bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1408 commits 1 branch 0 tags 362 MiB
Commit graph

4 commits

Author SHA1 Message Date
Offensive Security
d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
 2017-11-24 20:56:23 +00:00
Offensive Security
4b39f0d26d DB: 2017-11-16 
23 new exploits

VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (1)
VideoLAN VLC Media Player 0.8.6a - Denial of Service (1)

Microsoft Windows Explorer - '.AVI' Unspecified Denial of Service
Microsoft Windows Explorer - '.AVI' File Denial of Service

Microsoft Windows Explorer - Unspecified '.ANI' File Denial of Service
Microsoft Windows Explorer - '.ANI' File Denial of Service

Microsoft Windows Explorer - Unspecified '.doc' File Denial of Service
Microsoft Windows Explorer - '.doc' File Denial of Service

CDBurnerXP 4.2.4.1351 - Local Crash (Denial of Service)

Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Unspecified Vulnerabilities
Juniper Networks JUNOS 7.1.1 - Malformed TCP Packet Denial of Service / Multiple Vulnerabilities

iPhone / iTouch FtpDisc 1.0 3 - ExploitsInOne Buffer Overflow Denial of Service
iPhone / iTouch FtpDisc 1.0 - Buffer Overflow / Denial of Service

Aladdin eToken PKI Client 4.5 - Virtual File Handling Unspecified Memory Corruption (PoC)
Aladdin eToken PKI Client 4.5 - Virtual File Handling Memory Corruption (PoC)

Webby WebServer - SEH Control (PoC)
Webby WebServer - Overflow (SEH) (PoC)

Quick 'n Easy FTP Server Lite 3.1 - Exploit
Quick 'n Easy FTP Server Lite 3.1 - Denial of Service

Subtitle Translation Wizard 3.0.0 - Exploit (SEH) (PoC)
Subtitle Translation Wizard 3.0.0 - Overflow (SEH) (PoC)

FFDshow - SEH Exception Leading to Null Pointer on Read
FFDshow - Overflow (SEH) Exception Leading to Null Pointer on Read

Microsoft Internet Explorer - MSHTML Findtext Processing Issue
Microsoft Internet Explorer - MSHTML Findtext Processing Exploit

Oreans WinLicense 2.1.8.0 - XML File Handling Unspecified Memory Corruption
Oreans WinLicense 2.1.8.0 - XML File Handling Memory Corruption
Debian suidmanager 0.18 - Exploit
AMD K6 Processor - Exploit
Apple Personal Web Sharing 1.1 - Remote Denial of Service
AMD K6 Processor - Denial of Service

Sun Solaris 7.0 - 'procfs' Denial of Service

S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - identd Denial of Service
S.u.S.E. Linux 6.2 / Slackware Linux 3.2/3.6 - 'identd' Denial of Service

Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - rpc.lockd Remote Denial of Service
Debian 2.1/2.2 / Mandrake 6.0/6.1/7.0 / RedHat 6.x - 'rpc.lockd' Remote Denial of Service

D-Link DIR605L - Denial of Service

RedHat Linux 6.1 i386 - Tmpwatch Recursive Write Denial of Service

(Linux Kernel) ReiserFS 3.5.28 - Code Execution / Denial of Service
ReiserFS 3.5.28 (Linux Kernel) - Code Execution / Denial of Service

IBM AIX 4.3.3/5.1/5.2 libIM - Buffer Overflow
IBM AIX 4.3.3/5.1/5.2 - 'libIM' Buffer Overflow

xfstt 1.2/1.4 - Unspecified Memory Disclosure
xfstt 1.2/1.4 - Memory Disclosure

ViRobot Linux Server 2.0 - Exploit

Linux Kernel 2.4.x/2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities
Linux Kernel 2.4.x/2.6.x - Multiple ISO9660 Filesystem Handling Vulnerabilities

IBM AIX 5.x - Invscout Local Buffer Overflow
IBM AIX 5.x - 'Invscout' Local Buffer Overflow

Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Unspecified Buffer Overflow
Microsoft Internet Explorer 5.0.1 - '.JPEG' Image Rendering Buffer Overflow

Microsoft Excel 95/97/2000/2002/2003/2004 - Unspecified Memory Corruption (MS06-012)
Microsoft Excel 95/97/2000/2002/2003/2004 - Memory Corruption (MS06-012)

IBM Tivoli Directory Server 6.0 - Unspecified LDAP Memory Corruption
IBM Tivoli Directory Server 6.0 - LDAP Memory Corruption

Quake 3 Engine - CL_ParseDownload Remote Buffer Overflow
Quake 3 Engine - 'CL_ParseDownload' Remote Buffer Overflow

Zabbix 1.1.2 - Multiple Unspecified Remote Code Execution Vulnerabilities
Zabbix 1.1.2 - Multiple Remote Code Execution Vulnerabilities

VideoLAN VLC Media Player 0.8.6a - Unspecified Denial of Service (2)
VideoLAN VLC Media Player 0.8.6a - Denial of Service (2)

Sun Solaris 10 - ICMP Unspecified Remote Denial of Service
Sun Solaris 10 - ICMP Remote Denial of Service

Mozilla Firefox 2.0.0.2 - Unspecified GIF Handling Denial of Service
Mozilla Firefox 2.0.0.2 - '.GIF' Handling Denial of Service

Progress WebSpeed 3.0/3.1 - Denial of Service

GStreamer 0.10.15 - Multiple Unspecified Remote Denial of Service Vulnerabilities
GStreamer 0.10.15 - Multiple Remote Denial of Service Vulnerabilities
Wireshark 0.99.8 - X.509sat Dissector Unspecified Denial of Service
Wireshark 0.99.8 - LDAP Dissector Unspecified Denial of Service
Wireshark 0.99.8 - SCCP Dissector Decode As Feature Unspecified Denial of Service
Wireshark 0.99.8 - X.509sat Dissector Denial of Service
Wireshark 0.99.8 - LDAP Dissector Denial of Service
Wireshark 0.99.8 - SCCP Dissector Decode As Feature Denial of Service
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (1)
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Unspecified Remote Denial of Service (2)
Nokia Lotus Notes Connector - 'lnresobject.dll' Unspecified Remote Denial of Service
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (1)
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (2)
Nokia Lotus Notes Connector - 'lnresobject.dll' Remote Denial of Service
Wireshark 1.2.1 - OpcUa Dissector Unspecified Resource Exhaustion (Denial of Service)
Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Unspecified Remote Denial of Service
Wireshark 1.2.1 - GSM A RR Dissector packet.c Unspecified Remote Denial of Service
Wireshark 1.2.1 - OpcUa Dissector Resource Exhaustion (Denial of Service)
Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Remote Denial of Service
Wireshark 1.2.1 - GSM A RR Dissector packet.c Remote Denial of Service

Opera Web Browser < 11.60 - Multiple Denial of Service / Unspecified Vulnerabilities
Opera Web Browser < 11.60 - Denial of Service / Multiple Vulnerabilities

SmallFTPd - Unspecified Denial of Service
SmallFTPd - Denial of Service

Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Exploitable Kernel NULL Dereference
Apple Mac OSX - 'IntelAccelerator::gstqConfigure' Kernel NULL Dereference

Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference
Apple Mac OSX - IOSCSIPeripheralDeviceType00 Userclient Type 12 Kernel NULL Dereference

Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference
Apple Mac OSX - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient NULL Dereference
Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF CREATECOLORSPACEW' Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple Issues 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple 'EMF CREATECOLORSPACEW' Record Handling (MS16-055)
Microsoft Windows - 'gdi32.dll' Multiple 'EMF COMMENT_MULTIFORMATS' Record Handling (MS16-055)

Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Apple Mac OSX Kernel - Null Pointer Dereference in nvCommandQueue::GetHandleIndex in GeForce.kext
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleMuxControl.kext
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in AppleGraphicsDeviceControl
Apple Mac OSX Kernel - Exploitable NULL Dereference in IOAccelSharedUserClient2::page_off_resource
Apple Mac OSX Kernel - Exploitable NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
Apple Mac OSX Kernel - Exploitable Null Pointer Dereference in IOAudioEngine
Apple Mac OSX Kernel - Null Pointer Dereference in AppleMuxControl.kext
Apple Mac OSX Kernel - Null Pointer Dereference in AppleGraphicsDeviceControl
Apple Mac OSX Kernel - NULL Dereference in IOAccelSharedUserClient2::page_off_resource
Apple Mac OSX Kernel - NULL Dereference in CoreCaptureResponder Due to Unchecked Return Value
Apple Mac OSX Kernel - Null Pointer Dereference in IOAudioEngine

Apple OS X/iOS - mach_ports_register Multiple Memory Safety Issues
Apple OS X/iOS - 'mach_ports_register' Multiple Memory Safety Exploits

Linux Kernel 3.10.0-327/4.8.0-22 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference
Linux Kernel 4.8.0-22/3.10.0-327 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference

Microsoft MsMpEng - Remotely Exploitable Use-After-Free due to Design Issue in GC Engine
Microsoft MsMpEng - Remote Use-After-Free Due to Design Issue in GC Engine

Microsoft Windows Kernel - 'win32k.sys' Multiple Issues 'NtGdiGetDIBitsInternal' System Call
Microsoft Windows Kernel - 'win32k.sys' Multiple 'NtGdiGetDIBitsInternal' System Call

Mandrake Linux 8.2 /usr/mail - Local Exploit
Mandrake Linux 8.2 - '/usr/mail' Local Exploit

RedHat 6.2 /sbin/restore - Exploit
RedHat 6.2 - '/sbin/restore' Privilege Escalation

dump 0.4b15 (RedHat 6.2) - Exploit
dump 0.4b15 (RedHat 6.2) - Privilege Escalation
xsoldier 0.96 (RedHat 6.2) - Exploit
Pine (Local Message Grabber) - Exploit
xsoldier 0.96 (RedHat 6.2) - Buffer Overflow
Pine (Local Message Grabber) - Local Message Read

Seyon 2.1 rev. 4b i586-Linux - Exploit
Seyon 2.1 rev. 4b i586-Linux (RedHat 4.0/5.1) - Overflow

glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - Exploit
glibc-2.2 / openssh-2.3.0p1 / glibc 2.1.9x - File Read

suid_perl 5.001 - Exploit
suid_perl 5.001 - Command Execution

Sendmail 8.11.x (Linux/i386) - Exploit
Sendmail 8.11.x (Linux/i386) - Privilege Escalation

Microsoft Excel - Unspecified Remote Code Execution
Microsoft Excel - Remote Code Execution

Microsoft Word 2000 - Unspecified Code Execution
Microsoft Word 2000 - Code Execution
IBM AIX 5.3 sp6 - capture Terminal Sequence Privilege Escalation
IBM AIX 5.3 sp6 - pioout Arbitrary Library Loading Privilege Escalation
IBM AIX 5.3 SP6 - Capture Terminal Sequence Privilege Escalation
IBM AIX 5.3 SP6 - 'pioout' Arbitrary Library Loading Privilege Escalation

IBM AIX 5.3 libc - MALLOCDEBUG File Overwrite
IBM AIX 5.3 - 'libc' MALLOCDEBUG File Overwrite

Easy RM to MP3 Converter 2.7.3.700 - Exploit
Easy RM to MP3 Converter 2.7.3.700 - Buffer Overflow

Easy RM to MP3 27.3.700 (Windows XP SP3) - Exploit
Easy RM to MP3 27.3.700 (Windows XP SP3) - Overflow

Adobe Reader and Acrobat - Exploit
Adobe Reader / Acrobat - '.PDF' File Overflow

Mini-stream Ripper (Windows XP SP2/SP3) - Exploit
Mini-stream Ripper (Windows XP SP2/SP3) - Local Overflow

DJ Studio Pro 5.1.6.5.2 - Exploit (SEH)
DJ Studio Pro 5.1.6.5.2 - Overflow (SEH)

Winamp 5.572 - Exploit (SEH)
Winamp 5.572 - Overflow (SEH)

ZipScan 2.2c - Exploit (SEH)
ZipScan 2.2c - Overflow (SEH)
Local Glibc shared library (.so) 2.11.1 - Exploit
(Linux Kernel 2.6.34-rc3) ReiserFS (RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation
Local Glibc Shared Library (.so) 2.11.1 - Code Execution
ReiserFS (Linux Kernel 2.6.34-rc3 / RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation

SyncBack Freeware 3.2.20.0 - Exploit
SyncBack Freeware 3.2.20.0 - Overflow (SEH)

Mediacoder 0.7.3.4672 - Exploit (SEH)
Mediacoder 0.7.3.4672 - Overflow (SEH)

MP3 Workstation 9.2.1.1.2 - Exploit (SEH)
MP3 Workstation 9.2.1.1.2 - Overflow (SEH)

DJ Studio Pro 8.1.3.2.1 - Exploit (SEH)
DJ Studio Pro 8.1.3.2.1 - Overflow (SEH)

MP3 Workstation 9.2.1.1.2 - Exploit (SEH) (Metasploit)
MP3 Workstation 9.2.1.1.2 - Overflow (SEH) (Metasploit)

iworkstation 9.3.2.1.4 - Exploit (SEH)
iworkstation 9.3.2.1.4 - Overflow (SEH)

Nokia MultiMedia Player 1.0 - Exploit (SEH Unicode)
Nokia MultiMedia Player 1.0 - Overflow (SEH Unicode)

POP Peeper 3.7 - Exploit (SEH)
POP Peeper 3.7 - Overflow (SEH)

DVD X Player 5.5 Pro - SEH + ASLR + DEP Bypass
DVD X Player 5.5 Pro - Overflow (SEH + ASLR + DEP Bypass)

DJ Studio Pro 5.1.6.5.2 - Exploit (SEH) (Metasploit)
DJ Studio Pro 5.1.6.5.2 - Overflow (SEH) (Metasploit)

BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass
BlazeVideo HDTV Player 6.6 Professional - Overflow (SEH + ASLR + DEP Bypass)
Slackware Linux 3.4 - 'liloconfig-color' Temporary file
Slackware Linux 3.4 - 'makebootdisk' Temporary file
Slackware Linux 3.4 - 'liloconfig-color' Temporary File
Slackware Linux 3.4 - 'makebootdisk' Temporary File
Slackware Linux 3.4 - 'netconfig' Temporary file
Slackware Linux 3.4 - 'pkgtool' Temporary file
Slackware Linux 3.4 - 'netconfig' Temporary File
Slackware Linux 3.4 - 'pkgtool' Temporary File

Debian suidmanager 0.18 - Command Execution
BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Exploit
HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Exploit
Slackware Linux 3.5 - Missing /etc/group Privilege Escalation
BSDI BSD/OS 2.1 / FreeBSD 2.1 / IBM AIX 4.2 / SGI IRIX 6.4 / Sun SunOS 4.1.3 - Buffer Overrun
HP HP-UX 10.20/11.0 / IBM AIX 4.3 / SCO Unixware 7.0 / Sun Solaris 2.6 - Change File Permission
Slackware Linux 3.5 - '/etc/group' Privilege Escalation

Sun Solaris 2.6 power management - Exploit
Sun Solaris 2.6 - power management Exploit
DataLynx suGuard 1.0 - Exploit
Sun Solaris 2.5.1 PAM & unix_scheme - Exploit
Solaris 2.5.1 ffbconfig - Exploit
Solaris 2.5.1 chkey - Exploit
Solaris 2.5.1 Ping - Exploit
SGI IRIX 6.4 ioconfig - Exploit
DataLynx suGuard 1.0 - Privilege Escalation
Sun Solaris 2.5.1 PAM / unix_scheme - 'passwd' Privilege Escalation
Solaris 2.5.1 - 'ffbconfig' Exploit
Solaris 2.5.1 - 'chkey' Exploit
Solaris 2.5.1 - 'Ping' Exploit
SGI IRIX 6.4 - 'ioconfig' Exploit
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (1)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - xlock Exploit (2)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - 'xlock' Exploit (1)
BSD/OS 2.1 / DG/UX 7.0 / Debian 1.3 / HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.4 / Solaris 2.5.1 - '/usr/bin/X11/xlock' Privilege Escalation (2)

Solaris 2.5.1 automount - Exploit
Solaris 2.5.1 - 'automount' Exploit
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Exploit
Sun Solaris 7.0 dtprintinfo - Buffer Overflow
Sun Solaris 7.0 lpset - Buffer Overflow
BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Privilege Escalation
Sun Solaris 7.0 - '/usr/dt/bin/dtprintinfo' Buffer Overflow
Sun Solaris 7.0 - '/usr/bin/lpset' Buffer Overflow

IBM Remote Control Software 1.0 - Exploit
IBM Remote Control Software 1.0 - Code Execution

Xcmail 0.99.6 - Exploit
Xcmail 0.99.6 - Buffer Overflow
Sun Solaris 7.0 ff.core - Exploit
S.u.S.E. 5.2 lpc - Exploit
Sun Solaris 7.0 - 'ff.core' Exploit
S.u.S.E. 5.2 - 'lpc' Exploit

SGI IRIX 6.2 cdplayer - Exploit
SGI IRIX 6.2 - 'cdplayer' Exploit
SGI IRIX 5.3 Cadmin - Exploit
SGI IRIX 6.0.1 colorview - Exploit
SGI IRIX 5.3 - 'Cadmin' Exploit
SGI IRIX 6.0.1 - 'colorview' Exploit
SGI IRIX 6.3 df - Exploit
SGI IRIX 6.4 - datman/cdman Exploit
SGI IRIX 6.3 - 'df' Exploit
SGI IRIX 6.4 - datman/cdman Exploit
RedHat Linux 2.1 - abuse.console Exploit
SGI IRIX 6.2 fsdump - Exploit
RedHat Linux 5.1 xosview - Exploit
Slackware Linux 3.1 - Buffer Overflow
RedHat Linux 2.1 - 'abuse.console' Exploit
SGI IRIX 6.2 - 'fsdump' Exploit
RedHat Linux 5.1 - xosview
Slackware Linux 3.1 - '/usr/X11/bin/SuperProbe' Buffer Overflow

IBM AIX 4.3 infod - Exploit
IBM AIX 4.3 - 'infod' Exploit

IBM AIX 4.2.1 snap - Insecure Temporary File Creation
IBM AIX 4.2.1 - 'snap' Insecure Temporary File Creation
SGI IRIX 6.4 inpview - Exploit
RedHat Linux 5.0 msgchk - Exploit
IBM AIX 4.2.1 portmir - Buffer Overflow / Insecure Temporary File Creation
IBM AIX 4.2 ping - Buffer Overflow
IBM AIX 4.2 lchangelv - Buffer Overflow
SGI IRIX 6.4 - 'inpview' Exploit
RedHat Linux 5.0 - 'msgchk' Exploit
IBM AIX 4.2.1 - '/usr/bin/portmir' Buffer Overflow / Insecure Temporary File Creation
IBM AIX 4.2 - 'ping' Buffer Overflow
IBM AIX 4.2 - '/usr/sbin/lchangelv' Buffer Overflow

RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 mailx - Exploit (1)
RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' Exploit (1)

SGI IRIX 6.4 netprint - Exploit
SGI IRIX 6.4 - 'netprint' Exploit

SGI IRIX 5.3/6.2 ordist - Exploit
SGI IRIX 5.3/6.2 - 'ordist' Exploit

SGI IRIX 5.3 pkgadjust - Exploit
SGI IRIX 5.3 - 'pkgadjust' Exploit

Sun Solaris 7.0 procfs - Exploit
IBM AIX 3.2.5 - IFS Exploit
IBM AIX 4.2.1 lquerypv - Exploit
IBM AIX 3.2.5 - 'IFS' Exploit
IBM AIX 4.2.1 - 'lquerypv' File Read
SGI IRIX 6.3 pset - Exploit
SGI IRIX 6.4 rmail - Exploit
SGI IRIX 6.3 - 'pset' Exploit
SGI IRIX 6.4 - 'rmail' Exploit
SGI IRIX 5.2/5.3 serial_ports - Exploit
SGI IRIX 6.4 suid_exec - Exploit
SGI IRIX 5.1/5.2 sgihelp - Exploit
SGI IRIX 6.4 startmidi - Exploit
SGI IRIX 5.2/5.3 - 'serial_ports' Exploit
SGI IRIX 6.4 - 'suid_exec' Exploit
SGI IRIX 5.1/5.2- 'sgihelp' Exploit
SGI IRIX 6.4 - 'startmidi' Exploit

SGI IRIX 6.4 xfsdump - Exploit
SGI IRIX 6.4 - 'xfsdump' Exploit

IBM AIX 4.3.1 adb - Exploit
IBM AIX 4.3.1 - 'adb' Denial of Service
Apple At Ease 5.0 - Exploit
Samba < 2.0.5 - Exploit
Apple At Ease 5.0 - Information Disclosure
Samba < 2.0.5 - Overflow

NetBSD 1.4 / OpenBSD 2.5 /Solaris 7.0 profil(2) - Exploit
NetBSD 1.4 / OpenBSD 2.5 / Solaris 7.0 - 'profil(2)' Modify The Internal Data Space

Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 espeaker - Local Buffer Overflow
Mandriva Linux Mandrake 6.0 / Gnome Libs 1.0.8 - 'espeaker' Local Buffer Overflow

HP-UX 10.20 newgrp - Exploit
HP-UX 10.20 newgrp - Privilege Escalation

BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - 'lpr' Buffer Overrun (2)
BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - '/usr/bin/lpr' Buffer Overrun Privilege Escalation (2)

BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon Exploit
BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon
FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (1)
FreeBSD 3.3/Linux Mandrake 7.0 - 'xsoldier' Buffer Overflow (2)
xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (1)
xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (2)

Solaris 7.0 kcms_configure - Exploit
Solaris 7.0 - 'kcms_configure Exploit

Windowmaker wmmon 1.0 b2 - Exploit
Windowmaker wmmon 1.0 b2 - Command Execution

Oracle8i Standard Edition 8.1.5 for Linux Installer - Exploit
Oracle8i Standard Edition 8.1.5 for Linux Installer - Privilege Escalation

Standard & Poors ComStock 4.2.4 - Exploit
Standard & Poors ComStock 4.2.4 - Command Execution
KDE 1.1.2 KApplication configfile - Exploit (1)
KDE 1.1.2 KApplication configfile - Exploit (2)
KDE 1.1.2 KApplication configfile - Exploit (3)
KDE 1.1.2 KApplication configfile - Privilege Escalation (1)
KDE 1.1.2 KApplication configfile - Privilege Escalation (2)
KDE 1.1.2 KApplication configfile - Privilege Escalation (3)

BSD 'mailx' 8.1.1-10 - Buffer Overflow (2)
mailx 8.1.1-10 (BSD/Slackware) - Buffer Overflow (2)

Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - fld Input File Overflow
Mandrake 7.0/7.1 / RedHat Kon2 0.3.9 - '/usr/bin/fld' Input File Overflow
IRIX 6.5.x - GR_OSView Buffer Overflow
SGI IRIX 6.2 libgl.so - Buffer Overflow
IRIX 6.5.x - dmplay Buffer Overflow
IRIX 6.2/6.3 lpstat - Buffer Overflow
IRIX 6.5.x - inpview Race Condition
IRIX 6.5.x - '/usr/sbin/gr_osview' Buffer Overflow
SGI IRIX 6.2 - 'libgl.so' Buffer Overflow
IRIX 6.5.x - '/usr/sbin/dmplay' Buffer Overflow
IRIX 6.2/6.3 - '/bin/lpstat' Buffer Overflow
IRIX 6.5.x - '/usr/lib/InPerson/inpview' Race Condition

IRIX 5.3/6.x - mail Exploit
IRIX 5.3/6.x - '/usr/bin/mail' Buffer Overflow
Libc locale - Exploit (1)
Libc locale - Exploit (2)
Libc locale - Privilege Escalation (1)
Libc locale - Privilege Escalation (2)

GNOME esound 0.2.19 - Unix Domain Socket Race Condition

Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell redirection Race Condition
Apple Mac OSX 10 / HP-UX 9/10/11 / Mandriva 6/7 / RedHat 5/6 / SCO 5 / IRIX 6 - Shell Redirection Race Condition
IBM AIX 4.x - setsenv Buffer Overflow
IBM AIX 4.3 digest - Buffer Overflow
IBM AIX 4.x - enq Buffer Overflow
IBM AIX 4.3.x - piobe Buffer Overflow
IBM AIX 4.x - '/usr/bin/setsenv' Buffer Overflow
IBM AIX 4.3 - '/usr/lib/lpd/digest' Buffer Overflow
IBM AIX 4.x - 'enq' Buffer Overflow
IBM AIX 4.3.x - '/usr/lib/lpd/piobe' Buffer Overflow

SGI IRIX 6.5 / Solaris 7.0/8 - CDE dtsession Buffer Overflow
SGI IRIX 6.5 / Solaris 7.0/8 CDE - '/usr/dt/bin/dtsession' Buffer Overflow

AIX 4.2/4.3 - piomkapqd Buffer Overflow
AIX 4.2/4.3 - '/usr/lib/lpd/pio/etc/piomkapqd' Buffer Overflow

(Linux Kernel 2.4.17-8) User-Mode Linux - Memory Access Privilege Escalation
User-Mode Linux (Linux Kernel 2.4.17-8) - Memory Access Privilege Escalation

(Linux Kernel) Grsecurity Kernel Patch 1.9.4 - Memory Protection
Grsecurity Kernel Patch 1.9.4 (Linux Kernel) - Memory Protection
QNX RTOS 6.1 - phlocale Environment Variable Buffer Overflow
QNX RTOS 6.1 - PKG-Installer Buffer Overflow
QNX RTOS 6.1 - '/usr/photon/bin/phlocale' Environment Variable Buffer Overflow
QNX RTOS 6.1 - 'PKG-Installer' Buffer Overflow

NCMedia Sound Editor Pro 7.5.1 - SEH + DEP Bypass
NCMedia Sound Editor Pro 7.5.1 - Overflow (SEH + DEP Bypass)

AFD 1.2.x - Working Directory Local Buffer Overflow
AFD 1.2.x - Working Directory Local Buffer Overflow Privilege Escalation

IBM AIX 4.3.x/5.1 - ERRPT Local Buffer Overflow
IBM AIX 4.3.x/5.1 - 'ERRPT' Local Buffer Overflow

HP-UX 10.x - rs.F3000 Unspecified Unauthorized Access
HP-UX 10.x - rs.F3000 Unauthorized Access

Leksbot 1.2 - Multiple Unspecified Vulnerabilities
Leksbot 1.2 - Multiple Vulnerabilities

IBM AIX 4.3.x/5.1 - LSMCODE Environment Variable Local Buffer Overflow
IBM AIX 4.3.x/5.1 - 'LSMCODE' Environment Variable Local Buffer Overflow

IBM UniVerse 10.0.0.9 - uvadmsh Privilege Escalation
IBM UniVerse 10.0.0.9 - 'uvadmsh' Privilege Escalation

ViRobot Linux Server 2.0 - Overflow

(Linux Kernel 2.6) Samba 2.2.8 (Debian / Mandrake) - Share Privilege Escalation
Samba 2.2.8 (Linux Kernel 2.6 / Debian / Mandrake) - Share Privilege Escalation
Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (1)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (2)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Unspecified Local Memory Corruption Vulnerabilities (3)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (1)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (2)
Veritas NetBackup 3.5/4.5/5.0 - Multiple Local Memory Corruption Vulnerabilities (3)

Nvidia Display Driver Service (Nsvr) - Exploit
Nvidia Display Driver Service (Nsvr) - Buffer Overflow
IBM AIX 5.3 - GetShell and GetCommand File Enumeration
IBM AIX 5.3 - GetShell and GetCommand Partial File Disclosure
IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Enumeration
IBM AIX 5.3 - 'GetShell' / 'GetCommand' File Disclosure

Apple 2.0.4 - Safari Unspecified Local
Apple 2.0.4 - Safari Local Exploit

Systrace - Multiple System Call Wrappers Concurrency Vulnerabilities

IBM AIX 6.1.8 libodm - Arbitrary File Write
IBM AIX 6.1.8 - 'libodm' Arbitrary File Write

Apple iOS 4.0.2 - Networking Packet Filter Rules Privilege Escalation

VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow
VeryPDF HTML Converter 2.0 - Buffer Overflow (SEH/ToLower() Bypass)

Symantec Encryption Desktop 10 - Buffer Overflow Privilege Escalation

QEMU (Gentoo) - Local Priv Escalation
QEMU (Gentoo) - Privilege Escalation

Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation
Apache Tomcat 8/7/6 (RedHat Based Distros) - Privilege Escalation

RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock)
RedStar 3.0 Server - 'BEAM' / 'RSSMON' Command Injection (Shellshock)

Microsoft WordPerfect Document Converter - Exploit (MS03-036)
Microsoft WordPerfect Document Converter (Windows NT4 Workstation SP5/SP6 French) - File Template Buffer Overflow (MS03-036)

CA BrightStor ARCserve Backup - Exploiter Tool
CA BrightStor ARCserve Backup - Overflow

NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - Exploit
NCTAudioEditor2 ActiveX DLL 'NCTWMAFile2.dll 2.6.2.157' - File Write

CDBurnerXP 4.2.4.1351 - Exploit

PeerCast 0.1216 - Exploit (Metasploit)
PeerCast 0.1216 - Stack Overflow (Metasploit)

BigAnt Server 2.52 - Exploit (SEH)
BigAnt Server 2.52 - Overflow (SEH)

NetTransport Download Manager 2.90.510 - Exploit
NetTransport Download Manager 2.90.510 - Overflow (SEH)

File Sharing Wizard 1.5.0 - Exploit (SEH)
File Sharing Wizard 1.5.0 - Overflow (SEH)
Real Player 12.0.0.879 - Exploit
Sun Java Web Server 7.0 u7 - Exploit (DEP Bypass)
Real Player 12.0.0.879 - Code Execution
Sun Java Web Server 7.0 u7 - Overflow (DEP Bypass)

IBM AIX 5l FTPd - Remote DES Hash Exploit
IBM AIX 5l - 'FTPd' Remote DES Hash Exploit

Microsoft Data Access Components - Exploit (MS11-002)
Microsoft Data Access Components - Overflow (PoC) (MS11-002)

FileCOPA FTP Server (Pre 18 Jul Version) - Exploit (Metasploit)
FileCOPA FTP Server (Pre 18 Jul Version) - 'LIST' Buffer Overflow (Metasploit)

Viscom Software Movie Player Pro SDK ActiveX 6.8 - Exploit (Metasploit)
Viscom Software Movie Player Pro SDK ActiveX 6.8 - Stack-Based Buffer Overflow (Metasploit)

Apple Personal Web Sharing 1.1 - Exploit
id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Exploit
id Software Solaris Quake II 3.13/3.14 / QuakeWorld 2.0/2.1 / Quake 1.9/3.13/3.14 - Command Execution

Metainfo Sendmail 2.0/2.5 & MetaIP 3.1 - Exploit
Metainfo Sendmail 2.0/2.5 / MetaIP 3.1 -  Upload / Execute Read Scripts

IBM AIX 3.2/4.1 & SCO Unixware 7.1.1 & SGI IRIX 5.3 & Sun Solaris 2.5.1 - Exploit
IBM AIX 3.2/4.1 / SCO Unixware 7.1.1 / SGI IRIX 5.3 / Sun Solaris 2.5.1 - Privilege Escalation

HP HP-UX 10.34 rlpdaemon - Exploit
HP HP-UX 10.34 rlpdaemon - Remote Overflow

Ray Chan WWW Authorization Gateway 0.1 - Exploit
Ray Chan WWW Authorization Gateway 0.1 - Command Execution

Solaris 7.0 Coredump - Exploit
Solaris 7.0 - 'Coredump' File Write
IBM Scalable POWERparallel (SP) 2.0 sdrd - Exploit
SGI IRIX 6.2 cgi-bin wrap - Exploit
IBM Scalable POWERparallel (SP) 2.0 - 'sdrd' File Read
SGI IRIX 6.2 - cgi-bin wrap Exploit

SGI IRIX 6.5.2 nsd - Exploit
SGI IRIX 6.5.2 - 'nsd'' Exploit

IBM AIX 3.2.5 - login(1) Exploit
IBM AIX 3.2.5 - 'login(1)' Exploit

Compaq Java Applet for Presario SpawnApp - Exploit
Compaq Java Applet for Presario SpawnApp - Code Execution

Network Security Wizards Dragon-Fire IDS 1.0 - Exploit
Network Security Wizards Dragon-Fire IDS 1.0 - Command Execution

Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Exploit
Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Information Disclosure

IBM AIX 4.3.2 ftpd - Remote Buffer Overflow
IBM AIX 4.3.2 - 'ftpd' Remote Buffer Overflow

glFTPd 1.17.2 - Exploit
glFTPd 1.17.2 - Code Execution

Netopia R-series routers 4.6.2 - Exploit
Netopia R-series Routers 4.6.2 - Modifying SNMP Tables

Sun Java Web Server 1.1.3/2.0 Servlets - Exploit
Sun Java Web Server 1.1.3/2.0 Servlets - information Disclosure

IPFilter 3.x - Fragment Rule Bypass

CGIWrap 2.x/3.x - Cross-Site Scripting

AIX 4.1/4.2 - pdnsd Buffer Overflow
AIX 4.1/4.2 - 'pdnsd' Buffer Overflow

RedHat Linux 7.0 Apache - Remote 'Username' Enumeration
RedHat Linux 7.0 Apache - Remote Username Enumeration

Hylafax 4.1.x - HFaxD Unspecified Format String
Hylafax 4.1.x - HFaxD Format String

EZMeeting 3.x - 'EZNet.exe' Long HTTP Request Remote Buffer Overflow

LHA 1.x - Multiple extract_one Buffer Overflow Vulnerabilities
LHA 1.x - 'extract_one' Multiple Buffer Overflow Vulnerabilities

Ethereal 0.x - Multiple Unspecified iSNS / SMB / SNMP Protocol Dissector Vulnerabilities
Ethereal 0.x - Multiple iSNS / SMB / SNMP Protocol Dissector Vulnerabilities

Oracle 9i - Multiple Unspecified Vulnerabilities
Oracle 9i - Multiple Vulnerabilities

File ELF 4.x - Header Unspecified Buffer Overflow
File ELF 4.x - Header Buffer Overflow
Microsoft PowerPoint 2003 - 'mso.dll' .PPT Processing Unspecified Code Execution
Microsoft PowerPoint 2003 - 'powerpnt.exe' Unspecified Issue
Microsoft PowerPoint 2003 - 'mso.dll' '.PPT' Processing Code Execution
Microsoft PowerPoint 2003 - 'powerpnt.exe' Exploit
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Unspecified Arbitrary File Manipulation
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Unspecified Replay Attack
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Arbitrary File Manipulation
CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Replay Attack
Microsoft Internet Explorer 6 - Unspecified Code Execution (1)
Microsoft Internet Explorer 6 - Unspecified Code Execution (2)
Microsoft Internet Explorer 6 - Code Execution (1)
Microsoft Internet Explorer 6 - Code Execution (2)

GNU Tar 1.1x - GNUTYPE_NAMES Directory Traversal
GNU Tar 1.1x - 'GNUTYPE_NAMES' Directory Traversal

TFTP Server TFTPDWin 0.4.2 - Unspecified Directory Traversal
TFTP Server TFTPDWin 0.4.2 - Directory Traversal

Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Unspecified
Novell eDirectory 8.x - eMBox Utility 'edirutil' Command Exploit

Multiple CA Service Management Products - Unspecified Remote Command Execution
Multiple CA Service Management Products - Remote Command Execution

NovaStor NovaNET 12 - 'DtbClsLogin()' Remote Stack Buffer Overflow

Bash - Environment Variables Code Injection (Shellshock)
Bash - Environment Variables Command Injection (Shellshock)

OpenVPN 2.2.29 - Remote Exploit (Shellshock)
OpenVPN 2.2.29 - Remote Command Injection (Shellshock)
Postfix SMTP 4.2.x < 4.2.48 - Remote Exploit (Shellshock)
Apache mod_cgi - Remote Exploit (Shellshock)
Postfix SMTP 4.2.x < 4.2.48 - Remote Command Injection (Shellshock)
Apache mod_cgi - Remote Command Injection (Shellshock)

Poison Ivy 2.3.2 - Unspecified Remote Buffer Overflow
Poison Ivy 2.3.2 - Remote Buffer Overflow

Samba 3.5.11/3.6.3 - Unspecified Remote Code Execution
Samba 3.5.11/3.6.3 - Remote Code Execution

Advantech Switch - Bash Environment Variable Code Injection (Shellshock) (Metasploit)
Advantech Switch - Bash Environment Variable Command Injection (Shellshock) (Metasploit)

Cisco UCS Manager 2.1(1b) - Remote Exploit (Shellshock)
Cisco UCS Manager 2.1(1b) - Remote Command Injection (Shellshock)

IPFire - Bash Environment Variable Injection (Shellshock) (Metasploit)
IPFire - Bash Environment Variable Command Injection (Shellshock) (Metasploit)

TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution (Shellshock)
TrendMicro InterScan Web Security Virtual Appliance - Remote Command Injection (Shellshock)

Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remotely Exploitable Type Confusion
Microsoft Security Essentials / SCEP (Microsoft Windows 8/8.1/10 / Windows Server) - 'MsMpEng' Remote Type Confusion

Poll It CGI 2.0 - Exploit
Poll It CGI 2.0 - Multiple Vulnerabilities

DreamPoll 3.1 - Exploit
DreamPoll 3.1 - SQL Injection

WordPress Plugin WP-Cumulus 1.20 - Exploit
WordPress Plugin WP-Cumulus 1.20 - Full Path Disclosure / Cross-Site Scripting

Public Media Manager - Exploit
Public Media Manager - Remote File Inclusion

Joomla! Component com_adagency - Exploit
Joomla! Component com_adagency - Local File Inclusion

File Upload Manager 1.3 - Exploit
File Upload Manager 1.3 - Web Shell File Upload

Joomla! Component com_caddy - Exploit

Renista CMS - Exploit
Renista CMS - SQL Injection

BtiTracker 1.3.x < 1.4.x - Exploit
BtiTracker 1.3.x < 1.4.x - SQL Injection

WordPress Plugin Cimy Counter - Exploit
WordPress Plugin Cimy Counter - Full Path Disclosure / Redirector / Cross-Site Scripting / HTTP Response Spitting

Belkin F5D7234-4 v5 G Wireless Router - Exploit
Belkin F5D7234-4 v5 G Wireless Router - Remote Hash Exposed

WhatsApp Status Changer 0.2 - Exploit
WhatsApp - Remote Change Status

MySimpleNews 1.0 - Remotely Readable Administrator Password
MySimpleNews 1.0 - Remote Readable Administrator Password

SquirrelMail 1.2.11 - Exploit
SquirrelMail 1.2.11 - Multiple Vulnerabilities

D-Link DCS-936L Network Camera - Cross-Site Request Forgery
Yappa-ng 1.x/2.x - Unspecified Remote File Inclusion
Yappa-ng 1.x/2.x - Unspecified Cross-Site Scripting
Yappa-ng 1.x/2.x - Remote File Inclusion
Yappa-ng 1.x/2.x - Cross-Site Scripting

Aenovo - Multiple Unspecified Cross-Site Scripting Vulnerabilities
Aenovo - Multiple Cross-Site Scripting Vulnerabilities

Codegrrl - 'Protection.php' Unspecified Code Execution
Codegrrl - 'Protection.php' Code Execution
Red Mombin 0.7 - 'index.php' Unspecified Cross-Site Scripting
Red Mombin 0.7 - 'process_login.php' Unspecified Cross-Site Scripting
Red Mombin 0.7 - 'index.php' Cross-Site Scripting
Red Mombin 0.7 - 'process_login.php' Cross-Site Scripting

A-Blog 1.0 - Unspecified Cross-Site Scripting
A-Blog 1.0 - Cross-Site Scripting

Liens_Dynamiques 2.1 - Multiple Unspecified Cross-Site Scripting Vulnerabilities
Liens_Dynamiques 2.1 - Multiple Cross-Site Scripting Vulnerabilities

WordPress Plugin Akismet 2.1.3 - Unspecified
WordPress Plugin Akismet 2.1.3 - Exploit

SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Unspecified Remote Command Execution Vulnerabilities
SquirrelMail G/PGP Encryption Plugin 2.0/2.1 - Multiple Remote Command Execution Vulnerabilities

UPC Ireland Cisco EPC 2425 Router / Horizon Box - Exploit
UPC Ireland Cisco EPC 2425 Router / Horizon Box - WPA-PSK Handshake Information

Korean GHBoard - 'Component/upload.jsp' Unspecified Arbitrary File Upload
Korean GHBoard - 'Component/upload.jsp' Arbitrary File Upload

MyPHP Forum 3.0 - 'search.php' Multiple Unspecified SQL Injections
MyPHP Forum 3.0 - 'search.php' Multiple SQL Injections

Zoph 0.7.2.1 - Unspecified SQL Injection
Zoph 0.7.2.1 - SQL Injection

Joomla! Component FreiChat 1.0/2.x - Unspecified HTML Injection
Joomla! Component FreiChat 1.0/2.x - HTML Injection

Bash CGI - Remote Code Execution (Shellshock) (Metasploit)
Bash CGI - Remote Command Injection (Shellshock) (Metasploit)

PHP < 5.6.2 - 'disable_functions()' Bypass Exploit (Shellshock)
PHP < 5.6.2 - 'disable_functions()' Bypass Command Injection (Shellshock)

Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Unspecified Security Vulnerabilities
Hyperic HQ Enterprise 4.5.1 - Cross-Site Scripting / Multiple Security Vulnerabilities

Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Unspecified Security
Atlassian JIRA FishEye 2.5.7 / Crucible 2.5.7 Plugins - XML Parsing Security Exploit

Netsweeper 4.0.8 - Authentication Bypass Issue
Netsweeper 4.0.8 - Authentication Bypass

SimpleInvoices invoices Module - Unspecified Customer Field Cross-Site Scripting
SimpleInvoices invoices Module - Customer Field Cross-Site Scripting

Bugzilla 4.2 - Tabular Reports Unspecified Cross-Site Scripting
Bugzilla 4.2 - Tabular Reports Cross-Site Scripting

iScripts AutoHoster - 'main_smtp.php' Unspecified Traversal
iScripts AutoHoster - 'main_smtp.php' Traversal Exploit

Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Issues
Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Exploits

Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Exploit (Shellshock)
Sun Secure Global Desktop and Oracle Global Desktop 4.61.915 - Command Injection (Shellshock)

NUUO NVRmini 2 3.0.8 - Remote Code Execution (Shellshock)
NUUO NVRmini 2 3.0.8 - Remote Command Injection (Shellshock)

Squid Analysis Report Generator 2.3.10 - Remote Code Execution
 2017-11-16 10:02:26 +00:00
Offensive Security
09544fdd22 DB: 2016-07-29 2016-07-29 05:07:16 +00:00
Offensive Security
70d97f91c1 DB: 2016-07-28 
2 new exploits

Multiple AntiVirus (zip file) Detection Bypass Exploit
Multiple AntiVirus - .zip Detection Bypass Exploit

RealPlayer 10 - (.smil File) Local Buffer Overflow Exploit
RealPlayer 10 - (.smil) Local Buffer Overflow Exploit

Veritas Backup Exec - Remote File Access Exploit (Windows)
Veritas Backup Exec - Remote File Access Exploit (Windows) (Metasploit)
ZENworks 6.5 Desktop/Server Management Remote Stack Overflow
MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow Exploit
Novell eDirectory 8.7.3 - iMonitor Remote Stack Overflow
ZENworks 6.5 Desktop/Server Management - Remote Stack Overflow (Metasploit)
MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow Exploit (Metasploit)
Novell eDirectory 8.7.3 - iMonitor Remote Stack Overflow (Metasploit)

WebAdmin <= 2.0.4 - USER Buffer Overflow Exploit
WebAdmin <= 2.0.4 - USER Buffer Overflow Exploit (Metasploit)

Opera <= 8.02 - Remote Denial of Service Exploit
Opera <= 8.02 - Remote Denial of Service Exploit (1)
MailEnable 1.54 Pro - Universal IMAPD W3C Logging BoF Exploit
Google Search Appliance - proxystylesheet XSLT Java Code Execution
MailEnable 1.54 Pro - Universal IMAPD W3C Logging BoF Exploit (Metasploit)
Google Search Appliance - proxystylesheet XSLT Java Code Execution (Metasploit)
Oracle 9.2.0.1 - Universal XDB HTTP Pass Overflow Exploit
Lyris ListManager - Read Message Attachment SQL Injection Exploit
Oracle 9.2.0.1 - Universal XDB HTTP Pass Overflow Exploit (Metasploit)
Lyris ListManager - Read Message Attachment SQL Injection Exploit (Metasploit)

Mozilla Firefox 1.5 - location.QueryInterface() Code Execution (Linux)
Mozilla Firefox 1.5 - location.QueryInterface() Code Execution (Linux) (Metasploit)

Mozilla Firefox 1.5 - location.QueryInterface() Code Execution (OSX)
Mozilla Firefox 1.5 - location.QueryInterface() Code Execution (OSX) (Metasploit)

Mac OS X Safari Browser - (Safe File) Remote Code Execution Exploit
Mac OS X Safari Browser - (Safe File) Remote Code Execution Exploit (Metasploit)
Microsoft Internet Explorer 6.0 SP0 - IsComponentInstalled() Remote Exploit
Kerio Personal Firewall <= 2.1.4 - Remote Authentication Packet Overflow
Microsoft Internet Explorer 6.0 SP0 - IsComponentInstalled() Remote Exploit (Metasploit)
Kerio Personal Firewall <= 2.1.4 - Remote Authentication Packet Overflow (Metasploit)

Microsoft Visual Studio 6.0 sp6 - (Malformed .dbp File) Buffer Overflow Exploit
Microsoft Visual Studio 6.0 sp6 - (.dbp) Buffer Overflow Exploit
Novell Messenger Server 2.0 - (Accept-Language) Remote Overflow Exploit
Symantec Sygate Management Server - (login) SQL Injection Exploit
Sybase EAServer 5.2 - (WebConsole) Remote Stack Overflow Exploit
Novell Messenger Server 2.0 - (Accept-Language) Remote Overflow Exploit (Metasploit)
Symantec Sygate Management Server - (login) SQL Injection Exploit (Metasploit)
Sybase EAServer 5.2 - (WebConsole) Remote Stack Overflow Exploit (Metasploit)

Microsoft Windows RRAS - Remote Stack Overflow Exploit (MS06-025)
Microsoft Windows RRAS - Remote Stack Overflow Exploit (MS06-025) (Metasploit)

Microsoft Windows - RRAS RASMAN Registry Stack Overflow Exploit (MS06-025)
Microsoft Windows - RRAS RASMAN Registry Stack Overflow Exploit (MS06-025) (Metasploit)
eIQnetworks License Manager Remote Buffer Overflow Exploit (1262)
eIQnetworks License Manager Remote Buffer Overflow Exploit (494)
eIQnetworks License Manager - Remote Buffer Overflow Exploit (Metasploit)

eIQnetworks License Manager - Remote Buffer Overflow Exploit (multi) (2)
eIQnetworks License Manager - Remote Buffer Overflow Exploit (Metasploit) (2)

Microsoft Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040)
Microsoft Windows - NetpIsRemote() Remote Overflow Exploit (MS06-040) (Metasploit)

Microsoft Internet Explorer - (MDAC) Remote Code Execution Exploit (MS06-014) (2)
Microsoft Internet Explorer - (MDAC) Remote Code Execution Exploit (MS06-014) (Metasploit) (2)

IBM eGatherer <= 3.20.0284.0 - (ActiveX) Remote Code Execution Exploit
IBM eGatherer <= 3.20.0284.0 - (ActiveX) Remote Code Execution Exploit (Metasploit)

Microsoft Windows 2003 - NetpIsRemote() Remote Overflow Exploit (MS06-040)
Microsoft Windows 2003 - NetpIsRemote() Remote Overflow Exploit (MS06-040) (Metasploit)

Microsoft Internet Explorer WebViewFolderIcon setSlice() Overflow Exploit
Microsoft Internet Explorer WebViewFolderIcon setSlice() Overflow Exploit (Metasploit)

McAfee ePo 3.5.0 / ProtectionPilot 1.1.0 - (Source) Remote Exploit
McAfee ePo 3.5.0 / ProtectionPilot 1.1.0 - (Source) Remote Exploit (Metasploit)

PrivateWire Gateway 3.7 - Remote Buffer Overflow Exploit (Win32)
PrivateWire Gateway 3.7 - Remote Buffer Overflow Exploit (Win32) (Metasploit)

Apple Airport - 802.11 Probe Response Kernel Memory Corruption Proof of Concept
Apple Airport - 802.11 Probe Response Kernel Memory Corruption Proof of Concept (Metasploit)

VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit (Metasploit)
VUPlayer 2.44 - (.m3u UNC Name) Buffer Overflow Exploit (Metasploit)

VUPlayer <= 2.44 - (.M3U UNC Name) Buffer Overflow Exploit
VUPlayer 2.44 - (.m3u UNC Name) Buffer Overflow Exploit

Windows Media Player 9/10 - (MID File) Denial of Service Exploit
Windows Media Player 9/10 - (.MID) Denial of Service Exploit

NaviCOPA Web Server 2.01 - (GET) Remote Buffer Overflow Exploit
NaviCOPA Web Server 2.01 - (GET) Remote Buffer Overflow Exploit (Metasploit)

Oreon <= 1.2.3 RC4 - (lang/index.php file) Remote Inclusion
Oreon <= 1.2.3 RC4 - (lang/index.php) Remote Inclusion

Magic CMS 4.2.747 - (mysave.php file) Remote File Include
Magic CMS 4.2.747 - (mysave.php) Remote File Include

WebLog (index.php file) Remote File Disclosure
WebLog (index.php) Remote File Disclosure

Pathos CMS 0.92-2 - (warn.php file) Remote File Inclusion
Pathos CMS 0.92-2 - (warn.php) Remote File Inclusion

Zomplog 3.8 - (force_download.php file) Remote File Disclosure
Zomplog 3.8 - (force_download.php) Remote File Disclosure

Winamp <= 5.3 - (WMV File) Remote Denial of Service Exploit
Winamp <= 5.3 - (.WMV) Remote Denial of Service Exploit

Opera 9.2 - (torrent File) Remote Denial of Service Exploit
Opera 9.2 - (.torrent) Remote Denial of Service Exploit

JulmaCMS 1.4 - (file.php file) Remote File Disclosure
JulmaCMS 1.4 - (file.php) Remote File Disclosure

PStruh-CZ 1.3/1.5 - (download.asp File) File Disclosure
PStruh-CZ 1.3/1.5 - (download.asp) File Disclosure
Virtual DJ 5.0 - (m3u File) Local Buffer OverFlow Exploit
OTSTurntables 1.00 - (m3u File) Local Buffer Overflow Exploit
Virtual DJ 5.0 - (.m3u) Local Buffer OverFlow Exploit
OTSTurntables 1.00 - (.m3u) Local Buffer Overflow Exploit

AtomixMP3 2.3 - (pls File) Local Buffer OverFlow Exploit
AtomixMP3 2.3 - (.pls) Local Buffer OverFlow Exploit

helplink 0.1.0 - (show.php file) Remote File Inclusion
helplink 0.1.0 - (show.php) Remote File Inclusion

jetAudio 7.x - (m3u File) Local SEH Overwrite Exploit
jetAudio 7.x - (m3u) Local SEH Overwrite Exploit

FireConfig 0.5 - (dl.php file) Remote File Disclosure
FireConfig 0.5 - (dl.php) Remote File Disclosure

Sony CONNECT Player 4.x - (m3u File) Local Stack Overflow Exploit
Sony CONNECT Player 4.x - (.m3u) Local Stack Overflow Exploit

phpCMS 1.2.2 - (parser.php file) Remote File Disclosure
phpCMS 1.2.2 - (parser.php) Remote File Disclosure

ChartDirector 4.1 - (viewsource.php file) File Disclosure
ChartDirector 4.1 - (viewsource.php) File Disclosure

IntelliTamper 2.07 - (map file) Local Arbitrary Code Execution Exploit (Perl)
IntelliTamper 2.07 - (.map) Local Arbitrary Code Execution Exploit (Perl)

Acoustica Mixcraft <= 4.2 Build 98 - (mx4 file) Local BoF Exploit
Acoustica Mixcraft <= 4.2 Build 98 - (mx4) Local BoF Exploit

Acoustica MP3 CD Burner 4.51 Build 147 - (asx file) Local BoF Exploit
Acoustica MP3 CD Burner 4.51 Build 147 - (.asx) Local BoF Exploit

Acoustica Beatcraft 1.02 Build 19 - (bcproj file) Local BoF Exploit
Acoustica Beatcraft 1.02 Build 19 - (.bcproj) Local BoF Exploit

Microsoft Windows Explorer - (.zip File) Denial of Service Exploit
Microsoft Windows Explorer - (.zip) Denial of Service Exploit

Kusaba <= 1.0.4 - Remote Code Execution Exploit
Kusaba <= 1.0.4 - Remote Code Execution Exploit (1)

Cain & Abel 4.9.23 - (rdp file) Buffer Overflow PoC
Cain & Abel 4.9.23 - (.rdp) Buffer Overflow PoC

Electronics Workbench (EWB File) Local Stack Overflow PoC
Electronics Workbench (.EWB) Local Stack Overflow PoC

Cain & Abel 4.9.23 - (rdp file) Buffer Overflow Exploit
Cain & Abel 4.9.23 - (.rdp) Buffer Overflow Exploit

autositephp 2.0.3 - (LFI/CSRF/edit file) Multiple Vulnerabilities
autositephp 2.0.3 - (LFI/CSRF/Edit file) Multiple Vulnerabilities

CoolPlayer 2.19 - (Skin File) Local Buffer Overflow Exploit
CoolPlayer 2.19 - (.Skin) Local Buffer Overflow Exploit

CoolPlayer 2.19 - (Skin File) Local Buffer Overflow Exploit (Python)
CoolPlayer 2.19 - (.Skin) Local Buffer Overflow Exploit (Python)

SAWStudio 3.9i (prf File) Local Buffer Overflow PoC
SAWStudio 3.9i - (.prf) Local Buffer Overflow PoC

IntelliTamper 2.07/2.08 - (MAP File) Local SEH Overwrite Exploit
IntelliTamper 2.07/2.08 - (.MAP) Local SEH Overwrite Exploit

Hex Workshop 5.1.4 - (Color Mapping File) Local Buffer Overflow PoC
Hex Workshop 5.1.4 - Color Mapping File Local Buffer Overflow PoC

Destiny Media Player 1.61 - (lst File) Local Buffer Overflow PoC
Destiny Media Player 1.61 - (.lst) Local Buffer Overflow PoC
Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit
Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit (2)
Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit (3)
Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit
Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (2)
Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (3)
Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit (4)
Destiny Media Player 1.61 - (lst File) Local Buffer Overflow Exploit (5)
Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (4)
Destiny Media Player 1.61 - (.lst) Local Buffer Overflow Exploit (5)

VUPlayer <= 2.49 - (.PLS) Universal Buffer Overflow Exploit
VUPlayer 2.49 - (.pls) Universal Buffer Overflow Exploit

ExcelOCX ActiveX 3.2 - (Download File) Insecure Method Exploit
ExcelOCX ActiveX 3.2 - Download File Insecure Method Exploit
Zinf Audio Player 2.2.1 - (PLS File) Stack Overflow PoC
Zinf Audio Player 2.2.1 - (PLS File) Local Buffer Overflow Exploit (univ)
Zinf Audio Player 2.2.1 - (M3U FILE) Local Heap Overflow PoC
Zinf Audio Player 2.2.1 - (gqmpeg File) Buffer Overflow PoC
Zinf Audio Player 2.2.1 - (.pls) Stack Overflow PoC
Zinf Audio Player 2.2.1 - (.pls) Local Buffer Overflow Exploit (univ)
Zinf Audio Player 2.2.1 - (.M3U) Local Heap Overflow PoC
Zinf Audio Player 2.2.1 - (.gqmpeg) Buffer Overflow PoC

Thomson mp3PRO Player/Encoder (M3U File) Crash PoC
Thomson mp3PRO Player/Encoder - (.M3U) Crash PoC

Spider Player 2.3.9.5 - (asx File) off by one Crash Exploit
Spider Player 2.3.9.5 - (.asx) off by one Crash Exploit

Elecard AVC HD PLAYER (m3u/xpl file) Local Stack Overflow PoC
Elecard AVC HD PLAYER - (.m3u/.xpl) Local Stack Overflow PoC

Nokia N95-8 - (.JPG File) Remote Crash PoC
Nokia N95-8 - (.JPG) Remote Crash PoC

Media Commands (m3u File) Local SEH Overwrite Exploit
Media Commands (.m3u) Local SEH Overwrite Exploit

Media Commands (m3u File) Universal SEH Overwrite Exploit
Media Commands (.m3u) Universal SEH Overwrite Exploit

MediaCoder 0.6.2.4275 - (m3u File) Universal Stack Overflow Exploit
MediaCoder 0.6.2.4275 - (.m3u) Universal Stack Overflow Exploit

VUPlayer <= 2.49 - (.cue) Universal Buffer Overflow Exploit
VUPlayer 2.49 - (.cue) Universal Buffer Overflow Exploit

Gretech GOM Encoder 1.0.0.11 - (Subtitle File) Buffer Overflow PoC
Gretech GOM Encoder 1.0.0.11 - (.Subtitle) Buffer Overflow PoC
Abee Chm Maker 1.9.5 - (CMP File) Stack Overflow Exploit
PowerCHM 5.7 - (hhp File) Stack Overflow poC
Abee Chm Maker 1.9.5 - (.CMP) Stack Overflow Exploit
PowerCHM 5.7 - (.hhp) Stack Overflow poC

Apollo 37zz (M3u File) Local Heap Overflow PoC
Apollo 37zz - (.m3u) Local Heap Overflow PoC

mpegable Player 2.12 - (YUV File) Local Stack Overflow PoC
mpegable Player 2.12 - (.YUV) Local Stack Overflow PoC

Rama CMS <= 0.9.8 - (download.php file) File Disclosure
Rama CMS <= 0.9.8 - (download.php) File Disclosure

compface <= 1.5.2 - (XBM File) Local Buffer Overflow PoC
compface <= 1.5.2 - (.XBM) Local Buffer Overflow PoC

MP3-Nator 2.0 - (plf File) Universal Buffer Overflow Exploit (SEH)
MP3-Nator 2.0 - (.plf) Universal Buffer Overflow Exploit (SEH)

PatPlayer 3.9 - (M3U File) Local Heap Overflow PoC
PatPlayer 3.9 - (.M3U) Local Heap Overflow PoC

QuickDev 4 - (download.php file) File Disclosure
QuickDev 4 - (download.php) File Disclosure

FoxPlayer 1.1.0 - (m3u File) Local Buffer Overflow PoC
FoxPlayer 1.1.0 - (.m3u) Local Buffer Overflow PoC

Microsoft Windows 2003 - (EOT File) BSOD Crash Exploit
Microsoft Windows 2003 - (.EOT) BSOD Crash Exploit

VUPlayer <= 2.49 - (.m3u) Universal Buffer Overflow Exploit
VUPlayer 2.49 - (.m3u) Universal Buffer Overflow Exploit

Audio Lib Player (m3u File) Buffer Overflow Exploit (SEH)
Audio Lib Player (.m3u) Buffer Overflow Exploit (SEH)

MP3 Collector 2.3 - (m3u File) Local Crash PoC
MP3 Collector 2.3 - (.m3u) Local Crash PoC

BigAnt Server 2.50 SP1 - (ZIP File) Local Buffer Overflow PoC
BigAnt Server 2.50 SP1 - (.ZIP) Local Buffer Overflow PoC

BigAnt Server <= 2.50 SP6 - Local (ZIP File) Buffer Overflow PoC (2)
BigAnt Server <= 2.50 SP6 - (.ZIP) Local Buffer Overflow PoC (2)

XM Easy Personal FTP Server <= 5.8.0 DoS
XM Easy Personal FTP Server <= 5.8.0 DoS (Metasploit)

Symantec ConsoleUtilities ActiveX Buffer Overflow
Symantec ConsoleUtilities ActiveX Buffer Overflow (Metasploit)

Nagios3 statuswml.cgi Command Injection
Nagios3 statuswml.cgi Command Injection (Metasploit)

httpdx 1.4 - h_handlepeer BoF
httpdx 1.4 - h_handlepeer BoF (Metasploit)

Mambo 4.6.4 - Cache Lite Output Remote File Inclusion
Mambo 4.6.4 - Cache Lite Output Remote File Inclusion (Metasploit)
BASE <= 1.2.4 - base_qry_common.php Remote File Inclusion
AWStats 6.4-6.5 - AllowToUpdateStatsFromBrowser Command Injection
Cacti 0.8.6-d graph_view.php Command Injection
AWStats 6.2-6.1 - configdir Command Injection
ClamAV Milter <= 0.92.2 - Blackhole-Mode (sendmail) Code Execution
SpamAssassin spamd <= 3.1.3 - Command Injection
DistCC Daemon - Command Execution
ContentKeeper Web Appliance < 125.10 Command Execution
Solaris in.telnetd TTYPROMPT - Buffer Overflow
Solaris 10 / 11 Telnet - Remote Authentication Bypass
Solaris sadmind adm_build_path - Buffer Overflow
Solaris <= 8.0 - LPD Command Execution
BASE <= 1.2.4 - base_qry_common.php Remote File Inclusion (Metasploit)
AWStats 6.4-6.5 - AllowToUpdateStatsFromBrowser Command Injection (Metasploit)
Cacti 0.8.6-d graph_view.php Command Injection (Metasploit)
AWStats 6.2-6.1 - configdir Command Injection (Metasploit)
ClamAV Milter <= 0.92.2 - Blackhole-Mode (sendmail) Code Execution (Metasploit)
SpamAssassin spamd <= 3.1.3 - Command Injection (Metasploit)
DistCC Daemon - Command Execution (Metasploit)
ContentKeeper Web Appliance < 125.10 Command Execution (Metasploit)
Solaris in.telnetd TTYPROMPT - Buffer Overflow (Metasploit)
Solaris 10 / 11 Telnet - Remote Authentication Bypass (Metasploit)
Solaris sadmind adm_build_path - Buffer Overflow (Metasploit)
Solaris <= 8.0 - LPD Command Execution (Metasploit)
Solaris 8 dtspcd - Heap Overflow
Samba 2.2.0 < 2.2.8 - trans2open Overflow (OS X)
Apple Quicktime RTSP 10.4.0 - 10.5.0 Content-Type Overflow (OS X)
Solaris 8 dtspcd - Heap Overflow (Metasploit)
Samba 2.2.0 < 2.2.8 - trans2open Overflow (OS X) (Metasploit)
Apple Quicktime RTSP 10.4.0 - 10.5.0 Content-Type Overflow (OS X) (Metasploit)
mDNSResponder 10.4.0 / 10.4.8 - UPnP Location Overflow (OS X)
WebSTAR FTP Server <= 5.3.2 - USER Overflow (OS X)
Mail.App 10.5.0 - Image Attachment Command Execution (OS X)
Arkeia Backup Client <= 5.3.3 - Type 77 Overflow (OS X)
AppleFileServer 10.3.3 - LoginEXT PathName Overflow (OS X)
Novell NetWare 6.5 SP2-SP7 - LSASS CIFS.NLM Overflow
mDNSResponder 10.4.0 / 10.4.8 - UPnP Location Overflow (OS X) (Metasploit)
WebSTAR FTP Server <= 5.3.2 - USER Overflow (OS X) (Metasploit)
Mail.App 10.5.0 - Image Attachment Command Execution (OS X) (Metasploit)
Arkeia Backup Client <= 5.3.3 - Type 77 Overflow (OS X) (Metasploit)
AppleFileServer 10.3.3 - LoginEXT PathName Overflow (OS X) (Metasploit)
Novell NetWare 6.5 SP2-SP7 - LSASS CIFS.NLM Overflow (Metasploit)
Wyse Rapport Hagent Fake Hserver - Command Execution
Subversion 1.0.2 - Date Overflow
Samba 2.2.x - nttrans Overflow
RealServer 7-9 Describe Buffer Overflow
PHP < 4.5.0 - unserialize Overflow
ntpd 4.0.99j-k readvar - Buffer Overflow
Veritas NetBackup - Remote Command Execution
HP OpenView OmniBack II A.03.50 - Command Executino
Apple Quicktime for Java 7 - Memory Access
Opera 9.50 / 9.61 historysearch - Command Execution
Opera <= 9.10 Configuration Overwrite
Mozilla Suite/Firefox < 1.5.0.5 - Navigator Object Code Execution
Mozilla Suite/Firefox < 1.0.5 - compareTo Code Execution
Sun Java Runtime and Development Kit <= 6 Update 10 - Calendar Deserialization Exploit
Firefox 3.5 - escape Memory Corruption Exploit
Samba 3.0.21-3.0.24 - LSA trans names Heap Overflow
Squid 2.5.x / 3.x - NTLM Buffer Overflow
Poptop < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow
MySQL <= 6.0 yaSSL <= 1.7.5 - Hello Message Buffer Overflow
Borland InterBase 2007 - PWD_db_aliased Buffer Overflow
Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit)
Subversion 1.0.2 - Date Overflow (Metasploit)
Samba 2.2.x - nttrans Overflow (Metasploit)
RealServer 7-9 Describe Buffer Overflow (Metasploit)
PHP < 4.5.0 - unserialize Overflow (Metasploit)
ntpd 4.0.99j-k readvar - Buffer Overflow (Metasploit)
Veritas NetBackup - Remote Command Execution (Metasploit)
HP OpenView OmniBack II A.03.50 - Command Execution (Metasploit)
Apple Quicktime for Java 7 - Memory Access (Metasploit)
Opera 9.50 / 9.61 historysearch - Command Execution (Metasploit)
Opera <= 9.10 Configuration Overwrite (Metasploit)
Mozilla Suite/Firefox < 1.5.0.5 - Navigator Object Code Execution (Metasploit)
Mozilla Suite/Firefox < 1.0.5 - compareTo Code Execution (Metasploit)
Sun Java Runtime and Development Kit <= 6 Update 10 - Calendar Deserialization Exploit (Metasploit)
Firefox 3.5 - escape Memory Corruption Exploit (Metasploit)
Samba 3.0.21-3.0.24 - LSA trans names Heap Overflow (Metasploit)
Squid 2.5.x / 3.x - NTLM Buffer Overflow (Metasploit)
Poptop < 1.1.3-b3 / 1.1.3-20030409 - Negative Read Overflow (Metasploit)
MySQL <= 6.0 yaSSL <= 1.7.5 - Hello Message Buffer Overflow (Metasploit)
Borland InterBase 2007 - PWD_db_aliased Buffer Overflow (Metasploit)

HP Release Control Authenticated XXE
HP Release Control Authenticated XXE (Metasploit)
Borland Interbase 2007 / 2007 SP2 - open_marker_file Buffer Overflow
Borland InterBase 2007 / 2007 sp2 - jrd8_create_database Buffer Overflow
Borland Interbase 2007 / 2007 SP2 - INET_connect Buffer Overflow
Borland Interbase 2007 / 2007 SP2 - open_marker_file Buffer Overflow (Metasploit)
Borland InterBase 2007 / 2007 sp2 - jrd8_create_database Buffer Overflow (Metasploit)
Borland Interbase 2007 / 2007 SP2 - INET_connect Buffer Overflow (Metasploit)
Salim Gasmi GLD 1.0 < 1.4 - Postfix Greylisting Buffer Overflow
Madwifi < 0.9.2.1 - SIOCGIWSCAN Buffer Overflow
University of Washington - imap LSUB Buffer Overflow
Snort 2.4.0 < 2.4.3 - Back Orifice Pre-Preprocessor Remote Exploit
PeerCast <= 0.1216
Linksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - apply.cgi Buffer Overflow
Salim Gasmi GLD 1.0 < 1.4 - Postfix Greylisting Buffer Overflow (Metasploit)
Madwifi < 0.9.2.1 - SIOCGIWSCAN Buffer Overflow (Metasploit)
University of Washington - imap LSUB Buffer Overflow (Metasploit)
Snort 2.4.0 < 2.4.3 - Back Orifice Pre-Preprocessor Remote Exploit (Metasploit)
PeerCast <= 0.1216 (Metasploit)
Linksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - apply.cgi Buffer Overflow (Metasploit)
Alcatel-Lucent OmniPCX Enterprise Communication Server <= 7.1 - masterCGI Command Injection
Unreal Tournament 2004 - 'Secure' Overflow
Irix LPD tagprinter - Command Execution
HP-UX LPD 10.20 / 11.00 / 11.11 - Command Execution
Xtacacsd <= 4.1.2 - report Buffer Overflow
System V Derived /bin/login Extraneous Arguments Buffer Overflow (modem based)
Mercantec SoftCart 4.00b - CGI Overflow
Alcatel-Lucent OmniPCX Enterprise Communication Server <= 7.1 - masterCGI Command Injection (Metasploit)
Unreal Tournament 2004 - 'Secure' Overflow (Metasploit)
Irix LPD tagprinter - Command Execution (Metasploit)
HP-UX LPD 10.20 / 11.00 / 11.11 - Command Execution (Metasploit)
Xtacacsd <= 4.1.2 - report Buffer Overflow (Metasploit)
System V Derived /bin/login Extraneous Arguments Buffer Overflow (modem based) (Metasploit)
Mercantec SoftCart 4.00b - CGI Overflow (Metasploit)

Microsoft Windows 2000-2008 - Embedded OpenType Font Engine Remote Code Execution
Microsoft Windows 2000-2008 - Embedded OpenType Font Engine Remote Code Execution (Metasploit)
M3U To ASX-WPL 1.1 - (m3u Playlist file) Buffer Overflow Exploit
HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit
Audacity 1.2.6 - (gro File) Buffer Overflow Exploit
M3U To ASX-WPL 1.1 - (.m3u) Buffer Overflow Exploit
HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit
Audacity 1.2.6 - (.gro) Buffer Overflow Exploit

HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (Metasploit)
HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit (Metasploit)

Millenium MP3 Studio 2.0 - (PLS File) Universal Stack Overflow (Metasploit)
Millenium MP3 Studio 2.0 - (.pls) Universal Stack Overflow (Metasploit)

Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (1)
Mini-Stream 3.0.1.1 - Buffer Overflow Exploit (Metasploit) (1)

Audiotran 1.4.1 - (PLS File) Stack Overflow (Metasploit)
Audiotran 1.4.1 - (.pls) Stack Overflow (Metasploit)

OpenOffice - (.slk File) Parsing Null Pointer
OpenOffice - (.slk) Parsing Null Pointer

MediaCoder - (.lst file) Local Buffer Overflow Exploit
MediaCoder - (.lst) Local Buffer Overflow Exploit

VUPlayer <= 2.49 - (.m3u) Universal Buffer Overflow Exploit (DEP bypass)
VUPlayer 2.49 - (.m3u) Universal Buffer Overflow Exploit (DEP bypass)

ASX to MP3 Converter 3.1.2.1 - SEH Exploit (Multiple OS DEP and ASLR Bypass)
ASX to MP3 Converter 3.1.2.1 - SEH Exploit (Multiple OS DEP and ASLR Bypass) (Metasploit)

Mediacoder 0.7.3.4682 - (.m3u File) Universal Buffer Overflow Exploit
Mediacoder 0.7.3.4682 - (.m3u) Universal Buffer Overflow Exploit

Xerver 4.32 - Source Disclosure / HTTP Authentication Bypass
Xerver 4.32 - Source Disclosure / HTTP Authentication Bypass (Metasploit)

Novell iPrint Client ActiveX Control 'debug' Buffer Overflow Exploit
Novell iPrint Client ActiveX Control 'debug' Buffer Overflow Exploit (Metasploit)

VUPlayer - M3U Buffer Overflow
VUPlayer - (.m3u) Buffer Overflow (Metasploit)

Audiotran 1.4.1 - (PLS File) Stack Buffer Overflow
Audiotran 1.4.1 - (.pls) Stack Buffer Overflow

HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (1)
HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit (1)

Millenium MP3 Studio 2.0 - (PLS File) Stack Buffer Overflow
Millenium MP3 Studio 2.0 - (.pls) Stack Buffer Overflow

VariCAD 2010-2.05 EN (DWB File) Stack Buffer Overflow
VariCAD 2010-2.05 EN - (.DWB) Stack Buffer Overflow

HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (2)
HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit (2)

ProShow Gold 4.0.2549 - (PSH File) Stack Buffer Overflow
ProShow Gold 4.0.2549 - (.PSH) Stack Buffer Overflow

VUPlayer - CUE Buffer Overflow
VUPlayer - (.cue) Buffer Overflow (Metasploit)

AstonSoft DeepBurner (DBR File) Path Buffer Overflow
AstonSoft DeepBurner - (.DBR) Path Buffer Overflow

HTML Help Workshop 4.74 - (hhp Project File) Buffer Overflow Exploit (3)
HTML Help Workshop 4.74 - (.hhp) Buffer Overflow Exploit (3)

Zinf Audio Player 2.2.1 - (PLS File) Stack Buffer Overflow
Zinf Audio Player 2.2.1 - (.pls) Stack Buffer Overflow

MikeyZip 1.1 - (.zip File) Buffer Overflow
MikeyZip 1.1 - (.zip) Buffer Overflow

Windows - DNS Reverse Download and Exec Shellcode
Windows - DNS Reverse Download and Exec Shellcode (Metasploit)

Magix Musik Maker 16 - (.mmm) Stack Buffer Overflow (without egg-hunter)
Magix Musik Maker 16 - (.mmm) Stack Buffer Overflow (without egg-hunter) (Metasploit)

Black Ice Cover Page SDK insecure method DownloadImageFileURL() Exploit
Black Ice Cover Page SDK insecure method DownloadImageFileURL() Exploit (Metasploit)

If-CMS 2.07 - Pre-Auth Local File Inclusion Exploit (2)
If-CMS 2.07 - Pre-Auth Local File Inclusion Exploit  (Metasploit) (2)

Microsoft IIS FTP Server <= 7.0 - Stack Exhaustion DoS (MS09-053)
Microsoft IIS FTP Server <= 7.0 - Stack Exhaustion DoS (MS09-053) (Metasploit)

MicroP 0.1.1.1600 - (MPPL File) Stack Buffer Overflow
MicroP 0.1.1.1600 - (.MPPL) Stack Buffer Overflow

Firefox 3.6.16 - OBJECT mChannel Remote Code Execution Exploit (DEP Bypass)
Firefox 3.6.16 - OBJECT mChannel Remote Code Execution Exploit (DEP Bypass) (Metasploit)
HP JetDirect PJL Interface Universal Path Traversal
HP JetDirect PJL Query Execution
HP JetDirect PJL Interface Universal Path Traversal (Metasploit)
HP JetDirect PJL Query Execution (Metasploit)

Jcow Social Networking Script 4.2 <= 5.2 - Arbitrary Code Execution
Jcow Social Networking Script 4.2 <= 5.2 - Arbitrary Code Execution (Metasploit)

LifeSize Room - Command Injection
LifeSize Room - Command Injection (Metasploit)

Opera 10/11 - (bad nesting with frameset tag) Memory Corruption
Opera 10/11 - (bad nesting with frameset tag) Memory Corruption (Metasploit)

Opera Browser 10/11/12 - (SVG layout) Memory Corruption (0Day)
Opera Browser 10/11/12 - (SVG layout) Memory Corruption (0Day) (Metasploit)

Cytel Studio 9.0 - (CY3 File) Stack Buffer Overflow
Cytel Studio 9.0 - (.CY3) Stack Buffer Overflow

NJStar Communicator 3.00 MiniSMTP Server Remote Exploit
NJStar Communicator 3.00 MiniSMTP Server Remote Exploit (Metasploit)

KnFTP 1.0 - Buffer Overflow Exploit (DEP Bypass)
KnFTP 1.0 - Buffer Overflow Exploit (DEP Bypass) (Metasploit)

AbsoluteFTP 1.9.6 < 2.2.10 - Remote Buffer Overflow (LIST)
AbsoluteFTP 1.9.6 < 2.2.10 - Remote Buffer Overflow (LIST) (Metasploit)

QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR BYPASS
QQPLAYER Player 3.2 - PICT PnSize Buffer Overflow Windows DEP_ASLR BYPASS (Metasploit)

Free MP3 CD Ripper 1.1 - (WAV File) Stack Buffer Overflow
Free MP3 CD Ripper 1.1 - (.WAV) Stack Buffer Overflow

CCMPlayer 1.5 - Stack based Buffer Overflow SEH Exploit (.m3u)
CCMPlayer 1.5 - Stack based Buffer Overflow SEH Exploit (.m3u) (Metasploit)
AVID Media Composer Phonetic Indexer Remote Stack BoF
Final Draft 8 - Multiple Stack Buffer Overflows
AVID Media Composer Phonetic Indexer Remote Stack BoF (Metasploit)
Final Draft 8 - Multiple Stack Buffer Overflows (Metasploit)

StoryBoard Quick 6 - Stack Buffer Overflow
StoryBoard Quick 6 - Stack Buffer Overflow (Metasploit)

phpMyAdmin 3.3.x & 3.4.x - Local File Inclusion via XXE Injection
phpMyAdmin 3.3.x & 3.4.x - Local File Inclusion via XXE Injection (Metasploit)

vBSEO <= 3.6.0 - 'proc_deutf()' Remote PHP Code Injection Exploit
vBSEO <= 3.6.0 - 'proc_deutf()' Remote PHP Code Injection Exploit (Metasploit)

The Uploader 2.0.4 - (Eng/Ita) Remote File Upload Remote Code Execution
The Uploader 2.0.4 - (Eng/Ita) Remote File Upload Remote Code Execution (Metasploit)

Liferay XSL - Command Execution
Liferay XSL - Command Execution (Metasploit)

CPE17 Autorun Killer <= 1.7.1 - Stack Buffer Overflow Exploit
CPE17 Autorun Killer <= 1.7.1 - Stack Buffer Overflow Exploit (Metasploit)

Wyse - Machine Remote Power off (DOS) without any privilege
Wyse - Machine Remote Power off (DOS) without any privilege (Metasploit)

TFM MMPlayer (m3u/ppl File) Buffer Overflow
TFM MMPlayer (.m3u/.ppl) Buffer Overflow

Apple iTunes <= 10.6.1.7 Extended m3u Stack Buffer Overflow
Apple iTunes <= 10.6.1.7 Extended m3u Stack Buffer Overflow (Metasploit)

WANGKONGBAO CNS-1000 UTM IPS-FW Directory Traversal
WANGKONGBAO CNS-1000 UTM IPS-FW Directory Traversal (Metasploit)

ALLMediaServer 0.8 SEH Overflow Exploit
ALLMediaServer 0.8 - SEH Overflow Exploit
Siemens Simatic S7-300/400 CPU START/STOP Module
Siemens Simatic S7-300 PLC Remote Memory Viewer
Siemens Simatic S7-1200 CPU START/STOP Module
Siemens Simatic S7-300/400 CPU START/STOP Module (Metasploit)
Siemens Simatic S7-300 PLC Remote Memory Viewer (Metasploit)
Siemens Simatic S7-1200 CPU START/STOP Module (Metasploit)

Sysax Multi Server 5.64 - Create Folder Buffer Overflow
Sysax Multi Server 5.64 - Create Folder Buffer Overflow (Metasploit)

Metasploit < 4.4 - pcap_log Plugin Privilege Escalation Exploit
Metasploit < 4.4 - pcap_log Plugin Privilege Escalation Exploit (Metasploit)

Jira Scriptrunner 2.0.7 - CSRF/RCE Exploit
Jira Scriptrunner 2.0.7 - CSRF/RCE Exploit (Metasploit)

NetWin SurgeFTP Authenticated Admin Command Injection
NetWin SurgeFTP Authenticated Admin Command Injection (Metasploit)

ActFax 5.01 - RAW Server Exploit
ActFax 5.01 - RAW Server Exploit (Metasploit)

Polycom HDX Telnet Authorization Bypass
Polycom HDX Telnet Authorization Bypass (Metasploit)

Microsoft Internet Explorer SLayoutRun Use-After-Free (MS13-009)
Microsoft Internet Explorer SLayoutRun Use-After-Free (MS13-009) (Metasploit)

Ra1NX PHP Bot - pubcall Authentication Bypass Remote Code Execution
Ra1NX PHP Bot - pubcall Authentication Bypass Remote Code Execution (Metasploit)

Mikrotik Syslog Server for Windows 1.15 - Denial of Service
Mikrotik Syslog Server for Windows 1.15 - Denial of Service (Metasploit)

SAP ConfigServlet OS Command Execution
SAP ConfigServlet OS Command Execution (Metasploit)

SAP ConfigServlet Remote Unauthenticated Payload Execution
SAP ConfigServlet Remote Unauthenticated Payload Execution (Metasploit)

Microsoft Internet Explorer textNode Use-After-Free
Microsoft Internet Explorer textNode Use-After-Free (Metasploit)

Java Web Start Double Quote Injection Remote Code Execution
Java Web Start Double Quote Injection Remote Code Execution (Metasploit)

OpenEMR 4.1.1 Patch 14 - SQLi Privilege Escalation Remote Code Execution
OpenEMR 4.1.1 Patch 14 - SQLi Privilege Escalation Remote Code Execution (Metasploit)

Zabbix 2.0.8 - SQL Injection / Remote Code Execution
Zabbix 2.0.8 - SQL Injection / Remote Code Execution (Metasploit)

SikaBoom - Remote Buffer Overflow
SikaBoom - Remote Buffer Overflow (Metasploit)

Dahua DVR 2.608.0000.0 / 2.608.GV00.0 - Authentication Bypass
Dahua DVR 2.608.0000.0 / 2.608.GV00.0 - Authentication Bypass (Metasploit)

VUPlayer 2.49 - (.M3U) Universal Buffer Overflow (DEP Bypass)
VUPlayer 2.49 - (.m3u) Universal Buffer Overflow (DEP Bypass)

Netgear WNR1000v3 - Password Recovery Credential Disclosure
Netgear WNR1000v3 - Password Recovery Credential Disclosure (Metasploit)

Easy CD-DA Recorder - (PLS File) Buffer Overflow
Easy CD-DA Recorder - (.pls) Buffer Overflow

Fitnesse Wiki - Remote Command Execution
Fitnesse Wiki - Remote Command Execution (Metasploit)

EMC Cloud Tiering Appliance 10.0 - Unauthenticated XXE Arbitrary File Read
EMC Cloud Tiering Appliance 10.0 - Unauthenticated XXE Arbitrary File Read (Metasploit)

AlienVault 4.5.0 - Authenticated SQL Injection
AlienVault 4.5.0 - Authenticated SQL Injection (Metasploit)

Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root RCE
Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root RCE (Metasploit)

F5 BIG-IQ 4.1.0.2013.0 - Privilege Escalation
F5 BIG-IQ 4.1.0.2013.0 - Privilege Escalation (Metasploit)

AlienVault OSSIM 4.6.1 - Authenticated SQL Injection
AlienVault OSSIM 4.6.1 - Authenticated SQL Injection (Metasploit)

Raritan PowerIQ 4.1.0 - SQL Injection
Raritan PowerIQ 4.1.0 - SQL Injection (Metasploit)

Mthree Development MP3 to WAV Decoder - (.mp3 File) Remote Buffer Overflow
Mthree Development MP3 to WAV Decoder - (.mp3) Remote Buffer Overflow

ManageEngine Password Manager MetadataServlet.dat SQL Injection
ManageEngine Password Manager MetadataServlet.dat SQL Injection (Metasploit)

Ammyy Admin 3.5 - RCE
Ammyy Admin 3.5 - RCE (Metasploit)

Microsoft Exchange IIS HTTP Internal IP Address Disclosure
Microsoft Exchange IIS HTTP Internal IP Address Disclosure (Metasploit)

ManageEngine OpManager / Social IT Arbitrary File Upload
ManageEngine OpManager / Social IT Arbitrary File Upload (Metasploit)

DotNetNuke DNNspot Store 3.0.0 - Arbitrary File Upload
DotNetNuke DNNspot Store 3.0.0 - Arbitrary File Upload (Metasploit)
Device42 WAN Emulator 2.3 - Traceroute Command Injection
Device42 WAN Emulator 2.3 - Ping Command Injection
Device42 WAN Emulator 2.3 - Traceroute Command Injection (Metasploit)
Device42 WAN Emulator 2.3 - Ping Command Injection (Metasploit)

Microsoft Windows Media Player 11.0.5721.5145 - (.avi File) Buffer Overflow
Microsoft Windows Media Player 11.0.5721.5145 - (.avi) Buffer Overflow

Varnish Cache CLI Interface - Remote Code Execution
Varnish Cache CLI Interface - Remote Code Execution (Metasploit)

Lotus Mail Encryption Server (Protector for Mail) - LFI to RCE
Lotus Mail Encryption Server (Protector for Mail) - LFI to RCE (Metasploit)

OpenMyZip 0.1 - (.zip File) Buffer Overflow
OpenMyZip 0.1 - (.zip) Buffer Overflow

Persistent Systems Client Automation - Command Injection RCE
Persistent Systems Client Automation - Command Injection RCE (Metasploit)

Metasploit Project < 4.11.1 - Initial User Creation CSRF
Metasploit Project < 4.11.1 - Initial User Creation CSRF (Metasploit)

Exim GHOST (glibc gethostbyname) Buffer Overflow
Exim GHOST (glibc gethostbyname) Buffer Overflow (Metasploit)
QNAP - Admin Shell via Bash Environment Variable Code Injection
QNAP - Web Server Remote Code Execution via Bash Environment Variable Code Injection
QNAP - Admin Shell via Bash Environment Variable Code Injection (Metasploit)
QNAP - Web Server Remote Code Execution via Bash Environment Variable Code Injection (Metasploit)

WordPress Business Intelligence Plugin - SQL injection
WordPress Business Intelligence Plugin - SQL injection (Metasploit)

Barracuda Firmware <= 5.0.0.012 - Post Auth Remote Root exploit
Barracuda Firmware <= 5.0.0.012 - Post Auth Remote Root exploit (Metasploit)

PDF Shaper 3.5 - Buffer Overflow
PDF Shaper 3.5 - Buffer Overflow (Metasploit)

Sysaid Helpdesk Software 14.4.32 b25 - SQL Injection
Sysaid Helpdesk Software 14.4.32 b25 - SQL Injection (Metasploit)

Centreon <= 2.5.3 - Remote Command Execution
Centreon 2.5.3 - Remote Command Execution

Symantec Brightmail 10.6.0-7- LDAP Credentials Disclosure
Symantec Brightmail 10.6.0-7- LDAP Credentials Disclosure (Metasploit)

Meteocontrol WEB’log - Admin Password Disclosure
Meteocontrol WEB’log - Admin Password Disclosure (Metasploit)

VUPlayer 2.49 - .m3u Buffer Overflow Exploit (Win 7 DEP Bypass)
VUPlayer 2.49 - (.m3u) Buffer Overflow Exploit (Win 7 DEP Bypass)
VMWare - Setuid vmware-mount Popen lsb_release Privilege Escalation (VMSA-2013-0010)
Centreon 2.5.3 - Web Useralias Command Execution (Metasploit)
 2016-07-28 05:03:16 +00:00