Commit graph

5 commits

Author SHA1 Message Date
Offensive Security
d304cc3d3e DB: 2017-11-24
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00
Offensive Security
4b39f0d26d DB: 2017-11-16
23 new exploits

VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (1)
VideoLAN VLC Media Player 0.8.6a - Denial of Service (1)

Microsoft Windows Explorer - '.AVI' Unspecified Denial of Service
Microsoft Windows Explorer - '.AVI' File Denial of Service

Microsoft Windows Explorer - Unspecified '.ANI' File Denial of Service
Microsoft Windows Explorer - '.ANI' File Denial of Service

Microsoft Windows Explorer - Unspecified '.doc' File Denial of Service
Microsoft Windows Explorer - '.doc' File Denial of Service

CDBurnerXP 4.2.4.1351 - Local Crash (Denial of Service)

Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Unspecified Vulnerabilities
Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Multiple Vulnerabilities

iPhone / iTouch FtpDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service
iPhone / iTouch FtpDisc 1.0 - Buffer Overflow / Denial of Service

Aladdin eToken PKI Client 4.5 - Virtual File Handling Unspecified Memory Corruption (PoC)
Aladdin eToken PKI Client 4.5 - Virtual File Handling Memory Corruption (PoC)

Webby WebServer - SEH Control (PoC)
Webby WebServer - Overflow (SEH) (PoC)

Quick 'n Easy FTP Server Lite 3.1 - Exploit
Quick 'n Easy FTP Server Lite 3.1 - Denial of Service

Subtitle Translation Wizard 3.0.0 - Exploit (SEH) (PoC)
Subtitle Translation Wizard 3.0.0 - Overflow (SEH) (PoC)

FFDshow - SEH Exception Leading to Null Pointer on Read
FFDshow - Overflow (SEH) Exception Leading to Null Pointer on Read

Microsoft Internet Explorer - MSHTML Findtext Processing Issue
Microsoft Internet Explorer - MSHTML Findtext Processing Exploit

Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption
Oreans WinLicense 2.1.8.0 - XML File Handling Memory Corruption
Debian suidmanager 0.18 - Exploit
AMD K6 Processor - Exploit
Apple Personal Web Sharing 1.1 - Remote Denial of Service
AMD K6 Processor - Denial of Service

Sun Solaris 7.0 - 'procfs' Denial of Service

S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - identd Denial of Service
S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - 'identd' Denial of Service

Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - rpc.lockd Remote Denial of Service
Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - 'rpc.lockd' Remote Denial of Service

D-Link DIR605L - Denial of Service

RedHat Linux 6.1 i386 - Tmpwatch Recursive Write Denial of Service

(Linux Kernel) ReiserFS 3.5.28 - Code Execution / Denial of Service
ReiserFS 3.5.28 (Linux Kernel) - Code Execution / Denial of Service

IBM AIX 4.3.3/5.1/5.2 libIM - Buffer Overflow
IBM AIX 4.3.3/5.1/5.2 - 'libIM' Buffer Overflow

xfstt 1.2/1.4 - Unspecified Memory Disclosure
xfstt 1.2/1.4 - Memory Disclosure

ViRobot Linux Server 2.0 - Exploit

Linux Kernel 2.4.x/2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities
Linux Kernel 2.4.x/2.6.x - Multiple ISO9660 Filesystem Handling Vulnerabilities

IBM AIX 5.x - Invscout Local Buffer Overflow
IBM AIX 5.x - 'Invscout' Local Buffer Overflow

Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Unspecified Buffer Overflow
Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Buffer Overflow

Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption (MS06-012)
Microsoft Excel 95/97/2000/2002/2003/2004 - Memory Corruption (MS06-012)

IBM Tivoli Directory Server 6.0 - Unspecified LDAP Memory Corruption
IBM Tivoli Directory Server 6.0 - LDAP Memory Corruption

Quake 3 Engine - CL_ParseDownload Remote Buffer Overflow
Quake 3 Engine - 'CL_ParseDownload' Remote Buffer Overflow

Zabbix 1.1.2 - Multiple Unspecified Remote Code Execution Vulnerabilities
Zabbix 1.1.2 - Multiple Remote Code Execution Vulnerabilities

VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (2)
VideoLAN VLC Media Player 0.8.6a - Denial of Service (2)

Sun Solaris 10 - ICMP Unspecified Remote Denial of Service
Sun Solaris 10 - ICMP Remote Denial of Service

Mozilla Firefox 2.0.0.2 - Unspecified GIF Handling Denial of Service
Mozilla Firefox 2.0.0.2 - '.GIF' Handling Denial of Service

Progress WebSpeed 3.0/3.1 - Denial of Service

GStreamer 0.10.15 - Multiple Unspecified Remote Denial of Service Vulnerabilities
GStreamer 0.10.15 - Multiple Remote Denial of Service Vulnerabilities
Wireshark 0.99.8 - X.509sat Dissector Unspecified Denial of Service
Wireshark 0.99.8 - LDAP Dissector Unspecified Denial of Service
Wireshark 0.99.8 - SCCP Dissector Decode As Feature Unspecified Denial of Service
Wireshark 0.99.8 - X.509sat Dissector Denial of Service
Wireshark 0.99.8 - LDAP Dissector Denial of Service
Wireshark 0.99.8 - SCCP Dissector Decode As Feature Denial of Service
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (1)
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (2)
Nokia Lotus Notes Connector - 'lnresobject.dll' Unspecified Remote Denial of Service
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (1)
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (2)
Nokia Lotus Notes Connector - 'lnresobject.dll' Remote Denial of Service
Wireshark 1.2.1 - OpcUa Dissector Unspecified Resource Exhaustion (Denial of Service)
Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Unspecified Remote Denial of Service
Wireshark 1.2.1 - GSM A RR Dissector packet.c Unspecified Remote Denial of Service
Wireshark 1.2.1 - OpcUa Dissector Resource Exhaustion (Denial of Service)
Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Remote Denial of Service
Wireshark 1.2.1 - GSM A RR Dissector packet.c Remote Denial of Service

Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities
Opera Web Browser < 11.60 - Denial of Service / Multiple Vulnerabilities

SmallFTPd - Unspecified Denial of Service
SmallFTPd - Denial of Service

Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Exploitable Kernel NULL Dereference
Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Kernel NULL Dereference

Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference
Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Kernel NULL Dereference

Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference
Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient NULL Dereference
Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF CREATECOLORSPACEW' Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple 'EMF CREATECOLORSPACEW' Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055)

Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Apple Mac OSX Kernel - Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleMuxControl.kext
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl
Apple Mac OSX Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource
Apple Mac OSX Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in IOAudioEngine
Apple Mac OSX Kernel - Null Pointer Dereference in AppleMuxControl.kext
Apple Mac OSX Kernel - Null Pointer Dereference in AppleGraphicsDeviceControl
Apple Mac OSX Kernel - NULL Dereference in IOAccelSharedUserClient2::page_off_resource
Apple Mac OSX Kernel - NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
Apple Mac OSX Kernel - Null Pointer Dereference in IOAudioEngine

Apple OS X/iOS - mach_ports_register Multiple Memory Safety Issues
Apple OS X/iOS - 'mach_ports_register' Multiple Memory Safety Exploits

Linux Kernel 3.10.0-327/4.8.0-22 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference
Linux Kernel 4.8.0-22/3.10.0-327 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference

Microsoft MsMpEng - Remotely Exploitable Use-After-Free due to Design Issue in GC Engine
Microsoft MsMpEng - Remote Use-After-Free Due to Design Issue in GC Engine

Microsoft Windows Kernel - 'win32k.sys' Multiple Issues 'NtGdiGetDIBitsInternal' System Call
Microsoft Windows Kernel - 'win32k.sys' Multiple 'NtGdiGetDIBitsInternal' System Call

Mandrake Linux 8.2 /usr/mail - Local Exploit
Mandrake Linux 8.2 - '/usr/mail' Local Exploit

RedHat 6.2 /sbin/restore - Exploit
RedHat 6.2 - '/sbin/restore' Privilege Escalation

dump 0.4b15 (RedHat 6.2) - Exploit
dump 0.4b15 (RedHat 6.2) - Privilege Escalation
xsoldier 0.96 (RedHat 6.2) - Exploit
Pine (Local Message Grabber) - Exploit
xsoldier 0.96 (RedHat 6.2) - Buffer Overflow
Pine (Local Message Grabber) - Local Message Read

Seyon 2.1 rev. 4b i586-Linux - Exploit
Seyon 2.1 rev. 4b i586-Linux (RedHat 4.0/5.1) - Overflow

glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - Exploit
glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - File Read

suid_perl 5.001 - Exploit
suid_perl 5.001 - Command Execution

Sendmail 8.11.x (Linux/i386) - Exploit
Sendmail 8.11.x (Linux/i386) - Privilege Escalation

Microsoft Excel - Unspecified Remote Code Execution
Microsoft Excel - Remote Code Execution

Microsoft Word 2000 - Unspecified Code Execution
Microsoft Word 2000 - Code Execution
IBM AIX 5.3 sp6 - capture Terminal Sequence Privilege Escalation
IBM AIX 5.3 sp6 - pioout Arbitrary Library Loading Privilege Escalation
IBM AIX 5.3 SP6 - Capture Terminal Sequence Privilege Escalation
IBM AIX 5.3 SP6 - 'pioout' Arbitrary Library Loading Privilege Escalation

IBM AIX 5.3 libc - MALLOCDEBUG File Overwrite
IBM AIX 5.3 - 'libc' MALLOCDEBUG File Overwrite

Easy RM to MP3 Converter 2.7.3.700 - Exploit
Easy RM to MP3 Converter 2.7.3.700 - Buffer Overflow

Easy RM to MP3 27.3.700 (Windows XP SP3) - Exploit
Easy RM to MP3 27.3.700 (Windows XP SP3) - Overflow

Adobe Reader and Acrobat - Exploit
Adobe Reader / Acrobat - '.PDF' File Overflow

Mini-stream Ripper (Windows XP SP2/SP3) - Exploit
Mini-stream Ripper (Windows XP SP2/SP3) - Local Overflow

DJ Studio Pro 5.1.6.5.2 - Exploit (SEH)
DJ Studio Pro 5.1.6.5.2 - Overflow (SEH)

Winamp 5.572 - Exploit (SEH)
Winamp 5.572 - Overflow (SEH)

ZipScan 2.2c - Exploit (SEH)
ZipScan 2.2c - Overflow (SEH)
Local Glibc shared library (.so) 2.11.1 - Exploit
(Linux Kernel 2.6.34-rc3) ReiserFS (RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation
Local Glibc Shared Library (.so) 2.11.1 - Code Execution
ReiserFS (Linux Kernel 2.6.34-rc3 / RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation

SyncBack Freeware 3.2.20.0 - Exploit
SyncBack Freeware 3.2.20.0 - Overflow (SEH)

Mediacoder 0.7.3.4672 - Exploit (SEH)
Mediacoder 0.7.3.4672 - Overflow (SEH)

MP3 Workstation 9.2.1.1.2 - Exploit (SEH)
MP3 Workstation 9.2.1.1.2 - Overflow (SEH)

DJ Studio Pro 8.1.3.2.1 - Exploit (SEH)
DJ Studio Pro 8.1.3.2.1 - Overflow (SEH)

MP3 Workstation 9.2.1.1.2 - Exploit (SEH) (Metasploit)
MP3 Workstation 9.2.1.1.2 - Overflow (SEH) (Metasploit)

iworkstation 9.3.2.1.4 - Exploit (SEH)
iworkstation 9.3.2.1.4 - Overflow (SEH)

Nokia MultiMedia Player 1.0 - Exploit (SEH Unicode)
Nokia MultiMedia Player 1.0 - Overflow (SEH Unicode)

POP Peeper 3.7 - Exploit (SEH)
POP Peeper 3.7 - Overflow (SEH)

DVD X Player 5.5 Pro - SEH + ASLR + DEP Bypass
DVD X Player 5.5 Pro - Overflow (SEH + ASLR + DEP Bypass)

DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) (Metasploit)
DJ Studio Pro 5.1.6.5.2 - Overflow (SEH) (Metasploit)

BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass
BlazeVideo HDTV Player 6.6 Professional - Overflow (SEH + ASLR + DEP Bypass)
Slackware Linux 3.4 - 'liloconfig-color' Temporary file
Slackware Linux 3.4 - 'makebootdisk' Temporary file
Slackware Linux 3.4 - 'liloconfig-color' Temporary File
Slackware Linux 3.4 - 'makebootdisk' Temporary File
Slackware Linux 3.4 - 'netconfig' Temporary file
Slackware Linux 3.4 - 'pkgtool' Temporary file
Slackware Linux 3.4 - 'netconfig' Temporary File
Slackware Linux 3.4 - 'pkgtool' Temporary File

Debian suidmanager 0.18 - Command Execution
BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Exploit
HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Exploit
Slackware Linux 3.5 - Missing /etc/group Privilege Escalation
BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Buffer Overrun
HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Change File Permission
Slackware Linux 3.5 - '/etc/group' Privilege Escalation

Sun Solaris 2.6 power management - Exploit
Sun Solaris 2.6 - power management Exploit
DataLynx suGuard 1.0 - Exploit
Sun Solaris 2.5.1 PAM & unix_scheme - Exploit
Solaris 2.5.1 ffbconfig - Exploit
Solaris 2.5.1 chkey - Exploit
Solaris 2.5.1 Ping - Exploit
SGI IRIX 6.4 ioconfig - Exploit
DataLynx suGuard 1.0 - Privilege Escalation
Sun Solaris 2.5.1 PAM / unix_scheme - 'passwd' Privilege Escalation
Solaris 2.5.1 - 'ffbconfig' Exploit
Solaris 2.5.1 - 'chkey' Exploit
Solaris 2.5.1 - 'Ping' Exploit
SGI IRIX 6.4 - 'ioconfig' Exploit
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (1)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (2)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - 'xlock' Exploit (1)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - '/usr/bin/X11/xlock' Privilege Escalation (2)

Solaris 2.5.1 automount - Exploit
Solaris 2.5.1 - 'automount' Exploit
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Exploit
Sun Solaris 7.0 dtprintinfo - Buffer Overflow
Sun Solaris 7.0 lpset - Buffer Overflow
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Privilege Escalation
Sun Solaris 7.0 - '/usr/dt/bin/dtprintinfo' Buffer Overflow
Sun Solaris 7.0 - '/usr/bin/lpset' Buffer Overflow

IBM Remote Control Software 1.0 - Exploit
IBM Remote Control Software 1.0 - Code Execution

Xcmail 0.99.6 - Exploit
Xcmail 0.99.6 - Buffer Overflow
Sun Solaris 7.0 ff.core - Exploit
S.u.S.E. 5.2 lpc - Exploit
Sun Solaris 7.0 - 'ff.core' Exploit
S.u.S.E. 5.2 - 'lpc' Exploit

SGI IRIX 6.2 cdplayer - Exploit
SGI IRIX 6.2 - 'cdplayer' Exploit
SGI IRIX 5.3 Cadmin - Exploit
SGI IRIX 6.0.1 colorview - Exploit
SGI IRIX 5.3 - 'Cadmin' Exploit
SGI IRIX 6.0.1 - 'colorview' Exploit
SGI IRIX 6.3 df - Exploit
SGI IRIX 6.4 - datman/cdman Exploit
SGI IRIX 6.3 - 'df' Exploit
SGI IRIX 6.4 - datman/cdman Exploit
RedHat Linux 2.1 - abuse.console Exploit
SGI IRIX 6.2 fsdump - Exploit
RedHat Linux 5.1 xosview - Exploit
Slackware Linux 3.1 - Buffer Overflow
RedHat Linux 2.1 - 'abuse.console' Exploit
SGI IRIX 6.2 - 'fsdump' Exploit
RedHat Linux 5.1 - xosview
Slackware Linux 3.1 - '/usr/X11/bin/SuperProbe' Buffer Overflow

IBM AIX 4.3 infod - Exploit
IBM AIX 4.3 - 'infod' Exploit

IBM AIX 4.2.1 snap - Insecure Temporary File Creation
IBM AIX 4.2.1 - 'snap' Insecure Temporary File Creation
SGI IRIX 6.4 inpview - Exploit
RedHat Linux 5.0 msgchk - Exploit
IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation
IBM AIX 4.2 ping - Buffer Overflow
IBM AIX 4.2 lchangelv - Buffer Overflow
SGI IRIX 6.4 - 'inpview' Exploit
RedHat Linux 5.0 - 'msgchk' Exploit
IBM AIX 4.2.1 - '/usr/bin/portmir' Buffer Overflow / Insecure Temporary File Creation
IBM AIX 4.2 - 'ping' Buffer Overflow
IBM AIX 4.2 - '/usr/sbin/lchangelv' Buffer Overflow

RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 mailx - Exploit (1)
RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' Exploit (1)

SGI IRIX 6.4 netprint - Exploit
SGI IRIX 6.4 - 'netprint' Exploit

SGI IRIX 5.3/6.2 ordist - Exploit
SGI IRIX 5.3/6.2 - 'ordist' Exploit

SGI IRIX 5.3 pkgadjust - Exploit
SGI IRIX 5.3 - 'pkgadjust' Exploit

Sun Solaris 7.0 procfs - Exploit
IBM AIX 3.2.5 - IFS Exploit
IBM AIX 4.2.1 lquerypv - Exploit
IBM AIX 3.2.5 - 'IFS' Exploit
IBM AIX 4.2.1 - 'lquerypv' File Read
SGI IRIX 6.3 pset - Exploit
SGI IRIX 6.4 rmail - Exploit
SGI IRIX 6.3 - 'pset' Exploit
SGI IRIX 6.4 - 'rmail' Exploit
SGI IRIX 5.2/5.3 serial_ports - Exploit
SGI IRIX 6.4 suid_exec - Exploit
SGI IRIX 5.1/5.2 sgihelp - Exploit
SGI IRIX 6.4 startmidi - Exploit
SGI IRIX 5.2/5.3 - 'serial_ports' Exploit
SGI IRIX 6.4 - 'suid_exec' Exploit
SGI IRIX 5.1/5.2- 'sgihelp' Exploit
SGI IRIX 6.4 - 'startmidi' Exploit

SGI IRIX 6.4 xfsdump - Exploit
SGI IRIX 6.4 - 'xfsdump' Exploit

IBM AIX 4.3.1 adb - Exploit
IBM AIX 4.3.1 - 'adb' Denial of Service
Apple At Ease 5.0 - Exploit
Samba < 2.0.5 - Exploit
Apple At Ease 5.0 - Information Disclosure
Samba < 2.0.5 - Overflow

NetBSD 1.4 / OpenBSD 2.5 /Solaris 7.0 profil(2) - Exploit
NetBSD 1.4 / OpenBSD 2.5 / Solaris 7.0 - 'profil(2)' Modify The Internal Data Space

Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 espeaker - Local Buffer Overflow
Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 - 'espeaker' Local Buffer Overflow

HP-UX 10.20 newgrp - Exploit
HP-UX 10.20 newgrp - Privilege Escalation

BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - 'lpr' Buffer Overrun (2)
BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - '/usr/bin/lpr' Buffer Overrun Privilege Escalation (2)

BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon Exploit
BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon
FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (1)
FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (2)
xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (1)
xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (2)

Solaris 7.0 kcms_configure - Exploit
Solaris 7.0 - 'kcms_configure Exploit

Windowmaker wmmon 1.0 b2 - Exploit
Windowmaker wmmon 1.0 b2 - Command Execution

Oracle8i Standard Edition 8.1.5 for Linux Installer - Exploit
Oracle8i Standard Edition 8.1.5 for Linux Installer - Privilege Escalation

Standard & Poors ComStock 4.2.4 - Exploit
Standard & Poors ComStock 4.2.4 - Command Execution
KDE 1.1.2 KApplication configfile - Exploit (1)
KDE 1.1.2 KApplication configfile - Exploit (2)
KDE 1.1.2 KApplication configfile - Exploit (3)
KDE 1.1.2 KApplication configfile - Privilege Escalation (1)
KDE 1.1.2 KApplication configfile - Privilege Escalation (2)
KDE 1.1.2 KApplication configfile - Privilege Escalation (3)

BSD 'mailx' 8.1.1-10 - Buffer Overflow (2)
mailx 8.1.1-10 (BSD/Slackware) - Buffer Overflow (2)

Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - fld Input File Overflow
Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - '/usr/bin/fld' Input File Overflow
IRIX 6.5.x - GR_OSView Buffer Overflow
SGI IRIX 6.2 libgl.so - Buffer Overflow
IRIX 6.5.x - dmplay Buffer Overflow
IRIX 6.2/6.3 lpstat - Buffer Overflow
IRIX 6.5.x - inpview Race Condition
IRIX 6.5.x - '/usr/sbin/gr_osview' Buffer Overflow
SGI IRIX 6.2 - 'libgl.so' Buffer Overflow
IRIX 6.5.x - '/usr/sbin/dmplay' Buffer Overflow
IRIX 6.2/6.3 - '/bin/lpstat' Buffer Overflow
IRIX 6.5.x - '/usr/lib/InPerson/inpview' Race Condition

IRIX 5.3/6.x - mail Exploit
IRIX 5.3/6.x - '/usr/bin/mail' Buffer Overflow
Libc locale - Exploit (1)
Libc locale - Exploit (2)
Libc locale - Privilege Escalation (1)
Libc locale - Privilege Escalation (2)

GNOME esound 0.2.19 - Unix Domain Socket Race Condition

Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell redirection Race Condition
Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell Redirection Race Condition
IBM AIX 4.x - setsenv Buffer Overflow
IBM AIX 4.3 digest - Buffer Overflow
IBM AIX 4.x - enq Buffer Overflow
IBM AIX 4.3.x - piobe Buffer Overflow
IBM AIX 4.x - '/usr/bin/setsenv' Buffer Overflow
IBM AIX 4.3 - '/usr/lib/lpd/digest' Buffer Overflow
IBM AIX 4.x - 'enq' Buffer Overflow
IBM AIX 4.3.x - '/usr/lib/lpd/piobe' Buffer Overflow

SGI IRIX 6.5 / Solaris 7.0/8 - CDE dtsession Buffer Overflow
SGI IRIX 6.5 / Solaris 7.0/8 CDE - '/usr/dt/bin/dtsession' Buffer Overflow

AIX 4.2/4.3 - piomkapqd Buffer Overflow
AIX 4.2/4.3 - '/usr/lib/lpd/pio/etc/piomkapqd' Buffer Overflow

(Linux Kernel 2.4.17-8) User-Mode Linux - Memory Access Privilege Escalation
User-Mode Linux (Linux Kernel 2.4.17-8) - Memory Access Privilege Escalation

(Linux Kernel) Grsecurity Kernel Patch 1.9.4 - Memory Protection
Grsecurity Kernel Patch 1.9.4 (Linux Kernel) - Memory Protection
QNX RTOS 6.1 - phlocale Environment Variable Buffer Overflow
QNX RTOS 6.1 - PKG-Installer Buffer Overflow
QNX RTOS 6.1 - '/usr/photon/bin/phlocale' Environment Variable Buffer Overflow
QNX RTOS 6.1 - 'PKG-Installer' Buffer Overflow

NCMedia Sound Editor Pro 7.5.1 - SEH + DEP Bypass
NCMedia Sound Editor Pro 7.5.1 - Overflow (SEH + DEP Bypass)

AFD 1.2.x - Working Directory Local Buffer Overflow
AFD 1.2.x - Working Directory Local Buffer Overflow Privilege Escalation

IBM AIX 4.3.x/5.1 - ERRPT Local Buffer Overflow
IBM AIX 4.3.x/5.1 - 'ERRPT' Local Buffer Overflow

HP-UX 10.x - rs.F3000 Unspecified Unauthorized Access
HP-UX 10.x - rs.F3000 Unauthorized Access

Leksbot 1.2 - Multiple Unspecified Vulnerabilities
Leksbot 1.2 - Multiple Vulnerabilities

IBM AIX 4.3.x/5.1 - LSMCODE Environment Variable Local Buffer Overflow
IBM AIX 4.3.x/5.1 - 'LSMCODE' Environment Variable Local Buffer Overflow

IBM UniVerse 10.0.0.9 - uvadmsh Privilege Escalation
IBM UniVerse 10.0.0.9 - 'uvadmsh' Privilege Escalation

ViRobot Linux Server 2.0 - Overflow

(Linux Kernel 2.6) Samba 2.2.8 (Debian / Mandrake) - Share Privilege Escalation
Samba 2.2.8 (Linux Kernel 2.6 / Debian / Mandrake) - Share Privilege Escalation
Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (1)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (2)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (3)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (1)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (2)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (3)

Nvidia Display Driver Service (Nsvr) - Exploit
Nvidia Display Driver Service (Nsvr) - Buffer Overflow
IBM AIX 5.3 - GetShell and GetCommand File Enumeration
IBM AIX 5.3 - GetShell and GetCommand Partial File Disclosure
IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Enumeration
IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Disclosure

Apple 2.0.4 - Safari Unspecified Local
Apple 2.0.4 - Safari Local Exploit

Systrace - Multiple System Call Wrappers Concurrency Vulnerabilities

IBM AIX 6.1.8 libodm - Arbitrary File Write
IBM AIX 6.1.8 - 'libodm' Arbitrary File Write

Apple iOS 4.0.2 - Networking Packet Filter Rules Privilege Escalation

VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow
VeryPDF HTML Converter 2.0 - Buffer Overflow (SEH/ToLower() Bypass)

Symantec Encryption Desktop 10 - Buffer Overflow Privilege Escalation

QEMU (Gentoo) - Local Priv Escalation
QEMU (Gentoo) - Privilege Escalation

Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation
Apache Tomcat 8/7/6 (RedHat Based Distros) - Privilege Escalation

RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock)
RedStar 3.0 Server - 'BEAM' / 'RSSMON' Command Injection (Shellshock)

Microsoft WordPerfect Document Converter - Exploit (MS03-036)
Microsoft WordPerfect Document Converter (Windows NT4 Workstation SP5/SP6 French) - File Template Buffer Overflow (MS03-036)

CA BrightStor ARCserve Backup - Exploiter Tool
CA BrightStor ARCserve Backup - Overflow

NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - Exploit
NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - File Write

CDBurnerXP 4.2.4.1351 - Exploit

PeerCast 0.1216 - Exploit (Metasploit)
PeerCast 0.1216 - Stack Overflow (Metasploit)

BigAnt Server 2.52 - Exploit (SEH)
BigAnt Server 2.52 - Overflow (SEH)

NetTransport Download Manager 2.90.510 - Exploit
NetTransport Download Manager 2.90.510 - Overflow (SEH)

File Sharing Wizard 1.5.0 - Exploit (SEH)
File Sharing Wizard 1.5.0 - Overflow (SEH)
Real Player 12.0.0.879 - Exploit
Sun Java Web Server 7.0 u7 - Exploit (DEP Bypass)
Real Player 12.0.0.879 - Code Execution
Sun Java Web Server 7.0 u7 - Overflow (DEP Bypass)

IBM AIX 5l FTPd - Remote DES Hash Exploit
IBM AIX 5l - 'FTPd' Remote DES Hash Exploit

Microsoft Data Access Components - Exploit (MS11-002)
Microsoft Data Access Components - Overflow (PoC) (MS11-002)

FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit)
FileCOPA FTP Server (Pre 18 Jul Version) - 'LIST' Buffer Overflow (Metasploit)

Viscom Software Movie Player Pro SDK ActiveX 6.8 - Exploit (Metasploit)
Viscom Software Movie Player Pro SDK ActiveX 6.8 - Stack-Based Buffer Overflow (Metasploit)

Apple Personal Web Sharing 1.1 - Exploit
id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Exploit
id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Command Execution

Metainfo Sendmail 2.0/2.5 & MetaIP 3.1 - Exploit
Metainfo Sendmail 2.0/2.5 / MetaIP 3.1 -  Upload / Execute Read Scripts

IBM AIX 3.2/4.1 & SCO Unixware 7.1.1 & SGI IRIX 5.3 & Sun Solaris 2.5.1 - Exploit
IBM AIX 3.2/4.1 / SCO Unixware 7.1.1 / SGI IRIX 5.3 / Sun Solaris 2.5.1 - Privilege Escalation

HP HP-UX 10.34 rlpdaemon - Exploit
HP HP-UX 10.34 rlpdaemon - Remote Overflow

Ray Chan WWW Authorization Gateway 0.1 - Exploit
Ray Chan WWW Authorization Gateway 0.1 - Command Execution

Solaris 7.0 Coredump - Exploit
Solaris 7.0 - 'Coredump' File Write
IBM Scalable POWERparallel (SP) 2.0 sdrd - Exploit
SGI IRIX 6.2 cgi-bin wrap - Exploit
IBM Scalable POWERparallel (SP) 2.0 - 'sdrd' File Read
SGI IRIX 6.2 - cgi-bin wrap Exploit

SGI IRIX 6.5.2 nsd - Exploit
SGI IRIX 6.5.2 - 'nsd'' Exploit

IBM AIX 3.2.5 - login(1) Exploit
IBM AIX 3.2.5 - 'login(1)' Exploit

Compaq Java Applet for Presario SpawnApp - Exploit
Compaq Java Applet for Presario SpawnApp - Code Execution

Network Security Wizards Dragon-Fire IDS 1.0 - Exploit
Network Security Wizards Dragon-Fire IDS 1.0 - Command Execution

Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Exploit
Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Information Disclosure

IBM AIX 4.3.2 ftpd - Remote Buffer Overflow
IBM AIX 4.3.2 - 'ftpd' Remote Buffer Overflow

glFTPd 1.17.2 - Exploit
glFTPd 1.17.2 - Code Execution

Netopia R-series routers 4.6.2 - Exploit
Netopia R-series Routers 4.6.2 - Modifying SNMP Tables

Sun Java Web Server 1.1.3/2.0 Servlets - Exploit
Sun Java Web Server 1.1.3/2.0 Servlets - information Disclosure

IPFilter 3.x - Fragment Rule Bypass

CGIWrap 2.x/3.x - Cross-Site Scripting

AIX 4.1/4.2 - pdnsd Buffer Overflow
AIX 4.1/4.2 - 'pdnsd' Buffer Overflow

RedHat Linux 7.0 Apache - Remote 'Username' Enumeration
RedHat Linux 7.0 Apache - Remote Username Enumeration

Hylafax 4.1.x - HFaxD Unspecified Format String
Hylafax 4.1.x - HFaxD Format String

EZMeeting 3.x - 'EZNet.exe' Long HTTP Request Remote Buffer Overflow

LHA 1.x - Multiple extract_one Buffer Overflow Vulnerabilities
LHA 1.x - 'extract_one' Multiple Buffer Overflow Vulnerabilities

Ethereal 0.x - Multiple Unspecified iSNS / SMB / SNMP Protocol Dissector Vulnerabilities
Ethereal 0.x - Multiple iSNS / SMB / SNMP Protocol Dissector Vulnerabilities

Oracle 9i - Multiple Unspecified Vulnerabilities
Oracle 9i - Multiple Vulnerabilities

File ELF 4.x - Header Unspecified Buffer Overflow
File ELF 4.x - Header Buffer Overflow
Microsoft PowerPoint 2003 - 'mso.dll' .PPT Processing Unspecified Code Execution
Microsoft PowerPoint 2003 - 'powerpnt.exe' Unspecified Issue
Microsoft PowerPoint 2003 - 'mso.dll' '.PPT' Processing Code Execution
Microsoft PowerPoint 2003 - 'powerpnt.exe' Exploit
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Unspecified Arbitrary File Manipulation
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Unspecified Replay Attack
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Arbitrary File Manipulation
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Replay Attack
Microsoft Internet Explorer 6 - Unspecified Code Execution (1)
Microsoft Internet Explorer 6 - Unspecified Code Execution (2)
Microsoft Internet Explorer 6 - Code Execution (1)
Microsoft Internet Explorer 6 - Code Execution (2)

GNU Tar 1.1x - GNUTYPE_NAMES Directory Traversal
GNU Tar 1.1x - 'GNUTYPE_NAMES' Directory Traversal

TFTP Server TFTPDWin 0.4.2 - Unspecified Directory Traversal
TFTP Server TFTPDWin 0.4.2 - Directory Traversal

Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified
Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Exploit

Multiple CA Service Management Products - Unspecified Remote Command Execution
Multiple CA Service Management Products - Remote Command Execution

NovaStor NovaNET 12 - 'DtbClsLogin()' Remote Stack Buffer Overflow

Bash - Environment Variables Code Injection (Shellshock)
Bash - Environment Variables Command Injection (Shellshock)

OpenVPN 2.2.29 - Remote Exploit (Shellshock)
OpenVPN 2.2.29 - Remote Command Injection (Shellshock)
Postfix SMTP 4.2.x < 4.2.48 - Remote Exploit (Shellshock)
Apache mod_cgi - Remote Exploit (Shellshock)
Postfix SMTP 4.2.x < 4.2.48 - Remote Command Injection (Shellshock)
Apache mod_cgi - Remote Command Injection (Shellshock)

Poison Ivy 2.3.2 - Unspecified Remote Buffer Overflow
Poison Ivy 2.3.2 - Remote Buffer Overflow

Samba 3.5.11/3.6.3 - Unspecified Remote Code Execution
Samba 3.5.11/3.6.3 - Remote Code Execution

Advantech Switch - Bash Environment Variable Code Injection (Shellshock) (Metasploit)
Advantech Switch - Bash Environment Variable Command Injection (Shellshock) (Metasploit)

Cisco UCS Manager 2.1(1b) - Remote Exploit (Shellshock)
Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock)

IPFire - Bash Environment Variable Injection (Shellshock) (Metasploit)
IPFire - Bash Environment Variable Command Injection (Shellshock) (Metasploit)

TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock)
TrendMicro InterScan Web Security Virtual Appliance - Remote Command Injection (Shellshock)

Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remotely Exploitable Type Confusion
Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remote Type Confusion

Poll It CGI 2.0 - Exploit
Poll It CGI 2.0 - Multiple Vulnerabilities

DreamPoll 3.1 - Exploit
DreamPoll 3.1 - SQL Injection

WordPress Plugin WP-Cumulus 1.20 - Exploit
WordPress Plugin WP-Cumulus 1.20 - Full Path Disclosure / Cross-Site Scripting

Public Media Manager - Exploit
Public Media Manager - Remote File Inclusion

Joomla! Component com_adagency - Exploit
Joomla! Component com_adagency - Local File Inclusion

File Upload Manager 1.3 - Exploit
File Upload Manager 1.3 - Web Shell File Upload

Joomla! Component com_caddy - Exploit

Renista CMS - Exploit
Renista CMS - SQL Injection

BtiTracker 1.3.x < 1.4.x - Exploit
BtiTracker 1.3.x < 1.4.x - SQL Injection

WordPress Plugin Cimy Counter - Exploit
WordPress Plugin Cimy Counter - Full Path Disclosure / Redirector / Cross-Site Scripting / HTTP Response Spitting

Belkin F5D7234-4 v5 G Wireless Router - Exploit
Belkin F5D7234-4 v5 G Wireless Router - Remote Hash Exposed

WhatsApp Status Changer 0.2 - Exploit
WhatsApp - Remote Change Status

MySimpleNews 1.0 - Remotely Readable Administrator Password
MySimpleNews 1.0 - Remote Readable Administrator Password

SquirrelMail 1.2.11 - Exploit
SquirrelMail 1.2.11 - Multiple Vulnerabilities

D-Link DCS-936L Network Camera - Cross-Site Request Forgery
Yappa-ng 1.x/2.x - Unspecified Remote File Inclusion
Yappa-ng 1.x/2.x - Unspecified Cross-Site Scripting
Yappa-ng 1.x/2.x - Remote File Inclusion
Yappa-ng 1.x/2.x - Cross-Site Scripting

Aenovo - Multiple Unspecified Cross-Site Scripting Vulnerabilities
Aenovo - Multiple Cross-Site Scripting Vulnerabilities

Codegrrl - 'Protection.php' Unspecified Code Execution
Codegrrl - 'Protection.php' Code Execution
Red Mombin 0.7 - 'index.php' Unspecified Cross-Site Scripting
Red Mombin 0.7 - 'process_login.php' Unspecified Cross-Site Scripting
Red Mombin 0.7 - 'index.php' Cross-Site Scripting
Red Mombin 0.7 - 'process_login.php' Cross-Site Scripting

A-Blog 1.0 - Unspecified Cross-Site Scripting
A-Blog 1.0 - Cross-Site Scripting

Liens_Dynamiques 2.1 - Multiple Unspecified Cross-Site Scripting Vulnerabilities
Liens_Dynamiques 2.1 - Multiple Cross-Site Scripting Vulnerabilities

WordPress Plugin Akismet 2.1.3 - Unspecified
WordPress Plugin Akismet 2.1.3 - Exploit

SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Unspecified Remote Command Execution Vulnerabilities
SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Remote Command Execution Vulnerabilities

UPC Ireland Cisco EPC 2425 Router / Horizon Box - Exploit
UPC Ireland Cisco EPC 2425 Router / Horizon Box - WPA-PSK Handshake Information

Korean GHBoard - 'Component/upload.jsp' Unspecified Arbitrary File Upload
Korean GHBoard - 'Component/upload.jsp' Arbitrary File Upload

MyPHP Forum 3.0 - 'search.php' Multiple Unspecified SQL Injections
MyPHP Forum 3.0 - 'search.php' Multiple SQL Injections

Zoph 0.7.2.1 - Unspecified SQL Injection
Zoph 0.7.2.1 - SQL Injection

Joomla! Component FreiChat 1.0/2.x - Unspecified HTML Injection
Joomla! Component FreiChat 1.0/2.x - HTML Injection

Bash CGI - Remote Code Execution (Shellshock) (Metasploit)
Bash CGI - Remote Command Injection (Shellshock) (Metasploit)

PHP < 5.6.2 - 'disable_functions()' Bypass Exploit (Shellshock)
PHP < 5.6.2 - 'disable_functions()' Bypass Command Injection (Shellshock)

Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Unspecified Security Vulnerabilities
Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Security Vulnerabilities

Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Unspecified Security
Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Security Exploit

Netsweeper 4.0.8 - Authentication Bypass Issue
Netsweeper 4.0.8 - Authentication Bypass

SimpleInvoices invoices Module - Unspecified Customer Field Cross-Site Scripting
SimpleInvoices invoices Module - Customer Field Cross-Site Scripting

Bugzilla 4.2 - Tabular Reports Unspecified Cross-Site Scripting
Bugzilla 4.2 - Tabular Reports Cross-Site Scripting

iScripts AutoHoster - 'main_smtp.php' Unspecified Traversal
iScripts AutoHoster - 'main_smtp.php' Traversal Exploit

Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Issues
Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Exploits

Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Exploit (Shellshock)
Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Command Injection (Shellshock)

NUUO NVRmini 2 3.0.8 - Remote Code Execution (Shellshock)
NUUO NVRmini 2 3.0.8 - Remote Command Injection (Shellshock)

Squid Analysis Report Generator 2.3.10 - Remote Code Execution
2017-11-16 10:02:26 +00:00
Offensive Security
5e2fc10125 DB: 2016-09-03 2016-09-03 13:13:25 +00:00
Offensive Security
31a21bb68d DB: 2016-09-03
14 new exploits

Too many to list!
2016-09-03 05:08:42 +00:00
Offensive Security
614fb1caf8 DB: 2016-05-12
22 new exploits

PoPToP PPTP <= 1.1.4-b3 - Remote Root Exploit (poptop-sane.c)
PoPToP PPTP <= 1.1.4-b3 - 'poptop-sane.c' Remote Root Exploit

Atftpd 0.6 - Remote Root Exploit (atftpdx.c)
Atftpd 0.6 - 'atftpdx.c' Remote Root Exploit

Yahoo Messenger 5.5 - Remote Exploit (DSR-ducky.c)
Yahoo Messenger 5.5 - 'DSR-ducky.c' Remote Exploit

CCBILL CGI Remote Exploit for whereami.cgi (ccbillx.c)
CCBILL CGI - 'ccbillx.c' whereami.cgi Remote Exploit

Cisco IOS IPv4 Packet Denial of Service Exploit (cisco-bug-44020.c)
Cisco IOS - 'cisco-bug-44020.c' IPv4 Packet Denial of Service Exploit

wu-ftpd 2.6.2 - Remote Denial of Service Exploit (wuftpd-freezer.c)
wu-ftpd 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service Exploit

Microsoft Windows - (Jolt2.c) Denial of Service Exploit
Microsoft Windows - 'Jolt2.c' Denial of Service Exploit

TCP SYN Denial of Service Exploit (bang.c)
TCP SYN - 'bang.c' Denial of Service Exploit

Apache HTTPd - Arbitrary Long HTTP Headers DoS (C)
Apache HTTPd - Arbitrary Long HTTP Headers DoS

Linux Kernel <= 2.4.26- File Offset Pointer Handling Memory Disclosure Exploit
Linux Kernel <= 2.4.26 - File Offset Pointer Handling Memory Disclosure Exploit

Linux Kernel 2.6.x (Slackware 9.1/ Debian 3.0) - chown() Group Ownership Alteration Exploit
Linux Kernel 2.6.x (Slackware 9.1 / Debian 3.0) - chown() Group Ownership Alteration Exploit

Veritas Backup Exec Agent 8.x/9.x - Browser Overflow (C)
Veritas Backup Exec Agent 8.x/9.x - Browser Overflow

Apache OpenSSL - Remote Exploit (Multiple Targets) (OpenFuckV2.c)
Apache OpenSSL - 'OpenFuckV2.c' Remote Exploit

CA License Server (GETCONFIG) Remote Buffer Overflow Exploit (c)
CA License Server (GETCONFIG) Remote Buffer Overflow Exploit

Aeon 0.2a - Local Linux Exploit (C)
Aeon 0.2a - Local Linux Exploit

Linux Kernel 2.4 / 2.6 - bluez Local Root Privilege Escalation Exploit (3)
Linux Kernel 2.4.x / 2.6.x - 'Bluez' Bluetooth Signed Buffer Index Local Root (3)

nbSMTP <= 0.99 (util.c) Client-Side Command Execution Exploit
nbSMTP <= 0.99 - 'util.c' Client-Side Command Execution Exploit

SuSE Linux <= 9.3 / 10 - (chfn) Local Root Privilege Escalation Exploit
Linux chfn (SuSE <= 9.3 / 10) - Local Privilege Escalation Exploit

SugarSuite Open Source <= 4.0beta Remote Code Execution Exploit (c)
SugarSuite Open Source <= 4.0beta - Remote Code Execution Exploit
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (c)
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (pl)
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit
Microsoft Windows IIS - Malformed HTTP Request Denial of Service Exploit (Perl)

OpenVMPSd <= 1.3 - Remote Format String Exploit (Multiple Targets)
OpenVMPSd <= 1.3 - Remote Format String Exploit

Ubuntu Breezy 5.10 Installer Password Disclosure Vulnerability
Ubuntu Breezy 5.10 - Installer Password Disclosure Vulnerability

X.Org X11 (X11R6.9.0/X11R7.0) - Local Root Privilege Escalation Exploit
X.Org X11 (X11R6.9.0/X11R7.0) - Local Privilege Escalation Exploit

DataLife Engine <= 4.1 - Remote SQL Injection Exploit (php)
DataLife Engine <= 4.1 - Remote SQL Injection Exploit (PHP)
Opera 9 IRC Client Remote Denial of Service Exploit (c)
Opera 9 IRC Client Remote Denial of Service Exploit (py)
Opera 9 - IRC Client Remote Denial of Service Exploit
Opera 9 IRC Client - Remote Denial of Service Exploit (Python)

Microsoft Windows PNG File IHDR Block Denial of Service Exploit PoC (c)
Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (1)

Microsoft Windows PNG File IHDR Block Denial of Service Exploit PoC (c) (2)
Microsoft Windows - PNG File IHDR Block Denial of Service Exploit PoC (2)

Microsoft Internet Explorer (VML) Remote Buffer Overflow Exploit (SP2) (pl)
Microsoft Internet Explorer (VML) - Remote Buffer Overflow Exploit (SP2) (Perl)

Microsoft Internet Explorer WebViewFolderIcon setSlice() Exploit (pl)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit (Perl)

Microsoft Internet Explorer WebViewFolderIcon setSlice() Exploit (c)
Microsoft Internet Explorer - WebViewFolderIcon setSlice() Exploit

cPanel <= 10.8.x - (cpwrap via mysqladmin) Local Root Exploit (php)
cPanel <= 10.8.x - (cpwrap via mysqladmin) Local Root Exploit (PHP)

Xfire <= 1.6.4 - Remote Denial of Service Exploit (pl)
Xfire <= 1.6.4 - Remote Denial of Service Exploit (Perl)

Microsoft Windows NetpManageIPCConnect Stack Overflow Exploit (py)
Microsoft Windows NetpManageIPCConnect - Stack Overflow Exploit (Python)

VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (c)
VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit

QK SMTP <= 3.01 (RCPT TO) Remote Buffer Overflow Exploit (pl)
QK SMTP <= 3.01 - (RCPT TO) Remote Buffer Overflow Exploit (Perl)

Ubuntu/Debian Apache 1.3.33/1.3.34 - (CGI TTY) Local Root Exploit
Apache 1.3.33/1.3.34 (Ubuntu / Debian) - (CGI TTY) Local Root Exploit

WarFTP 1.65 (USER) Remote Buffer Overlow Exploit (multiple targets)
WarFTP 1.65 (USER) Remote Buffer Overlow Exploit

XOOPS Module WF-Snippets <= 1.02 (c) BLIND SQL Injection Exploit
XOOPS Module WF-Snippets <= 1.02 (c) - BLIND SQL Injection Exploit

IrfanView 3.99 - (.ani) Local Buffer Overflow Exploit (multiple targets)
IrfanView 3.99 - (.ani) Local Buffer Overflow Exploit

3proxy 0.5.3g logurl() Remote Buffer Overflow Exploit (Win32) (pl)
3proxy 0.5.3g logurl() - Remote Buffer Overflow Exploit (Win32) (Perl)

Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Exploit (c)
Download Accelerator Plus - DAP 8.x m3u File Buffer Overflow Exploit
fuzzylime CMS 3.01 (polladd.php poll) Remote Code Execution Exploit (php)
fuzzylime CMS 3.01 (polladd.php poll) Remote Code Execution Exploit (pl)
fuzzylime CMS 3.01 (polladd.php poll) Remote Code Execution Exploit (PHP)
fuzzylime CMS 3.01 - (polladd.php poll) Remote Code Execution Exploit (Perl)

IntelliTamper 2.07 - (map file) Local Arbitrary Code Execution Exploit (pl)
IntelliTamper 2.07 - (map file) Local Arbitrary Code Execution Exploit (Perl)

IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow Exploit (c)
IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow Exploit

BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (py)
BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (Python)

BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit (c)
BIND 9.x - Remote DNS Cache Poisoning Flaw Exploit

CoolPlayer 2.19 - (Skin File) Local Buffer Overflow Exploit (py)
CoolPlayer 2.19 - (Skin File) Local Buffer Overflow Exploit (Python)

Browser3D 3.5 - (.sfs) Local Stack Overflow Exploit (c)
Browser3D 3.5 - (.sfs) Local Stack Overflow Exploit

Microsoft Internet Explorer 7 - Memory Corruption Exploit (MS09-002) (py)
Microsoft Internet Explorer 7 - Memory Corruption Exploit (MS09-002) (Python)

EFS Easy Chat Server Authentication Request Buffer Overflow Exploit (pl)
EFS Easy Chat Server - Authentication Request Buffer Overflow Exploit (Perl)

CastRipper 2.50.70 - (.m3u) Universal Stack Overflow Exploit (py)
CastRipper 2.50.70 - (.m3u) Universal Stack Overflow Exploit (Python)

Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (php)
Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (PHP)

Microsoft IIS 6.0 WebDAV Remote Authentication Bypass Exploit (pl)
Microsoft IIS 6.0 WebDAV - Remote Authentication Bypass Exploit (Perl)

kloxo 5.75 - (24 issues) Multiple Vulnerabilities
kloxo 5.75 - Multiple Vulnerabilities

Mozilla Firefox 3.5 (Font tags) Remote Heap Spray Exploit (pl)
Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (Perl)

Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit (C)
Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation Exploit

MailEnable 1.52 HTTP Mail Service Stack BoF Exploit PoC
MailEnable 1.52 - HTTP Mail Service Stack BoF Exploit PoC

(Ubuntu 9.10/10.04) PAM 1.1.0 - MOTD File Tampering (Privilege Escalation)
Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation Local Root Exploit (1)

Cacti 0.8.7e: Multiple Security Issues
Cacti 0.8.7e - Multiple Vulnerabilities

(Tod Miller's) Sudo/SudoEdit 1.6.x < 1.6.9p21 & 1.7.x < 1.7.2p4 - Local Root Exploit
(Tod Miller's) Sudo/SudoEdit 1.6.x / 1.7.x (<= 1.6.9p21 / <= 1.7.2p4) - Local Root Exploit

PAM 1.1.0 MOTD (Ubuntu 9.10/10.04) - Local Root Exploit
Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation Local Root Exploit (2)

Linux Kernel < 2.6.36-rc1 CAN BCM (Ubuntu 10.04 / 2.6.32-21) - Privilege Escalation Exploit
Linux Kernel < 2.6.36-rc1 CAN BCM (Ubuntu 10.04 / 2.6.32) - Privilege Escalation Exploit

Ubuntu Linux - 'mountall' - Local Privilege Escalation Vulnerability
mountall <= 2.15.2 (Ubuntu 10.04/10.10) - Local Privilege Escalation Vulnerability

Cilem Haber 1.4.4 (Tr) - Database Disclosure Exploit (.py)
Cilem Haber 1.4.4 (Tr) - Database Disclosure Exploit (Python)

PHP Hosting Directory 2.0 Database Disclosure Exploit (.py)
PHP Hosting Directory 2.0 Database Disclosure Exploit (Python)

systemtap - Local Root Privilege Escalation Vulnerability
systemtap - Local Privilege Escalation Vulnerability

Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 110.10) - Local Privilege Escalation Exploit (2)
Linux Kernel < 2.6.34 CAP_SYS_ADMIN x86 & x64 (Ubuntu 11.10) - Local Privilege Escalation Exploit (2)

Kunena < 1.5.13_ < 1.6.3 - SQL Injection Vulnerability
Kunena < 1.5.13 / < 1.6.3 - SQL Injection Vulnerability

HP OpenView NNM 7.53_ 7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow
HP OpenView NNM 7.53/7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow

Safari 5.0.6_ 5.1 - SVG DOM Processing PoC
Safari 5.0.6/5.1 - SVG DOM Processing PoC

Ubuntu <= 11.04 ftp client Local Buffer Overflow Crash PoC
FTP Client (Ubuntu <= 11.04) - Local Buffer Overflow Crash PoC

Acpid 1:2.0.10-1ubuntu2 - Privilege Boundary Crossing Vulnerability
Acpid 1:2.0.10-1ubuntu2 (Ubuntu 11.10/11.04) - Privilege Boundary Crossing Local Root Exploit
RedHat Linux <= 6.0_ Slackware Linux <= 4.0 Termcap tgetent() Buffer Overflow (1)
RedHat Linux <= 6.0_ Slackware Linux <= 4.0 Termcap tgetent() Buffer Overflow (2)
RedHat Linux <= 6.0 / Slackware Linux <= 4.0 - Termcap tgetent() Buffer Overflow (1)
RedHat Linux <= 6.0 / Slackware Linux <= 4.0 - Termcap tgetent() Buffer Overflow (2)
Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1)
Linux Kernel 2.2.x/2.4 .0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2)
Linux Kernel 2.2.x/2.4.0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail) Vulnerability (1)
Linux Kernel 2.2.x/2.4.0-test1_ SGI ProPack 1.2/1.3 - Capabilities Local Root (sendmail <= 8.10.1) Vulnerability (2)

Debian 2.x_RedHat 6.2_IRIX 5/6_ Solaris 2.x Mail Reply-To Field Vulnerability
Debian 2.x_ RedHat 6.2_ IRIX 5/6_ Solaris 2.x - Mail Reply-To Field Vulnerability

Pure-FTPd 1.0.21 (CentOS 6.2 & Ubuntu 8.04) - Crash PoC (Null Pointer Dereference)
Pure-FTPd 1.0.21 (CentOS 6.2 / Ubuntu 8.04) - Crash PoC (Null Pointer Dereference)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (1)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (2)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (3)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (4)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - loopback (land.c) DoS (5)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (1)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (2)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (3)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (4)
FreeBSD 2.x_HP-UX 9/10/11_kernel 2.0.3_Windows NT 4.0/Server 2003_NetBSD 1 - 'land.c' loopback DoS (5)

cPanel 5.0 - Openwebmail Local Privileges Escalation Vulnerability
cPanel 5.0 - Openwebmail Local Privilege Escalation Vulnerability

Linux-PAM 0.77 - Pam_Wheel Module getlogin() Username Spoofing Privileged Escalation Vulnerability
Linux PAM 0.77 - Pam_Wheel Module getlogin() Username Spoofing Privilege Escalation Vulnerability

Totem Movie Player (Ubuntu) 3.4.3 - Stack Corruption
Totem Movie Player 3.4.3 (Ubuntu) - Stack Corruption

Flightgear 2.0_ 2.4 - Remote Format String Exploit
Flightgear 2.0/2.4 - Remote Format String Exploit

Opera 7.x_ Firefox 1.0_ Internet Explorer 6.0 - Information Disclosure Weakness
Opera 7.x/Firefox 1.0/Internet Explorer 6.0 - Information Disclosure Weakness
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index PoC Vulnerability (1)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (2)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (3)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root Vulnerability (4)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index PoC (1)
Linux Kernel 2.4.x / 2.6.x - Bluetooth Signed Buffer Index Local Root (2)
Linux Kernel <= 2.4.30 / <= 2.6.11.5 - Bluetooth bluez_sock_create Local Root Vulnerability

Linux Kernel 2.6.37 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit
Linux Kernel 2.6.32 <= 3.x.x (CentOS) - PERF_EVENTS Local Root Exploit

Linux Kernel 3.8.x - open-time Capability file_ns_capable() Privilege Escalation
Linux Kernel < 3.8.x - open-time Capability file_ns_capable() Privilege Escalation

OSX <= 10.8.4 - Local Root Privilege Escalation (py)
OSX <= 10.8.4 - Local Privilege Escalation (Python)

Moodle 2.3.8_ 2.4.5 - Multiple Vulnerabilities
Moodle 2.3.8/2.4.5 - Multiple Vulnerabilities

IBM AIX 6.1 / 7.1 - Local Root Privilege Escalation
IBM AIX 6.1 / 7.1 - Local Privilege Escalation

glibc and eglibc 2.5_ 2.7_ 2.13 - Buffer Overflow Vulnerability
glibc and eglibc 2.5/2.7/2.13 - Buffer Overflow Vulnerability

StatusNet/Laconica 0.7.4_ 0.8.2_ 0.9.0beta3 - Arbitrary File Reading
StatusNet/Laconica 0.7.4/0.8.2/0.9.0beta3 - Arbitrary File Reading

Links_ ELinks 'smbclient' Remote Command Execution Vulnerability
Links_ ELinks 'smbclient' - Remote Command Execution Vulnerability

Flyspray 0.9.9 - Information Disclosure_ HTML Injection and Cross-Site Scripting Vulnerabilities
Flyspray 0.9.9 - Information Disclosure/HTML Injection/Cross-Site Scripting

Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - Local Root (CONFIG_X86_X32=y)
Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10) - 'CONFIG_X86_X32=y' Local Root Exploit

Symantec Endpoint Protection Manager 11.0_ 12.0_ 12.1 - Remote Command Execution Exploit
Symantec Endpoint Protection Manager 11.0/12.0/12.1 - Remote Command Execution Exploit

ownCloud 4.0.x_ 4.5.x (upload.php filename param) - Remote Code Execution
ownCloud 4.0.x/4.5.x (upload.php filename param) - Remote Code Execution
Procentia IntelliPen 1.1.12.1520 (Data.aspx_ value param) - Blind SQL Injection
Vtiger CRM 5.4.0_ 6.0 RC_ 6.0.0 GA (browse.php file param) - Local File Inclusion
Procentia IntelliPen 1.1.12.1520 - data.aspx Blind SQL Injection
Vtiger CRM 5.4.0/6.0 RC/6.0.0 GA (browse.php file param) - Local File Inclusion
Haihaisoft HUPlayer 1.0.4.8 - (.m3u_ .pls_ .asx) Buffer Overflow (SEH)
Haihaisoft Universal Player 1.5.8 - (.m3u_ .pls_ .asx) Buffer Overflow (SEH)
Haihaisoft HUPlayer 1.0.4.8 - (.m3u/.pls/.asx) Buffer Overflow (SEH)
Haihaisoft Universal Player 1.5.8 - (.m3u/.pls/.asx) Buffer Overflow (SEH)

JIRA Issues Collector Directory Traversal
JIRA Issues Collector - Directory Traversal

CMSimple 4.4_ 4.4.2 - Remote File Inclusion
CMSimple 4.4/4.4.2 - Remote File Inclusion

Core FTP Server 1.2_ build 535_ 32-bit - Crash PoC
Core FTP Server 1.2 build 535 32-bit - Crash PoC

Samba <= 3.4.5 - Symlink Directory Traversal Vulnerability (C)
Samba <= 3.4.5 - Symlink Directory Traversal Vulnerability

Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR_ DEP & EMET 4.1.x Bypass (MS12-037)
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP + EMET 4.1.x Bypass (MS12-037)

Linux Kernel < 3.2.0-23 (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation
Linux Kernel < 3.2.0-23  (Ubuntu 12.04) - ptrace/sysret Local Privilege Escalation

Symantec Endpoint Protection 11.x_ 12.x - Kernel Pool Overflow
Symantec Endpoint Protection 11.x/12.x - Kernel Pool Overflow

Linux Kernel 3.16.1 - Remount FUSE Exploit
Linux Kernel < 3.16.1 - Remount FUSE Local Root Exploit

Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR_ DEP & EMET 5.0 Bypass (MS12-037)
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP + EMET 5.0 Bypass (MS12-037)

Rejetto HTTP File Server (HFS) 2.3a_ 2.3b_ 2.3c - Remote Command Execution
Rejetto HTTP File Server (HFS) 2.3a/2.3b/2.3c - Remote Command Execution

Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR_ DEP & EMET 5.1 Bypass (MS12-037)
Microsoft Internet Explorer 8 - Fixed Col Span ID Full ASLR + DEP + EMET 5.1 Bypass (MS12-037)

Mac OS X - IOKit Keyboard Driver Root Privilege Escalation
Mac OS X - IOKit Keyboard Driver Privilege Escalation

Liferay Portal 7.0.0 M1_ 7.0.0 M2_ 7.0.0 M3 - Pre-Auth RCE
Liferay Portal 7.0.0 M1/7.0.0 M2/7.0.0 M3 - Pre-Auth RCE

vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion_ SQL Injection & XSS
vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion/SQL Injection/XSS

MalwareBytes Anti-Exploit 1.03.1.1220_ 1.04.1.1012 Out-of-bounds Read DoS
MalwareBytes Anti-Exploit 1.03.1.1220/1.04.1.1012 Out-of-bounds Read DoS

JBoss AS 3_ 4_ 5_ 6 - Remote Command Execution
JBoss AS 3/4/5/6 - Remote Command Execution

Mac OS X < 10.7.5_ 10.8.2_ 10.9.5 10.10.2 - rootpipe Local Privilege Escalation
Mac OS X < 10.7.5/10.8.2/10.9.5/10.10.2 - rootpipe Local Privilege Escalation

Alienvault OSSIM/USM 4.14_ 4.15_ and 5.0 - Multiple Vulnerabilities
Alienvault OSSIM/USM 4.14/4.15/5.0 - Multiple Vulnerabilities

Pandora FMS 5.0_ 5.1 - Authentication Bypass
Pandora FMS 5.0/5.1 - Authentication Bypass

Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shell)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root Shell

Cisco AnyConnect Secure Mobility 2.x_ 3.x_ 4.x - Client DoS PoC
Cisco AnyConnect Secure Mobility 2.x/3.x/4.x - Client DoS PoC

Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Local Root (Shadow File)
Linux Kernel 3.13.0 < 3.19 (Ubuntu 12.04/14.04/14.10/15.04) - overlayfs Privilege Escalation (Access /etc/shadow)

Orchard CMS 1.7.3_ 1.8.2_ 1.9.0 - Stored XSS Vulnerability
Orchard CMS 1.7.3/1.8.2/1.9.0 - Stored XSS Vulnerability

Ubuntu 14.04 NetKit FTP Client - Crash/DoS PoC
NetKit FTP Client (Ubuntu 14.04) - Crash/DoS PoC

Interspire Email Marketer Cross Site Scripting_ HTML Injection_ and SQL Injection Vulnerabilities
Interspire Email Marketer - (Cross Site Scripting/HTML Injection/SQL Injection) Multiple Vulnerabilities

BigDump Cross Site Scripting_ SQL Injection_ and Arbitrary File Upload Vulnerabilities
BigDump - (Cross Site Scripting/SQL Injection/Arbitrary File Upload) Multiple Vulnerabilities

Elastix < 2.5 _ PHP Code Injection Exploit
Elastix < 2.5 - PHP Code Injection Exploit

Microsoft Office Excel 2007_ 2010_ 2013 - BIFFRecord Use-After-Free
Microsoft Office Excel 2007/2010/2013 - BIFFRecord Use-After-Free

OS X Regex Engine (TRE) - Integer Signedness and Overflow Issues
OS X Regex Engine (TRE) - (Integer Signedness and Overflow) Multiple Vulnerabilities

Linux Kernel 3.3.5 - 'CLONE_NEWUSER|CLONE_FS' Local Privilege Escalation Vulnerability
Linux Kernel 3.0 < 3.3.5 - 'CLONE_NEWUSER|CLONE_FS' Local Privilege Escalation Vulnerability

Linux Kernel <=4.3.3 (Ubuntu 14.04_ 15.10) - overlayfs Local Root Exploit
Linux Kernel <= 4.3.3 (Ubuntu 14.04/15.10) - overlayfs Local Root Exploit

Exim < 4.86.2 - Local Root Privilege Escalation
Exim < 4.86.2 - Local Privilege Escalation
RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - snd-usb-audio Crash PoC
RHEL 7.1 (and CentOS) Kernel 3.10.0-229.x - iowarrior driver Crash PoC
Linux Kernel 3.10.0-229.x (RHEL 7.1. CentOS) - snd-usb-audio Crash PoC
Linux Kernel 3.10.0-229.x (RHEL 7.1. CentOS) - iowarrior driver Crash PoC

Trend Micro Deep Discovery Inspector 3.8_ 3.7 - CSRF Vulnerabilities
Trend Micro Deep Discovery Inspector 3.8/3.7 - CSRF Vulnerabilities

FireEye - Privilege Escalation to root from Malware Input Processor (uid=mip)
FireEye - Malware Input Processor (uid=mip) Privilege Escalation Exploit

Novell Service Desk 7.1.0_ 7.0.3 and 6.5 - Multiple Vulnerabilities
Novell Service Desk 7.1.0/7.0.3 and 6.5 - Multiple Vulnerabilities

Internet Explorer 9_ 10_ 11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)
Internet Explorer 9/10/11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)

Linux (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow)
Linux Kernel (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow)

Linux (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps
Linux Kernel (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps
Android Broadcom Wi-Fi Driver - Memory Corruption
CIScan 1.00 - Hostname/IP Field SEH Overwrite PoC
FileZilla FTP Client 3.17.0.0 - Unquoted Path Privilege Escalation
Intuit QuickBooks Desktop 2007 - 2016 - Arbitrary Code Execution
2016-05-12 05:03:21 +00:00