Offensive Security
|
c66d2f584e
|
DB: 2017-11-02
5 new exploits
Microsoft Internet Explorer - DHTML Object Handling Vulnerabilities (MS05-020)
Microsoft Internet Explorer - DHTML Object Handling (MS05-020)
Stoney FTPd - Denial of Service (rxBot mods ftpd)
Stoney FTPd - 'rxBot mods ftpd' Denial of Service
Microsoft Windows Server 2000 - UPNP (getdevicelist) Memory Leak Denial of Service
Microsoft Windows Server 2000 - UPNP 'getdevicelist' Memory Leak Denial of Service
Winamp 5.21 - .Midi File Header Handling Buffer Overflow (PoC)
Winamp 5.21 - '.Midi' File Header Handling Buffer Overflow (PoC)
Apache (mod_rewrite) < 1.3.37/2.0.59/2.2.3 - Remote Overflow (PoC)
Apache < 1.3.37/2.0.59/2.2.3 mod_rewrite - Remote Overflow (PoC)
ProFTPd 1.3.0a - 'mod_ctrls support' Local Buffer Overflow (PoC)
ProFTPd 1.3.0a - 'mod_ctrls' 'support' Local Buffer Overflow (PoC)
Opera 9.10 - '.jpg' Image DHT Marker Heap Corruption Vulnerabilities
Opera 9.10 - '.jpg' Image DHT Marker Heap Corruption
ZOO - .ZOO File Decompression Infinite Loop Denial of Service (PoC)
Versalsoft HTTP File Uploader - ActiveX 6.36 (AddFile) Remote Denial of Service
ZOO - '.ZOO' Decompression Infinite Loop Denial of Service (PoC)
Versalsoft HTTP File Uploader - ActiveX 6.36 AddFile Remote Denial of Service
RhinoSoft Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service
RhinoSoft Serv-U FTP Server 7.3 - Authenticated 'stou con:1' Denial of Service
CUPS 1.3.7 - Cross-Site Request Forgery (add rss subscription) Remote Crash
CUPS 1.3.7 - Cross-Site Request Forgery (Add RSS Subscription) Remote Crash
Microsoft Office - Communicator (SIP) Remote Denial of Service
Microsoft Office - Communicator 'SIP' Remote Denial of Service
Apple Safari - 'ARGUMENTS' Array Integer Overflow (PoC) (Heap Spray)
Apple Safari - 'ARGUMENTS' Array Integer Overflow HeapSpray (PoC)
Amaya Web Editor 11.0 - XML / HTML Parser Vulnerabilities
Amaya Web Editor 11.0 - XML / HTML Parser
VideoLAN VLC Media Player 0.9.8a - Web UI (input) Remote Denial of Service
VideoLAN VLC Media Player 0.9.8a - Web UI 'input' Remote Denial of Service
Real Helix DNA - RTSP / SETUP Request Handler Vulnerabilities
Real Helix DNA - 'RTSP' / 'SETUP' Request Handler
BugHunter HTTP Server 1.6.2 - 'httpsv.exe' (GET 404) Remote Denial of Service
BugHunter HTTP Server 1.6.2 - 'httpsv.exe' GET 404 Remote Denial of Service
Apple Safari 3.2.3 (Windows x86) - JavaScript (eval) Remote Denial of Service
Apple Safari 3.2.3 (Windows x86) - JavaScript 'eval' Remote Denial of Service
httpdx 1.4 - HTTP Server (Host Header) Remote Format String Denial of Service
httpdx 1.4 - HTTP Server Host Header Remote Format String Denial of Service
Multiple Media Player - HTTP DataHandler Overflow (iTunes & QuickTime etc)
Multiple Media Players ((iTunes / QuickTime) - HTTP DataHandler Overflow
Microsoft Internet Explorer 6/7/8 - Denial of Service (Shockwave Flash Object)
Microsoft Internet Explorer 6/7/8 - Shockwave Flash Object Denial of Service
Adobe (Multiple Products) - XML External Entity / XML Injection Vulnerabilities
Adobe (Multiple Products) - XML External Entity / XML Injection
PHP (Multiple Functions) - Local Denial of Service Vulnerabilities
PHP (Multiple Functions) - Local Denial of Service
RPM Select/Elite 5.0 - '.xml config parsing' Unicode Buffer Overflow (PoC)
RPM Select/Elite 5.0 - '.xml Configuration parsing' Unicode Buffer Overflow (PoC)
Microsoft Windows - SMB2 Negotiate Protocol (0x72) Response Denial of Service
Microsoft Windows - SMB2 Negotiate Protocol '0x72' Response Denial of Service
Oreans Themida 2.1.8.0 - TMD File Handling Buffer Overflow
Oreans Themida 2.1.8.0 - '.TMD' File Handling Buffer Overflow
Play [EX] 2.1 - Playlist File (M3U/PLS/LST) Denial of Service
Play [EX] 2.1 - '.M3U'/'.PLS'/'.LST' Playlist File Denial of Service
Apple iTunes 10.6.1.7 - '.m3u' Playlist File Walking Heap Buffer Overflow
Apple iTunes 10.6.1.7 - '.m3u' Walking Heap Buffer Overflow
Ipswitch IMail 5.0.5/5.0.6/5.0.7 - POP3 Denial of Service (Possible Buffer Overflow)
Ipswitch IMail 5.0.5/5.0.6/5.0.7 - POP3 Denial of Service / Buffer Overflow
RedHat Linux 6.x - X Font Server Denial of Service / Buffer Overflow Vulnerabilities
RedHat Linux 6.x - X Font Server Denial of Service / Buffer Overflow
Qualcomm qpopper 2.53/3.0 / RedHat imap 4.5 -4_ UoW imap 4.5 popd - Lock File Denial of Service
Qualcomm qpopper 2.53/3.0 / RedHat imap 4.5 -4 / UoW imap 4.5 popd - Lock File Denial of Service
Axent NetProwler 3.0 - Malformed IP Packets Denial of Service (1)
Axent NetProwler 3.0 - Malformed IP Packets Denial of Service (2)
Axent NetProwler 3.0 - IP Packets Denial of Service (1)
Axent NetProwler 3.0 - IP Packets Denial of Service (2)
WFTPD 2.4.1RC11 - REST Command Malformed File Write Denial of Service
WFTPD 2.4.1RC11 - 'REST' Malformed File Write Denial of Service
id Software Quake 3 Arena Server 1.29 - Possible Buffer Overflow
id Software Quake 3 Arena Server 1.29 - Buffer Overflow
BSDI 3.0/3.1 - Possible Local Kernel Denial of Service
BSDI 3.0/3.1 - Local Kernel Denial of Service
Cisco IOS 11/12 - Malformed SNMP Message Denial of Service
Cisco IOS 11/12 - SNMP Message Denial of Service
Apache 1.3.x + Tomcat 4.0.x/4.1.x (Mod_JK) - Chunked Encoding Denial of Service
Apache 1.3.x + Tomcat 4.0.x/4.1.x mod_jk - Chunked Encoding Denial of Service
BitchX 1.0 - Malformed RPL_NAMREPLY Denial of Service
BitchX 1.0 - 'RPL_NAMREPLY' Denial of Service
RealPlayer 15.0.6.14(.3g2) - WriteAV Crash (PoC)
RealPlayer 15.0.6.14(.3g2) - 'WriteAV' Crash (PoC)
Plug And Play Web Server 1.0 002c - FTP Service Command Handler Buffer Overflow Vulnerabilities
Plug And Play Web Server 1.0 002c - FTP Service Command Handler Buffer Overflow
ProFTPd 1.2.7/1.2.8 - ASCII File Transfer Buffer Overrun
ProFTPd 1.2.7/1.2.8 - '.ASCII' File Transfer Buffer Overrun
Avaya Argent Office - Malformed DNS Packet Denial of Service
Avaya Argent Office - DNS Packet Denial of Service
Cisco IOS 12 MSFC2 - Malformed Layer 2 Frame Denial of Service
Cisco IOS 12 MSFC2 - Layer 2 Frame Denial of Service
ClamAV Daemon 0.65 - Malformed UUEncoded Message Denial of Service
Red-M Red-Alert 3.1 - Remote Vulnerabilities
ClamAV Daemon 0.65 - UUEncoded Message Denial of Service
Red-M Red-Alert 3.1 - Remote Exploit
Neon WebDAV Client Library 0.2x - Format String Vulnerabilities
Neon WebDAV Client Library 0.2x - Format String
Linux Kernel 2.4.x/2.6.x - Local Denial of Service / Memory Disclosure Vulnerabilities
Linux Kernel 2.4.x/2.6.x - Local Denial of Service / Memory Disclosure
Adobe Acrobat / Acrobat Reader 6.0 - ETD File Parser Format String
Adobe Acrobat / Acrobat Reader 6.0 - '.ETD' File Parser Format String
Check Point VPN-1 SecureClient - Malformed IP Address Local Memory Access
Check Point VPN-1 SecureClient - IP Address Local Memory Access
CenterICQ 4.20/4.5 - Malformed Packet Handling Remote Denial of Service
CenterICQ 4.20/4.5 - Packet Handling Remote Denial of Service
Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption Vulnerabilities (MS06-012)
Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption (MS06-012)
Mozilla (Multiple Products) - iFrame JavaScript Execution Vulnerabilities
Mozilla (Multiple Products) - iFrame JavaScript Execution
Microsoft .NET Framework SDK 1.0/1.1 - MSIL Tools Buffer Overflow Vulnerabilities
Microsoft .NET Framework SDK 1.0/1.1 - MSIL Tools Buffer Overflow
Apple Mac OSX 10.x - LZWDecodeVector (.tiff) Overflow
Apple Mac OSX 10.x - LZWDecodeVector '.tiff' Overflow
SolarWinds Server and Application Monitor - ActiveX (Pepco32c) Buffer Overflow
SolarWinds Server and Application Monitor - ActiveX 'Pepco32c' Buffer Overflow
Computer Associates BrightStor ARCserve Backup 11.5 - mediasvr caloggerd Denial of Service Vulnerabilities
Computer Associates BrightStor ARCserve Backup 11.5 - mediasvr caloggerd Denial of Service
Microsoft Windows XP - GDI+ ICO File Remote Denial of Service
Microsoft Windows XP - GDI+ '.ICO' File Remote Denial of Service
PHP 5.2.1 'GD' Extension - '.WBMP' File Integer Overflow Vulnerabilities
PHP 5.2.1 'GD' Extension - '.WBMP' File Integer Overflow
PC SOFT WinDEV 11 - WDP File Parsing Stack Buffer Overflow
PC SOFT WinDEV 11 - '.WDP' File Parsing Stack Buffer Overflow
Microsoft Forms 2.0 - ActiveX Control 2.0 Memory Access Violation Denial of Service Vulnerabilities
Microsoft Forms 2.0 - ActiveX Control 2.0 Memory Access Violation Denial of Service
libcdio 0.7x - GNU Compact Disc Input and Control Library Buffer Overflow Vulnerabilities
libcdio 0.7x - GNU Compact Disc Input and Control Library Buffer Overflow
Multiple Platform IPv6 Address Publication - Denial of Service Vulnerabilities
Multiple Platform IPv6 Address Publication - Denial of Service
Ruby 1.9 - WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request Denial of Service
Ruby 1.9 - 'WEBrick::HTTP::DefaultFileHandler' Crafted HTTP Request Denial of Service
Apple Safari For Windows 3.2.1 - Malformed URI Remote Denial of Service
Apple Safari For Windows 3.2.1 - URI Remote Denial of Service
Apple Safari 4 - Malformed 'feeds:' URI Null Pointer Dereference Remote Denial of Service
Apple Safari 4 - 'feeds:' URI Null Pointer Dereference Remote Denial of Service
Microsoft Windows Media Player 11 - .AVI File Colorspace Conversion Remote Memory Corruption
Microsoft Windows Media Player 11 - '.AVI' File Colorspace Conversion Remote Memory Corruption
Apache 2.4.7 (mod_status) - Scoreboard Handling Race Condition
Apache 2.4.7 mod_status - Scoreboard Handling Race Condition
Battlefield 2/2142 - Malformed Packet Null Pointer Dereference Remote Denial of Service
Battlefield 2/2142 - Packet Null Pointer Dereference Remote Denial of Service
Foxit Products GIF Conversion - Memory Corruption (LZWMinimumCodeSize)
Foxit Products GIF Conversion - Memory Corruption (DataSubBlock)
Foxit Products GIF Conversion - 'LZWMinimumCodeSize' Memory Corruption
Foxit Products GIF Conversion - 'DataSubBlock' Memory Corruption
Paintshop Pro X7 - '.gif' Conversion Heap Memory Corruption Vulnerabilities (LZWMinimumCodeSize)
Paintshop Pro X7 - '.gif' Conversion Heap Memory Corruption 'LZWMinimumCodeSize'
Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated TTF File Embedded in SWF
Adobe Flash - Out-of-Bounds Memory Read While Parsing a Mutated '.TTF' File Embedded in SWF
Adobe Flash - Heap Based Buffer Overflow Loading FLV File with Nellymoser Audio Codec
Adobe Flash - Heap Based Buffer Overflow Loading '.FLV' File with Nellymoser Audio Codec
PHP 5.4/5.5/5.6 - 'Unserialize()' Use-After-Free Vulnerabilities
PHP 5.4/5.5/5.6 - 'Unserialize()' Use-After-Free
Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack Based Buffer Overflow
Wireshark - memcpy (get_value / dissect_btatt) SIGSEGV
Wireshark - file_read 'wtap_read_bytes_or_eof/mp2t_find_next_pcr' Stack Based Buffer Overflow
Wireshark - memcpy 'get_value / dissect_btatt' SIGSEGV
Wireshark - addresses_equal (dissect_rsvp_common) Use-After-Free
Wireshark - addresses_equal 'dissect_rsvp_common' Use-After-Free
pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap Based Out-of-Bounds Read
pdfium - opj_j2k_read_mcc (libopenjpeg) Heap Based Out-of-Bounds Read
Wireshark - iseries_check_file_type Stack Based Out-of-Bounds Read
pdfium - opj_jp2_apply_pclr 'libopenjpeg' Heap Based Out-of-Bounds Read
pdfium - opj_j2k_read_mcc 'libopenjpeg' Heap Based Out-of-Bounds Read
Wireshark - 'iseries_check_file_type' Stack Based Out-of-Bounds Read
Wireshark - nettrace_3gpp_32_423_file_open Stack Based Out-of-Bounds Read
Wireshark - 'nettrace_3gpp_32_423_file_open' Stack Based Out-of-Bounds Read
pdfium - opj_t2_read_packet_header (libopenjpeg) Heap Use-After-Free
pdfium - opj_t2_read_packet_header 'libopenjpeg' Heap Use-After-Free
Samsung Galaxy S6 - android.media.process Face Recognition Memory Corruption (MdConvertLine)
Samsung Galaxy S6 - 'android.media.process' 'MdConvertLine' Face Recognition Memory Corruption
Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - visor (treo_attach) Nullpointer Dereference
Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - visor 'treo_attach' Nullpointer Dereference
Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow
Netwrix Auditor 7.1.322.0 - ActiveX 'sourceFile' Stack Buffer Overflow
Apple QuickTime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 1
Apple QuickTime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 2
Apple QuickTime < 7.7.79.80.95 - PSD File Parsing Memory Corruption
Apple QuickTime < 7.7.79.80.95 - '.FPX' Parsing Memory Corruption (1)
Apple QuickTime < 7.7.79.80.95 - '.FPX' Parsing Memory Corruption (2)
Apple QuickTime < 7.7.79.80.95 - '.PSD' Parsing Memory Corruption
Adobe Flash - Heap Overflow in ATF Processing (Image Reading)
Adobe Flash - Heap Overflow in ATF Processing Image Reading
Apache 2.4.23 (mod_http2) - Denial of Service
Apache 2.4.23 mod_http2 - Denial of Service
Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Reads/Writes with Malformed 'fpgm' table (win32k!bGeneratePath)
Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Read with Malformed 'glyf' Table (win32k!fsc_CalcGrayRow)
Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Reads/Writes with Malformed 'fpgm' table 'win32k!bGeneratePath'
Microsoft Windows Kernel - 'win32k.sys' '.TTF' Font Processing Out-of-Bounds Read with Malformed 'glyf' Table 'win32k!fsc_CalcGrayRow'
WhatsApp 2.17.52 - Memory Corruption
ICQ Pro 2003a - Password Bypass Exploit (ca1-icq.asm)
ICQ Pro 2003a - 'ca1-icq.asm' Password Bypass Exploit
IBM DB2 - Universal Database 7.2 (db2licm) Local Exploit
IBM DB2 - Universal Database 7.2 'db2licm' Local Exploit
SuSE Linux 9.0 - YaST config Skribt Local Exploit
SuSE Linux 9.0 - YaST Configuration Skribt Local Exploit
Solaris locale - Format Strings (noexec stack) Exploit
Solaris locale - Format Strings 'noexec stack' Exploit
UUCP Exploit - File Creation/Overwriting (Symlinks) Exploit
UUCP Exploit - File Creation/Overwriting Symlinks Exploit
GnomeHack - Local Buffer Overflow (gid=games)
Kwintv - Local Buffer Overflow (gid=video(33))
GnomeHack - Local Buffer Overflow
Kwintv - Local Buffer Overflow
RedHat 6.1 man - Local Exploit (egid 15)
RedHat 6.1 man - 'egid 15' Local Exploit
Solaris 2.5.1 lp / lpsched - Symlink Vulnerabilities
Solaris 2.5.1 lp / lpsched - Symlink Exploit
SGI IRIX - Multiple Buffer Overflows (LsD)
SGI IRIX - 'LsD' Multiple Buffer Overflows
Solaris 5.5.1 X11R6.3 - xterm (-xrm) Privilege Escalation
Solaris 5.5.1 X11R6.3 - xterm '-xrm' Privilege Escalation
ProFTPd - 'ftpdctl pr_ctrls_connect' Exploit
ProFTPd - 'ftpdctl' 'pr_ctrls_connect' Exploit
GlobalScape - CuteFTP macros (.mcr) Local
GlobalScape - CuteFTP macros '.mcr' Local
socat 1.4.0.2 - Local Format String (not setuid)
Socat 1.4.0.2 - Not SETUID Local Format String
TipxD 1.1.1 - Local Format String (not setuid)
TipxD 1.1.1 - Not SETUID Local Format String
GNU a2ps - 'Anything to PostScript' Local Exploit (Not SUID)
VisualBoyAdvanced 1.7.x - Local Shell Exploit (non suid)
GNU a2ps - 'Anything to PostScript' Not SUID Local Exploit
VisualBoyAdvanced 1.7.x - Non SUID Local Shell Exploit
eXeem 0.21 - Local Password Disclosure (asm)
eXeem 0.21 - Local Password Disclosure (ASM)
Microsoft Excel 2000/2003 - Hlink Local Buffer Overflow (French)
Microsoft Excel 2003 - Hlink Local Buffer Overflow (Italian)
WinRAR 3.60 Beta 6 - SFX Path Local Stack Overflow (French)
Microsoft Excel 2000/2003 (French) - Hlink Local Buffer Overflow
Microsoft Excel 2003 (Italian) - Hlink Local Buffer Overflow
WinRAR 3.60 Beta 6 (French) - SFX Path Local Stack Overflow
Microsoft PowerPoint 2003 SP2 - Local Code Execution (French)
Microsoft PowerPoint 2003 SP2 (French) - Local Code Execution
Xcode OpenBase 9.1.5 (OSX) - Privilege Escalation (Root File Create)
Xcode OpenBase 9.1.5 (OSX) - Root File Create Privilege Escalation
Apple Mac OSX 10.4.8 - DiskManagement BOM (cron) Privilege Escalation
Apple Mac OSX 10.4.8 - DiskManagement BOM 'cron' Privilege Escalation
ProFTPd 1.3.0/1.3.0a - 'mod_ctrls support' Local Buffer Overflow (1)
ProFTPd 1.3.0/1.3.0a - 'mod_ctrls support' Local Buffer Overflow (2)
ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' 'support' Local Buffer Overflow (1)
ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' 'support' Local Buffer Overflow (2)
ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' Local Overflow (exec-shield)
ProFTPd 1.3.0/1.3.0a - 'mod_ctrls' exec-shield Local Overflow
Send ICMP Nasty Garbage (sing) - Append File Logrotate Exploit
Send ICMP Nasty Garbage (SING) - Append File Logrotate Exploit
Oracle 10g R1 - xdb.xdb_pitrig_pkg PLSQL Injection (change sys Password)
Oracle 10g R1 - xdb.xdb_pitrig_pkg PLSQL Injection (Change Sys Password)
VUPlayer 2.49 - '.asx' (HREF) Universal Buffer Overflow
VUPlayer 2.49 - '.asx' 'HREF' Universal Buffer Overflow
VUPlayer 2.49 - '.asx' (Universal) Local Buffer Overflow
VUPlayer 2.49 - '.asx' Universal Local Buffer Overflow
Zinf Audio Player 2.2.1 - '.pls' Local Buffer Overflow (Universal)
Zinf Audio Player 2.2.1 - '.pls' Universal Local Buffer Overflow
Foxit Reader 3.0 (Build 1301) - PDF Buffer Overflow (Universal)
Rosoft Media Player 4.2.1 - Local Buffer Overflow (multi target)
Foxit Reader 3.0 (Build 1301) - PDF Universal Buffer Overflow
Rosoft Media Player 4.2.1 - Local Buffer Overflow
Adobe Acrobat Reader - JBIG2 Universal Exploit (Bind Shell Port 5500)
Adobe Acrobat Reader - JBIG2 Universal Exploit
Mini-stream Ripper 3.0.1.1 - '.asx' (HREF) Local Buffer Overflow
Mini-stream Ripper 3.0.1.1 - '.asx' 'HREF' Local Buffer Overflow
Millenium MP3 Studio 1.0 - '.mpf' Local Stack Overflow (update)
Millenium MP3 Studio 1.0 - '.mpf' Local Stack Overflow (2)
BSD (Multiple Distributions) - 'setusercontext()' Vulnerabilities
BSD (Multiple Distributions) - 'setusercontext()' Exploit
Audacity 1.2 - '.gro' Universal Buffer Overflow (egg hunter)
Audacity 1.2 - '.gro' Universal Buffer Overflow (Egghunter)
NetAccess IP3 - Authenticated (ping option) Command Injection
NetAccess IP3 - Authenticated Ping Option Command Injection
Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript (.eps) Buffer Overflow
Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript '.eps' Buffer Overflow
Jasc Paint Shop Pro 8 - Local Buffer Overflow (Universal)
Jasc Paint Shop Pro 8 - Local Universal Buffer Overflow
HTML Help Workshop 4.74 - hhp Buffer Overflow (Universal)
HTML Help Workshop 4.74 - hhp Universal Buffer Overflow
Audiotran 1.4.1 - Buffer Overflow (Direct RET)
Audiotran 1.4.1 - Direct RET Buffer Overflow
Microsoft Windows NT/2000/2003/2008/XP/Vista/7 - User Mode to Ring Escalation (KiTrap0D) (MS10-015)
Microsoft Windows NT/2000/2003/2008/XP/Vista/7 - 'KiTrap0D' User Mode to Ring Escalation (MS10-015)
feedDemon 3.1.0.9 - opml File Buffer Overflow
feedDemon 3.1.0.9 - '.opml' File Buffer Overflow
Winamp 5.572 - Local Buffer Overflow (EIP + SEH DEP Bypass)
Winamp 5.572 - Local Buffer Overflow (EIP + SEH) (DEP Bypass)
GSM SIM Utility 5.15 - sms file Local Buffer Overflow (SEH)
GSM SIM Utility 5.15 - '.sms' File Local Buffer Overflow (SEH)
GSM SIM Utility 5.15 - Local Exploit (Direct RET)
GSM SIM Utility 5.15 - Direct RET Local Exploit
Microsoft Windows - Automatic LNK Shortcut File Code Execution
Microsoft Windows - Automatic .LNK Shortcut File Code Execution
QQPlayer 2.3.696.400p1 - smi File Buffer Overflow
QQPlayer 2.3.696.400p1 - '.smi' File Buffer Overflow
Microsoft Excel - Malformed FEATHEADER Record Exploit (MS09-067)
Microsoft Excel - FEATHEADER Record Exploit (MS09-067)
SnackAmp 3.1.3B - SMP Buffer Overflow (SEH DEP Bypass)
SnackAmp 3.1.3B - SMP Buffer Overflow (SEH) (DEP Bypass)
MP3-Nator - Buffer Overflow (SEH DEP Bypass)
MP3-Nator - Buffer Overflow (SEH) (DEP Bypass)
VisiWave - VWR File Parsing Trusted Pointer (Metasploit)
VisiWave - '.VWR' File Parsing Trusted Pointer (Metasploit)
F-Secure (Multiple Products) - ActiveX Overwrite (SEH) (Heap Spray)
F-Secure (Multiple Products) - ActiveX HeapSpray Overwrite (SEH)
Blade API Monitor - Unicode Bypass (Serial Number) Buffer Overflow
Blade API Monitor - Unicode Bypass Serial Number Buffer Overflow
SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - NETLS_LICENSE_FILE Exploit
SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - LICENSEMGR_FILE_ROOT Exploit
SGI IRIX 5.3/6.2 & SGI license_oeo 1.0 LicenseManager - 'NETLS_LICENSE_FILE' Exploit
SGI IRIX 6.4 & SGI license_oeo 3.0/3.1/3.1.1 LicenseManager - 'LICENSEMGR_FILE_ROOT' Exploit
Slackware Linux 3.4 - liloconfig-color Temporary file
Slackware Linux 3.4 - makebootdisk Temporary file
Slackware Linux 3.4 - 'liloconfig-color' Temporary file
Slackware Linux 3.4 - 'makebootdisk' Temporary file
Slackware Linux 3.4 - netconfig Temporary file
Slackware Linux 3.4 - pkgtool Temporary file
Slackware Linux 3.4 - 'netconfig' Temporary file
Slackware Linux 3.4 - 'pkgtool' Temporary file
IBM AIX eNetwork Firewall 3.2/3.3 - Insecure Temporary File Creation Vulnerabilities
IBM AIX eNetwork Firewall 3.2/3.3 - Insecure Temporary File Creation
IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation Vulnerabilities
IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation
GNU groff 1.11 a / HP-UX 10.0/11.0 / SGI IRIX 6.5.3 - Malicious Manpage Vulnerabilities
GNU groff 1.11 a / HP-UX 10.0/11.0 / SGI IRIX 6.5.3 - Malicious Manpage
Quinn - 'the Eskimo' and Peter N. Lewis Internet Config 1.0/2.0 Weak Password Encryption
Quinn - 'the Eskimo' and Peter N. Lewis Internet Configuration 1.0/2.0 Weak Password Encryption
MDAC 2.1.2.4202.3 / Microsoft Windows NT 4.0/SP1-6 JET/ODBC Patch and RDS Fix - Registry Key Vulnerabilities
MDAC 2.1.2.4202.3 / Microsoft Windows NT 4.0/SP1-6 JET/ODBC Patch / RDS Fix - Registry Key
Standard & Poors ComStock 4.2.4 - Machine Vulnerabilities
Standard & Poors ComStock 4.2.4 - Exploit
HP-UX 10.20/11.0 - SNMPD File Permission Vulnerabilities
HP-UX 10.20/11.0 - '.SNMPD' File Permission
CoolPlayer+ Portable 2.19.2 - Buffer Overflow (ASLR Bypass) (Large Shellcode)
CoolPlayer+ Portable 2.19.2 - Buffer Overflow (ASLR Bypass)
Samba 2.0.x - Insecure TMP file Symbolic Link
Samba 2.0.x - Insecure TMP File Symbolic Link
SuSE 7.0 - KFM Insecure TMP File Creation
SuSE 7.0 - KFM Insecure '.TMP' File Creation
QNX RTOS 4.25 - CRTTrap File Disclosure
QNX RTOS 4.25 - 'CRTTrap' File Disclosure
Linux Kernel 2.4 - SUID execve() System Call Race Condition Executable File Read (PoC)
Linux Kernel 2.4 - SUID 'execve()' System Call Race Condition Executable File Read (PoC)
BlazeVideo HDTV Player 6.6 Professional - Exploit (Direct RETN)
Aviosoft Digital TV Player Professional 1.x - '.PLF' Exploit (Direct Retn)
BlazeVideo HDTV Player 6.6 Professional - Direct RETN Exploit
Aviosoft Digital TV Player Professional 1.x - '.PLF' Direct Retn Exploit
BlazeDVD 6.1 - '.PLF' File Exploit (DEP + ASLR Bypass) (Metasploit)
BlazeDVD 6.1 - '.PLF' File Exploit (ASLR + DEP Bypass) (Metasploit)
Cscope 13.0/15.x - Insecure Temporary File Creation Vulnerabilities (1)
Cscope 13.0/15.x - Insecure Temporary File Creation Vulnerabilities (2)
Cscope 13.0/15.x - Insecure Temporary File Creation (1)
Cscope 13.0/15.x - Insecure Temporary File Creation (2)
Sony Playstation 3 (PS3) 4.31 - Save Game Preview SFO File Handling Local Command Execution
Sony Playstation 3 (PS3) 4.31 - Save Game Preview '.SFO' File Handling Local Command Execution
Microsoft Windows NT/2000/2003/2008/XP/Vista/7/8 - Local Ring Exploit (EPATHOBJ)
Microsoft Windows NT/2000/2003/2008/XP/Vista/7/8 - 'EPATHOBJ' Local Ring Exploit
PHP 5.0.5 - Safedir Restriction Bypass Vulnerabilities
PHP 5.0.5 - Safedir Restriction Bypass
AudioCoder 0.8.22 - '.m3u' Buffer Overflow (Direct Retn)
AudioCoder 0.8.22 - '.m3u' Direct Retn Buffer Overflow
AudioCoder 0.8.22 - '.lst' Buffer Overflow (Direct Retn)
AudioCoder 0.8.22 - '.lst' Direct Retn Buffer Overflow
KingView 6.53 - ActiveX Remote File Creation / Overwrite (KChartXY)
KingView 6.53 - 'KChartXY' ActiveX Remote File Creation / Overwrite
BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow (Direct RET)
BlazeDVD Pro Player 6.1 - Stack Based Direct RET Buffer Overflow
Linux Kernel 2.4.x/2.5.x/2.6.x - Sockaddr_In.Sin_Zero Kernel Memory Disclosure Vulnerabilities
Linux Kernel 2.4.x/2.5.x/2.6.x - 'Sockaddr_In.Sin_Zero' Kernel Memory Disclosure
KingView 6.53 - Insecure ActiveX Control (SuperGrid)
KingView 6.53 - 'SuperGrid' Insecure ActiveX Control
Steinberg MyMp3PRO 5.0 - Buffer Overflow (SEH) (DEP Bypass with ROP)
Steinberg MyMp3PRO 5.0 - Buffer Overflow (SEH) (DEP Bypass + ROP)
BlazeDVD Pro Player 7.0 - '.plf' Stack Based Buffer Overflow (Direct RET)
BlazeDVD Pro Player 7.0 - '.plf' Stack Based Direct RETBuffer Overflow
Filemaker Pro 13.03 / Advanced 12.04 - Login Bypass / Privilege Escalation
Filemaker Pro 13.03 / Advanced 12.04 - Authentication Bypass / Privilege Escalation
Microsoft Windows Task Scheduler - DeleteExpiredTaskAfter File Deletion Privilege Escalation
Microsoft Windows Task Scheduler - 'DeleteExpiredTaskAfter' File Deletion Privilege Escalation
Linux 3.17 - noexec File Security Bypass (Python ctypes and memfd_create)
Linux 3.17 - 'Python ctypes and memfd_create' noexec File Security Bypass
FireEye - Malware Input Processor (uid=mip) Privilege Escalation
FireEye - Malware Input Processor Privilege Escalation
Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098)
Microsoft Windows 8.1 (x64) - 'RGNOBJ' Integer Overflow (MS16-098)
VMware Workstation for Linux 12.5.2 build-4638234 - ALSA Config Host Root Privilege Escalation
VMware Workstation for Linux 12.5.2 build-4638234 - ALSA Configuration Host Root Privilege Escalation
Easy MPEG/AVI/DIVX/WMV/RM to DVD - 'Enter User Name' Buffer Overflow (SEH)
Microsoft Windows XP/2000 - RPC Remote (Non Exec Memory) Exploit
Microsoft Windows XP/2000 - RPC Remote Non Exec Memory Exploit
ProFTPd 1.2.10 - Remote Users Enumeration Exploit
ProFTPd 1.2.10 - Remote Users Enumeration
Multiple Browsers - Tabbed Browsing Vulnerabilities
Multiple Browsers - Tabbed Browsing
Ability Server 2.34 - FTP STOR Buffer Overflow (Unix Exploit)
Ability Server 2.34 (Unix) - FTP 'STOR' Buffer Overflow
Webmin 1.5 - Web Brute Force (cgi-version)
Webmin 1.5 - Web Brute Force (CGI)
Microsoft Windows Plug-and-Play Service - Remote Universal Exploit (French) (MS05-039)
Battlefield (BFCC/BFVCC/BF2CC) - Login Bypass/Pass Stealer/Denial of Service
Microsoft Windows Plug-and-Play Service (French) - Remote Universal Exploit (MS05-039)
Battlefield (BFCC < 1.22_A /BFVCC < 2.14_B / BF2CC) - Authentication Bypass / Password Stealer / Denial of Service
Lynx 2.8.6dev.13 - Remote Buffer Overflow (port bind)
Lynx 2.8.6dev.13 - Remote Buffer Overflow
Mercury Mail Transport System 4.01b - Remote Exploit (PH SERVER)
Mercury Mail Transport System 4.01b - PH SERVER Remote Exploit
SHOUTcast 1.9.4 - File Request Format String (Leaked)
SHOUTcast 1.9.4 - File Request 'Leaked' Format String
Barracuda Spam Firewall 3.3.03.053 - Remote Code Execution (extra)
Barracuda Spam Firewall 3.3.03.053 - Remote Code Execution
MySQL 4.x/5.0 (Windows) - User-Defined Function (UDF) Command Execution
MySQL 4.x/5.0 (Windows) - User-Defined Function Command Execution
GNU Mailutils imap4d 0.6 - Remote Format String (exec-shield)
GNU Mailutils imap4d 0.6 - exec-shield Remote Format String
Fenice Oms server 1.10 - Remote Buffer Overflow (exec-shield)
Fenice Oms server 1.10 - exec-shield Remote Buffer Overflow
HP Tru64 - Remote Secure Shell User Enumeration Exploit
HP Tru64 - Remote Secure Shell User Enumeration
Yahoo! Messenger Webcam 8.1 - ActiveX Remote Buffer Overflow 2
Yahoo! Messenger Webcam 8.1 - ActiveX Remote Buffer Overflow (2)
Program Checker - 'sasatl.dll 1.5.0.531' JavaScript Heap Spraying Exploit
Program Checker - 'sasatl.dll 1.5.0.531' JavaScript HeapSpray
Program Checker - 'sasatl.dll 1.5.0.531' DebugMsgLog Heap Spraying Exploit
Program Checker - 'sasatl.dll 1.5.0.531' DebugMsgLog HeapSpray
Data Dynamics ActiveBar - ActiveX (actbar3.ocx 3.1) Insecure Methods
Data Dynamics ActiveBar - ActiveX 'actbar3.ocx 3.1' Insecure Methods
Savant Web Server 3.1 - GET Remote Overflow (Universal)
Savant Web Server 3.1 - GET Universal Remote Overflow
ProFTPd 1.x - 'mod_tls module' Remote Buffer Overflow
ProFTPd 1.x - 'mod_tls' Remote Buffer Overflow
Apache Tomcat - WebDAV Remote File Disclosure (SSL)
Apache Tomcat - WebDAV SSL Remote File Disclosure
Linksys WRT54G Firmware 1.00.9 - Security Bypass Vulnerabilities (1)
Linksys WRT54G Firmware 1.00.9 - Security Bypass (1)
VideoLAN VLC Media Player 0.8.6d - httpd_FileCallBack Remote Format String
VideoLAN VLC Media Player 0.8.6d - 'httpd_FileCallBack' Remote Format String
Linksys WRT54G Firmware 1.00.9 - Security Bypass Vulnerabilities (2)
Linksys WRT54G Firmware 1.00.9 - Security Bypass (2)
BlazeDVD 5.0 - PLF Playlist File Remote Buffer Overflow
BlazeDVD 5.0 - '.PLF' Playlist File Remote Buffer Overflow
Microsoft Windows Server - Code Execution (MS08-067) (Universal)
Microsoft Windows Server - Universal Code Execution (MS08-067)
SpeedStream 5200 - Authentication Bypass Config Download
SpeedStream 5200 - Authentication Bypass Configuration Download
GeoVision LiveX 8200 - ActiveX (LIVEX_~1.OCX) File Corruption (PoC)
GeoVision LiveX 8200 - ActiveX 'LIVEX_~1.OCX' File Corruption (PoC)
Amaya 11.1 - W3C Editor/Browser (defer) Stack Overflow
Amaya 11.1 - W3C Editor/Browser 'defer' Stack Overflow
XBMC 8.10 - get tag from file name Remote Buffer Overflow
XBMC 8.10 - Get Tag From File Name Remote Buffer Overflow
FTPDMIN 0.96 - RNFR Remote Buffer Overflow (xp sp3/case study)
FTPDMIN 0.96 (Windows XP SP3) - 'RNFR' Remote Buffer Overflow
Roxio CinePlayer 3.2 - 'IAManager.dll' Remote Buffer Overflow (heap spray)
Roxio CinePlayer 3.2 - 'IAManager.dll' Remote Buffer Overflow HeapSpray
cPanel - Authenticated (lastvisit.html domain) Arbitrary File Disclosure
cPanel - Authenticated 'lastvisit.html Domain' Arbitrary File Disclosure
ARD-9808 DVR Card Security Camera - Arbitrary Config Disclosure
ARD-9808 DVR Card Security Camera - Arbitrary Configuration Disclosure
Mozilla Firefox 3.5 - 'Font tags' Remote Heap Spray (1)
Mozilla Firefox 3.5 - 'Font tags' Remote HeapSpray (1)
Mozilla Firefox 3.5 - 'Font tags' Remote Heap Spray (2)
Microsoft Office Web Components Spreadsheet - ActiveX (OWC10/11) Exploit
Mozilla Firefox 3.5 - 'Font tags' Remote HeapSpray (2)
Microsoft Office Web Components Spreadsheet - ActiveX 'OWC10/11' Exploit
VideoLAN VLC Media Player 0.8.6f - 'smb://' URI Handling Remote Buffer Overflow (Universal)
VideoLAN VLC Media Player 0.8.6f - 'smb://' URI Handling Remote Universal Buffer Overflow
IBM Informix Client SDK 3.0 - nfx file integer Overflow
IBM Informix Client SDK 3.0 - '.nfx' File Integer Overflow
AOL 9.5 - ActiveX Exploit (Heap Spray)
AOL 9.5 - ActiveX Heap Spray Exploit
Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow (calc.exe)
Wireshark 1.2.5 - LWRES getaddrbyname Buffer Overflow
Magneto Net Resource ActiveX 4.0.0.5 - NetFileClose Exploit (Universal)
Magneto Net Resource ActiveX 4.0.0.5 - NetConnectionEnum Exploit (Universal)
Magneto Net Resource ActiveX 4.0.0.5 - NetShareEnum Exploit (Universal)
Magneto Net Resource ActiveX 4.0.0.5 - 'NetFileClose' Universal Exploit
Magneto Net Resource ActiveX 4.0.0.5 - 'NetConnectionEnum' Universal Exploit
Magneto Net Resource ActiveX 4.0.0.5 - 'NetShareEnum' Universal Exploit
Barcodewiz Barcode ActiveX Control 3.29 - Remote Heap Spray Exploit (Internet Explorer 6/7)
Barcodewiz Barcode ActiveX Control 3.29 - Remote HeapSpray Exploit (Internet Explorer 6/7)
Advanced File Vault - 'eSellerateControl350.dll' ActiveX Heap Spray
Advanced File Vault - 'eSellerateControl350.dll' ActiveX HeapSpray
RSP MP3 Player - OCX ActiveX Buffer Overflow (heap spray)
Easy FTP 1.7.0.11 - Buffer Overflow Vulnerabilities in NLST & NLST -al & APPE & RETR & SIZE & XCWD Commands
RSP MP3 Player - OCX ActiveX Buffer Overflow HeapSpray
Easy FTP 1.7.0.11 - 'NLST' / 'NLST -al' / 'APPE' / 'RETR' / 'SIZE' / 'XCWD' Buffer Overflow
Oracle JRE - java.net.URLConnection class Same-of-Origin (SOP) Policy Bypass
Oracle JRE - java.net.URLConnection class Same-of-Origin 'SOP' Policy Bypass
Microsoft Windows - Common Control Library (Comctl32) Heap Overflow (MS10-081)
Microsoft Windows - Common Control Library 'Comctl32' Heap Overflow (MS10-081)
Majordomo2 - Directory Traversal (SMTP/HTTP)
Majordomo2 - 'SMTP/HTTP' Directory Traversal
Microsoft Outlook - ATTACH_BY_REF_RESOLVE File Execution (MS10-045) (Metasploit)
Microsoft Outlook - ATTACH_BY_REF_ONLY File Execution (MS10-045) (Metasploit)
Microsoft Outlook - 'ATTACH_BY_REF_RESOLVE' File Execution (MS10-045) (Metasploit)
Microsoft Outlook - 'ATTACH_BY_REF_ONLY' File Execution (MS10-045) (Metasploit)
Apache (mod_rewrite) - LDAP protocol Buffer Overflow (Metasploit)
Apache mod_rewrite - LDAP protocol Buffer Overflow (Metasploit)
Zend Java Bridge - Remote Code Execution (ZDI-11-113)
Zend Java Bridge - Remote Code Execution
7-Technologies IGSS 9 - Data Server/Collector Packet Handling Vulnerabilities (Metasploit)
7-Technologies IGSS 9 - Data Server/Collector Packet Handling (Metasploit)
TFTP Server 1.4 - ST (RRQ) Buffer Overflow
WorldMail IMAPd 3.0 - Overflow (SEH) (Egg Hunter)
TFTP Server 1.4 - ST 'RRQ' Buffer Overflow
WorldMail IMAPd 3.0 - Overflow (SEH) (Egghunter)
MailMax 4.6 - POP3 'USER' Remote Buffer Overflow (No Login Needed)
MailMax 4.6 - POP3 'USER' Unauthenticated Remote Buffer Overflow
AN-HTTPd 1.2b - CGI Vulnerabilities
AN-HTTPd 1.2b - CGI Exploits
Microsoft Internet Explorer 4.x/5 / Outlook 2000 0/98 0/Express 4.x - ActiveX CAB File Execution
Microsoft Internet Explorer 4.x/5 / Outlook 2000 0/98 0/Express 4.x - ActiveX '.CAB' File Execution
RedHat 6.1 / IRIX 6.5.18 - lpd Vulnerabilities
RedHat 6.1 / IRIX 6.5.18 - 'lpd' Exploit
Microsoft Windows Script Host 5.1/5.5 - GetObject() File Disclosure
Microsoft Windows Script Host 5.1/5.5 - 'GetObject()' File Disclosure
FreeBSD 4.2-stable - FTPd 'glob()' Buffer Overflow Vulnerabilities
FreeBSD 4.2-stable - FTPd 'glob()' Buffer Overflow
Apache 1.3 - Possible Directory Index Disclosure
Apache 1.3 - Directory Index Disclosure
Microsoft Outlook Express 6 - XML File Attachment Script Execution
Microsoft Outlook Express 6 - '.XML' File Attachment Script Execution
Microsoft Word 95/97/98/2000/2002 - INCLUDEPICTURE Document Sharing File Disclosure
Microsoft Word 95/97/98/2000/2002 - 'INCLUDEPICTURE' Document Sharing File Disclosure
Apache Tomcat 3/4 - DefaultServlet File Disclosure
Apache Tomcat 3/4 - 'DefaultServlet' File Disclosure
Apache Tomcat 3.x - Null Byte Directory/File Disclosure
Apache Tomcat 3.x - Null Byte Directory / File Disclosure
Clearswift MAILsweeper 4.x - Malformed MIME Attachment Filter Bypass
Clearswift MAILsweeper 4.x - MIME Attachment Filter Bypass
Aladdin Knowledge System Ltd - ChooseFilePath Buffer Overflow (Metasploit)
Aladdin Knowledge System Ltd - 'ChooseFilePath' Buffer Overflow (Metasploit)
Mod_Gzip 1.3.x - Debug Mode Vulnerabilities
Mod_Gzip 1.3.x - Debug Mode
Ipswitch WS_FTP Server 3.4/4.0 - FTP Command Buffer Overrun Vulnerabilities
Ipswitch WS_FTP Server 3.4/4.0 - FTP Command Buffer Overrun
Microsoft Internet Explorer 6 - Script Execution Vulnerabilities
Microsoft Internet Explorer 6 - Script Execution
OpenSSL - ASN.1 Parsing Vulnerabilities
OpenSSL - ASN.1 Parsing
Microsoft Outlook Express 6.0 - MHTML Forced File Execution (1)
Microsoft Outlook Express 6.0 - '.MHTML' Forced File Execution (1)
Sun J2EE/RI 1.4 / Sun JDK 1.4.2 - JDBC Database Insecure Default Policy Vulnerabilities
Sun J2EE/RI 1.4 / Sun JDK 1.4.2 - JDBC Database Insecure Default Policy
Sun Java Virtual Machine 1.x - Font.createFont Method Insecure Temporary File Creation
Sun Java Virtual Machine 1.x - 'Font.createFont' Method Insecure Temporary File Creation
Mitsubishi MX ActiveX Component 3 - 'ActUWzd.dll' (WzTitle) Remote Exploit
Mitsubishi MX ActiveX Component 3 - 'ActUWzd.dll' 'WzTitle' Remote Exploit
abctab2ps 1.6.3 - Write_Heading Function ABC File Remote Buffer Overflow
abctab2ps 1.6.3 - 'Write_Heading' '.ABC' Remote Buffer Overflow
abctab2ps 1.6.3 - Trim_Title Function ABC File Remote Buffer Overflow
abctab2ps 1.6.3 - 'Trim_Title' '.ABC' File Remote Buffer Overflow
PCAL 4.x - Calendar File getline Buffer Overflow
PCAL 4.x - Calendar File get_holiday Buffer Overflow
PCAL 4.x - Calendar File 'getline' Buffer Overflow
PCAL 4.x - Calendar File 'get_holiday' Buffer Overflow
Sun JavaMail 1.3.2 - MimeBodyPart.getFileName Directory Traversal
Sun JavaMail 1.3.2 - 'MimeBodyPart.getFileName' Directory Traversal
Finjan SurfinGate 7.0 - ASCII File Extension File Filter Circumvention
Finjan SurfinGate 7.0 - '.ASCII' File Extension File Filter Circumvention
Logic Print 2013 - Stack Overflow (vTable Overwrite)
Logic Print 2013 - vTable Overwrite Stack Overflow
EMC Navisphere Manager 6.x - Directory Traversal / Information Disclosure Vulnerabilities
EMC Navisphere Manager 6.x - Directory Traversal / Information Disclosure
Mitsubishi MC-WorkX 8.02 - ActiveX Control (IcoLaunch) File Execution
Mitsubishi MC-WorkX 8.02 - ActiveX Control 'IcoLaunch' File Execution
Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution (Multithreaded Scanner)
Apache + PHP < 5.3.12 / < 5.4.2 - Remote Code Execution + Scanner
CA (Multiple Products) - Console Server / 'InoCore.dll' Remote Code Execution Vulnerabilities
CA (Multiple Products) - Console Server / 'InoCore.dll' Remote Code Execution
Ability Mail Server 2013 (3.1.1) - Persistent Cross-Site Scripting (Web UI)
Ability Mail Server 2013 3.1.1 - Web UI Persistent Cross-Site Scripting
Microsoft - Tagged Image File Format (TIFF) Integer Overflow (Metasploit)
Microsoft - Tagged Image File Format '.TIFF' Integer Overflow (Metasploit)
Sun Java Runtime Environment 1.6 - Web Start JNLP File Stack Buffer Overflow
Sun Java Runtime Environment 1.6 - Web Start '.JNLP' File Stack Buffer Overflow
Adobe Flash Player 8.0.24 - SWF File Handling Remote Code Execution
Adobe Flash Player 8.0.24 - '.SWF' File Handling Remote Code Execution
Multiple Browsers - URI Handlers Command Injection Vulnerabilities
Multiple Browsers - URI Handlers Command Injection
Daum Game 1.1.0.5 - ActiveX (IconCreate Method) Stack Buffer Overflow
Daum Game 1.1.0.5 - ActiveX 'IconCreate Method' Stack Buffer Overflow
LeadTools MultiMedia 15 - 'LTMM15.dll' ActiveX Control Arbitrary File Overwrite Vulnerabilities
LeadTools MultiMedia 15 - 'LTMM15.dll' ActiveX Control Arbitrary File Overwrite
Adobe Flash Player 8/9.0.x - SWF File 'DeclareFunction2' ActionScript Tag Remote Code Execution
Adobe Flash Player 8/9.0.x - '.SWF' File 'DeclareFunction2' ActionScript Tag Remote Code Execution
Trillian 3.1.9 - DTD File XML Parser Buffer Overflow
Trillian 3.1.9 - '.DTD' File XML Parser Buffer Overflow
Belkin F5D8233-4 Wireless N Router (Multiple Scripts) - Authentication Bypass Vulnerabilities
Belkin F5D8233-4 Wireless N Router (Multiple Scripts) - Authentication Bypass
ProFTPd 1.3 - 'mod_sql Username' SQL Injection
ProFTPd 1.3 - 'mod_sql' 'Username' SQL Injection
Apple Safari for iPhone/iPod touch - Malformed 'Throw' Exception Remote Code Execution
Apple Safari iPhone/iPod touch - Malformed Webpage Remote Code Execution
Apple Safari for iPhone/iPod touch - 'Throw' Exception Remote Code Execution
Apple Safari iPhone/iPod touch - Webpage Remote Code Execution
PacketVideo Twonky Server 4.4.17/5.0.65 - Cross-Site Scripting / HTML Injection Vulnerabilities
PacketVideo Twonky Server 4.4.17/5.0.65 - Cross-Site Scripting / HTML Injection
Multiple Check Point Endpoint Security Products - Information Disclosure Vulnerabilities
Multiple Check Point Endpoint Security Products - Information Disclosure
Bsplayer 2.68 - HTTP Response Exploit (Universal)
Bsplayer 2.68 - HTTP Response Universal Exploit
Easy File Sharing Web Server 7.2 - Remote Buffer Overflow (SEH) (DEP Bypass with ROP)
Easy File Sharing Web Server 7.2 - Remote Buffer Overflow (SEH) (DEP Bypass + ROP)
Microsoft Internet Explorer 9/10/11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)
Microsoft Internet Explorer 9/10/11 - 'CDOMStringDataList::InitFromString' Out-of-Bounds Read (MS15-112)
Acunetix WVS 10 - Remote Command Execution (System)
Acunetix WVS 10 - Remote Command Execution
Axis Communications MPQT/PACS 5.20.x - Server-Side Include (SSI) Daemon Remote Format String
Axis Communications MPQT/PACS 5.20.x - Server-Side Include Daemon Remote Format String
Drupal Module Coder < 7.x-1.3/7.x-2.6 - Remote Code Execution (SA-CONTRIB-2016-039)
Drupal Module Coder < 7.x-1.3/7.x-2.6 - Remote Code Execution
ZyXEL PK5001Z Modem - Backdoor Account
PHP-Nuke - SQL Injection Edit/Save Message(s)
PHP-Nuke - SQL Injection Edit/Save Messages
phpBB - highlight Arbitrary File Upload (Santy.A)
phpBB - highlight Arbitrary File Upload 'Santy.A'
phpBB 2.0.10 - Bot Install (Altavista) (ssh.D.Worm)
phpBB 2.0.10 - Bot Install Altavista 'ssh.D.Worm'
Invision Power Board 2.0.3 - 'login.php' SQL Injection (tutorial)
Invision Power Board 2.0.3 - 'login.php' SQL Injection
phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure (cookie grabber)
phpBB 2.0.16 - Cross-Site Scripting Remote Cookie Disclosure (Cookie Grabber)
vBulletin 3.0.8 - Accessible Database Backup Searcher (update 3)
vBulletin 3.0.8 - Accessible Database Backup Searcher (3)
ibProArcade 2.x - module (vBulletin/IPB) SQL Injection
ibProArcade 2.x - module 'vBulletin/IPB' SQL Injection
Website Baker 2.6.0 - Login Bypass / Remote Code Execution
Website Baker 2.6.0 - Authentication Bypass / Remote Code Execution
WebWiz Products 1.0/3.06 - Login Bypass (SQL Injection)
WebWiz Products 1.0/3.06 - Authentication Bypass / SQL Injection
Woltlab Burning Board 2.x - Datenbank MOD (fileid) SQL Injection
Woltlab Burning Board 2.x - Datenbank MOD 'fileid' SQL Injection
phpCommunityCalendar 4.0.3 - Multiple (Cross-Site Scripting / SQL Injection) Vulnerabilities
phpCommunityCalendar 4.0.3 - Cross-Site Scripting / SQL Injection
BASE 1.2.4 - melissa (Snort Frontend) Remote File Inclusion
BASE 1.2.4 - melissa Snort Frontend Remote File Inclusion
E Annu 1.0 - Login Bypass (SQL Injection)
E Annu 1.0 - Authentication Bypass / SQL Injection
ASP Smiley 1.0 - 'default.asp' Login Bypass 'SQL Injection'
ASP Smiley 1.0 - 'default.asp' Authentication Bypass / SQL Injection
paFileDB 3.5.2/3.5.3 - Remote Login Bypass (SQL Injection)
paFileDB 3.5.2/3.5.3 - Remote Authentication Bypass / SQL Injection
e107 0.7.8 - 'mailout.php' Access Escalation Exploit (Admin needed)
e107 0.7.8 - 'mailout.php' Authenticated Access Escalation Exploit
TaskDriver 1.2 - Login Bypass / SQL Injection
TaskDriver 1.2 - Authentication Bypass / SQL Injection
IBM Rational ClearQuest - Web Login Bypass (SQL Injection)
IBM Rational ClearQuest - Web Authentication Bypass / SQL Injection
Joomla! Component JoomlaXplorer 1.6.2 - Remote Vulnerabilities
Joomla! Component JoomlaXplorer 1.6.2 - Remote Exploits
Xomol CMS 1.2 - Login Bypass / Local File Inclusion
Xomol CMS 1.2 - Authentication Bypass / Local File Inclusion
cPanel 11.x - 'Fantastico' Local File Inclusion (sec Bypass)
cPanel 11.x - 'Fantastico' Local File Inclusion
mxCamArchive 2.2 - Bypass Config Download
mxCamArchive 2.2 - Bypass Configuration Download
All Club CMS 0.0.2 - Remote Database Config Retrieve Exploit
All Club CMS 0.0.2 - Remote Database Configuration Retrieve Exploit
OraMon 2.0.1 - Remote Config File Disclosure
OraMon 2.0.1 - Remote Configuration File Disclosure
Flexcustomer 0.0.6 - Admin Authentication Bypass / Possible PHP code writing
Flexcustomer 0.0.6 - Admin Authentication Bypass / Possible PHP Code Writing
phpScribe 0.9 - 'user.cfg' Remote Config Disclosure
phpScribe 0.9 - 'user.cfg' Remote Configuration Disclosure
BlogHelper - Remote Config File Disclosure
PollHelper - Remote Config File Disclosure
BlogHelper - Remote Configuration File Disclosure
PollHelper - Remote Configuration File Disclosure
QuoteBook - Remote Config File Disclosure
QuoteBook - Remote Configuration File Disclosure
Free Joke Script 1.0 - Authentication Bypass / SQL Injection
Free Joke Script 1.0 - Authentication Bypass
Grestul 1.x - Authentication Bypass (Cookie SQL Injection)
Grestul 1.x - Cookie Authentication Bypass
S-CMS 1.1 Stable - Insecure Cookie Handling / Mass Page Delete Vulnerabilities
S-CMS 1.1 Stable - Insecure Cookie Handling / Mass Page Delete
smNews 1.0 - Authentication Bypass/Column Truncation Vulnerabilities
smNews 1.0 - Authentication Bypass / Column Truncation
Free Arcade Script 1.0 - Authentication Bypass (SQL Injection) / Arbitrary File Upload
Free Arcade Script 1.0 - Authentication Bypass / Arbitrary File Upload
phpAdBoard - 'conf.inc' Remote Config File Disclosure
phpAdBoard - 'conf.inc' Remote Configuration File Disclosure
W2B Restaurant 1.2 - 'conf.inc' Config File Disclosure
phpAdBoardPro - 'config.inc' Config File Disclosure
W2B Restaurant 1.2 - 'conf.inc' Configuration File Disclosure
phpAdBoardPro - 'config.inc' Configuration File Disclosure
Job2C - 'conf.inc' Config File Disclosure
Job2C - 'conf.inc' Configuration File Disclosure
chCounter 3.1.3 - (Authentication Bypass) SQL Injection
chCounter 3.1.3 - Authentication Bypass
The Recipe Script 5 - (Authentication Bypass) SQL Injection / Database Backup
The Recipe Script 5 - Authentication Bypass / Database Backup
Mlffat 2.1 - (Authentication Bypass / Cookie) SQL Injection
Mlffat 2.1 - Cookie Authentication Bypass
my-colex 1.4.2 - Authentication Bypass / Cross-Site Scripting / SQL Injection
my-colex 1.4.2 - Authentication Bypass / SQL Injection / Cross-Site Scripting
Flash Image Gallery 1.1 - Arbitrary Config File Disclosure
Flash Image Gallery 1.1 - Arbitrary Configuration File Disclosure
Traidnt Up 2.0 - (Authentication Bypass / Cookie) SQL Injection
Traidnt Up 2.0 - Cookie Authentication Bypass
LightNEasy sql/no-db 2.2.x - System Config Disclosure
LightNEasy sql/no-db 2.2.x - System Configuration Disclosure
MD-Pro 1.083.x - Survey Module (pollID) Blind SQL Injection
MD-Pro 1.083.x - Survey Module 'pollID' Blind SQL Injection
WHOISCART - (Authentication Bypass) Information Disclosure
WHOISCART - Authentication Bypass / Information Disclosure
ILIAS Lms 3.9.9/3.10.7 - Arbitrary Edition/Information Disclosure Vulnerabilities
ILIAS Lms 3.9.9/3.10.7 - Arbitrary Edition / Information Disclosure
mobilelib gold 3.0 - Authentication Bypass / SQL Injection
Mobilelib Gold 3.0 - Authentication Bypass / SQL Injection
Arab Portal 2.2 - (Authentication Bypass) Blind SQL Injection
Arab Portal 2.2 - Blind Cookie Authentication Bypass
Joomla! Component com_surveymanager 1.5.0 - SQL Injection (stype)
Joomla! Component com_surveymanager 1.5.0 - 'stype' SQL Injection
Joomla! Component com_virtuemart 1.0 - SQL Injection (Product_ID)
Joomla! Component com_virtuemart 1.0 - 'Product_ID' SQL Injection
Pre Job Board 1.0 - SQL Authentication Bypass
Pre Job Board 1.0 - Authentication Bypass
Pre Jobo .NET - SQL Authentication Bypass
Pre Jobo .NET - Authentication Bypass
SoftCab Sound Converter - ActiveX Insecure Method Exploit (sndConverter.ocx)
SoftCab Sound Converter - 'sndConverter.ocx' ActiveX Insecure Method Exploit
WSC CMS - (Authentication Bypass) SQL Injection
WSC CMS - Authentication Bypass
Joomla! Component dcsFlashGames 2.0RC1 - SQL Injection (catid)
Joomla! Component dcsFlashGames 2.0RC1 - 'catid' SQL Injection
3Com* iMC (Intelligent Management Center) - Unauthenticated File Retrieval (Traversal)
3Com* iMC (Intelligent Management Center) - Unauthenticated Traversal File Retrieval
Yamamah Photo Gallery 1.00 - SQL Injection (calbums)
Yamamah Photo Gallery 1.00 - 'calbums' SQL Injection
Elite Gaming Ladders 3.5 - SQL Injection (ladder[id])
Elite Gaming Ladders 3.5 - 'ladder[id]' SQL Injection
Harris Stratex StarMAX 2100 WIMAX Subscriber Station - Running Config Cross-Site Request Forgery
Harris Stratex StarMAX 2100 WIMAX Subscriber Station - Running Configuration Cross-Site Request Forgery
AV Arcade 3 - Cookie SQL Injection / Authentication Bypass
AV Arcade 3 - Cookie Authentication Bypass
MODx REvolution CMS 2.0.4-pl2 - Cross-Site Scripting (POST Injection)
MODx REvolution CMS 2.0.4-pl2 - POST injection Cross-Site Scripting
appRain Quick Start Edition Core Edition Multiple 0.1.4-Alpha - Cross-Site Scripting Vulnerabilities
appRain Quick Start Edition Core Edition Multiple 0.1.4-Alpha - Cross-Site Scripting
ExtCalendar2 - (Authentication Bypass / Cookie) SQL Injection
ExtCalendar2 - Cookie Authentication Bypass / Backdoor Upload
Seotoaster - SQL Injection Admin Login Bypass
Seotoaster - SQL Injection
BBS E-Market Professional bf_130 (1.3.0) - Multiple File Disclosure Vulnerabilities
BBS E-Market Professional bf_130 1.3.0 - Multiple File Disclosure Vulnerabilities
phpBB 1.x/2.0.x - '(Knowledge Base Module) 'KB.php' SQL Injection
phpBB 1.x/2.0.x - Knowledge Base Module 'KB.php' SQL Injection
PhpTax 0.8 - File Manipulation (newvalue) / Remote Code Execution
PhpTax 0.8 - File Manipulation 'newvalue' / Remote Code Execution
Spid 1.3 - lang_path File Inclusion
Spid 1.3 - 'lang_path' File Inclusion
NETGEAR WPN824v3 - Unauthorized Config Download
NETGEAR WPN824v3 - Unauthorized Configuration Download
TWiki 4.0.x - Viewfile Directory Traversal
TWiki 4.0.x - 'Viewfile' Directory Traversal
ZonPHP 2.25 - Remote Code Execution (Remote Code Execution)
ZonPHP 2.25 - Remote Code Execution
pdirl PHP Directory Listing 1.0.4 - Cross-Site Scripting Web Vulnerabilities
pdirl PHP Directory Listing 1.0.4 - Cross-Site Scripting
LedgerSMB1.0/1.1 / SQL-Ledger 2.6.x - 'Login' Local File Inclusion / Authentication Bypass Vulnerabilities
LedgerSMB1.0/1.1 / SQL-Ledger 2.6.x - 'Login' Local File Inclusion / Authentication Bypass
geoBlog MOD_1.0 - 'deletecomment.php?id' Arbitrary Comment Deletion
geoBlog MOD_1.0 - 'deleteblog.php?id' Arbitrary Blog Deletion
GeoBlog MOD_1.0 - 'deletecomment.php?id' Arbitrary Comment Deletion
GeoBlog MOD_1.0 - 'deleteblog.php?id' Arbitrary Blog Deletion
LevelOne WBR3404TX Broadband Router - 'RC' Cross-Site Scripting Vulnerabilities
LevelOne WBR3404TX Broadband Router - 'RC' Cross-Site Scripting
Ability Mail Server 2013 - Cross-Site Request Forgery (via Persistent Cross-Site Scripting) (Password Reset)
Ability Mail Server 2013 - Persistent Cross-Site Scripting / Cross-Site Request Forgery (Password Reset)
WiFiles HD 1.3 iOS - Locla File Inclusion
WiFiles HD 1.3 iOS - Local File Inclusion
IBM Maximo 4.1/5.2 - '/debug.jsp' HTML Injection / Information Disclosure Vulnerabilities
IBM Maximo 4.1/5.2 - '/debug.jsp' HTML Injection / Information Disclosure
H2O-CMS 3.4 - PHP Code Injection / Cookie Authentication Bypass Vulnerabilities
H2O-CMS 3.4 - PHP Code Injection / Cookie Authentication Bypass
IBM Tivoli Netcool Service Quality Manager - Cross-Site Scripting / HTML Injection Vulnerabilities
IBM Tivoli Netcool Service Quality Manager - Cross-Site Scripting / HTML Injection
Joomla! Component MS Comment 0.8.0b - Security Bypass / Cross-Site Scripting Vulnerabilities
Joomla! Component MS Comment 0.8.0b - Security Bypass / Cross-Site Scripting
Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting (Python Exploit)
Syslog LogAnalyzer 3.6.5 - Persistent Cross-Site Scripting (Python)
vBulletin MicroCART 1.1.4 - Arbitrary File(s) Deletion / SQL Injection / Cross-Site Scripting
vBulletin MicroCART 1.1.4 - Arbitrary Files Deletion / SQL Injection / Cross-Site Scripting
ZTE F660 - Remote Config Download
ZTE F660 - Remote Configuration Download
Tango DropBox 3.1.5 + PRO - Activex Heap Spray
Tango FTP 1.0 (Build 136) - Activex Heap Spray
Tango DropBox 3.1.5 + PRO - Activex HeapSpray
Tango FTP 1.0 (Build 136) - Activex HeapSpray
Pinterestclones - Security Bypass / HTML Injection Vulnerabilities
Pinterestclones - Security Bypass / HTML Injection
Privoxy Proxy - Authentication Information Disclosure Vulnerabilities
Privoxy Proxy - Authentication Information Disclosure
ZTE ZXHN H108N Router - Unauthenticated Config Disclosure
ZTE ZXHN H108N Router - Unauthenticated Configuration Disclosure
Google AdWords 6.2.0 API client libraries - XML eXternal Entity Injection (XXE)
Google AdWords 6.2.0 API client libraries - XML eXternal Entity Injection
Kodi 15 - Arbitrary File Access (Web Interface)
Kodi 15 - Web Interface Arbitrary File Access (
OpenMRS 2.3 (1.11.4) - XML External Entity (XXE) Processing Exploit
OpenMRS 2.3 (1.11.4) - XML External Entity Processing Exploit
OctoberCMS 1.0.426 (Build 426) - Cross-Site Request Forgery
Ingenious School Management System 2.3.0 - 'friend_index' SQL injection
|
2017-11-02 05:01:28 +00:00 |
|