4 - 'trackback.php' Multiple SQL Injections
AShop Deluxe 4.x - (catalogue.php cat) SQL Injection
AShop Deluxe 4.x - 'catalogue.php' SQL Injection
HIOX Banner Rotator 1.3 - (hm) Remote File Inclusion
HIOX Banner Rotator 1.3 - 'hm' Parameter Remote File Inclusion
CAT2 - (spaw_root) Local File Inclusion
CAT2 - 'spaw_root' Parameter Local File Inclusion
MyBloggie 2.1.3 - search.php SQL Injection
MyBloggie 2.1.2/2.1.3 - upload.php Multiple Parameter Cross-Site Scripting
MyBloggie 2.1.2/2.1.3 - delcomment.php Multiple Parameter Cross-Site Scripting
MyBloggie 2.1.2/2.1.3 - deluser.php 'id' Parameter Cross-Site Scripting
MyBloggie 2.1.2/2.1.3 - addcat.php errormsg Parameter Cross-Site Scripting
MyBloggie 2.1.2/2.1.3 - edituser.php errormsg Parameter Cross-Site Scripting
MyBloggie 2.1.2/2.1.3 - adduser.php errormsg Parameter Cross-Site Scripting
MyBloggie 2.1.2/2.1.3 - editcat.php errormsg Parameter Cross-Site Scripting
MyBloggie 2.1.2/2.1.3 - add.php trackback_url Parameter Cross-Site Scripting
MyBloggie 2.1.2/2.1.3 - delcat.php cat_id Parameter Cross-Site Scripting
MyBloggie 2.1.2/2.1.3 - del.php post_id Parameter Cross-Site Scripting
MyBloggie 2.1.2/2.1.3 - 'upload.php' Cross-Site Scripting
MyBloggie 2.1.2/2.1.3 - 'delcomment.php' Cross-Site Scripting
MyBloggie 2.1.2/2.1.3 - 'deluser.php' Cross-Site Scripting
MyBloggie 2.1.2/2.1.3 - 'addcat.php' Cross-Site Scripting
MyBloggie 2.1.2/2.1.3 - 'edituser.php' Cross-Site Scripting
MyBloggie 2.1.2/2.1.3 - 'adduser.php' Cross-Site Scripting
MyBloggie 2.1.2/2.1.3 - 'editcat.php' Cross-Site Scripting
MyBloggie 2.1.2/2.1.3 - 'trackback_url' Parameter Cross-Site Scripting
MyBloggie 2.1.2/2.1.3 - 'delcat.php' Cross-Site Scripting
MyBloggie 2.1.2/2.1.3 - 'del.php' Cross-Site Scripting
MyBloggie 2.1.x - Multiple Remote File Inclusion
MyBloggie 2.1.x - MyBloggie_Root_Path Parameter Multiple Remote File Inclusion
MyBloggie 2.1.x - 'MyBloggie_Root_Path' Parameter Remote File Inclusion
AShop Deluxe 4.5 - ashop/catalogue.php Multiple Parameter Cross-Site Scripting
AShop Deluxe 4.5 - ashop/basket.php cat Parameter Cross-Site Scripting
AShop Deluxe 4.5 - ashop/search.php SearchString Parameter Cross-Site Scripting
AShop Deluxe 4.5 - shipping.php Multiple Parameter Cross-Site Scripting
AShop Deluxe 4.5 - admin/editcatalogue.php cat Parameter Cross-Site Scripting
AShop Deluxe 4.5 - admin/salesadmin.php resultpage Parameter Cross-Site Scripting
AShop Deluxe 4.5 - 'catalogue.php' Cross-Site Scripting
AShop Deluxe 4.5 - 'basket.php' Cross-Site Scripting
AShop Deluxe 4.5 - 'search.php' Cross-Site Scripting
AShop Deluxe 4.5 - 'shipping.php' Cross-Site Scripting
AShop Deluxe 4.5 - 'editcatalogue.php' Cross-Site Scripting
AShop Deluxe 4.5 - 'salesadmin.php' Cross-Site Scripting
MyBloggie 2.1.5 - 'index.php' PATH_INFO Parameter Cross-Site Scripting
MyBloggie 2.1.5 - 'index.php' Cross-Site Scripting
MyBloggie 2.1.5 - 'login.php' PATH_INFO Parameter Cross-Site Scripting
MyBloggie 2.1.5 - 'login.php' Cross-Site Scripting
Smart Guard Network Manager 6.3.2 - SQL Injection
WordPress Plugin Multisite Post Duplicator 0.9.5.1 - Cross-Site Request Forgery
2016-12-14 05:01:23 +00:00
Offensive Security
0231ae9ba7
DB: 2016-12-09
...
5 new exploits
Dual DHCP DNS Server 7.29 - Denial of Service
TP-LINK TD-W8951ND - Denial of Service
OpenSSH 7.2 - Denial of Service
Linux Kernel 4.4.0 (Ubuntu 14.04/16.04 x86-64) - 'AF_PACKET' Race Condition Privilege Escalation
Advanced Webhost Billing System (AWBS) - cart2.php Remote File Inclusion
Advanced Webhost Billing System (AWBS) 2.4.0 - 'cart2.php' Remote File Inclusion
AWBS 2.7.1 - (news.php viewnews) SQL Injection
Anata CMS 1.0b5 - (change.php) Arbitrary Add Admin
Advanced Webhost Billing System (AWBS) 2.7.1 - 'news.php' SQL Injection
Anata CMS 1.0b5 - 'change.php' Arbitrary Add Admin
Simple Machines Forum 1.0.13 / 1.1.5 - 'Destroyer 0.1' Password Reset Security Bypass
Simple Machines Forum (SMF) 1.0.13 / 1.1.5 - 'Destroyer 0.1' Password Reset Security Bypass
Simple Machines Forum (SMF) - Multiple Security Vulnerabilities
Simple Machines Forum (SMF) 1.1.10/2.0 RC2 - Multiple Security Vulnerabilities
Advanced Webhost Billing System 2.2.2 - contact.php Multiple Cross-Site Scripting Vulnerabilities
Advanced Webhost Billing System 2.9.2 - 'oid' Parameter SQL Injection
Advanced Webhost Billing System (AWBS) 2.9.2 - 'oid' Parameter SQL Injection
Simple Machines Forum (SMF) 2.0.2 - 'index.php' scheduled Parameter Cross-Site Scripting
Simple Machines Forum (SMF) 2.0.2 - 'scheduled' Parameter Cross-Site Scripting
Cisco Unified Communications Manager 7/8/9 - Directory Traversal
2016-12-09 05:01:19 +00:00
Offensive Security
855e59f932
DB: 2016-12-07
...
9 new exploits
MDaemon 9.6.5 - Multiple Remote Buffer Overflow (PoC)
Asterisk - (SIP channel driver / in pedantic mode) Remote Crash
Alt-N MDaemon 9.6.5 - Multiple Remote Buffer Overflow (PoC)
Asterisk 1.2.x - (SIP channel driver / in pedantic mode) Remote Crash
F5 BIG-IP - Remote Root Authentication Bypass (1)
F5 BIG-IP - Authentication Bypass (1)
Ntpd ntp-4.2.6p5 - ctl_putdata() Buffer Overflow
NTPd ntp-4.2.6p5 - ctl_putdata() Buffer Overflow
NetCat 0.7.1 - Denial of Service
Microsoft Event Viewer 1.0 - XML External Entity Injection
Microsoft MSINFO32.EXE 6.1.7601 - '.NFO' XML External Entity Injection
Apache CouchDB 2.0.0 - Local Privilege Escalation
Samba 2.2.8 - Remote Root Exploit
Samba 2.2.8 - Remote Code Execution
Microsoft Windows - WebDAV Remote Root Exploit (2)
Microsoft Windows - WebDAV Remote Code Execution (2)
Microsoft IIS 5.0 - WebDAV Remote Root Exploit (3) (xwdav)
Microsoft IIS 5.0 - WebDAV Remote Code Execution (3) (xwdav)
miniSQL (mSQL) 1.3 - Remote GID Root Exploit
miniSQL (mSQL) 1.3 - GID Remote Code Execution
Real Server 7/8/9 (Windows / Linux) - Remote Root Exploit
GtkFtpd 1.0.4 - Remote Root Buffer Overflow
Real Server 7/8/9 (Windows / Linux) - Remote Code Execution
GtkFtpd 1.0.4 - Buffer Overflow
Solaris Sadmind - Default Configuration Remote Root Exploit
Knox Arkeia Pro 5.1.12 - Backup Remote Root Exploit
Solaris Sadmind - Default Configuration Remote Code Execution
Knox Arkeia Pro 5.1.12 - Backup Remote Code Execution
ProFTPd 1.2.9rc2 - ASCII File Remote Root Exploit
ProFTPd 1.2.9rc2 - ASCII File Remote Code Execution
ProFTPd 1.2.7 < 1.2.9rc2 - Remote Root / Brute Force Exploit
ProFTPd 1.2.7 < 1.2.9rc2 - Remote Code Execution / Brute Force
Cyrus IMSPD 1.7 - abook_dbname Remote Root Exploit
Cyrus IMSPD 1.7 - 'abook_dbname' Remote Code Execution
Ethereal 0.10.0 < 0.10.2 - IGAP Overflow Remote Root Exploit
Ethereal 0.10.0 < 0.10.2 - IGAP Overflow
Monit 4.1 - Remote Root Buffer Overflow
Monit 4.2 - Remote Root Buffer Overflow
Monit 4.1 - Buffer Overflow
Monit 4.2 - Buffer Overflow
INND/NNRP < 1.6.x - Remote Root Overflow
INND/NNRP < 1.6.x - Overflow Exploit
LPRng (RedHat 7.0) - lpd Remote Root Format String
LPRng (RedHat 7.0) - 'lpd' Format String
BeroFTPD 1.3.4(1) (Linux/x86) - Remote Root Exploit
BeroFTPD 1.3.4(1) (Linux/x86) - Remote Code Execution
BIND 8.2.x - (TSIG) Remote Root Stack Overflow (1)
BIND 8.2.x - (TSIG) Remote Root Stack Overflow (2)
BIND 8.2.x - (TSIG) Remote Root Stack Overflow (3)
BIND 8.2.x - (TSIG) Remote Root Stack Overflow (4)
BIND 8.2.x - (TSIG) Stack Overflow (1)
BIND 8.2.x - (TSIG) Stack Overflow (2)
BIND 8.2.x - (TSIG) Stack Overflow (3)
BIND 8.2.x - (TSIG) Stack Overflow (4)
HP Web JetAdmin 6.5 - (connectedNodes.ovpl) Remote Root Exploit
HP Web JetAdmin 6.5 - 'connectedNodes.ovpl' Remote Code Execution
CVS (Linux/FreeBSD) - Remote Entry Line Heap Overflow Root Exploit
CVS (Linux/FreeBSD) - Remote Entry Line Heap Overflow
Solaris /bin/login (SPARC/x86) - Remote Root Exploit
Solaris /bin/login (SPARC/x86) - Remote Code Execution
Drcat 0.5.0-beta - (drcatd) Remote Root Exploit
Drcat 0.5.0-beta - 'drcatd' Remote Code Execution
Dropbear SSH 0.34 - Remote Root Exploit
Dropbear SSH 0.34 - Remote Code Execution
Apple Mac OSX 10.3.3 - AppleFileServer Remote Root Overflow
Apple Mac OSX 10.3.3 - AppleFileServer Overflow Remote Code Execution
Monit 4.2 - Basic Authentication Remote Root Exploit
Monit 4.2 - Basic Authentication Remote Code Execution
WvTFTPd 0.9 - Remote Root Heap Overflow
WvTFTPd 0.9 - Heap Overflow
Qwik SMTP 0.3 - Remote Root Format String
Qwik SMTP 0.3 - Format String
Citadel/UX 6.27 - Remote Root Format String
Citadel/UX 6.27 - Format String
Knox Arkeia Server Backup 5.3.x - Remote Root Exploit
Knox Arkeia Server Backup 5.3.x - Remote Code Execution
Smail 3.2.0.120 - Remote Root Heap Overflow
mtftpd 0.0.3 - Remote Root Exploit
Smail 3.2.0.120 - Heap Overflow
mtftpd 0.0.3 - Remote Code Execution
dSMTP Mail Server 3.1b - Linux Remote Root Format String
dSMTP Mail Server 3.1b (Linux) - Format String Exploit
IPSwitch IMail Server 8.15 - IMAPD Remote Root Exploit
IPSwitch IMail Server 8.15 - IMAPD Remote Code Execution
linux-ftpd-ssl 0.17 - (MKD/CWD) Remote Root Exploit
linux-ftpd-ssl 0.17 - 'MKD'/'CWD' Remote Code Execution
MDaemon POP3 Server < 9.06 - (USER) Remote Heap Overflow
Alt-N MDaemon POP3 Server < 9.06 - (USER) Remote Heap Overflow
GNU InetUtils ftpd 1.4.2 - (ld.so.preload) Remote Root Exploit
GNU InetUtils ftpd 1.4.2 - 'ld.so.preload' Remote Code Execution
ProFTPd 1.2.9 rc2 - (ASCII File) Remote Root Exploit
ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution
dproxy-nexgen (Linux/x86) - Remote Root Buffer Overflow
dproxy-nexgen (Linux/x86) - Buffer Overflow
Kerberos 1.5.1 - Kadmind Remote Root Buffer Overflow
Kerberos 1.5.1 - Kadmind Buffer Overflow
webdesproxy 0.0.1 - GET Request Remote Root Exploit (exec-shield)
webdesproxy 0.0.1 - (exec-shield) GET Request Remote Code Execution
VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Root Exploit
VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Code Execution
MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow
Alt-N MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow
Sun Solaris 10 - rpc.ypupdated Remote Root Exploit
Sun Solaris 10 - 'rpc.ypupdated' Remote Code Execution
ZYXEL ZyWALL Quagga/Zebra - 'Default Password' Remote Root Exploit
ZYXEL ZyWALL Quagga/Zebra - 'Default Password' Remote Code Execution
Sun Solaris 10 - rpc.ypupdated Remote Root Exploit (Metasploit)
Sun Solaris 10 - rpc.ypupdated Remote Code Execution (Metasploit)
Trixbox 2.6.1 - (langChoice) Remote Root Exploit (Python)
Trixbox 2.6.1 - (langChoice) Remote Code Execution (Python)
Solaris 9 (UltraSPARC) - sadmind Remote Root Exploit
Solaris 9 (UltraSPARC) - sadmind Remote Code Execution
Apache SpamAssassin Milter Plugin 0.3.1 - Remote Root Command Execution
Apache SpamAssassin Milter Plugin 0.3.1 - Remote Command Execution
Microworld eScan AntiVirus < 3.x - Remote Root Command Execution
Microworld eScan AntiVirus < 3.x - Remote Code Execution
AIX5l with FTP-Server - Remote Root Hash Disclosure
AIX5l with FTP-Server - Hash Disclosure
McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion (Root Remote Code Execution)
McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion (Remote Code Execution)
ProFTPd 1.3.3c - Compromised Source Remote Root Trojan
ProFTPd 1.3.3c - Compromised Source (Trojan) Remote Code Execution
Comtrend ADSL Router CT-5367 C01_R12 - Remote Root Exploit
Comtrend ADSL Router CT-5367 C01_R12 - Remote Code Execution
MDaemon 9.6.4 - IMAPD FETCH Buffer Overflow (Metasploit)
Alt-N MDaemon 9.6.4 - IMAPD FETCH Buffer Overflow (Metasploit)
ACTi ASOC 2200 Web Configurator 2.6 - Remote Root Command Execution
ACTi ASOC 2200 Web Configurator 2.6 - Remote Command Execution
DreamBox DM800 1.5rc1 - Remote Root File Disclosure
DreamBox DM800 1.5rc1 - File Disclosure
TelnetD encrypt_keyid - Remote Root Function Pointer Overwrite
TelnetD encrypt_keyid - Function Pointer Overwrite
F5 BIG-IP - Remote Root Authentication Bypass (2)
MySQL - Remote Root Authentication Bypass
F5 BIG-IP - Authentication Bypass (2)
MySQL - Authentication Bypass
ManageEngine Security Manager Plus 5.5 build 5505 - Remote SYSTEM/Root SQL Injection
ManageEngine Security Manager Plus 5.5 build 5505 - Remote Root/SYSTEM SQL Injection
WIDZ 1.0/1.5 - Remote Root Compromise
WIDZ 1.0/1.5 - Remote Code Execution
Shuttle Tech ADSL Wireless 920 WM - Multiple Vulnerabilities
Dup Scout Enterprise 9.1.14 - Buffer Overflow (SEH)
DiskBoss Enterprise 7.4.28 - 'GET' Buffer Overflow
proManager 0.73 - (note.php) SQL Injection
ProManager 0.73 - 'note.php' SQL Injection
pNews 1.1.0 - (nbs) Remote File Inclusion
pNews 1.1.0 - 'nbs' Parameter Remote File Inclusion
Power Phlogger 2.0.9 - (config.inc.php3) File Inclusion
Power Phlogger 2.0.9 - 'config.inc.php3' File Inclusion
eFiction 3.1.1 - (path_to_smf) Remote File Inclusion
eFiction 3.1.1 - 'path_to_smf' Remote File Inclusion
FlexPHPNews 0.0.5 - (news.php newsid) SQL Injection
FlexPHPNews 0.0.5 - 'newsid' Parameter SQL Injection
Achievo 1.1.0 - (atk.inc config_atkroot) Remote File Inclusion
Achievo 1.1.0 - 'config_atkroot' Parameter Remote File Inclusion
SimpNews 2.40.01 - (print.php newnr) SQL Injection
SimpNews 2.40.01 - 'newnr' Parameter SQL Injection
PHPNews 0.93 - (format_menue) Remote File Inclusion
PHPNews 0.93 - 'format_menue' Parameter Remote File Inclusion
meBiblio 0.4.5 - (index.php action) Remote File Inclusion
meBiblio 0.4.5 - 'action' Parameter Remote File Inclusion
Joomla! Component rapidrecipe 1.6.5 - SQL Injection
Joomla! Component Rapid Recipe 1.6.5 - SQL Injection
mebiblio 0.4.7 - (SQL Injection / Arbitrary File Upload / Cross-Site Scripting) Multiple Vulnerabilities
mebiblio 0.4.7 - SQL Injection / Arbitrary File Upload / Cross-Site Scripting
pLog - 'albumID' SQL Injection
smeweb 1.4b - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
PLog 1.0.6 - 'albumID' Parameter SQL Injection
smeweb 1.4b - SQL Injection / Cross-Site Scripting
Joomla! Component joomradio 1.0 - 'id' SQL Injection
Joomla! Component JoomRadio 1.0 - 'id' Parameter SQL Injection
Battle Blog 1.25 - (comment.asp) SQL Injection
Battle Blog 1.25 - 'comment.asp' SQL Injection
1Book Guestbook Script - Code Execution
1Book Guestbook Script 1.0.1 - Code Execution
PHP-Address Book 3.1.5 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Joomla! Component EasyBook 1.1 - (gbid) SQL Injection
427bb 2.3.1 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
PHP-Address Book 3.1.5 - SQL Injection / Cross-Site Scripting
Joomla! Component EasyBook 1.1 - 'gbid' Parameter SQL Injection
427bb 2.3.1 - SQL Injection / Cross-Site Scripting
Power Phlogger 2.2.5 - (css_str) SQL Injection
pSys 0.7.0.a - (shownews) SQL Injection
Joomla! Component JoomlaDate - (user) SQL Injection
Power Phlogger 2.2.5 - 'css_str' Parameter SQL Injection
pSys 0.7.0.a - 'shownews' Parameter SQL Injection
Joomla! Component JoomlaDate 1.2 - 'user' Parameter SQL Injection
JiRo?s FAQ Manager (read.asp fID) 1.0 - SQL Injection
phpinv 0.8.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Joomla! Component yvcomment 1.16 - Blind SQL Injection
JiRo's FAQ Manager eXperience 1.0 - 'fID' Parameter SQL Injection
phpinv 0.8.0 - Local File Inclusion / Cross-Site Scripting
Joomla! Component yvComment 1.16 - Blind SQL Injection
BrowserCRM 5.002.00 - (clients.php) Remote File Inclusion
BrowserCRM 5.002.00 - 'clients.php' Remote File Inclusion
Joomla! Component rapidrecipe - SQL Injection
Joomla! Component Rapid Recipe 1.6.6/1.6.7 - SQL Injection
Joomla! Component iJoomla! News Portal - 'itemID' SQL Injection
Joomla! Component iJoomla News Portal 1.0 - 'itemID' Parameter SQL Injection
real estate Web site 1.0 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
telephone directory 2008 - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
ASPilot Pilot Cart 7.3 - (article) SQL Injection
real estate Web site 1.0 - SQL Injection / Cross-Site Scripting
Telephone Directory 2008 - SQL Injection / Cross-Site Scripting
ASPilot Pilot Cart 7.3 - 'article' Parameter SQL Injection
Flux CMS 1.5.0 - (loadsave.php) Arbitrary File Overwrite
pNews 2.08 - (shownews) SQL Injection
Flux CMS 1.5.0 - 'loadsave.php' Arbitrary File Overwrite
pNews 2.08 - 'shownews' Parameter SQL Injection
ErfurtWiki R1.02b - (css) Local File Inclusion
DCFM Blog 0.9.4 - (comments) SQL Injection
yblog 0.2.2.2 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Insanely Simple Blog 0.5 - (index) SQL Injection
ASPPortal Free Version - 'Topic_Id' SQL Injection
Experts 1.0.0 - (answer.php) SQL Injection
SyndeoCMS 2.6.0 - (Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
ErfurtWiki R1.02b - Local File Inclusion
DCFM Blog 0.9.4 - SQL Injection
Yblog 0.2.2.2 - Cross-Site Scripting / SQL Injection
Insanely Simple Blog 0.5 - SQL Injection
ASPPortal Free Version - 'Topic_Id' Parameter SQL Injection
Experts 1.0.0 - 'answer.php' SQL Injection
SyndeoCMS 2.6.0 - Local File Inclusion / Cross-Site Scripting
Yuhhu 2008 SuperStar - 'board' SQL Injection
Yuhhu 2008 SuperStar - 'board' Parameter SQL Injection
eFiction 3.0 - (toplists.php list) SQL Injection
eFiction 3.0 - 'toplists.php' SQL Injection
pSys 0.7.0 Alpha - (chatbox.php) SQL Injection
pSys 0.7.0 Alpha - 'chatbox.php' SQL Injection
pNews 2.03 - (newsid) SQL Injection
pNews 2.03 - 'newsid' Parameter SQL Injection
Joomla! Component JooBlog 0.1.1 - (PostID) SQL Injection
Joomla! Component JooBlog 0.1.1 - 'PostID' Parameter SQL Injection
FlexPHPNews 0.0.6 & PRO - (Authentication Bypass) SQL Injection
FlexPHPNews 0.0.6 & PRO - Authentication Bypass
E-ShopSystem - (Authentication Bypass / SQL Injection) Multiple Vulnerabilities
E-ShopSystem - Authentication Bypass / SQL Injection
Battle Blog 1.25 - (uploadform.asp) Arbitrary File Upload
Battle Blog 1.25 - 'uploadform.asp' Arbitrary File Upload
427BB Fourtwosevenbb 2.3.2 - SQL Injection
427BB 2.3.2 - SQL Injection
Joomla! Component 'com_joomradio' - SQL Injection
Joomla! Component JoomRadio 1.0 - SQL Injection
Joomla! Component 'com_elite_experts' - SQL Injection
Joomla! Component Elite Experts - SQL Injection
ASPilot Pilot Cart 7.3 - newsroom.asp SQL Injection
ASPilot Pilot Cart 7.3 - 'newsroom.asp' SQL Injection
Contrexx ShopSystem 2.2 SP3 (catId) - Blind SQL Injection
Contrexx ShopSystem 2.2 SP3 - 'catId' Parameter Blind SQL Injection
Comtrend Router CT-5624 - Remote Root/Support Password Disclosure/Change Exploit
Comtrend Router CT-5624 - Root/Support Password Disclosure/Change Exploit
alt-n mdaemon free 12.5.4 - Persistent Cross-Site Scripting
Alt-N MDaemon free 12.5.4 - Persistent Cross-Site Scripting
SimpNews 2.0.1/2.13 - PATH_SIMPNEWS Remote File Inclusion
SimpNews 2.0.1/2.13 - 'path_simpnews' Parameter Remote File Inclusion
PHPNews 1.2.3/1.2.4 - auth.php Remote File Inclusion
PHPNews 1.2.3/1.2.4 - 'auth.php' Remote File Inclusion
PHPSysInfo 2.0/2.3 - 'index.php' sensor_program Parameter Cross-Site Scripting
PHPSysInfo 2.0/2.3 - system_footer.php Multiple Parameter Cross-Site Scripting
PHPSysInfo 2.0/2.3 - 'sensor_program' Parameter Cross-Site Scripting
PHPSysInfo 2.0/2.3 - 'system_footer.php' Cross-Site Scripting
Seowonintech Routers fw: 2.3.9 - Remote Root File Disclosure
Seowonintech Routers fw: 2.3.9 - File Disclosure
PHPNews 1.2.x - auth.php SQL Injection
PHPNews 1.2.x - 'auth.php' SQL Injection
efiction 1.0/1.1/2.0 - titles.php let Parameter Cross-Site Scripting
efiction 1.0/1.1/2.0 - titles.php let Parameter SQL Injection
efiction 1.0/1.1/2.0 - viewstory.php sid Parameter SQL Injection
efiction 1.0/1.1/2.0 - viewuser.php uid Parameter SQL Injection
efiction 1.0/1.1/2.0 - 'titles.php' Cross-Site Scripting
efiction 1.0/1.1/2.0 - 'titles.php' SQL Injection
efiction 1.0/1.1/2.0 - 'sid' Parameter SQL Injection
efiction 1.0/1.1/2.0 - 'uid' Parameter SQL Injection
427BB 2.2 - showthread.php SQL Injection
427BB 2.2 - 'showthread.php' SQL Injection
BrowserCRM - results.php Cross-Site Scripting
Simpnews 2.x - Wap_short_news.php Remote File Inclusion
Simpnews 2.x - 'Wap_short_news.php' Remote File Inclusion
ZYXEL Prestige 660H-61 ADSL Router - RPSysAdmin.HTML Cross-Site Scripting
ZYXEL Prestige 660H-61 ADSL Router - Cross-Site Scripting
Yblog - funk.php id Parameter Cross-Site Scripting
Yblog - tem.php action Parameter Cross-Site Scripting
Yblog - uss.php action Parameter Cross-Site Scripting
Yblog - 'funk.php' Cross-Site Scripting
Yblog - 'tem.php' Cross-Site Scripting
Yblog - 'uss.php' Cross-Site Scripting
Simpnews 2.x - admin/index.php Unspecified Cross-Site Scripting
Simpnews 2.x - admin/pwlost.php Unspecified Cross-Site Scripting
Simpnews 2.x - 'index.php' Cross-Site Scripting
Simpnews 2.x - 'pwlost.php' Cross-Site Scripting
PHPNews 1.3 - Link_Temp.php Multiple Cross-Site Scripting Vulnerabilities
PHPNews 1.3 - 'Link_Temp.php' Cross-Site Scripting
Insanely Simple Blog 0.4/0.5 - 'index.php' current_subsection Parameter SQL Injection
Insanely Simple Blog 0.4/0.5 - Blog Anonymous Blog Entry Cross-Site Scripting
Insanely Simple Blog 0.4/0.5 - 'index.php' SQL Injection
Insanely Simple Blog 0.4/0.5 - Cross-Site Scripting
SimpNews 2.41.3 - admin/layout2b.php l_username Parameter Cross-Site Scripting
SimpNews 2.41.3 - comment.php backurl Parameter Cross-Site Scripting
SimpNews 2.41.3 - 'l_username' Parameter Cross-Site Scripting
SimpNews 2.41.3 - 'backurl' Parameter Cross-Site Scripting
BrowserCRM 5.100.1 - modules/Documents/version_list.php parent_id Parameter SQL Injection
BrowserCRM 5.100.1 - modules/Documents/index.php contact_id Parameter SQL Injection
BrowserCRM 5.100.1 - Multiple Script URI Cross-Site Scripting
BrowserCRM 5.100.1 - license/index.php framed Parameter Cross-Site Scripting
BrowserCRM 5.100.1 - licence/view.php framed Parameter Cross-Site Scripting
BrowserCRM 5.100.1 - pub/clients.php login[] Parameter Cross-Site Scripting
BrowserCRM 5.100.1 - 'index.php' login[] Parameter Cross-Site Scripting
BrowserCRM 5.100.1 - 'parent_id' Parameter SQL Injection
BrowserCRM 5.100.1 - 'contact_id' Parameter SQL Injection
BrowserCRM 5.100.1 - URI Cross-Site Scripting
BrowserCRM 5.100.1 - 'framed' Parameter Cross-Site Scripting
Wordpress Plugin Single Personal Message 1.0.3 - SQL Injection
BrowserCRM 5.100.1 - 'clients.php' Cross-Site Scripting
BrowserCRM 5.100.1 - 'login[]' Cross-Site Scripting
2016-12-07 05:01:17 +00:00
Offensive Security
aa4fced35c
DB: 2016-12-05
2016-12-05 05:01:20 +00:00
Offensive Security
91b12c469e
DB: 2016-11-29
...
16 new exploits
rdesktop 1.5.0 - iso_recv_msg() Integer Underflow (PoC)
rdesktop 1.5.0 - process_redirect_pdu() BSS Overflow (PoC)
rdesktop 1.5.0 - 'iso_recv_msg()' Integer Underflow (PoC)
rdesktop 1.5.0 - 'process_redirect_pdu()' BSS Overflow (PoC)
NTP 4.2.8p3 - Denial of Service
Microsoft Internet Explorer 8 MSHTML - 'SRunPointer::SpanQualifier/RunType' Out-Of-Bounds Read (MS15-009)
Microsoft Internet Explorer 11 MSHTML - 'CGeneratedContent::HasGeneratedSVGMarker' Type Confusion
Microsoft Internet Explorer 10 MSHTML - 'CEditAdorner::Detach' Use-After-Free (MS13-047)
Microsoft Internet Explorer 8 / 9 / 10 / 11 MSHTML - 'DOMImplementation' Type Confusion (MS16-009)
Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Privilege Escalation
Linux Kernel 2.6.x < 2.6.7-rc3 (Slackware 9.1 / Debian 3.0) - 'sys_chown()' Group Ownership Alteration Privilege Escalation
Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Privilege Escalation
Linux Kernel 2.4 / 2.6 (x86-64) - System Call Emulation Privilege Escalation
Linux Kernel < 2.6.36-rc4-git2 (x86_64) - 'ia32syscall' Emulation Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (RedHat x86_64) - 'compat' Privilege Escalation
Linux Kernel < 2.6.36-rc4-git2 (x86-64) - 'ia32syscall' Emulation Privilege Escalation
Linux Kernel 2.6.27 < 2.6.36 (RedHat x86-64) - 'compat' Privilege Escalation
Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86_64) - 'sock_diag_handlers[]' Privilege Escalation (1)
Linux Kernel < 3.3.x < 3.7.x (Arch Linux x86-64) - 'sock_diag_handlers[]' Privilege Escalation (1)
Linux Kernel < 3.8.9 (x86_64) - 'perf_swevent_init' Privilege Escalation (2)
Linux Kernel < 3.8.9 (x86-64) - 'perf_swevent_init' Privilege Escalation (2)
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' Race Condition Privilege Escalation (Write Access)
Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' Race Condition Privilege Escalation (SUID)
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation (Write Access)
Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' '/proc/self/mem' Race Condition Privilege Escalation
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation (Write Access)
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation
TFTP Server 1.4 - Buffer Overflow Remote Exploit (2)
TFTP Server 1.4 - Remote Buffer Overflow (2)
TFTP Server 1.4 (Windows) - ST WRQ Buffer Overflow (Metasploit)
TFTP Server 1.4 - ST WRQ Buffer Overflow (Metasploit)
Android - 'BadKernel' Remote Code Execution
VX Search Enterprise 9.1.12 - Buffer Overflow
Sync Breeze Enterprise 9.1.16 - Buffer Overflow
Disk Sorter Enterprise 9.1.12 - Buffer Overflow
Dup Scout Enterprise 9.1.14 - Buffer Overflow
Disk Savvy Enterprise 9.1.14 - Buffer Overflow
Disk Pulse Enterprise 9.1.16 - Buffer Overflow
Linux/x86 - Egg-hunter Shellcode (25 bytes)
Linux/x86 - Egg-hunter Shellcode (31 bytes)
RunCMS 1.2 - (class.forumposts.php) Arbitrary Remote File Inclusion
RunCMS 1.2 - 'class.forumposts.php' Arbitrary Remote File Inclusion
CMS Faethon 1.3.2 - (mainpath) Remote File Inclusion
CMS Faethon 1.3.2 - 'mainpath' Parameter Remote File Inclusion
CMS Faethon 2.0 - (mainpath) Remote File Inclusion
CMS Faethon 2.0 - 'mainpath' Parameter Remote File Inclusion
SazCart 1.5 - (cart.php) Remote File Inclusion
SazCart 1.5 - 'cart.php' Remote File Inclusion
Cyberfolio 2.0 RC1 - (av) Remote File Inclusion
Cyberfolio 2.0 RC1 - 'av' Parameter Remote File Inclusion
FipsCMS 4.5 - (index.asp) SQL Injection
FipsCMS 4.5 - 'index.asp' SQL Injection
AJ Classifieds 1.0 - (postingdetails.php) SQL Injection
AJ Classifieds 1.0 - 'postingdetails.php' SQL Injection
RunCMS 1.5.2 - (debug_show.php) SQL Injection
RunCMS 1.5.2 - 'debug_show.php' SQL Injection
OneCMS 2.4 - (userreviews.php abc) SQL Injection
OneCMS 2.4 - 'abc' Parameter SQL Injection
RunCMS 1.6 - disclaimer.php Remote File Overwrite
RunCMS 1.6 - 'disclaimer.php' Remote File Overwrite
PHPEasyData 1.5.4 - 'cat_id' SQL Injection
FipsCMS - 'print.asp lg' SQL Injection
Galleristic 1.0 - (index.php cat) SQL Injection
gameCMS Lite 1.0 - (index.php systemId) SQL Injection
PHPEasyData 1.5.4 - 'cat_id' Parameter SQL Injection
FipsCMS 2.1 - 'print.asp' SQL Injection
Galleristic 1.0 - 'cat' Parameter SQL Injection
GameCMS Lite 1.0 - 'systemId' Parameter SQL Injection
CMS Faethon 2.2 Ultimate - (Remote File Inclusion / Cross-Site Scripting) Multiple Remote Vulnerabilities
CMS Faethon 2.2 Ultimate - Remote File Inclusion / Cross-Site Scripting
MusicBox 2.3.7 - (artistId) SQL Injection
RunCMS 1.6.1 - (msg_image) SQL Injection
MusicBox 2.3.7 - 'artistId' Parameter SQL Injection
RunCMS 1.6.1 - 'msg_image' Parameter SQL Injection
vShare YouTube Clone 2.6 - (tid) SQL Injection
vShare YouTube Clone 2.6 - 'tid' Parameter SQL Injection
Cyberfolio 7.12 - (rep) Remote File Inclusion
miniBloggie 1.0 - (del.php) Arbitrary Delete Post
Cyberfolio 7.12 - 'rep' Parameter Remote File Inclusion
miniBloggie 1.0 - 'del.php' Arbitrary Delete Post
SazCart 1.5.1 - (prodid) SQL Injection
SazCart 1.5.1 - 'prodid' Parameter SQL Injection
Phoenix View CMS Pre Alpha2 - (SQL Injection / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Phoenix View CMS Pre Alpha2 - SQL Injection / Local File Inclusion / Cross-Site Scripting
Ktools Photostore 3.5.1 - (gallery.php gid) SQL Injection
Ktools Photostore 3.5.1 - 'gid' Parameter SQL Injection
Joomla! Component com_datsogallery 1.6 - Blind SQL Injection
Joomla! Component Datsogallery 1.6 - Blind SQL Injection
Vortex CMS - 'index.php pageid' Blind SQL Injection
AJ Article 1.0 - (featured_article.php) SQL Injection
AJ Auction 6.2.1 - (classifide_ad.php) SQL Injection
Vortex CMS - 'pageid' Parameter Blind SQL Injection
AJ Article 1.0 - 'featured_article.php' SQL Injection
AJ Auction 6.2.1 - 'classifide_ad.php' SQL Injection
clanlite 2.x - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
ClanLite 2.x - SQL Injection / Cross-Site Scripting
OneCMS 2.5 - (install_mod.php) Local File Inclusion
OneCMS 2.5 - 'install_mod.php' Local File Inclusion
AJ Auction Web 2.0 - (cate_id) SQL Injection
AJ Auction 1.0 - 'id' SQL Injection
AJ Auction Web 2.0 - 'cate_id' Parameter SQL Injection
AJ Auction 1.0 - 'id' Parameter SQL Injection
FipsCMS Light 2.1 - (r) SQL Injection
FipsCMS Light 2.1 - 'r' Parameter SQL Injection
AJ Auction Pro Platinum Skin - 'detail.php item_id' SQL Injection
AJ Auction Pro Platinum Skin - 'item_id' Parameter SQL Injection
AJ Auction Pro Platinum - (seller_id) SQL Injection
AJ Auction Pro Platinum - 'seller_id' Parameter SQL Injection
miniBloggie 1.0 - (del.php) Blind SQL Injection
miniBloggie 1.0 - 'del.php' Blind SQL Injection
AJ Article - 'featured_article.php mode' SQL Injection
AJ ARTICLE - (Authentication Bypass) SQL Injection
AJ Article 1.0 - Authentication Bypass
Cyberfolio 7.12.2 - (css.php theme) Local File Inclusion
Cyberfolio 7.12.2 - 'theme' Parameter Local File Inclusion
AJ ARTICLE - Remote Authentication Bypass
AJ Article 1.0 - Remote Authentication Bypass
MusicBox 2.3.8 - (viewalbums.php artistId) SQL Injection
MusicBox 2.3.8 - 'viewalbums.php' SQL Injection
AJ Auction Pro OOPD 2.3 - 'id' SQL Injection
AJ Auction Pro OOPD 2.3 - 'id' Parameter SQL Injection
BigACE CMS 2.5 - 'Username' SQL Injection
BigACE 2.5 - SQL Injection
ZeusCart 2.3 - 'maincatid' SQL Injection
ZeusCart 2.3 - 'maincatid' Parameter SQL Injection
BigACE CMS 2.6 - (cmd) Local File Inclusion
BigACE 2.6 - 'cmd' Parameter Local File Inclusion
RunCMS 1.6.3 - (double ext) Remote Shell Injection
RunCMS 1.6.3 - Remote Shell Injection
AJ Auction Pro OOPD 2.x - (store.php id) SQL Injection
AJ Auction Pro OOPD 2.x - 'id' Parameter SQL Injection
RunCMS 2m1 - store() SQL Injection
RunCMS 2ma - post.php SQL Injection
RunCMS 2m1 - 'store()' SQL Injection
RunCMS 2ma - 'post.php' SQL Injection
AJ Article - Persistent Cross-Site Scripting
AJ Article 3.0 - Cross-Site Scripting
admidio 2.3.5 - Multiple Vulnerabilities
Admidio 2.3.5 - Multiple Vulnerabilities
RunCMS 1.1/1.2 Newbb_plus and Messages Modules - Multiple SQL Injections
RunCMS 1.1/1.2 Module Newbb_plus/Messages - SQL Injection
MusicBox 2.3 - Type Parameter SQL Injection
MusicBox 2.3 - 'type' Parameter SQL Injection
RunCMS 1.x - Bigshow.php Cross-Site Scripting
RunCMS 1.x - 'Bigshow.php' Cross-Site Scripting
RunCMS 1.2/1.3 - PMLite.php SQL Injection
RunCMS 1.2/1.3 - 'PMLite.php' SQL Injection
RunCMS 1.x - Ratefile.php Cross-Site Scripting
RunCMS 1.x - 'Ratefile.php' Cross-Site Scripting
BigACE CMS 2.7.8 - Cross-Site Request Forgery (Add Admin)
BigACE 2.7.8 - Cross-Site Request Forgery (Add Admin)
MusicBox 2.3 - 'index.php' Multiple Parameter SQL Injection
MusicBox 2.3 - 'index.php' Multiple Parameter Cross-Site Scripting
MusicBox 2.3 - cart.php Multiple Parameter Cross-Site Scripting
MusicBox 2.3 - 'index.php' SQL Injection
MusicBox 2.3 - 'index.php' Cross-Site Scripting
MusicBox 2.3 - 'cart.php' Cross-Site Scripting
MusicBox 2.3.4 - Page Parameter SQL Injection
MusicBox 2.3.4 - 'page' Parameter SQL Injection
MyWebland miniBloggie 1.0 - Fname Remote File Inclusion
miniBloggie 1.0 - 'Fname' Remote File Inclusion
BigACE 1.8.2 - item_main.php GLOBALS Parameter Remote File Inclusion
BigACE 1.8.2 - upload_form.php GLOBALS Parameter Remote File Inclusion
BigACE 1.8.2 - download.cmd.php GLOBALS Parameter Remote File Inclusion
BigACE 1.8.2 - admin.cmd.php GLOBALS Parameter Remote File Inclusion
BigACE 1.8.2 - 'item_main.php' Remote File Inclusion
BigACE 1.8.2 - 'upload_form.php' Remote File Inclusion
BigACE 1.8.2 - 'download.cmd.php' Remote File Inclusion
BigACE 1.8.2 - 'admin.cmd.php' Remote File Inclusion
ClanLite - Config-PHP.php Remote File Inclusion
ClanLite - 'conf-php.php' Remote File Inclusion
FipsCMS 2.1 - PID Parameter SQL Injection
FipsCMS 2.1 - 'pid' Parameter SQL Injection
RunCMS 1.6.1 - votepolls.php bbPath[path] Parameter Remote File Inclusion
RunCMS 1.6.1 - config.php bbPath[root_theme] Parameter Remote File Inclusion
RunCMS 1.6.1 - 'bbPath[path]' Parameter Remote File Inclusion
RunCMS 1.6.1 - 'bbPath[root_theme]' Parameter Remote File Inclusion
FipsCMS 2.1 - 'forum/neu.asp' SQL Injection
FipsCMS 2.1 - 'neu.asp' SQL Injection
OneCMS 2.6.1 - admin/admin.php cat Parameter Cross-Site Scripting
OneCMS 2.6.1 - search.php search Parameter SQL Injection
OneCMS 2.6.1 - admin/admin.php Short1 Parameter Cross-Site Scripting
OneCMS 2.6.1 - 'cat' Parameter Cross-Site Scripting
OneCMS 2.6.1 - 'search' Parameter SQL Injection
OneCMS 2.6.1 - 'short1' Parameter Cross-Site Scripting
RunCMS 'partners' Module - 'id' Parameter SQL Injection
RunCMS Module Partners - 'id' Parameter SQL Injection
Zeuscart v.4 - Multiple Vulnerabilities
Zeuscart 4.0 - Multiple Vulnerabilities
BigACE Web CMS 2.7.5 - '/public/index.php' LANGUAGE Parameter Directory Traversal
BigACE 2.7.5 - 'LANGUAGE' Parameter Directory Traversal
Tenda/Dlink/Tplink TD-W8961ND - 'DHCP' Cross-Site Scripting
Red Hat JBoss EAP - Deserialization of Untrusted Data
2016-11-29 05:01:20 +00:00
Offensive Security
38038a7128
DB: 2016-11-24
...
6 new exploits
Linux Kernel 2.6.32-642 / 3.16.0-4 - 'inode' Integer Overflow
UCanCode - Multiple Vulnerabilities
Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (1)
Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (2)
Linux Kernel 2.6.9 < 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (1)
Linux Kernel 2.6.9 < 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service (2)
Microsoft Windows Server 2008/2012 - LDAP RootDSE Netlogon Denial of Service (PoC)
Microsoft Windows Server 2008/2012 - LDAP RootDSE Netlogon Denial of Service
Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Validator (PoC) (1)
Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Validator (PoC) (2)
Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Bound Checking Validator (PoC) (1)
Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Bound Checking Validator (PoC) (2)
Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Bound Checking Privilege Escalation (3)
Linux Kernel 2.4.23 / 2.6.0 - 'do_mremap()' Bound Checking Privilege Escalation
Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Validator (PoC) (1)
Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Privilege Escalation (2)
Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Validator (PoC)
Linux Kernel 2.2.25 / 2.4.24 / 2.6.2 - 'mremap()' Privilege Escalation
Linux Kernel 2.6.9 / 2.6.11 (RHEL4) - 'k-rad3.c' (CPL 0) Privilege Escalation
Linux Kernel 2.6.9 < 2.6.11 (RHEL 4) - 'SYS_EPoll_Wait' Local Integer Overflow Privilege Escalation
Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Privilege Escalation
Linux Kernel 2.6.30 < 2.6.30.1 / SELinux (RHEL 5) - Privilege Escalation
Linux Kernel 2.6.9 / 2.6.11 (RHEL4) - SYS_EPoll_Wait Local Integer Overflow Privilege Escalation (2)
Linux Kernel 2.6.18 - 'move_pages()' Information Leak
Linux Kernel 2.6.32-rc1 (x86-64) - Register Leak
Linux Kenrel 2.6.10 < 2.6.31.5 - 'pipe.c' Privilege Escalation
Windows x64 - Download & Execute Shellcode (358 bytes)
2016-11-24 05:01:19 +00:00
Offensive Security
dab1517032
DB: 2016-11-22
...
13 new exploits
Borland Interbase 2007 - ibserver.exe Buffer Overflow (PoC)
Borland Interbase 2007 - 'ibserver.exe' Buffer Overflow (PoC)
Linux Kernel (Ubuntu / RedHat) - 'keyctl' Null Pointer Dereference
Linux Kernel 4.8.0-22 / 3.10.0-327 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference
Microsoft Edge Scripting Engine - Memory Corruption (MS16-129)
Microsoft Edge - 'CTextExtractor::GetBlockText' Out-of-Bounds Read (MS16-104)
Microsoft Internet Explorer 8 jscript - 'RegExpBase::FBadHeader' Use-After-Free (MS15-018)
NTP 4.2.8p8 - Denial of Service
Tumbleweed SecureTransport FileTransfer - ActiveX Buffer Overflow
Tumbleweed SecureTransport 4.6.1 FileTransfer - ActiveX Buffer Overflow
Borland Interbase 2007 - PWD_db_aliased Buffer Overflow (Metasploit)
Borland Interbase 2007 - 'PWD_db_aliased' Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 SP2 - open_marker_file Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 sp2 - jrd8_create_database Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 SP2 - INET_connect Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 SP2 - 'open_marker_file' Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 sp2 - 'jrd8_create_database' Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 SP2 - 'INET_connect' Buffer Overflow (Metasploit)
Borland Interbase - isc_create_database() Buffer Overflow (Metasploit)
Borland Interbase - 'isc_create_database()' Buffer Overflow (Metasploit)
Borland Interbase - isc_attach_database() Buffer Overflow (Metasploit)
Borland Interbase - 'isc_attach_database()' Buffer Overflow (Metasploit)
Borland Interbase - SVC_attach() Buffer Overflow (Metasploit)
Borland Interbase - 'SVC_attach()' Buffer Overflow (Metasploit)
Borland Interbase - Create-Request Buffer Overflow (Metasploit)
Borland Interbase - 'Create-Request' Buffer Overflow (Metasploit)
Borland Interbase - PWD_db_aliased() Buffer Overflow (Metasploit)
Borland Interbase - open_marker_file() Buffer Overflow (Metasploit)
Borland Interbase - 'PWD_db_aliased()' Buffer Overflow (Metasploit)
Borland Interbase - 'open_marker_file()' Buffer Overflow (Metasploit)
Borland Interbase - jrd8_create_database() Buffer Overflow (Metasploit)
Borland Interbase - INET_connect() Buffer Overflow (Metasploit)
Borland Interbase - 'jrd8_create_database()' Buffer Overflow (Metasploit)
Borland Interbase - 'INET_connect()' Buffer Overflow (Metasploit)
Dlink DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit)
phpunity.postcard - (gallery_path) Remote File Inclusion
phpunity.postcard - 'gallery_path' Parameter Remote File Inclusion
CcMail 1.0.1 - (update.php functions_dir) Remote File Inclusion
CcMail 1.0.1 - 'functions_dir' Parameter Remote File Inclusion
1024 CMS 0.7 - (download.php item) Remote File Disclosure
1024 CMS 0.7 - 'download.php' Remote File Disclosure
cpCommerce 1.1.0 - (category.php id_category) SQL Injection
CPCommerce 1.1.0 - 'id_category' Parameter SQL Injection
1024 CMS 1.3.1 - (Local File Inclusion / SQL Injection) Multiple Vulnerabilities
1024 CMS 1.3.1 - Local File Inclusion / SQL Injection
Mole 2.1.0 - (viewsource.php) Remote File Disclosure
ChartDirector 4.1 - (viewsource.php) File Disclosure
724CMS 4.01 Enterprise - (index.php ID) SQL Injection
My Gaming Ladder 7.5 - (ladderid) SQL Injection
Mole 2.1.0 - 'viewsource.php' Remote File Disclosure
ChartDirector 4.1 - 'viewsource.php' File Disclosure
724CMS 4.01 Enterprise - 'index.php' SQL Injection
My Gaming Ladder 7.5 - 'ladderid' Parameter SQL Injection
exbb 0.22 - (Local File Inclusion / Remote File Inclusion) Multiple Vulnerabilities
Pligg CMS 9.9.0 - (editlink.php id) SQL Injection
ExBB 0.22 - Local / Remote File Inclusion
Pligg CMS 9.9.0 - 'editlink.php' SQL Injection
Prediction Football 1.x - (matchid) SQL Injection
Prediction Football 1.x - 'matchid' Parameter SQL Injection
Free Photo Gallery Site Script - (path) File Disclosure
Free Photo Gallery Site Script - 'path' Parameter File Disclosure
LiveCart 1.1.1 - (category id) Blind SQL Injection
Ksemail - 'index.php language' Local File Inclusion
LiveCart 1.1.1 - 'id' Parameter Blind SQL Injection
Ksemail - Local File Inclusion
RX Maxsoft - 'popup_img.php fotoID' SQL Injection
PHPKB Knowledge Base Software 1.5 - 'ID' SQL Injection
RX Maxsoft - 'fotoID' Parameter SQL Injection
PHPKB Knowledge Base Software 1.5 - 'ID' Parameter SQL Injection
Pollbooth 2.0 - (pollID) SQL Injection
cpcommerce 1.1.0 - (Cross-Site Scripting / Local File Inclusion) Multiple Vulnerabilities
Pollbooth 2.0 - 'pollID' Parameter SQL Injection
CPCommerce 1.1.0 - Cross-Site Scripting / Local File Inclusion
SmallBiz eShop - (content_id) SQL Injection
SmallBiz eShop - 'content_id' Parameter SQL Injection
lightneasy sqlite / no database 1.2.2 - Multiple Vulnerabilities
LightNEasy sqlite / no database 1.2.2 - Multiple Vulnerabilities
PostcardMentor - 'step1.asp cat_fldAuto' SQL Injection
PostcardMentor - 'cat_fldAuto' Parameter SQL Injection
Pligg CMS 9.9.0 - (story.php id) SQL Injection
Pligg CMS 9.9.0 - 'story.php' SQL Injection
LokiCMS 0.3.4 - writeconfig() Remote Command Execution
LokiCMS 0.3.4 - 'writeconfig()' Remote Command Execution
cpCommerce 1.2.6 - (URL Rewrite) Input Variable Overwrite / Authentication Bypass
CPCommerce 1.2.6 - (URL Rewrite) Input Variable Overwrite / Authentication Bypass
cpCommerce 1.2.8 - (id_document) Blind SQL Injection
CPCommerce 1.2.8 - 'id_document' Parameter Blind SQL Injection
cpCommerce 1.2.x - GLOBALS[prefix] Arbitrary File Inclusion
CPCommerce 1.2.x - 'GLOBALS[prefix]' Arbitrary File Inclusion
ChartDirector 5.0.1 - (cacheId) Arbitrary File Disclosure
ChartDirector 5.0.1 - 'cacheId' Parameter Arbitrary File Disclosure
Pligg CMS 1.0.4 - (story.php?id) SQL Injection
Pligg CMS 1.0.4 - 'story.php' SQL Injection
724CMS 4.59 Enterprise - SQL Injection
724CMS Enterprise 4.59 - SQL Injection
lightneasy 3.2.2 - Multiple Vulnerabilities
LightNEasy 3.2.2 - Multiple Vulnerabilities
My Postcards 6.0 - MagicCard.cgi Arbitrary File Disclosure
My Postcards 6.0 - 'MagicCard.cgi' Arbitrary File Disclosure
Mambo Open Source 4.0.14 - PollBooth.php Multiple SQL Injection
Mambo Open Source 4.0.14 - 'PollBooth.php' Multiple SQL Injection
PhotoKorn 1.53/1.54 - postcard.php id Parameter SQL Injection
PhotoKorn 1.53/1.54 - 'id' Parameter SQL Injection
CPCommerce 1.1 - Manufacturer.php SQL Injection
CPCommerce 1.1 - 'manufacturer.php' SQL Injection
LiveCart 1.0.1 - user/remindPassword return Parameter Cross-Site Scripting
LiveCart 1.0.1 - category q Parameter Cross-Site Scripting
LiveCart 1.0.1 - order return Parameter Cross-Site Scripting
LiveCart 1.0.1 - user/remindComplete email Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'q' Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting
LiveCart 1.0.1 - 'email' Parameter Cross-Site Scripting
Pligg CMS 1.x - module.php Multiple Parameter Cross-Site Scripting
Pligg CMS 1.x - 'module.php' Multiple Parameter Cross-Site Scripting
Pligg CMS 2.0.2 - (load_data_for_search.php) SQL Injection
Pligg CMS 2.0.2 - 'load_data_for_search.php' SQL Injection
CMS Made Simple 2.1.5 - Cross-Site Scripting
Atlassian Confluence AppFusions Doxygen 1.3.0 - Directory Traversal
WordPress Plugin Instagram Feed 1.4.6.2 - Cross-Site Request Forgery
Mezzanine 4.2.0 - Cross-Site Scripting
LEPTON 2.2.2 - SQL Injection
LEPTON 2.2.2 - Remote Code Execution
FUDforum 3.0.6 - Cross-Site Scripting / Cross-Site Request Forgery
FUDforum 3.0.6 - Local File Inclusion
Wordpress Plugin Olimometer 2.56 - SQL Injection
2016-11-22 05:01:18 +00:00
Offensive Security
8948e76c12
DB: 2016-11-19
...
14 new exploits
Microsoft Exchange 2000 - XEXCH50 Heap Overflow PoC (MS03-046)
Microsoft Exchange Server 2000 - XEXCH50 Heap Overflow PoC (MS03-046)
Microsoft Windows - 'Jolt2.c' Denial of Service
Microsoft Windows - 'Jolt2.c' Denial of Service (MS00-029)
Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service
Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service (MS05-019)
Ventrilo 2.3.0 - Remote Denial of Service (All Platforms)
Ventrilo 2.3.0 (All Platforms) - Remote Denial of Service
Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007) (1)
Microsoft Windows Server 2003/XP - (IGMP v3) Denial of Service (MS06-007) (1)
Microsoft Windows 2003/XP - (IGMP v3) Denial of Service (MS06-007) (2)
Microsoft Windows Server 2003/XP - (IGMP v3) Denial of Service (MS06-007) (2)
Microsoft Windows Vista - Access Violation from Limited Account Exploit (BSoD)
Microsoft Windows Vista - Access Violation from Limited Account Exploit (Blue Screen of Death)
Microsoft Windows 2003 - '.EOT' BSOD Crash
Microsoft Windows 2003 - '.EOT' Blue Screen of Death Crash
Microsoft Windows Vista/7 - SMB2.0 Negotiate Protocol Request Remote BSOD
Microsoft Windows Vista/7 - SMB2.0 Negotiate Protocol Request Remote Blue Screen of Death (MS07-063)
Microsoft Windows 2000-2008 - Embedded OpenType Font Engine Remote Code Execution (Metasploit)
Microsoft Windows 2000<2008 - Embedded OpenType Font Engine Remote Code Execution (MS09-065) (Metasploit)
Google Chrome 4.1 - OOB Array Indexing
Google Chrome 4.1 - Out-of-Bounds Array Indexing
Microsoft Windows 7/2008R2 - SMB Client Trans2 Stack Overflow 10-020 (PoC)
Microsoft Windows 7/2008R2 - SMB Client Trans2 Stack Overflow (MS10-020) (PoC)
CommView 6.1 (Build 636) - Local Denial of Service (BSOD)
CommView 6.1 (Build 636) - Local Denial of Service (Blue Screen of Death)
Msxml2.XMLHTTP.3.0 - Response Handling Memory Corruption (MS10-051)
Microsoft Msxml2.XMLHTTP.3.0 - Response Handling Memory Corruption (MS10-051)
Microsoft Cinepak Codec CVDecompress - Heap Overflow
Microsoft Cinepak Codec CVDecompress - Heap Overflow (MS10-055)
Microsoft Unicode Scripts Processor - Remote Code Execution
Microsoft Unicode Scripts Processor - Remote Code Execution (MS10-063)
Microsoft Office - HtmlDlgHelper Class Memory Corruption
Microsoft Office - HtmlDlgHelper Class Memory Corruption (MS10-071)
Microsoft Plug and Play Service - Overflow Exploit (Metasploit)
Microsoft Plug and Play Service - Overflow Exploit (MS05-039) (Metasploit)
Microsoft Excel - Axis Properties Record Parsing Buffer Overflow (PoC)
Microsoft Excel - Axis Properties Record Parsing Buffer Overflow (PoC) (MS11-02)
Microsoft HyperV - Persistent Denial of Service
Microsoft HyperV - Persistent Denial of Service (MS11-047)
Crush FTP 5 - 'APPE' command Remote JVM BSOD (PoC)
Crush FTP 5 - 'APPE' command Remote JVM Blue Screen of Death (PoC)
Microsoft WINS Service 5.2.3790.4520 - Memory Corruption
Microsoft WINS - ECommEndDlg Input Validation Error
Microsoft WINS Service 5.2.3790.4520 - Memory Corruption (MS11-035)
Microsoft WINS - ECommEndDlg Input Validation Error (MS11-035/MS11-070)
Win32k - Null Pointer De-reference PoC (MS11-077)
Microsoft Win32k - Null Pointer De-reference PoC (MS11-077)
Winows 7 keylayout - Blue Screen
Microsoft Winows 7 - Keyoard Layout Blue Screen of Death (MS10-073)
Apple Safari - GdiDrawStream BSoD
Apple Safari - GdiDrawStream Blue Screen of Death
PeerBlock 1.1 - BSOD Exploit
PeerBlock 1.1 - Blue Screen of Death Exploit
.NET Framework EncoderParameter - Integer Overflow
Microsoft .NET Framework EncoderParameter - Integer Overflow (MS12-025)
Microsoft Windows XP - Keyboard Layouts Pool Corruption LPE PoC (Post MS12-034)
Microsoft Windows XP - Keyboard Layouts Pool Corruption LPE PoC (MS12-034)
Microsoft Internet Explorer 9 / SharePoint / Lync - toStaticHTML HTML Sanitizing Bypass
Microsoft Internet Explorer 9 / SharePoint / Lync - toStaticHTML HTML Sanitizing Bypass (MS12-037/MS12-039/MS12-050)
Microsoft Windows Media Services 4.0/4.1 - Denial of Service
Microsoft Windows Media Services 4.0/4.1 - Denial of Service (MS00-038)
Microsoft Windows NT 4.0 - Remote Registry Request Denial of Service (2)
Microsoft Windows NT 4.0 - Remote Registry Request Denial of Service (MS00-040) (2)
Microsoft Windows NT 4.0 - Invalid LPC Request Denial of Service
Microsoft Windows NT 4.0 - Invalid LPC Request Denial of Service (MS00-070)
Microsoft IIS 4.0/5.0 - FTP Denial of Service
Microsoft IIS 4.0/5.0 - FTP Denial of Service (MS01-026)
Microsoft SQL Server 7.0/2000 / MSDE - Named Pipe Denial of Service
Microsoft SQL Server 7.0/2000 / MSDE - Named Pipe Denial of Service (MS03-031)
Microsoft Windows XP/2000 - showHelp CHM File Execution
Microsoft Windows XP/2000 - showHelp '.CHM' File Execution (MS03-004)
Microsoft Windows 2000/2003/XP - MSDTC TIP Denial of Service
Microsoft Windows 2000/2003/XP - MSDTC TIP Denial of Service (MS05-051)
Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption Vulnerabilities
Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption Vulnerabilities (MS06-012)
DirectShow - Arbitrary Memory Overwrite (MS13-056)
Microsoft DirectShow - Arbitrary Memory Overwrite (MS13-056)
Microsoft Windows XP/Vista/2000/2003/2008 Kernel - Usermode Callback Privilege Escalation (1)
Microsoft Windows XP/Vista/2000/2003/2008 Kernel - Usermode Callback Privilege Escalation (MS08-025) (1)
Microsoft Windows - TCP/IP Stack Reference Counter Integer Overflow
Microsoft Windows - TCP/IP Stack Reference Counter Integer Overflow (MS11-083)
Microsoft Windows - 'ATMFD.dll' CharString Stream Out-of-Bounds Reads
Microsoft Windows - 'ATMFD.dll' CharString Stream Out-of-Bounds Reads (MS15-021)
Google Chrome - open-vcdiff OOB Read in Browser Process Integer Overflow
Google Chrome - open-vcdiff Out-of-Bounds Read in Browser Process Integer Overflow
Avast! - OOB Write Decrypting PEncrypt Packed executables
Avast! - Out-of-Bounds Write Decrypting PEncrypt Packed executables
Microsoft Office - COM Object DLL Planting with 'WMALFXGFXDSP.dll' (MS16-007)
Microsoft Office / COM Object - 'WMALFXGFXDSP.dll' DLL Planting (MS16-007)
Apple Mac OSX Kernel - OOB Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type
Apple Mac OSX Kernel - Out-of-Bounds Read of Object Pointer Due to Insufficient Checks in Raw Cast to enum Type
Microsoft Edge - 'Array.splice' Heap Overflow
Moxa SoftCMS 1.5 - Denial of Service (PoC)
Microsoft Edge - 'FillFromPrototypes' Type Confusion
Microsoft Edge - 'Array.filter' Info Leak
Microsoft Edge - 'Array.reverse' Overflow
Palo Alto Networks PanOS appweb3 - Stack Buffer Overflow
Microsoft Windows 2000 - Utility Manager Privilege Elevation Exploit (MS04-019)
Microsoft Windows 2000 - POSIX Subsystem Privilege Escalation (MS04-020)
Microsoft Windows 2000 - Universal Language Utility Manager Exploit (MS04-019)
Microsoft Windows 2000/XP - Task Scheduler .job Exploit (MS04-022)
Microsoft Windows 2000 - Utility Manager All-in-One Exploit (MS04-019)
Microsoft Windows Server 2000 - Utility Manager Privilege Elevation Exploit (MS04-019)
Microsoft Windows Server 2000 - POSIX Subsystem Privilege Escalation (MS04-020)
Microsoft Windows Server 2000 - Universal Language Utility Manager Exploit (MS04-019)
Microsoft Windows Server 2000/XP - Task Scheduler .job Exploit (MS04-022)
Microsoft Windows Server 2000 - Utility Manager All-in-One Exploit (MS04-019)
Microsoft Windows 2000 Kernel - APC Data-Free Local Escalation Exploit (MS05-055)
Microsoft Windows Server 2000 Kernel - APC Data-Free Local Escalation Exploit (MS05-055)
Microsoft Windows 2000/XP - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030)
Microsoft Windows Server 2000/XP - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030)
Microsoft Windows 2003/XP - 'afd.sys' Privilege Escalation (K-plugin)
Microsoft Windows 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066)
Microsoft Excel - 0x5D record Stack Overflow
Microsoft Excel - 0x5D record Stack Overflow (MS10-038)
Win32k - Keyboard Layout (MS10-073)
Microsoft Win32k - Keyboard Layout (MS10-073)
Adobe - Doc.media.newPlayer Use-After-Free (1)
Adobe - 'util.printf()' Buffer Overflow (1)
Adobe - Doc.media.newPlayer Use-After-Free (Metasploit) (1)
Adobe - 'util.printf()' Buffer Overflow (Metasploit) (1)
Adobe - FlateDecode Stream Predictor 02 Integer Overflow (1)
Adobe - FlateDecode Stream Predictor 02 Integer Overflow (Metasploit) (1)
Adobe - JBIG2Decode Memory Corruption (1)
Adobe - Collab.getIcon() Buffer Overflow (1)
Adobe Flash Player - 'newfunction' Invalid Pointer Use (1)
Microsoft DirectShow - 'msvidctl.dll' MPEG-2 Memory Corruption (Metasploit)
Adobe - JBIG2Decode Memory Corruption (Metasploit) (1)
Adobe - Collab.getIcon() Buffer Overflow (Metasploit) (1)
Adobe Flash Player - 'newfunction' Invalid Pointer Use (Metasploit) (1)
Microsoft DirectShow - 'msvidctl.dll' MPEG-2 Memory Corruption (MS09-032/MS09-037) (Metasploit)
Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (2)
Media Jukebox 8.0.400 - Buffer Overflow (SEH)
Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (Metasploit) (2)
Media Jukebox 8.0.400 - Buffer Overflow (SEH) (Metasploit)
Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (2)
Adobe - Doc.media.newPlayer Use-After-Free (2)
Adobe - 'util.printf()' Buffer Overflow (2)
Microsoft Excel - Malformed FEATHEADER Record (Metasploit)
Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (Metasploit) (2)
Adobe - Doc.media.newPlayer Use-After-Free (Metasploit) (2)
Adobe - 'util.printf()' Buffer Overflow (Metasploit) (2)
Microsoft Excel - Malformed FEATHEADER Record (MS09-067) (Metasploit)
HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (3)
HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (3)
WM Downloader 3.1.2.2 - Buffer Overflow (2)
WM Downloader 3.1.2.2 - Buffer Overflow (Metasploit) (2)
HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (2)
Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (2)
HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (2)
Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) (2)
Adobe - FlateDecode Stream Predictor 02 Integer Overflow (2)
Adobe - FlateDecode Stream Predictor 02 Integer Overflow (Metasploit) (2)
Microsoft Windows - CreateSizedDIBSECTION Stack Buffer Overflow (Metasploit)
Microsoft Windows - CreateSizedDIBSECTION Stack Buffer Overflow (MS11-006) (Metasploit)
gAlan 0.2.1 - Buffer Overflow (2)
Microsoft PowerPoint Viewer - TextBytesAtom Stack Buffer Overflow (Metasploit)
gAlan 0.2.1 - Buffer Overflow (Metasploit) (2)
Microsoft PowerPoint Viewer - TextBytesAtom Stack Buffer Overflow (MS10-004) (Metasploit)
BACnet OPC Client - Buffer Overflow (2)
BACnet OPC Client - Buffer Overflow (Metasploit) (2)
Adobe - JBIG2Decode Memory Corruption (2)
Adobe - JBIG2Decode Memory Corruption (Metasploit) (2)
Mini-stream 3.0.1.1 - Buffer Overflow (2)
Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit) (2)
Adobe - Collab.getIcon() Buffer Overflow (2)
Adobe PDF - Escape EXE Social Engineering (No JavaScript)
HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (4)
Adobe - Collab.getIcon() Buffer Overflow (Metasploit) (2)
Adobe PDF - Escape EXE Social Engineering (No JavaScript)(Metasploit)
HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (4)
Microsoft Word - RTF pFragments Stack Buffer Overflow (File Format)
Adobe Flash Player - 'newfunction' Invalid Pointer Use (2)
Microsoft Word - '.RTF' pFragments Stack Buffer Overflow (File Format) (MS10-087) (Metasploit)
Adobe Flash Player - 'newfunction' Invalid Pointer Use (Metasploit) (2)
Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (1)
Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (Metasploit) (1)
Microsoft Visio - 'VISIODWG.dll' .DXF File Handling (Metasploit)
Microsoft Visio - 'VISIODWG.dll' .DXF File Handling (MS10-028) (Metasploit)
Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDav Privilege Escalation (MS16-016)
Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDav Privilege Escalation (MS16-016) (Metasploit)
Microsoft Excel 2007 SP2 - Buffer Overwrite
Microsoft Excel 2007 SP2 - Buffer Overwrite (MS11-021)
Mini-stream Ripper 3.0.1.1 - Buffer Overflow (3)
Mini-stream Ripper 3.0.1.1 - Buffer Overflow (Metasploit) (3)
Microsoft Excel 2007 - '.xlb' Buffer Overflow (MS11-021)
Microsoft Excel 2007 - '.xlb' Buffer Overflow (MS11-021) (Metasploit)
Microsoft Excel - Malformed OBJ Record Handling Overflow (MS11-038)
Microsoft Excel - Malformed OBJ Record Handling Overflow (MS11-038) (Metasploit)
Microsoft Office 2003 Home/Pro - Code Execution
Microsoft Office 2003 Home/Pro - Code Execution (MS10-087)
Microsoft Office - ClickOnce Unsafe Object Package Handling (MS12-005)
Microsoft Office - ClickOnce Unsafe Object Package Handling (MS12-005) (Metasploit)
Microsoft Windows - Task Scheduler XML Privilege Escalation (Metasploit)
Microsoft Windows - Task Scheduler .XML Privilege Escalation (MS10-092) (Metasploit)
Microsoft Windows NT 4.0 / 2000 - Spoofed LPC Request
Microsoft Windows NT 4.0 / 2000 - Spoofed LPC Request (MS00-003)
Microsoft Windows Kernel - Intel x64 SYSRET (PoC)
Microsoft Windows Kernel - Intel x64 SYSRET (MS12-042) (PoC)
Microsoft Windows - 'AfdJoinLeaf' Privilege Escalation (MS11-080)
Microsoft Windows - 'AfdJoinLeaf' Privilege Escalation (MS11-080) (Metasploit)
Kerberos in Microsoft Windows - Security Feature Bypass (MS16-101)
Microsoft Windows Kerberos - Security Feature Bypass (MS16-101)
Microsoft Windows 2000/NT 4 - Local Descriptor Table Privilege Escalation
Microsoft Windows 2000/NT 4 - Local Descriptor Table Privilege Escalation (MS04-011)
Microsoft Windows 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation
Microsoft Windows 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020)
Microsoft Windows - HWND_BROADCAST Low to Medium Integrity Privilege Escalation (MS13-005)
Microsoft Windows - HWND_BROADCAST Low to Medium Integrity Privilege Escalation (MS13-005) (Metasploit)
VMware - Setuid VMware-mount Unsafe popen(3)
VMware - Setuid VMware-mount Unsafe popen(3) (Metasploit)
Microsoft Windows - TrackPopupMenuEx Win32k NULL Page (Metasploit)
Microsoft Windows - TrackPopupMenuEx Win32k NULL Page (MS13-081) (Metasploit)
Microsoft Word - RTF Object Confusion (MS14-017)
Microsoft Word - RTF Object Confusion (MS14-017) (Metasploit)
Microsoft Windows - NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)
Microsoft Windows - NTUserMessageCall Win32k Kernel Pool Overflow 'schlamperei.x86.dll' (MS13-053) (Metasploit)
.NET Deployment Service - IE Sandbox Escape (MS14-009)
Registry Symlink - IE Sandbox Escape (MS13-097)
Microsoft .NET Deployment Service - IE Sandbox Escape (MS14-009) (Metasploit)
Microsoft Registry Symlink - IE Sandbox Escape (MS13-097) (Metasploit)
Microsoft Windows - OLE Package Manager Code Execution (MS14-060)
Microsoft Windows - OLE Package Manager Code Execution (MS14-060) (Metasploit)
Microsoft Windows - TrackPopupMenu Win32k Null Pointer Dereference (Metasploit)
Microsoft Windows - TrackPopupMenu Win32k Null Pointer Dereference (MS14-058) (Metasploit)
Microsoft Windows - OLE Package Manager Code Execution Through Python (MS14-064)
Microsoft Windows - OLE Package Manager Code Execution (MS14-064)
Microsoft Windows - OLE Package Manager Code Execution (via Python) (MS14-064) (Metasploit)
Microsoft Windows - OLE Package Manager Code Execution (MS14-064) (Metasploit)
Microsoft Remote Desktop Services - Web Proxy IE Sandbox Escape (MS15-004)
Microsoft Remote Desktop Services - Web Proxy IE Sandbox Escape (MS15-004) (Metasploit)
Microsoft Windows Server 2003 SP2 - Privilege Escalation
Microsoft Windows Server 2003 SP2 - Privilege Escalation (MS14-070)
Microsoft Windows XP/7 Kernel - 'win32k.sys' Keyboard Layout Privilege Escalation
Microsoft Windows XP/7 Kernel - 'win32k.sys' Keyboard Layout Privilege Escalation (MS10-073)
Publish-It - '.PUI' Buffer Overflow (SEH)
Publish-It - '.PUI' Buffer Overflow (SEH) (Metasploit)
Microsoft Windows - ClientCopyImage Win32k Exploit (Metasploit)
Microsoft Windows - ClientCopyImage Win32k Exploit (MS15-051) (Metasploit)
Microsoft Word - Local Machine Zone Remote Code Execution
Microsoft Word - Local Machine Zone Remote Code Execution (MS15-022)
VideoCharge Studio - Buffer Overflow (SEH)
VideoCharge Studio - Buffer Overflow (SEH) (Metasploit)
Microsoft Windows - NtUserGetClipboardAccessToken Token Leak
Microsoft Windows - NtUserGetClipboardAccessToken Token Leak (MS15-023)
Microsoft Windows - Font Driver Buffer Overflow (MS15-078)
Microsoft Windows - Font Driver Buffer Overflow (MS15-078) (Metasploit)
Nagios 4.2.2 - Privilege Escalation
ImageMagick 6.9.3-9 / 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick)
ImageMagick 6.9.3-9 / 7.0.1-0 - Delegate Arbitrary Command Execution (ImageTragick) (Metasploit)
Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - Netfilter target_offset OOB Privilege Escalation
Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - Netfilter target_offset Out-of-Bounds Privilege Escalation
Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)
Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032) (Metasploit)
VMware - Setuid VMware-mount Popen lsb_release Privilege Escalation (VMSA-2013-0010)
VMware - Setuid VMware-mount Popen lsb_release Privilege Escalation
Palo Alto Networks PanOS root_trace - Privilege Escalation
Palo Alto Networks PanOS root_reboot - Privilege Escalation
RealServer < 8.0.2 - Remote Exploit (Windows Platforms)
RealServer < 8.0.2 (Windows Platforms) - Remote Exploit
Microsoft Windows 2000/XP - 'RPC DCOM' Remote Exploit (MS03-026)
Microsoft Windows Server 2000/XP - 'RPC DCOM' Remote Exploit (MS03-026)
Microsoft Windows 2000/XP - Workstation Service Overflow (MS03-049)
Microsoft Windows Server 2000/XP - Workstation Service Overflow (MS03-049)
Microsoft Windows 2000/XP - 'Lsasrv.dll' Remote Universal Exploit (MS04-011)
Microsoft Windows Server 2000/XP - 'Lsasrv.dll' Remote Universal Exploit (MS04-011)
Microsoft Windows - 'WINS' Remote Buffer Overflow (3)
Microsoft Windows - 'WINS' Remote Buffer Overflow (MS04-045) (3)
Microsoft Windows Message - Queuing Buffer Overflow Universal Exploit (MS05-017) (v.0.3)
Microsoft Windows Message Queuing - Buffer Overflow Universal Exploit (MS05-017) (v.0.3)
Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (Spanish)
Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (French)
Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (Spanish) (MS05-039)
Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (French) (MS05-039)
eIQnetworks License Manager - Remote Buffer Overflow (1) (Metasploit)
eIQnetworks License Manager - Remote Buffer Overflow (2) (Metasploit)
eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (1)
eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (2)
Microsoft Windows 2003 - NetpIsRemote() Remote Overflow (MS06-040) (Metasploit)
Microsoft Windows Server 2003 - NetpIsRemote() Remote Overflow (MS06-040) (Metasploit)
Broadcom Wireless Driver - Probe Response SSID Overflow (1) (Metasploit)
Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit) (1)
Microsoft Windows - NetpManageIPCConnect - Stack Overflow (Python)
Microsoft Windows - NetpManageIPCConnect - Stack Overflow (MS06-070) (Python)
Microsoft Speech API ActiveX Control (Windows 2000 SP4) - Remote Buffer Overflow
Microsoft Speech API ActiveX Control (Windows XP SP2) - Remote Buffer Overflow
Microsoft Speech API ActiveX Control (Windows 2000 SP4) - Remote Buffer Overflow (MS07-033)
Microsoft Speech API ActiveX Control (Windows XP SP2) - Remote Buffer Overflow (MS07-033)
CCProxy 6.2 - Telnet Proxy Ping Overflow (1) (Metasploit)
CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit) (1)
Microsoft Windows 2000 - AS SP4 Message Queue Exploit (MS07-065)
Microsoft Windows Server 2000 SP4 (Advanced Server) - Message Queue Exploit (MS07-065)
Microsoft Windows Message Queuing Service - RPC Buffer Overflow
Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065)
Microsoft Internet Explorer 5/6/7 - Memory Corruption (PoC)
Microsoft Internet Explorer 5/6/7 - Memory Corruption (PoC) (MS09-054)
Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly
Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly (MS03-044)
Movie Maker - Remote Code Execution (MS10-016)
Microsoft Movie Maker - Remote Code Execution (MS10-016)
ASP.NET - Padding Oracle (MS10-070)
Microsoft ASP.NET - Padding Oracle (MS10-070)
ASP.NET - Padding Oracle File Download (MS10-070)
Microsoft Windows - NTLM Weak Nonce
Microsoft ASP.NET - Padding Oracle File Download (MS10-070)
Microsoft Windows - NTLM Weak Nonce (MS10-012)
ASP.NET - Auto-Decryptor File Download Exploit (MS10-070)
Microsoft ASP.NET - Auto-Decryptor File Download Exploit (MS10-070)
Wireshark - LWRES Dissector getaddrsbyname_request Buffer Overflow (loop)
Wireshark - LWRES Dissector getaddrsbyname_request Buffer Overflow (Loop) (Metasploit)
Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (1)
PHP 4 - Unserialize() ZVAL Reference Counter Overflow (Cookie)
Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (Metasploit) (1)
PHP 4 - Unserialize() ZVAL Reference Counter Overflow (Cookie) (Metasploit)
Axis2 - Authenticated Code Execution (via REST)
Axis2 - Authenticated Code Execution (via REST) (Metasploit)
Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP)
Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP) (Metasploit)
Microsoft Windows Media Services - ConnectFunnel Stack Buffer Overflow (Metasploit)
Microsoft Private Communications Transport - Overflow Exploit (Metasploit)
Microsoft Windows Media Services - ConnectFunnel Stack Buffer Overflow (MS10-025) (Metasploit)
Microsoft Private Communications Transport - Overflow Exploit (MS04-011) (Metasploit)
Microsoft IIS - ISAPI 'nsiislog.dll' ISAPI POST Overflow (Metasploit)
Microsoft IIS - ISAPI FrontPage 'fp30reg.dll' Chunked Overflow (Metasploit)
Microsoft IIS - Phone Book Service Overflow (Metasploit)
Microsoft IIS - ISAPI 'nsiislog.dll' ISAPI POST Overflow (MS03-022) (Metasploit)
Microsoft IIS - ISAPI FrontPage 'fp30reg.dll' Chunked Overflow (MS03-051) (Metasploit)
Microsoft IIS - Phone Book Service Overflow (MS00-094) (Metasploit)
Microsoft WINS - Service Memory Overwrite (Metasploit)
Microsoft Windows - SMB Relay Code Execution (Metasploit)
Microsoft Windows - Print Spooler Service Impersonation (MS10-061)
Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067)
Microsoft Windows - 'srv2.sys' SMB Negotiate ProcessID Function Table Dereference (Metasploit)
Microsoft RRAS Service - Overflow Exploit (Metasploit)
Microsoft DNS RPC Service - extractQuotedChar() Overflow 'SMB' (Metasploit)
Microsoft Server Service - NetpwPathCanonicalize Overflow (Metasploit)
Microsoft LSASS Service - DsRolerUpgradeDownlevelServer Overflow (Metasploit)
Microsoft Services - 'nwwks.dll' (MS06-066)
Microsoft WINS - Service Memory Overwrite (MS04-045) (Metasploit)
Microsoft Windows - SMB Relay Code Execution (MS08-068) (Metasploit)
Microsoft Windows - Print Spooler Service Impersonation (MS10-061) (Metasploit)
Microsoft Windows Server - Service Relative Path Stack Corruption (MS08-067) (Metasploit)
Microsoft Windows - 'srv2.sys' SMB Negotiate ProcessID Function Table Dereference (MS09-050) (Metasploit)
Microsoft RRAS Service - Overflow Exploit (MS06-025) (Metasploit)
Microsoft DNS RPC Service - extractQuotedChar() Overflow 'SMB' (MS07-029) (Metasploit)
Microsoft Server Service - NetpwPathCanonicalize Overflow (MS06-040) (Metasploit)
Microsoft LSASS Service - DsRolerUpgradeDownlevelServer Overflow (MS04-011) (Metasploit)
Microsoft Services - 'nwwks.dll' (MS06-066) (Metasploit)
Microsoft NetDDE Service - Overflow Exploit (Metasploit)
Microsoft Workstation Service - NetpManageIPCConnect Overflow (Metasploit)
Microsoft Services - 'nwapi32.dll' (MS06-066)
Microsoft NetDDE Service - Overflow Exploit (MS04-031) (Metasploit)
Microsoft Workstation Service - NetpManageIPCConnect Overflow (MS06-070) (Metasploit)
Microsoft Services - 'nwapi32.dll' (MS06-066) (Metasploit)
Microsoft RRAS Service - RASMAN Registry Overflow (Metasploit)
Microsoft RRAS Service - RASMAN Registry Overflow (MS06-025) (Metasploit)
Microsoft Windows - ASN.1 Library Bitstring Heap Overflow (MS04-007)
Microsoft Workstation Service - NetAddAlternateComputerName Overflow (Metasploit)
Microsoft Outlook Express - NNTP Response Parsing Buffer Overflow (Metasploit)
Microsoft Windows - ASN.1 Library Bitstring Heap Overflow (MS04-007) (Metasploit)
Microsoft Workstation Service - NetAddAlternateComputerName Overflow (MS03-049) (Metasploit)
Microsoft Outlook Express - NNTP Response Parsing Buffer Overflow (MS05-030) (Metasploit)
Broadcom Wireless Driver - Probe Response SSID Overflow (2) (Metasploit)
Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit) (2)
Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (Metasploit)
Microsoft SQL Server - Resolution Overflow (Metasploit)
Microsoft SQL Server - Payload Execution (via SQL Injection)
Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (MS09-004) (Metasploit)
Microsoft SQL Server - Resolution Overflow (MS02-039) (Metasploit)
Microsoft SQL Server - Payload Execution (via SQL Injection) (Metasploit)
Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (via SQL Injection)
Microsoft SQL Server - sp_replwritetovarbin Memory Corruption (MS09-004) (via SQL Injection) (Metasploit)
Microsoft SQL Server - Hello Overflow (Metasploit)
Microsoft SQL Server - Hello Overflow (MS02-056) (Metasploit)
CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (1)
CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (Metasploit) (1)
CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (2)
CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (Metasploit) (2)
CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (3)
CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (Metasploit) (3)
CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (1)
CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) (1)
IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (1)
IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (Metasploit) (1)
HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (1)
HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (Metasploit) (1)
Microsoft DirectX DirectShow - SAMI Buffer Overflow (Metasploit)
Microsoft DirectX DirectShow - SAMI Buffer Overflow (MS07-064) (Metasploit)
HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (2)
HP - OmniInet.exe MSG_PROTOCOL Buffer Overflow (Metasploit) (2)
Microsoft IIS/PWS - CGI Filename Double Decode Command Execution (Metasploit)
Microsoft IIS 4.0 - '.htr' Path Overflow (Metasploit)
Microsoft IIS 5.0 - Printer Host Header Overflow (Metasploit)
Microsoft IIS 5.0 - WebDAV 'ntdll.dll' Path Overflow (Metasploit)
Microsoft IIS/PWS - CGI Filename Double Decode Command Execution (MS01-026) (Metasploit)
Microsoft IIS 4.0 - '.htr' Path Overflow (MS02-018) (Metasploit)
Microsoft IIS 5.0 - Printer Host Header Overflow (MS01-023) (Metasploit)
Microsoft IIS 5.0 - WebDAV 'ntdll.dll' Path Overflow (MS03-007) (Metasploit)
Microsoft IIS 5.0 - IDQ Path Overflow (Metasploit)
Microsoft IIS 5.0 - IDQ Path Overflow (MS01-033) (Metasploit)
Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (1)
Adobe CoolType - SING Table 'uniqueName' Stack Buffer Overflow (Metasploit) (1)
Microsoft Internet Explorer - Daxctle.OCX KeyFrame Method Heap Buffer Overflow (Metasploit)
Microsoft Visual Studio - Msmask32.ocx ActiveX Buffer Overflow (Metasploit)
Microsoft Internet Explorer - Daxctle.OCX KeyFrame Method Heap Buffer Overflow (MS06-067) (Metasploit)
Microsoft Visual Studio - Msmask32.ocx ActiveX Buffer Overflow (MS08-070) (Metasploit)
Microsoft Windows Media Encoder 9 - 'wmex.dll' ActiveX Buffer Overflow (Metasploit)
Microsoft Windows Media Encoder 9 - 'wmex.dll' ActiveX Buffer Overflow (MS08-053) (Metasploit)
Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP)
Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) (MS07-017) (Metasploit)
Microsoft Internet Explorer - XML Core Services HTTP Request Handling (Metasploit)
Microsoft Internet Explorer - CSS Recursive Import Use-After-Free (Metasploit)
Microsoft Internet Explorer - XML Core Services HTTP Request Handling (MS06-071) (Metasploit)
Microsoft Internet Explorer - CSS Recursive Import Use-After-Free (MS11-003) (Metasploit)
Microsoft Office Web Components (OWC) Spreadsheet - msDataSourceObject Memory Corruption (Metasploit)
Microsoft Office Web Components (OWC) Spreadsheet - msDataSourceObject Memory Corruption (MS09-043) (Metasploit)
Microsoft Internet Explorer - Winhlp32.exe MsgBox Code Execution (Metasploit)
Microsoft OWC Spreadsheet - HTMLURL Buffer Overflow (Metasploit)
Microsoft Internet Explorer - Winhlp32.exe MsgBox Code Execution (MS10-023) (Metasploit)
Microsoft OWC Spreadsheet - HTMLURL Buffer Overflow (MS09-043) (Metasploit)
Microsoft Help Center - Cross-Site Scripting / Command Execution (Metasploit)
Microsoft Internet Explorer - Style getElementsByTagName Memory Corruption (Metasploit)
Microsoft Help Center - Cross-Site Scripting / Command Execution (MS10-042) (Metasploit)
Microsoft Internet Explorer - Style getElementsByTagName Memory Corruption (MS09-072) (Metasploit)
Microsoft Internet Explorer - CSS SetUserClip Memory Corruption (Metasploit)
Microsoft Internet Explorer - CSS SetUserClip Memory Corruption (MS10-090) (Metasploit)
Microsoft Internet Explorer 7 - CFunctionPointer Uninitialized Memory Corruption (Metasploit)
Microsoft Internet Explorer 7 - CFunctionPointer Uninitialized Memory Corruption (MS09-002) (Metasploit)
Microsoft Internet Explorer - COM CreateObject Code Execution (Metasploit)
Microsoft Internet Explorer - COM CreateObject Code Execution (MS06-014/MS06-073) (Metasploit)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (Metasploit) (2)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Overflow (MS06-057) (Metasploit) (2)
Microsoft Internet Explorer - Tabular Data Control ActiveX Memory Corruption (Metasploit)
Microsoft Internet Explorer - Tabular Data Control ActiveX Memory Corruption (MS10-018) (Metasploit)
Microsoft Windows - Shell LNK Code Execution (Metasploit)
Microsoft Windows - Shell LNK Code Execution (MS10-046) (Metasploit)
Microsoft Internet Explorer - createTextRange() Code Execution (Metasploit)
Microsoft Internet Explorer - createTextRange() Code Execution (MS06-013) (Metasploit)
Microsoft Internet Explorer - Object Type (MS03-020)
Microsoft Internet Explorer - Object Type (MS03-020) (Metasploit)
Microsoft Internet Explorer - Data Binding Memory Corruption (Metasploit)
Microsoft Internet Explorer - Data Binding Memory Corruption (MS08-078) (Metasploit)
Microsoft Internet Explorer - DHTML Behaviour Use-After-Free (Metasploit)
Microsoft Internet Explorer - DHTML Behaviour Use-After-Free (MS10-018) (Metasploit)
Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (1)
Microsoft Internet Explorer - (VML) Fill Method Code Execution (Metasploit)
Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) (1)
Microsoft Internet Explorer - (VML) Fill Method Code Execution (MS06-055) (Metasploit)
Microsoft Internet Explorer - 'Aurora' Memory Corruption (Metasploit)
Microsoft Internet Explorer - 'Aurora' Memory Corruption (MS10-002) (Metasploit)
Microsoft Windows XP/2003/Vista - Metafile Escape() SetAbortProc Code Execution (Metasploit)
Microsoft Windows XP/2003/Vista - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit)
CCProxy 6.2 - Telnet Proxy Ping Overflow (2) (Metasploit)
CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit) (2)
Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP)
Outlook - ATTACH_BY_REF_RESOLVE File Execution (Metasploit)
Outlook - ATTACH_BY_REF_ONLY File Execution (Metasploit)
Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (SMTP) (MS07-017) (Metasploit)
Microsoft Outlook - ATTACH_BY_REF_RESOLVE File Execution (MS10-045) (Metasploit)
Microsoft Outlook - ATTACH_BY_REF_ONLY File Execution (MS10-045) (Metasploit)
Odin Secure FTP 4.1 - Stack Buffer Overflow (LIST)
Odin Secure FTP 4.1 - Stack Buffer Overflow (LIST) (Metasploit)
FTPGetter Standard 3.55.0.05 - Stack Buffer Overflow (PWD)
FTPGetter Standard 3.55.0.05 - Stack Buffer Overflow (PWD) (Metasploit)
httpdx - tolog() Function Format String (1)
httpdx - tolog() Function Format String (Metasploit) (1)
Microsoft IIS FTP Server - NLST Response Overflow (Metasploit)
Microsoft IIS FTP Server - NLST Response Overflow (MS09-053) (Metasploit)
Microsoft Message Queueing Service - Path Overflow (Metasploit)
Microsoft DNS RPC Service - extractQuotedChar() Overflow (TCP)
Microsoft RPC DCOM Interface - Overflow Exploit (Metasploit)
Microsoft Message Queueing Service - DNS Name Path Overflow (Metasploit)
Microsoft Message Queueing Service - Path Overflow (MS05-017) (Metasploit)
Microsoft DNS RPC Service - extractQuotedChar() TCP Overflow (MS07-029) (Metasploit)
Microsoft RPC DCOM Interface - Overflow Exploit (MS03-026) (Metasploit)
Microsoft Message Queueing Service - DNS Name Path Overflow (MS07-065) (Metasploit)
IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (2)
IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (Metasploit) (2)
Novell ZENworks Configuration Management 10.2.0 - Remote Execution (1)
Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit) (1)
httpdx - tolog() Function Format String (2)
httpdx - tolog() Function Format String (Metasploit) (2)
Exchange 2000 - XEXCH50 Heap Overflow (MS03-046)
Microsoft Exchange Server 2000 - XEXCH50 Heap Overflow (MS03-046) (Metasploit)
NetSupport Manager Agent - Remote Buffer Overflow (2)
NetSupport Manager Agent - Remote Buffer Overflow (Metasploit) (2)
Apple iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1)
Apple iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (Metasploit) (1)
Apple iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2)
Apple iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (Metasploit) (2)
SquirrelMail PGP Plugin - Command Execution (SMTP)
SquirrelMail PGP Plugin - Command Execution (SMTP) (Metasploit)
ToolTalk - rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX)
ToolTalk - rpc.ttdbserverd _tt_internal_realpath Buffer Overflow (AIX) (Metasploit)
Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (2)
Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (Metasploit) (2)
Microsoft Internet Explorer - MSHTML!CObjectElement Use-After-Free (MS11-050)
Microsoft Internet Explorer - MSHTML!CObjectElement Use-After-Free (MS11-050) (Metasploit)
Lotus Notes 8.0.x < 8.5.2 FP2 - Autonomy Keyview (.lzh attachment)
Lotus Notes 8.0.x < 8.5.2 FP2 - Autonomy Keyview ('.lzh' Attachment) (Metasploit)
Mozilla Firefox - 'nsTreeRange' Dangling Pointer (1)
Mozilla Firefox - 'nsTreeRange' Dangling Pointer (Metasploit) (1)
Mozilla Firefox 3.6.16 - mChannel Use-After-Free (1)
Mozilla Firefox 3.6.16 - mChannel Use-After-Free (Metasploit) (1)
Microsoft MPEG Layer-3 Audio - Stack Based Overflow (MS10-026)
Microsoft MPEG Layer-3 Audio - Stack Based Overflow (MS10-026) (Metasploit)
ScriptFTP 3.3 - Remote Buffer Overflow (LIST) (2)
ScriptFTP 3.3 - Remote Buffer Overflow (LIST) (Metasploit) (2)
Mozilla Firefox - Array.reduceRight() Integer Overflow (2)
Mozilla Firefox - Array.reduceRight() Integer Overflow (Metasploit) (2)
Microsoft Internet Explorer - JavaScript OnLoad Handler Remote Code Execution (Metasploit)
Microsoft Internet Explorer - JavaScript OnLoad Handler Remote Code Execution (MS05-054) (Metasploit)
Mozilla Firefox 3.6.16 - mChannel Use-After-Free (2)
Mozilla Firefox 3.6.16 - mChannel Use-After-Free (Metasploit) (2)
Microsoft Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004)
Microsoft Windows - midiOutPlayNextPolyEvent Heap Overflow (MS12-004) (Metasploit)
Sun Java Web Start Plugin - Command Line Argument Injection (2012)
Sun Java Web Start Plugin - Command Line Argument Injection (2012) (Metasploit)
Microsoft Internet Explorer - Object Memory Use-After-Free (MS10-002)
Microsoft Internet Explorer - Object Memory Use-After-Free (MS10-002) (Metasploit)
Microsoft Windows - MSCOMCTL ActiveX Buffer Overflow (MS12-027)
Microsoft Windows - MSCOMCTL ActiveX Buffer Overflow (MS12-027) (Metasploit)
quickshare file share 1.2.1 - Directory Traversal (2)
quickshare file share 1.2.1 - Directory Traversal (Metasploit) (2)
Microsoft IIS - MDAC 'msadcs.dll' RDS DataStub Content-Type Overflow (Metasploit)
Microsoft IIS - MDAC 'msadcs.dll' RDS DataStub Content-Type Overflow (MS02-065) (Metasploit)
Microsoft Internet Explorer - Same ID Property Deleted Object Handling Memory Corruption (MS12-037)
Microsoft Internet Explorer - Same ID Property Deleted Object Handling Memory Corruption (MS12-037) (Metasploit)
ComSndFTP 1.3.7 Beta - USER Format String (Write4)
Microsoft XML Core Services - MSXML Uninitialized Memory Corruption (Metasploit)
ComSndFTP 1.3.7 Beta - USER Format String (Write4) (Metasploit)
Microsoft XML Core Services - MSXML Uninitialized Memory Corruption (MS12-043) (Metasploit)
Microsoft Internet Explorer 5.0/4.0.1 - JavaScript URL redirection
Microsoft Internet Explorer 5.0/4.0.1 - JavaScript URL Redirection (MS99-043)
Microsoft Office SharePoint Server 2007 - Remote Code Execution (Metasploit)
Microsoft Office SharePoint Server 2007 - Remote Code Execution (MS10-104) (Metasploit)
Microsoft IIS 3.0/4.0 / Microsoft index server 2.0 - Directory Traversal
Microsoft IIS 3.0/4.0 / Microsoft Index Server 2.0 - Directory Traversal (MS00-006)
Microsoft Internet Explorer - Fixed Table Col Span Heap Overflow (Metasploit)
Microsoft Internet Explorer - Fixed Table Col Span Heap Overflow (MS12-037) (Metasploit)
Microsoft Internet Explorer 5.5 - Index.dat
Microsoft Internet Explorer 5.5 - 'Index.dat' Exploit (MS00-055)
Microsoft Visual Studio RAD Support - Buffer Overflow (Metasploit)
Microsoft Visual Studio RAD Support - Buffer Overflow (MS03-051) (Metasploit)
JBoss - DeploymentFileRepository WAR Deployment (via JMXInvokerServlet)
JBoss - DeploymentFileRepository WAR Deployment (via JMXInvokerServlet) (Metasploit)
Microsoft Internet Explorer 5 - Zone Spoofing
Microsoft Internet Explorer 5 - Zone Spoofing (MS01-055)
HP SiteScope - Remote Code Execution (1)
HP SiteScope - Remote Code Execution (Metasploit) (1)
Microsoft Internet Explorer 5 - Cascading Style Sheet File Disclosure
Microsoft Internet Explorer 5 - Cascading Style Sheet File Disclosure (MS02-023)
Metasploit Web UI - Diagnostic Console Command Execution
Metasploit Web UI - Diagnostic Console Command Execution (Metasploit)
Microsoft IIS 4.0/5.0 - SMTP Service Encapsulated SMTP Address
Microsoft IIS 4.0/5.0 - SMTP Service Encapsulated SMTP Address (MS99-027)
Microsoft Internet Explorer 5 - Dialog Same Origin Policy Bypass Variant
Microsoft Internet Explorer 5 - Dialog Same Origin Policy Bypass Variant (MS02-047)
Microsoft Internet Explorer - execCommand Use-After-Free (MS12-063)
Microsoft Internet Explorer - execCommand Use-After-Free (MS12-063) (Metasploit)
Microsoft Internet Explorer 5 - XML Page Object Type Validation
Microsoft Internet Explorer 5 - XML Page Object Type Validation (MS03-040)
Microsoft Windows XP/2000 - Messenger Service Buffer Overrun
Microsoft Windows XP/2000 - Messenger Service Buffer Overrun (MS03-043)
Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass
Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass (MS04-013)
Microsoft Internet Explorer 5 - NavigateAndFind() Cross-Zone Policy
Microsoft Internet Explorer 5 - NavigateAndFind() Cross-Zone Policy (MS04-004)
Microsoft Internet Explorer - Option Element Use-After-Free (Metasploit)
Microsoft Internet Explorer - Option Element Use-After-Free (MS11-081) (Metasploit)
Java Applet JMX - Remote Code Execution (1)
Java Applet JMX - Remote Code Execution (Metasploit) (1)
myServer 0.6.2 - math_sum.mscgi Multiple Parameter Cross-Site Scripting
MyServer 0.6.2 - math_sum.mscgi Multiple Parameter Cross-Site Scripting
VMware OVF Tools - Format String (1)
VMware OVF Tools - Format String (Metasploit) (1)
VMware OVF Tools - Format String (2)
VMware OVF Tools - Format String (Metasploit) (2)
Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009)
Java Applet JMX - Remote Code Execution (2)
Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit)
Java Applet JMX - Remote Code Execution (Metasploit) (2)
Microsoft Internet Explorer 5.x - Valid File Drag and Drop Embedded Code
Microsoft Internet Explorer 5.x - Valid File Drag and Drop Embedded Code (MS04-038)
Novell ZENworks Configuration Management 10.2.0 - Remote Execution (2)
Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit) (2)
phpMyAdmin - Authenticated Remote Code Execution via preg_replace()
phpMyAdmin - 'preg_replace' Authenticated Remote Code Execution (Metasploit)
Microsoft Internet Explorer 5.0.1 - Content Advisor File Handling Buffer Overflow
Microsoft Internet Explorer 5.0.1 - Content Advisor File Handling Buffer Overflow (MS05-020)
Microsoft Internet Explorer - textNode Use-After-Free (Metasploit)
Microsoft Internet Explorer - textNode Use-After-Free (MS13-037) (Metasploit)
Microsoft Internet Explorer - COALineDashStyleArray Integer Overflow (MS13-009)
Microsoft Internet Explorer - COALineDashStyleArray Integer Overflow (MS13-009) (Metasploit)
D-Link Devices - Unauthenticated Remote Command Execution (2)
D-Link Devices - Unauthenticated Remote Command Execution (Metasploit) (2)
D-Link Devices - Unauthenticated Remote Command Execution (1)
D-Link Devices - Unauthenticated Remote Command Execution (Metasploit) (1)
Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059)
Microsoft Internet Explorer - CFlatMarkupPointer Use-After-Free (MS13-059) (Metasploit)
Microsoft Internet Explorer - CAnchorElement Use-After-Free (MS13-055)
HP SiteScope - Remote Code Execution (2)
Microsoft Internet Explorer - CAnchorElement Use-After-Free (MS13-055) (Metasploit)
HP SiteScope - Remote Code Execution (Metasploit) (2)
CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (2)
Microsoft Internet Explorer - CCaret Use-After-Free (MS13-069)
Microsoft Windows Theme File Handling - Arbitrary Code Execution (MS13-071)
CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) (2)
Microsoft Internet Explorer - CCaret Use-After-Free (MS13-069) (Metasploit)
Microsoft Windows Theme File Handling - Arbitrary Code Execution (MS13-071) (Metasploit)
Microsoft Internet Explorer - CDisplayPointer Use-After-Free (MS13-080)
Microsoft Internet Explorer - CDisplayPointer Use-After-Free (MS13-080) (Metasploit)
Microsoft Internet Explorer - CardSpaceClaimCollection ActiveX Integer Underflow (MS13-090)
Microsoft Internet Explorer - COALineDashStyleArray Unsafe Memory Access (MS12-022)
Microsoft Internet Explorer - CardSpaceClaimCollection ActiveX Integer Underflow (MS13-090) (Metasploit)
Microsoft Internet Explorer - COALineDashStyleArray Unsafe Memory Access (MS12-022) (Metasploit)
Microsoft Internet Explorer - TextRange Use-After-Free (MS14-012)
Microsoft Internet Explorer - TextRange Use-After-Free (MS14-012) (Metasploit)
Microsoft Internet Explorer - CMarkup Use-After-Free (MS14-012)
Microsoft Internet Explorer - CMarkup Use-After-Free (MS14-012) (Metasploit)
Microsoft Windows Media Center - MCL Exploit (MS15-100)
Microsoft Windows Media Center - MCL Exploit (MS15-100) (Metasploit)
Advantech Switch - Bash Environment Variable Code Injection (Shellshock)
Advantech Switch - Bash Environment Variable Code Injection (Shellshock) (Metasploit)
Oracle BeeHive 2 - voice-servlet processEvaluation()
Oracle BeeHive 2 - voice-servlet processEvaluation() (Metasploit)
Microsoft Windows Media Center - '.Link' File Incorrectly Resolved Reference
Microsoft Windows Media Center - '.Link' File Incorrectly Resolved Reference (MS15-134)
IPFire - Bash Environment Variable Injection (Shellshock)
IPFire - Bash Environment Variable Injection (Shellshock) (Metasploit)
Ruby on Rails - Dynamic Render File Upload / Remote Code Execution
Ruby on Rails - Dynamic Render File Upload / Remote Code Execution (Metasploit)
FTPShell Client 5.24 - 'PWD' Remote Buffer Overflow
Windows x64 - Reverse Shell TCP Shellcode (694 bytes)
phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection (2)
phpLDAPadmin 1.2.1.1 - (query_engine) Remote PHP Code Injection (Metasploit) (2)
PmWiki 2.2.34 - (pagelist) Remote PHP Code Injection (2)
PmWiki 2.2.34 - (pagelist) Remote PHP Code Injection (2) (Metasploit)
Wordpress Plugin BBS e-Franchise 1.1.1 - SQL Injection
Wordpress Plugin Product Catalog 8 1.2.0 - SQL Injection
EditMe CMS - Cross-Site Request Forgery (Add New Admin)
2016-11-19 05:01:21 +00:00
Offensive Security
2e7215ec08
DB: 2016-11-16
...
8 new exploits
MailEnable Professional/Enterprise 2.35 - Out of Bounds Denial of Service
MailEnable Professional/Enterprise 2.35 - Out of Bounds Denial Of Service
MailEnable Professional/Enterprise 2.37 - Denial of Service
MailEnable Professional/Enterprise 2.37 - Denial Of Service
Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial of Service
Galaxy FTP Server 1.0 - (Neostrada Livebox DSL Router) Denial Of Service
MailEnable SMTP Service - VRFY/EXPN Command Buffer Overflow Denial of Service
MailEnable 3.13 SMTP Service - 'VRFY/EXPN' Command Denial Of Service
VideoLAN VLC Media Player - Subtitle StripTags() Function Memory Corruption
VideoLAN VLC Media Player 1.1 - Subtitle StripTags() Function Memory Corruption
VideoLAN VLC Media Player - XSPF Local File Integer Overflow in XSPF Playlist parser
VideoLAN VLC Media Player 1.1.9 - XSPF Local File Integer Overflow in XSPF Playlist parser
VideoLAN VLC Media Player - '.3gp' File Divide-by-Zero Denial of Service
VideoLAN VLC Media Player 2.0.2 - '.3gp' File Divide-by-Zero Denial Of Service
VideoLAN VLC Media Player - '.wav' File Memory Corruption
VideoLAN VLC Media Player 2.1.3 - '.wav' File Memory Corruption
Microsoft Edge 11.0.10240.16384 - 'edgehtml' CAttrArray::Destroy Use-After-Free
Linux Kernel (Ubuntu / RedHat) - 'keyctl' Null Pointer Dereference
Microsoft Windows Kernel - Registry Hive Loading 'nt!RtlEqualSid' Out-of-Bounds Read (MS16-138)
VideoLAN VLC Media Player - '.TY' File Stack Based Buffer Overflow
VideoLAN VLC Media Player 0.9.4 - '.TY' File Stack Based Buffer Overflow
VideoLAN VLC Media Player - 'wintab32.dll' DLL Hijacking
VideoLAN VLC Media Player 1.1.3 - 'wintab32.dll' DLL Hijacking
VideoLAN VLC Media Player - TiVo Buffer Overflow (Metasploit)
VideoLAN VLC Media Player 0.9.4 - TiVo Buffer Overflow (Metasploit)
VideoLAN VLC Media Player - MKV Memory Corruption (Metasploit)
VideoLAN VLC Media Player 1.1.6 - 'MKV' Memory Corruption (Metasploit)
VideoLAN VLC Media Player - RealText Subtitle Overflow (Metasploit)
VideoLAN VLC Media Player 0.9.5 - RealText Subtitle Overflow (Metasploit)
Microsoft Windows - VHDMP ZwDeleteFile Arbitrary File Deletion Privilege Escalation (MS16-138)
Microsoft Windows - VHDMP Arbitrary File Creation Privilege Escalation (MS16-138)
Microsoft Windows - VHDMP Arbitrary Physical Disk Cloning Privilege Escalation (MS16-138)
MailEnable Pro/Ent 2.37 - (APPEND) Remote Buffer Overflow
MailEnable Professional/Enterprise 2.37 - 'APPEND' Remote Buffer Overflow
Versant Object Database 7.0.1.3 - Commands Execution Exploit
Versant Object Database 7.0.1.3 - Commands Execution
VHCS 2.4.7.1 - (vhcs2_daemon) Remote Root Exploit
VHCS 2.4.7.1 - 'vhcs2_daemon' Remote Root Exploit
MDaemon IMAP server 9.6.4 - (FETCH) Remote Buffer Overflow
MailEnable Pro/Ent 3.13 - (Fetch) Authenticated Remote Buffer Overflow
MDaemon IMAP server 9.6.4 - 'FETCH' Remote Buffer Overflow
MailEnable Professional/Enterprise 3.13 - 'Fetch' Authenticated Remote Buffer Overflow
VideoLAN VLC Media Player - AMV Dangling Pointer (Metasploit)
VideoLAN VLC Media Player 1.1.4 - 'AMV' Dangling Pointer (Metasploit)
VideoLAN VLC Media Player - ModPlug ReadS3M Stack Buffer Overflow (Metasploit)
VideoLAN VLC Media Player 1.1.8 - ModPlug ReadS3M Stack Buffer Overflow (Metasploit)
VideoLAN VLC Media Player - Mms Stream Handling Buffer Overflow (Metasploit)
VideoLAN VLC Media Player 2.0.0 - Mms Stream Handling Buffer Overflow (Metasploit)
Easy Internet Sharing Proxy Server 2.2 - SEH Overflow (Metasploit)
Disk Pulse Enterprise 9.0.34 - Buffer Overflow
Disk Pulse Enterprise 9.0.34 - 'Login' Buffer Overflow
Disk Pulse Enterprise - Login Buffer Overflow' (Metasploit)
Disk Pulse Enterprise 9.0.34 - 'Login' Buffer Overflow' (Metasploit)
WinaXe 7.7 FTP Client - Remote Buffer Overflow (Metasploit)
phpMyNewsletter 0.6.10 - (customize.php l) Remote File Inclusion
phpMyNewsletter 0.6.10 - 'customize.php' Remote File Inclusion
QuickTalk forum 1.3 - 'lang' Local File Inclusion
QuickTicket 1.2 - (qti_checkname.php) Local File Inclusion
QuickTalk forum 1.3 - 'lang' Parameter Local File Inclusion
QuickTicket 1.2 - 'qti_checkname.php' Local File Inclusion
Mambo Component com_Musica - 'id' SQL Injection
phpArcadeScript 3.0RC2 - (userid) SQL Injection
phpComasy 0.8 - (mod_project_id) SQL Injection
Dynamic photo Gallery 1.02 - 'albumID' SQL Injection
Mambo Component com_Musica - 'id' Parameter SQL Injection
phpArcadeScript 3.0RC2 - 'userid' Parameter SQL Injection
phpComasy 0.8 - 'mod_project_id' Parameter SQL Injection
Dynamic photo Gallery 1.02 - 'albumID' Parameter SQL Injection
XOOPS Module Glossario 2.2 - 'sid' SQL Injection
XOOPS Module wfdownloads - 'cid' SQL Injection
XOOPS Module Glossario 2.2 - 'sid' Parameter SQL Injection
XOOPS Module wfdownloads - 'cid' Parameter SQL Injection
Joomla! Component Candle 1.0 - (cID) SQL Injection
QuickTicket 1.5 - (qti_usr.php id) SQL Injection
Joomla! Component Candle 1.0 - 'cid' Parameter SQL Injection
QuickTicket 1.5 - 'qti_usr.php' SQL Injection
Mambo Component eWriting 1.2.1 - (cat) SQL Injection
phpMyNewsletter 0.8b5 - (archives.php msg_id) SQL Injection
Mapbender 2.4.4 - (mapFiler.php) Remote Code Execution
Mapbender 2.4.4 - (gaz) SQL Injection
Mambo Component eWriting 1.2.1 - 'cat' Parameter SQL Injection
phpMyNewsletter 0.8b5 - 'msg_id' Parameter SQL Injection
Mapbender 2.4.4 - 'mapFiler.php' Remote Code Execution
Mapbender 2.4.4 - 'gaz' Parameter SQL Injection
phpBB Mod FileBase - 'id' SQL Injection
phpBB Mod FileBase 2.0 - 'id' Parameter SQL Injection
XOOPS Module Gallery 0.2.2 - (gid) SQL Injection
XOOPS Module My_eGallery 3.04 - (gid) SQL Injection
XOOPS Module Gallery 0.2.2 - 'gid' Parameter SQL Injection
XOOPS Module My_eGallery 3.04 - 'gid' Parameter SQL Injection
XOOPS Module tutorials - 'printpage.php' SQL Injection
XOOPS Module tutorials 2.1b - 'printpage.php' SQL Injection
easygallery 5.0tr - Multiple Vulnerabilities
EasyGallery 5.0tr - Multiple Vulnerabilities
phpArcadeScript 4 - (cat) SQL Injection
phpArcadeScript 4 - 'cat' Parameter SQL Injection
phpComasy 0.9.1 - (entry_id) SQL Injection
phpComasy 0.9.1 - 'entry_id' Parameter SQL Injection
phpArcadeScript 4.0 - (linkout.php id) SQL Injection
phpArcadeScript 4.0 - 'id' Parameter SQL Injection
Myiosoft EasyGallery - 'catid' Blind SQL Injection
EasyGallery - 'catid' Parameter Blind SQL Injection
phpArcadeScript 2.0 - tellafriend.php gamename Parameter Cross-Site Scripting
phpArcadeScript 2.0 - loginbox.php login_status Parameter Cross-Site Scripting
phpArcadeScript 2.0 - 'index.php' submissionstatus Parameter Cross-Site Scripting
phpArcadeScript 2.0 - browse.php Multiple Parameter Cross-Site Scripting
phpArcadeScript 2.0 - displaygame.php gamefile Parameter Cross-Site Scripting
EasyGallery 1.17 - EasyGallery.php Cross-Site Scripting
Bloo 1.00 - Googlespell_Proxy.php Cross-Site Scripting
Mitra Informatika Solusindo Cart - 'p' Parameter SQL Injection
2016-11-16 05:01:23 +00:00
Offensive Security
490539b3f3
DB: 2016-11-09
...
17 new exploits
DigitalHive 2.0 RC2 - (base_include.php) Remote File Inclusion
DigitalHive 2.0 RC2 - 'base_include.php' Remote File Inclusion
DodosMail 2.0.1 - (dodosmail.php) Remote File Inclusion
DodosMail 2.0.1 - 'dodosmail.php' Remote File Inclusion
DoSePa 1.0.4 - (textview.php) Information Disclosure
DoSePa 1.0.4 - 'textview.php' Information Disclosure
TrueCrypt 4.3 - Privilege Escalation
TrueCrypt 4.3 - 'setuid' Privilege Escalation
w-Agora 4.2.1 - (cat) SQL Injection
w-Agora 4.2.1 - 'cat' Parameter SQL Injection
IPTBB 0.5.4 - (viewdir id) SQL Injection
IPTBB 0.5.4 - 'id' Parameter SQL Injection
LoudBlog 0.6.1 - (parsedpage) Remote Code Execution
LoudBlog 0.6.1 - 'parsedpage' Parameter Remote Code Execution
evilboard 0.1a - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
evilboard 0.1a - SQL Injection / Cross-Site Scripting
QuickTime Player 7.3.1.70 - (rtsp) Buffer Overflow
QuickTime Player 7.3.1.70 - 'RTSP' Buffer Overflow
DigitalHive 2.0 RC2 - (user_id) SQL Injection
DigitalHive 2.0 RC2 - 'user_id' Parameter SQL Injection
X7 Chat 2.0.5 - 'day' SQL Injection
X7 Chat 2.0.5 - 'day' Parameter SQL Injection
HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Dos Exploit
HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/DoS
Cisco VPN Client - Integer Overflow (DOS)
Cisco VPN Client - Integer Overflow (DoS)
Multiple WordPress Plugins - timthumb.php File Upload
Multiple WordPress Plugins - 'timthumb.php' File Upload
glibc - LD_AUDIT Arbitrary DSO Load Privilege Escalation
glibc - 'LD_AUDIT' Arbitrary DSO Load Privilege Escalation
NetServe FTP Client 1.0 - Local DOS (Overflow)
NetServe FTP Client 1.0 - Local DoS (Overflow)
Microsoft Windows Server 2008/2012 - LDAP RootDSE Netlogon Denial Of Service (PoC)
Internet Explorer 8-11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080 / MS14-084)
Internet Explorer 9 MSHTML - CPtsTextParaclient::CountApes Out-of-Bounds Read
Microsoft Internet Explorer 8-11_ IIS_ CScript.exe/WScript.exe VBScript - CRegExp..Execute Use of Uninitialized Memory (MS14-080/MS14-084)
Microsoft Internet Explorer 9 MSHTML - CPtsTextParaclient::CountApes Out-of-Bounds Read
Linux Kernel 2.6.x < 2.6.7-rc3 - 'sys_chown()' Privilege Escalation
Solaris 8/9 ps - Environment Variable Information leak
Solaris 7/8/9 CDE libDtHelp - Buffer Overflow dtprintinfo Privilege Escalation
Solaris 7/8/9 CDE libDtHelp - Buffer Overflow Non-Exec Stack Privilege Escalation
Solaris 8/9 passwd(1) - 'circ()' Stack-Based Buffer Overflow Privilege Escalation
Linux Kernel - TCP Related Read Use-After-Free
WordPress Plugin 'XCloner' 3.1.5 - Multiple Vulnerabilities
WordPress Plugin 404 to 301 2.2.8 - Persistent Cross-Site Scripting
WordPress Plugin WassUp Real Time Analytics 1.9 - Persistent Cross-Site Scripting
MOVISTAR ADSL Router BHS_RTA - Remote File Disclosure
D-Link ADSL Router DSL-2730U/2750U/2750E - Remote File Disclosure
NETGEAR ADSL Router JNR1010 - Authenticated Remote File Disclosure
NETGEAR ADSL Router WNR500/WNR612v3/JNR1010/JNR2010 - Authenticated Remote File Disclosure
PLANET ADSL Router AND-4101 - Remote File Disclosure
Eir D1000 Wireless Router - WAN Side Remote Command Injection (Metasploit)
Avira Antivirus 15.0.21.86 - '.zip' Directory Traversal / Command Execution
2016-11-09 05:01:25 +00:00
Offensive Security
1edbc5ecc4
DB: 2016-11-04
...
14 new exploits
Microsoft Windows - Metafile (.WMF) Remote File Download Exploit Generator
Microsoft Windows - Metafile '.WMF' Arbitrary File Download (Generator)
Redaxo CMS 3.2 - 'INCLUDE_PATH' Remote File Inclusion
Redaxo 3.2 - 'INCLUDE_PATH' Remote File Inclusion
Mambo Component com_loudmouth 4.0j - Remote File Inclusion
Mambo Component com_loudmouth 4.0j - Remote File Inclusion
Sisfo Kampus 2006 - 'dwoprn.php f' Remote File Download
Sisfo Kampus 2006 - 'dwoprn.php f' Arbitrary File Download
Mambo Component 'com_newsletter' 4.5 - 'listid' Parameter SQL Injection
Mambo Component 'com_newsletter' 4.5 - 'listid' Parameter SQL Injection
Joomla! / Mambo Component com_catalogproduction - 'id' SQL Injection
Joomla! / Mambo Component 'com_catalogproduction' - 'id' SQL Injection
Megacubo 5.0.7 - (mega://) Remote File Download and Execute Exploit
Megacubo 5.0.7 - 'mega://' Arbitrary File Download and Execute
DMXReady SDK 1.1 - Remote File Download
DMXReady SDK 1.1 - Arbitrary File Download
Joomla! 1.5.12 RCE via TinyMCE - Arbitrary File Upload
Joomla! 1.5.12 TinyMCE - Remote Code Execution (via Arbitrary File Upload)
Joomla! Component Jw_allVideos - Remote File Download
Joomla! Component Jw_allVideos - Arbitrary File Download
Trouble Ticket Software - ttx.cgi Remote File Download
Trouble Ticket Software - 'ttx.cgi' Arbitrary File Download
Redaxo CMS 4.2.1 - Remote File Inclusion
Redaxo 4.2.1 - Remote File Inclusion
Joomla! Component Music Manager - Local File Inclusion
Joomla! Component 'Music Manager' - Local File Inclusion
Joomla! Component NeoRecruit (com_neorecruit Itemid) - Blind SQL Injection
Joomla! Component 'com_neorecruit' - 'Itemid' Parameter Blind SQL Injection
Joomla! Component artforms 2.1b7.2 rc2 - Multiple Vulnerabilities
Joomla! Component PaymentsPlus - Mtree 2.1.5 - Blind SQL Injection
Joomla! Component 'com_artforms' 2.1b7.2 rc2 - Multiple Vulnerabilities
Joomla! Component 'PaymentsPlus' 2.1.5 - Blind SQL Injection
Joomla! Component Minify4Joomla! - Arbitrary File Upload / Persistent Cross-Site Scripting
Joomla! Component IXXO Cart - SQL Injection
Joomla! Component com_jomtube - (user_id) Blind SQL Injection / SQL Injection
Joomla! Component redSHOP 1.0 (com_redshop pid) - SQL Injection
Joomla! Component QuickFAQ (com_quickfaq) - Blind SQL Injection
Joomla! Component 'Minify4Joomla' - Arbitrary File Upload / Persistent Cross-Site Scripting
Joomla! Component 'IXXO Cart' - SQL Injection
Joomla! Component 'com_jomtube' - 'user_id' Parameter Blind SQL Injection
Joomla! Component 'com_redshop' 1.0 - 'pid' Parameter SQL Injection
Joomla! Component 'com_quickfaq' - Blind SQL Injection
Joomla! Component MyHome (com_myhome) - Blind SQL Injection
Joomla! Component MySms (com_mysms) - Arbitrary File Upload
Joomla! Component Health & Fitness Stats - Persistent Cross-Site Scripting
Joomla! Component 'com_myhome' - Blind SQL Injection
Joomla! Component 'com_mysms' - Arbitrary File Upload
Joomla! Component 'healthstats' - Persistent Cross-Site Scripting
Joomla! Component Rapid Recipe - Persistent Cross-Site Scripting
Joomla! Component 'Rapid-Recipe' - Persistent Cross-Site Scripting
Joomla! Component EasyBlog - Persistent Cross-Site Scripting
Joomla! Component 'EasyBlog' - Persistent Cross-Site Scripting
Joomla! Component QContacts (com_qcontacts) - SQL Injection
Joomla! Component 'com_qcontacts' - SQL Injection
Joomla! Component RedShop 1.0.23.1 - Blind SQL Injection
Joomla! Component 'com_redshop' 1.0.23.1 - Blind SQL Injection
Joomla! Component com_spa - SQL Injection (2)
Joomla! Component com_staticxt - SQL Injection
Joomla! Component 'com_spa' - SQL Injection (2)
Joomla! Component 'com_staticxt' - SQL Injection
Joomla! Component com_spa - SQL Injection (1)
Joomla! Component 'com_spa' - SQL Injection (1)
Joomla! Component com_golfcourseguide) 0.9.6.0 (Beta) / 1 (Beta - SQL Injection
Joomla! Component com_huruhelpdesk - SQL Injection
Joomla! Component com_iproperty - SQL Injection
Joomla! Component 'com_golfcourseguide' 0.9.6.0 - SQL Injection
Joomla! Component 'com_huruhelpdesk' - SQL Injection
Joomla! Component 'com_iproperty' - SQL Injection
Joomla! Component Ozio Gallery (com_oziogallery) - SQL Injection
Joomla! Component ITArmory (com_itarmory) - SQL Injection
Joomla! Component 'com_oziogallery' - SQL Injection
Joomla! Component 'com_itarmory' - SQL Injection
Joomla! Component com_joomdle) 0.24 - SQL Injection
Joomla! Component com_youtube - SQL Injection
Joomla! Component 'com_joomdle' 0.24 - SQL Injection
Joomla! Component 'com_youtube' - SQL Injection
Joomla! Component com_Joomla-visites - Remote File Inclusion
Joomla! Component 'com_Joomla-visites' - Remote File Inclusion
Joomla! Component TTVideo 1.0 - SQL Injection
Joomla! Component 'com_ttvideo' 1.0 - SQL Injection
Joomla! Component appointinator 1.0.1 - Multiple Vulnerabilities
Joomla! Component 'com_appointinator' 1.0.1 - Multiple Vulnerabilities
Joomla! Component PhotoMap Gallery 1.6.0 - Multiple Blind SQL Injections
Joomla! Component com_photomapgallery 1.6.0 - Multiple Blind SQL Injections
Joomla! Component com_beamospetition - SQL Injection
Joomla! Component 'com_beamospetition' - SQL Injection
Caedo HTTPd Server 0.5.1 ALPHA - Remote File Download
Caedo HTTPd Server 0.5.1 ALPHA - Arbitrary File Download
Joomla! Component 1.0 'com_jdownloads' - Arbitrary File Upload
Joomla! Component 'com_jdownloads' 1.0 - Arbitrary File Upload
ADA IMGSVR 0.4 - Remote File Download
ADA IMGSVR 0.4 - Arbitrary File Download
Joomla! / Mambo Component com_buslicense - 'aid' Parameter SQL Injection
Joomla! / Mambo Component 'com_buslicense' - 'aid' Parameter SQL Injection
Joomla! / Mambo Component com_sermon 0.2 - 'gid' Parameter SQL Injection
Joomla! / Mambo Component 'com_sermon' 0.2 - 'gid' Parameter SQL Injection
Joomla! / Mambo Component com_comments 0.5.8.5g - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_comments' 0.5.8.5g - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_iomezun - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_iomezun' - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_Joomlavvz - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_most - 'secid' Parameter SQL Injection
Joomla! / Mambo Component com_asortyment - 'katid' Parameter SQL Injection
Joomla! / Mambo Component 'com_Joomlavvz' - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_most' - 'secid' Parameter SQL Injection
Joomla! / Mambo Component 'com_asortyment' - 'katid' Parameter SQL Injection
Joomla! / Mambo Component com_model - 'objid' Parameter SQL Injection
Joomla! / Mambo Component com_omnirealestate - 'objid' Parameter SQL Injection
Joomla! / Mambo Component 'com_model' - 'objid' Parameter SQL Injection
Joomla! / Mambo Component 'com_omnirealestate' - 'objid' Parameter SQL Injection
Joomla! / Mambo Component com_smslist - 'listid' Parameter SQL Injection
Joomla! / Mambo Component com_activities - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_smslist' - 'listid' Parameter SQL Injection
Joomla! / Mambo Component 'com_activities' - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_lexikon - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_lexikon' - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_team - SQL Injection
Joomla! / Mambo Component com_iigcatalog - 'cat' Parameter SQL Injection
Joomla! / Mambo Component com_formtool - 'catid' Parameter SQL Injection
Joomla! / Mambo Component com_genealogy - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_team' - SQL Injection
Joomla! / Mambo Component 'com_iigcatalog' - 'cat' Parameter SQL Injection
Joomla! / Mambo Component 'com_formtool' - 'catid' Parameter SQL Injection
Joomla! / Mambo Component 'com_genealogy' - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_hello_world - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_hello_world' - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_publication - 'pid' Parameter SQL Injection
Joomla! / Mambo Component com_blog - 'pid' Parameter SQL Injection
Joomla! / Mambo Component 'com_publication' - 'pid' Parameter SQL Injection
Joomla! / Mambo Component 'com_blog' - 'pid' Parameter SQL Injection
Joomla! / Mambo Component com_wines 1.0 - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_wines' 1.0 - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_inter - 'id' Parameter SQL Injection
Joomla! / Mambo Component 'com_inter' - 'id' Parameter SQL Injection
Joomla! / Mambo Component com_guide - 'category' Parameter SQL Injection
Joomla! / Mambo Component 'com_guide' - 'category' Parameter SQL Injection
Joomla! / Mambo Component com_is 1.0.1 - Multiple SQL Injections
Joomla! / Mambo Component 'com_is' 1.0.1 - Multiple SQL Injections
Joomla! / Mambo Component com_utchat 0.2 - Multiple Remote File Inclusion
Joomla! / Mambo Component 'com_utchat' 0.2 - Multiple Remote File Inclusion
Vana CMS - 'Filename' Parameter Remote File Download
Vana CMS - 'Filename' Parameter Arbitrary File Download
Joomla! Component Rapid-Recipe - HTML Injection
Joomla! Component 'Rapid-Recipe' - HTML Injection
Joomla! Component FreiChat 1.0/2.x - Unspecified HTML Injection
Joomla! Component 'FreiChat' 1.0/2.x - Unspecified HTML Injection
REDAXO - 'subpage' Parameter Cross-Site Scripting
Redaxo CMS 5.0.0 - Multiple Vulnerabilities
Redaxo 5.0.0 - Multiple Vulnerabilities
DarkComet Server - Remote File Download Exploit (Metasploit)
DarkComet Server - Arbitrary File Download (Metasploit)
WinaXe 7.7 'FTP client' - Remote Buffer Overflow
Rapid PHP Editor 14.1 - Remote Command Execution
Memcached 1.4.33 - PoC (1)
Memcached 1.4.33 - PoC (2)
Memcached 1.4.33 - PoC (3)
SweetRice 1.5.1 - Arbitrary File Download
Axessh 4.2 - Denial Of Service
SweetRice 1.5.1 - Cross-Site Request Forgery / PHP Code Execution
ETchat 3.7 - Cross-Site Request Forgery
sNews 1.7.1 - Cross-Site Request Forgery
sNews 1.7.1 - Arbitrary File Upload
PCMan FTP Server 2.0.7 - 'ACCT' Command Buffer Overflow
nodCMS - Cross-Site Request Forgery
Redaxo 5.2.0 - Cross-Site Request Forgery
2016-11-04 05:01:21 +00:00
Offensive Security
d97b4f7c48
DB: 2016-10-28
2016-10-28 11:54:09 +00:00
Offensive Security
da85686a94
DB: 2016-10-28
...
6 new exploits
Real Server < 8.0.2 - Remote Exploit (Windows Platforms)
RealServer < 8.0.2 - Remote Exploit (Windows Platforms)
OpenSSH/PAM 3.6.1p1 - Remote Users Ident (gossh.sh)
OpenSSH/PAM 3.6.1p1 - 'gossh.sh' Remote Users Ident
CdRecord 2.0 - Mandrake Privilege Escalation
CDRTools CDRecord 2.0 - Mandrake Privilege Escalation
LeapFTP 2.7.x - Remote Buffer Overflow
LeapWare LeapFTP 2.7.x - Remote Buffer Overflow
GNU Cfengine 2.-2.0.3 - Remote Stack Overflow
GNU CFEngine 2.-2.0.3 - Remote Stack Overflow
IA WebMail 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit
IA WebMail Server 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit
Xsok 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit
XSOK 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit
Serv-U FTPD 3.x/4.x - 'SITE CHMOD' Command Remote Exploit
RhinoSoft Serv-U FTPd Server 3.x/4.x - 'SITE CHMOD' Command Remote Exploit
GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow
PSOProxy 0.91 - Remote Buffer Overflow (Windows 2000/XP)
IPSwitch IMail LDAP Daemon - Remote Buffer Overflow
Serv-U FTPD 3.x/4.x/5.x - (MDTM) Remote Overflow
Proxy-Pro Professional GateKeeper Pro 4.7 - Web proxy Remote Buffer Overflow
PSOProxy 0.91 (Windows 2000/XP) - Remote Buffer Overflow
IPSwitch IMail LDAP Daemon/Service - Buffer Overflow
RhinoSoft Serv-U FTPd Server 3.x/4.x/5.x - (MDTM) Remote Overflow
Traceroute - Privilege Escalation
LBL Traceroute - Privilege Escalation
Perl (Redhat 6.2) - Restore and Dump Local Exploit
Redhat 6.2 Restore and Dump - Local Exploit (Perl)
HP-UX 11.00/10.20 - crontab Overwrite Files Exploit
Solaris/SPARC 2.7 / 7 - locale Format String
HP-UX 11.00/10.20 crontab - Overwrite Files Exploit
Solaris/SPARC 2.7 / 7 locale - Format String
Solaris - locale Format Strings (noexec stack) Exploit
Solaris locale - Format Strings (noexec stack) Exploit
glibc - locale bug mount Exploit
GLIBC locale - bug mount Exploit
Red Hat 6.2 xsoldier-0.96 - Exploit
Red Hat 6.2 xsoldier 0.96 - Exploit
OpenBSD 2.6 / 2.7 ftpd - Remote Exploit
OpenBSD ftpd 2.6 / 2.7 - Remote Exploit
GLIBC - Locale Format Strings Exploit
GLIBC locale - Format Strings Exploit
IRIX (5.3/6.2/6.3/6.4/6.5/6.5.11) - /usr/lib/print/netprint Local Exploit
IRIX 5.3/6.2/6.3/6.4/6.5/6.5.11 - /usr/lib/print/netprint Local Exploit
SquirrelMail - chpasswd Buffer Overflow
SquirrelMail - 'chpasswd' Buffer Overflow
rlpr 2.04 - msg() Remote Format String
Rlpr 2.04 - msg() Remote Format String
Solaris 2.5.0/2.5.1 ps & chkey - Data Buffer Exploit
Solaris 2.5.0/2.5.1 ps / chkey - Data Buffer Exploit
IRIX - Multiple Buffer Overflows (LsD)
SGI IRIX - Multiple Buffer Overflows (LsD)
IRIX - /bin/login Local Buffer Overflow
SGI IRIX - /bin/login Local Buffer Overflow
Solaris 2.4 - passwd & yppasswd & nispasswd Overflows
Solaris 2.4 passwd / yppasswd / nispasswd - Overflows
BlackJumboDog - Remote Buffer Overflow
BlackJumboDog FTP Server - Remote Buffer Overflow
Ollydbg 1.10 - Format String
OllyDbg 1.10 - Format String
SquirrelMail - (chpasswd) Privilege Escalation (Brute Force Exploit)
SquirrelMail - 'chpasswd' Privilege Escalation (Brute Force Exploit)
CDRecord - '$RSH' exec() SUID Shell Creation
CDRecord's ReadCD - '$RSH' exec() SUID Shell Creation
MDaemon 6.5.1 - IMAP/SMTP Remote Buffer Overflow
Alt-N MDaemon 6.5.1 - IMAP/SMTP Remote Buffer Overflow
HP-UX 11.0/11.11 swxxx - Privilege Escalation
HP-UX 11.0/11.11 - swxxx Privilege Escalation
Zinf 2.2.1 - Local Buffer Overflow
Zinf Audio Player 2.2.1 - Local Buffer Overflow
ShixxNote 6.net - Remote Buffer Overflow
ShixxNOTE 6.net - Remote Buffer Overflow
MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow
TABS MailCarrier 2.51 - SMTP EHLO / HELO Buffer Overflow
MailCarrier 2.51 - Remote Buffer Overflow
SLMail 5.5 - POP3 PASS Buffer Overflow
TABS MailCarrier 2.51 - Remote Buffer Overflow
Seattle Lab Mail (SLMail) 5.5 - POP3 PASS Buffer Overflow
eZshopper - 'loadpage.cgi' Directory Traversal
Alex Heiphetz Group eZshopper - 'loadpage.cgi' Directory Traversal
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow
Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (1)
Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (1)
Mercury Mail 4.01 - (Pegasus) IMAP Buffer Overflow (2)
Mercury/32 Mail Server 4.01 - (Pegasus) IMAP Buffer Overflow (2)
Microsoft Internet Explorer - '.ANI' files handling Universal Exploit (MS05-002)
Microsoft Internet Explorer - '.ANI' Universal Exploit (MS05-002)
Microsoft Internet Explorer - '.ANI' files handling Downloader Exploit (MS05-002)
Microsoft Internet Explorer - '.ANI' Downloader Exploit (MS05-002)
Savant Web Server 3.1 - Remote Buffer Overflow (French Windows OS support)
Savant Web Server 3.1 (French Windows OS support) - Remote Buffer Overflow
Serv-U FTP Server 4.x - 'site chmod' Remote Buffer Overflow
RhinoSoft Serv-U FTPd Server 4.x - 'site chmod' Remote Buffer Overflow
Knet 1.04c - Buffer Overflow Denial of Service
KNet Web Server 1.04c - Buffer Overflow Denial of Service
Einstein 1.01 - Local Password Disclosure (asm)
Einstein 1.01 - Local Password Disclosure (ASM)
RealPlayer 10 - '.smil' Local Buffer Overflow
RealNetworks RealPlayer 10 - '.smil' Local Buffer Overflow
phpBB 2.0.12 - Session Handling Authentication Bypass (tutorial 2)
phpBB 2.0.12 - Session Handling Authentication Bypass
UBB Threads < 6.5.2 Beta - (mailthread.php) SQL Injection
UBBCentral UBB.Threads < 6.5.2 Beta - (mailthread.php) SQL Injection
XML-RPC Library 1.3.0 - (xmlrpc.php) Remote Code Injection
XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Code Injection
xmlrpc.php Library 1.3.0 - Remote Command Execution (2)
xmlrpc.php Library 1.3.0 - Remote Command Execution (3)
XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (2)
XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Command Execution (3)
wMailServer 1.0 - Remote Denial of Service
SoftiaCom wMailServer 1.0 - Remote Denial of Service
ZENworks 6.5 Desktop/Server Management - Remote Stack Overflow (Metasploit)
Novell ZENworks 6.5 - Desktop/Server Management Remote Stack Overflow (Metasploit)
BusinessMail 4.60.00 - Remote Buffer Overflow
BusinessMail Server 4.60.00 - Remote Buffer Overflow
WebAdmin 2.0.4 - USER Buffer Overflow (Metasploit)
Alt-N WebAdmin 2.0.4 - USER Buffer Overflow (Metasploit)
Wireless Tools 26 - (iwconfig) Privilege Escalation (some setuid)
Wireless Tools 26 (IWConfig) - Privilege Escalation (some setuid)
Mercury Mail 4.01a (Pegasus) - IMAP Buffer Overflow
Mercury/32 Mail Server 4.01a (Pegasus) - IMAP Buffer Overflow
CA iGateway - (debug mode) Remote Buffer Overflow
CA iTechnology iGateway - (debug mode) Remote Buffer Overflow
Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC)
KarjaSoft Sami FTP Server 2.0.1 - Remote Stack Based Buffer Overflow (PoC)
Sami FTP Server 2.0.1 - Remote Buffer Overflow (Metasploit)
KarjaSoft Sami FTP Server 2.0.1 - Remote Buffer Overflow (Metasploit)
Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp)
KarjaSoft Sami FTP Server 2.0.1 - Remote Buffer Overflow (cpp)
Zorum Forum 3.5 - (rollid) SQL Injection
Zorum Forum 3.5 - 'rollid' SQL Injection
SaphpLesson 2.0 - (forumid) SQL Injection
saPHP Lesson 2.0 - (forumid) SQL Injection
zawhttpd 0.8.23 - (GET) Remote Buffer Overflow Denial of Service
zawhttpd 0.8.23 - GET Remote Buffer Overflow Denial of Service
Zix Forum 1.12 - (layid) SQL Injection
Zix Forum 1.12 - 'layid' SQL Injection
QBik Wingate 6.1.1.1077 - (POST) Remote Buffer Overflow
QBik WinGate WWW Proxy Server 6.1.1.1077 - (POST) Remote Buffer Overflow
INDEXU 5.0.1 - (admin_template_path) Remote File Inclusion
Indexu 5.0.1 - (admin_template_path) Remote File Inclusion
SmartSiteCMS 1.0 - (root) Multiple Remote File Inclusion
SmartSite CMS 1.0 - (root) Multiple Remote File Inclusion
Solaris 10 - sysinfo() Local Kernel Memory Disclosure
Solaris 10 sysinfo() - Local Kernel Memory Disclosure
SAPID CMS 1.2.3.05 - 'ROOT_PATH' Remote File Inclusion
SAPID 1.2.3.05 - 'ROOT_PATH' Remote File Inclusion
ZZ:FlashChat 3.1 - (adminlog) Remote File Inclusion
ZZ:FlashChat 3.1 - 'adminlog' Remote File Inclusion
WFTPD 3.23 - (SIZE) Remote Buffer Overflow
Texas Imperial Software WFTPD 3.23 - (SIZE) Remote Buffer Overflow
Apache < 1.3.37 / 2.0.59 / 2.2.3 - (mod_rewrite) Remote Overflow (PoC)
Apache (mod_rewrite) < 1.3.37 / 2.0.59 / 2.2.3 - Remote Overflow (PoC)
Tr Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit
TR Forum 2.0 - SQL Injection / Bypass Security Restriction Exploit
X11R6 <= 6.4 XKEYBOARD (solaris/x86) - Local Buffer Overflow
X11R6 <= 6.4 XKEYBOARD (sco/x86) - Local Buffer Overflow
X11R6 <= 6.4 XKEYBOARD (solaris x86) - Local Buffer Overflow
X11R6 <= 6.4 XKEYBOARD (sco x86) - Local Buffer Overflow
Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion
Telekorn Signkorn Guestbook 1.3 - (dir_path) Remote File Inclusion
ZoomStats 1.0.2 - (mysql.php) Remote File Inclusion
ZoomStats 1.0.2 - 'mysql.php' Remote File Inclusion
Microsoft Internet Explorer (VML) - Remote Buffer Overflow (SP2) (Perl)
Microsoft Internet Explorer - (VML) Remote Buffer Overflow (SP2) (Perl)
PHPMyWebmin 1.0 - (window.php) Remote File Inclusion
phpMyWebmin 1.0 - (window.php) Remote File Inclusion
VideoDB 2.2.1 - (pdf.php) Remote File Inclusion
VideoDB 2.2.1 - 'pdf.php' Remote File Inclusion
Microsoft Office 2003 - PPT Local Buffer Overflow (PoC)
Microsoft Office 2003 - '.PPT' Local Buffer Overflow (PoC)
Solaris 10 libnspr - LD_PRELOAD Arbitrary File Creation Privilege Escalation
Solaris 10 (libnspr) - LD_PRELOAD Arbitrary File Creation Privilege Escalation
Solaris 10 libnspr - Constructor Privilege Escalation
Solaris 10 (libnspr) - Constructor Privilege Escalation
Microsoft Windows NAT Helper Components - 'ipnathlp.dll' Remote Denial of Service
Microsoft Windows - NAT Helper Components 'ipnathlp.dll' Remote Denial of Service
3Com TFTP Service 2.0.1 - 'Long Transporting Mode' Overflow (PoC)
3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow (PoC)
3Com TFTP Service 2.0.1 - 'Long Transporting Mode' Overflow Exploit
3Com TFTP Service (3CTftpSvc) 2.0.1 - 'Long Transporting Mode' Overflow Exploit
BlazeVideo HDTV Player 2.1 - Malformed PLF Buffer Overflow (PoC)
BlazeVideo HDTV Player 2.1 - Malformed '.PLF' Buffer Overflow (PoC)
AT-TFTP 1.9 - (Long Filename) Remote Buffer Overflow
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - (Long Filename) Remote Buffer Overflow
DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow
AstonSoft DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow
KDE 3.5 - (libkhtml) 4.2.0 / Unhandled HTML Parse Exception Exploit
KDE libkhtml 3.5 < 4.2.0 - Unhandled HTML Parse Exception Exploit
Irokez CMS 0.7.1 - Multiple Remote File Inclusion
Irokez Blog 0.7.1 - Multiple Remote File Inclusion
PHP-update 2.7 - Multiple Vulnerabilities
PHP-Update 2.7 - Multiple Vulnerabilities
Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC)
KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow (PoC)
TFTPDWIN 0.4.2 - Remote Buffer Overflow
ProSysInfo TFTP server TFTPDWIN 0.4.2 - Remote Buffer Overflow
Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow
KarjaSoft Sami FTP Server 2.0.2 - (USER/PASS) Remote Buffer Overflow
3Com TFTP Service 2.0.1 - Remote Buffer Overflow (Metasploit)
3Com TFTP Service (3CTftpSvc) 2.0.1 - Remote Buffer Overflow (Metasploit)
FdScript 1.3.2 - 'download.php' Remote File Disclosure
FD Script 1.3.2 - 'download.php' Remote File Disclosure
Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow
Imail 8.10-8.12 - (RCPT TO) Remote Buffer Overflow (Metasploit)
Ipswitch IMail Server 8.10-8.12 - (RCPT TO) Remote Buffer Overflow
Ipswitch IMail Server 8.10-8.12 - (RCPT TO) Remote Buffer Overflow (Metasploit)
SunOS 5.10/5.11 - in.TelnetD Remote Authentication Bypass
SunOS 5.10/5.11 in.TelnetD - Remote Authentication Bypass
ZebraFeeds 1.0 - (zf_path) Remote File Inclusion
ZebraFeeds 1.0 - 'zf_path' Remote File Inclusion
MailEnable Enterprise 2.32 < 2.34 - Remote Buffer Overflow
MailEnable Professional 2.35 - Remote Buffer Overflow
MailEnable IMAPD Enterprise 2.32 < 2.34 - Remote Buffer Overflow
MailEnable IMAPD Professional 2.35 - Remote Buffer Overflow
Ipswitch WS_FTP 5.05 - (XMD5) Remote Buffer Overflow (Metasploit)
Ipswitch WS_FTP Server 5.05 - (XMD5) Remote Buffer Overflow (Metasploit)
Oracle 10g KUPW$WORKER.MAIN - SQL Injection (2)
Oracle 10g - KUPW$WORKER.MAIN SQL Injection (2)
3Com TFTP Service 2.0.1 - (Long Transporting Mode) Exploit (Perl)
madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow
3Com TFTP Service (3CTftpSvc) 2.0.1 - (Long Transporting Mode) Exploit (Perl)
Madwifi 0.9.2.1 - WPA/RSN IE Remote Kernel Buffer Overflow
TFTPDWIN Server 0.4.2 - (UDP) Denial of Service
ProSysInfo TFTP Server TFTPDWIN 0.4.2 - (UDP) Denial of Service
NetVios Portal - 'page.asp' SQL Injection
NetVIOS Portal - 'page.asp' SQL Injection
Mercury Mail 4.0.1 - 'LOGIN' Remote IMAP Stack Buffer Overflow
Mercury/32 Mail Server 4.0.1 - 'LOGIN' Remote IMAP Stack Buffer Overflow
Apache Mod_Rewrite (Windows x86) - Off-by-One Remote Overflow
Apache (mod_rewrite) (Windows x86) - Off-by-One Remote Overflow
Microsoft Windows GDI - Privilege Escalation (MS07-017) (1)
Microsoft Windows - GDI Privilege Escalation (MS07-017) (1)
qdblog 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities
Quick and Dirty Blog (qdblog) 0.4 - (SQL Injection / Local File Inclusion) Multiple Vulnerabilities
Microsoft Windows GDI - Privilege Escalation (MS07-017) (2)
Microsoft Windows - GDI Privilege Escalation (MS07-017) (2)
Zomplog 3.8 - (force_download.php) Remote File Disclosure
Zomplog 3.8 - 'force_download.php' Remote File Disclosure
Versalsoft HTTP File Upload - ActiveX 6.36 (AddFile) Remote Denial of Service
Versalsoft HTTP File Uploader - ActiveX 6.36 (AddFile) Remote Denial of Service
Gimp 2.2.14 (Win x86) - '.ras' Download/Execute Buffer Overflow
GIMP 2.2.14 (Windows x86) - '.ras' Download/Execute Buffer Overflow
UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (PoC)
UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (PoC)
Apache 2.0.58 Mod_Rewrite - Remote Overflow (Windows 2003)
Apache (mod_rewrite) 2.0.58 (Windows 2003) - Remote Overflow
UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (1)
UltraISO 8.6.2.2011 - (Cue/Bin Files) Local Buffer Overflow (2)
UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (1)
UltraISO 8.6.2.2011 - '.cue/'.bin' Local Buffer Overflow (2)
Microsoft Windows GDI+ - ICO File Remote Denial of Service
Microsoft Windows - GDI+ '.ICO' File Remote Denial of Service
Safari 3 for Windows Beta - Remote Command Execution (PoC)
Apple Safari 3 for Windows Beta - Remote Command Execution (PoC)
YourFreeScreamer 1.0 - (serverPath) Remote File Inclusion
YourFreeScreamer 1.0 - 'serverPath' Remote File Inclusion
BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow
RKD Software BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Overflow
PHPEventCalendar 0.2.3 - (eventdisplay.php) SQL Injection
phpEventCalendar 0.2.3 - (eventdisplay.php) SQL Injection
Oracle 9i/10g Evil Views - Change Passwords Exploit
Oracle 9i/10g - Evil Views Change Passwords Exploit
Savant 3.1 - GET Request Remote Overflow (Universal)
Savant Web Server 3.1 - GET Request Remote Overflow (Universal)
Easy Chat Server 2.2 - Remote Denial of Service
EFS Easy Chat Server 2.2 - Remote Denial of Service
Mercury SMTPD - Remote Unauthenticated Stack Based Overrun (PoC)
Mercury/32 Mail SMTPD - Remote Unauthenticated Stack Based Overrun (PoC)
Mercury/32 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow
Mercury/32 Mail SMTPD 4.51 - SMTPD CRAM-MD5 Unauthenticated Remote Overflow
Mercury/32 3.32-4.51 - SMTP Unauthenticated EIP Overwrite
Mercury/32 Mail Server 3.32<4.51 - SMTP Unauthenticated EIP Overwrite
Thomson SIP phone ST 2030 - Remote Denial of Service
Thomson SpeedTouch ST 2030 (SIP Phone) - Remote Denial of Service
MSN messenger 7.x (8.0?) - Video Remote Heap Overflow
Microsoft MSN Messenger 7.x (8.0?) - Video Remote Heap Overflow
Microsoft Visual Basic Enterprise Edition 6.0 SP6 - Code Execution
Microsoft Visual Basic Enterprise 6.0 SP6 - Code Execution
AskJeeves Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow
Ask.com/AskJeeves Toolbar Toolbar 4.0.2.53 - ActiveX Remote Buffer Overflow
MDPro 1.0.76 - SQL Injection
MD-Pro 1.0.76 - SQL Injection
ZZ FlashChat 3.1 - (help.php) Local File Inclusion
ZZ FlashChat 3.1 - 'help.php' Local File Inclusion
PHP-AGTC membership system 1.1a - Remote Add Admin
PHP-AGTC Membership System 1.1a - Remote Add Admin
Quick and Dirty Blog 0.4 - (categories.php) Local File Inclusion
Quick and Dirty Blog (qdblog) 0.4 - (categories.php) Local File Inclusion
badblue 2.72b - Multiple Vulnerabilities
BadBlue 2.72b - Multiple Vulnerabilities
SquirrelMail G/PGP Plugin - deletekey() Command Injection
SquirrelMail G/PGP Encryption Plugin - deletekey() Command Injection
hp software update client 3.0.8.4 - Multiple Vulnerabilities
HP Software Update Client 3.0.8.4 - Multiple Vulnerabilities
Microsoft Visual InterDev 6.0-SP6 - '.sln' Local Buffer Overflow
Microsoft Visual InterDev 6.0 SP6 - '.sln' Local Buffer Overflow
QuickTime Player 7.3.1.70 - RTSP Remote Buffer Overflow (PoC)
QuickTime Player 7.3.1.70 - 'RTSP' Remote Buffer Overflow (PoC)
Gradman 0.1.3 - (agregar_info.php) Local File Inclusion
Gradman 0.1.3 - 'agregar_info.php' Local File Inclusion
mybulletinboard (MyBB) 1.2.10 - Multiple Vulnerabilities
MyBulletinBoard (MyBB) 1.2.10 - Multiple Vulnerabilities
Mini File Host 1.2 - (upload.php language) Local File Inclusion
Crystal Reports XI Release 2 - (Enterprise Tree Control) ActiveX Buffer Overflow/Denial of Service
Mini File Host 1.2 - 'language' Parameter Local File Inclusion
Crystal Reports XI Release 2 (Enterprise Tree Control) - ActiveX Buffer Overflow/Denial of Service
Gradman 0.1.3 - (info.php tabla) Local File Inclusion
Small Axe 0.3.1 - (linkbar.php cfile) Remote File Inclusion
Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.dsr' File Handling Buffer Overflow
Gradman 0.1.3 - 'info.php' Local File Inclusion
Small Axe 0.3.1 - 'cfile' Parameter Remote File Inclusion
Microsoft Visual Basic Enterprise 6 SP6 - '.dsr' File Handling Buffer Overflow
Mini File Host 1.2.1 - (upload.php language) Local File Inclusion
Mini File Host 1.2.1 - 'language' Parameter Local File Inclusion
Frimousse 0.0.2 - explorerdir.php Local Directory Traversal
360 Web Manager 3.0 - (IDFM) SQL Injection
bloofox 0.3 - (SQL Injection / File Disclosure) Multiple Vulnerabilities
Frimousse 0.0.2 - 'explorerdir.php' Local Directory Traversal
360 Web Manager 3.0 - 'IDFM' Parameter SQL Injection
bloofox 0.3 - SQL Injection / File Disclosure
Mooseguy Blog System 1.0 - (blog.php month) SQL Injection
Mooseguy Blog System 1.0 - 'month' Parameter SQL Injection
IDM-OS 1.0 - (download.php Filename) File Disclosure
IDM-OS 1.0 - 'Filename' Parameter File Disclosure
MoinMoin 1.5.x - MOIND_ID cookie Bug Remote Exploit
aflog 1.01 - comments.php Cross-Site Scripting / SQL Injection
MoinMoin 1.5.x - 'MOIND_ID' Cookie Bug Remote Exploit
aflog 1.01 - Cross-Site Scripting / SQL Injection
Easysitenetwork Recipe - 'categoryId' SQL Injection
Coppermine Photo Gallery 1.4.14 - SQL Injection
Easysitenetwork Recipe - 'categoryId' Parameter SQL Injection
Coppermine Photo Gallery 1.4.10 - SQL Injection
web wiz rich text editor 4.0 - Multiple Vulnerabilities
Web Wiz Rich Text Editor 4.0 - Multiple Vulnerabilities
Seagull 0.6.3 - (optimizer.php files) Remote File Disclosure
Seagull 0.6.3 - 'optimizer.php' Remote File Disclosure
Joomla! Component Marketplace 1.1.1 - SQL Injection
Joomla! Component com_Marketplace 1.1.1 - SQL Injection
ASPapp - 'links.asp CatId' SQL Injection
ASPapp Knowledge Base - 'links.asp CatId' SQL Injection
ZYXEL ZyWALL Quagga/Zebra - (default pass) Remote Root Exploit
ZYXEL ZyWALL Quagga/Zebra - (Default Password) Remote Root Exploit
Quick TFTP Pro 2.1 - Remote SEH Overflow
Quick TFTP Server Pro 2.1 - Remote SEH Overflow
Microsoft Office XP SP3 - PPT File Buffer Overflow (MS08-016)
Microsoft Office XP SP3 - '.PPT' File Buffer Overflow (MS08-016)
HP OpenView NNM 7.5.1 - OVAS.exe SEH Unauthenticated Overflow
HP OpenView Network Node Manager (OV NNM) 7.5.1 - OVAS.exe SEH Unauthenticated Overflow
Microsoft Visual InterDev 6.0 - (SP6) SLN File Local Buffer Overflow (PoC)
Microsoft Visual InterDev 6.0 (SP6) - .SLN File Local Buffer Overflow (PoC)
Microsoft Visual Basic Enterprise Ed. 6 SP6 - '.DSR' File Local Buffer Overflow
Microsoft Visual Basic Enterprise 6 SP6 - '.DSR' File Local Buffer Overflow
hp openview nnm 7.53 - Multiple Vulnerabilities
HP OpenView Network Node Manager (OV NNM) 7.53 - Multiple Vulnerabilities
PHPKB 1.5 Knowledge Base - 'ID' SQL Injection
PHPKB Knowledge Base Software 1.5 - 'ID' SQL Injection
Microsoft Windows GDI - Image Parsing Stack Overflow (MS08-021)
Microsoft Windows - GDI Image Parsing Stack Overflow (MS08-021)
HP OpenView NNM 7.5.1 - ovalarmsrv.exe Remote Overflow
HP OpenView Network Node Manager (OV NNM) 7.5.1 - ovalarmsrv.exe Remote Overflow
siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
Siteman 2.x - (Code Execution / Local File Inclusion / Cross-Site Scripting) Multiple Vulnerabilities
ZeusCart 2.0 - (category_list.php) SQL Injection
ZeusCart 2.0 - 'category_list.php' SQL Injection
Zomplog 3.8.2 - (newuser.php) Arbitrary Add Admin
Zomplog 3.8.2 - 'newuser.php' Arbitrary Add Admin
Zomplog 3.8.2 - (force_download.php) File Disclosure
Zomplog 3.8.2 - 'force_download.php' File Disclosure
PHP AGTC-Membership System 1.1a - Arbitrary Add Admin
PHP-AGTC Membership System 1.1a - Arbitrary Add Admin
PHP Booking Calendar 10 d - SQL Injection
phpBookingCalendar 10 d - SQL Injection
SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC)
Alt-N SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (PoC)
Yuhhu 2008 SuperStar - (board) SQL Injection
Yuhhu 2008 SuperStar - 'board' SQL Injection
gravity board x 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
Gravity Board X 2.0 Beta - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
gl-sh deaf forum 6.5.5 - Multiple Vulnerabilities
GL-SH Deaf Forum 6.5.5 - Multiple Vulnerabilities
Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow
Apple Safari / QuickTime 7.3 - RTSP Content-Type Remote Buffer Overflow
trixbox - (langChoice) Local File Inclusion (connect-back) (2)
Trixbox - (langChoice) Local File Inclusion (connect-back) (2)
Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow
Download Accelerator Plus DAP 8.x - '.m3u' File Buffer Overflow
Artic Issue Tracker 2.0.0 - (index.php filter) SQL Injection
Arctic Issue Tracker 2.0.0 - (index.php filter) SQL Injection
Ppim 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities
pPIM 1.0 - (Arbitrary File Delete / Cross-Site Scripting) Multiple Vulnerabilities
Cisco WebEx Meeting Manager - 'atucfobj.dll' ActiveX Remote Buffer Overflow
Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX Remote Buffer Overflow
Ppim 1.0 - (upload/change Password) Multiple Vulnerabilities
pPIM 1.0 - (upload/change Password) Multiple Vulnerabilities
z-breaknews 2.0 - (single.php) SQL Injection
z-breaknews 2.0 - 'single.php' SQL Injection
Ultra Office - ActiveX Control Remote Buffer Overflow
Ultra Shareware Office Control - ActiveX Control Remote Buffer Overflow
Micrsoft Windows GDI - (CreateDIBPatternBrushPt) Heap Overflow (PoC)
Microsoft Windows - GDI (CreateDIBPatternBrushPt) Heap Overflow (PoC)
phpvid 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Zanfi CMS lite / Jaw Portal free - (page) SQL Injection
phpVID 1.1 - (Cross-Site Scripting / SQL Injection) Multiple Vulnerabilities
Zanfi CMS lite / Jaw Portal free - 'page' SQL Injection
Microsoft Windows Media Encoder XP SP2 - 'wmex.dll' ActiveX Buffer Overflow (MS08-053)
Microsoft Windows Media Encoder (Windows XP SP2) - 'wmex.dll' ActiveX Buffer Overflow (MS08-053)
QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash
Apple QuickTime 7.5.5 / iTunes 8.0 - Remote Off-by-One Crash
Microsoft Windows GDI+ - '.ico' Remote Division By Zero Exploit
Microsoft Windows - GDI+ '.ico' Remote Division By Zero Exploit
Microsoft Windows GDI - (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021)
Microsoft Windows - GDI (EMR_COLORMATCHTOTARGETW) Exploit (MS08-021)
opennms < 1.5.96 - Multiple Vulnerabilities
OpenNMS < 1.5.96 - Multiple Vulnerabilities
yerba sacphp 6.3 - Multiple Vulnerabilities
Yerba SACphp 6.3 - Multiple Vulnerabilities
Microsoft Windows GDI+ - PoC (MS08-052) (2)
Microsoft Windows - GDI+ PoC (MS08-052) (2)
zeeproperty - (adid) SQL Injection
zeeproperty - 'adid' SQL Injection
TUGzip 3.00 archiver - '.zip' Local Buffer Overflow
TugZip 3.00 Archiver - '.zip' Local Buffer Overflow
AJ ARTICLE - 'featured_article.php mode' SQL Injection
AJ Article - 'featured_article.php mode' SQL Injection
Article Publisher PRO 1.5 - Insecure Cookie Handling
Graugon PHP Article Publisher Pro 1.5 - Insecure Cookie Handling
YourFreeWorld Classifieds - (category) SQL Injection
YourFreeWorld Classifieds - 'category' SQL Injection
PG Roomate Finder Solution - (Authentication Bypass) SQL Injection
Pilot Group PG Roommate Finder Solution - (Authentication Bypass) SQL Injection
iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC)
Apple iTunes 8.0.2.20/QuickTime 7.5.5 - (.mov) Multiple Off By Overflow (PoC)
asp AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities
ASP AutoDealer - (SQL Injection / File Disclosure) Multiple Vulnerabilities
Professional Download Assistant 0.1 - (Authentication Bypass) SQL Injection
dotnetindex Professional Download Assistant 0.1 - (Authentication Bypass) SQL Injection
phpmygallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities
PHPmyGallery 1.0beta2 - (Remote File Inclusion / Local File Inclusion) Multiple Vulnerabilities
Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray)
Apple Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray)
Hex Workshop 6.0 - (ColorMap files .cmap) Invalid Memory Reference (PoC)
Hex Workshop 6.0 - '.cmap' Invalid Memory Reference (PoC)
ProFTPd with mod_mysql - Authentication Bypass
ProFTPd - 'mod_mysql' Authentication Bypass
ppim 1.0 - Multiple Vulnerabilities
pPIM 1.0 - Multiple Vulnerabilities
Orbit 2.8.4 - Long Hostname Remote Buffer Overflow
Orbit Downloader 2.8.4 - Long Hostname Remote Buffer Overflow
Merak Media PLayer 3.2 - '.m3u' File Local Buffer Overflow (SEH)
Merak Media Player 3.2 - '.m3u' File Local Buffer Overflow (SEH)
Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Files Local Heap Overflow (PoC)
Media Commands - '.m3u' / '.m3l' / '.TXT' / '.LRC' Local Heap Overflow (PoC)
bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities
Bloginator 1a - (Cookie Bypass / SQL Injection) Multiple Vulnerabilities
Racer 0.5.3b5 - Remote Stack Buffer Overflow
Racer 0.5.3 Beta 5 - Remote Stack Buffer Overflow
Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash
Apple Safari 3.2.2/4b - (nested elements) XML Parsing Remote Crash
Gravity Board X 2.0b - SQL Injection / Authenticated Code Execution
Gravity Board X 2.0 Beta - SQL Injection / Authenticated Code Execution
Online Guestbook Pro - (display) Blind SQL Injection
Esoftpro Online Guestbook Pro - (display) Blind SQL Injection
tematres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
TemaTres 1.0.3 - (Authentication Bypass / SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
ZaoCMS - (user_id) SQL Injection
ZaoCMS - 'user_id' SQL Injection
Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC)
Apple Safari - RSS 'feed://' Buffer Overflow via libxml2 (PoC)
ZeeCareers 2.0 - (addAdminmembercode.php) Add Admin
ZeeCareers 2.0 - 'addAdminmembercode.php' Add Admin
AdPeeps 8.5d1 - Cross-Site Scripting / HTML Injection
Impact Software AdPeeps 8.5d1 - Cross-Site Scripting / HTML Injection
WebBoard 2.90 Beta - Remote File Disclosure
212Cafe WebBoard 2.90 Beta - Remote File Disclosure
ZeusCart 2.3 - (maincatid) SQL Injection
ZeusCart 2.3 - 'maincatid' SQL Injection
DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection
Worldweaver DX Studio Player < 3.0.29.1 Firefox plugin - Command Injection
compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC)
Compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC)
OtsAv DJ/TV/Radio - Multiple Local Heap Overflow PoCs
otsAV DJ/TV/Radio - Multiple Local Heap Overflow PoCs
Microsoft Office Web Components (Spreadsheet) - ActiveX Buffer Overflow (PoC)
Microsoft Office Web Components (OWC) Spreadsheet - ActiveX Buffer Overflow (PoC)
DD-WRT - (httpd service) Remote Command Execution
DD-WRT HTTPd Daemon/Service - Remote Command Execution
GLinks 2.1 - (cat) Blind SQL Injection
Groone's GLink ORGanizer 2.1 - (cat) Blind SQL Injection
XOOPS celepar module qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
XOOPS Celepar Module Qas - (Blind SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC)
Sun xVM VirtualBox 2.2 < 3.0.2 r49928 - Local Host Reboot (PoC)
Amaya 11.2 W3C Editor/Browser - (defer) Remote Buffer Overflow (SEH)
Amaya 11.2 - W3C Editor/Browser (defer) Remote Buffer Overflow (SEH)
Payment Processor Script - 'shop.htm cid' SQL Injection
Payment Processor Script (PPScript) - 'shop.htm cid' SQL Injection
Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC)
Apple Safari 4.0.2 - (WebKit Parsing of Floating Point Numbers) Buffer Overflow (PoC)
BandCMS 0.10 - news.php Multiple SQL Injection
Rock Band CMS 0.10 - news.php Multiple SQL Injection
Microsoft IIS 5.0 (Windows 2000 SP4) - FTP Server Remote Stack Overflow
Microsoft IIS 5.0 FTP Server (Windows 2000 SP4) - Remote Stack Overflow
Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service
Apple Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service
Eureka Mail Client 2.2q - PoC Buffer Overflow
Eureka Email Client 2.2q - PoC Buffer Overflow
Solaris 8.0 - LPD Command Execution (Metasploit)
Solaris 8.0 LPD - Command Execution (Metasploit)
Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit)
Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit)
Apple Mail.App 10.5.0 (OSX) - Image Attachment Command Execution (Metasploit)
Knox Arkeia Backup Client 5.3.3 (OSX) - Type 77 Overflow (Metasploit)
ntpd 4.0.99j-k readvar - Buffer Overflow (Metasploit)
NTPd 4.0.99j-k readvar - Buffer Overflow (Metasploit)
Poptop < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit)
PoPToP < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit)
BulletProof FTP 2.63 b56 - Client Malformed '.bps' File Stack Buffer Overflow
BulletProof FTP Client 2.63 b56 - Malformed '.bps' File Stack Buffer Overflow
Dopewars 1.5.12 Server - Denial of Service
Dopewars Server 1.5.12 - Denial of Service
Free Download Manager Torrent File Parsing - Multiple Remote Buffer Overflow Vulnerabilities (Metasploit)
Free Download Manager - Torrent File Parsing Multiple Remote Buffer Overflow Vulnerabilities (Metasploit)
HP LaserJet printers - Multiple Persistent Cross-Site Scripting Vulnerabilities
HP LaserJet Printers - Multiple Persistent Cross-Site Scripting Vulnerabilities
Salim Gasmi GLD 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit)
Salim Gasmi GLD (Greylisting Daemon) 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit)
Adobe Shockwave 11.5.1.601 Player - Multiple Code Execution
Adobe Shockwave Player 11.5.1.601 - Multiple Code Execution
HP Power Manager Administration - Universal Buffer Overflow
Hewlett-Packard (HP) Power Manager Administration Power Manager Administration - Universal Buffer Overflow
Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
Apple Safari 4.0.3 (Windows x86) - CSS Remote Denial of Service
HP Openview NNM 7.53 - Invalid DB Error Code
HP OpenView Network Node Manager (OV NNM) 7.53 - Invalid DB Error Code
Quick.Cart 3.4 and Quick.CMS 2.4 - Cross-Site Request Forgery
Quick.Cart 3.4 / Quick.CMS 2.4 - Cross-Site Request Forgery
Eureka Mail Client - Remote Buffer Overflow
Eureka Email Client - Remote Buffer Overflow
IDEAL Administration 2009 9.7 - Local Buffer Overflow
PointDev IDEAL Administration 2009 9.7 - Local Buffer Overflow
phpshop 0.8.1 - Multiple Vulnerabilities
phpShop 0.8.1 - Multiple Vulnerabilities
IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)
PointDev IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit)
HP NNM 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow
HP OpenView Network Node Manager (OV NNM) 7.53 - ovalarm.exe CGI Unauthenticated Remote Buffer Overflow
DigitalHive - Multiple Vulnerabilities
Digital Hive - Multiple Vulnerabilities
zabbix server - Multiple Vulnerabilities
Zabbix Server - Multiple Vulnerabilities
freekot - (Authentication Bypass) SQL Injection
Digiappz Freekot - (Authentication Bypass) SQL Injection
TFTP Daemon 1.9 - Denial of Service
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - Denial of Service
B2B Trading Marketplace - SQL Injection
SoftBiz B2B trading Marketplace Script - SQL Injection
Mini-stream - Windows XP SP2 and SP3 Exploit
Mini-stream Ripper (Windows XP SP2/SP3) - Exploit
Audiotran 1.4.1 - (Win XP SP2/SP3 English) Buffer Overflow
Audiotran 1.4.1 (Windows XP SP2/SP3 English) - Buffer Overflow
Safari 4.0.4 / Firefox 3.5.7 / SeaMonkey 2.0.1 - Remote Denial of Service
Apple Safari 4.0.4 / Firefox 3.5.7 / SeaMonkey 2.0.1 - Remote Denial of Service
iTunes 9.0.1 - '.pls' Handling Buffer Overflow
Apple iTunes 9.0.1 - '.pls' Handling Buffer Overflow
Apple Safari 4.0.4 & Google Chrome 4.0.249 - CSS style Stack Overflow Denial of Service/PoC
Apple Safari 4.0.4 / Google Chrome 4.0.249 - CSS style Stack Overflow Denial of Service (PoC)
Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service
Apple Safari 4.0.4 (531.21.10) - Stack Overflow/Run Denial of Service
bild flirt system 2.0 - 'index.php' 'id' SQL Injection
Bild Flirt System 2.0 - 'index.php' 'id' SQL Injection
SAFARI APPLE 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash)
Apple Safari 4.0.5 - (object tag) 'JavaScriptCore.dll' Denial of Service (Crash)
iOS Safari - Bad 'VML' Remote Denial of Service
iOS Safari - Remote Denial of Service
Apple iOS Safari - Bad 'VML' Remote Denial of Service
Apple iOS Safari - Remote Denial of Service
HP OpenView NNM - OvWebHelp.exe CGI Topic Overflow
HP OpenView Network Node Manager (OV NNM) - OvWebHelp.exe CGI Topic Overflow
Adobe Reader - Escape From PDF
Adobe Reader - Escape From '.PDF'
TugZip 3.5 - '.ZIP' File Buffer Overflow
TugZip 3.5 Archiver - '.ZIP' File Buffer Overflow
Joomla! Component jp_jobs - SQL Injection
Joomla! Component com_jp_jobs - SQL Injection
Joomla! Component QPersonel - SQL Injection
Joomla! Component com_QPersonel - SQL Injection
Bild Flirt 1.0 - SQL Injection
Bild Flirt System 1.0 - SQL Injection
Safari 4.0.5 - (531.22.7) Denial of Service
Apple Safari 4.0.5 - (531.22.7) Denial of Service
Webkit (Safari 4.0.5) - Blink Tag Stack Exhaustion Denial of Service
Webkit (Apple Safari 4.0.5) - Blink Tag Stack Exhaustion Denial of Service
Safari 4.0.3 / 4.0.4 - Stack Exhaustion
Apple Safari 4.0.3 / 4.0.4 - Stack Exhaustion
724CMS Enterprise 4.59 - SQL Injection
PHPKB Knowledge Base Software 2.0 - Multilanguage Support - Multiple SQL Injections
724CMS 4.59 Enterprise - SQL Injection
PHPKB Knowledge Base Software 2.0 - Multilanguage Support Multiple SQL Injections
Joomla! Component JE Job - Local File Inclusion
Joomla! Component com_jejob JE Job 1.0 - Local File Inclusion
Safari 4.0.5 - parent.close() Memory Corruption (ASLR + DEP Bypass)
Apple Safari 4.0.5 - parent.close() Memory Corruption (ASLR + DEP Bypass)
Joomla! Component com_jejob 1.0 - 'catid' SQL Injection
Joomla! Component com_jejob JE Job 1.0 - 'catid' SQL Injection
Savy Soda Documents - (Mobile Office Suite) XLS Denial of Service
Office^2 iPhone - XLS Denial of Service
GoodiWare GoodReader iPhone - XLS Denial of Service
Savy Soda Documents - (Mobile Office Suite) '.XLS' Denial of Service
Office^2 iPhone - '.XLS' Denial of Service
GoodiWare GoodReader iPhone - '.XLS' Denial of Service
Yamamah (news) - SQL Injection / Source Code Disclosure
Yamamah - 'news' SQL Injection / Source Code Disclosure
Unreal IRCD 3.2.8.1 - Remote Downloader/Execute Trojan
UnrealIRCd 3.2.8.1 - Remote Downloader/Execute Trojan
k-search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
K-Search - (SQL Injection / Cross-Site Scripting) Multiple Vulnerabilities
YPNinc JokeScript - (ypncat_id) SQL Injection
YPNinc JokeScript - 'ypncat_id' SQL Injection
YPNinc PHP Realty Script - (docID) SQL Injection
YPNinc PHP Realty Script - 'docID' SQL Injection
HP OpenView NNM - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution
HP OpenView NNM - getnnmdata.exe CGI Invalid ICount Remote Code Execution
HP OpenView NNM - getnnmdata.exe CGI Invalid Hostname Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid MaxAge Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid ICount Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe CGI Invalid Hostname Remote Code Execution
Apple Mac OSX (Snow Leopard) EvoCam Web Server - ROP Remote Exploit
Apple Mac OSX EvoCam Web Server (Snow Leopard) - ROP Remote Exploit
HP NNM 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH)
HP OpenView Network Node Manager (OV NNM) 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH)
Safari Browser 4.0.2 - Clickjacking
Apple Safari 4.0.2 - Clickjacking
Barcodewiz 3.29 - Barcode ActiveX Control Remote Heap Spray Exploit (Internet Explorer 6/7'
Barcodewiz Barcode ActiveX Control 3.29 - Remote Heap Spray Exploit (Internet Explorer 6/7)
Apple iOS - pdf Jailbreak Exploit
Apple iOS - '.pdf' Jailbreak Exploit
HP OpenView NNM 7.53 OvJavaLocale - Buffer Overflow
HP OpenView Network Node Manager (OV NNM) 7.53 - OvJavaLocale Buffer Overflow
Microsoft Power Point 2010 - 'pptimpconv.dll' DLL Hijacking
Microsoft PowerPoint 2010 - 'pptimpconv.dll' DLL Hijacking
Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking
Apple Safari 5.0.1 - 'dwmapi.dll' DLL Hijacking
MediaPlayer Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking
Media Player Classic 1.3.2189.0 - 'iacenc.dll' DLL Hijacking
HP OpenView NNM - webappmon.exe execvp_nc Remote Code Execution
HP OpenView Network Node Manager (OV NNM) - webappmon.exe execvp_nc Remote Code Execution
AdaptCMS 2.0.1 Beta Release - Remote File Inclusion (Metasploit)
AdaptCMS 2.0.1 Beta - Remote File Inclusion (Metasploit)
DATAC RealWin 2.0 (Build 6.1.8.10) - Buffer Overflow
DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - Buffer Overflow
FatPlayer 0.6b - '.wav' Buffer Overflow (SEH)
Fat Player 0.6b - '.wav' Buffer Overflow (SEH)
CubeCart 2.0.1 - SQL Injection
Brooky CubeCart 2.0.1 - SQL Injection
DATAC RealWin SCADA 1.06 - Buffer Overflow
DATAC RealWin SCADA Server 1.06 - Buffer Overflow
pilot cart 7.3 - Multiple Vulnerabilities
ASPilot Pilot Cart 7.3 - Multiple Vulnerabilities
Mp3-Nator 2.0 - Buffer Overflow (SEH)
MP3-Nator 2.0 - Buffer Overflow (SEH)
Safari 5.02 - Stack Overflow Denial of Service
Apple Safari 5.02 - Stack Overflow Denial of Service
Microsoft Windows Task Scheduler - Privilege Escalation
Microsoft Windows - Task Scheduler Privilege Escalation
Pandora Fms 3.1 - Authentication Bypass
Pandora FMS 3.1 - Authentication Bypass
bugtracker.net 3.4.4 - Multiple Vulnerabilities
BugTracker.NET 3.4.4 - Multiple Vulnerabilities
Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit)
Viscom Image Viewer CP Gold 5.5 - Image2PDF() Buffer Overflow (Metasploit)
Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow
Viscom Image Viewer CP Gold 6 - ActiveX TifMergeMultiFiles() Buffer Overflow
WMITools ActiveX - Remote Command Execution
Microsoft WMITools ActiveX - Remote Command Execution
VideoSpirit Pro 1.68 - Local Buffer Overflow
VeryTools VideoSpirit Pro 1.68 - Local Buffer Overflow
Apple Mac OSX iTunes 8.1.1 - ITms Overflow (Metasploit)
Apple iTunes 8.1.1 (Mac OSX) - ITms Overflow (Metasploit)
PeaZip 2.6.1 - Zip Processing Command Injection (Metasploit)
PeaZIP 2.6.1 - Zip Processing Command Injection (Metasploit)
Sun Java - System Web Server WebDAV OPTIONS Buffer Overflow (Metasploit)
Sun Java Web Server - System WebDAV OPTIONS Buffer Overflow (Metasploit)
Apache Tomcat Manager Application Deployer - Authenticated Code Execution (Metasploit)
Apache Tomcat Manager - Application Deployer Authenticated Code Execution (Metasploit)
Solaris sadmind - Command Execution (Metasploit)
Solaris Sadmind - Command Execution (Metasploit)
Sun Solaris - Telnet Remote Authentication Bypass (Metasploit)
Sun Solaris Telnet - Remote Authentication Bypass (Metasploit)
Timbuktu Pro - Directory Traversal / Arbitrary File Upload (Metasploit)
Oracle 8i TNS Listener - 'ARGUMENTS' Buffer Overflow (Metasploit)
Motorola Timbuktu Pro - Directory Traversal / Arbitrary File Upload (Metasploit)
Oracle 8i - TNS Listener 'ARGUMENTS' Buffer Overflow (Metasploit)
TFTPDWIN 0.4.2 - Long Filename Buffer Overflow (Metasploit)
3CTftpSvc TFTP - Long Mode Buffer Overflow (Metasploit)
Quick FTP Pro 2.1 - Transfer-Mode Overflow (Metasploit)
ProSysInfo TFTP server TFTPDWIN 0.4.2 - Long Filename Buffer Overflow (Metasploit)
3Com TFTP Service (3CTftpSvc) - Long Mode Buffer Overflow (Metasploit)
Quick TFTP Server Pro 2.1 - Transfer-Mode Overflow (Metasploit)
Allied Telesyn TFTP Server 1.9 - Long Filename Overflow (Metasploit)
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - Long Filename Overflow (Metasploit)
CA BrightStor - ARCserve for Laptops & Desktops LGServer (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow (Metasploit)
CA BrightStor ARCserve for Laptops & Desktops LGServer - (rxsSetDataGrowthScheduleAndFilter) Buffer Overflow (Metasploit)
Eureka Email 2.2q - ERR Remote Buffer Overflow (Metasploit) (2)
Eureka Email Client 2.2q - ERR Remote Buffer Overflow (Metasploit) (2)
FreeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit)
freeSSHd 1.0.9 - Key Exchange Algorithm String Buffer Overflow (Metasploit)
Kerio Firewall 2.1.4 - Authentication Packet Overflow (Metasploit)
Arkeia Backup Client Type 77 (Windows x86) - Overflow Exploit (Metasploit)
Kerio Personal Firewall 2.1.4 - Authentication Packet Overflow (Metasploit)
Knox Arkeia Backup Client Type 77 (Windows x86) - Overflow Exploit (Metasploit)
Mercury/32 <= 4.01b - LOGIN Buffer Overflow (Metasploit)
Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow (Metasploit)
MailEnable IMAPD (2.35) - Login Request Buffer Overflow (Metasploit)
Mercur 5.0 - IMAP SP3 SELECT Buffer Overflow (Metasploit)
Mdaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2)
Mercury/32 Mail Server <= 4.01b - LOGIN Buffer Overflow (Metasploit)
Eudora Qualcomm WorldMail 3.0 - IMAPD LIST Buffer Overflow (Metasploit)
MailEnable IMAPD Professional (2.35) - Login Request Buffer Overflow (Metasploit)
Mercur MailServer 5.0 - IMAP SP3 SELECT Buffer Overflow (Metasploit)
MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2)
IMail IMAP4D - Delete Overflow (Metasploit)
IPSwitch IMail IMAP4D - Delete Overflow (Metasploit)
Mercury/32 4.01a - IMAP RENAME Buffer Overflow (Metasploit)
Mercury/32 Mail Server 4.01a - IMAP RENAME Buffer Overflow (Metasploit)
Ipswitch IMail - IMAP SEARCH Buffer Overflow (Metasploit)
Ipswitch IMail Server - IMAP SEARCH Buffer Overflow (Metasploit)
AOL Instant Messenger - goaway Overflow (Metasploit)
AOL Instant Messenger AIM - goaway Overflow (Metasploit)
Microsoft OWC Spreadsheet - msDataSourceObject Memory Corruption (Metasploit)
Microsoft Office Web Components (OWC) Spreadsheet - msDataSourceObject Memory Corruption (Metasploit)
Zenturi ProgramChecker - ActiveX Control Arbitrary File Download (Metasploit)
Zenturi ProgramChecker ActiveX - Control Arbitrary File Download (Metasploit)
Tumbleweed FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit)
Tumbleweed SecureTransport FileTransfer - 'vcst_eu.dll' ActiveX Control Buffer Overflow (Metasploit)
RKD Software 'BarCodeAx.dll' 4.9 - ActiveX Remote Stack Buffer Overflow (Metasploit)
RKD Software BarCode ActiveX Control 'BarCodeAx.dll' 4.9 - Remote Stack Buffer Overflow (Metasploit)
RealNetworks RealPlayer - SMIL Buffer Overflow (Metasploit)
RealNetworks RealPlayer - '.SMIL' Buffer Overflow (Metasploit)
Adobe Shockwave - rcsL Memory Corruption (Metasploit)
Adobe Shockwave Player - rcsL Memory Corruption (Metasploit)
Microsoft Internet Explorer - VML Fill Method Code Execution (Metasploit)
Microsoft Internet Explorer - (VML) Fill Method Code Execution (Metasploit)
WebEx UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit)
Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX NewObject Method Buffer Overflow (Metasploit)
ACDSee - XPM File Section Buffer Overflow (Metasploit)
ACDSee - '.XPM' File Section Buffer Overflow (Metasploit)
HT-MP3Player 1.0 HT3 - File Parsing Buffer Overflow (Metasploit)
HT-MP3Player 1.0 - '.HT3' File Parsing Buffer Overflow (Metasploit)
Orbital Viewer - ORB File Parsing Buffer Overflow (Metasploit)
Orbital Viewer - '.ORB' File Parsing Buffer Overflow (Metasploit)
Audio Workstation 6.4.2.4.3 - pls Buffer Overflow (Metasploit)
Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit)
Qbik WinGate WWW Proxy Server - URL Processing Overflow (Metasploit)
QBik WinGate WWW Proxy Server - URL Processing Overflow (Metasploit)
Medal Of Honor Allied Assault - getinfo Stack Buffer Overflow (Metasploit)
Medal of Honor Allied Assault - getinfo Stack Buffer Overflow (Metasploit)
Cesar FTP 0.99g - (MKD) Command Buffer Overflow (Metasploit)
CesarFTP 0.99g - (MKD) Command Buffer Overflow (Metasploit)
Serv-U FTPD - MDTM Overflow (Metasploit)
RhinoSoft Serv-U FTPd Server - MDTM Overflow (Metasploit)
Ipswitch WS_FTP Server 5.05 - XMD5 Overflow (Metasploit)
Ipswitch WS_FTP Server 5.05 - (XMD5) Overflow (Metasploit)
3Com 3CDaemon 2.0 FTP - 'Username' Overflow (Metasploit)
3Com 3CDaemon 2.0 FTP Server - 'Username' Overflow (Metasploit)
FileCopa FTP Server pre 18 Jul Version - Exploit (Metasploit)
FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit)
SentinelLM - UDP Buffer Overflow (Metasploit)
Sentinel LM - UDP Buffer Overflow (Metasploit)
Apache module Mod_Rewrite - LDAP protocol Buffer Overflow (Metasploit)
Xitami 2.5c2 Web Server - If-Modified-Since Overflow (Metasploit)
Apache (mod_rewrite) - LDAP protocol Buffer Overflow (Metasploit)
Xitami Web Server 2.5c2 - If-Modified-Since Overflow (Metasploit)
Sambar 6 - Search Results Buffer Overflow (Metasploit)
Sambar Server 6 - Search Results Buffer Overflow (Metasploit)
IA WebMail 3.x - Buffer Overflow (Metasploit)
IA WebMail Server 3.x - Buffer Overflow (Metasploit)
Savant 3.1 Web Server - Overflow Exploit (Metasploit)
Savant Web Server 3.1 - Overflow Exploit (Metasploit)
HP OpenView NNM 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) 7.53/7.51 - OVAS.exe Unauthenticated Stack Buffer Overflow (Metasploit)
Hewlett-Packard Power Manager Administration - Buffer Overflow (Metasploit)
Hewlett-Packard (HP) Power Manager Administration - Buffer Overflow (Metasploit)
Ipswitch WhatsUp Gold 8.03 - Buffer Overflow (Metasploit)
IPSwitch WhatsUp Gold 8.03 - Buffer Overflow (Metasploit)
PSO Proxy 0.91 - Stack Buffer Overflow (Metasploit)
PSOProxy 0.91 - Stack Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - ovalarm.exe CGI Buffer Overflow (Metasploit)
Apache mod_jk 1.2.20 - Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - ovalarm.exe CGI Buffer Overflow (Metasploit)
Apache Tomcat mod_jk 1.2.20 - Buffer Overflow (Metasploit)
NaviCOPA 2.0.1 - URL Handling Buffer Overflow (Metasploit)
NaviCOPA Web Server 2.0.1 - URL Handling Buffer Overflow (Metasploit)
MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit)
Alt-N MDaemon 6.8.5 - WorldClient form2raw.cgi Stack Buffer Overflow (Metasploit)
YPOPS 0.6 - Buffer Overflow (Metasploit)
YahooPOPs (YPOPS) 0.6 - Buffer Overflow (Metasploit)
Mercury Mail SMTP AUTH CRAM-MD5 - Buffer Overflow (Metasploit)
Mercury/32 Mail SMTPD - AUTH CRAM-MD5 Buffer Overflow (Metasploit)
IMail LDAP Service - Buffer Overflow (Metasploit)
IPSwitch IMail LDAP Daemon/Service - Buffer Overflow (Metasploit)
GLD (Greylisting Daemon) - Postfix Buffer Overflow (Metasploit)
Salim Gasmi GLD (Greylisting Daemon) - Postfix Buffer Overflow (Metasploit)
Poptop - Negative Read Overflow (Metasploit)
UoW IMAP server - LSUB Buffer Overflow (Metasploit)
PoPToP - Negative Read Overflow (Metasploit)
UoW IMAPd Server - LSUB Buffer Overflow (Metasploit)
DD-WRT HTTP Daemon - Arbitrary Command Execution (Metasploit)
DD-WRT HTTPd Daemon/Service - Arbitrary Command Execution (Metasploit)
Samba (Linux/x86) - trans2open Overflow (Metasploit)
iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1)
AppleFileServer - LoginExt PathName Overflow (Metasploit)
Samba (Linux x86) - trans2open Overflow (Metasploit)
Apple iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (1)
AppleFileServer (OSX) - LoginExt PathName Overflow (Metasploit)
Arkeia Backup Client Type 77 (OSX) - Overflow Exploit (Metasploit)
Safari - Archive Metadata Command Execution (Metasploit)
Knox Arkeia Backup Client Type 77 (OSX) - Overflow Exploit (Metasploit)
Apple Safari - Archive Metadata Command Execution (Metasploit)
iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2)
Apple iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (2)
Mail.app - Image Attachment Command Execution (Metasploit)
Apple Mail.app - Image Attachment Command Execution (Metasploit)
Apple Mac OSX QuickTime - RTSP Content-Type Overflow (Metasploit)
Apple Mac OSX EvoCam - HTTP GET Buffer Overflow (Metasploit)
Apple QuickTime (Mac OSX) - RTSP Content-Type Overflow (Metasploit)
Apple Mac OSX EvoCam Web Server - HTTP GET Buffer Overflow (Metasploit)
Samba trans2open (*BSD/x86) - Overflow Exploit (Metasploit)
Samba (*BSD x86) - trans2open Overflow Exploit (Metasploit)
PHP XML-RPC - Arbitrary Code Execution (Metasploit)
XML-RPC Library 1.3.0 - 'xmlrpc.php' Arbitrary Code Execution (Metasploit)
AWStats 6.4 < 6.5 migrate - Remote Command Execution (Metasploit)
HP Openview - connectedNodes.ovpl Remote Command Execution (Metasploit)
AWStats 6.4 < 6.5 - migrate Remote Command Execution (Metasploit)
HP OpenView Network Node Manager (OV NNM) - connectedNodes.ovpl Remote Command Execution (Metasploit)
TWiki Search Function - Arbitrary Command Execution (Metasploit)
TWiki - Search Function Arbitrary Command Execution (Metasploit)
Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
Novell iPrint Client ActiveX Control 5.52 - Buffer Overflow (Metasploit)
Novell iPrint Client 5.52 - ActiveX Control Buffer Overflow (Metasploit)
Kolibri 2.0 - HTTP Server HEAD Buffer Overflow (Metasploit)
Kolibri HTTP Server 2.0 - HEAD Buffer Overflow (Metasploit)
7-Technologies igss 9.00.00.11059 - Multiple Vulnerabilities
7-Technologies IGSS 9.00.00.11059 - Multiple Vulnerabilities
HP OpenView NNM - nnmRptConfig nameParams Buffer Overflow (Metasploit)
HP NNM - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit)
HP NNM - CGI webappmon.exe execvp Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - nnmRptConfig nameParams Buffer Overflow (Metasploit)
HP Network Node Manager (NMM) - CGI webappmon.exe OvJavaLocale Buffer Overflow (Metasploit)
HP Network Node Manager (NMM) - CGI webappmon.exe execvp Buffer Overflow (Metasploit)
HP OpenView NNM - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - nnmRptConfig.exe schdParams Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (ICount) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - ovwebsnmpsrv.exe main Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) getnnmdata.exe (MaxAge) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit)
HP OpenView Network Node Manager (OV NNM) - getnnmdata.exe (Hostname) CGI Buffer Overflow (Metasploit)
VeryTools Video Spirit Pro 1.70 - '.visprj' Buffer Overflow (Metasploit)
VeryTools VideoSpirit Pro 1.70 - '.visprj' Buffer Overflow (Metasploit)
eyeos 1.9.0.2 - Persistent Cross-Site Scripting using image files
eyeos 1.9.0.2 - Persistent Cross-Site Scripting Using Image Files
Golden FTP 4.70 - PASS Stack Buffer Overflow (Metasploit)
Golden FTP Server 4.70 - PASS Stack Buffer Overflow (Metasploit)
manageengine support center plus 7.8 build 7801 - Directory Traversal
ManageEngine Support Center Plus 7.8 Build 7801 - Directory Traversal
Safari 5.0.6/5.1 - SVG DOM Processing (PoC)
Apple Safari 5.0.6/5.1 - SVG DOM Processing (PoC)
Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass)
Apple Safari 5.0.5 - SVG Remote Code Execution (DEP Bypass)
TugZip 3.5 - '.ZIP' File Parsing Buffer Overflow (Metasploit)
TugZip 3.5 Archiver - '.ZIP' File Parsing Buffer Overflow (Metasploit)
Sports PHool 1.0 - Remote File Inclusion
SportsPHool 1.0 - Remote File Inclusion
Mini-stream 3.0.1.1 - Buffer Overflow (3)
Mini-stream Ripper 3.0.1.1 - Buffer Overflow (3)
Log1CMS 2.0 - (ajax_create_folder.php) Remote Code Execution
Log1 CMS 2.0 - (ajax_create_folder.php) Remote Code Execution
Zabbix 1.8.4 - (popup.php) SQL Injection
Zabbix 1.8.4 - 'popup.php' SQL Injection
CCMPlayer 1.5 - Stack based Buffer Overflow SEH Exploit '.m3u' (Metasploit)
CCMPlayer 1.5 - '.m3u' Stack based Buffer Overflow SEH Exploit (Metasploit)
Serv-U FTP Server < 4.2 - Buffer Overflow (Metasploit)
RhinoSoft Serv-U FTPd Server < 4.2 - Buffer Overflow (Metasploit)
Family Connections - less.php Remote Command Execution (Metasploit)
Family Connections CMS - 'less.php' Remote Command Execution (Metasploit)
FCMS 2.7.2 CMS - Multiple Persistent Cross-Site Scripting
Family CMS 2.7.2 - Multiple Persistent Cross-Site Scripting
openemr 4 - Multiple Vulnerabilities
Safari - GdiDrawStream BSoD
OpenEMR 4 - Multiple Vulnerabilities
Apple Safari - GdiDrawStream BSoD
clip bucket 2.6 - Multiple Vulnerabilities
Clipbucket 2.6 - Multiple Vulnerabilities
Tube Ace(Adult PHP Tube Script) - SQL Injection
Tube Ace (Adult PHP Tube Script) - SQL Injection
Dolibarr CMS 3.2.0 < Alpha - File Inclusion
Dolibarr 3.2.0 < Alpha - File Inclusion
PBLang - Local File Inclusion
PBLang Bulletin Board System - Local File Inclusion
NetDecision 4.5.1 - HTTP Server Buffer Overflow (Metasploit)
Netmechanica NetDecision HTTP Server 4.5.1 - Buffer Overflow (Metasploit)
Ricoh DC Software DL-10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow
Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow
Sitecom WLM-2501 new - Multiple Cross-Site Request Forgery Vulnerabilities
Sitecom WLM-2501 - Multiple Cross-Site Request Forgery Vulnerabilities
Ricoh DC DL-10 SR10 - FTP USER Command Buffer Overflow (Metasploit)
Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) - FTP USER Command Buffer Overflow (Metasploit)
TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam - ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow
TRENDnet SecurView TV-IP121WN Wireless Internet Camera - UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow
Quest InTrust Annotation Objects - Uninitialized Pointer (Metasploit)
Quest InTrust - Annotation Objects Uninitialized Pointer (Metasploit)
TFTP Server for Windows 1.4 - ST WRQ Buffer Overflow (Metasploit)
TFTP Server 1.4 (Windows) - ST WRQ Buffer Overflow (Metasploit)
samsung net-i ware 1.37 - Multiple Vulnerabilities
Samsung NET-i ware 1.37 - Multiple Vulnerabilities
iOS 5.1.1 - Safari Browser - JS match() & search() Crash (PoC)
Apple iOS 5.1.1 - Safari Browser - JS match() & search() Crash (PoC)
GIMP - script-fu Server Buffer Overflow (Metasploit)
GIMP script-fu - Server Buffer Overflow (Metasploit)
SugarCRM 6.3.1 - Unserialize() PHP Code Execution (Metasploit)
SugarCRM CE 6.3.1 - Unserialize() PHP Code Execution (Metasploit)
Openfire 3.6.0a - Admin Console Authentication Bypass (Metasploit)
Openfire Server 3.6.0a - Admin Console Authentication Bypass (Metasploit)
Tiki Wiki 8.3 - Unserialize() PHP Code Execution (Metasploit)
Tiki Wiki CMS Groupware 8.3 - Unserialize() PHP Code Execution (Metasploit)
Ipswitch IMail 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption
Ipswitch IMail Server 5.0/5.0.5/5.0.6/5.0.7/5.0.8/6.0 - Weak Password Encryption
UoW imapd 10.234/12.264 - Buffer Overflow
UoW imapd 10.234/12.264 - LSUB Buffer Overflow (Metasploit)
UoW imapd 10.234/12.264 - COPY Buffer Overflow (Metasploit)
UoW IMAPd Server 10.234/12.264 - Buffer Overflow
UoW IMAPd Server 10.234/12.264 - LSUB Buffer Overflow (Metasploit)
UoW IMAPd Serve 10.234/12.264 - COPY Buffer Overflow (Metasploit)
RedHat 6.2 - Piranha Virtual Server Package Default Account and Password
RedHat 6.2 Piranha Virtual Server Package - Default Account and Password
Microsoft Windows - Escalate Task Scheduler XML Privilege Escalation (Metasploit)
Microsoft Windows - Task Scheduler XML Privilege Escalation (Metasploit)
hp jetadmin 5.5.177/jetadmin 5.6 - Directory Traversal
HP JetAdmin 5.5.177/jetadmin 5.6 - Directory Traversal
Alienvault OSSIM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection
Alienvault OSSIM Open Source SIEM 3.1 - Reflected Cross-Site Scripting / Blind SQL Injection
RedHat 6 - glibc/locale Subsystem Format String
Solaris 2.6/7.0 - /locale Subsystem Format String
RedHat 6 GLIBC/locale - Subsystem Format String
Solaris 2.6/7.0 /locale - Subsystem Format String
Solaris 2.6/7.0 - 'eject' locale Subsystem Format String
Solaris 2.6/7.0 'eject' locale - Subsystem Format String
Microsoft IIS 4.0/5.0 and PWS Extended Unicode - Directory Traversal (5)
Microsoft IIS 4.0/5.0 and PWS - Extended Unicode Directory Traversal (5)
RedHat restore 0.4 b15 - Insecure Environment Variables
RedHat 0.4 b15 restore - Insecure Environment Variables
Viscosity OpenVPN Client (OSX) - Privilege Escalation
Viscosity - Privilege Escalation
Solaris 2.x/7.0/8 catman - Race Condition (1)
Solaris 2.x/7.0/8 catman - Race Condition (2)
Solaris 2.x/7.0/8 Catman - Race Condition (1)
Solaris 2.x/7.0/8 Catman - Race Condition (2)
sap NetWeaver dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities
SAP NetWeaver Dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities
T-dah Webmail - Multiple Persistent Cross-Site Scripting
T-dah Webmail Client - Multiple Persistent Cross-Site Scripting
Ntpd - Remote Buffer Overflow
NTPd - Remote Buffer Overflow
Ipswitch WS_FTP 2.0 - Anonymous Multiple FTP Command Buffer Overflow
Ipswitch WS_FTP Server 2.0 - Anonymous Multiple FTP Command Buffer Overflow
Solaris 2.x/7.0/8 lpd - Remote Command Execution
HP-UX 11.0 SWVerify - Buffer Overflow
Solaris 2.x/7.0/8 LPD - Remote Command Execution
HP-UX 11.0 - SWVerify Buffer Overflow
phusion WebServer 1.0 - Directory Traversal (1)
phusion WebServer 1.0 - Directory Traversal (2)
Phusion WebServer 1.0 - Directory Traversal (1)
Phusion WebServer 1.0 - Directory Traversal (2)
Progress 9.1 - sqlcpp Local Buffer Overflow
Progress Database 9.1 - sqlcpp Local Buffer Overflow
PsyBNC 2.3 - Oversized Passwords Denial of Service
psyBNC 2.3 - Oversized Passwords Denial of Service
Wu-imapd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1)
Wu-imapd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2)
WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (1)
WU-IMAPd 2000/2001 - Partial Mailbox Attribute Remote Buffer Overflow (2)
Midicart - PHP Arbitrary File Upload
Midicart PHP - Arbitrary File Upload
otrs 3.1 - Persistent Cross-Site Scripting
OTRS 3.1 - Persistent Cross-Site Scripting
EType EServ 2.9x POP3 - Remote Denial of Service
EType EServ 2.9x - POP3 Remote Denial of Service
Invision Power Board 3.3.4 - 'Unserialize()' PHP Code Execution
Invision Power Board (IP.Board) 3.3.4 - 'Unserialize()' PHP Code Execution
Invision Power Board 3.3.4 - Unserialize Regex Bypass
Invision Power Board (IP.Board) 3.3.4 - Unserialize Regex Bypass
ttCMS 2.2 - / ttForum 1.1 news.php template Parameter Remote File Inclusion
ttCMS 2.2 - / ttForum 1.1 install.php installdir Parameter Remote File Inclusion
ttCMS 2.2 / ttForum 1.1 - news.php template Parameter Remote File Inclusion
ttCMS 2.2 / ttForum 1.1 - install.php installdir Parameter Remote File Inclusion
Invision IP.Board 3.3.4 - Unserialize() PHP Code Execution (Metasploit)
Invision Power Board (IP.Board) 3.3.4 - Unserialize() PHP Code Execution (Metasploit)
NFR Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution (Metasploit)
Novell File Reporter (NFR) Agent FSFUI Record - Arbitrary File Upload / Remote Code Execution (Metasploit)
Kerio MailServer 5.6.3 - add_acl Module Overflow
Kerio MailServer 5.6.3 add_acl Module - Overflow
phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 - pagemaster Module PAGE_id Parameter Cross-Site Scripting
phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 pagemaster Module - PAGE_id Parameter Cross-Site Scripting
IBM System Director - Remote System Level Exploit
IBM System Director Agent - Remote System Level Exploit
Tectia SSH - USERAUTH Change Request Password Reset (Metasploit)
(SSH.com Communications) SSH Tectia - USERAUTH Change Request Password Reset (Metasploit)
Oracle MySQL for Microsoft Windows - MOF Execution (Metasploit)
Oracle MySQL (Windows) - MOF Execution (Metasploit)
CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (1)
CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (2)
GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (1)
GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (2)
IWConfig - Local ARGV Command Line Buffer Overflow (1)
IWConfig - Local ARGV Command Line Buffer Overflow (2)
IWConfig - Local ARGV Command Line Buffer Overflow (3)
Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (1)
Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (2)
Wireless Tools 26 (IWConfig) - Local ARGV Command Line Buffer Overflow (3)
Novell File Reporter Agent - XML Parsing Remote Code Execution
Novell File Reporter (NFR) Agent - XML Parsing Remote Code Execution
RhinoSoft Serv-U FTP Server 3/4 - MDTM Command Stack Overflow (1)
RhinoSoft Serv-U FTP Server 3/4 - MDTM Command Stack Overflow (2)
RhinoSoft Serv-U FTPd Server 3/4 - MDTM Command Stack Overflow (1)
RhinoSoft Serv-U FTPd Server 3/4 - MDTM Command Stack Overflow (2)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (1)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (2)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (3)
RhinoSoft Serv-U FTP Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (4)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (1)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (2)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (3)
RhinoSoft Serv-U FTPd Server 3/4/5 - MDTM Command Time Argument Buffer Overflow (4)
Alan Ward A-Cart 2.0 - category.asp catcode Parameter SQL Injection
Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection
Nagios - history.cgi Remote Command Execution
Nagios3 - history.cgi Remote Command Execution
phpshop 2.0 - SQL Injection
phpShop 2.0 - SQL Injection
Freesshd - Authentication Bypass (Metasploit)
FreeSSHD - Authentication Bypass (Metasploit)
RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Open Proxy Relay
RiSearch 0.99 - /RiSearch Pro 3.2.6 show.pl Arbitrary File Access
RiSearch 0.99 /RiSearch Pro 3.2.6 - show.pl Open Proxy Relay
RiSearch 0.99 /RiSearch Pro 3.2.6 - show.pl Arbitrary File Access
SLMail 5.5 - POP3 PASS Remote Buffer Overflow
SLMail 5.5 - Remote Buffer Overflow
Seattle Lab Mail (SLMail) 5.5 - POP3 PASS Remote Buffer Overflow
Seattle Lab Mail (SLMail) 5.5 - Remote Buffer Overflow
AT-TFTP Server 2.0 - Stack Based Buffer Overflow Denial of Service
Allied Telesyn TFTP (AT-TFTP) Server/Daemon 2.0 - Stack Based Buffer Overflow Denial of Service
Microsoft Windows Light HTTPD 0.1 - Buffer Overflow
Light HTTPD 0.1 (Windows) - Buffer Overflow
MSN Messenger 6.2.0137 - '.png' Buffer Overflow
Microsoft MSN Messenger 6.2.0137 - '.png' Buffer Overflow
Smail-3 - Multiple Remote and Local Vulnerabilities
Smail 3 - Multiple Remote and Local Vulnerabilities
Cisco Linksys E4200 Firmware - Multiple Vulnerabilities
Cisco Linksys E4200 - Multiple Vulnerabilities
Salim Gasmi GLD 1.x - Postfix Greylisting Daemon Buffer Overflow
Salim Gasmi GLD (Greylisting Daemon) 1.x - Postfix Greylisting Daemon Buffer Overflow
Claroline 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection
Claroline 1.5/1.6 - exercises_details.php exo_id Parameter SQL Injection
Claroline E-Learning 1.5/1.6 - userInfo.php Multiple Parameter SQL Injection
Claroline E-Learning 1.5/1.6 - exercises_details.php exo_id Parameter SQL Injection
PHPCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection
phpCOIN 1.2 - 'login.php' PHPcoinsessid Parameter SQL Injection
NPDS 4.8 - /5.0 admin.php language Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 powerpack_f.php language Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 sdv_infos.php sitename Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - admin.php language Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - powerpack_f.php language Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - sdv_infos.php sitename Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 reviews.php title Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 reply.php image_subject Parameter Cross-Site Scripting
NPDS 4.8 - /5.0 Glossaire Module terme Parameter SQL Injection
NPDS 4.8 - /5.0 links.php Query Parameter SQL Injection
NPDS 4.8 - /5.0 faq.php categories Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - reviews.php title Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - reply.php image_subject Parameter Cross-Site Scripting
NPDS 4.8 < 5.0 - Glossaire Module terme Parameter SQL Injection
NPDS 4.8 < 5.0 - links.php Query Parameter SQL Injection
NPDS 4.8 < 5.0 - faq.php categories Parameter Cross-Site Scripting
SlimServe httpd 1.0/1.1 - Directory Traversal
WhitSoft SlimServe httpd 1.0/1.1 - Directory Traversal
Quick TFTP Server 2.2 - Denial of Service
Quick TFTP Server Pro 2.2 - Denial of Service
aeNovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection
Aenovo - /incs/searchdisplay.asp strSQL Parameter SQL Injection
XMB 1.9.3 - u2u.php Cross-Site Scripting
XMB Forum 1.9.3 - u2u.php Cross-Site Scripting
PHPAlbum 0.2.3/4.1 - Local File Inclusion
PHP Photo Album 0.2.3/4.1 - Local File Inclusion
Zoom X4/X5 ADSL Modem - Multiple Vulnerabilities
Zoom Telephonics X4/X5 ADSL Modem - Multiple Vulnerabilities
BlazeDVD Pro player 6.1 - Stack Based Buffer Overflow (Direct Ret)
BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow (Direct Ret)
NetBSD mail.local - Privilege Escalation (Metasploit)
NetBSD mail.local(8) - Privilege Escalation (Metasploit)
PCMAN FTP 2.07 - PASS Command Buffer Overflow
PCMan FTP Server 2.07 - PASS Command Buffer Overflow
PCMAN FTP 2.07 - STOR Command Buffer Overflow
PCMan FTP Server 2.07 - STOR Command Buffer Overflow
EImagePro - - subList.asp CatID Parameter SQL Injection
EImagePro - subList.asp CatID Parameter SQL Injection
OZJournals 1.2 - Vname Parameter Cross-Site Scripting
OZJournals 1.2 - 'Vname' Parameter Cross-Site Scripting
SoftBiz Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection
SoftBiz Dating Script 1.0 - products.php cid Parameter SQL Injection
SoftBiz Dating Script 1.0 - 'index.php' cid Parameter SQL Injection
SoftBiz Dating Script 1.0 - news_desc.php id Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - featured_photos.php browse Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - products.php cid Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - 'index.php' cid Parameter SQL Injection
SoftBizScripts Dating Script 1.0 - news_desc.php id Parameter SQL Injection
OZJournals 1.5 - Multiple Input Validation Vulnerabilities
Baby FTP server 1.24 - Denial of Service
PCMAN FTP 2.07 - STOR Command Stack Overflow (Metasploit)
PCMan FTP Server 2.07 - STOR Command Stack Overflow (Metasploit)
Sophos Web Protection Appliance sblistpack - Arbitrary Command Execution (Metasploit)
Sophos Web Protection Appliance - 'sblistpack' Arbitrary Command Execution (Metasploit)
Festalon 0.5 - '.HES' Files Remote Heap Buffer Overflow
Festalon 0.5 - '.HES' Remote Heap Buffer Overflow
EZContents 2.0. - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion
EZContents 2.0 - gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion
Google Earth 4.0.2091 (Beta) - KML/KMZ Files Buffer Overflow
Google Earth 4.0.2091 (Beta) - '.KML'/'.KMZ' Buffer Overflow
A-CART 2.0 - category.asp catcode Parameter SQL Injection
Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection
Microsoft Windows Media 6.4/10.0 - MID Malformed Header Chunk Denial of Service
Microsoft Windows Media Player 6.4/10.0 - MID Malformed Header Chunk Denial of Service
Microsoft Windows NDPROXY - Local SYSTEM Privilege Escalation (MS14-002)
Microsoft Windows - 'NDPROXY' Local SYSTEM Privilege Escalation (MS14-002)
Fish - Multiple Remote Buffer Overflow Vulnerabilities
FiSH-irssi - Multiple Remote Buffer Overflow Vulnerabilities
Microsoft Windows XP/2000 - 'WinMM.dll' .WAV Files Remote Denial of Service
Microsoft Windows XP/2000 - 'WinMM.dll' / '.WAV' Remote Denial of Service
Comersus Cart 7.0.7 Cart - comersus_message.asp redirectUrl Cross-Site Scripting
Comersus Cart 7.0.7 - comersus_message.asp redirectUrl Cross-Site Scripting
LanDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow
LANDesk Management Suite 8.7 Alert Service - AOLSRVR.exe Buffer Overflow
SAP DB 7.x - Web Server WAHTTP.exe Multiple Buffer Overflow Vulnerabilities
SAP DB 7.x Web Server - WAHTTP.exe Multiple Buffer Overflow Vulnerabilities
Lanius CMS 1.2.14 - FAQ Module mid Parameter SQL Injection
Lanius CMS 1.2.14 - EZSHOPINGCART Module cid Parameter SQL Injection
Lanius CMS 1.2.14 FAQ Module - 'mid' Parameter SQL Injection
Lanius CMS 1.2.14 EZSHOPINGCART Module - 'cid' Parameter SQL Injection
Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal
SafeNet Sentinel Protection Server 7.x/Keys Server 1.0.3 - Directory Traversal
Thomson SpeedTouch 2030 - SIP Invite Message Remote Denial of Service
Thomson SpeedTouch ST 2030 (SIP Phone) - SIP Invite Message Remote Denial of Service
Uebimiau 2.7.x - 'index.php' Cross-Site Scripting
Uebimiau Webmail 2.7.x - 'index.php' Cross-Site Scripting
Seagate BlackArmor - Root Exploit
Seagate BlackArmor NAS - Root Exploit
Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filtering
Apple Safari 1.x/3.0.x / Firefox 1.5.0.x/2.0.x - JavaScript Multiple Fields Key Filtering
PCMAN FTP 2.07 - ABOR Command Buffer Overflow
PCMAN FTP 2.07 - CWD Command Buffer Overflow
PCMan FTP Server 2.07 - ABOR Command Buffer Overflow
PCMan FTP Server 2.07 - CWD Command Buffer Overflow
HP OpenView Network Node Manager 7.x - (OV NNM) OpenView5.exe Action Parameter Traversal Arbitrary File Access
HP OpenView Network Node Manager (OV NNM) 7.x -OpenView5.exe Action Parameter Traversal Arbitrary File Access
amfphp 1.2 - browser/details class Parameter Cross-Site Scripting
amfPHP 1.2 - browser/details class Parameter Cross-Site Scripting
PCMAN FTP 2.07 - Buffer Overflow
PCMan FTP Server 2.07 - Buffer Overflow
Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit
Ultra Mini HTTPD 1.21 - Stack Buffer Overflow POST Exploit
SAFARI Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities
Apple Safari Montage 3.1.3 - 'forgotPW.php' Multiple Cross-Site Scripting Vulnerabilities
Novell Groupwise Messenger 2.0 - Client Buffer Overflow
Novell Groupwise Messenger 2.0 Client - Buffer Overflow
Meeting Room Booking System - (MRBS) 1.2.6 day.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 week.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 month.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - day.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - week.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - month.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 report.php area Parameter Cross-Site Scripting
Meeting Room Booking System - (MRBS) 1.2.6 help.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - report.php area Parameter Cross-Site Scripting
Meeting Room Booking System (MRBS) 1.2.6 - help.php area Parameter Cross-Site Scripting
Oracle VirtualBox 3D Acceleration - Multiple Vulnerabilities
Oracle VM VirtualBox 3D Acceleration - Multiple Vulnerabilities
OpenNms 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting
OpenNms 1.5.x - notification/list.jsp 'Username' Parameter Cross-Site Scripting
OpenNms 1.5.x - event/list filter Parameter Cross-Site Scripting
OpenNMS 1.5.x - j_acegi_security_check j_username Parameter Cross-Site Scripting
OpenNMS 1.5.x - notification/list.jsp 'Username' Parameter Cross-Site Scripting
OpenNMS 1.5.x - event/list filter Parameter Cross-Site Scripting
OpenNms 1.5.x - HTTP Response Splitting
OpenNMS 1.5.x - HTTP Response Splitting
Lynx 2.8 - '.mailcap' and '.mime.type' Files Local Code Execution
Lynx 2.8 - '.mailcap'/'.mime.type' Local Code Execution
Zeeways SHAADICLONE 2.0 - 'admin/home.php' Authentication Bypass
Zeeways Shaadi Clone 2.0 - 'admin/home.php' Authentication Bypass
Pilot Group PG Roommate - SQL Injection
Pilot Group PG Roommate Finder Solution - SQL Injection
OpenSSL TLS Heartbeat Extension - Memory Disclosure
OpenSSL TLS Heartbeat Extension - ''Heartbleed' Memory Disclosure
OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions)
OpenSSL 1.0.1f TLS Heartbeat Extension - 'Heartbleed' Memory Disclosure (Multiple SSL/TLS versions)
Heartbleed OpenSSL - Information Leak Exploit (1)
OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak Exploit (1)
IBM Director 5.20 - CIM Server Privilege Escalation
IBM System Director Agent 5.20 - CIM Server Privilege Escalation
Heartbleed OpenSSL - Information Leak Exploit (2) DTLS Support
OpenSSL TLS Heartbeat Extension - 'Heartbleed' Information Leak Exploit (2) (DTLS Support)
Kolibri 2.0 - GET Request Stack Buffer Overflow
Kolibri Web Server 2.0 - GET Request Stack Buffer Overflow
Easy Chat Server 3.1 - Stack Buffer Overflow
EFS Easy Chat Server 3.1 - Stack Buffer Overflow
Sphider 1.3.6 - Multiple Vulnerabilities
Sphider Search Engine 1.3.6 - Multiple Vulnerabilities
Kolibri WebServer 2.0 - GET Request SEH Exploit
Kolibri Web Server 2.0 - GET Request SEH Exploit
MQAC.sys - Arbitrary Write Privilege Escalation (Metasploit)
Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation (Metasploit)
VirtualBox - 3D Acceleration Virtual Machine Escape (Metasploit)
VirtualBox Guest Additions - 'VBoxGuest.sys' Privilege Escalation (Metasploit)
Oracle VM VirtualBox 4.3.6 - 3D Acceleration Virtual Machine Escape (Metasploit)
Oracle VM VirtualBox Guest Additions 4.3.10r93012 - 'VBoxGuest.sys' Privilege Escalation (Metasploit)
Impact Software Ad Peeps - Cross-Site Scripting / HTML Injection
Impact Software AdPeeps - Cross-Site Scripting / HTML Injection
PPScript - 'shop.htm' SQL Injection
Payment Processor Script (PPScript) - 'shop.htm' SQL Injection
ManageEngine Desktop Central - Arbitrary File Upload / Remote Code Execution
ManageEngine DesktopCentral - Arbitrary File Upload / Remote Code Execution
Microsoft Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060)
Microsoft Windows - OLE Remote Code Execution 'Sandworm' Exploit (MS14-060)
Eclipse 3.3.2 IDE Help Server - help/advanced/searchView.jsp SearchWord Parameter Cross-Site Scripting
Eclipse 3.3.2 IDE - Help Server help/advanced/searchView.jsp SearchWord Parameter Cross-Site Scripting
TaskFreak 0.6.4 - 'index.php' Multiple Parameter Cross-Site Scripting
TaskFreak 0.6.4 - print_list.php Multiple Parameter Cross-Site Scripting
TaskFreak 0.6.4 - rss.php HTTP Referer Header Cross-Site Scripting
TaskFreak! 0.6.4 - 'index.php' Multiple Parameter Cross-Site Scripting
TaskFreak! 0.6.4 - print_list.php Multiple Parameter Cross-Site Scripting
TaskFreak! 0.6.4 - rss.php HTTP Referer Header Cross-Site Scripting
WordPress Plugin Wp Symposium 14.11 - Unauthenticated Arbitrary File Upload
WordPress Plugin WP Symposium 14.11 - Unauthenticated Arbitrary File Upload
Pandora 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit)
Pandora FMS 3.1 - Authentication Bypass / Arbitrary File Upload (Metasploit)
Oracle MySQL for Microsoft Windows - FILE Privilege Abuse (Metasploit)
Oracle MySQL (Windows) - FILE Privilege Abuse (Metasploit)
Exim ESMTP 4.80 glibc gethostbyname - Denial of Service
Exim ESMTP 4.80 - glibc gethostbyname Denial of Service
Support Incident Tracker - (SiT!) 3.63 p1 search.php search_string Parameter SQL Injection
Support Incident Tracker (SiT!) 3.63 p1 - search.php search_string Parameter SQL Injection
alitbang CMS 3.3 - alumni.php hal Parameter SQL Injection
Balitbang CMS 3.3 - alumni.php hal Parameter SQL Injection
HP Network Node Manager i 9.10 - nnm/mibdiscover node Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/configurationpoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/ping.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/statuspoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager i 9.10 - nnm/protected/traceroute.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/mibdiscover node Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/configurationpoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/ping.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/statuspoll.jsp nodename Parameter Cross-Site Scripting
HP Network Node Manager (NMM) i 9.10 - nnm/protected/traceroute.jsp nodename Parameter Cross-Site Scripting
Publish-It - PUI Buffer Overflow (SEH)
Publish-It - '.PUI' Buffer Overflow (SEH)
WordPress Plugin WP Marketplace 2.4.0 - Remote Code Execution (Add WP Admin)
WordPress Plugin Marketplace 2.4.0 - Remote Code Execution (Add Admin)
Yaws 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
Yaws-Wiki 1.88 - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
abrt (Fedora 21) - Race Condition
Abrt (Fedora 21) - Race Condition
Webgate WESP SDK 1.2 - ChangePassword Stack Overflow
WebGate WESP SDK 1.2 - ChangePassword Stack Overflow
Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034)
Microsoft Windows - 'HTTP.sys' HTTP Request Parsing Denial of Service (MS15-034)
Oracle - Outside-In DOCX File Parsing Memory Corruption
Oracle - Outside-In '.DOCX' File Parsing Memory Corruption
iTunes 10.6.1.7 - '.pls' Title Buffer Overflow
Apple iTunes 10.6.1.7 - '.pls' Title Buffer Overflow
WordPress Plugin Leaflet Maps Marker 0.0.1 for - leaflet_marker.php id Parameter Cross-Site Scripting
WordPress Plugin Leaflet Maps Marker 0.0.1 - leaflet_marker.php id Parameter Cross-Site Scripting
Microsoft Windows 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)
Microsoft Windows Server 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)
Mozilla Firefox < 39.03 - pdf.js Same Origin Policy Exploit
Mozilla Firefox < 39.03 - 'pdf.js' Same Origin Policy Exploit
Mozilla Firefox - pdf.js Privileged JavaScript Injection (Metasploit)
Mozilla Firefox - 'pdf.js' Privileged JavaScript Injection (Metasploit)
MiniUPnP - Multiple Denial of Service Vulnerabilities
MiniUPnP 1.4 - Multiple Denial of Service Vulnerabilities
Kaseya Virtual System Administrator - Multiple Vulnerabilities (2)
Kaseya Virtual System Administrator (VSA) - Multiple Vulnerabilities (2)
Safari - User-Assisted Applescript Exec Attack (Metasploit)
Apple Safari - User-Assisted Applescript Exec Attack (Metasploit)
Acrobat Reader DC 15.008.20082.15957 - PDF Parsing Memory Corruption
Acrobat Reader DC 15.008.20082.15957 - '.PDF' Parsing Memory Corruption
Dynamic Biz Website Builder - (QuickWeb) 1.0 apps/news-events/newdetail.asp id Parameter SQL Injection
Dynamic Biz Website Builder (QuickWeb) 1.0 - apps/news-events/newdetail.asp id Parameter SQL Injection
Xangati XSR And XNR - 'gui_input_test.pl' Remote Command Execution
Xangati XSR / XNR - 'gui_input_test.pl' Remote Command Execution
pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap Based Out-of-Bounds Read
pdfium CPDF_TextObject::CalcPositionData - Heap Based Out-of-Bounds Read
pdfium - CPDF_DIBSource::DownSampleScanline32Bit Heap Based Out-of-Bounds Read
pdfium - CPDF_TextObject::CalcPositionData Heap Based Out-of-Bounds Read
pdfium CPDF_Function::Call - Stack Based Buffer Overflow
pdfium - CPDF_Function::Call Stack Based Buffer Overflow
Foxit Reader 7.2.8.1124 - PDF Parsing Memory Corruption
Foxit Reader 7.2.8.1124 - '.PDF' Parsing Memory Corruption
Netgear ProSafe Network Management System 300 - Arbitrary File Upload (Metasploit)
Netgear ProSafe Network Management System NMS300 - Arbitrary File Upload (Metasploit)
Novell Service Desk 7.1.0/7.0.3 / 6.5 - Multiple Vulnerabilities
Novell ServiceDesk 7.1.0/7.0.3 / 6.5 - Multiple Vulnerabilities
Oracle Application Testing Suite 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload
Oracle Application Testing Suite (ATS) 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload
ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authentication Bypass
ZKTeco ZKBioSecurity 3.0 - 'visLogin.jsp' Local Authentication Bypass
MiCasa VeraLite - Remote Code Execution
MiCasaVerde VeraLite - Remote Code Execution
SmallFTPd 1.0.3 - 'mkd' Command Denial of Service
SmallFTPd 1.0.3 - 'mkd' Command Denial Of Service
GNU GTypist 2.9.5-2 - Local Buffer Overflow
uSQLite 1.0.0 - Denial Of Service
HP TouchSmart Calendar 4.1.4245 - Insecure File Permissions Privilege Escalation
Joomla 3.4.4 - 3.6.4 - Account Creation / Privilege Escalation
CherryTree 0.36.9 - Memory Corruption (PoC)
2016-10-28 05:01:21 +00:00
Offensive Security
102574cb3e
DB: 2016-09-24
...
5 new exploits
EVA-Web 1.1<= 2.2 - (index.php3) Remote File Inclusion
EVA-Web 1.1 <= 2.2 - (index.php3) Remote File Inclusion
WordPress Plugin Simple Forum 1.10-1.11 - SQL Injection
WordPress Plugin Simple Forum 1.10 < 1.11 - SQL Injection
Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl)
Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Perl)
Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby)
Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Ruby)
Debian and Derivatives OpenSSL 0.9.8c-1<= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python)
Debian and Derivatives OpenSSL 0.9.8c-1 <= 0.9.8g-9 - Predictable PRNG Brute Force SSH Exploit (Python)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4 < 11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5)
Linux Kernel 2.4.1<2.4.37 / 2.6.1<2.6.32-rc5 - 'pipe.c' Privilege Escalation (3)
Linux Kernel 2.4.1 < 2.4.37 / 2.6.1 < 2.6.32-rc5 - 'pipe.c' Privilege Escalation (3)
Adobe Acrobat Reader 7<9 - U3D Buffer Overflow
Adobe Acrobat Reader 7 < 9 - U3D Buffer Overflow
Samba 3.0.21-3.0.24 - LSA trans names Heap Overflow (Metasploit)
Samba 3.0.21 < 3.0.24 - LSA trans names Heap Overflow (Metasploit)
Mozilla Firefox 7 / 8<= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit)
Mozilla Firefox 7 / 8 <= 8.0.1 - nsSVGValue Out-of-Bounds Access (Metasploit)
Adobe Flash - Crash When Freeing Memory After AVC decoding
Adobe Flash - Video Decompression Memory Corruption
Linux - SELinux W+X Protection Bypass via AIO
Zortam Mp3 Media Studio 21.15 - Insecure File Permissions Privilege Escalation
Wise Care 365 4.27 / Wise Disk Cleaner 9.29 - Unquoted Service Path Privilege Escalation
Microsoft MSN Messenger 1<4 - Malformed Invite Request Denial of Service
Microsoft MSN Messenger 1 < 4 - Malformed Invite Request Denial of Service
Kerio Control Unified Threat Management 9.1.0 build 1087_ 9.1.1 build 1324 - Multiple Vulnerabilities
Kerio Control Unified Threat Management 9.1.0 build 1087 / 9.1.1 build 1324 - Multiple Vulnerabilities
Check Point VPN-1 SecureClient 4.0/4.1 - Policy Bypass
Check Point VPN-1 SecureClient 4.0 < 4.1 - Policy Bypass
Microsoft Excel 95<2004 - Malformed Graphic File Code Execution
Microsoft Excel 95 < 2004 - Malformed Graphic File Code Execution
Git-1.9.5 - ssh-agent.exe Buffer Overflow
Git 1.9.5 - ssh-agent.exe Buffer Overflow
Skybox Platform <=7.0.611 - Multiple Vulnerabilities
Skybox Platform <= 7.0.611 - Multiple Vulnerabilities
SOLIDserver <=5.0.4 - Local File Inclusion
SOLIDserver <= 5.0.4 - Local File Inclusion
WordPress Plugin DZS Videogallery <=8.60 - Multiple Vulnerabilities
WordPress Plugin DZS Videogallery <= 8.60 - Multiple Vulnerabilities
Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (PowerShell)
Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell)
Microsoft Windows 7<10 / Server 2008-2012 (x32/x64) - Privilege Escalation (MS16-032) (C#)
Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (C#)
Microsoft Windows 7<10 / 2008<2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)
Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)
2016-09-24 05:05:07 +00:00
Offensive Security
b8ebed3824
DB: 2016-09-22
...
6 new exploits
Setuid perl - PerlIO_Debug() Root owned file creation
Setuid perl - PerlIO_Debug() Root Owned File Creation Privilege Escalation
Kaltura 11.1.0-2 - Remote Code Execution (Metasploit)
Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Root Exploit
Openswan 2.4.12/2.6.16 - Insecure Temp File Creation Privilege Escalation
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Root Exploit (5)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4<11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' Ring0 Privilege Escalation (5)
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Root Exploit (1)
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' Ring0 Privilege Escalation (1)
VideoCache 1.9.2 - vccleaner Root
VideoCache 1.9.2 - 'vccleaner' Privilege Escalation
UK One Media CMS - 'id' Error Based SQL Injection
UK One Media CMS - 'id' Error-Based SQL Injection
xt:Commerce Gambio 2008 < 2010 - 'reviews.php' ERROR Based SQL Injection
xt:Commerce Gambio 2008 < 2010 - 'reviews.php' Error-Based SQL Injection
Axis2 - / SAP BusinessObjects Authenticated Code Execution (via SOAP)
Axis2 / SAP BusinessObjects - Authenticated Code Execution (via SOAP)
Ultimate eShop - Error Based SQL Injection
Ultimate eShop - Error-Based SQL Injection
WordPress Plugin Multiple - timthumb.php Vulnerabilities
Multiple WordPress Plugins - timthumb.php File Upload
Linux Kernel 2.0/2.1 (Digital UNIX 4.0 D / FreeBSD 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX 3.2.5 / NetBSD 1.2 / Solaris 2.5.1) - Smurf Denial of Service
Slackware Linux 3.5 - /etc/group missing results in Root access
Slackware Linux 3.5 - /etc/group Missing Privilege Escalation
Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service
Sudo 1.6.3 - Unclean Environment Variable Root Program Execution
Sudo 1.6.3 - Unclean Environment Variable Privilege Escalation
Linux Kernel 2.0.x/2.2.x/2.4.x / FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure
Linux Kernel 2.0.x/2.2.x/2.4.x (FreeBSD 4.x) - Network Device Driver Frame Padding Information Disclosure
Microsoft Office PowerPoint 2010 - Invalid Pointer Reference
Symantec rar Decomposer Engine (Multiple Products) - Out-of-Bounds Read / Out-of-Bounds Write
sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURemote Code Execution Bypass
sudo 1.8.0 < 1.8.3p1 (sudo_debug) - Privilege Escalation + glibc FORTIFY_SOURCE Bypass
Microweber 0.905 - Error Based SQL Injection
Microweber 0.905 - Error-Based SQL Injection
WordPress Theme TimThumb 2.8.13 WebShot Plugin/ - Remote Code Execution
Multiple WordPress Plugins (Using TimThumb 2.8.13 / WordThumb 1.07) - 'WebShot' Remote Code Execution
2016-09-22 05:06:28 +00:00
Offensive Security
d36011b4f9
DB: 2016-09-07
...
3 new exploits
Too many to list!
2016-09-07 05:09:19 +00:00
Offensive Security
5e2fc10125
DB: 2016-09-03
2016-09-03 13:13:25 +00:00
Offensive Security
31a21bb68d
DB: 2016-09-03
...
14 new exploits
Too many to list!
2016-09-03 05:08:42 +00:00
Offensive Security
1f0c845486
DB: 2016-08-31
...
3 new exploits
Too many to list!
2016-08-31 05:07:37 +00:00
Offensive Security
6be90e9280
DB: 2016-08-24
...
5 new exploits
Too many to list!
2016-08-24 05:06:46 +00:00
Offensive Security
832f9cf8b5
DB: 2016-08-11
...
10 new exploits
Nagios Network Analyzer 2.2.1 - Multiple CSRF
Linux/x86 - zsh TCP Bind Shell Port 9090 (96 bytes)
Linux/x86 - zsh Reverse TCP Shellcode port 9090 (80 bytes)
Microsoft Office Word 2007_2010_2013_2016 - Out-of-Bounds Read Remote Code Execution (MS16-099)
vBulletin 5.2.2 - Preauth Server Side Request Forgery (SSRF)
EyeLock Myris 3.3.2 - SDK Service Unquoted Service Path Privilege Escalation
EyeLock nano NXT 3.5 - Local File Disclosure
EyeLock nano NXT 3.5 - Remote Root Exploit
WebNMS Framework Server 5.2 and 5.2 SP1 - Multiple Vulnerabilities
SAP SAPCAR - Multiple Vulnerabilities
2016-08-11 05:08:59 +00:00
Offensive Security
d1e88dd6d0
DB: 2016-07-30
2016-07-30 07:05:01 +00:00
Offensive Security
2a57bee5c6
DB: 2016-07-25
...
12 new exploits
Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Exploit
Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Privilege Escalation Exploit
Linux Kernel < 2.6.31-rc4 - nfs4_proc_lock() Denial of Service
FreeBSD/x86 - /bin/cat /etc/master.passwd NULL free shellcode (65 bytes)
FreeBSD/x86 - /bin/cat /etc/master.passwd Null Free Shellcode (65 bytes)
Linux/x86 - execve shellcode null byte free (Generator)
Linux/x86 - execve Null Free shellcode (Generator)
Linux/x86 - cmd shellcode null free (Generator)
Linux/x86 - cmd Null Free shellcode (Generator)
iOS - Version-independent shellcode
Linux/x86-64 - bindshell port:4444 shellcode (132 bytes)
Linux/x86-64 - bindshell port 4444 shellcode (132 bytes)
Solaris/x86 - setuid(0)_ execve(//bin/sh); exit(0) NULL Free shellcode (39 bytes)
Solaris/x86 - setuid(0)_ execve(//bin/sh); exit(0) Null Free shellcode (39 bytes)
Windows 5.0 < 7.0 x86 - null-free bindshell shellcode
Windows 5.0 < 7.0 x86 - Null Free bindshell port 28876 shellcode
Win32 - telnetbind by Winexec shellcode (111 bytes)
Win32 - telnetbind by Winexec 23 port shellcode (111 bytes)
Windows NT/2000/XP - add user _slim_ shellcode for Russian systems (318 bytes)
Windows NT/2000/XP (Russian) - Add User _slim_ Shellcode (318 bytes)
Windows XP Pro SP2 English - _Message-Box_ Shellcode Null-Free (16 bytes)
Windows XP Pro SP2 English - _Wordpad_ Shellcode Null Free (12 bytes)
Windows XP Pro SP2 English - _Message-Box_ Null Free Shellcode (16 bytes)
Windows XP Pro SP2 English - _Wordpad_ Null Free Shellcode (12 bytes)
Linux/x86 - /bin/sh Null-Free Polymorphic Shellcode (46 bytes)
Linux/x86 - /bin/sh Polymorphic Null Free Shellcode (46 bytes)
Win32 - Add new local administrator shellcode _secuid0_ (326 bytes)
Win32 - Add New Local Administrator _secuid0_ Shellcode (326 bytes)
ARM - Bindshell port 0x1337shellcode
ARM - Bindshell port 0x1337 shellcode
Linux Kernel <= 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite
Linux Kernel <= 2.4.0 - Stack Infoleaks
bsd/x86 - connect back Shellcode (81 bytes)
FreeBSD/x86 - connect back Shellcode (81 bytes)
Acpid 1:2.0.10-1ubuntu2 (Ubuntu 11.10/11.04) - Privilege Boundary Crossing Local Root Exploit
Acpid 1:2.0.10-1ubuntu2 (Ubuntu 11.04/11.10) - Privilege Boundary Crossing Local Root Exploit
Linux Kernel 2.0 / 2.1 - SIGIO
Linux Kernel 2.0 / 2.1 - Send a SIGIO Signal To Any Process
Linux Kernel 2.2 - 'ldd core' Force Reboot
Debian 2.1_ Linux Kernel 2.0.x_ RedHat 5.2 - Packet Length with Options
Linux Kernel 2.0.x (Debian 2.1 / RedHat 5.2) - Packet Length with Options
Linux Kernel 2.2.x - Non-Readable File Ptrace
Linux Kernel 2.2.x - Non-Readable File Ptrace Local Information Leak
OS X 10.x_ FreeBSD 4.x_OpenBSD 2.x_Solaris 2.5/2.6/7.0/8 exec C Library Standard I/O File Descriptor Closure
OS X 10.x_ FreeBSD 4.x_ OpenBSD 2.x_ Solaris 2.5/2.6/7.0/8 - exec C Library Standard I/O File Descriptor Closure
Linux Kernel 2.4.18/19 - Privileged File Descriptor Resource Exhaustion
Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking (1)
Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking (2)
Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Local Root Exploit (1)
Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Local Root Exploit (2)
Linux Kernel 2.4 - suid execve() System Call Race Condition PoC
Linux Kernel 2.4 - suid execve() System Call Race Condition Executable File Read Proof of Concept
Linux Kernel 2.5.x / 2.6.x - CPUFreq Proc Handler Integer Handling
Linux Kernel 2.5.x / 2.6.x - CPUFreq Proc Handler Integer Handling Memory Read
Linux Kernel <= 2.6.32-5 (Debian 6.0.5) - /dev/ptmx Key Stroke Timing Local Disclosure
Microsoft Internet Explorer 6.0_ Firefox 0.x_Netscape 7.x - IMG Tag Multiple Vulnerabilities
Microsoft Internet Explorer 6.0 / Firefox 0.x / Netscape 7.x - IMG Tag Multiple Vulnerabilities
Linux Kernel 2.4.x / 2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index (Proof of Concept) (1)
Linux/x86 - Reverse TCP Bind Shellcode (92 bytes)
Linux/x86 - Reverse TCP Bind 192.168.1.10:31337 Shellcode (92 bytes)
Linux Kernel 2.2.x / 2.3.x / 2.4.x / 2.5.x / 2.6.x - ELF Core Dump Local Buffer Overflow
Linux/x86-64 - Bind TCP port shellcode (81 bytes / 96 bytes with password)
Linux/x86-64 - Bind TCP 4444 Port Shellcode (81 bytes / 96 bytes with password)
Linux/x86 - TCP Bind Shel shellcode l (96 bytes)
Linux/x86 - TCP Bind Shell 33333 Port Shellcode (96 bytes)
Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - 'rootpipe' Privilege Escalation
Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - 'Rootpipe' Privilege Escalation
Windows x86 - user32!MessageBox _Hello World!_ Null-Free shellcode (199 bytes)
Windows x86 - user32!MessageBox _Hello World!_ Null Free Shellcode (199 bytes)
OS-X/x86-64 - /bin/sh Shellcode NULL Byte Free (34 bytes)
OS-X/x86-64 - /bin/sh Null Free Shellcode (34 bytes)
Mainframe/System Z - Bind Shell shellcode (2488 bytes)
Mainframe/System Z - Bind Shell Port 12345 Shellcode (2488 bytes)
OS-X/x86-64 - tcp bind shellcode_ NULL byte free (144 bytes)
OS-X/x86-64 - tcp 4444 port bind Nullfree shellcode (144 bytes)
Ubuntu Apport - Local Privilege Escalation
Apport 2.19 (Ubuntu 15.04) - Local Privilege Escalation
Linux/x86-64 - Bindshell with Password shellcode (92 bytes)
Linux/x86-64 - Bindshell 31173 port with Password shellcode (92 bytes)
Windows XP < 10 - Null-Free WinExec Shellcode (Python) (Generator)
Windows XP < 10 - WinExec Null Free Shellcode (Python) (Generator)
Linux/x86-64 - bind TCP port shellcode (103 bytes)
Linux/x86-64 - TCP Bindshell with Password Prompt shellcode (162 bytes)
Linux/x86-64 - Bind TCP 4444 Port Shellcode (103 bytes)
Linux/x86-64 - TCP 4444 port Bindshell with Password Prompt shellcode (162 bytes)
Windows x86 - Null-Free Download & Run via WebDAV Shellcode (96 bytes)
Windows x86 - Download & Run via WebDAV Null Free Shellcode (96 bytes)
Linux Kernel 3.10_ 3.18 + 4.4 - netfilter IPT_SO_SET_REPLACE Memory Corruption
Linux Kernel 3.10 / 3.18 / 4.4 - netfilter IPT_SO_SET_REPLACE Memory Corruption
Windows - Null-Free Shellcode Primitive Keylogger to File (431 (0x01AF) bytes)
Windows - Primitive Keylogger to File Null Free Shellcode (431 (0x01AF) bytes)
Linux Kernel (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow)
Linux Kernel (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (Access /etc/shadow)
Windows - Null-Free Shellcode Functional Keylogger to File (601 (0x0259) bytes)
Windows - Functional Keylogger to File Null Free Shellcode (601 (0x0259) bytes)
Linux/x86-64 - Null-Free Reverse TCP Shell shellcode (134 bytes)
Linux/x86-64 - Reverse TCP Shell Null Free Shellcode (134 bytes)
Linux/x86-64 - Syscall Persistent Bind Shell + Multi-terminal + Password + Daemon (83_ 148_ 177 bytes)
Linux/x86-64 - Syscall Persistent Bind Shell + Multi-terminal + Password + Daemon Shellcode (83_ 148_ 177 bytes)
Linux/x86-64 - Subtle Probing Reverse Shell_ Timer_ Burst_ Password_ Multi-Terminal (84_ 122_ 172 bytes)
Linux/x86-64 - Subtle Probing Reverse Shell_ Timer_ Burst_ Password_ Multi-Terminal Shellcode (84_ 122_ 172 bytes)
2016-07-25 05:06:19 +00:00
Offensive Security
be496c36bc
DB: 2016-07-23
...
3 new exploits
Mandrake Linux 8.2 - /usr/mail Local Exploit
/usr/mail (Mandrake Linux 8.2) - Local Exploit
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Bound Checking Root Exploit (3)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Bound Checking Local Root Exploit (3)
Linux Kernel 2.2 - (TCP/IP Weakness) Exploit
Linux Kernel 2.2 - TCP/IP Weakness Spoof IP Exploit
CDRecord's ReadCD - Local Root Privileges
CDRecord's ReadCD - Local Root Exploit
NetBSD FTPd / tnftpd Remote Stack Overflow PoC
NetBSD FTPd / Tnftpd - Remote Stack Overflow PoC
Linux Kernel <= 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 & Fedora Core 10 x86_64) - set_selection() UTF-8 Off By One Local Exploit
Linux Kernel <= 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 / Fedora Core 10 x86_64) - set_selection() UTF-8 Off By One Local Exploit
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - ip_append_data() ring0 Root Exploit (1)
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - 'ip_append_data()' ring0 Root Exploit (1)
Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation Local Root Exploit (1)
Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation (1)
SimpNews 2.16.2 and Below Multiple SQL Injection Vulnerabilities
SimpNews <= 2.16.2 - Multiple SQL Injection Vulnerabilities
NetBSD 5.0 and below Hack GENOCIDE Environment Overflow proof of concept
NetBSD 5.0 and below Hack PATH Environment Overflow proof of concept
NetBSD <= 5.0 - Hack GENOCIDE Environment Overflow proof of concept
NetBSD <= 5.0 - Hack PATH Environment Overflow proof of concept
Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation Local Root Exploit (2)
Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation (2)
Linux Kernel < 2.6.34 (Ubuntu 10.10) - CAP_SYS_ADMIN x86 Local Privilege Escalation Exploit (1)
Linux Kernel < 2.6.34 (Ubuntu 10.10 x86) - 'CAP_SYS_ADMIN' Local Privilege Escalation Exploit (1)
Linux Kernel < 2.6.34 (Ubuntu 11.10 x86/x64) - CAP_SYS_ADMIN Local Privilege Escalation Exploit (2)
Linux Kernel < 2.6.34 (Ubuntu 10.10 x86/x64) - 'CAP_SYS_ADMIN' Local Privilege Escalation Exploit (2)
Linux Kernel <= 2.6.37-rc1 - serial_multiport_struct Local Info Leak Exploit
Linux Kernel <= 2.6.37-rc1 - serial_multiport_struct Local Information Leak Exploit
NetBSD <= 1.3.2_SGI IRIX <= 6.5.1 at(1)
NetBSD <= 1.3.2_SGI IRIX <= 6.5.1 at(1) - Exploit
NetBSD <= 1.4_OpenBSD <= 2.5_Solaris <= 7.0 profil(2)
NetBSD <= 1.4 / OpenBSD <= 2.5 /Solaris <= 7.0 profil(2) - Exploit
FreeBSD 3.4/4.0/5.0_NetBSD 1.4 Unaligned IP Option Denial of Service
FreeBSD 3.4/4.0/5.0 / NetBSD 1.4 - Unaligned IP Option Denial of Service
FreeBSD 2.2-4.2_NetBSD 1.2-4.5_OpenBSD 2.x ftpd glob() Buffer Overflow
FreeBSD 2.2-4.2 / NetBSD 1.2-4.5 / OpenBSD 2.x FTPd - glob() Buffer Overflow
NetBSD 1.x TalkD User Validation
NetBSD 1.x TalkD - User Validation
FreeBSD 4.x_NetBSD 1.4.x/1.5.x/1.6_OpenBSD 3 pppd Arbitrary File Permission Modification Race Condition
FreeBSD 4.x / NetBSD 1.4.x/1.5.x/1.6 / OpenBSD 3 - pppd Arbitrary File Permission Modification Race Condition
Linux Kernel 2.4 - execve() System Call Race Condition PoC
Linux Kernel 2.4 - suid execve() System Call Race Condition PoC
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index PoC (1)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index (Proof of Concept) (1)
Linux Kernel < 3.8.9 (x86_64) - perf_swevent_init Local Root Exploit (2)
Linux Kernel < 3.8.9 (x86_64) - 'perf_swevent_init' Local Root Exploit (2)
NetBSD 3.1 Ftpd and Tnftpd Port Remote Buffer Overflow
NetBSD 3.1 FTPd / Tnftpd - Port Remote Buffer Overflow
OpenBSD 4.6 and NetBSD 5.0.1 - 'printf(1)' Format String Parsing Denial of Service
OpenBSD 4.6 / NetBSD 5.0.1 - 'printf(1)' Format String Parsing Denial of Service
Linux Kernel <= 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04.0/1/2 x64) - perf_swevent_init Local Root Exploit (3)
Linux Kernel <= 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04/12.04.1/12.04.2 x64) - 'perf_swevent_init' Local Root Exploit (3)
Mozilla Firefox SeaMonkey <= 3.6.10 and Thunderbird <= 3.1.4 - 'document.write' Memory Corruption
Mozilla Firefox SeaMonkey <= 3.6.10 / Thunderbird <= 3.1.4 - 'document.write' Memory Corruption
Mozilla Firefox/Thunderbird/SeaMonkey Multiple HTML Injection Vulnerabilities
Mozilla Firefox/Thunderbird/SeaMonkey - Multiple HTML Injection Vulnerabilities
Linux Kernel <= 3.14.5 (RHEL/CentOS 7) - libfutex Local Root
Linux Kernel <= 3.14.5 (RHEL / CentOS 7) - 'libfutex' Local Root Exploit
NetBSD 5.1 Multiple 'libc/net' Functions Stack Buffer Overflow
NetBSD 5.1 - Multiple 'libc/net' Functions Stack Buffer Overflow
VSAT Sailor 900 - Remote Exploit
Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow (Proof of Concept)
Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - rootpipe Local Privilege Escalation
Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - 'rootpipe' Privilege Escalation
Apple OS X Entitlements Rootpipe Privilege Escalation
Apple OS X Entitlements - 'Rootpipe' Privilege Escalation
OS-X/x86-64 - /bin/sh Shellcode - NULL Byte Free (34 bytes)
OS-X/x86-64 - /bin/sh Shellcode NULL Byte Free (34 bytes)
OS X Install.framework suid root Runner Binary Privilege Escalation
OS X Install.framework - suid root Runner Binary Privilege Escalation
Linux/MIPS Kernel 2.6.36 NetUSB - Remote Code Execution Exploit
Linux/MIPS Kernel 2.6.36 - 'NetUSB' Remote Code Execution Exploit
Linux/x86-64 - bindshell (Pori: 5600) shellcode (81 bytes)
Linux/x86-64 - bindshell (Port 5600) shellcode (81 bytes)
Linux Kernel 4.4.x (Ubuntu 16.04) - double-fdput() in bpf(BPF_PROG_LOAD) Local Root Exploit
Linux Kernel 4.4.x (Ubuntu 16.04) - 'double-fdput()' in bpf(BPF_PROG_LOAD) Local Root Exploit
Exim 4 (Debian/Ubuntu) - Spool Local Root Privilege Escalation
Exim 4 (Debian / Ubuntu) - Spool Local Privilege Escalation
Windows 7-10 and 2k8-2k12 x86/x64 - Secondary Logon Handle Privilege Escalation (MS16-032)
Windows 7-10 and 2008-2012 (x86/x64) - Secondary Logon Handle Privilege Escalation (MS16-032)
Internet Explorer 11 (on Windows 10) - VBScript Memory Corruption Proof-of-Concept Exploit (MS16-051)
Internet Explorer 11 (Windows 10) - VBScript Memory Corruption Proof-of-Concept Exploit (MS16-051)
Linux/x86-64 - Syscall Persistent Bind Shell + (Multi-terminal) + Password + Daemon (83_ 148_ 177 bytes)
Linux/x86-64 - Syscall Persistent Bind Shell + Multi-terminal + Password + Daemon (83_ 148_ 177 bytes)
mail.local(8) (NetBSD) - Local Root Exploit (NetBSD-SA2016-006)
Apache 2.4.7 & PHP <= 7.0.2 - openssl_seal() Uninitialized Memory Code Execution
2016-07-23 05:07:15 +00:00
Offensive Security
789febc361
DB: 2016-07-22
...
4 new exploits
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Local Proof of Concept (1)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Local Proof of Concept (2)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Validator (Proof of Concept) (1)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Validator (Proof of Concept) (2)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'mremap()' Bound Checking Root Exploit (3)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Bound Checking Root Exploit (3)
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Local Proof of Concept (2)
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Validator (Proof of Concept) (1)
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Missing 'do_munmap' Exploit (1)
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Local Root Exploit (2)
Linux Kernel <= 2.4.29-rc2 - 'uselib()' Privilege Elevation (1)
Linux Kernel <= 2.4.29-rc2 - 'uselib()' Privilege Escalation (1)
Linux Kernel 2.4 - 'uselib()' Privilege Elevation Exploit (2)
Linux Kernel 2.4 - 'uselib()' Privilege Escalation Exploit (2)
Linux Kernel 2.4 / 2.6 x86_64) - System Call Emulation Exploit
Linux Kernel 2.4 / 2.6 (x86_64) - System Call Emulation Local Root Exploit
TFTP Server 1.4 - ST Buffer Overflow Exploit (0Day)
TFTP Server 1.4 - ST Buffer Overflow Exploit
Linux Kernel < 2.6.22 - ftruncate()/open() Local Exploit
Linux Kernel < 2.6.22 - ftruncate()/open() Local Root Exploit
MuPDF pdf_shade4.c Multiple Stack-Based Buffer Overflows
MuPDF < 20091125231942 - pdf_shade4.c Multiple Stack-Based Buffer Overflows
(Linux Kernel <= 2.6.34-rc3) ReiserFS xattr (Redhat/Ubuntu 9.10) - Privilege Escalation
ReiserFS xattr (Linux Kernel <= 2.6.34-rc3) (Redhat / Ubuntu 9.10) - Privilege Escalation
Microsoft ASN.1 Library Bitstring Heap Overflow
Microsoft Windows - ASN.1 Library Bitstring Heap Overflow (MS04-007)
Linux Kernel 2.0 / 2.1 / 2.2 - autofs
Linux Kernel 2.2 - ldd core Force Reboot
Linux Kernel 2.2 - 'ldd core' Force Reboot
OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (1)
OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (2)
OpenSSH 3.x - Challenge-Response Buffer Overflow Vulnerabilities (1)
OpenSSH 3.x - Challenge-Response Buffer Overflow Vulnerabilities (2)
Linux Kernel Samba 2.2.8 (Debian/Mandrake) - Share Local Privilege Elevation
Linux Kernel Samba 2.2.8 (Debian / Mandrake) - Share Local Privilege Escalation
Linux Kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition Local Privilege Escalation (x64)
Linux Kernel 3.14-rc1 <= 3.15-rc4 (x64) - Raw Mode PTY Local Echo Race Condition Local Privilege Escalation
Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow Proof of Concept
Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow (Proof of Concept)
Apport/Abrt - Local Root Exploit
Apport/Abrt (Ubuntu / Fedora) - Local Root Exploit
Ubuntu usb-creator 0.2.x - Local Privilege Escalation
usb-creator 0.2.x (Ubuntu 12.04/14.04/14.10) - Local Privilege Escalation
Apport/Ubuntu - Local Root Race Condition
Apport (Ubuntu 14.04/14.10/15.04) - Local Root Race Condition
Linux Kernel 4.4.0-2 (Ubuntu 16.04) - netfilter target_offset OOB Local Root Exploit
Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - netfilter target_offset OOB Local Root Exploit
TFTP Server 1.4 - WRQ Buffer Overflow Exploit (Egghunter)
Linux/x86-64 - Subtle Probing Reverse Shell_ Timer_ Burst_ Password_ Multi-Terminal (84_ 122_ 172 bytes)
TeamPass Passwords Management System 2.1.26 - Arbitrary File Download
2016-07-22 05:05:29 +00:00
Offensive Security
76bc268c80
DB: 2016-07-11
2016-07-11 05:06:57 +00:00
Offensive Security
0fe9b46f79
DB: 2016-06-22
...
14 new exploits
Linux Kernel <= 2.4.22 - 'do_brk' Local Root Exploit (2)
Linux Kernel <= 2.4.22 - 'do_brk()' Local Root Exploit (2)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (1)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (2)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Local Proof of Concept (1)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap()' Local Proof of Concept (2)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'mremap()' Bound Checking Root Exploit
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'mremap()' Bound Checking Root Exploit (3)
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Missing 'do_munmap' Exploit
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Missing 'do_munmap' Exploit (1)
Linux Kernel <= 2.4.29-rc2 - uselib() Privilege Elevation
Linux Kernel <= 2.4.29-rc2 - 'uselib()' Privilege Elevation (1)
Linux Kernel 2.4 - uselib() Privilege Elevation Exploit
Linux Kernel 2.4 - uselib() Privilege Elevation Exploit (2)
Linux Kernel 2.4.x / 2.6.x - uselib() Local Privilege Escalation Exploit
Linux Kernel 2.4.x / 2.6.x - uselib() Local Privilege Escalation Exploit (3)
Linux Kernel 2.6.17 <= 2.6.24.1 - vmsplice Local Root Exploit
Linux Kernel 2.6.23 <= 2.6.24 - vmsplice Local Root Exploit
Linux Kernel 2.6.17 <= 2.6.24.1 - 'vmsplice' Local Root Exploit (2)
Linux Kernel 2.6.23 <= 2.6.24 - vmsplice Local Root Exploit (1)
Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - UDEV Local Privilege Escalation Exploit
Linux Kernel 2.6 (Debian 4.0 / Ubuntu / Gentoo) - UDEV Local Privilege Escalation Exploit (1)
Linux Kernel 2.6 UDEV < 141 (Gentoo / Ubuntu 8.10/9.04) - Local Privilege Escalation Exploit
Linux Kernel 2.6 (Gentoo / Ubuntu 8.10/9.04) - UDEV < 141 Local Privilege Escalation Exploit (2)
Linux Kernel 2.x (Redhat) - sock_sendpage() Ring0 Local Root Exploit (1)
Linux Kernel 2.x - sock_sendpage() Local Root Exploit (2)
Linux Kernel 2.x (Redhat) - 'sock_sendpage()' Ring0 Local Root Exploit (1)
Linux Kernel 2.x - 'sock_sendpage()' Local Root Exploit (2)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4~11 / Whitebox 4 / CentOS 4) - sock_sendpage() ring0 Root Exploit (1)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4~11 / Whitebox 4 / CentOS 4) - 'sock_sendpage()' ring0 Root Exploit (3)
Linux Kernel <= 2.6.30 - atalk_getname() 8-bytes Stack Disclosure Exploit
Linux Kernel <= 2.6.30 - 'atalk_getname()' 8-bytes Stack Disclosure Exploit (1)
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - ip_append_data() ring0 Root Exploit
Linux Kernel < 2.6.31-rc7 - AF_IRDA 29-Byte Stack Disclosure Exploit
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6 x86) - ip_append_data() ring0 Root Exploit (1)
Linux Kernel < 2.6.31-rc7 - AF_IRDA 29-Byte Stack Disclosure Exploit (2)
Linux Kernel < 2.6.19 (x86/x64) - udp_sendmsg Local Root Exploit
Linux Kernel < 2.6.19 (Debian 4) - udp_sendmsg Local Root Exploit
Linux Kernel < 2.6.19 (x86/x64) - udp_sendmsg Local Root Exploit (2)
Linux Kernel < 2.6.19 (Debian 4) - 'udp_sendmsg' Local Root Exploit (3)
Linux Kernel 2.4 / 2.6 (Fedora 11) - sock_sendpage() Local Root Exploit (2)
Linux Kernel 2.4 / 2.6 (Fedora 11) - 'sock_sendpage()' Local Root Exploit (4)
Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (3)
Linux Kernel 2.4 / 2.6 - 'sock_sendpage()' Local Root Exploit (5)
Linux Kernel 2.4.1-2.4.37 / 2.6.1-2.6.32-rc5 - Pipe.c Privilege Escalation
Linux Kernel 2.4.1-2.4.37 / 2.6.1-2.6.32-rc5 - Pipe.c Privilege Escalation (3)
Linux Kernel <= 2.6.32 - 'pipe.c' Local Privilege Escalation Vulnerability
Linux Kernel <= 2.6.32 - 'pipe.c' Local Privilege Escalation Vulnerability (4)
Linux Kernel <= 2.6.37 (Redhat / Ubuntu 10.04) - 'Full Nelson' Local Privilege Escalation
Linux Kernel <= 2.6.37 (Redhat / Ubuntu 10.04) - 'Full-Nelson.c' Local Privilege Escalation
Linux Kernel <= 2.6.37 - Local Kernel Denial of Service
Linux Kernel <= 2.6.37 - Local Kernel Denial of Service (1)
Linux Kernel < 2.6.37-rc2 - TCP_MAXSEG Kernel Panic DoS
Linux Kernel < 2.6.37-rc2 - TCP_MAXSEG Kernel Panic DoS (2)
Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - Econet Privilege Escalation Exploit
Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - 'Half-Nelson.c' Econet Privilege Escalation Exploit
Linux Kernel 2.6.39 <= 3.2.2 (Gentoo / Ubuntu x86/x64) - Mempodipper Local Root (1)
Linux Kernel 2.6.39 <= 3.2.2 (Gentoo / Ubuntu x86/x64) - 'Mempodipper.c' Local Root (1)
Linux Kernel 2.0/2.1_ Digital UNIX <= 4.0 D_ FreeBSD <= 2.2.4_ HP HP-UX 10.20/11.0_ IBM AIX <= 3.2.5_ NetBSD 1.2_ Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability
Linux Kernel 2.0/2.1 (Digital UNIX <= 4.0 D / FreeBSD <= 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX <= 3.2.5 / NetBSD 1.2 / Solaris <= 2.5.1) - Smurf Denial of Service Vulnerability
Linux Kernel <= 2.3_ BSD/OS <= 4.0_ FreeBSD <= 3.2_ NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability
Linux Kernel <= 2.3 (BSD/OS <= 4.0 / FreeBSD <= 3.2 / NetBSD <= 1.4) - Shared Memory Denial of Service Vulnerability
Linux Kernel 2.2.12/2.2.14/2.3.99_ RedHat 6.x - Socket Denial of Service
Linux Kernel 2.2.12/2.2.14/2.3.99 (RedHat 6.x) - Socket Denial of Service
Linux Kernel 2.2.x/2.4.0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1)
Linux Kernel 2.2.x/2.4.0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2)
Linux Kernel 2.2.x <= 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Local Root 'sendmail' Vulnerability (1)
Linux Kernel 2.2.x <= 2.4.0-test1 (SGI ProPack 1.2/1.3) - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2)
Linux Kernel < 3.3.x - 3.7.x (Arch Linux x86_64) - sock_diag_handlers[] Local Root
Linux Kernel < 3.3.x - 3.7.x (Arch Linux x86_64) - 'sock_diag_handlers[]' Local Root (1)
Linux Kernel <= 3.7.10 (Ubuntu 12.10 x64) - sock_diag_handlers Local Root Exploit
Linux Kernel <= 3.7.10 (Ubuntu 12.10 x64) - 'sock_diag_handlers' Local Root Exploit (2)
Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (1)
Linux Kernel 2.6.x - 'SYS_EPoll_Wait' Local Integer Overflow Local Root Vulnerability (1)
Linux Kernel 2.6.32 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit
Linux Kernel 2.6.32 <= 3.x.x (CentOS) - 'PERF_EVENTS' Local Root Exploit (1)
Linux Kernel < 3.8.9 (x86_64) - perf_swevent_init Local Root Exploit
Linux Kernel < 3.8.9 (x86_64) - perf_swevent_init Local Root Exploit (2)
Linux Kernel 3.4 < 3.13.2 - recvmmsg x32 compat - Proof of Concept
Linux Kernel 3.4 < 3.13.2 - recvmmsg x32 compat - Proof of Concept (1)
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - Arbitrary Write with CONFIG_X86_X32 Exploit
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - 'CONFIG_X86_X32=y' Local Root Exploit
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - Arbitrary Write with 'CONFIG_X86_X32' Exploit (2)
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - 'CONFIG_X86_X32=y' Local Root Exploit (3)
Linux Kernel 2.6.x - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty
Linux Kernel 3.3 < 3.8 (Ubuntu/Fedora 18) - SOCK_DIAG Local Root Exploit
Linux Kernel 3.3 < 3.8 (Ubuntu/Fedora 18) - SOCK_DIAG Local Root Exploit (3)
Linux Kernel <= 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04.(0_1_2) x64) - perf_swevent_init Local Root Exploit
Linux Kernel 2.6.x - 'fasync_helper()' Local Privilege Escalation Vulnerability
Linux Kernel <= 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04.0/1/2 x64) - perf_swevent_init Local Root Exploit (3)
Linux Kernel < 2.6.28 - 'fasync_helper()' Local Privilege Escalation Vulnerability
Linux Kernel 2.6.39 <= 3.2.2 (x86/x64) - Mempodipper Local Root (2)
Linux Kernel 2.6.39 <= 3.2.2 (x86/x64) - 'Mempodipper.c' Local Root (2)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root Shell
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - 'overlayfs' Local Root Shell
Linux Kernel <= 4.3.3 (Ubuntu 14.04/15.10) - overlayfs Local Root Exploit
Linux Kernel <= 4.3.3 (Ubuntu 14.04/15.10) - 'overlayfs' Local Root Exploit (1)
Linux Kernel <= 4.3.3 - overlayfs Local Privilege Escalation
Linux Kernel <= 4.3.3 - 'overlayfs' Local Privilege Escalation (2)
DarkComet Server Remote File Download Exploit (msf)
Banshee 2.6.2 - .mp3 Crash PoC
IonizeCMS 1.0.8 - (Add Admin) CSRF
Yona CMS - (Add Admin) CSRF
Joomla Publisher Pro (com_publisher) Component - SQL Injection
Windows - gdi32.dll Multiple DIB-Related EMF Record Handlers Heap-Based Out-of-Bounds Reads/Memory Disclosure (MS16-074)
Windows Kernel - ATMFD.DLL NamedEscape 0x250C Pool Corruption (MS16-074)
Linux - ecryptfs and /proc/$pid/environ Privilege Escalation
Windows - Custom Font Disable Policy Bypass
Internet Explorer 11 - Garbage Collector Attribute Type Confusion (MS16-063)
SAP NetWeaver AS JAVA 7.1 - 7.5 - ctcprotocol Servlet XXE
SAP NetWeaver AS JAVA 7.1 - 7.5 - Directory Traversal
Radiant CMS 1.1.3 - Mutiple Persistent XSS Vulnerabilities
YetiForce CRM < 3.1 - Persistent XSS
2016-06-22 05:06:31 +00:00
Offensive Security
33dd246d8a
DB: 2016-06-16
...
14 new exploits
Ultrabenosaurus ChatBoard - Stored XSS
Ultrabenosaurus ChatBoard - CSRF (Send Message)
w2wiki - Multiple XSS Vulnerabilities
Hyperoptic (Tilgin) Router HG23xx - Multiple Vulnerabilities
Dokeos 2.2.1 - Blind SQL Injection
Joomla En Masse (com_enmasse) Component 5.1 - 6.4 - SQL Injection
AdobeUpdateService 3.6.0.248 - Unquoted Service Path Privilege Escalation
BookingWizz Booking System < 5.5 - Multiple Vulnerabilities
jbFileManager - Directory Traversal
PHPLive 4.4.8 - 4.5.4 - Password Recovery SQL Injection
Bomgar Remote Support Unauthenticated Code Execution (msf)
Windows 7 - win32k Bitmap Use-After-Free (MS16-062) (1)
Windows 7 - win32k Bitmap Use-After-Free (MS16-062) (2)
Google Chrome - GPU Process MailboxManagerImpl Double-Read
2016-06-16 05:02:53 +00:00
Offensive Security
264d15855e
DB: 2016-06-14
...
14 new exploits
FRticket Ticket System - Stored XSS
Viart Shopping Cart 5.0 - CSRF Shell Upload
Easy RM to MP3 Converter 2.7.3.700 - (.m3u) Exploit with Universal DEP+ASLR Bypass
Dream Gallery 2.0 - Admin Panel Authentication Bypass
Grid Gallery 1.0 - Admin Panel Authentication Bypass
Joomla PayPlans (com_payplans) Extension 3.3.6 - SQL Injection
Zabbix 2.2 - 3.0.3 - RCE with API JSON-RPC
iSQL 1.0 - Shell Command Injection
iSQL 1.0 - isql_main.c Buffer Overflow PoC
Foxit PDF Reader 1.0.1.0925 - CPDF_StreamContentParser::~CPDF_StreamContentParser Heap-Based Memory Corruption
Foxit PDF Reader 1.0.1.0925 - CPDF_DIBSource::TranslateScanline24bpp Out-of-Bounds Read
Foxit PDF Reader 1.0.1.0925 - CFX_WideString::operator= Invalid Read
Foxit PDF Reader 1.0.1.0925 -kdu_core::kdu_codestream::get_subsampling Memory Corruption
Foxit PDF Reader 1.0.1.0925 - CFX_BaseSegmentedArray::IterateIndex Memory Corruption
2016-06-14 05:03:54 +00:00
Offensive Security
8164665ff7
DB: 2016-06-01
...
6 new exploits
FlatPress 1.0.3 - CSRF Arbitrary File Upload
AirOS NanoStation M2 5.6-beta - Multiple Vulnerabilities
ProcessMaker 3.0.1.7 - Multiple vulnerabilities
CCextractor 0.80 - Crash PoC
Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (msf)
TCPDump 4.5.1 - Crash PoC
2016-06-01 05:01:50 +00:00
Offensive Security
a447a01cb8
DB: 2016-05-20
2016-05-20 06:50:49 +00:00
Offensive Security
614fb1caf8
DB: 2016-05-12
...
22 new exploits
PoPToP PPTP <= 1.1.4-b3 - Remote Root Exploit (poptop-sane.c)
PoPToP PPTP <= 1.1.4-b3 - 'poptop-sane.c' Remote Root Exploit
Atftpd 0.6 - Remote Root Exploit (atftpdx.c)
Atftpd 0.6 - 'atftpdx.c' Remote Root Exploit
Yahoo Messenger 5.5 - Remote Exploit (DSR-ducky.c)
Yahoo Messenger 5.5 - 'DSR-ducky.c' Remote Exploit
CCBILL CGI Remote Exploit for whereami.cgi (ccbillx.c)
CCBILL CGI - 'ccbillx.c' whereami.cgi Remote Exploit
Cisco IOS IPv4 Packet Denial of Service Exploit (cisco-bug-44020.c)
Cisco IOS - 'cisco-bug-44020.c' IPv4 Packet Denial of Service Exploit
wu-ftpd 2.6.2 - Remote Denial of Service Exploit (wuftpd-freezer.c)
wu-ftpd 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service Exploit
Microsoft Windows - (Jolt2.c) Denial of Service Exploit
Microsoft Windows - 'Jolt2.c' Denial of Service Exploit
TCP SYN Denial of Service Exploit (bang.c)
TCP SYN - 'bang.c' Denial of Service Exploit
Apache HTTPd - Arbitrary Long HTTP Headers DoS (C)
Apache HTTPd - Arbitrary Long HTTP Headers DoS
Linux Kernel <= 2.4.26- File Offset Pointer Handling Memory Disclosure Exploit
Linux Kernel <= 2.4.26 - File Offset Pointer Handling Memory Disclosure Exploit
Linux Kernel 2.6.x (Slackware 9.1/ Debian 3.0) - chown() Group Ownership Alteration Exploit
Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Exploit
Veritas Backup Exec Agent 8.x/9.x - Browser Overflow (C)
Veritas Backup Exec Agent 8.x/9.x - Browser Overflow
Apache OpenSSL - Remote Exploit (Multiple Targets) (OpenFuckV2.c)
Apache OpenSSL - 'OpenFuckV2.c' Remote Exploit
CA License Server (GETCONFIG) Remote Buffer Overflow Exploit (c)
CA License Server (GETCONFIG) Remote Buffer Overflow Exploit
Aeon 0.2a - Local Linux Exploit (C)
Aeon 0.2a - Local Linux Exploit
Linux Kernel 2.4 / 2.6 - bluez Local Root Privilege Escalation Exploit (3)
Linux Kernel 2.4.x / 2.6.x - 'Bluez' Bluetooth Signed Buffer Index Local Root (3)
nbSMTP <= 0.99 (util.c) Client-Side Command Execution Exploit
nbSMTP <= 0.99 - 'util.c' Client-Side Command Execution Exploit
SuSE Linux <= 9.3 / 10 - (chfn) Local Root Privilege Escalation Exploit
Linux chfn (SuSE <= 9.3 / 10) - Local Privilege Escalation Exploit
SugarSuite Open Source <= 4.0beta Remote Code Execution Exploit (c)
SugarSuite Open Source <= 4.0beta - Remote Code Execution Exploit
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (c)
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (pl)
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (Perl)
OpenVMPSd <= 1.3 - Remote Format String Exploit (Multiple Targets)
OpenVMPSd <= 1.3 - Remote Format String Exploit
Ubuntu Breezy 5.10 Installer Password Disclosure Vulnerability
Ubuntu Breezy 5.10 - Installer Password Disclosure Vulnerability
X.Org X11 (X11R6.9.0/X11R7.0) - Local Root Privilege Escalation Exploit
X.Org X11 (X11R6.9.0/X11R7.0) - Local Privilege Escalation Exploit
DataLife Engine <= 4.1 - Remote SQL Injection Exploit (php)
DataLife Engine <= 4.1 - Remote SQL Injection Exploit (PHP)
Opera 9 IRC Client Remote Denial of Service Exploit (c)
Opera 9 IRC Client Remote Denial of Service Exploit (py)
Opera 9 - IRC Client Remote Denial of Service Exploit
Opera 9 IRC Client - Remote Denial of Service Exploit (Python)
Microsoft Windows PNG File IHDR Block Denial of Service Exploit PoC (c)
Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (1)
Microsoft Windows PNG File IHDR Block Denial of Service Exploit PoC (c) (2)
Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (2)
Microsoft Internet Explorer (VML) Remote Buffer Overflow Exploit (SP2) (pl)
Microsoft Internet Explorer (VML) - Remote Buffer Overflow Exploit (SP2) (Perl)
Microsoft Internet Explorer WebViewFolderIcon setSlice() Exploit (pl)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (Perl)
Microsoft Internet Explorer WebViewFolderIcon setSlice() Exploit (c)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit
cPanel <= 10.8.x - (cpwrap via mysqladmin) Local Root Exploit (php)
cPanel <= 10.8.x - (cpwrap via mysqladmin) Local Root Exploit (PHP)
Xfire <= 1.6.4 - Remote Denial of Service Exploit (pl)
Xfire <= 1.6.4 - Remote Denial of Service Exploit (Perl)
Microsoft Windows NetpManageIPCConnect Stack Overflow Exploit (py)
Microsoft Windows NetpManageIPCConnect - Stack Overflow Exploit (Python)
VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (c)
VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit
QK SMTP <= 3.01 (RCPT TO) Remote Buffer Overflow Exploit (pl)
QK SMTP <= 3.01 - (RCPT TO) Remote Buffer Overflow Exploit (Perl)
Ubuntu/Debian Apache 1.3.33/1.3.34 - (CGI TTY) Local Root Exploit
Apache 1.3.33/1.3.34 (Ubuntu / Debian) - (CGI TTY) Local Root Exploit
WarFTP 1.65 (USER) Remote Buffer Overlow Exploit (multiple targets)
WarFTP 1.65 (USER) Remote Buffer Overlow Exploit
XOOPS Module WF-Snippets <= 1.02 (c) BLIND SQL Injection Exploit
XOOPS Module WF-Snippets <= 1.02 (c) - BLIND SQL Injection Exploit
IrfanView 3.99 - (.ani) Local Buffer Overflow Exploit (multiple targets)
IrfanView 3.99 - (.ani) Local Buffer Overflow Exploit
3proxy 0.5.3g logurl() Remote Buffer Overflow Exploit (Win32) (pl)
3proxy 0.5.3g logurl() - Remote Buffer Overflow Exploit (Win32) (Perl)
Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Exploit (c)
Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Exploit
fuzzylime CMS 3.01 (polladd.php poll) Remote Code Execution Exploit (php)
fuzzylime CMS 3.01 (polladd.php poll) Remote Code Execution Exploit (pl)
fuzzylime CMS 3.01 (polladd.php poll) Remote Code Execution Exploit (PHP)
fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution Exploit (Perl)
IntelliTamper 2.07 - (map file) Local Arbitrary Code Execution Exploit (pl)
IntelliTamper 2.07 - (map file) Local Arbitrary Code Execution Exploit (Perl)
IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow Exploit (c)
IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow Exploit
BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (py)
BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (Python)
BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (c)
BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit
CoolPlayer 2.19 - (Skin File) Local Buffer Overflow Exploit (py)
CoolPlayer 2.19 - (Skin File) Local Buffer Overflow Exploit (Python)
Browser3D 3.5 - (.sfs) Local Stack Overflow Exploit (c)
Browser3D 3.5 - (.sfs) Local Stack Overflow Exploit
Microsoft Internet Explorer 7 - Memory Corruption Exploit (MS09-002) (py)
Microsoft Internet Explorer 7 - Memory Corruption Exploit (MS09-002) (Python)
EFS Easy Chat Server Authentication Request Buffer Overflow Exploit (pl)
EFS Easy Chat Server - Authentication Request Buffer Overflow Exploit (Perl)
CastRipper 2.50.70 - (.m3u) Universal Stack Overflow Exploit (py)
CastRipper 2.50.70 - (.m3u) Universal Stack Overflow Exploit (Python)
Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (php)
Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (PHP)
Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (pl)
Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (Perl)
kloxo 5.75 - (24 issues) Multiple Vulnerabilities
kloxo 5.75 - Multiple Vulnerabilities
Mozilla Firefox 3.5 (Font tags) Remote Heap Spray Exploit (pl)
Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (Perl)
Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit (C)
Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit
MailEnable 1.52 HTTP Mail Service Stack BoF Exploit PoC
MailEnable 1.52 - HTTP Mail Service Stack BoF Exploit PoC
(Ubuntu 9.10/10.04) PAM 1.1.0 - MOTD File Tampering (Privilege Escalation)
Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation Local Root Exploit (1)
Cacti 0.8.7e: Multiple Security Issues
Cacti 0.8.7e - Multiple Vulnerabilities
(Tod Miller's) Sudo/SudoEdit 1.6.x < 1.6.9p21 & 1.7.x < 1.7.2p4 - Local Root Exploit
(Tod Miller's) Sudo/SudoEdit 1.6.x / 1.7.x (<= 1.6.9p21 / <= 1.7.2p4) - Local Root Exploit
PAM 1.1.0 MOTD (Ubuntu 9.10/10.04) - Local Root Exploit
Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation Local Root Exploit (2)
Linux Kernel < 2.6.36-rc1 CAN BCM (Ubuntu 10.04 / 2.6.32-21) - Privilege Escalation Exploit
Linux Kernel < 2.6.36-rc1 CAN BCM (Ubuntu 10.04 / 2.6.32) - Privilege Escalation Exploit
Ubuntu Linux - 'mountall' - Local Privilege Escalation Vulnerability
mountall <= 2.15.2 (Ubuntu 10.04/10.10) - Local Privilege Escalation Vulnerability
Cilem Haber 1.4.4 (Tr) - Database Disclosure Exploit (.py)
Cilem Haber 1.4.4 (Tr) - Database Disclosure Exploit (Python)
PHP Hosting Directory 2.0 Database Disclosure Exploit (.py)
PHP Hosting Directory 2.0 Database Disclosure Exploit (Python)
systemtap - Local Root Privilege Escalation Vulnerability
systemtap - Local Privilege Escalation Vulnerability
Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 110.10) - Local Privilege Escalation Exploit (2)
Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 11.10) - Local Privilege Escalation Exploit (2)
Kunena < 1.5.13_ < 1.6.3 - SQL Injection Vulnerability
Kunena < 1.5.13 / < 1.6.3 - SQL Injection Vulnerability
HP OpenView NNM 7.53_ 7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow
HP OpenView NNM 7.53/7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow
Safari 5.0.6_ 5.1 - SVG DOM Processing PoC
Safari 5.0.6/5.1 - SVG DOM Processing PoC
Ubuntu <= 11.04 ftp client Local Buffer Overflow Crash PoC
FTP Client (Ubuntu <= 11.04) - Local Buffer Overflow Crash PoC
Acpid 1:2.0.10-1ubuntu2 - Privilege Boundary Crossing Vulnerability
Acpid 1:2.0.10-1ubuntu2 (Ubuntu 11.10/11.04) - Privilege Boundary Crossing Local Root Exploit
RedHat Linux <= 6.0_ Slackware Linux <= 4.0 Termcap tgetent() Buffer Overflow (1)
RedHat Linux <= 6.0_ Slackware Linux <= 4.0 Termcap tgetent() Buffer Overflow (2)
RedHat Linux <= 6.0 / Slackware Linux <= 4.0 - Termcap tgetent() Buffer Overflow (1)
RedHat Linux <= 6.0 / Slackware Linux <= 4.0 - Termcap tgetent() Buffer Overflow (2)
Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1)
Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2)
Linux Kernel 2.2.x/2.4.0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1)
Linux Kernel 2.2.x/2.4.0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2)
Debian 2.x_RedHat 6.2_IRIX 5/6_ Solaris 2.x Mail Reply-To Field Vulnerability
Debian 2.x_ RedHat 6.2_ IRIX 5/6_ Solaris 2.x - Mail Reply-To Field Vulnerability
Pure-FTPd 1.0.21 (CentOS 6.2 & Ubuntu 8.04) - Crash PoC (Null Pointer Dereference)
Pure-FTPd 1.0.21 (CentOS 6.2 / Ubuntu 8.04) - Crash PoC (Null Pointer Dereference)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (1)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (2)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (3)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (4)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (5)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (1)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (2)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (3)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (4)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (5)
cPanel 5.0 - Openwebmail Local Privileges Escalation Vulnerability
cPanel 5.0 - Openwebmail Local Privilege Escalation Vulnerability
Linux-PAM 0.77 - Pam_Wheel Module getlogin() Username Spoofing Privileged Escalation Vulnerability
Linux PAM 0.77 - Pam_Wheel Module getlogin() Username Spoofing Privilege Escalation Vulnerability
Totem Movie Player (Ubuntu) 3.4.3 - Stack Corruption
Totem Movie Player 3.4.3 (Ubuntu) - Stack Corruption
Flightgear 2.0_ 2.4 - Remote Format String Exploit
Flightgear 2.0/2.4 - Remote Format String Exploit
Opera 7.x_ Firefox 1.0_ Internet Explorer 6.0 - Information Disclosure Weakness
Opera 7.x/Firefox 1.0/Internet Explorer 6.0 - Information Disclosure Weakness
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index PoC Vulnerability (1)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (2)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (3)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (4)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index PoC (1)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root (2)
Linux Kernel <= 2.4.30 / <= 2.6.11.5 - Bluetooth bluez_sock_create Local Root Vulnerability
Linux Kernel 2.6.37 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit
Linux Kernel 2.6.32 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit
Linux Kernel 3.8.x - open-time Capability file_ns_capable() Privilege Escalation
Linux Kernel < 3.8.x - open-time Capability file_ns_capable() Privilege Escalation
OSX <= 10.8.4 - Local Root Privilege Escalation (py)
OSX <= 10.8.4 - Local Privilege Escalation (Python)
Moodle 2.3.8_ 2.4.5 - Multiple Vulnerabilities
Moodle 2.3.8/2.4.5 - Multiple Vulnerabilities
IBM AIX 6.1 / 7.1 - Local Root Privilege Escalation
IBM AIX 6.1 / 7.1 - Local Privilege Escalation
glibc and eglibc 2.5_ 2.7_ 2.13 - Buffer Overflow Vulnerability
glibc and eglibc 2.5/2.7/2.13 - Buffer Overflow Vulnerability
StatusNet/Laconica 0.7.4_ 0.8.2_ 0.9.0beta3 - Arbitrary File Reading
StatusNet/Laconica 0.7.4/0.8.2/0.9.0beta3 - Arbitrary File Reading
Links_ ELinks 'smbclient' Remote Command Execution Vulnerability
Links_ ELinks 'smbclient' - Remote Command Execution Vulnerability
Flyspray 0.9.9 - Information Disclosure_ HTML Injection and Cross-Site Scripting Vulnerabilities
Flyspray 0.9.9 - Information Disclosure/HTML Injection/Cross-Site Scripting
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - Local Root (CONFIG_X86_X32=y)
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - 'CONFIG_X86_X32=y' Local Root Exploit
Symantec Endpoint Protection Manager 11.0_ 12.0_ 12.1 - Remote Command Execution Exploit
Symantec Endpoint Protection Manager 11.0/12.0/12.1 - Remote Command Execution Exploit
ownCloud 4.0.x_ 4.5.x (upload.php filename param) - Remote Code Execution
ownCloud 4.0.x/4.5.x (upload.php filename param) - Remote Code Execution
Procentia IntelliPen 1.1.12.1520 (Data.aspx_ value param) - Blind SQL Injection
Vtiger CRM 5.4.0_ 6.0 RC_ 6.0.0 GA (browse.php file param) - Local File Inclusion
Procentia IntelliPen 1.1.12.1520 - data.aspx Blind SQL Injection
Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA (browse.php file param) - Local File Inclusion
Haihaisoft HUPlayer 1.0.4.8 - (.m3u_ .pls_ .asx) Buffer Overflow (SEH)
Haihaisoft Universal Player 1.5.8 - (.m3u_ .pls_ .asx) Buffer Overflow (SEH)
Haihaisoft HUPlayer 1.0.4.8 - (.m3u/.pls/.asx) Buffer Overflow (SEH)
Haihaisoft Universal Player 1.5.8 - (.m3u/.pls/.asx) Buffer Overflow (SEH)
JIRA Issues Collector Directory Traversal
JIRA Issues Collector - Directory Traversal
CMSimple 4.4_ 4.4.2 - Remote File Inclusion
CMSimple 4.4/4.4.2 - Remote File Inclusion
Core FTP Server 1.2_ build 535_ 32-bit - Crash PoC
Core FTP Server 1.2 build 535 32-bit - Crash PoC
Samba <= 3.4.5 - Symlink Directory Traversal Vulnerability (C)
Samba <= 3.4.5 - Symlink Directory Traversal Vulnerability
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR_ DEP & EMET 4.1.x Bypass (MS12-037)
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP + EMET 4.1.x Bypass (MS12-037)
Linux Kernel < 3.2.0-23 (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation
Linux Kernel < 3.2.0-23 (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation
Symantec Endpoint Protection 11.x_ 12.x - Kernel Pool Overflow
Symantec Endpoint Protection 11.x/12.x - Kernel Pool Overflow
Linux Kernel 3.16.1 - Remount FUSE Exploit
Linux Kernel < 3.16.1 - Remount FUSE Local Root Exploit
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR_ DEP & EMET 5.0 Bypass (MS12-037)
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP + EMET 5.0 Bypass (MS12-037)
Rejetto HTTP File Server (HFS) 2.3a_ 2.3b_ 2.3c - Remote Command Execution
Rejetto HTTP File Server (HFS) 2.3a/2.3b/2.3c - Remote Command Execution
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR_ DEP & EMET 5.1 Bypass (MS12-037)
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP + EMET 5.1 Bypass (MS12-037)
Mac OS X - IOKit Keyboard Driver Root Privilege Escalation
Mac OS X - IOKit Keyboard Driver Privilege Escalation
Liferay Portal 7.0.0 M1_ 7.0.0 M2_ 7.0.0 M3 - Pre-Auth RCE
Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Auth RCE
vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion_ SQL Injection & XSS
vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion/SQL Injection/XSS
MalwareBytes Anti-Exploit 1.03.1.1220_ 1.04.1.1012 Out-of-bounds Read DoS
MalwareBytes Anti-Exploit 1.03.1.1220/1.04.1.1012 Out-of-bounds Read DoS
JBoss AS 3_ 4_ 5_ 6 - Remote Command Execution
JBoss AS 3/4/5/6 - Remote Command Execution
Mac OS X < 10.7.5_ 10.8.2_ 10.9.5 10.10.2 - rootpipe Local Privilege Escalation
Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - rootpipe Local Privilege Escalation
Alienvault OSSIM/USM 4.14_ 4.15_ and 5.0 - Multiple Vulnerabilities
Alienvault OSSIM/USM 4.14/4.15/5.0 - Multiple Vulnerabilities
Pandora FMS 5.0_ 5.1 - Authentication Bypass
Pandora FMS 5.0/5.1 - Authentication Bypass
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shell)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root Shell
Cisco AnyConnect Secure Mobility 2.x_ 3.x_ 4.x - Client DoS PoC
Cisco AnyConnect Secure Mobility 2.x/3.x/4.x - Client DoS PoC
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shadow File)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Privilege Escalation (Access /etc/shadow)
Orchard CMS 1.7.3_ 1.8.2_ 1.9.0 - Stored XSS Vulnerability
Orchard CMS 1.7.3/1.8.2/1.9.0 - Stored XSS Vulnerability
Ubuntu 14.04 NetKit FTP Client - Crash/DoS PoC
NetKit FTP Client (Ubuntu 14.04) - Crash/DoS PoC
Interspire Email Marketer Cross Site Scripting_ HTML Injection_ and SQL Injection Vulnerabilities
Interspire Email Marketer - (Cross Site Scripting/HTML Injection/SQL Injection) Multiple Vulnerabilities
BigDump Cross Site Scripting_ SQL Injection_ and Arbitrary File Upload Vulnerabilities
BigDump - (Cross Site Scripting/SQL Injection/Arbitrary File Upload) Multiple Vulnerabilities
Elastix < 2.5 _ PHP Code Injection Exploit
Elastix < 2.5 - PHP Code Injection Exploit
Microsoft Office Excel 2007_ 2010_ 2013 - BIFFRecord Use-After-Free
Microsoft Office Excel 2007/2010/2013 - BIFFRecord Use-After-Free
OS X Regex Engine (TRE) - Integer Signedness and Overflow Issues
OS X Regex Engine (TRE) - (Integer Signedness and Overflow) Multiple Vulnerabilities
Linux Kernel 3.3.5 - 'CLONE_NEWUSER|CLONE_FS' Local Privilege Escalation Vulnerability
Linux Kernel 3.0 < 3.3.5 - 'CLONE_NEWUSER|CLONE_FS' Local Privilege Escalation Vulnerability
Linux Kernel <=4.3.3 (Ubuntu 14.04_ 15.10) - overlayfs Local Root Exploit
Linux Kernel <= 4.3.3 (Ubuntu 14.04/15.10) - overlayfs Local Root Exploit
Exim < 4.86.2 - Local Root Privilege Escalation
Exim < 4.86.2 - Local Privilege Escalation
RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - snd-usb-audio Crash PoC
RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - iowarrior driver Crash PoC
Linux Kernel 3.10.0-229.x (RHEL 7.1. CentOS) - snd-usb-audio Crash PoC
Linux Kernel 3.10.0-229.x (RHEL 7.1. CentOS) - iowarrior driver Crash PoC
Trend Micro Deep Discovery Inspector 3.8_ 3.7 - CSRF Vulnerabilities
Trend Micro Deep Discovery Inspector 3.8/3.7 - CSRF Vulnerabilities
FireEye - Privilege Escalation to root from Malware Input Processor (uid=mip)
FireEye - Malware Input Processor (uid=mip) Privilege Escalation Exploit
Novell Service Desk 7.1.0_ 7.0.3 and 6.5 - Multiple Vulnerabilities
Novell Service Desk 7.1.0/7.0.3 and 6.5 - Multiple Vulnerabilities
Internet Explorer 9_ 10_ 11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)
Internet Explorer 9/10/11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)
Linux (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow)
Linux Kernel (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow)
Linux (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps
Linux Kernel (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps
Android Broadcom Wi-Fi Driver - Memory Corruption
CIScan 1.00 - Hostname/IP Field SEH Overwrite PoC
FileZilla FTP Client 3.17.0.0 - Unquoted Path Privilege Escalation
Intuit QuickBooks Desktop 2007 - 2016 - Arbitrary Code Execution
2016-05-12 05:03:21 +00:00
Offensive Security
52e862d62a
DB: 2016-05-11
...
9 new exploits
Linux Kernel 2.2.x - 2.4.x - ptrace/kmod Local Root Exploit
Linux Kernel 2.2.x / 2.4.x (Redhat) - ptrace/kmod Local Root Exploit
Sendmail <= 8.12.8 prescan() BSD Remote Root Exploit
Sendmail <= 8.12.8 - prescan() BSD Remote Root Exploit
Gopherd <= 3.0.5 FTP Gateway Remote Overflow Exploit
Gopherd <= 3.0.5 - FTP Gateway Remote Overflow Exploit
mIRC 6.1 - _IRC_ Protocol Remote Buffer Overflow Exploit
mIRC 6.1 - 'IRC' Protocol Remote Buffer Overflow Exploit
Apache mod_gzip (with debug_mode) <= 1.2.26.1a Remote Exploit
Apache mod_gzip (with debug_mode) <= 1.2.26.1a - Remote Exploit
Linux Kernel 2.4.22 - _do_brk()_ Local Root Exploit (PoC)
Linux Kernel 2.4.22 - 'do_brk()' Local Root Exploit (Proof of Concept)
Linux Kernel <= 2.4.22 - (do_brk) Local Root Exploit (working)
Linux Kernel <= 2.4.22 - 'do_brk' Local Root Exploit
Xsok 1.02 - _-xsokdir_ Local Buffer Overflow Game Exploit
Linux Kernel <= 2.4.23 / <= 2.6.0 - _do_mremap_ Local Proof of Concept (1)
Linux Kernel <= 2.4.23 / <= 2.6.0 - _do_mremap_ Local Proof of Concept (2)
Xsok 1.02 - '-xsokdir' Local Buffer Overflow Game Exploit
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (1)
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'do_mremap' Local Proof of Concept (2)
Linux Kernel <= 2.4.23 / <= 2.6.0 - mremap() Bound Checking Root Exploit
Linux Kernel <= 2.4.23 / <= 2.6.0 - 'mremap()' Bound Checking Root Exploit
Serv-U FTPD 3.x/4.x _SITE CHMOD_ Command Remote Exploit
Serv-U FTPD 3.x/4.x- 'SITE CHMOD' Command Remote Exploit
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - _mremap()_ Local Proof-of-Concept (2)
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Local Proof of Concept (2)
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - _mremap()_ Missing _do_munmap_ Exploit
Red Faction <= 1.20 Server Reply Remote Buffer Overflow Exploit
Linux Kernel <= 2.2.25 / <= 2.4.24 / <= 2.6.2 - 'mremap()' Missing 'do_munmap' Exploit
Red Faction <= 1.20 - Server Reply Remote Buffer Overflow Exploit
eMule <= 0.42d IRC Remote Buffer Overflow Exploit
eMule <= 0.42d - IRC Remote Buffer Overflow Exploit
GnomeHack Local Buffer Overflow Exploit (gid=games)
GnomeHack - Local Buffer Overflow Exploit (gid=games)
Kwintv Local Buffer Overflow Exploit (gid=video(33))
Kwintv - Local Buffer Overflow Exploit (gid=video(33))
Redhat 6.1 man Local Exploit (egid 15)
Redhat 6.1 man - Local Exploit (egid 15)
Linux Kernel <= 2.6.3 - (setsockopt) Local Denial of Service Exploit
Linux Kernel <= 2.6.3 - 'setsockopt' Local Denial of Service Exploit
Linux Kernel 2.4.x - 2.6.x - Assembler Inline Function Local DoS Exploit
rlpr <= 2.04 msg() Remote Format String Exploit
MPlayer <= 1.0pre4 GUI filename handling Overflow Exploit
Linux Kernel 2.4.x / 2.6.x - Assembler Inline Function Local DoS Exploit
rlpr <= 2.04 - msg() Remote Format String Exploit
MPlayer <= 1.0pre4 GUI - filename handling Overflow Exploit
Samba <= 3.0.4 SWAT Authorization Buffer Overflow Exploit
Samba <= 3.0.4 - SWAT Authorization Buffer Overflow Exploit
OpenFTPD <= 0.30.1 (message system) Remote Shell Exploit
OpenFTPD <= 0.30.1 - (message system) Remote Shell Exploit
Linux Kernel - File Offset Pointer Handling Memory Disclosure Exploit
Linux Kernel <= 2.4.26- File Offset Pointer Handling Memory Disclosure Exploit
Ollydbg <= 1.10 Format String Bug
Ollydbg <= 1.10 - Format String Bug
Mac OS X <= 10.3.3 AppleFileServer Remote Root Overflow Exploit
Remote CVS <= 1.11.15 (error_prog_name) Remote Exploit
LibPNG <= 1.2.5 png_jmpbuf() Local Buffer Overflow Exploit
Mac OS X <= 10.3.3 - AppleFileServer Remote Root Overflow Exploit
Remote CVS <= 1.11.15 - (error_prog_name) Remote Exploit
LibPNG <= 1.2.5 - png_jmpbuf() Local Buffer Overflow Exploit
AOL Instant Messenger AIM _Away_ Message Local Exploit
AOL Instant Messenger AIM - 'Away' Message Local Exploit
Ground Control <= 1.0.0.7 (Server/Client) Denial of Service Exploit
Ground Control <= 1.0.0.7 - (Server/Client) Denial of Service Exploit
AOL Instant Messenger AIM _Away_ Message Remote Exploit
AOL Instant Messenger AIM - 'Away' Message Remote Exploit (2)
Silent Storm Portal Multiple Vulnerabilities
Silent Storm Portal - Multiple Vulnerabilities
YahooPOPs <= 1.6 SMTP Port Buffer Overflow Exploit
YahooPOPs <= 1.6 - SMTP Port Buffer Overflow Exploit
Monit <= 4.2 Basic Authentication Remote Root Exploit
Monit <= 4.2 - Basic Authentication Remote Root Exploit
YahooPOPs <= 1.6 SMTP Remote Buffer Overflow Exploit
YahooPOPs <= 1.6 - SMTP Remote Buffer Overflow Exploit
Ability Server <= 2.34 (APPE) Remote Buffer Overflow Exploit
Ability Server <= 2.34 - (APPE) Remote Buffer Overflow Exploit
Chatman <= 1.5.1 RC1 Broadcast Crash Exploit
Flash Messaging <= 5.2.0g Remote Denial of Service Exploit
Chatman <= 1.5.1 RC1 - Broadcast Crash Exploit
Flash Messaging <= 5.2.0g - Remote Denial of Service Exploit
CoffeeCup FTP Clients (Direct <= 6.2.0.62) (Free <= 3.0.0.10) BoF Exploit
Halo <= 1.05 Broadcast Client Crash Exploit
CoffeeCup FTP Clients (Direct <= 6.2.0.62) (Free <= 3.0.0.10) - BoF Exploit
Halo <= 1.05 - Broadcast Client Crash Exploit
Soldier of Fortune II <= 1.3 Server/Client Denial of Service Exploit
Soldier of Fortune II <= 1.3 Server/Client - Denial of Service Exploit
Star Wars Battlefront <= 1.1 Fake Players Denial of Service Exploit
Star Wars Battlefront <= 1.1 - Fake Players Denial of Service Exploit
PHP <= 4.3.7/ 5.0.0RC3 memory_limit Remote Exploit
PHP <= 4.3.7/ 5.0.0RC3 - memory_limit Remote Exploit
WS_FTP Server <= 5.03 MKD Remote Buffer Overflow Exploit
WS_FTP Server <= 5.03 - MKD Remote Buffer Overflow Exploit
Jana Server <= 2.4.4 (http/pna) Denial of Service Exploit
Jana Server <= 2.4.4 - (http/pna) Denial of Service Exploit
Kreed <= 1.05 Format String and Denial of Service Exploit
Kreed <= 1.05 - Format String and Denial of Service Exploit
Codename Eagle <= 1.42 Socket Unreacheable DoS Exploit
Codename Eagle <= 1.42 - Socket Unreacheable DoS Exploit
Linux Kernel <= 2.6.9 / 2.4.22-28 - (igmp.c) Local Denial of Service Exploit
Linux Kernel <= 2.6.9 / 2.4.22-28 - 'igmp.c' Local Denial of Service Exploit
WinRAR <= 3.4.1 Corrupt ZIP File Vulnerability PoC
Cscope <= 15.5 Symlink Vulnerability Exploit
WinRAR <= 3.4.1 - Corrupt ZIP File Vulnerability PoC
Cscope <= 15.5 - Symlink Vulnerability Exploit
Linux Kernel 2.6.x - chown() Group Ownership Alteration Exploit
Linux Kernel 2.6.x (Slackware 9.1/ Debian 3.0) - chown() Group Ownership Alteration Exploit
Netcat 1.1 - _-e_ Switch Remote Buffer Overflow Exploit
PHP <= 4.3.7 openlog() Buffer Overflow Exploit
Netcat 1.1 - '-e' Switch Remote Buffer Overflow Exploit
PHP <= 4.3.7 - openlog() Buffer Overflow Exploit
phpBB <= 2.0.10 Bot Install (Altavista) (ssh.D.Worm)
phpBB <= 2.0.10 - Bot Install (Altavista) (ssh.D.Worm)
Gore <= 1.50 Socket Unreacheable Denial of Service Exploit
Gore <= 1.50 - Socket Unreacheable Denial of Service Exploit
Exim <= 4.41 dns_build_reverse Local Exploit PoC
Exim <= 4.41 - dns_build_reverse Local Exploit PoC
Peer2Mail <= 1.4 Encrypted Password Dumper Exploit
Peer2Mail <= 1.4 - Encrypted Password Dumper Exploit
Mac OS X <= 10.3.7 Input Validation Flaw parse_machfile() DoS
Mac OS X <= 10.3.7 - Input Validation Flaw parse_machfile() DoS
Xpand Rally <= 1.0.0.0 (Server/Clients) Crash Exploit
Xpand Rally <= 1.0.0.0 (Server/Clients) - Crash Exploit
Painkiller <= 1.35 in-game cd-key alpha-numeric Buffer Overflow Exploit
Painkiller <= 1.35 - in-game cd-key alpha-numeric Buffer Overflow Exploit
Armagetron Advanced <= 0.2.7.0 Server Crash Exploit
Armagetron Advanced <= 0.2.7.0 - Server Crash Exploit
MercuryBoard <= 1.1.1 Working SQL Injection
MercuryBoard <= 1.1.1 - SQL Injection
GNU a2ps _Anything to PostScript_ Local Exploit (not suid)
GNU a2ps - 'Anything to PostScript' Local Exploit (Not SUID)
vBulletin <= 3.0.4 - _forumdisplay.php_ Code Execution
vBulletin <= 3.0.4 - 'forumdisplay.php' Code Execution (1)
vBulletin <= 3.0.4 - _forumdisplay.php_ Code Execution (part 2)
Serv-U 4.x _site chmod_ Remote Buffer Overflow Exploit
vBulletin <= 3.0.4 - 'forumdisplay.php' Code Execution (2)
Serv-U 4.x - 'site chmod' Remote Buffer Overflow Exploit
3Com 3CDaemon FTP Unauthorized _USER_ Remote BoF Exploit
3Com 3CDaemon FTP - Unauthorized 'USER' Remote BoF Exploit
vBulletin <= 3.0.6 php Code Injection
vBulletin <= 3.0.6 - PHP Code Injection
Soldier of Fortune 2 <= 1.03 - _cl_guid_ - Server Crash
Soldier of Fortune 2 <= 1.03 - 'cl_guid' - Server Crash
Knet <= 1.04c Buffer Overflow Denial of Service Exploit
Knet <= 1.04c - Buffer Overflow Denial of Service Exploit
Scrapland <= 1.0 Server Termination Denial of Service Exploit
Scrapland <= 1.0 - Server Termination Denial of Service Exploit
Apache <= 2.0.52 HTTP GET request Denial of Service Exploit
Nokia Symbian 60 (Bluetooth Nickname) Remote Restart (update)
Apache <= 2.0.52 - HTTP GET request Denial of Service Exploit
Nokia Symbian 60 (Bluetooth Nickname) Remote Restart (2)
Microsoft Internet Explorer _mshtml.dll_ CSS Parsing Buffer Overflow
Microsoft Internet Explorer - 'mshtml.dll' CSS Parsing Buffer Overflow
Ethereal <= 0.10.9 - _3G-A11_ - Remote Buffer Overflow Exploit (2)
Ethereal <= 0.10.9 - '3G-A11' Remote Buffer Overflow Exploit (Windows)
Ethereal <= 0.10.9 - _3G-A11_ Remote Buffer Overflow Exploit
Ethereal <= 0.10.9 - '3G-A11' Remote Buffer Overflow Exploit (Linux)
PHP-Nuke 6.x - 7.6 Top module Remote SQL Injection Exploit (working)
PHP-Nuke 6.x - 7.6 Top module - Remote SQL Injection Exploit
HP-UX FTPD <= 1.1.214.4 - _REST_ Remote Brute Force Exploit
HP-UX FTPD <= 1.1.214.4 - 'REST' Remote Brute Force Exploit
Invision Power Board <= 2.0.3 Login.PHP SQL Injection Exploit
Invision Power Board <= 2.0.3 Login.PHP SQL Injection (tutorial)
Invision Power Board <= 2.0.3 - Login.PHP SQL Injection Exploit
Invision Power Board <= 2.0.3 - Login.PHP SQL Injection (tutorial)
phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (perl)
phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php)
phpStat <= 1.5 (setup.php) Authentication Bypass Exploit (php 2)
phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (Perl)
phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (1)
phpStat <= 1.5 - (setup.php) Authentication Bypass Exploit (PHP) (2)
Ethereal <= 0.10.10 (SIP) Protocol Dissector Remote BoF Exploit
MyBulletinBoard (MyBB) <= 1.00 RC4 SQL Injection Exploit
Ethereal <= 0.10.10 - (SIP) Protocol Dissector Remote BoF Exploit
MyBulletinBoard (MyBB) <= 1.00 RC4 - SQL Injection Exploit
Microsoft Internet Explorer - javascript _window()_ Crash
Microsoft Internet Explorer - javascript 'window()' Crash
Kaspersky AntiVirus - _klif.sys_ Privilege Escalation Vulnerability
Kaspersky AntiVirus - 'klif.sys' Privilege Escalation Vulnerability
Invision Power Board <= 1.3.1 Login.PHP SQL Injection (working)
Invision Power Board <= 1.3.1 - Login.PHP SQL Injection
WordPress <= 1.5.1.1 - _add new admin_ SQL Injection Exploit
WordPress <= 1.5.1.1 - 'add new admin' SQL Injection Exploit
Mozilla Firefox <= 1.0.4 - _Set As Wallpaper_ Code Execution Exploit
Mozilla Firefox <= 1.0.4 - 'Set As Wallpaper' Code Execution Exploit
Scorched 3D <= 39.1 - Multiple Vulnerabilities (All-in-One) (PoC)
Scorched 3D <= 39.1 - Multiple Vulnerabilities (PoC)
XOOPS (wfdownloads) 2.05 Module Multiple Vulnerabilities Exploit
XOOPS (wfdownloads) 2.05 Module - Multiple Vulnerabilities
Linux Kernel <= 2.6.11 - 'k-rad3.c' (CPL 0) Local Root Exploit
Linux Kernel <= 2.6.9 / <= 2.6.11 (RHEL4) - 'k-rad3.c' (CPL 0) Local Root Exploit
Alien Arena 2006 Gold Edition <= 5.00 - Multiple Vulnerabilities Exploit
Alien Arena 2006 Gold Edition <= 5.00 - Multiple Vulnerabilities
nodez <= 4.6.1.1 mercury Multiple Vulnerabilities
nodez <= 4.6.1.1 mercury - Multiple Vulnerabilities
gCards <= 1.45 - Multiple Vulnerabilities All-In-One Exploit
gCards <= 1.45 - Multiple Vulnerabilities
Mambo <= 4.5.3 & Joomla <= 1.0.7 - (feed) Path Disclosure / Denial of Service Exploit
Mambo <= 4.5.3 & Joomla <= 1.0.7 - (feed) Path Disclosure and Denial of Service Exploit
OpenTTD <= 0.4.7 - (multiple vulnerabilities) Denial of Service Exploit
OpenTTD <= 0.4.7 - Multiple Vulnerabilities/Denial of Service Exploit
Apple Mac OS X Safari <= 2.0.3 (417.9.2) Multiple Vulnerabilities PoC
Apple Mac OS X Safari <= 2.0.3 (417.9.2) - Multiple Vulnerabilities (PoC)
PHP-Fusion <= 6.00.306 - Multiple Vulnerabilities Exploit
PHP-Fusion <= 6.00.306 - Multiple Vulnerabilities
outgun <= 1.0.3 bot 2 - Multiple Vulnerabilities Exploit
outgun <= 1.0.3 bot 2 - Multiple Vulnerabilities
raydium <= svn 309 - Multiple Vulnerabilities Exploit
raydium <= svn 309 - Multiple Vulnerabilities
PunkBuster < 1.229 (WebTool Service) Remote Buffer Overflow DoS
PunkBuster < 1.229 - (WebTool Service) Remote Buffer Overflow DoS
Ultimate PHP Board <= 1.96 GOLD Multiple Vulnerabilities Exploit
Ultimate PHP Board <= 1.96 GOLD - Multiple Vulnerabilities
Light Blog Remote Multiple Vulnerabilities Exploit
Light Blog Remote - Multiple Vulnerabilities
Apple Airport - 802.11 Probe Response Kernel Memory Corruption PoC
Apple Airport - 802.11 Probe Response Kernel Memory Corruption Proof of Concept
contentnow 1.30 (local/upload/delete) Multiple Vulnerabilities
contentnow 1.30 - (local/upload/delete) Multiple Vulnerabilities
contentnow 1.30 (upload/XSS) Multiple Vulnerabilities
contentnow 1.30 - (Upload/XSS) Multiple Vulnerabilities
torrentflux <= 2.2 (create/exec/delete) Multiple Vulnerabilities
torrentflux <= 2.2 - (create/exec/delete) Multiple Vulnerabilities
Messagerie Locale (centre.php) Remote File Inclusion Vulnerability
Site News (centre.php) Remote File Inclusion Vulnerability
Messagerie Locale (centre.php) - Remote File Inclusion Vulnerability
Site News (centre.php) - Remote File Inclusion Vulnerability
kubix <= 0.7 - Multiple Vulnerabilities Exploit
kubix <= 0.7 - Multiple Vulnerabilities
BBS E-Market Professional (Path Disclosure/Include) Multiple Vulnerabilities
BBS E-Market Professional - (Path Disclosure/Include) Multiple Vulnerabilities
F-Prot Antivirus 4.6.6 (ACE) Denial of Service Exploit
F-Prot Antivirus 4.6.6 - (ACE) Denial of Service Exploit
open newsletter <= 2.5 - Multiple Vulnerabilities Exploit (update)
open newsletter <= 2.5 - Multiple Vulnerabilities (2)
eNdonesia 8.4 (mod.php/friend.php/admin.php) Multiple Vulnerabilities
eNdonesia 8.4 - (mod.php/friend.php/admin.php) Multiple Vulnerabilities
php-update <= 2.7 - Multiple Vulnerabilities Exploit
php-update <= 2.7 - Multiple Vulnerabilities
ig shop 1.0 (eval/SQL Injection) Multiple Vulnerabilities
ig shop 1.0 - (eval/SQL Injection) Multiple Vulnerabilities
QUOTE&ORDERING SYSTEM 1.0 (ordernum) Multiple Vulnerabilities
QUOTE&ORDERING SYSTEM 1.0 - (ordernum) Multiple Vulnerabilities
vp-asp shopping cart 6.09 (SQL/XSS) Multiple Vulnerabilities
vp-asp shopping cart 6.09 - (SQL/XSS) Multiple Vulnerabilities
Aztek Forum 4.0 - Multiple Vulnerabilities Exploit
Aztek Forum 4.0 - Multiple Vulnerabilities
otscms <= 2.1.5 (SQL/XSS) Multiple Vulnerabilities
otscms <= 2.1.5 - (SQL/XSS) Multiple Vulnerabilities
uTorrent 1.6 build 474 (announce) Key Remote Heap Overflow Exploit
uTorrent 1.6 build 474 - (announce) Key Remote Heap Overflow Exploit
Connectix Boards <= 0.7 (p_skin) Multiple Vulnerabilities Exploit
Connectix Boards <= 0.7 - (p_skin) Multiple Vulnerabilities
qdblog 0.4 (SQL Injection/LFI) Multiple Vulnerabilities
qdblog 0.4 - (SQL Injection/LFI) Multiple Vulnerabilities
Censura 1.15.04 (censura.php vendorid) SQL Injection Vulnerability
Censura 1.15.04 - (censura.php vendorid) SQL Injection Vulnerability
runawaysoft haber portal 1.0 (tr) Multiple Vulnerabilities
runawaysoft haber portal 1.0 - (tr) Multiple Vulnerabilities
netclassifieds (SQL/XSS/full path) Multiple Vulnerabilities
netclassifieds - (SQL/XSS/full path) Multiple Vulnerabilities
bugmall shopping cart 2.5 (SQL/XSS) Multiple Vulnerabilities
bugmall shopping cart 2.5 - (SQL/XSS) Multiple Vulnerabilities
Linux Kernel < 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak PoC
Linux Kernel < 2.6.20.2 - IPv6_Getsockopt_Sticky Memory Leak Proof of Concept
Pictures Rating (index.php msgid) Remote SQL Injection Vulnerbility
Pictures Rating - (index.php msgid) Remote SQL Injection Vulnerbility
Joomla Component Nice Talk <= 0.9.3 (tagid) SQL Injection Vulnerability
Joomla Component Nice Talk <= 0.9.3 - (tagid) SQL Injection Vulnerability
Xitami Web Server 2.5 (If-Modified-Since) Remote BoF Exploit (0day)
Xitami Web Server 2.5 - (If-Modified-Since) Remote BoF Exploit (0day)
Linux Kernel 2.4/2.6 - x86-64 System Call Emulation Exploit
Linux Kernel 2.4 / 2.6 x86-64 - System Call Emulation Exploit
else if CMS 0.6 - Multiple Vulnerabilities / Exploit
else if CMS 0.6 - Multiple Vulnerabilities
Php-Stats 0.1.9.2 - Multiple Vulnerabilities Exploit
Php-Stats 0.1.9.2 - Multiple Vulnerabilities
Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow PoC
Apple Mac OS X 10.4.x Kernel - i386_set_ldt() Integer Overflow Proof of Concept
WorkingOnWeb 2.0.1400 events.php Remote SQL Injection Vulnerability
WorkingOnWeb 2.0.1400 - events.php Remote SQL Injection Vulnerability
Apple Mac OS X xnu <= 1228.0 - mach-o Local Kernel Denial of Service PoC
Apple Mac OS X xnu <= 1228.0 - mach-o Local Kernel Denial of Service Proof of Concept
portalapp 4.0 (SQL/XSS/auth bypasses) Multiple Vulnerabilities
portalapp 4.0 - (SQL/XSS/auth bypasses) Multiple Vulnerabilities
evilboard 0.1a (SQL/XSS) Multiple Vulnerabilities
evilboard 0.1a - (SQL/XSS) Multiple Vulnerabilities
Evilsentinel <= 1.0.9 (multiple vulnerabilities) Disable Exploit
Evilsentinel <= 1.0.9 - (Multiple Vulnerabilities) Disable Exploit
blogcms 4.2.1b (SQL/XSS) Multiple Vulnerabilities
blogcms 4.2.1b - (SQL/XSS) Multiple Vulnerabilities
bloofox 0.3 (SQL/fd) Multiple Vulnerabilities
bloofox 0.3 - (SQL/fd) Multiple Vulnerabilities
Liquid-Silver CMS 0.1 (update) Local File Inclusion Vulnerability
Liquid-Silver CMS 0.1 - (update) Local File Inclusion Vulnerability
simple forum 3.2 (fd/XSS) Multiple Vulnerabilities
simple forum 3.2 - (fd/XSS) Multiple Vulnerabilities
Mambo Component Sermon 0.2 (gid) SQL Injection Vulnerability
Mambo Component Sermon 0.2 - (gid) SQL Injection Vulnerability
Philips VOIP841 (Firmware <= 1.0.4.800) Multiple Vulnerabilities
Philips VOIP841 - (Firmware <= 1.0.4.800) Multiple Vulnerabilities
pigyard art gallery Multiple Vulnerabilities
pigyard art gallery - Multiple Vulnerabilities
XOOPS Module Gallery 0.2.2 (gid) Remote SQL Injection Vulnerability
XOOPS Module My_eGallery 3.04 (gid) SQL Injection Vulnerability
XOOPS Module Gallery 0.2.2 - (gid) Remote SQL Injection Vulnerability
XOOPS Module My_eGallery 3.04 - (gid) SQL Injection Vulnerability
easycalendar <= 4.0tr Multiple Vulnerabilities
easygallery <= 5.0tr Multiple Vulnerabilities
easycalendar <= 4.0tr - Multiple Vulnerabilities
easygallery <= 5.0tr - Multiple Vulnerabilities
Nuked-Klan <= 1.7.6 - Multiple Vulnerabilities Exploit
Nuked-Klan <= 1.7.6 - Multiple Vulnerabilities
RedDot CMS 7.5 (LngId) Remote SQL Injection Exploit
RedDot CMS 7.5 - (LngId) Remote SQL Injection Exploit
minibb 2.2 (css/SQL/fpd) Multiple Vulnerabilities
minibb 2.2 - (css/SQL/fpd) Multiple Vulnerabilities
siteman 2.x (exec/LFI/XSS) Multiple Vulnerabilities
siteman 2.x - (exec/LFI/XSS) Multiple Vulnerabilities
megabbs forum 2.2 (SQL/XSS) Multiple Vulnerabilities
megabbs forum 2.2 - (SQL/XSS) Multiple Vulnerabilities
Joomla Component paxxgallery 0.2 (gid) Blind SQL Injection Exploit
Joomla Component paxxgallery 0.2 - (gid) Blind SQL Injection Exploit
cplinks 1.03 (bypass/SQL/xxs) Multiple Vulnerabilities
cplinks 1.03 - (bypass/SQL/xxs) Multiple Vulnerabilities
deluxebb <= 1.2 - Multiple Vulnerabilities Exploit
deluxebb <= 1.2 - Multiple Vulnerabilities
Phoenix View CMS <= Pre Alpha2 (SQL/LFI/XSS) Multiple Vulnerabilities
Phoenix View CMS <= Pre Alpha2 - (SQL/LFI/XSS) Multiple Vulnerabilities
Ktools PhotoStore <= 3.5.1 (gallery.php gid) SQL Injection Vulnerability
Ktools PhotoStore <= 3.5.1 - (gallery.php gid) SQL Injection Vulnerability
idautomation bar code ActiveX Multiple Vulnerabilities
idautomation bar code ActiveX - Multiple Vulnerabilities
ecms 0.4.2 (SQL/pb) Multiple Vulnerabilities
Mantis Bug Tracker 1.1.1 (CE/XSS/CSRF) Multiple Vulnerabilities
ecms 0.4.2 - (SQL/pb) Multiple Vulnerabilities
Mantis Bug Tracker 1.1.1 - (CE/XSS/CSRF) Multiple Vulnerabilities
mebiblio 0.4.7 (SQL/upload/XSS) Multiple Vulnerabilities
mebiblio 0.4.7 - (SQL/upload/XSS) Multiple Vulnerabilities
smeweb 1.4b (SQL/XSS) Multiple Vulnerabilities
smeweb 1.4b - (SQL/XSS) Multiple Vulnerabilities
PHP-Address Book <= 3.1.5 (SQL/XSS) Multiple Vulnerabilities
PHP-Address Book <= 3.1.5 - (SQL/XSS) Multiple Vulnerabilities
427bb 2.3.1 (SQL/XSS) Multiple Vulnerabilities
427bb 2.3.1 - (SQL/XSS) Multiple Vulnerabilities
Black Ice Software Inc Barcode SDK (BIDIB.ocx) Multiple Vulnerabilities
Black Ice Software Inc Barcode SDK - (BIDIB.ocx) Multiple Vulnerabilities
real estate Web site 1.0 (SQL/XSS) Multiple Vulnerabilities
telephone directory 2008 (SQL/XSS) Multiple Vulnerabilities
real estate Web site 1.0 - (SQL/XSS) Multiple Vulnerabilities
telephone directory 2008 - (SQL/XSS) Multiple Vulnerabilities
gravity board x 2.0 beta (SQL/XSS) Multiple Vulnerabilities
gravity board x 2.0 beta - (SQL/XSS) Multiple Vulnerabilities
butterfly organizer 2.0.0 (SQL/XSS) Multiple Vulnerabilities
butterfly organizer 2.0.0 - (SQL/XSS) Multiple Vulnerabilities
doITlive CMS <= 2.50 (SQL Injection/XSS) Multiple Vulnerabilities
doITlive CMS <= 2.50 - (SQL Injection/XSS) Multiple Vulnerabilities
ownrs blog beta3 (SQL/XSS) Multiple Vulnerabilities
ownrs blog beta3 - (SQL/XSS) Multiple Vulnerabilities
sitexs CMS 0.1.1 (upload/XSS) Multiple Vulnerabilities
sitexs CMS 0.1.1 - (upload/XSS) Multiple Vulnerabilities
shibby shop <= 2.2 (SQL/update) Multiple Vulnerabilities
shibby shop <= 2.2 - (SQL/update) Multiple Vulnerabilities
polypager <= 1.0rc2 (SQL/XSS) Multiple Vulnerabilities
polypager <= 1.0rc2 - (SQL/XSS) Multiple Vulnerabilities
otmanager CMS 24a (LFI/XSS) Multiple Vulnerabilities
w1l3d4 philboard 1.2 (blind sql/XSS) Multiple Vulnerabilities
otmanager CMS 24a - (LFI/XSS) Multiple Vulnerabilities
w1l3d4 philboard 1.2 - (blind sql/XSS) Multiple Vulnerabilities
Thelia 1.3.5 - Multiple Vulnerabilities Exploit
Thelia 1.3.5 - Multiple Vulnerabilities
contentnow 1.4.1 (upload/XSS) Multiple Vulnerabilities
contentnow 1.4.1 - (upload/XSS) Multiple Vulnerabilities
trixbox (langChoice) - Local File Inclusion Exploit (connect-back) (2)
trixbox - (langChoice) Local File Inclusion Exploit (connect-back) (2)
Trixbox 2.6.1 - (langChoice) Remote Root Exploit (py)
Trixbox 2.6.1 - (langChoice) Remote Root Exploit (Python)
jsite 1.0 oe (SQL/LFI) Multiple Vulnerabilities
jsite 1.0 oe - (SQL/LFI) Multiple Vulnerabilities
Bea Weblogic Apache Connector - Code Execution / Denial of Service Exploit
Bea Weblogic Apache Connector - Code Execution and Denial of Service Exploit
e-vision CMS <= 2.02 (SQL/upload/ig) Multiple Vulnerabilities
k-links directory (SQL/XSS) Multiple Vulnerabilities
e-vision CMS <= 2.02 - (SQL/upload/ig) Multiple Vulnerabilities
k-links directory - (SQL/XSS) Multiple Vulnerabilities
Ppim <= 1.0 (Arbitrary File Delete/XSS) Multiple Vulnerabilities
Ppim <= 1.0 - (Arbitrary File Delete/XSS) Multiple Vulnerabilities
Ppim <= 1.0 (upload/change password) Multiple Vulnerabilities
Ppim <= 1.0 - (upload/change password) Multiple Vulnerabilities
k-rate (SQL/XSS) Multiple Vulnerabilities
k-rate - (SQL/XSS) Multiple Vulnerabilities
Invision Power Board <= 2.3.5 - Multiple Vulnerabilities Exploit (revised)
Invision Power Board <= 2.3.5 - Multiple Vulnerabilities (2)
brim 2.0.0 (SQL/XSS) Multiple Vulnerabilities
brim 2.0.0 - (SQL/XSS) Multiple Vulnerabilities
aspwebalbum 3.2 (upload/SQL/XSS) Multiple Vulnerabilities
aspwebalbum 3.2 - (upload/SQL/XSS) Multiple Vulnerabilities
qwicsite pro (SQL/XSS) Multiple Vulnerabilities
qwicsite pro - (SQL/XSS) Multiple Vulnerabilities
Hot Links SQL-PHP 3 (report.php) Multiple Vulnerabilities
Hot Links SQL-PHP 3 - (report.php) Multiple Vulnerabilities
Availscript Article Script (articles.php) Multiple Vulnerabilities
Availscript Article Script - (articles.php) Multiple Vulnerabilities
Availscript Photo Album (pics.php) Multiple Vulnerabilities
Availscript Photo Album - (pics.php) Multiple Vulnerabilities
phpvid 1.1 0- (XSS/SQL) Multiple Vulnerabilities
phpvid 1.1 0 - (XSS/SQL) Multiple Vulnerabilities
php infoboard 7 - plus Multiple Vulnerabilities
php infoboard 7 plus - Multiple Vulnerabilities
camera life 2.6.2b4 (SQL/XSS) Multiple Vulnerabilities
camera life 2.6.2b4 - (SQL/XSS) Multiple Vulnerabilities
mini-pub 0.3 (lfd/ce) Multiple Vulnerabilities
mini-pub 0.3 - (LFD/CE) Multiple Vulnerabilities
Nuked-klaN <= 1.7.7 / <= SP4.4 - Multiple Vulnerabilities Exploit
Nuked-klaN <= 1.7.7 / <= SP4.4 - Multiple Vulnerabilities
mystats (hits.php) Multiple Vulnerabilities Exploit
mystats - (hits.php) Multiple Vulnerabilities
Vivvo CMS <= 3.4 - Multiple Vulnerabilities Destroyer Exploit
Vivvo CMS <= 3.4 - Multiple Vulnerabilities
websvn <= 2.0 - (XSS/fh/ce) Multiple Vulnerabilities
websvn <= 2.0 - (XSS/fh/CE) Multiple Vulnerabilities
db Software Laboratory VImpX (VImpX.ocx) Multiple Vulnerabilities
db Software Laboratory VImpX - (VImpX.ocx) Multiple Vulnerabilities
phpdaily (SQL/XSS/lfd) Multiple Vulnerabilities
phpdaily - (SQL/XSS/lfd) Multiple Vulnerabilities
questcms - (XSS/directory traversal/SQL) Multiple Vulnerabilities
questcms - (XSS/Directory Traversal/SQL) Multiple Vulnerabilities
apartment search script (rfu/XSS) Multiple Vulnerabilities
apartment search script - (RFU/XSS) Multiple Vulnerabilities
MatPo Link 1.2b (Blind SQL Injection/XSS) Multiple Vulnerabilities
MatPo Link 1.2b - (Blind SQL Injection/XSS) Multiple Vulnerabilities
WEBBDOMAIN WebShop 1.02 (SQL/XSS) Multiple Vulnerabilities
WEBBDOMAIN WebShop 1.02 - (SQL/XSS) Multiple Vulnerabilities
pre multi-vendor shopping malls Multiple Vulnerabilities
pre multi-vendor shopping malls - Multiple Vulnerabilities
Pre ADS Portal <= 2.0 (Auth Bypass/XSS) Multiple Vulnerabilities
Pre ADS Portal <= 2.0 - (Auth Bypass/XSS) Multiple Vulnerabilities
Mini Web Calendar 1.2 (File Disclosure/XSS) Multiple Vulnerabilities
Mini Web Calendar 1.2 - (File Disclosure/XSS) Multiple Vulnerabilities
zeeproperty 1.0 (upload/XSS) Multiple Vulnerabilities
zeeproperty 1.0 - (upload/XSS) Multiple Vulnerabilities
Openfire Server <= 3.6.0a (Auth Bypass/SQL/XSS) Multiple Vulnerabilities
Openfire Server <= 3.6.0a - (Auth Bypass/SQL/XSS) Multiple Vulnerabilities
AJSquare Free Polling Script (DB) Multiple Vulnerabilities
AJSquare Free Polling Script - (DB) Multiple Vulnerabilities
turnkeyforms Web Hosting Directory Multiple Vulnerabilities
turnkeyforms Web Hosting Directory - Multiple Vulnerabilities
GS Real Estate Portal US/International Module Multiple Vulnerabilities
GS Real Estate Portal US/International Module - Multiple Vulnerabilities
bandwebsite 1.5 (SQL/XSS) Multiple Vulnerabilities
bandwebsite 1.5 - (SQL/XSS) Multiple Vulnerabilities
chipmunk topsites (auth bypass/XSS) Multiple Vulnerabilities
clean CMS 1.5 (blind SQL Injection/XSS) Multiple Vulnerabilities
chipmunk topsites - (auth bypass/XSS) Multiple Vulnerabilities
clean CMS 1.5 - (blind SQL Injection/XSS) Multiple Vulnerabilities
Ocean12 Contact Manager Pro (SQL/XSS/DDV) Multiple Vulnerabilities
Ocean12 Contact Manager Pro - (SQL/XSS/DDV) Multiple Vulnerabilities
comersus asp shopping cart (dd/XSS) Multiple Vulnerabilities
comersus asp shopping cart - (DD/XSS) Multiple Vulnerabilities
minimal ablog 0.4 (SQL/fu/bypass) Multiple Vulnerabilities
minimal ablog 0.4 - (SQL/fu/bypass) Multiple Vulnerabilities
Ocean12 Mailing List Manager Gold (DD/SQL/XSS) Vulnerabilities
Ocean12 Mailing List Manager Gold - (DD/SQL/XSS) Vulnerabilities
wbstreet 1.0 (SQL/dd) Multiple Vulnerabilities
wbstreet 1.0 - (SQL/DD) Multiple Vulnerabilities
template creature (SQL/dd) Multiple Vulnerabilities
template creature - (SQL/DD) Multiple Vulnerabilities
merlix educate servert (bypass/dd) Multiple Vulnerabilities
merlix educate servert - (bypass/DD) Multiple Vulnerabilities
nightfall personal diary 1.0 - (XSS/dd) Multiple Vulnerabilities
Merlix Teamworx Server (DD/Bypass) Multiple Remote Vulnerabilities
nightfall personal diary 1.0 - (XSS/DD) Multiple Vulnerabilities
Merlix Teamworx Server - (DD/Bypass) Multiple Remote Vulnerabilities
asp autodealer (SQL/dd) Multiple Vulnerabilities
asp autodealer - (SQL/DD) Multiple Vulnerabilities
aspmanage banners (rfu/dd) Multiple Vulnerabilities
aspmanage banners - (RFU/DD) Multiple Vulnerabilities
asp talk (SQL/css) Multiple Vulnerabilities
asp talk - (SQL/css) Multiple Vulnerabilities
siu guarani Multiple Vulnerabilities
siu guarani - Multiple Vulnerabilities
webcaf <= 1.4 - (LFI/rce) Multiple Vulnerabilities
webcaf <= 1.4 - (LFI/RCE) Multiple Vulnerabilities
postecards (SQL/dd) Multiple Vulnerabilities
postecards - (SQL/DD) Multiple Vulnerabilities
living Local 1.1 - (XSS-rfu) Multiple Vulnerabilities
living Local 1.1 - (XSS/rfu) Multiple Vulnerabilities
cf shopkart 5.2.2 (SQL/dd) Multiple Vulnerabilities
cf shopkart 5.2.2 - (SQL/DD) Multiple Vulnerabilities
the net guys aspired2blog (SQL/dd) Multiple Vulnerabilities
the net guys aspired2blog - (SQL/dd) Multiple Vulnerabilities
joomla live chat (SQL/proxy) Multiple Vulnerabilities
joomla live chat - (SQL/proxy) Multiple Vulnerabilities
isweb CMS 3.0 (SQL/XSS) Multiple Vulnerabilities
isweb CMS 3.0 - (SQL/XSS) Multiple Vulnerabilities
clickandemail (SQL/XSS) Multiple Vulnerabilities
click&rank (SQL/XSS) Multiple Vulnerabilities
clickandemail - (SQL/XSS) Multiple Vulnerabilities
click&rank - (SQL/XSS) Multiple Vulnerabilities
Liberum Help Desk 0.97.3 (SQL/DD) Remote Vulnerabilities
Zelta E Store (RFU/BYPASS/R-SQL/B-SQL) Multiple Vulnerabilities
Liberum Help Desk 0.97.3 - (SQL/DD) Remote Vulnerabilities
Zelta E Store - (RFU/BYPASS/R-SQL/B-SQL) Multiple Vulnerabilities
2532/gigs 1.2.2 - stable Multiple Vulnerabilities
2532/gigs 1.2.2 stable - Multiple Vulnerabilities
constructr CMS <= 3.02.5 stable Multiple Vulnerabilities
constructr CMS <= 3.02.5 stable - Multiple Vulnerabilities
chicomas <= 2.0.4 (DB Backup/DD/XSS) Multiple Vulnerabilities
chicomas <= 2.0.4 - (DB Backup/DD/XSS) Multiple Vulnerabilities
yourplace <= 1.0.2 - Multiple Vulnerabilities + rce Exploit
yourplace <= 1.0.2 - Multiple Vulnerabilities + RCE Exploit
doop CMS <= 1.4.0b (CSRF/upload shell) Multiple Vulnerabilities
doop CMS <= 1.4.0b - (CSRF/upload shell) Multiple Vulnerabilities
Nokia S60 SMS/Mms (Curse of Silence) Denial of Service Vulnerability
Nokia S60 SMS/MMS (Curse of Silence) - Denial of Service Vulnerability
Seo4SMF for SMF forums Multiple Vulnerabilities
Seo4SMF for SMF forums - Multiple Vulnerabilities
mkportal <= 1.2.1 () Multiple Vulnerabilities
mkportal <= 1.2.1 - Multiple Vulnerabilities
rankem (dd/XSS/cm) Multiple Vulnerabilities
blogit! (SQL/dd/XSS) Multiple Vulnerabilities
rankem - (DD/XSS/cm) Multiple Vulnerabilities
blogit! - (SQL/DD/XSS) Multiple Vulnerabilities
E-ShopSystem Auth Bypass / SQL Injection Multiple Vulnerabilities
E-ShopSystem - (Auth Bypass / SQL Injection) Multiple Vulnerabilities
Motorola Wimax modem CPEi300 (FD/XSS) Multiple Vulnerabilities
Motorola Wimax modem CPEi300 - (FD/XSS) Multiple Vulnerabilities
navicopa webserver 3.0.1 (bof/sd) Multiple Vulnerabilities
navicopa webserver 3.0.1 - (bof/sd) Multiple Vulnerabilities
Power System Of Article Management 3.0 - (DD/XSS) Vulnerabilities
team 1.x - (dd/XSS) Multiple Vulnerabilities
Power System Of Article Management 3.0 - (DD/XSS) Multiple Vulnerabilities
team 1.x - (DD/XSS) Multiple Vulnerabilities
gr blog 1.1.4 (upload/bypass) Multiple Vulnerabilities
gr blog 1.1.4 - (upload/bypass) Multiple Vulnerabilities
zeroboard4 pl8 (07.12.17) Multiple Vulnerabilities
zeroboard4 pl8 (07.12.17) - Multiple Vulnerabilities
SilverNews 2.04 (Auth Bypass/LFI/RCE) Multiple Vulnerabilities
SilverNews 2.04 - (Auth Bypass/LFI/RCE) Multiple Vulnerabilities
w3bcms <= 3.5.0 - Multiple Vulnerabilities Exploit
w3bcms <= 3.5.0 - Multiple Vulnerabilities
powermovielist 0.14b (SQL/XSS) Multiple Vulnerabilities
powermovielist 0.14b - (SQL/XSS) Multiple Vulnerabilities
ritsblog 0.4.2 (ab/XSS) Multiple Vulnerabilities
Zabbix 1.6.2 Frontend Multiple Vulnerabilities
blindblog 1.3.1 (SQL/ab/LFI) Multiple Vulnerabilities
ritsblog 0.4.2 - (ab/XSS) Multiple Vulnerabilities
Zabbix 1.6.2 - Frontend - Multiple Vulnerabilities
blindblog 1.3.1 - (SQL/ab/LFI) Multiple Vulnerabilities
phpCommunity 2.1.8 (SQL/DT/XSS) Multiple Vulnerabilities
phpCommunity 2.1.8 - (SQL/DT/XSS) Multiple Vulnerabilities
Telnet-Ftp Service Server 1.x - Multiple Vulnerabilities (Post Auth)
Telnet-Ftp Service Server 1.x - (Post Auth) Multiple Vulnerabilities
Femitter FTP Server 1.x - Multiple Vulnerabilities (post auth)
Femitter FTP Server 1.x - (Post Auth) Multiple Vulnerabilities
Diskos CMS Manager (SQL/DB/Auth Bypass) Multiple Vulnerabilities
Diskos CMS Manager - (SQL/DB/Auth Bypass) Multiple Vulnerabilities
Linux Kernel 2.6 - UDEV Local Privilege Escalation Exploit
Linux Kernel 2.6 (Debian / Ubuntu / Gentoo) - UDEV Local Privilege Escalation Exploit
flatnux 2009-03-27 (upload/id) Multiple Vulnerabilities
flatnux 2009-03-27 - (upload/id) Multiple Vulnerabilities
fungamez rc1 (ab/LFI) Multiple Vulnerabilities
fungamez rc1 - (ab/LFI) Multiple Vulnerabilities
mixedcms 1.0b (LFI/su/ab/fd) Multiple Vulnerabilities
mixedcms 1.0b - (LFI/su/ab/fd) Multiple Vulnerabilities
fowlcms 1.1 (ab/LFI/su) Multiple Vulnerabilities
fowlcms 1.1 - (ab/LFI/su) Multiple Vulnerabilities
dwebpro 6.8.26 (dt/fd) Multiple Vulnerabilities
dwebpro 6.8.26 - (dt/fd) Multiple Vulnerabilities
Linux Kernel 2.6.x - SCTP FWD Memory Corruption Remote Exploit
Linux Kernel 2.6.x (<= 2.6.20 / <= 2.6.24 / <= 2.6.27_7-10) (Ubuntu 7.04/8.04/8.10 / Fedora Core 10 / OpenSuse 11.1) - SCTP FWD Memory Corruption Remote Exploit
Linux Kernel 2.6 UDEV < 141 - Local Privilege Escalation Exploit
Linux Kernel 2.6 UDEV < 141 (Gentoo / Ubuntu 8.10/9.04) - Local Privilege Escalation Exploit
leap CMS 0.1.4 (SQL/XSS/su) Multiple Vulnerabilities
leap CMS 0.1.4 - (SQL/XSS/su) Multiple Vulnerabilities
tematres 1.0.3 (auth bypass/SQL/XSS) Multiple Vulnerabilities
tematres 1.0.3 - (auth bypass/SQL/XSS) Multiple Vulnerabilities
Linux Kernel 2.6.x - ptrace_attach Local Privilege Escalation Exploit
Linux Kernel 2.6.x (Gentoo 2.6.29rc1) - ptrace_attach Local Privilege Escalation Exploit
2daybiz business community script Multiple Vulnerabilities
Easy Scripts Answer and Question Script Multiple Vulnerabilities
2daybiz business community script - Multiple Vulnerabilities
Easy Scripts Answer and Question Script - Multiple Vulnerabilities
my-colex 1.4.2 (ab/XSS/SQL) Multiple Vulnerabilities
my-gesuad 0.9.14 (ab/SQL/XSS) Multiple Vulnerabilities
my-colex 1.4.2 - (ab/XSS/SQL) Multiple Vulnerabilities
my-gesuad 0.9.14 - (ab/SQL/XSS) Multiple Vulnerabilities
vidshare pro (SQL/XSS) Multiple Vulnerabilities
vidshare pro - (SQL/XSS) Multiple Vulnerabilities
Mac OS X - Java applet Remote Deserialization Remote PoC (updated)
Mac OS X - Java applet Remote Deserialization Remote PoC (Updated)
asp inline corporate calendar (SQL/XSS) Multiple Vulnerabilities
asp inline corporate calendar - (SQL/XSS) Multiple Vulnerabilities
minitwitter 0.3-beta (SQL/XSS) Multiple Vulnerabilities
minitwitter 0.3-beta - (SQL/XSS) Multiple Vulnerabilities
elitecms 1.01 (SQL/XSS) Multiple Vulnerabilities
elitecms 1.01 - (SQL/XSS) Multiple Vulnerabilities
flashlight free edition (LFI/SQL) Multiple Vulnerabilities
flashlight free edition - (LFI/SQL) Multiple Vulnerabilities
propertymax pro free (SQL/XSS) Multiple Vulnerabilities
propertymax pro free - (SQL/XSS) Multiple Vulnerabilities
podcast generator <= 1.2 - globals[] Multiple Vulnerabilities
podcast generator <= 1.2 - globals[] - Multiple Vulnerabilities
kloxo 5.75 (24 issues) Multiple Vulnerabilities
kloxo 5.75 - (24 issues) Multiple Vulnerabilities
virtue news (SQL/XSS) Multiple Vulnerabilities
virtue news - (SQL/XSS) Multiple Vulnerabilities
mrcgiguy the ticket system 2.0 php Multiple Vulnerabilities
mrcgiguy the ticket system 2.0 php - Multiple Vulnerabilities
mrcgiguy freeticket (ch/SQL) Multiple Vulnerabilities
mrcgiguy freeticket - (ch/SQL) Multiple Vulnerabilities
impleo music collection 2.0 (SQL/XSS) Multiple Vulnerabilities
impleo music collection 2.0 - (SQL/XSS) Multiple Vulnerabilities
kasseler CMS (fd/XSS) Multiple Vulnerabilities
kasseler CMS - (fd/XSS) Multiple Vulnerabilities
tribiq CMS 5.0.12c (XSS/LFI) Multiple Vulnerabilities
tribiq CMS 5.0.12c - (XSS/LFI) Multiple Vulnerabilities
Virtue Online Test Generator (AB/SQL/XSS) Multiple Vulnerabilities
Virtue Online Test Generator - (AB/SQL/XSS) Multiple Vulnerabilities
Linux Kernel <= 2.6.28.3 - set_selection() UTF-8 Off By One Local Exploit (x86-64)
Linux Kernel <= 2.6.24_16-23 / <= 2.6.28.3 (Ubuntu 8.04/8.10 & Fedora Core 10) (x86-64) - set_selection() UTF-8 Off By One Local Exploit
Siteframe CMS 3.2.x SQL Injection/phpinfo() Multiple Vulnerabilities
Siteframe CMS 3.2.x - (SQL Injection/phpinfo()) Multiple Vulnerabilities
citrix xencenterweb - (XSS/SQL/rce) Multiple Vulnerabilities
citrix xencenterweb - (XSS/SQL/RCE) Multiple Vulnerabilities
FreeBSD 6/8 (ata device) Local Denial of Service Exploit
FreeBSD 6/8 - (ata device) Local Denial of Service Exploit
good/bad vote (XSS/LFI) Multiple Vulnerabilities
good/bad vote - (XSS/LFI) Multiple Vulnerabilities
Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux / RHEL5 - Test Kernel Local Root Exploit (0day)
Linux Kernel 2.6.30 <= 2.6.30.1 / SELinux (RHEL5) - Kernel Local Root Exploit (0day)
mcshoutbox 1.1 (SQL/XSS/shell) Multiple Vulnerabilities
mcshoutbox 1.1 - (SQL/XSS/shell) Multiple Vulnerabilities
DD-WRT (httpd service) Remote Command Execution Vulnerability
DD-WRT - (httpd service) Remote Command Execution Vulnerability
tenrok 1.1.0 (udd/rce) Multiple Vulnerabilities
tenrok 1.1.0 - (udd/RCE) Multiple Vulnerabilities
logoshows bbs 2.0 (dd/ich) Multiple Vulnerabilities
logoshows bbs 2.0 - (DD/ich) Multiple Vulnerabilities
Linux Kernel 2.x - sock_sendpage() Local Ring0 Root Exploit (1)
Linux Kernel 2.x (Redhat) - sock_sendpage() Ring0 Local Root Exploit (1)
Linux Kernel 2.4 / 2.6 - sock_sendpage() ring0 Root Exploit (1)
Linux Kernel 2.4 / 2.6 (RedHat Linux 9 / Fedora Core 4~11 / Whitebox 4 / CentOS 4) - sock_sendpage() ring0 Root Exploit (1)
Linux Kernel <= 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure
Linux Kernel <= 2.6.31-rc7 - AF_LLC getsockname 5-Byte Stack Disclosure Proof of Concept
Linux Kernel 2.6 < 2.6.19 - (32-bit) ip_append_data() ring0 Root Exploit
Linux Kernel 2.6 < 2.6.19 (White Box 4 / CentOS 4.4/4.5 / Fedora Core 4/5/6) - (32-bit) ip_append_data() ring0 Root Exploit
Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (PPC Edition)
Linux Kernel 2.4.x / 2.6.x (CentOS 4.8/5.3 / RHEL 4.8/5.3 / SUSE 10 SP2/11 / Ubuntu 8.10) - sock_sendpage() Local Root (PPC)
Linux Kernel < 2.6.19 - udp_sendmsg Local Root Exploit (x86/x64)
Linux Kernel < 2.6.19 - udp_sendmsg Local Root Exploit
Linux Kernel < 2.6.19 (x86/x64) - udp_sendmsg Local Root Exploit
Linux Kernel < 2.6.19 (Debian 4) - udp_sendmsg Local Root Exploit
Linux Kernel 2.4 / 2.6 - sock_sendpage() Local Root Exploit (2)
Linux Kernel 2.4 / 2.6 (Fedora 11) - sock_sendpage() Local Root Exploit (2)
Joomla Hotel Booking System - XSS/SQL Injection Multiple Vulnerabilities
Joomla Hotel Booking System - (XSS/SQL Injection) Multiple Vulnerabilities
Alteon OS BBI (Nortell) - Multiple Vulnerabilities XSS and CSRF
Alteon OS BBI (Nortell) - (XSS and CSR) Multiple Vulnerabilities
Linux Kernel - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty
Linux Kernel - 'pipe.c' Local Privilege Escalation Vulnerability
Linux Kernel 2.6.x - 'fput()' NULL Pointer Dereference Local Denial of Service Vulnerabilty
Linux Kernel <= 2.6.32 - 'pipe.c' Local Privilege Escalation Vulnerability
Linux Kernel - 'unix_stream_connect()' Local Denial of Service Vulnerability
Linux Kernel <= 2.6.31.4 - 'unix_stream_connect()' Local Denial of Service Vulnerability
Unreal Tournament 2004 - _Secure_ Overflow
Unreal Tournament 2004 - 'Secure' Overflow
VMWare Fusion <= 2.0.5 - vmx86 kext Local kernel Root Exploit
VMWare Fusion <= 2.0.5 - vmx86 kext Kernel Local Root Exploit
PHP < 5.3.1 - _multipart/form-data_ Denial of Service Exploit (Python)
PHP < 5.3.1 - 'multipart/form-data' Denial of Service Exploit (Python)
sugar crm 5.5.0.rc2 and 5.2.0j Multiple Vulnerabilities
sugar crm 5.5.0.rc2 and 5.2.0j - Multiple Vulnerabilities
Huawei MT882 Modem/Router Multiple Vulnerabilities
Huawei MT882 Modem/Router - Multiple Vulnerabilities
DigitalHive Multiple Vulnerabilities
DigitalHive - Multiple Vulnerabilities
zabbix server Multiple Vulnerabilities
zabbix server - Multiple Vulnerabilities
Ez Faq Maker Multiple Vulnerabilities
Ez Faq Maker - Multiple Vulnerabilities
Ez Blog 1.0 - XSS/CSRF Multiple Vulnerabilities
Ez Blog 1.0 - (XSS/CSRF) Multiple Vulnerabilities
Recipe Script 5.0 - Shell Upload/CSRF/XSS Multiple Vulnerabilities
Recipe Script 5.0 - (Shell Upload/CSRF/XSS) Multiple Vulnerabilities
eUploader PRO 3.1.1 - CSRF/XSS Multiple Vulnerabilities
eUploader PRO 3.1.1 - (CSRF/XSS) Multiple Vulnerabilities
Horde 3.3.5 - _PHP_SELF_ XSS Vulnerability
Horde 3.3.5 - 'PHP_SELF' XSS Vulnerability
Lizard Cart Upload Shell Vulnerability
Lizard Cart - Upload Shell Vulnerability
Mega Upload Upload Shell Vulnerability
Mega Upload 1.45 - Upload Shell Vulnerability
MyCart shopping cart Upload Shell Vulnerability
oscommerce <= 2.2rc2a Bypass/Create and Download Backup Vulnerability
MyCart shopping cart - Upload Shell Vulnerability
osCommerce <= 2.2rc2a - Bypass/Create and Download Backup Vulnerability
gallery_show.asp GID suffer from Blind SQL Injection Vulnerability
gallery_show.asp - GID Blind SQL Injection Vulnerability
Mini-NUKE 2.3 - Freehost Multiple Vulnerabilities
Mini-NUKE 2.3 Freehost - Multiple Vulnerabilities
VirtualDJ Trial 6.0.6 - _New Year Edition_ - (.m3u) Exploit (0day)
VirtualDJ Trial 6.0.6 - 'New Year Edition' - (.m3u) Exploit (0day)
PHPDirector Game Edition 0.1 - Multiple Vulnerabilities (LFI/SQLi/XSS)
PHPDirector Game Edition 0.1 - (LFI/SQLi/XSS) Multiple Vulnerabilities
Docebo 3.6.0.2 (stable) Local File Inclusion
Docebo 3.6.0.2 (stable) - Local File Inclusion
CLONEBID B2B Marketplace Multiple Vulnerabilities
ITechSctipts Alibaba Clone Multiple Vulnerabilities
CLONEBID B2B Marketplace - Multiple Vulnerabilities
ITechSctipts Alibaba Clone - Multiple Vulnerabilities
ManageEngine OpUtils 5 - _Login.DO_ SQL Injection Vulnerability
ManageEngine OpUtils 5 - 'Login.DO' SQL Injection Vulnerability
CMS by MyWorks Multiple Vulnerabilities
CMS by MyWorks - Multiple Vulnerabilities
DZ Auktionshaus _V4.rgo_ (id) news.php - SQL Injection Vulnerability
DZ Auktionshaus 'V4.rgo' (id) news.php - SQL Injection Vulnerability
PhpCityPortal Multiple Vulnerabilities
PhpCityPortal - Multiple Vulnerabilities
Joomla Component com_ckforms Multiple Vulnerabilities
Joomla Component com_ckforms - Multiple Vulnerabilities
Joomla Component com_vxdate Multiple Vulnerabilities
Joomla Component com_vxdate - Multiple Vulnerabilities
Adult Video Site Script Multiple Vulnerabilities
Adult Video Site Script - Multiple Vulnerabilities
iOS Safari - Bad _VML_ Remote DoS
iOS Safari - Bad 'VML' Remote DoS
Linux Kernel <= 2.6.34-rc3 ReiserFS xattr - Privilege Escalation
Linux Kernel <= 2.6.34-rc3 ReiserFS xattr (Redhat/Ubuntu 9.10) - Privilege Escalation
vBulletin _Cyb - Advanced Forum Statistics_ DoS
vBulletin 'Cyb - Advanced Forum Statistics' DoS
dl_stats Multiple Vulnerabilities
dl_stats - Multiple Vulnerabilities
avtech software (avc781viewer.dll) ActiveX Multiple Vulnerabilities
avtech software (avc781viewer.dll) ActiveX - Multiple Vulnerabilities
lanewsfactory Multiple Vulnerabilities
lanewsfactory - Multiple Vulnerabilities
MacOS X 10.6 HFS File System Attack (Denial of Service)
MacOS X 10.6 - HFS File System Attack (Denial of Service)
WFTPD Server 3.30 - Multiple Vulnerabilities (0day)
WFTPD Server 3.30 - (0day) Multiple Vulnerabilities
CompactCMS 1.4.0 (tiny_mce) Remote File Upload
CompactCMS 1.4.0 (tiny_mce) - Remote File Upload
Tainos Multiple Vulnerabilities
Tainos - Multiple Vulnerabilities
Joomla Component com_event Multiple Vulnerabilities
Joomla Component com_event - Multiple Vulnerabilities
B-Hind CMS (tiny_mce) Remote File Upload
B-Hind CMS (tiny_mce) - Remote File Upload
ComponentOne VSFlexGrid 7 & 8 - _Archive()_ method Remote Buffer Overflow Exploit
ComponentOne VSFlexGrid 7 & 8 - 'Archive()' method Remote Buffer Overflow Exploit
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - _PORT_ Command Remote DoS
(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - 'PORT' Command Remote DoS
Blaze Apps Multiple Vulnerabilities
Blaze Apps - Multiple Vulnerabilities
Joomla Component My Car Multiple Vulnerabilities
Joomla Component My Car - Multiple Vulnerabilities
Marketing Web Design Multiple Vulnerabilities
Marketing Web Design - Multiple Vulnerabilities
Aim Web Design Multiple Vulnerabilities
Aim Web Design - Multiple Vulnerabilities
Zeeways Script Multiple Vulnerabilities
Zeeways Script - Multiple Vulnerabilities
QuickTalk 1.2 - Multiple Vulnerabilities (Source Code Disclosure)
QuickTalk 1.2 - (Source Code Disclosure) Multiple Vulnerabilities
Joomla Component ChronoConnectivity
Joomla Component ChronoForms (com_chronocontact)
Joomla Component ChronoConnectivity (com_chronoconnectivity) - Blind SQL Injection Vulnerability
Joomla Component ChronoForms (com_chronocontact) - Blind SQL Injection Vulnerability
Simple Posting System Multiple Vulnerabilities
Simple Posting System - Multiple Vulnerabilities
Joomla Component com_djartgallery Multiple Vulnerabilities
Joomla Component com_djartgallery - Multiple Vulnerabilities
Miniweb 2.0 Business Portal and Social Networking Platform SQL Injection
Miniweb 2.0 Business Portal and Social Networking Platform - SQL Injection
E-PHP B2B Marketplace Multiple Vulnerabilities
E-PHP B2B Marketplace - Multiple Vulnerabilities
DaLogin Multiple Vulnerabilities
DaLogin - Multiple Vulnerabilities
Novell iManager Multiple Vulnerabilities
Novell iManager - Multiple Vulnerabilities
2DayBiz Video Community portal - _user-profile.php_ SQL Injection Vulnerability
2DayBiz Real Estate Portal - _viewpropertydetails.php_ SQL injection
2DayBiz Video Community portal - 'user-profile.php' SQL Injection Vulnerability
2DayBiz Real Estate Portal - 'viewpropertydetails.php' SQL injection
NO-IP.com Dynamic DNS Update Client 2.2.1 - _Request_ Insecure Encoding Algorithm
NO-IP.com Dynamic DNS Update Client 2.2.1 - 'Request' Insecure Encoding Algorithm
TCW PHP Album Multiple Vulnerabilities
Esoftpro Online Guestbook Pro Multiple Vulnerabilities
TCW PHP Album - Multiple Vulnerabilities
Esoftpro Online Guestbook Pro - Multiple Vulnerabilities
Esoftpro Online Contact Manager Multiple Vulnerabilities
Esoftpro Online Contact Manager - Multiple Vulnerabilities
Joomla Component Sef (com_sef) - LFI Vulnerability
Joomla Component SEF (com_sef) - Local File Inclusion Vulnerability
artforms 2.1b7.2 rc2 joomla component Multiple Vulnerabilities
artforms 2.1b7.2 rc2 joomla component - Multiple Vulnerabilities
Qt 4.6.3 - _QSslSocketBackendPrivate::transmit()_ Denial of Service
Qt 4.6.3 - 'QSslSocketBackendPrivate::transmit()' Denial of Service
Macs CMS 1.1.4 - Multiple Vulnerabilities (XSS/CSRF)
Macs CMS 1.1.4 - (XSS/CSRF) Multiple Vulnerabilities
GetSimple CMS 2.01 - Multiple Vulnerabilities (XSS/CSRF)
Ubuntu 9.10 (Karmic Koala) & 10.04 LTS (Lucid Lynx) PAM 1.1.0 MOTD - Local Root Exploit
GetSimple CMS 2.01 - (XSS/CSRF) Multiple Vulnerabilities
PAM 1.1.0 MOTD (Ubuntu 9.10/10.04) - Local Root Exploit
Joomla Component QContacts (com_qcontacts) SQL Injection Vulnerability
Joomla Component QContacts (com_qcontacts) - SQL Injection Vulnerability
Ubuntu 10.04 LTS - Lucid Lynx ftp Client 0.17-19build1 ACCT - Buffer Overflow
ftp Client 0.17-19build1 ACCT (Ubuntu 10.04) - Buffer Overflow
Microsoft Windows - Win32k.sys Driver _CreateDIBPalette()_ Buffer Overflow
Microsoft Windows - Win32k.sys Driver 'CreateDIBPalette()' Buffer Overflow
Easy FTP - BoF Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands
Zendesk Multiple Vulnerabilities
Easy FTP 1.7.0.11 - BoF Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands
Zendesk - Multiple Vulnerabilities
Mediacoder 0.7.5.4710 - _Universal_ SEH Buffer Overflow Exploit
Mediacoder 0.7.5.4710 - 'Universal' SEH Buffer Overflow Exploit
Simple Forum PHP Multiple Vulnerabilities
Simple Forum PHP - Multiple Vulnerabilities
Linux Kernel < 2.6.36-rc1 CAN BCM - Privilege Escalation Exploit
Linux Kernel < 2.6.36-rc1 CAN BCM (Ubuntu 10.04 / 2.6.32-21) - Privilege Escalation Exploit
Apple QuickTime __Marshaled_pUnk_ Backdoor Param Client-Side Arbitrary Code Execution
Apple QuickTime '_Marshaled_pUnk' Backdoor Param Client-Side Arbitrary Code Execution
Adobe Acrobat Reader and Flash Player - _newclass_ invalid pointer
Adobe Acrobat Reader and Flash Player - 'newclass' invalid pointer
Shop a la Cart Multiple Vulnerabilities
Shop a la Cart - Multiple Vulnerabilities
ifnuke - Multiple Vulnerabilities (0day)
ifnuke - (0day) Multiple Vulnerabilities
dynpage <= 1.0 - Multiple Vulnerabilities (0day)
dynpage <= 1.0 - (0day) Multiple Vulnerabilities
sirang web-based d-control Multiple Vulnerabilities
sirang web-based d-control - Multiple Vulnerabilities
Microsoft Office Visio - .DXF File Stack based Overflow
Microsoft Office Visio 2002 - .DXF File Stack based Overflow
Mozilla Firefox - XSLT Sort Remote Code Execution Vulnerability
Mozilla Firefox 3.6.3 - XSLT Sort Remote Code Execution Vulnerability
Zeeways Adserver Multiple Vulnerabilities
Zeeways Adserver - Multiple Vulnerabilities
Microsoft Office Word 2007 - sprmCMajority Buffer Overflow
Microsoft Office Word 2007 SP2 - sprmCMajority Buffer Overflow
Adobe Acrobat and Reader - _pushstring_ Memory Corruption
Adobe Acrobat and Reader - 'pushstring' Memory Corruption
Linux Kernel 2.6.27 < 2.6.36 - x86_64 compat Local Root Exploit
Linux Kernel 2.6.27 < 2.6.36 (x86_64) (Redhat) - compat Local Root Exploit
Firefox Plugin Parameter EnsureCachedAttrParamArrays - Remote Code Execution
Firefox 3.6.4 - Plugin Parameter EnsureCachedAttrParamArrays - Remote Code Execution
xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection _reviews.php_
xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection 'reviews.php'
Java CMM readMabCurveData - Stack Overflow
Java 6.19 CMM readMabCurveData - Stack Overflow
Microsoft drm technology (msnetobj.dll) ActiveX Multiple Vulnerabilities
RarCrack 0.2 - _filename_ init() .bss PoC
Microsoft drm technology (msnetobj.dll) ActiveX - Multiple Vulnerabilities
RarCrack 0.2 - 'filename' init() .bss PoC
je guestbook 1.0 joomla component Multiple Vulnerabilities
je guestbook 1.0 joomla component - Multiple Vulnerabilities
Allpc 2.5 osCommerce SQL/XSS Multiple Vulnerabilities
Allpc 2.5 osCommerce - (SQL/XSS) Multiple Vulnerabilities
Linux Kernel < 2.6.36-rc6 - pktcdvd Kernel Memory Disclosure
Linux Kernel < 2.6.36-rc6 (Redhat/Ubuntu 10.04) - pktcdvd Kernel Memory Disclosure Proof of Concept
TradeMC E-Ticaret SQL and XSS Multiple Vulnerabilities
TradeMC E-Ticaret (SQL/XSS) Multiple Vulnerabilities
Cag CMS 0.2 - XSS & Blind SQL Injection Multiple Vulnerabilities
Cag CMS 0.2 - (XSS/Blind SQL Injection) Multiple Vulnerabilities
js calendar 1.5.1 joomla component Multiple Vulnerabilities
js calendar 1.5.1 joomla component - Multiple Vulnerabilities
Oracle Java 6 - OBJECT tag _launchjnlp_/_docbase_ Param Buffer Overflow Exploit
Oracle Java 6 - OBJECT tag 'launchjnlp'/'docbase' Param Buffer Overflow Exploit
Linux Kernel - VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability
Linux Kernel <= 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite Vulnerability
Sybase Advantage Data Architect - _*.SQL_ Format Heap Oveflow
Sybase Advantage Data Architect - '*.SQL' Format Heap Oveflow
Minishare 1.5.5 - Buffer Overflow Vulnerability (users.txt)
Minishare 1.4.0 - 1.5.5 - Buffer Overflow Vulnerability (users.txt)
Linux Kernel - Stack Infoleaks Vulnerability
Linux Kernel <= 2.4.0 - Stack Infoleaks Vulnerability
Joomla Component ccBoard 1.2-RC Multiple Vulnerabilities
Joomla Component ccBoard 1.2-RC - Multiple Vulnerabilities
CLANSPHERE 2010.0 Final Multiple Vulnerabilities
CLANSPHERE 2010.0 Final - Multiple Vulnerabilities
Linux Kernel - 'setup_arg_pages()' Denial of Service Vulnerability
Linux Kernel <= 2.6.37 - 'setup_arg_pages()' Denial of Service Vulnerability
Linux Kernel - Unix Sockets Local Denial of Service
Linux Kernel <= 2.6.37 - Unix Sockets Local Denial of Service
Site2Nite Big Truck Broker _txtSiteId_ SQL Injection Vulnerability
Site2Nite Big Truck Broker - 'txtSiteId' SQL Injection Vulnerability
Linux Kernel <= 2.6.37 - Local Privilege Escalation (Full Nelson)
Linux Kernel <= 2.6.37 (Redhat / Ubuntu 10.04) - 'Full Nelson' Local Privilege Escalation
Habari Blog Multiple Vulnerabilities
Habari Blog - Multiple Vulnerabilities
Linux Kernel 2.6.34 - CAP_SYS_ADMIN x86 - Local Privilege Escalation Exploit
Linux Kernel < 2.6.34 (Ubuntu 10.10) - CAP_SYS_ADMIN x86 - Local Privilege Escalation Exploit (1)
F3Site 2011 alfa 1 - Multiple Vulnerabilities (XSS & CSRF)
phpMySport 1.4 - Multiple Vulnerabilities (SQLi & Auth Bypass & Path Disclosure)
F3Site 2011 alfa 1 - (XSS & CSRF) Multiple Vulnerabilities
phpMySport 1.4 - (SQLi & Auth Bypass & Path Disclosure) Multiple Vulnerabilities
Linux Kernel < 2.6.34 - CAP_SYS_ADMIN x86 & x64 - Local Privilege Escalation Exploit (2)
Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 110.10) - Local Privilege Escalation Exploit (2)
Comcast DOCSIS 3.0 Business Gateways Multiple Vulnerabilities
Comcast DOCSIS 3.0 Business Gateways - Multiple Vulnerabilities
T-Content Managment System Multiple Vulnerabilities
T-Content Managment System - Multiple Vulnerabilities
Samba _username map script_ Command Execution
Samba 'username map script' Command Execution
Adobe CoolType SING Table _uniqueName_ Stack Buffer Overflow
Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow
Microsoft Internet Explorer - _Aurora_ Memory Corruption
Microsoft Internet Explorer - 'Aurora' Memory Corruption
Adobe Flash Player _newfunction_ Invalid Pointer Use
Adobe Flash Player - 'newfunction' Invalid Pointer Use
Adobe CoolType SING Table _uniqueName_ Stack Buffer Overflow
Adobe CoolType SING Table 'uniqueName' Stack Buffer Overflow
Adobe Flash Player _Button_ Remote Code Execution
Adobe Flash Player - 'Button' Remote Code Execution
Adobe Flash Player _newfunction_ Invalid Pointer Use
Adobe Flash Player - 'newfunction' Invalid Pointer Use
Unreal Tournament 2004 - _secure_ Overflow (Win32)
Unreal Tournament 2004 - 'secure' Overflow (Windows)
Unreal Tournament 2004 - _secure_ Overflow (Linux)
Unreal Tournament 2004 - 'secure' Overflow (Linux)
Tugux CMS 1.0_final Multiple Vulnerabilities
Tugux CMS 1.0_final - Multiple Vulnerabilities
Honey Soft Web Solution Multiple Vulnerabilities
Honey Soft Web Solution - Multiple Vulnerabilities
Joomla JCE Component (com_jce) Blind SQL Injection Vulnerability
Joomla JCE Component (com_jce) - Blind SQL Injection Vulnerability
Parnian Opendata CMS SQL Injection Vulnerability
Parnian Opendata CMS - SQL Injection Vulnerability
Time and Expense Management System Multiple Vulnerabilities
Time and Expense Management System - Multiple Vulnerabilities
ZyWALL USG - Appliance Multiple Vulnerabilities
ZyWALL USG - Appliance - Multiple Vulnerabilities
Cisco Unified Operations Manager Multiple Vulnerabilities
Microsoft Windows Vista/Server 2008 - _nsiproxy.sys_ Local Kernel DoS Exploit
Cisco Unified Operations Manager - Multiple Vulnerabilities
Microsoft Windows Vista/Server 2008 - 'nsiproxy.sys' Local Kernel DoS Exploit
HP Data Protector Client EXEC_SETUP Remote Code Execution PoC (ZDI-11-056)
HP Data Protector Client 6.11 - EXEC_SETUP Remote Code Execution PoC (ZDI-11-056)
HP Data Protector Client EXEC_CMD Remote Code Execution PoC (ZDI-11-055)
HP Data Protector Client 6.11 - EXEC_CMD Remote Code Execution PoC (ZDI-11-055)
Mozilla Firefox - _nsTreeRange_ Dangling Pointer Exploit
Mozilla Firefox - 'nsTreeRange' Dangling Pointer Exploit
Ollance Member Login Script Multiple Vulnerabilities
Ollance Member Login Script - Multiple Vulnerabilities
Adobe Reader X Atom Type Confusion Vulnerability Exploit
Adobe Reader X 10.0.0 - 10.0.1 - Atom Type Confusion Vulnerability Exploit
Mozilla Firefox _nsTreeRange_ Dangling Pointer Vulnerability
Mozilla Firefox - 'nsTreeRange' Dangling Pointer Vulnerability
Tradingeye E-commerce Shopping Cart Multiple Vulnerabilities
Tradingeye E-commerce Shopping Cart - Multiple Vulnerabilities
CA ARCserve D2D r15 GWT RPC Multiple Vulnerabilities
Safari - SVG DOM Processing PoC
CA ARCserve D2D r15 GWT RPC - Multiple Vulnerabilities
Safari 5.0.6_ 5.1 - SVG DOM Processing PoC
Link Station Pro Multiple Vulnerabilities
Link Station Pro - Multiple Vulnerabilities
Cart Software Multiple Vulnerabilities
Cart Software - Multiple Vulnerabilities
Omnistar Mailer Multiple Vulnerabilities
Omnistar Mailer - Multiple Vulnerabilities
Linux Kernel - 'perf_count_sw_cpu_clock' event Denial of Service
Linux Kernel 3.0.0 - 'perf_count_sw_cpu_clock' event Denial of Service
Linux Kernel < 2.6.36.2 - Econet Privilege Escalation Exploit
Linux Kernel < 2.6.36.2 (Ubuntu 10.04) - Econet Privilege Escalation Exploit
MYRE Real Estate Software Multiple Vulnerabilities
MYRE Real Estate Software - Multiple Vulnerabilities
Cisco TelePresence Multiple Vulnerabilities - SOS-11-010
Cisco TelePresence SOS-11-010 - Multiple Vulnerabilities
FreeBSD UIPC socket heap Overflow proof-of-concept
FreeBSD - UIPC socket heap Overflow Proof of Concept
GotoCode Online Bookstore Multiple Vulnerabilities
GotoCode Online Bookstore - Multiple Vulnerabilities
DivX Plus Web Player _file://_ Buffer Overflow Vulnerability PoC
DivX Plus Web Player - 'file://' Buffer Overflow Vulnerability PoC
EFront <= 3.6.9 Community Edition Multiple Vulnerabilities
EFront <= 3.6.9 Community Edition - Multiple Vulnerabilities
GotoCode Online Classifieds Multiple Vulnerabilities
GotoCode Online Classifieds - Multiple Vulnerabilities
6kbbs Multiple Vulnerabilities
6kbbs - Multiple Vulnerabilities
POSH Multiple Vulnerabilities
POSH - Multiple Vulnerabilities
NoNumber Framework Joomla! Plugin Multiple Vulnerabilities
NoNumber Framework Joomla! Plugin - Multiple Vulnerabilities
Uiga Personal Portal Multiple Vulnerabilities
Uiga Personal Portal - Multiple Vulnerabilities
Barter Sites 1.3 Joomla Component Multiple Vulnerabilities
Barter Sites 1.3 Joomla Component - Multiple Vulnerabilities
zFTP Server _cwd/stat_ Remote Denial-of-Service
zFTP Server - 'cwd/stat' Remote Denial-of-Service
JEEMA Sms 3.2 Joomla Component Multiple Vulnerabilities
Vik Real Estate 1.0 Joomla Component Multiple Vulnerabilities
JEEMA Sms 3.2 Joomla Component - Multiple Vulnerabilities
Vik Real Estate 1.0 Joomla Component - Multiple Vulnerabilities
ZTE ZXDSL 831IIV7.5.0a_Z29_OV Multiple Vulnerabilities
ZTE ZXDSL 831IIV7.5.0a_Z29_OV - Multiple Vulnerabilities
osCSS2 - __ID_ parameter Local file inclusion
osCSS2 - '_ID' parameter Local file inclusion
Infoproject Business Hero Multiple Vulnerabilities
Infoproject Business Hero - Multiple Vulnerabilities
SugarCRM CE <= 6.3.1 - _unserialize()_ PHP Code Execution
SugarCRM CE <= 6.3.1 - 'unserialize()' PHP Code Execution
ARYADAD Multiple Vulnerabilities
Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) - Mempodipper Local Root (1)
ARYADAD - Multiple Vulnerabilities
Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) (Gentoo / Ubuntu) - Mempodipper Local Root (1)
vBSEO <= 3.6.0 - _proc_deutf()_ Remote PHP Code Injection Exploit
vBSEO <= 3.6.0 - 'proc_deutf()' Remote PHP Code Injection Exploit
swDesk Multiple Vulnerabilities
swDesk - Multiple Vulnerabilities
Fork CMS 3.2.4 - Multiple Vulnerabilities (LFI/XSS)
Fork CMS 3.2.4 - (LFI/XSS) Multiple Vulnerabilities
DFLabs PTK <= 1.0.5 - Multiple Vulnerabilities (Steal Authentication Credentials)
DFLabs PTK <= 1.0.5 - (Steal Authentication Credentials) Multiple Vulnerabilities
HomeSeer HS2 and HomeSeer PRO Multiple Vulnerabilities
HomeSeer HS2 and HomeSeer PRO - Multiple Vulnerabilities
Adobe Flash Player .mp4 - 'cprt' Overflow_
Adobe Flash Player .mp4 - 'cprt' Overflow
Wolfcms <= 0.75 - Multiple Vulnerabilities (CSRF - XSS)
Wolfcms <= 0.75 - (CSRF/XSS) Multiple Vulnerabilities
Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow_
Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow'
MailMax <= 4.6 - POP3 - _USER_ Remote Buffer Overflow Exploit (No Login Needed)
MailMax <= 4.6 - POP3 - 'USER' Remote Buffer Overflow Exploit (No Login Needed)
Samsung D6000 TV Multiple Vulnerabilities
Samsung D6000 TV - Multiple Vulnerabilities
Websense Triton Multiple Vulnerabilities
Websense Triton - Multiple Vulnerabilities
QNX phrelay/phindows/phditto Multiple Vulnerabilities
QNX phrelay/phindows/phditto - Multiple Vulnerabilities
Lynx Message Server Multiple Vulnerabilities
Lynx Message Server - Multiple Vulnerabilities
SAP Netweaver Dispatcher Multiple Vulnerabilities
SAP Netweaver Dispatcher - Multiple Vulnerabilities
elearning server 4g Multiple Vulnerabilities
elearning server 4g - Multiple Vulnerabilities
Pro-face Pro-Server EX WinGP PC Runtime Multiple Vulnerabilities
Pro-face Pro-Server EX WinGP PC Runtime - Multiple Vulnerabilities
Axous 1.1.1 - Multiple Vulnerabilities (CSRF - Persistent XSS)
Axous 1.1.1 - (CSRF/Persistent XSS) Multiple Vulnerabilities
Active Collab _chat module_ <= 2.3.8 - Remote PHP Code Injection Exploit
Active Collab 'chat module' <= 2.3.8 - Remote PHP Code Injection Exploit
SunOS <= 4.1.3 kmem setgid /etc/crash Vulnerability
SunOS <= 4.1.3 - kmem setgid /etc/crash Vulnerability
Linux kernel 2.0/2.1 - SIGIO Vulnerability
Linux Kernel 2.0 / 2.1 - SIGIO Vulnerability
Digital UNIX <= 4.0 D_FreeBSD <= 2.2.4_HP HP-UX 10.20/11.0_IBM AIX <= 3.2.5_Linux kernel 2.0/2.1_NetBSD 1.2_Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability
Linux Kernel 2.0/2.1_ Digital UNIX <= 4.0 D_ FreeBSD <= 2.2.4_ HP HP-UX 10.20/11.0_ IBM AIX <= 3.2.5_ NetBSD 1.2_ Solaris <= 2.5.1 - Smurf Denial of Service Vulnerability
Microsoft Windows - _April Fools 2001_ Vulnerability
Microsoft Windows - 'April Fools 2001' Vulnerability
Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 RAS Dial-up Networking _Save Password_ Vulnerability
Microsoft Windows NT <= 4.0 SP5_Terminal Server 4.0 - _Pass the Hash_ with Modified SMB Client Vulnerability
Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 - RAS Dial-up Networking 'Save Password' Vulnerability
Microsoft Windows NT <= 4.0 SP5_Terminal Server 4.0 - 'Pass the Hash' with Modified SMB Client Vulnerability
Linux Kernel 2.2/2.3 / Debian Linux 2.1 / RedHat Linux 6.0 / S.u.S.E. Linux 6.1 - IP Options Vulnerability
Linux kernel 2.0/2.1/2.2 - autofs Vulnerability
Linux Kernel 2.0 / 2.1 / 2.2 - autofs Vulnerability
QNAP Turbo NAS 3.6.1 Build 0302T Multiple Vulnerabilities
QNAP Turbo NAS 3.6.1 Build 0302T - Multiple Vulnerabilities
Linux kernel 2.0 - TCP Port DoS Vulnerability
Linux kernel 2.2 - ldd core Vulnerability
Linux Kernel 2.0 - TCP Port DoS Vulnerability
Linux Kernel 2.2 - ldd core Force Reboot Vulnerability
Linux kernel 2.0.33 - IP Fragment Overlap Vulnerability
Linux Kernel 2.0.33 - IP Fragment Overlap Vulnerability
Linux kernel 2.0/2.0.33 - i_count Overflow Vulnerability
Linux Kernel 2.0 / 2.0.33 - i_count Overflow Proof of Concept
IBM System Storage DS Storage Manager Profiler Multiple Vulnerabilities
IBM System Storage DS Storage Manager Profiler - Multiple Vulnerabilities
Linux kernel 2.0.37 - Segment Limit Vulnerability
Linux Kernel 2.0.37 - Segment Limit Local Root Vulnerability
BSD/OS <= 4.0_FreeBSD <= 3.2_Linux kernel <= 2.3_NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability
Linux Kernel <= 2.3_ BSD/OS <= 4.0_ FreeBSD <= 3.2_ NetBSD <= 1.4 - Shared Memory Denial of Service Vulnerability
Quinn _the Eskimo_ and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Vulnerability
Quinn 'the Eskimo' and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption Vulnerability
Fujitsu Chocoa 1.0 beta7R _Topic_ Buffer Overflow Vulnerability
Fujitsu Chocoa 1.0 beta7R - 'Topic' Buffer Overflow Vulnerability
Linux kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing Vulnerability
Linux Kernel 2.0.30/2.0.35/2.0.36/2.0.37 - Blind TCP Spoofing Vulnerability
Microsoft Internet Explorer 5.0 - ActiveX _Object for constructing type libraries for scriptlets_ Vulnerability
Microsoft Internet Explorer 5.0 - ActiveX 'Object for constructing type libraries for scriptlets' Vulnerability
Microsoft Internet Explorer 4.0/5.0 - ActiveX _Eyedog_ Vulnerability
Microsoft Internet Explorer 4.0/5.0 - ActiveX 'Eyedog' Vulnerability
Linux kernel 2.2 - Predictable TCP Initial Sequence Number Vulnerability
Linux Kernel 2.2 - Predictable TCP Initial Sequence Number Vulnerability
MediaHouse Software Statistics Server 4.28/5.1 - _Server ID_ Buffer Overflow Vulnerability
MediaHouse Software Statistics Server 4.28/5.1 - 'Server ID' Buffer Overflow Vulnerability
Tiki Wiki CMS Groupware <= 8.3 - _unserialize()_ PHP Code Execution
Tiki Wiki CMS Groupware <= 8.3 - 'unserialize()' PHP Code Execution
Debian 2.1_Linux kernel 2.0.x_RedHat 5.2 - Packet Length with Options Vulnerability
Debian 2.1_ Linux Kernel 2.0.x_ RedHat 5.2 - Packet Length with Options Vulnerability
Linux Kernel - fs/eventpoll.c Local Denial of Service
Linux Kernel <= 3.2.24 - fs/eventpoll.c Local Denial of Service
Netscape Enterprise Server _Novell Groupwise 5.2/5.5 GWWEB.EXE Multiple Vulnerabilities
Netscape Enterprise Server_ Novell Groupwise 5.2/5.5 GWWEB.EXE - Multiple Vulnerabilities
Netsweeper WebAdmin Portal Multiple Vulnerabilities
Netsweeper WebAdmin Portal - Multiple Vulnerabilities
Check Point Software Firewall-1 3.0/1 4.0_Cisco PIX Firewall 4.x/5.x _ALG_ Client Vulnerability
Check Point Software Firewall-1 3.0/1 4.0_Cisco PIX Firewall 4.x/5.x - 'ALG' Client Vulnerability
gpm 1.18.1/1.19_Debian 2.x_RedHat 6.x_S.u.S.E 5.3/6.x gpm Setgid Vulnerability
gpm 1.18.1/1.19_ Debian 2.x_ RedHat 6.x_ S.u.S.E 5.3/6.x gpm Setgid Vulnerability
Linux kernel 2.2.12/2.2.14/2.3.99_RedHat 6.x - Socket Denial of Service
Linux Kernel 2.2.12/2.2.14/2.3.99_ RedHat 6.x - Socket Denial of Service
Linux Kernel - Sendpage Local Privilege Escalation
Linux Kernel 2.4.4 <= 2.4.37.4 / 2.6.0 <= 2.6.30.4 - Sendpage Local Privilege Escalation (Metasploit)
kernel 2.2.x/2.4 .0-test1_SGI ProPack 1.2/1.3 - Capabilities Vulnerability (1)
kernel 2.2.x/2.4 .0-test1_SGI ProPack 1.2/1.3 - Capabilities Vulnerability (2)
Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1)
Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2)
Cart32 3.0 - _expdate_ Administrative Information Disclosure Vulnerability
Cart32 3.0 - 'expdate' Administrative Information Disclosure Vulnerability
DALnet Bahamut IRCd 4.6.5 - _SUMMON_ Buffer Overflow Vulnerability
DALnet Bahamut IRCd 4.6.5 - 'SUMMON' Buffer Overflow Vulnerability
BitchX IRC Client 75p1/75p3/1.0 c16 - _/INVITE_ Format String Vulnerability
BitchX IRC Client 75p1/75p3/1.0 c16 - '/INVITE' Format String Vulnerability
CVSWeb Developer CVSWeb 1.80 insecure perl _open_ Vulnerability
CVSWeb Developer CVSWeb 1.80 - Insecure perl 'open' Vulnerability
Microsoft IIS 5.0 - _Translate: f_ Source Disclosure Vulnerability (1)
Microsoft IIS 5.0 - _Translate: f_ Source Disclosure Vulnerability (2)
Microsoft IIS 5.0 - 'Translate: f' Source Disclosure Vulnerability (1)
Microsoft IIS 5.0 - 'Translate: f' Source Disclosure Vulnerability (2)
Solaris 2.6/7.0 - _eject_ Exploit for locale subsystem format string
Solaris 2.6/7.0 - 'eject' Exploit for locale subsystem format string
UoW Pine 4.0.4/4.10/4.21 - _From:_ Field Buffer Overflow Vulnerability
UoW Pine 4.0.4/4.10/4.21 - 'From:' Field Buffer Overflow Vulnerability
Microsoft Windows NT 4.0 / 2000 Predictable LPC Message Identifier Multiple Vulnerabilities
Microsoft Windows NT 4.0 / 2000 Predictable LPC Message Identifier - Multiple Vulnerabilities
Tickets CAD 2.20G Multiple Vulnerabilities
Tickets CAD 2.20G - Multiple Vulnerabilities
Cisco IOS 12 - Software _?/_ HTTP Request DoS Vulnerability
Cisco IOS 12 - Software '?/' HTTP Request DoS Vulnerability
Markus Triska CGIForum 1.0 - _thesection_ Directory Traversal Vulnerability
Markus Triska CGIForum 1.0 - 'thesection' Directory Traversal Vulnerability
Tunnelblick - Local Root Exploit
Tunnelblick - Local Root Exploit (1)
Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (1)
Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (2)
Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (3)
Windows 3.11/95/NT 4.0/NT 3.5.1 - _Out Of Band_ Data Denial of Service (4)
Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (1)
Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (2)
Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (3)
Windows 3.11/95/NT 4.0/NT 3.5.1 - 'Out Of Band' Data Denial of Service (4)
ReiserFS 3.5.28 Kernel - DoS (Possible Code Execution Vulnerability)
(Linux Kernel) ReiserFS 3.5.28 - DoS (Possible Code Execution)
Linux kernel 2.1.89/2.2.x - Zero-Length Fragment Vulnerability
Linux Kernel 2.1.89 / 2.2.x - Zero-Length Fragment Vulnerability
Linux sysctl() Kernel 2.2.x - Memory Reading Vulnerability
Linux Kernel 2.2.x - sysctl() Memory Reading Proof of Concept Vulnerability
IOServer _Root Directory_ Trailing Backslash Multiple Vulnerabilities
IOServer - ('Root Directory'/Trailing Backslash) Multiple Vulnerabilities
Linux kernel <= 2.2.18 - ptrace/execve Race Condition Vulnerability (1)
Linux kernel <= 2.2.18 - ptrace/execve Race Condition Vulnerability (2)
Linux Kernel <= 2.2.18 (RH 7.0 and RH 6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (1)
Linux Kernel <= 2.2.18 (RH 7.0 and RH 6.2 / 2.2.14 / 2.2.18 / 2.2.18ow4) - ptrace/execve Race Condition Local Root Vulnerability (2)
Linux kernel 2.4 - IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion
Linux Kernel 2.4 - IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion
Rit Research Labs _The Bat!_ 1.x - Missing Linefeeds DoS Vulnerability
Rit Research Labs 'The Bat!' 1.x - Missing Linefeeds DoS Vulnerability
Ad Manager Pro Multiple Vulnerabilities
Ad Manager Pro - Multiple Vulnerabilities
Linux kernel 2.2/2.4 - procfs Stream Redirection to Process Memory Vulnerability
Linux Kernel 2.2 / 2.4 - procfs Stream Redirection to Process Memory Local Root Vulnerability
HP-UX 11_Linux kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 - Small TCP MSS DoS
HP-UX 11_Linux Kernel 2.4_Windows 2000/NT 4.0_IRIX 6.5 - Small TCP MSS DoS
ID Software Quake 3 - _smurf attack_ Denial of Service Vulnerability
ID Software Quake 3 - 'smurf attack' Denial of Service Vulnerability
Linux kernel 2.2/2.4 - Deep Symbolic Link Denial of Service Vulnerability
Linux Kernel 2.2 / 2.4 - Deep Symbolic Link Denial of Service Vulnerability
Linux Kernel 2.2/2.4 - Ptrace/Setuid Exec Vulnerability
Linux Kernel 2.2 / 2.4 - Ptrace/Setuid Exec Local Root Vulnerability
Pinterest Clone Script Multiple Vulnerabilities
Pinterest Clone Script - Multiple Vulnerabilities
User-Mode Linux Kernel 2.4.17-8 - Memory Access Vulnerability
User-Mode Linux Kernel 2.4.17-8 - Memory Access Local Root Vulnerability
Sitecom MD-25x Multiple Vulnerabilities Reverse Root Shell Exploit
Sitecom MD-25x - Multiple Vulnerabilitie/ Reverse Root Shell Exploit
Ezylog Photovoltaic Management Server Multiple Vulnerabilities
Ezylog Photovoltaic Management Server - Multiple Vulnerabilities
Auxilium PetRatePro Multiple Vulnerabilities
Netsweeper WebAdmin Portal Multiple Vulnerabilities
Auxilium PetRatePro - Multiple Vulnerabilities
Netsweeper WebAdmin Portal - Multiple Vulnerabilities
Linux Kernel 2.2.x/2.3/2.4.x - d_path() Path Truncation Vulnerability
Linux Kernel 2.2.x / 2.3 / 2.4.x - d_path() Path Truncation PoC Vulnerability
Fortigate UTM WAF Appliance Multiple Vulnerabilities
Fortigate UTM WAF Appliance - Multiple Vulnerabilities
Working Resources BadBlue 1.7 EXT.DLL Cross-Site Scripting Vulnerability
Working Resources BadBlue 1.7 - EXT.DLL Cross-Site Scripting Vulnerability
Working Resources BadBlue 1.7.3 cleanSearchString() Cross-Site Scripting Vulnerability
Working Resources BadBlue 1.7.3 Get Request Denial of Service Vulnerability
Working Resources BadBlue 1.7.3 - cleanSearchString() Cross-Site Scripting Vulnerability
Working Resources BadBlue 1.7.3 - Get Request Denial of Service Vulnerability
Working Resources 1.7.3 BadBlue Null Byte File Disclosure Vulnerability
Working Resources 1.7.3 BadBlue - Null Byte File Disclosure Vulnerability
Working Resources 1.7.x BadBlue Administrative Interface Arbitrary File Access
Working Resources 1.7.x BadBlue - Administrative Interface Arbitrary File Access
Qualcomm Eudora 5 MIME Multipart Boundary Buffer Overflow Vulnerability
Qualcomm Eudora 5 - MIME Multipart Boundary Buffer Overflow Vulnerability
AFD 1.2.x Working Directory Local Buffer Overflow Vulnerabilities
AFD 1.2.x - Working Directory Local Buffer Overflow Vulnerabilities
Trillian 0.74 IRC PART Message Denial of Service Vulnerability
Trillian 0.74 - IRC PART Message Denial of Service Vulnerability
Linux Kernel 2.0.x/2.2.x/2.4.x_FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure
Linux Kernel 2.0.x/2.2.x/2.4.x / FreeBSD 4.x - Network Device Driver Frame Padding Information Disclosure
Linux Kernel 2.2.x/2.4.x - Privileged Process Hijacking Vulnerability (1)
Linux Kernel 2.2.x/2.4.x - Privileged Process Hijacking Vulnerability (2)
Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Vulnerability (1)
Linux Kernel 2.2.x / 2.4.x - Privileged Process Hijacking Vulnerability (2)
Invision Power Board <= 3.3.4 - _unserialize()_ PHP Code Execution
Invision Power Board <= 3.3.4 - 'unserialize()' PHP Code Execution
Linux kernel 2.2.x/2.4.x - I/O System Call File Existence Weakness
Linux Kernel 2.2.x / 2.4.x - I/O System Call File Existence Weakness
CheckPoint/Sofaware Firewall Multiple Vulnerabilities
CheckPoint/Sofaware Firewall - Multiple Vulnerabilities
Working Resources 1.7.x/2.15 BadBlue Ext.DLL Command Execution Vulnerability
Working Resources 1.7.x/2.15 BadBlue - Ext.DLL Command Execution Vulnerability
Working Resources BadBlue 1.7.x/2.x Unauthorized HTS Access Vulnerability
Working Resources BadBlue 1.7.x/2.x - Unauthorized HTS Access Vulnerability
Microsoft IIS 5 WebDAV - PROPFIND and SEARCH Method Denial of Service Vulnerability
MYRE Realty Manager Multiple Vulnerabilities
MYRE Realty Manager - Multiple Vulnerabilities
Myrephp Business Directory Multiple Vulnerabilities
MYREphp Vacation Rental Software Multiple Vulnerabilities
Myrephp Business Directory - Multiple Vulnerabilities
MYREphp Vacation Rental Software - Multiple Vulnerabilities
BabyGekko 1.2.2e Multiple Vulnerabilities
BabyGekko 1.2.2e - Multiple Vulnerabilities
Linux kernel 2.2./2.4.x - /proc Filesystem Potential Information Disclosure Vulnerability
Linux Kernel 2.2. / 2.4.x - /proc Filesystem Potential Information Disclosure Vulnerability
Linux Kernel 2.4 - execve() System Call Race Condition Vulnerability
Linux Kernel 2.4 - execve() System Call Race Condition PoC Vulnerability
Aardvark Topsites 4.1 PHP Multiple Vulnerabilities
Aardvark Topsites 4.1 PHP - Multiple Vulnerabilities
phpwcms <= 1.5.4.6 - _preg_replace_ - Multiple Vulnerabilities
phpwcms <= 1.5.4.6 - 'preg_replace' - Multiple Vulnerabilities
KAME Racoon _Initial Contact_ SA Deletion Vulnerability
lionmax software www file share pro 2.4x Multiple Vulnerabilities (1)
lionmax software www file share pro 2.4x Multiple Vulnerabilities (2)
KAME Racoon 'Initial Contact' SA Deletion Vulnerability
lionmax software www file share pro 2.4x - Multiple Vulnerabilities (1)
lionmax software www file share pro 2.4x - Multiple Vulnerabilities (2)
DUware Software Multiple Vulnerabilities
DUware Software - Multiple Vulnerabilities
Linux Kernel Samba 2.2.8 - Share Local Privilege Elevation Vulnerability
Linux Kernel Samba 2.2.8 (Debian/Mandrake) - Share Local Privilege Elevation Vulnerability
ASP Portal Multiple Vulnerabilities
ASP Portal - Multiple Vulnerabilities
Working Resources BadBlue Server 2.40 phptest.php Path Disclosure Vulnerability
Working Resources BadBlue Server 2.40 - phptest.php Path Disclosure Vulnerability
SpiderSales 2.0 Shopping Cart Multiple Vulnerabilities
SpiderSales 2.0 Shopping Cart - Multiple Vulnerabilities
WarpSpeed 4nAlbum Module 0.92 modules.php gid Parameter SQL Injection
WarpSpeed 4nAlbum Module 0.92 - modules.php gid Parameter SQL Injection
Astium VoIP PBX <= 2.1 build 25399 - Multiple Vulnerabilities Remote Root Exploit
Astium VoIP PBX <= 2.1 build 25399 - Multiple Vulnerabilities/Remote Root Exploit
Linux Kernel 2.4/2.6 - Sigqueue Blocking Denial of Service Vulnerability
Linux Kernel 2.4 / 2.6 - Sigqueue Blocking Denial of Service Vulnerability
phpBugTracker 0.9 user.php bugid Parameter XSS
phpBugTracker 0.9 - user.php bugid Parameter XSS
Linux Kernel 2.5.x/2.6.x - CPUFreq Proc Handler Integer Handling Vulnerability
Linux Kernel 2.5.x / 2.6.x - CPUFreq Proc Handler Integer Handling Vulnerability
e107 website system 0.6 - _email article to a friend_ Feature XSS
e107 website system 0.6 - 'email article to a friend' Feature XSS
Rlpr 2.0 msg() Function Multiple Vulnerabilities
Rlpr 2.0 msg() Function - Multiple Vulnerabilities
Mozilla Browser 0.9/1.x Cache File Multiple Vulnerabilities
Mozilla Browser 0.9/1.x Cache File - Multiple Vulnerabilities
SCO Multi-channel Memorandum Distribution Facility Multiple Vulnerabilities
SCO Multi-channel Memorandum Distribution Facility - Multiple Vulnerabilities
Working Resources BadBlue 1.7.x/2.x Unauthorized Proxy Relay Vulnerability
Working Resources BadBlue 1.7.x/2.x - Unauthorized Proxy Relay Vulnerability
Netgear SPH200D Multiple Vulnerabilities
Netgear SPH200D - Multiple Vulnerabilities
Fortinet FortiMail 400 IBE Multiple Vulnerabilities
Fortinet FortiMail 400 IBE - Multiple Vulnerabilities
Cisco Unity Express Multiple Vulnerabilities
Cisco Unity Express - Multiple Vulnerabilities
Linux Kernel - /dev/ptmx Key Stroke Timing Local Disclosure
Linux Kernel <= 2.6.32-5 (Debian 6.0.5) - /dev/ptmx Key Stroke Timing Local Disclosure
SAP Netweaver Message Server Multiple Vulnerabilities
SAP Netweaver Message Server - Multiple Vulnerabilities
Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Vulnerability
Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Remote PoC Vulnerability
Microsoft Internet Explorer 6.0_ Firefox 0.x_Netscape 7.x - IMG Tag Multiple Vulnerabilities
Microsoft Internet Explorer 6.0_ Firefox 0.x_Netscape 7.x - IMG Tag - Multiple Vulnerabilities
Ubuntu 12.10 - (64-Bit) sock_diag_handlers - Local Root Exploit
Linux Kernel <= 3.7.10 (Ubuntu 12.10) (64-Bit) - sock_diag_handlers Local Root Exploit
event calendar Multiple Vulnerabilities
event calendar - Multiple Vulnerabilities
opera Web browser 7.54 java implementation Multiple Vulnerabilities (1)
opera Web browser 7.54 java implementation Multiple Vulnerabilities (2)
opera Web browser 7.54 java implementation Multiple Vulnerabilities (3)
opera Web browser 7.54 java implementation Multiple Vulnerabilities (4)
opera Web browser 7.54 java implementation - Multiple Vulnerabilities (1)
opera Web browser 7.54 java implementation - Multiple Vulnerabilities (2)
opera Web browser 7.54 java implementation - Multiple Vulnerabilities (3)
opera Web browser 7.54 java implementation - Multiple Vulnerabilities (4)
ca3de Multiple Vulnerabilities
ca3de - Multiple Vulnerabilities
Vivotek IP Cameras Multiple Vulnerabilities
Vivotek IP Cameras - Multiple Vulnerabilities
Working Resources BadBlue 2.55 MFCISAPICommand Remote Buffer Overflow Vulnerability (1)
Working Resources BadBlue 2.55 MFCISAPICommand Remote Buffer Overflow Vulnerability (2)
Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow Vulnerability (1)
Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow Vulnerability (2)
Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Vulnerability (1)
Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Vulnerability (2)
Linux Kernel 2.6.x - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (1)
Linux Kernel 2.6.x / <= 2.6.9 / <= 2.6.11 (RHEL4) - SYS_EPoll_Wait Local Integer Overflow Local Root Vulnerability (2)
Linux Kernel 2.4.x/2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities
Linux Kernel 2.4.x / 2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities
Icecast 2.x - XSL Parser Multiple Vulnerabilities
Icecast 2.x - XSL Parser - Multiple Vulnerabilities
Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (1)
Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (2)
Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (3)
Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability (4)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index PoC Vulnerability (1)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (2)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (3)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (4)
Linux Kernel 2.6.37 <= 3.x.x - PERF_EVENTS Local Root Exploit
Linux Kernel 2.6.37 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit
MetaCart2 IntCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 StrSubCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 CurCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 - IntCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 - StrSubCatalogID Parameter Remote SQL Injection Vulnerability
MetaCart2 - CurCatalogID Parameter Remote SQL Injection Vulnerability
neteyes nexusway border gateway Multiple Vulnerabilities
neteyes nexusway border gateway - Multiple Vulnerabilities
McAfee IntruShield Security Management System Multiple Vulnerabilities
McAfee IntruShield Security Management System - Multiple Vulnerabilities
Gaim AIM/ICQ Protocols Multiple Vulnerabilities
Gaim AIM/ICQ Protocols - Multiple Vulnerabilities
bfcommand & control server 1.22/2.0/2.14 manager Multiple Vulnerabilities
bfcommand & control server 1.22/2.0/2.14 manager - Multiple Vulnerabilities
Linux Kernel <= 2.6 - Console Keymap Local Command Injection Vulnerability
Linux Kernel <= 2.6 - Console Keymap Local Command Injection PoC
QuickPayPro 3.1 subscribers.tracking.edit.php subtrackingid Parameter SQL Injection
QuickPayPro 3.1 - subscribers.tracking.edit.php subtrackingid Parameter SQL Injection
QuickPayPro 3.1 tracking.details.php trackingid Parameter SQL Injection
QuickPayPro 3.1 - tracking.details.php trackingid Parameter SQL Injection
oracle application server discussion forum portlet Multiple Vulnerabilities
oracle application server discussion forum portlet - Multiple Vulnerabilities
Linux Kernel - 'MSR' Driver Local Privilege Escalation
Linux Kernel (Redhat) (32bit/64bit) - 'MSR' Driver Local Privilege Escalation
Linux Kernel 2.4.x/2.5.x/2.6.x - Ssockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities
Linux Kernel 2.4.x/2.5.x/2.6.x - Sockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities
Apache James 2.2 SMTP Denial of Service Vulnerability
Apache James 2.2 - SMTP Denial of Service Vulnerability
Linux Kernel - NFS and EXT3 Combination Remote Denial of Service Vulnerability
Linux Kernel 2.6.x (<= 2.6.17.7) - NFS and EXT3 Combination Remote Denial of Service Vulnerability
Microsoft windows xp/2000/2003 help Multiple Vulnerabilities
Microsoft Windows XP/2000/2003 help - Multiple Vulnerabilities
ArticleSetup Multiple Vulnerabilities
ArticleSetup - Multiple Vulnerabilities
PhotoStore details.php gid Parameter XSS
PhotoStore view_photog.php photogid Parameter XSS
PhotoStore details.php - gid Parameter XSS
PhotoStore view_photog.php - photogid Parameter XSS
MailEnable 2.x SMTP NTLM Authentication Multiple Vulnerabilities
MailEnable 2.x - SMTP NTLM Authentication - Multiple Vulnerabilities
BlooMooWeb 1.0.9 - ActiveX Control Multiple Vulnerabilities
BlooMooWeb 1.0.9 - ActiveX Control - Multiple Vulnerabilities
Simplog 0.9.3 BlogID Parameter Multiple SQL Injection Vulnerabilities
Simplog 0.9.3 BlogID Parameter - Multiple SQL Injection Vulnerabilities
Oracle January 2007 Security Update Multiple Vulnerabilities
Oracle January 2007 Security Update - Multiple Vulnerabilities
Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference Vulnerability
Linux Kernel 2.6.x - IPv6_SockGlue.c NULL Pointer Dereference DoS Vulnerability
E-Xoops 1.0.5/1.0.8 modules/arcade/index.php gid Parameter SQL Injection
E-Xoops 1.0.5/1.0.8 modules/arcade/index.php gid Parameter - SQL Injection
LANAI CMS 1.2.14 GALLERY Module gid Parameter SQL Injection
LANAI CMS 1.2.14 GALLERY Module - gid Parameter SQL Injection
OpenBase 10.0.x - Multiple Vulnerabilities (Buffer Overflow & Remote Command Execution)
OpenBase 10.0.x - (Buffer Overflow & Remote Command Execution) Multiple Vulnerabilities
ZyXEL P-330W Multiple Vulnerabilities
ZyXEL P-330W - Multiple Vulnerabilities
WinComLPD Total 3.0.2.623 - Multiple Vulnerabilities (Buffer Overflow and Authentication Bypass)
WinComLPD Total 3.0.2.623 - (Buffer Overflow and Authentication Bypass) Multiple Vulnerabilities
Zilab Chat and Instant Messaging (ZIM) 2.0/2.1 - Server Multiple Vulnerabilities
Zilab Chat and Instant Messaging (ZIM) 2.0/2.1 Server - Multiple Vulnerabilities
Linux Kernel 3.4 < 3.13.2 - Arbitrary write with CONFIG_X86_X32
Linux Kernel 3.4 < 3.13.2 - Local Root (CONFIG_X86_X32=y)
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - Arbitrary Write with CONFIG_X86_X32 Exploit
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - Local Root (CONFIG_X86_X32=y)
IBM solidDB 6.0.10 - Multiple Vulnerabilities (Format String and Denial of Service)
IBM solidDB 6.0.10 - (Format String and Denial of Service) Multiple Vulnerabilities
Linux Kernel < 3.4.5 - Local Root Exploit (ARM - Android 4.2.2 / 4.4)
Linux Kernel < 3.4.5 (ARM - Android 4.2.2 / 4.4) - Local Root Exploit
Catia V5-6R2013 - _CATV5_AllApplications_ - Stack Buffer Overflow
Catia V5-6R2013 - 'CATV5_AllApplications' - Stack Buffer Overflow
Catia V5-6R2013 - _CATV5_Backbone_Bus_ - Stack Buffer Overflow
Catia V5-6R2013 - 'CATV5_Backbone_Bus' - Stack Buffer Overflow
Linux Kernel - utrace and ptrace Local Denial of Service Vulnerability (1)
Linux Kernel - utrace and ptrace Local Denial of Service Vulnerability (2)
Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service Vulnerability (1)
Linux Kernel 2.6.9 <= 2.6.25 (RHEL 4) - utrace and ptrace Local Denial of Service Vulnerability (2)
EasyE-Cards 3.10 - Multiple Vulnerabilities (SQL Injection and Cross-Site Scripting)
EasyE-Cards 3.10 - (SQL Injection and Cross-Site Scripting) Multiple Vulnerabilities
Jamroom <= 3.3.8 - Multiple Vulnerabilities (Cookie Authentication Bypass and Unspecified Security Issues)
Jamroom <= 3.3.8 - (Cookie Authentication Bypass and Unspecified Security Issues) Multiple Vulnerabilities
LuxCal 3.2.2 - Multiple Vulnerabilities (CSRF/Blind SQL Injection)
LuxCal 3.2.2 - (CSRF/Blind SQL Injection) Multiple Vulnerabilities
Linux Kernel 2.6.x - Cloned Process 'CLONE_PARENT' Local Origin Validation Weakness
PG Roommate Finder Solution quick_search.php part Parameter XSS
PG Roommate Finder Solution viewprofile.php part Parameter XSS
PG Roommate Finder Solution - quick_search.php part Parameter XSS
PG Roommate Finder Solution - viewprofile.php part Parameter XSS
Linux Kernel 2.6.31 - 'perf_counter_open()' Local Buffer Overflow Vulnerability
e107 0.7.x - Multiple Vulnerabilities ('CAPTCHA' Security Bypass and Cross-Site Scripting)
e107 0.7.x - ('CAPTCHA' Security Bypass and Cross-Site Scripting) Multiple Vulnerabilities
IBM Rational RequisitePro 7.10 ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp operation Parameter XSS
IBM Rational RequisitePro 7.10 - ReqWeb Help Feature ReqWebHelp/advanced/workingSet.jsp operation Parameter XSS
Linux Kernel 2.6.x - 'pipe.c' Local Privilege Escalation Vulnerability (1)
Linux Kernel 2.6.x - pipe.c Local Privilege Escalation Vulnerability (2)
Linux Kernel 2.6.x (2.6.0 <= 2.6.31) - 'pipe.c' Local Privilege Escalation Vulnerability (1)
Linux Kernel 2.6.x - 'pipe.c' Local Privilege Escalation Vulnerability (2)
Linux Kernel 3.3 < 3.8 - SOCK_DIAG Local Root Exploit
Linux Kernel 3.3 < 3.8 (Ubuntu/Fedora 18) - SOCK_DIAG Local Root Exploit
Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation
Linux Kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation
Ubuntu 12.04.0-2LTS x64 - perf_swevent_init Kernel Local Root Exploit
Linux Kernel <= 3.2.0-23 / <= 3.5.0-23 (Ubuntu 12.04.(0_1_2) x64) - perf_swevent_init Local Root Exploit
Linux Kernel - 'find_keyring_by_name()' Local Memory Corruption Vulnerability
Linux Kernel <= 2.6.34 - 'find_keyring_by_name()' Local Memory Corruption Vulnerability
Linux Kernel - ptrace/sysret - Local Privilege Escalation
Linux Kernel < 3.2.0-23 (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation
Trend Micro InterScan Web Security Virtual Appliance Multiple Vulnerabilities
Trend Micro InterScan Web Security Virtual Appliance - Multiple Vulnerabilities
OpenLDAP 2.4.22 - 'modrdn' Request Multiple Vulnerabilities
OpenLDAP 2.4.22 - ('modrdn' Request) Multiple Vulnerabilities
ServletExec - Multiple Vulnerabilities (Directory Traversal and Authentication-Bypass)
ServletExec - (Directory Traversal and Authentication-Bypass) Multiple Vulnerabilities
Creative Contact Form - Arbitrary File Upload
Creative Contact Form 0.9.7 - Arbitrary File Upload
Aireplay-ng 1.2 beta3 - _tcp_test_ Length Parameter Stack Overflow
Aireplay-ng 1.2 beta3 - 'tcp_test' Length Parameter Stack Overflow
Windows OLE - Remote Code Execution _Sandworm_ Exploit (MS14-060)
Windows OLE - Remote Code Execution 'Sandworm' Exploit (MS14-060)
Drupal Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam Multiple Vulnerabilities
Drupal Embedded Media Field/Media 6.x : Video Flotsam/Media: Audio Flotsam - Multiple Vulnerabilities
CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities
CBN CH6640E/CG6640E Wireless Gateway Series - Multiple Vulnerabilities
Xerox Multifunction Printers (MFP) _Patch_ DLM Vulnerability
Xerox Multifunction Printers (MFP) 'Patch' DLM Vulnerability
Linux Kernel <= 2.6.39 (32-bit & 64-bit) - Mempodipper Local Root (2)
Linux Kernel 2.6.39 <= 3.2.2 (32-bit & 64-bit) - Mempodipper Local Root (2)
Newv SmartClient 1.1.0 - 'NewvCommon.ocx' ActiveX Control Multiple Vulnerabilities
Newv SmartClient 1.1.0 - 'NewvCommon.ocx' ActiveX Control - Multiple Vulnerabilities
Eclipse 3.3.2 IDE Help Server help/advanced/workingSetManager.jsp workingSet Parameter XSS
Eclipse 3.3.2 IDE - Help Server help/advanced/workingSetManager.jsp workingSet Parameter XSS
Linux Kernel - libfutex - Local Root for RHEL/CentOS 7.0.1406
Linux Kernel <= 3.14.5 (RHEL/CentOS 7) - libfutex Local Root
RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 - ActiveX Control Multiple Vulnerabilities
RealNetworks GameHouse 'InstallerDlg.dll' 2.6.0.445 ActiveX Control - Multiple Vulnerabilities
OS X networkd _effective_audit_token_ XPC Type Confusion Sandbox Escape
OS X networkd - 'effective_audit_token' XPC Type Confusion Sandbox Escape
Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow Vulnerability
Linux Kernel 2.6.26 - Auerswald USB Device Driver Buffer Overflow Proof of Concept
AJ Classifieds 'listingid' Parameter SQL Injection Vulnerability
AJ Classifieds 'listingid' Parameter - SQL Injection Vulnerability
BlueSoft Social Networking CMS SQL Injection Vulnerability
BlueSoft Social Networking CMS - SQL Injection Vulnerability
Linux Kernel IRET Instruction #SS Fault Handling - Crash PoC
Linux Kernel PPP-over-L2TP Socket Level Handling - Crash PoC
Linux Kernel Associative Array Garbage Collection - Crash PoC
Linux Kernel <= 3.17.5 - IRET Instruction #SS Fault Handling Crash PoC
Linux Kernel <= 3.15.6 - PPP-over-L2TP Socket Level Handling Crash PoC
Linux Kernel <= 3.16.3 - Associative Array Garbage Collection Crash PoC
Linux Kernel - Network Namespace Remote Denial of Service Vulnerability
Linux Kernel <= 2.6.35 - Network Namespace Remote Denial of Service Vulnerability
Kayako SupportSuite 3.x Multiple Vulnerabilities
Kayako SupportSuite 3.x - Multiple Vulnerabilities
Linux Kernel splice() System Call - Local DoS
Linux Kernel <= 3.13 / <= 3.14 (Ubuntu) - splice() System Call Local DoS
Mac OS X - _Rootpipe_ Privilege Escalation
Mac OS X - 'Rootpipe' Privilege Escalation
Apport - Local Linux Root
Apport 2.14.1 (Ubuntu 14.04.2) - Linux Local Root Exploit
SixApart MovableType Storable Perl Code Execution
SixApart MovableType - Storable Perl Code Execution
WordPress TagGator 'tagid' Parameter SQL Injection Vulnerability
WordPress TagGator 'tagid' Parameter - SQL Injection Vulnerability
JSPMyAdmin 1.1 Multiple Vulnerabilities
JSPMyAdmin 1.1 - Multiple Vulnerabilities
WordPress NewStatPress Plugin 0.9.8 Multiple Vulnerabilities
WordPress Landing Pages Plugin 1.8.4 Multiple Vulnerabilities
WordPress NewStatPress Plugin 0.9.8 - Multiple Vulnerabilities
WordPress Landing Pages Plugin 1.8.4 - Multiple Vulnerabilities
ESC 8832 Data Controller Multiple Vulnerabilities
ESC 8832 Data Controller - Multiple Vulnerabilities
ZTE AC 3633R USB Modem Multiple Vulnerabilities
ZTE AC 3633R USB Modem - Multiple Vulnerabilities
OSSEC 2.7 <= 2.8.1 - _diff_ Command Local Root Escalation
OSSEC 2.7 <= 2.8.1 - 'diff' Command Local Root Escalation
Ubuntu 12.04_ 14.04_ 14.10_ 15.04 - overlayfs Local Root (Shell)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shell)
Ubuntu 12.04_ 14.04_ 14.10_ 15.04 - overlayfs Local Root (Shadow File)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shadow File)
OSSEC WUI 0.8 - Denial of Service
Adobe Flash Use-After-Free in Drawing Methods _this_
Adobe Flash - Use-After-Free in Drawing Methods 'this'
Kaspersky Antivirus _Yoda's Protector_ Unpacking Memory Corruption
Kaspersky Antivirus - Yoda's Protector Unpacking Memory Corruption
Kallithea 0.2.9 (came_from) HTTP Response Splitting Vulnerability
Kallithea 0.2.9 - (came_from) HTTP Response Splitting Vulnerability
Linux/MIPS Kernel NetUSB - Remote Code Execution Exploit
Linux/MIPS Kernel 2.6.36 NetUSB - Remote Code Execution Exploit
Linux Kernel <= 3.2.1 - Tracing Mutiple Local Denial of Service Vulnerabilities
Cisco Linksys WRT310N Router Multiple Denial of Service Vulnerabilities
Cisco Linksys WRT310N Router - Multiple Denial of Service Vulnerabilities
WordPress WP Private Messages Plugin 'msgid' Parameter SQL Injection Vulnerability
WordPress WP Private Messages Plugin - 'msgid' Parameter SQL Injection Vulnerability
Microsoft Windows Media Center Library Parsing RCE Vulnerability aka _self-executing_ MCL File
Microsoft Windows Media Center Library - Parsing RCE Vulnerability aka 'self-executing' MCL File
MyBB 'misc.php' Remote Denial of Service Vulnerability
MyBB 1.6.12 - 'misc.php' Remote Denial of Service Vulnerability
WHMCS 'cart.php' Denial of Service Vulnerability
phpBB <= 3.0.8 Remote Denial of Service Vulnerability
WHMCS 5.12 - 'cart.php' Denial of Service Vulnerability
phpBB <= 3.0.8 - Remote Denial of Service Vulnerability
Ubuntu 14.04 LTS_ 15.10 - overlayfs Local Root Exploit
Linux Kernel <=4.3.3 (Ubuntu 14.04_ 15.10) - overlayfs Local Root Exploit
Linux Kernel overlayfs - Local Privilege Escalation
Linux Kernel <= 4.3.3 overlayfs - Local Privilege Escalation
Inductive Automation Ignition 7.8.1 Remote Leakage Of Shared Buffers
Inductive Automation Ignition 7.8.1 - Remote Leakage Of Shared Buffers
Linux Kernel - REFCOUNT Overflow/Use-After-Free in Keyrings
Linux Kernel <= 4.4.1 - REFCOUNT Overflow/Use-After-Free in Keyrings
Linux Kernel - prima WLAN Driver Heap Overflow
Linux Kernel <= 3.x / <= 4.x - prima WLAN Driver Heap Overflow
Multiple Aztech Routers '/cgi-bin/AZ_Retrain.cgi' Denial of Service Vulnerability
Multiple Aztech Routers - '/cgi-bin/AZ_Retrain.cgi' Denial of Service Vulnerability
WordPress Wordfence Security Plugin Multiple Vulnerabilities
WordPress Wordfence Security Plugin - Multiple Vulnerabilities
STIMS Buffer - Buffer Overflow SEH - DoS
STIMS Cutter - Buffer Overflow DoS
STIMS Buffer 1.1.20 - Buffer Overflow SEH (DoS)
STIMS Cutter 1.1.3.20 - Buffer Overflow DoS
Linux Kernel - digi_acceleport Nullpointer Dereference
Linux Kernel - Wacom Multiple Nullpointer Dereferences
Linux Kernel - visor (treo_attach) Nullpointer Dereference
Linux Kernel - visor clie_5_attach Nullpointer Dereference
Linux Kernel - cypress_m8 Nullpointer Dereference
Linux Kernel - mct_u232 Nullpointer Dereference
Linux Kernel - cdc_acm Nullpointer Dereference
Linux Kernel - aiptek Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - digi_acceleport Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - Wacom Multiple Nullpointer Dereferences
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - visor (treo_attach) Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - visor clie_5_attach Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - cypress_m8 Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - mct_u232 Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - cdc_acm Nullpointer Dereference
Linux Kernel <= 3.10.0 (CentOS / RHEL 7.1) - aiptek Nullpointer Dereference
RHEL 7.1 Kernel - snd-usb-audio Crash PoC
RHEL 7.1 Kernel - iowarrior driver Crash PoC
RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - snd-usb-audio Crash PoC
RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - iowarrior driver Crash PoC
LShell <= 0.9.15 - Remote Code Execution
LShell <= 0.9.15 - Remote Code Execution
Exim _perl_startup_ Privilege Escalation
Exim - 'perl_startup' Privilege Escalation
NetCommWireless HSPA 3G10WVE Wireless Router – Multiple Vulnerabilities
NetCommWireless HSPA 3G10WVE Wireless Router - Multiple Vulnerabilities
Linux Kernel 4.4.x (Ubuntu 16.04) - Use-After-Free via double-fdput() in bpf(BPF_PROG_LOAD) Error Path Local Root Exploit
Linux Kernel 4.4.x (Ubuntu 16.04) - double-fdput() in bpf(BPF_PROG_LOAD) Local Root Exploit
i.FTP 2.21 - Host Address / URL Field SEH Exploit
All Windows Null-Free Shellcode - Functional Keylogger to File - 601 (0x0259) bytes
MediaInfo 0.7.61 - Crash PoC
Ipswitch WS_FTP LE 12.3 - Search field SEH Overwrite POC
Core FTP Server 32-bit Build 587 - Heap Overflow
Multiple JVC HDRs and Net Cameras - Multiple Vulnerabilities
Adobe Reader DC 15.010.20060 - Memory Corruption
Nfdump Nfcapd 1.6.14 - Multiple Vulnerabilities
2016-05-11 05:03:54 +00:00
Offensive Security
5a82bad23d
DB: 2016-05-05
...
14 new exploits
Alibaba Clone B2B Script - Admin Authentication Bypass
CMS Made Simple < 2.1.3 & < 1.12.1 - Web Server Cache Poisoning
Acunetix WP Security Plugin 3.0.3 - XSS
NetCommWireless HSPA 3G10WVE Wireless Router – Multiple Vulnerabilities
TRN Threaded USENET News Reader 3.6-23 - Local Stack-Based Overflow
IPFire < 2.19 Core Update 101 - Remote Command Execution
PHP Imagick 3.3.0 - disable_functions Bypass
ImageMagick < 6.9.3-9 - Multiple Vulnerabilities
OpenSSL Padding Oracle in AES-NI CBC MAC Check
Zabbix Agent 3.0.1 - mysql.size Shell Command Injection
McAfee LiveSafe 14.0 - Relocations Processing Memory Corruption
Linux (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow)
Linux Kernel 4.4.x (Ubuntu 16.04) - Use-After-Free via double-fdput() in bpf(BPF_PROG_LOAD) Error Path Local Root Exploit
Linux (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps
2016-05-05 05:04:38 +00:00
Offensive Security
7472667089
DB: 2016-04-30
...
9 new exploits
Linux x86 Reverse TCP Shellcode (ipv6)
Observium 0.16.7533 - Cross Site Request Forgery
Observium 0.16.7533 - Authenticated Arbitrary Command Execution
Merit Lilin IP Cameras - Multiple Vulnerabilities
Rough Auditing Tool for Security (RATS) 2.3 - Array Out of Block Crash
Wireshark - dissect_2008_16_security_4 Stack-Based Buffer Overflow
Wireshark - alloc_address_wmem Assertion Failure
Wireshark - ett_zbee_zcl_pwr_prof_enphases Static Out-of-Bounds Read
GLPi 0.90.2 - SQL Injection
2016-04-30 05:01:53 +00:00
Offensive Security
39fe341c5b
DB: 2016-04-26
...
9 new exploits
Totemomail 4.x and 5.x - Persistent XSS
C/C++ Offline Compiler and C For OS - Persistent XSS
Gemtek CPE7000 - WLTCS-106 Administrator SID Retriever (MSF)
Gemtek CPE7000 - WLTCS-106 sysconf.cgi Unauthenticated Remote Command Execution (MSF)
CompuSource Systems - Real Time Home Banking - Local Privilege Escalation
Linux x64 - Bind Shell Shellcode Generator
PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow (MSF)
NationBuilder Multiple Stored XSS Vulnerabilities
Rough Auditing Tool for Security (RATS) 2.3 - Crash PoC
2016-04-26 05:03:34 +00:00
Offensive Security
1f79ff2236
DB: 2016-04-09
...
3 new exploits
WordPress Freshmail - Unauthenticated SQL Injection
WordPress Plugin Freshmail 1.5.8 - Unauthenticated SQL Injection
Express Zip <= 2.40 - Path Traversal
Apple Intel HD 3000 Graphics driver 10.0.0 - Local Privilege Escalation
op5 7.1.9 - Remote Command Execution
2016-04-09 05:02:52 +00:00
Offensive Security