exploit-db-mirror

Author	SHA1	Message	Date
Offensive Security	5386bd7110	DB: 2017-04-21 10 new exploits Femitter FTP Server 1.03 - (RETR) Remote Denial of Service (PoC) Femitter FTP Server 1.03 - 'RETR' Remote Denial of Service (PoC) VirtualBox - Environment and ioctl Unprivileged Host User to Host Kernel Privilege Escalation VirtualBox - 'virtio-net' Guest-to-Host Out-of-Bounds Write Microsoft Windows 10 10586 - IEETWCollector Arbitrary Directory/File Deletion Privilege Escalation Microsoft Windows 10 - Runtime Broker ClipboardBroker Privilege Escalation VirtualBox - Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy VirtualBox 5.1.14 r112924 - Unprivileged Host User to Host Kernel Privilege Escalation via ALSA config VirtualBox 5.0.32 r112930 x64 - Windows Process COM Injection Privilege Escalation 3proxy 0.5.3g (Linux) - proxy.c logurl() Remote Buffer Overflow 3proxy 0.5.3g (Windows x86) - proxy.c logurl() Remote Buffer Overflow 3proxy 0.5.3g - proxy.c logurl() Remote Overflow (exec-shield) 3proxy 0.5.3g (Linux) - 'proxy.c' 'logurl()' Remote Buffer Overflow 3proxy 0.5.3g (Windows x86) - 'proxy.c' 'logurl()' Remote Buffer Overflow 3proxy 0.5.3g - (exec-shield) 'proxy.c' 'logurl()' Remote Overflow 3proxy 0.5.3g (Windows x86) - logurl() Remote Buffer Overflow (Perl) 3proxy 0.5.3g (Windows x86) - 'logurl()' Remote Buffer Overflow (Perl) Microsoft Windows - ManagementObject Arbitrary .NET Serialization Remote Code Execution Apple WebKit / Safari 10.0.2(12602.3.12.0.1) - 'PrototypeMap::createEmptyStructure' Universal Cross-Site Scripting Apple WebKit / Safari 10.0.2(12602.3.12.0.1) - 'operationSpreadGeneric' Universal Cross-Site Scripting	2017-04-21 05:01:18 +00:00
Offensive Security	e4eda3f58a	DB: 2017-04-20	2017-04-20 05:01:17 +00:00
Offensive Security	3c86b861c2	DB: 2017-04-19 4 new exploits Microsoft Windows - Uncredentialed SMB RCE (MS17-010) (Metasploit) Microsoft Windows - Unauthenticated SMB Remote Code Execution (MS17-010) (Metasploit) pinfo 0.6.9 - Local Buffer Overflow Tenable Appliance < 4.5 - Unauthenticated Remote Root Code Execution Microsoft Word - .RTF Remote Code Execution Huawei HG532n - Command Injection (Metasploit)	2017-04-19 05:01:17 +00:00
Offensive Security	cc2ec16c5d	DB: 2017-04-18 3 new exploits WinSCP 5.9.4 - 'LIST' Denial of Service (Metasploit) Microsoft Windows - Uncredentialed SMB RCE (MS17-010) (Metasploit) Openexpert 0.5.17 - SQL Injection Openexpert 0.5.17 - 'area_id' Parameter SQL Injection Mantis Bug Tracker 1.3.0/2.3.0 - Password Reset	2017-04-18 05:01:21 +00:00
Offensive Security	18df65f3e4	DB: 2017-04-17 1 new exploits Microsoft IIS - Malformed HTTP Request Denial of Service (cpp) Microsoft IIS - Malformed HTTP Request Denial of Service VirusChaser 8.0 - Buffer Overflow (SEH)	2017-04-17 05:01:16 +00:00
Offensive Security	b725a55435	DB: 2017-04-16 1 new exploits HP-UX B11.11 - /usr/bin/ct Local Format String Privilege Escalation HP-UX B11.11 - '/usr/bin/ct' Format String Privilege Escalation rsync 2.5.7 - Local Stack Overflow Privilege Escalation rsync 2.5.7 - Stack Overflow Privilege Escalation Linux Kernel 2.6.9 < 2.6.11 (RHEL 4) - 'SYS_EPoll_Wait' Local Integer Overflow Privilege Escalation Linux Kernel 2.6.9 < 2.6.11 (RHEL 4) - 'SYS_EPoll_Wait' Integer Overflow Privilege Escalation Kingsoft AntiVirus 2012 'KisKrnl.sys' 2011.7.8.913 - Local Kernel Mode Privilege Escalation Kingsoft AntiVirus 2012 'KisKrnl.sys' 2011.7.8.913 - Kernel Mode Privilege Escalation MSI - 'NTIOLib.sys' / 'WinIO.sys' Local Privilege Escalation MSI - 'NTIOLib.sys' / 'WinIO.sys' Privilege Escalation Linux Kernel UDEV < 1.4.1 - Netlink Privilege Escalation (Metasploit) Linux Kernel UDEV < 1.4.1 - 'Netlink' Privilege Escalation (Metasploit) Apache::Gallery 0.4/0.5/0.6 - Insecure Local File Storage Privilege Escalation Apache::Gallery 0.4/0.5/0.6 - Insecure File Storage Privilege Escalation Linux Kernel 2.6.x - 'SYS_EPoll_Wait' Local Integer Overflow Privilege Escalation (1) Linux Kernel 2.6.x - 'SYS_EPoll_Wait' Integer Overflow Privilege Escalation (1) Symantec Workspace Virtualization 6.4.1895.0 - Local Kernel Mode Privilege Escalation Symantec Workspace Virtualization 6.4.1895.0 - Kernel Mode Privilege Escalation Microsoft Windows - 'NDPROXY' Local SYSTEM Privilege Escalation (MS14-002) Microsoft Windows - 'NDPROXY' SYSTEM Privilege Escalation (MS14-002) Linux Kernel 3.14-rc1 < 3.15-rc4 (x64) - Raw Mode PTY Local Echo Race Condition Privilege Escalation Linux Kernel 3.14-rc1 < 3.15-rc4 (x64) - Raw Mode PTY Echo Race Condition Privilege Escalation Microsoft Windows - Local procedure Call (LPC) Privilege Escalation Microsoft Windows - Local Procedure Call (LPC) Privilege Escalation Symantec Encryption Desktop 10 - Local Buffer Overflow Privilege Escalation Symantec Encryption Desktop 10 - Buffer Overflow Privilege Escalation Wowza Streaming Engine 4.5.0 - Local Privilege Escalation Wowza Streaming Engine 4.5.0 - Privilege Escalation PCAUSA Rawether (ASUS PCE-AC56 WLAN Card Utilities Windows 10 x64) - Local Privilege Escalation PCAUSA Rawether (ASUS PCE-AC56 WLAN Card Utilities Windows 10 x64) - Privilege Escalation Linux Kernel 4.8.0 UDEV < 232 - Privilege Escalation PonyOS 4.0 - 'fluttershy' LD_LIBRARY_PATH Local Kernel Exploit PonyOS 4.0 - 'fluttershy' LD_LIBRARY_PATH Kernel Privilege Escalation	2017-04-16 05:01:17 +00:00
Offensive Security	8c4e598118	DB: 2017-04-15 1 new exploits Microsoft Windows Kernel win32k.sys - Multiple Bugs in the NtGdiGetDIBitsInternal System Call Microsoft Windows Kernel - 'win32k.sys' Multiple Issues 'NtGdiGetDIBitsInternal' System Call Adobe Creative Cloud Desktop Application <= 4.0.0.185 - Privilege Escalation Adobe Creative Cloud Desktop Application < 4.0.0.185 - Privilege Escalation Concrete5 - index.php/tools/required/files/replace searchInstance Parameter Cross-Site Scripting Concrete5 - index.php/tools/required/files/add_to searchInstance Parameter Cross-Site Scripting Concrete5 - index.php/tools/required/files/Permissions searchInstance Parameter Cross-Site Scripting Concrete5 - index.php/tools/required/Dashboard/sitemap_data.php Multiple Parameter Cross-Site Scripting Concrete5 - index.php/tools/required/files/search_dialog ocID Parameter Cross-Site Scripting Concrete5 - index.php/tools/required/files/customize_search_columns searchInstance Parameter Cross-Site Scripting Concrete5 - index.php/tools/required/files/search_results searchInstance Parameter Cross-Site Scripting Concrete5 - index.php/tools/required/sitemap_search_selector Multiple Parameter Cross-Site Scripting Concrete5 - index.php/tools/required/files/import Multiple Parameter Cross-Site Scripting Concrete5 - index.php/tools/required/files/bulk_properties searchInstance Parameter Cross-Site Scripting Concrete5 8.1.0 - 'Host' Header Injection	2017-04-15 05:01:18 +00:00
Offensive Security	aabd4b35b3	DB: 2017-04-14 12 new exploits Microsoft Windows Kernel win32k.sys - Multiple Bugs in the NtGdiGetDIBitsInternal System Call Microsoft Windows Kernel - 'win32kfull!SfnINLPUAHDRAWMENUITEM' Stack Memory Disclosure PonyOS 3.0 - tty ioctl() Local Kernel Exploit PonyOS 3.0 - TTY 'ioctl()' Local Kernel Exploit Solaris 7 - 11 (x86 & SPARC) - 'EXTREMEPARR' dtappgather Privilege Escalation Solaris 7 < 11 (x86 / SPARC) - 'EXTREMEPARR' dtappgather Privilege Escalation GNS3 Mac OS-X 1.5.2 - 'ubridge' Privilege Escalation PonyOS 4.0 - 'fluttershy' LD_LIBRARY_PATH Local Kernel Exploit Adobe Creative Cloud Desktop Application <= 4.0.0.185 - Privilege Escalation Ethernet Device Drivers Frame Padding - Info Leakage Exploit (Etherleak) Ethernet Device Drivers Frame Padding - 'Etherleak' Infomation Leakage Exploit Cisco Catalyst 2960 IOS 12.2(55)SE1 - 'ROCEM' Remote Code Execution Linux/x86-64 - execve(_/bin/sh_) Shellcode (31 bytes) Coppermine Gallery < 1.5.44 - Directory Traversal Weaknesses SedSystems D3 Decimator - Multiple Vulnerabilities agorum core Pro 7.8.1.4-251 - Cross-Site Request Forgery agorum core Pro 7.8.1.4-251 - Persistent Cross-Site Scripting Alienvault OSSIM/USM 5.3.4/5.3.5 - Remote Command Execution (Metasploit)	2017-04-14 05:01:15 +00:00
Offensive Security	2ac6fc17c2	DB: 2017-04-13 3 new exploits Solaris 7 - 11 (x86 & SPARC) - 'EXTREMEPARR' dtappgather Privilege Escalation Cisco Catalyst 2960 IOS 12.2(55)SE11 - 'ROCEM' Remote Code Execution D-Link DWR-116 / DWR-116A1 - Arbitrary File Download	2017-04-13 05:01:16 +00:00
Offensive Security	814ba132f8	DB: 2017-04-12 18 new exploits Apple WebKit - 'JSC::B3::Procedure::resetReachability' Use-After-Free Apple WebKit - 'Document::adoptNode' Use-After-Free Apple WebKit - 'JSC::SymbolTableEntry::isWatchable' Heap Buffer Overflow Proxifier for Mac 2.18 - Multiple Vulnerabilities Proxifier for Mac 2.17 / 2.18 - Privesc Escalation Xen - Broken Check in 'memory_exchange()' Permits PV Guest Breakout Quest Privilege Manager 6.0.0 - Arbitrary File Write Adobe Multiple Products - XML Injection File Content Disclosure MyClassifiedScript 5.1 - SQL Injection Social Directory Script 2.0 - SQL Injection FAQ Script 3.1.3 - 'category_id' Parameter SQL Injection WordPress Plugin Spider Event Calendar 1.5.51 - Blind SQL Injection MyBB < 1.8.11 - 'email' MyCode Cross-Site Scripting MyBB smilie Module < 1.8.11 - 'pathfolder' Directory Traversal Brother MFC-J6520DW - Authentication Bypass / Password Change Horde Groupware Webmail 3 / 4 / 5 - Multiple Remote Code Execution Apple WebKit / Safari 10.0.3 (12602.4.8) - Synchronous Page Load Universal Cross-Site Scripting Apple WebKit / Safari 10.0.3 (12602.4.8) - Universal Cross-Site Scripting via a Focus Event and a Link Element	2017-04-12 05:01:16 +00:00
Offensive Security	341f44bf34	DB: 2017-04-11 4 new exploits Moxa MXview 2.8 - Denial of Service Moxa MXview 2.8 - Private Key Disclosure Moxa MX AOPC-Server 1.5 - XML External Entity Injection Jobscript4Web 4.5 - Authentication Bypass	2017-04-11 05:01:16 +00:00
Offensive Security	ddb02a2ec6	DB: 2017-04-08 16 new exploits Aztek Forum 4.00 - 'myadmin.php' User Privilege Escalation Aztek Forum 4.0 - 'myadmin.php' User Privilege Escalation Intellinet NFC-30IR Camera - Multiple Vulnerabilities Faveo Helpdesk Community 1.9.3 - Cross-Site Request Forgery Invoice Template - 'hash' Parameter SQL Injection Document Management Template - 'hash' Parameter SQL Injection Shopping Cart Template - 'item' Parameter SQL Injection Calendar Template 2.0 - 'editid1' Parameter SQL Injection Forum Template 1.0 - SQL Injection Quiz Template 1.0 - 'testid' Parameter SQL Injection Survey Template 1.1 - 'masterkey1' Parameter SQL Injection My Gaming Ladder Combo System 7.5 - SQL Injection Ladder System 6.0 - 'faqid' Parameter SQL Injection WordPress Plugin Firewall 2 1.3 - Cross-Site Request Forgery / Cross-Site Scripting QNAP TVS-663 QTS < 4.2.4 build 20170313 - Command Injection e107 CMS 2.1.4 - Cross-Site Request Forgery WordPress Plugin WHIZZ < 1.1.1 - Cross-Site Request Forgery WordPress Plugin CopySafe Web Protect < 2.6 - Cross-Site Request Forgery	2017-04-08 05:01:18 +00:00
Offensive Security	7018b7742d	DB: 2017-04-07 7 new exploits Microsoft Windows - Explorer (.WMF) CreateBrushIndirect Denial of Service Microsoft Windows Explorer - '.WMF' CreateBrushIndirect Denial of Service Microsoft Windows - Explorer (.AVI) Unspecified Denial of Service Microsoft Windows Explorer - '.AVI' Unspecified Denial of Service Microsoft Windows - Explorer Unspecified .ANI File Denial of Service Microsoft Windows Explorer - Unspecified '.ANI' File Denial of Service Microsoft Windows - explorer.exe Gif Image Denial of Service Microsoft Windows Explorer - '.GIF' Image Denial of Service Microsoft Windows Media Player - AIFF Divide By Zero Exception Denial of Service (PoC) Microsoft Windows Media Player - '.AIFF' Divide By Zero Exception Denial of Service (PoC) Microsoft Windows - Explorer Unspecified .doc File Denial of Service Microsoft Windows Explorer - Unspecified '.doc' File Denial of Service Microsoft Windows - GDI+ '.ico' Remote Division By Zero Exploit Microsoft Windows - GDI+ '.ICO' Remote Division By Zero Exploit DesignWorks Professional 4.3.1 - Local .CCT File Stack Buffer Overflow (PoC) DesignWorks Professional 4.3.1 - Local '.CCT' File Stack Buffer Overflow (PoC) IrfanView 4.33 - Format PlugIn .TTF File Parsing Stack Based Overflow IrfanView 4.33 - Format PlugIn '.TTF' File Parsing Stack Based Overflow Microsoft Windows NT 4/2000 - TCP/IP Printing Service Denial of Service Microsoft Windows NT 4.0/2000 - TCP/IP Printing Service Denial of Service Microsoft Windows NT 4.0 / 2000 - LPC Zone Memory Depletion Denial of Service Microsoft Windows NT 4.0/2000 - LPC Zone Memory Depletion Denial of Service Microsoft Windows NT / 2000 - Terminal Server Service RDP Denial of Service Microsoft Windows NT/2000 - Terminal Server Service RDP Denial of Service Microsoft Windows NT 4/2000 - TCP Stack Denial of Service (1) Microsoft Windows NT 4/2000 - TCP Stack Denial of Service (2) Microsoft Windows NT 4.0/2000 - TCP Stack Denial of Service (1) Microsoft Windows NT 4.0/2000 - TCP Stack Denial of Service (2) Microsoft Windows XP/2000/NT 4 - Network Share Provider SMB Request Buffer Overflow (1) Microsoft Windows XP/2000/NT 4 - Network Share Provider SMB Request Buffer Overflow (2) Microsoft Windows XP/2000/NT 4.0 - Network Share Provider SMB Request Buffer Overflow (1) Microsoft Windows XP/2000/NT 4.0 - Network Share Provider SMB Request Buffer Overflow (2) Microsoft Windows XP/2000/NT 4 - RPC Service Denial of Service (1) Microsoft Windows XP/2000/NT 4 - RPC Service Denial of Service (2) Microsoft Windows XP/2000/NT 4 - RPC Service Denial of Service (3) Microsoft Windows XP/2000/NT 4 - RPC Service Denial of Service (4) Microsoft Windows XP/2000/NT 4.0 - RPC Service Denial of Service (1) Microsoft Windows XP/2000/NT 4.0 - RPC Service Denial of Service (2) Microsoft Windows XP/2000/NT 4.0 - RPC Service Denial of Service (3) Microsoft Windows XP/2000/NT 4.0 - RPC Service Denial of Service (4) Microsoft Windows XP/95/98/2000/NT 4 - 'Riched20.dll' Attribute Buffer Overflow Microsoft Windows XP/95/98/2000/NT 4.0 - 'Riched20.dll' Attribute Buffer Overflow Microsoft Windows XP/2000/NT 4 - Shell Long Share Name Buffer Overrun Microsoft Windows XP/2000/NT 4.0 - Shell Long Share Name Buffer Overrun Microsoft Windows Explorer - 'explorer.exe' .WMV File Handling Denial of Service Microsoft Windows Explorer - 'explorer.exe' '.WMV' File Handling Denial of Service Apple Mac OSX 10.4.x - iMovie HD .imovieproj Filename Format String Apple Mac OSX 10.4.x - Help Viewer .help Filename Format String Apple Mac OSX 10.4.x - iMovie HD '.imovieproj' Filename Format String Apple Mac OSX 10.4.x - Help Viewer '.help' Filename Format String Microsoft Windows XP/2003 - Explorer .WMF File Handling Denial of Service Microsoft Windows XP/2003 - Explorer '.WMF' File Handling Denial of Service Microsoft Windows Cursor - Object Potential Memory Leak (MS15-115) Microsoft Windows - Cursor Object Potential Memory Leak (MS15-115) Microsoft Windows Kernel win32k!OffsetChildren - Null Pointer Dereference Microsoft Windows Kernel - win32k!OffsetChildren Null Pointer Dereference Palo Alto Networks PanOS appweb3 - Stack Buffer Overflow Palo Alto Networks PanOS - appweb3 Stack Buffer Overflow Cesanta Mongoose OS - Use-After-Free CommVault Edge 11 SP6 - Stack Buffer Overflow (PoC) GLIBC (via /bin/su) - Privilege Escalation GLIBC - '/bin/su' Privilege Escalation cPanel 10.8.x - (cpwrap via mysqladmin) Privilege Escalation cPanel 10.8.x - (cpwrap via MySQLAdmin) Privilege Escalation Microsoft Windows - NtRaiseHardError Csrss.exe Memory Disclosure Microsoft Windows - NtRaiseHardError 'Csrss.exe' Memory Disclosure Microsoft Windows Contacts - 'wab32res.dll' DLL Hijacking Microsoft Windows - Contacts 'wab32res.dll' DLL Hijacking Microsoft Visio - 'VISIODWG.dll' .DXF File Handling (MS10-028) (Metasploit) Microsoft Visio - 'VISIODWG.dll' '.DXF' File Handling (MS10-028) (Metasploit) Microsoft Windows - Task Scheduler .XML Privilege Escalation (MS10-092) (Metasploit) Microsoft Windows - Task Scheduler '.XML' Privilege Escalation (MS10-092) (Metasploit) Microsoft Windows NT 4/2000 - DLL Search Path Microsoft Windows NT 4.0/2000 - DLL Search Path Microsoft Windows NT 4.0 / 2000 Predictable LPC Message Identifier - Multiple Vulnerabilities Microsoft Windows NT 4.0/2000 Predictable LPC Message Identifier - Multiple Vulnerabilities Microsoft Windows NT 4.0 / 2000 - Spoofed LPC Request (MS00-003) Microsoft Windows NT 4.0/2000 - Spoofed LPC Request (MS00-003) Microsoft Windows NT 3/4 - CSRSS Memory Access Violation Microsoft Windows NT 3/4.0 - CSRSS Memory Access Violation Microsoft Windows NT 4/2000 - NTFS File Hiding Microsoft Windows NT 4.0/2000 - NTFS File Hiding Microsoft Windows NT 4/2000 - Process Handle Local Privilege Elevation Microsoft Windows NT 4.0/2000 - Process Handle Local Privilege Elevation Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (1) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (2) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (3) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (4) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (5) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (6) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (7) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (8) Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (1) Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (2) Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (3) Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (4) Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (5) Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (6) Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (7) Microsoft Windows XP/2000/NT 4.0 - Window Message Subsystem Design Error (8) Microsoft Windows XP/2000/NT 4 - NetDDE Privilege Escalation (1) Microsoft Windows XP/2000/NT 4 - NetDDE Privilege Escalation (2) Microsoft Windows XP/2000/NT 4.0 - NetDDE Privilege Escalation (1) Microsoft Windows XP/2000/NT 4.0 - NetDDE Privilege Escalation (2) Microsoft Windows Server 2000 - Help Facility .CNT File :Link Buffer Overflow Microsoft Windows Server 2000 - Help Facility '.CNT' File :Link Buffer Overflow Microsoft Windows NT 4/2000 - Local Descriptor Table Privilege Escalation (MS04-011) Microsoft Windows NT 4.0/2000 - Local Descriptor Table Privilege Escalation (MS04-011) Microsoft Windows NT 4/2000 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020) Microsoft Windows NT 4.0/2000 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020) Microsoft Windows 10 Build 10130 - User Mode Font Driver Thread Permissions Privilege Escalation Microsoft Windows 10 (Build 10130) - User Mode Font Driver Thread Permissions Privilege Escalation Palo Alto Networks PanOS root_reboot - Privilege Escalation Palo Alto Networks PanOS - root_reboot Privilege Escalation Oracle 9i / 10g - File System Access via utl_file Exploit Oracle 9i / 10g - 'utl_file' File System Access Exploit KDE 4.4.1 - Ksysguard Remote Code Execution via Cross Application Scripting KDE 4.4.1 - Ksysguard Remote Code Execution (via Cross Application Scripting) QuickPHP Web Server Arbitrary - 'src .php' File Download QuickPHP Web Server - Arbitrary '.php' File Download Microsoft Windows Common Control Library (Comctl32) - Heap Overflow (MS10-081) Microsoft Windows - Common Control Library (Comctl32) Heap Overflow (MS10-081) Microsoft Internet Explorer 4 (Windows 95/NT 4) - Setupctl ActiveX Control Buffer Overflow Microsoft Internet Explorer 4 (Windows 95/NT 4.0) - Setupctl ActiveX Control Buffer Overflow Microsoft Internet Explorer 5 (Windows 95/98/2000/NT 4) - XML HTTP Redirect Microsoft Internet Explorer 5 (Windows 95/98/2000/NT 4.0) - XML HTTP Redirect Microsoft Windows NT 4/2000 - NetBIOS Name Conflict Microsoft Windows NT 4.0/2000 - NetBIOS Name Conflict X-Chat 1.2/1.3/1.4/1.5 - Command Execution Via URLs X-Chat 1.2/1.3/1.4/1.5 - Command Execution via URLs Microsoft Windows 95/98/2000/NT4 - WinHlp Item Buffer Overflow Microsoft Windows 95/98/2000/NT 4.0 - WinHlp Item Buffer Overflow Microsoft Windows XP/2000/NT 4 - Help Facility ActiveX Control Buffer Overflow Microsoft Windows XP/2000/NT 4.0 - Help Facility ActiveX Control Buffer Overflow Microsoft Windows XP/2000/NT 4 - Locator Service Buffer Overflow Microsoft Windows XP/2000/NT 4.0 - Locator Service Buffer Overflow AIX 3.x/4.x / Windows 95/98/2000/NT 4 / SunOS 5 gethostbyname() - Buffer Overflow AIX 3.x/4.x / Windows 95/98/2000/NT 4.0 / SunOS 5 gethostbyname() - Buffer Overflow Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (1) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (2) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (3) Microsoft IIS 5.0 (Windows XP/2000/NT 4) - WebDAV 'ntdll.dll' Buffer Overflow (4) Microsoft IIS 5.0 (Windows XP/2000/NT 4.0) - WebDAV 'ntdll.dll' Buffer Overflow (1) Microsoft IIS 5.0 (Windows XP/2000/NT 4.0) - WebDAV 'ntdll.dll' Buffer Overflow (2) Microsoft IIS 5.0 (Windows XP/2000/NT 4.0) - WebDAV 'ntdll.dll' Buffer Overflow (3) Microsoft IIS 5.0 (Windows XP/2000/NT 4.0) - WebDAV 'ntdll.dll' Buffer Overflow (4) Microsoft Windows XP/2000/NT 4 - HTML Converter HR Align Buffer Overflow Microsoft Windows XP/2000/NT 4.0 - HTML Converter HR Align Buffer Overflow Microsoft Windows NT 4/2000 - Media Services 'nsiislog.dll' Remote Buffer Overflow Microsoft Windows NT 4.0/2000 - Media Services 'nsiislog.dll' Remote Buffer Overflow Cerulean Studios Trillian 3.0 - Remote .png Image File Parsing Buffer Overflow Cerulean Studios Trillian 3.0 - Remote '.png' Image File Parsing Buffer Overflow Zoom Player 3.30/5/6 - Crafted .ZPL File Error Message Arbitrary Code Execution Zoom Player 3.30/5/6 - Crafted '.ZPL' File Error Message Arbitrary Code Execution SpiceWorks 7.5 TFTP - Remote File Overwrite / Upload Windows 10 x64 - Egghunter Shellcode (45 bytes) eFiction 2.0 - 'Fake .gif' Arbitrary File Upload eFiction 2.0 - Fake '.GIF' Arbitrary File Upload cPanel 10.8.x - (cpwrap via mysqladmin) Privilege Escalation (PHP) cPanel 10.8.x - (cpwrap via MySQLAdmin) Privilege Escalation (PHP) Apple WebKit 10.0.2(12602.3.12.0.1) - 'disconnectSubframes' Universal Cross-Site Scripting Apple WebKit 10.0.2(12602.3.12.0.1_ r210800) - 'constructJSReadableStreamDefaultReader' Type Confusion Apple WebKit 10.0.2 (12602.3.12.0.1) - 'disconnectSubframes' Universal Cross-Site Scripting Apple WebKit 10.0.2 (12602.3.12.0.1_ r210800) - 'constructJSReadableStreamDefaultReader' Type Confusion SharePoint 2007/2010 and DotNetNuke < 6 - File Disclosure via XEE SharePoint 2007/2010 and DotNetNuke < 6 - File Disclosure (via XEE) The Uploader 2.0.4 - (English/Italian) Arbitrary File Upload / Remote Code Execution (Metasploit) The Uploader 2.0.4 (English/Italian) - Arbitrary File Upload / Remote Code Execution (Metasploit) elFinder 2 - Remote Command Execution (Via File Creation) elFinder 2 - Remote Command Execution (via File Creation) Magento < 2.0.6 - Unauthenticated Arbitrary Unserialize -> Arbitrary Write File Magento < 2.0.6 - Unauthenticated Arbitrary Unserialize / Arbitrary Write File AXIS Multiple Products - Authenticated Remote Command Execution via devtools Vector AXIS Multiple Products - 'devtools ' Authenticated Remote Command Execution GeoMoose < 2.9.2 - Directory Traversal Moodle 2.x/3.x - SQL Injection HelpDEZK 1.1.1 - Cross-Site Request Forgery / Code Execution	2017-04-07 05:01:20 +00:00
Offensive Security	eed6486b7b	DB: 2017-04-06 6 new exploits macOS/iOS Kernel 10.12.3 (16D32) - 'bpf' Heap Overflow Apple macOS/iOS Kernel 10.12.3 (16D32) - 'bpf' Heap Overflow macOS/iOS Kernel 10.12.3 (16D32) - SIOCGIFORDER Socket ioctl Off-by-One Memory Corruption Apple macOS/iOS Kernel 10.12.3 (16D32) - SIOCGIFORDER Socket ioctl Off-by-One Memory Corruption macOS Kernel 10.12.2 (16C67) - Memory Disclosure Due to Lack of Bounds Checking in AppleIntelCapriController::getDisplayPipeCapability Apple macOS Kernel 10.12.2 (16C67) - Memory Disclosure Due to Lack of Bounds Checking in AppleIntelCapriController::getDisplayPipeCapability macOS 10.12.1 Kernel - Writable Privileged IOKit Registry Properties Code Execution macOS 10.12 - Double vm_deallocate in Userspace MIG Code Use-After-Free Apple macOS 10.12.1 Kernel - Writable Privileged IOKit Registry Properties Code Execution Apple macOS 10.12 - Double vm_deallocate in Userspace MIG Code Use-After-Free macOS Kernel 10.12.3 (16D32) - Use-After-Free Due to Double-Release in posix_spawn macOS/iOS Kernel 10.12.3 (16D32) - SIOCSIFORDER Socket ioctl Memory Corruption Due to Bad Bounds Checking macOS Kernel 10.12.3 (16D32) - 'audit_pipe_open' Off-by-One Memory Corruption macOS/iOS Kernel 10.12.3 (16D32) - Bad Locking in necp_open Use-After-Free Apple macOS Kernel 10.12.3 (16D32) - Use-After-Free Due to Double-Release in posix_spawn Apple macOS/iOS Kernel 10.12.3 (16D32) - SIOCSIFORDER Socket ioctl Memory Corruption Due to Bad Bounds Checking Apple macOS Kernel 10.12.3 (16D32) - 'audit_pipe_open' Off-by-One Memory Corruption Apple macOS/iOS Kernel 10.12.3 (16D32) - Bad Locking in necp_open Use-After-Free macOS Kernel 10.12.2 (16C67) - 'AppleIntelCapriController::GetLinkConfig' Code Execution Due to Lack of Bounds Checking Apple macOS Kernel 10.12.2 (16C67) - 'AppleIntelCapriController::GetLinkConfig' Code Execution Due to Lack of Bounds Checking macOS/iOS Kernel 10.12.3 (16D32) - Double-Free Due to Bad Locking in fsevents Device Apple macOS/iOS Kernel 10.12.3 (16D32) - Double-Free Due to Bad Locking in fsevents Device macOS < 10.12.2 / iOS < 10.2 Kernel - _kernelrpc_mach_port_insert_right_trap Reference Count Leak / Use-After-Free Apple macOS < 10.12.2 / iOS < 10.2 Kernel - _kernelrpc_mach_port_insert_right_trap Reference Count Leak / Use-After-Free macOS HelpViewer 10.12.1 - XSS Leads to Arbitrary File Execution and Arbitrary File Read Apple macOS HelpViewer 10.12.1 - XSS Leads to Arbitrary File Execution and Arbitrary File Read ImagePro Lazygirls Clone Script - SQL Injection Airbnb Crashpadder Clone Script - SQL Injection Premium Penny Auction Script - SQL Injection Sweepstakes Pro Software - SQL Injection Appointment Script - SQL Injection D-Link DIR-615 - Cross-Site Request Forgery	2017-04-06 05:01:18 +00:00
Offensive Security	6624e39c26	DB: 2017-04-05 31 new exploits macOS/iOS Kernel 10.12.3 (16D32) - 'bpf' Heap Overflow macOS/iOS Kernel 10.12.3 (16D32) - SIOCGIFORDER Socket ioctl Off-by-One Memory Corruption macOS Kernel 10.12.2 (16C67) - Memory Disclosure Due to Lack of Bounds Checking in AppleIntelCapriController::getDisplayPipeCapability macOS Kernel 10.12.3 (16D32) - Use-After-Free Due to Double-Release in posix_spawn macOS/iOS Kernel 10.12.3 (16D32) - SIOCSIFORDER Socket ioctl Memory Corruption Due to Bad Bounds Checking macOS Kernel 10.12.3 (16D32) - 'audit_pipe_open' Off-by-One Memory Corruption macOS/iOS Kernel 10.12.3 (16D32) - Bad Locking in necp_open Use-After-Free macOS Kernel 10.12.2 (16C67) - 'AppleIntelCapriController::GetLinkConfig' Code Execution Due to Lack of Bounds Checking Broadcom Wi-Fi SoC - Heap Overflow in _wlc_tdls_cal_mic_chk_ Due to Large RSN IE in TDLS Setup Confirm Frame Apple WebKit 10.0.2 - HTMLInputElement Use-After-Free Apple WebKit - 'RenderLayer' Use-After-Free Apple WebKit - Negative-Size memmove in HTMLFormElement Apple WebKit - 'FormSubmission::create' Use-After-Free Apple WebKit - 'ComposedTreeIterator::traverseNextInShadowTree' Use-After-Free Apple WebKit - 'table' Use-After-Free Apple WebKit - 'WebCore::toJS' Use-After-Free macOS/iOS Kernel 10.12.3 (16D32) - Double-Free Due to Bad Locking in fsevents Device Bluecoat ASG 6.6/CAS 1.3 - Privilege Escalation (Metasploit) Bluecoat ASG 6.6/CAS 1.3 - OS Command Injection (Metasploit) Broadcom Wi-Fi SoC - TDLS Teardown Request Remote Heap Overflow Exploit SolarWinds LEM 6.3.1 - Remote Code Execution (Metasploit) Logsign 4.4.2 / 4.4.137 - Remote Command Injection (Metasploit) Broadcom Wi-Fi SoC - 'dhd_handle_swc_evt' Heap Overflow Pixie 1.0.4 - Arbitrary File Upload Apple Webkit - Universal Cross-Site Scripting by Accessing a Named Property from an Unloaded Window Apple WebKit 10.0.2(12602.3.12.0.1) - 'disconnectSubframes' Universal Cross-Site Scripting Apple WebKit 10.0.2(12602.3.12.0.1_ r210800) - 'constructJSReadableStreamDefaultReader' Type Confusion Apple WebKit 10.0.2(12602.3.12.0.1) - 'Frame::setDocument (1)' Universal Cross-Site Scripting Apple Webkit - 'JSCallbackData' Universal Cross-Site Scripting Maian Uploader 4.0 - 'index.php' keywords Parameter Cross-Site Scripting Maian Uploader 4.0 - admin/index.php keywords Parameter Cross-Site Scripting Maian Uploader 4.0 - admin/inc/header.php Multiple Parameter Cross-Site Scripting Maian Uploader 4.0 - 'keywords' Parameter Cross-Site Scripting Maian Uploader 4.0 - 'index.php' Cross-Site Scripting Maian Uploader 4.0 - 'header.php' Cross-Site Scripting Maian Uploader 4.0 - 'user' Parameter SQL Injection Maian Survey 1.1 - 'survey' Parameter SQL Injection Maian Greetings 2.1 - 'cat' Parameter SQL Injection	2017-04-05 05:01:18 +00:00
Offensive Security	8ce122cbaf	DB: 2017-04-04 3 new exploits BackBox OS - Denial of Service Apache Tomcat 6/7/8/9 - Information Disclosure Zyxel_ EMG2926 < V1.00(AAQT.4)b8 - OS Command Injection	2017-04-04 05:01:25 +00:00
Offensive Security	3d6d1ee44b	DB: 2017-04-03	2017-04-03 05:01:17 +00:00
Offensive Security	0320cba051	DB: 2017-04-02 6 new exploits Microsoft Internet Explorer 11 - Crash PoC (1) Microsoft Internet Explorer 11 - Crash (PoC) (1) Microsoft Windows SQL Server - Denial of Service Remote Exploit (MS03-031) Microsoft Windows SQL Server - Remote Denial of Service (MS03-031) Microsoft Exchange Server 2000 - XEXCH50 Heap Overflow PoC (MS03-046) Microsoft Exchange Server 2000 - XEXCH50 Heap Overflow (PoC) (MS03-046) Microsoft Windows - MSDTC Service Remote Memory Modification PoC (MS05-051) Microsoft Windows - MSDTC Service Remote Memory Modification (PoC) (MS05-051) Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow PoC (MS06-005) (1) Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow (PoC) (MS06-005) (1) Microsoft Windows - '.png' File IHDR Block Denial of Service PoC (1) Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (1) Microsoft Windows - '.png' File IHDR Block Denial of Service PoC (3) Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (3) Microsoft Windows - '.png' File IHDR Block Denial of Service PoC (2) Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (2) Apple Airport - 802.11 Probe Response Kernel Memory Corruption PoC (Metasploit) Apple Airport - 802.11 Probe Response Kernel Memory Corruption (PoC) (Metasploit) Microsoft Windows - DNS Resolution Remote Denial of Service PoC (MS06-041) Microsoft Windows - DNS Resolution Remote Denial of Service (PoC) (MS06-041) Microsoft Excel - Malformed Palette Record Denial of Service PoC (MS07-002) Microsoft Excel - Malformed Palette Record Denial of Service (PoC) (MS07-002) BaoFeng2 - 'mps.dll' ActiveX Multiple Remote Buffer Overflow PoCs BaoFeng2 - 'mps.dll' ActiveX Multiple Remote Buffer Overflow (PoCs) Visual Basic - 'vbe6.dll' Local Stack Overflow PoC / Denial of Service Visual Basic - 'vbe6.dll' Local Stack Overflow (PoC) / Denial of Service freeSSHd 1.2.1 - Remote Stack Overflow PoC Authenticated freeSSHd 1.2.1 - Authenticated Remote Stack Overflow (PoC) Microsoft Internet Explorer GDI+ - PoC (MS08-052) Microsoft Internet Explorer GDI+ - (PoC) (MS08-052) Microsoft Windows - GDI+ PoC (MS08-052) (2) Microsoft Windows - GDI+ (PoC) (MS08-052) (2) Microsoft Windows - InternalOpenColorProfile Heap Overflow PoC (MS08-046) GuildFTPd 0.999.8.11/0.999.14 - Heap Corruption PoC/Denial of Service Microsoft Windows - InternalOpenColorProfile Heap Overflow (PoC) (MS08-046) GuildFTPd 0.999.8.11/0.999.14 - Heap Corruption (PoC) / Denial of Service Apple Safari - 'ARGUMENTS' Array Integer Overflow PoC (New Heap Spray) Apple Safari - 'ARGUMENTS' Array Integer Overflow (PoC) (New Heap Spray) Adobe Acrobat Reader - JBIG2 Local Buffer Overflow PoC (2) Adobe Acrobat Reader - JBIG2 Local Buffer Overflow (PoC) (2) eZip Wizard 3.0 - Local Stack Buffer Overflow PoC (SEH) eZip Wizard 3.0 - Local Stack Buffer Overflow (PoC) (SEH) Chasys Media Player 1.1 - '.pls' Local Buffer Overflow PoC (SEH) Chasys Media Player 1.1 - '.pls' Local Buffer Overflow (PoC) (SEH) Mozilla Firefox XSL - Parsing Remote Memory Corruption PoC (1) Mozilla Firefox XSL - Parsing Remote Memory Corruption (PoC) (1) Mozilla Firefox XSL - Parsing Remote Memory Corruption PoC (2) Mozilla Firefox XSL - Parsing Remote Memory Corruption (PoC) (2) Microsoft Internet Explorer - EMBED Memory Corruption PoC (MS09-014) Microsoft Internet Explorer - EMBED Memory Corruption (PoC) (MS09-014) DigiMode Maya 1.0.2 - '.m3u' / '.m3l' Buffer Overflow PoCs DigiMode Maya 1.0.2 - '.m3u' / '.m3l' Buffer Overflow (PoCs) AIMP 2.51 build 330 - ID3v1/ID3v2 Tag Remote Stack Buffer Overflow PoC (SEH) AIMP 2.51 build 330 - ID3v1/ID3v2 Tag Remote Stack Buffer Overflow (PoC) (SEH) MySQL 5.0.45 - Authenticated COM_CREATE_DB Format String PoC MySQL 5.0.45 - Authenticated COM_CREATE_DB Format String (PoC) otsAV DJ/TV/Radio - Multiple Local Heap Overflow PoCs otsAV DJ/TV/Radio - Multiple Local Heap Overflow (PoCs) JetAudio 7.5.3 COWON Media Center - '.wav' Crash Streaming Audio Player 0.9 - (skin) Local Stack Overflow PoC (SEH) Soritong MP3 Player 1.0 - (SKIN) Local Stack Overflow PoC (SEH) Streaming Audio Player 0.9 - 'skin' Local Stack Overflow (PoC) (SEH) Soritong MP3 Player 1.0 - 'SKIN' Local Stack Overflow (PoC) (SEH) Tuniac 090517c - '.m3u' Local File Crash (PoC) HTML Email Creator & Sender 2.3 - Local Buffer Overflow PoC (SEH) HTML Email Creator & Sender 2.3 - Local Buffer Overflow (PoC) (SEH) PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow PoC (1) PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow PoC (2) PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow (PoC) (1) PPstream 2.6.86.8900 - PPSMediaList ActiveX Remote Buffer Overflow (PoC) (2) BigAnt Server 2.50 SP6 - '.zip' Local Buffer Overflow PoC (2) BigAnt Server 2.50 SP6 - '.zip' Local Buffer Overflow (PoC) (2) Eureka Email Client 2.2q - PoC Buffer Overflow Eureka Email Client 2.2q - Buffer Overflow (PoC) Microsoft Windows 7 / Server 2008 R2 - Remote Kernel Crash Microsoft Windows 7 / 2008 R2 - Remote Kernel Crash Picpuz 2.1.1 - Buffer Overflow Denial of Service/PoC Picpuz 2.1.1 - Buffer Overflow Denial of Service (PoC) Total MultiMedia Features - Denial of Service PoC for Sony Ericsson Phones Total MultiMedia Features - Sony Ericsson Phones Denial of Service (PoC) Mozilla Firefox 3.6 - (XML parser) Memory Corruption PoC/Denial of Service Mozilla Firefox 3.6 - (XML parser) Memory Corruption (PoC) / Denial of Service iPhone FTP Server (WiFi FTP) by SavySoda - Denial of Service/PoC iPhone FTP Server (WiFi FTP) by SavySoda - Denial of Service (PoC) RCA DCM425 Cable Modem - micro_httpd Denial of Service/PoC RCA DCM425 Cable Modem - 'micro_httpd' Denial of Service (PoC) Free MP3 CD Ripper 2.6 - '.wav' PoC Free MP3 CD Ripper 2.6 - '.wav' (PoC) Anyzip 1.1 - '.zip' PoC (SEH) Anyzip 1.1 - '.zip' (PoC) (SEH) Microsoft Windows - SMB Client-Side Bug PoC (MS10-006) Microsoft Windows - SMB Client-Side Bug (PoC) (MS10-006) Webby WebServer - PoC SEH control Webby WebServer - SEH Control (PoC) FreeBSD 8.0 ftpd - off-by one PoC (FreeBSD-SA-10:05) FreeBSD 8.0 ftpd (FreeBSD-SA-10:05) - Off- By One (PoC) Microsoft Windows Vista/Server 2008 - NtUserCheckAccessForIntegrityLevel Use-After-Free Microsoft Windows Vista/2008 - NtUserCheckAccessForIntegrityLevel Use-After-Free AoAAudioExtractor 2.0.0.0 - ActiveX PoC (SEH) AoAAudioExtractor 2.0.0.0 - ActiveX (PoC) (SEH) Mozilla Firefox - Memory Corruption PoC (Simplified) Mozilla Firefox - (Simplified) Memory Corruption (PoC) Microsoft Windows - Win32k Pointer Dereferencement PoC (MS10-098) Microsoft Windows - Win32k Pointer Dereferencement (PoC) (MS10-098) Elecard MPEG Player 5.7 - Local Buffer Overflow PoC (SEH) Elecard MPEG Player 5.7 - Local Buffer Overflow (PoC) (SEH) Microsoft Windows XP - WmiTraceMessageVa Integer Truncation PoC (MS11-011) Microsoft Windows XP - WmiTraceMessageVa Integer Truncation (PoC) (MS11-011) Real player 14.0.2.633 - Buffer Overflow / Denial of ServiceExploit Real player 14.0.2.633 - Buffer Overflow / Denial of Service IrfanView 4.28 - .ICO With Transparent Colour Denial of Service / Remote Denial of Service IrfanView 4.28 - .ICO Without Transparent Colour Denial of Service / Remote Denial of Service IrfanView 4.28 - '.ICO' With Transparent Colour Denial of Service / Remote Denial of Service IrfanView 4.28 - '.ICO' Without Transparent Colour Denial of Service / Remote Denial of Service Microsoft Windows Vista/Server 2008 - 'nsiproxy.sys' Local Kernel Denial of Service Microsoft Windows Vista/2008 - 'nsiproxy.sys' Local Kernel Denial of Service D-Link DSL-2650U - Denial of Service/PoC D-Link DSL-2650U - Denial of Service (PoC) Microsoft Windows - '.fon' Kernel-Mode Buffer Overrun PoC (MS11-077) Microsoft Windows - '.fon' Kernel-Mode Buffer Overrun (PoC) (MS11-077) Opera 11.52 - PoC Denial of Service Opera 11.52 - Denial of Service (PoC) Microsoft Win32k - Null Pointer De-reference PoC (MS11-077) Microsoft Win32k - Null Pointer De-reference (PoC) (MS11-077) Microsoft Windows - 'afd.sys' PoC (MS11-046) Microsoft Windows - 'afd.sys' (PoC) (MS11-046) Microsoft Windows XP - Keyboard Layouts Pool Corruption LPE PoC (MS12-034) Microsoft Windows XP - Keyboard Layouts Pool Corruption LPE (PoC) (MS12-034) Wyse - Machine Remote Power off (DOS) without any Privilege (Metasploit) Wyse - Unauthenticated Machine Remote Power Off )Denial of Service) (Metasploit) Microsoft Windows Server 2000/NT 4.0 - TCP/IP Printing Service Denial of Service Microsoft Windows NT 4/2000 - TCP/IP Printing Service Denial of Service Pure-FTPd 1.0.21 (CentOS 6.2 / Ubuntu 8.04) - Crash PoC (Null Pointer Dereference) Pure-FTPd 1.0.21 (CentOS 6.2 / Ubuntu 8.04) - Null Pointer Dereference Crash (PoC) FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (1) FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (2) FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (3) FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (4) FreeBSD 2.x / HP-UX 9/10/11 / kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (5) FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (1) FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (2) FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (3) FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (4) FreeBSD 2.x / HP-UX 9/10/11 / Kernel 2.0.3 / Windows NT 4.0/Server 2003 / NetBSD 1 - 'land.c' loopback Denial of Service (5) Microsoft Windows Server 2000/NT - Terminal Server Service RDP Denial of Service Microsoft Windows NT / 2000 - Terminal Server Service RDP Denial of Service Microsoft Windows Server 2000/NT 4 - TCP Stack Denial of Service (1) Microsoft Windows Server 2000/NT 4 - TCP Stack Denial of Service (2) Microsoft Windows NT 4/2000 - TCP Stack Denial of Service (1) Microsoft Windows NT 4/2000 - TCP Stack Denial of Service (2) Microsoft Windows Server 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (1) Microsoft Windows Server 2000/NT 4/XP - Network Share Provider SMB Request Buffer Overflow (2) Microsoft Windows XP/2000/NT 4 - Network Share Provider SMB Request Buffer Overflow (1) Microsoft Windows XP/2000/NT 4 - Network Share Provider SMB Request Buffer Overflow (2) Microsoft PoCket Internet Explorer 3.0 - Denial of Service Microsoft Pocket Internet Explorer 3.0 - Denial of Service Microsoft Windows - HWND_BROADCAST PoC (MS13-005) Microsoft Windows - HWND_BROADCAST (PoC) (MS13-005) Boilsoft RM TO MP3 Converter 1.72 - '.wav' Crash PoC Boilsoft RM TO MP3 Converter 1.72 - '.wav' Crash (PoC) Apple Safari 3 for Windows - Document.Location Denial of Service Apple Safari 3 for Windows - 'Document.Location' Denial of Service PotPlayer 1.5.42509 Beta - Denial of Service (Integer Division by Zero Exploit) PotPlayer 1.5.42509 Beta - Integer Division by Zero Denial of Service Apple Safari 3.0.x - for Windows Document.Location.Hash Buffer Overflow Apple Safari 3.0.x for Windows - 'Document.Location.Hash' Buffer Overflow Android Web Browser - GIF File Heap Based Buffer Overflow Google Android Web Browser - '.GIF' File Heap Based Buffer Overflow Android Web Browser - BMP File Integer Overflow Google Android Web Browser - '.BMP' File Integer Overflow Gold MP4 Player 3.3 - Buffer Overflow PoC (SEH) Gold MP4 Player 3.3 - Buffer Overflow (PoC) (SEH) Microsoft Windows Server 2003/Vista - 'UnhookWindowsHookEx' Local Denial of Service Microsoft Windows Vista/2003 - 'UnhookWindowsHookEx' Local Denial of Service Microsoft Internet Explorer 8 / 9 / 10 - CInput Use-After-Free Crash PoC (MS14-035) Microsoft Internet Explorer 8 / 9 / 10 - CInput Use-After-Free Crash (PoC) (MS14-035) Microsoft Internet Explorer 9/10 - CFormElement Use-After-Free and Memory Corruption PoC (MS14-035) Microsoft Internet Explorer 9/10 - CFormElement Use-After-Free and Memory Corruption (PoC) (MS14-035) Microsoft Internet Explorer - Memory Corruption PoC (MS14-029) Microsoft Internet Explorer - Memory Corruption (PoC) (MS14-029) UniPDF 1.1 - Crash (PoC) (SEH) Brasero CD/DVD Burner 3.4.1 - '.m3u' Buffer Overflow Crash (PoC) Microsoft Windows - 'HTTP.sys' PoC (MS15-034) Microsoft Windows - 'HTTP.sys' (PoC) (MS15-034) UniPDF 1.2 - 'xml' Buffer Overflow Crash (PoC) Microsoft Internet Explorer 11 - Crash PoC (2) Microsoft Internet Explorer 11 - Crash (PoC) (2) Apple macOS/IOS 10.12.2(16C67) - mach_msg Heap Overflow Apple macOS/IOS 10.12.2 (16C67) - 'mach_msg' Heap Overflow QNX RTOS 6.3.0 - Insecure rc.local Permissions Plus System Crash QNX RTOS 6.3.0 - Insecure 'rc.local' Permissions System Crash / Privilege Escalation Microsoft Windows - NtClose DeadLock PoC (MS06-030) Microsoft Windows XP/2000 - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030) Microsoft Windows - NtClose DeadLock (PoC) (MS06-030) Microsoft Windows XP/2000 - 'Mrxsmb.sys' Privilege Escalation (PoC) (MS06-030) PHP 5.2.0 / PHP with PECL ZIP 1.8.3 - zip:// URL Wrapper Buffer Overflow PHP 5.2.0 / PHP with PECL ZIP 1.8.3 - 'zip://' URL Wrapper Buffer Overflow Apache Tomcat (Windows) - runtime.getRuntime().exec() Privilege Escalation Apache Tomcat (Windows) - 'runtime.getRuntime().exec()' Privilege Escalation Atomix Virtual Dj Pro 6.0 - Stack Buffer Overflow PoC (SEH) Atomix Virtual Dj Pro 6.0 - Stack Buffer Overflow (PoC) (SEH) Streaming Audio Player 0.9 - (skin) Local Stack Overflow (SEH) Streaming Audio Player 0.9 - 'skin' Local Stack Overflow (SEH) Tuniac 090517c - '.m3u' Local File Crash (PoC) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) (1) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) (1) Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit) (1) Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit) Media Jukebox 8.0.400 - Buffer Overflow (SEH) (Metasploit) Microsoft HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (3) Microsoft HTML Help Workshop 4.74 - '.hhp' Index Buffer Overflow (Metasploit) (3) Microsoft HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (2) Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) (2) Microsoft HTML Help Workshop 4.74 - '.hhp' Cotent Buffer Overflow (Metasploit) (2) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) (2) Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit) (2) Microsoft HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (4) Microsoft HTML Help Workshop 4.74 - '.hhp' compiled Buffer Overflow (Metasploit) (4) Magix Musik Maker 16 - '.mmm' Stack Buffer Overflow (without egg-hunter) (Metasploit) Magix Musik Maker 16 - '.mmm' Stack Buffer Overflow (Without Egg-Hunter) (Metasploit) PHP 5.3.6 - Buffer Overflow PoC (ROP) PHP 5.3.6 - Buffer Overflow (ROP) (PoC) Microsoft Windows Server 2000/NT 4 - DLL Search Path Microsoft Windows NT 4/2000 - DLL Search Path Microsoft Windows Server 2000/NT 4 - NTFS File Hiding Microsoft Windows NT 4/2000 - NTFS File Hiding Microsoft Windows Server 2000/NT 4.0 - Process Handle Local Privilege Elevation Microsoft Windows NT 4/2000 - Process Handle Local Privilege Elevation Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (1) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (2) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (3) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (4) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (5) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (6) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (7) Microsoft Windows Server 2000/NT 4/XP - Window Message Subsystem Design Error (8) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (1) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (2) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (3) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (4) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (5) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (6) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (7) Microsoft Windows XP/2000/NT 4 - Window Message Subsystem Design Error (8) Microsoft Windows Server 2000/NT 4/XP - NetDDE Privilege Escalation (1) Microsoft Windows Server 2000/NT 4/XP - NetDDE Privilege Escalation (2) Microsoft Windows XP/2000/NT 4 - NetDDE Privilege Escalation (1) Microsoft Windows XP/2000/NT 4 - NetDDE Privilege Escalation (2) Microsoft Windows Server 2000/NT 4 - Local Descriptor Table Privilege Escalation (MS04-011) Microsoft Windows NT 4/2000 - Local Descriptor Table Privilege Escalation (MS04-011) Microsoft Windows Server 2000/NT 4 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020) Microsoft Windows NT 4/2000 - POSIX Subsystem Buffer Overflow Privilege Escalation (MS04-020) PHP 4.x/5.0/5.1 with Sendmail Mail Function - additional_parameters Argument Arbitrary File Creation PHP 4.x/5.0/5.1 with Sendmail Mail Function - 'additional_parameters' Argument Arbitrary File Creation Mozilla Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution (Metasploit) Microsoft Windows Server 2003/2008/XP/Vista - WMI Service Isolation Privilege Escalation Microsoft Windows XP/Vista/2003/2008 - WMI Service Isolation Privilege Escalation Adobe Reader for Android - addJavascriptInterface Exploit (Metasploit) Adobe Reader for Android - 'addJavascriptInterface' Exploit (Metasploit) UniPDF 1.1 - Crash PoC (SEH overwritten) Brasero CD/DVD Burner 3.4.1 - 'm3u' Buffer Overflow Crash (PoC) UniPDF 1.2 - 'xml' Buffer Overflow Crash (PoC) Microsoft Windows - 'CNG.SYS' Kernel Security Feature Bypass PoC (MS15-052) Microsoft Windows - 'CNG.SYS' Kernel Security Feature Bypass (PoC) (MS15-052) Android - get_user/put_user Exploit (Metasploit) Google Android - get_user/put_user Exploit (Metasploit) Microsoft Windows 7 < 10 / Server 2008 < 2012 R2 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell) Microsoft Windows 7 < 10 / 2008 < 2012 R2 (x86/x64) - Privilege Escalation (MS16-032) (PowerShell) Microsoft Windows 7 < 10 / Server 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (C#) Microsoft Windows 7 < 10 / 2008 < 2012 (x86/x64) - Privilege Escalation (MS16-032) (C#) Android 4.2 Browser and WebView - 'addJavascriptInterface' Code Execution (Metasploit) Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) (2) Mozilla Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution (Metasploit) Google Android 4.2 Browser and WebView - 'addJavascriptInterface' Code Execution (Metasploit) MOXA MediaDBPlayback - ActiveX Control Buffer Overflow (Metasploit) MOXA Device Manager Tool 2.1 - Buffer Overflow (Metasploit) ProFTPd 1.2.9rc2 - ASCII File Remote Code Execution ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution (1) Veritas Backup Exec - Remote File Access Exploit (Windows) (Metasploit) Novell ZENworks 6.5 - Desktop/Server Management Remote Stack Overflow (Metasploit) MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (1) Novell eDirectory 8.7.3 - iMonitor Remote Stack Overflow (Metasploit) Novell ZENworks 6.5 - Desktop/Server Management Remote Stack Overflow (Metasploit) MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) Novell eDirectory 8.7.3 - iMonitor Remote Stack Overflow (Metasploit) Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow PoC (MS06-005) (2) Microsoft Windows Media Player 7.1 < 10 - BMP Heap Overflow (PoC) (MS06-005) (2) Ultr@VNC 1.0.1 - client Log::ReallyPrint Buffer Overflow Ultr@VNC 1.0.1 - 'client Log::ReallyPrint' Buffer Overflow Sybase EAServer 5.2 - (WebConsole) Remote Stack Overflow (Metasploit) Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit) (1) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (1) Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution ProFTPd 1.2.9 rc2 - ASCII File Remote Code Execution (2) Microsoft Internet Explorer 7 - Arbitrary File Rewrite PoC (MS07-027) Microsoft Internet Explorer 7 - Arbitrary File Rewrite (PoC) (MS07-027) CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit) (1) CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit) ImageStation - 'SonyISUpload.cab 1.0.0.38' ActiveX Buffer Overflow ImageStation - 'SonyISUpload.cab' 1.0.0.38 ActiveX Buffer Overflow IntelliTamper 2.0.7 - (html parser) Remote Buffer Overflow IntelliTamper 2.0.7 - HTML Parser Remote Buffer Overflow Microsoft XML Core Services DTD - Cross-Domain Scripting PoC (MS08-069) Microsoft XML Core Services DTD - Cross-Domain Scripting (PoC) (MS08-069) Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption PoC (MS09-002) Microsoft Internet Explorer 7 (Windows 2003 SP2) - Memory Corruption (PoC) (MS09-002) Apple Mac OSX - Java applet Remote Deserialization Remote PoC (2) Apple Mac OSX - Java applet Remote Deserialization Remote (PoC) (2) Microsoft Windows live messenger plus! fileserver 1.0 - Directory Traversal Microsoft Windows Live Messenger Plus! Fileserver 1.0 - Directory Traversal JetAudio 7.5.3 COWON Media Center - '.wav' Crash DistCC Daemon - Command Execution (Metasploit) (1) DistCC Daemon - Command Execution (Metasploit) Apple QuickTime RTSP 10.4.0 < 10.5.0 (OSX) - Content-Type Overflow (Metasploit) mDNSResponder 10.4.0 / 10.4.8 (OSX) - UPnP Location Overflow (Metasploit) Apple QuickTime RTSP 10.4.0 < 10.5.0 (OSX) - Content-Type Overflow (Metasploit) mDNSResponder 10.4.0 / 10.4.8 (OSX) - UPnP Location Overflow (Metasploit) Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (1) Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) Veritas NetBackup - Remote Command Execution (Metasploit) (1) Veritas NetBackup - Remote Command Execution (Metasploit) Pegasus Mail Client 4.51 - PoC Buffer Overflow Pegasus Mail Client 4.51 - Buffer Overflow (PoC) Irix LPD tagprinter - Command Execution (Metasploit) (1) Irix LPD tagprinter - Command Execution (Metasploit) Xtacacsd 4.1.2 - report() Buffer Overflow (Metasploit) (1) Xtacacsd 4.1.2 - 'report()' Buffer Overflow (Metasploit) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (1) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) (2) Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) Tandberg E & EX & C Series Endpoints - Default Credentials for Root Account Tandberg E & EX & C Series Endpoints - Default Root Account Credentials Wyse Rapport Hagent Fake Hserver - Command Execution (Metasploit) (2) Veritas NetBackup - Remote Command Execution (Metasploit) (2) Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (2) Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (1) D-Link DWL-G132 - Wireless Driver Beacon Rates Overflow (Metasploit) (2) Broadcom Wireless Driver - Probe Response SSID Overflow (Metasploit) (2) CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) (1) CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) MDaemon 8.0.3 - IMAPD CRAM-MD5 Authentication Overflow (Metasploit) (2) Novell iPrint Client - ActiveX Control call-back-url Buffer Overflow (Metasploit) (2) Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) (1) CCProxy 6.2 - Telnet Proxy Ping Overflow (Metasploit) (2) httpdx - tolog() Function Format String (Metasploit) (1) httpdx - 'tolog()' Function Format String (Metasploit) (1) Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit) (1) Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit) httpdx - tolog() Function Format String (Metasploit) (2) httpdx - 'tolog()' Function Format String (Metasploit) (2) Irix LPD tagprinter - Command Execution (Metasploit) (2) Xtacacsd 4.1.2 - report() Buffer Overflow (Metasploit) (2) DistCC Daemon - Command Execution (Metasploit) (2) HP Data Protector Client 6.11 - EXEC_SETUP Remote Code Execution PoC (ZDI-11-056) HP Data Protector Client 6.11 - EXEC_CMD Remote Code Execution PoC (ZDI-11-055) HP Data Protector Client 6.11 - 'EXEC_SETUP' Remote Code Execution (PoC) HP Data Protector Client 6.11 - 'EXEC_CMD' Remote Code Execution (PoC) Mozilla Firefox 3.6.16 - mChannel Use-After-Free (Metasploit) (1) Mozilla Firefox 3.6.16 (Windows) - mChannel Use-After-Free (Metasploit) (1) Opera 10/11 - (bad nesting with frameset tag) Memory Corruption (Metasploit) Opera 10/11 - Bad Nesting with Frameset Tag Memory Corruption (Metasploit) Mozilla Firefox 3.6.16 - mChannel Use-After-Free (Metasploit) (2) Mozilla Firefox 3.6.16 (OSX) - mChannel Use-After-Free (Metasploit) (2) HP SiteScope - Remote Code Execution (Metasploit) (1) HP SiteScope (Linux/Windows) - Remote Code Execution (Metasploit) Microsoft Windows Server 2000/NT 4/XP - Help Facility ActiveX Control Buffer Overflow Microsoft Windows XP/2000/NT 4 - Help Facility ActiveX Control Buffer Overflow Microsoft Windows Server 2000/NT 4 Media Services - 'nsiislog.dll' Remote Buffer Overflow Microsoft Windows NT 4/2000 - Media Services 'nsiislog.dll' Remote Buffer Overflow thttpd 2.2x - defang Remote Buffer Overflow thttpd 2.2x - 'defang' Remote Buffer Overflow Novell ZENworks Configuration Management 10.2.0 - Remote Execution (Metasploit) (2) Novell ZENworks Configuration Management 10 SP3 / 11 SP2 - Remote Execution (Metasploit) Dovecot with Exim - sender_address Parameter Remote Command Execution Dovecot with Exim - 'sender_address' Parameter Remote Command Execution HP SiteScope - Remote Code Execution (Metasploit) (2) HP SiteScope (Windows) - Remote Code Execution (Metasploit) Western Digital Arkeia - Remote Code Execution (Metasploit) (1) Western Digital Arkeia < 10.0.10 - Remote Code Execution (Metasploit) CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit) (2) Mozilla Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution (Metasploit) Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) (1) Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) Western Digital Arkeia - Remote Code Execution (Metasploit) (2) Western Digital Arkeia < 11.0.12 - Remote Code Execution (Metasploit) Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (1) E-Uploader Pro 1.0 - Image Upload with Code Execution E-Uploader Pro 1.0 - Image Upload / Code Execution ASPapp Knowledge Base - 'CatId' Parameter SQL Injection ASPapp Knowledge Base - 'CatId' Parameter SQL Injection (1) ASPapp KnowledgeBase - 'catid' Parameter SQL Injection ASPapp Knowledge Base - 'CatId' Parameter SQL Injection (2) ea-gBook 0.1 - Remote Command Execution with Remote File Inclusion (c99) ea-gBook 0.1 - Remote Command Execution / Remote File Inclusion (c99) Flatchat 3.0 - 'pmscript.php with' Local File Inclusion Flatchat 3.0 - 'pmscript.php' Local File Inclusion Joomla! Component huruhelpdesk - SQL Injection Joomla! Component Huru Helpdesk - SQL Injection (1) PGAUTOPro - SQL Injection / Cross-Site Scripting PGAUTOPro - SQL Injection / Cross-Site Scripting (1) Joomla! Component Huru Helpdesk - SQL Injection Joomla! Component Huru Helpdesk - SQL Injection (2) SoftwareDEP Classified Script 2.5 - SQL Injection SoftwareDEP Classified Script 2.5 - SQL Injection (1) WordPress Plugin pay with tweet 1.1 - Multiple Vulnerabilities WordPress Plugin Pay with Tweet 1.1 - Multiple Vulnerabilities Software DEP Classified Script 2.5 - SQL Injection SoftwareDEP Classified Script 2.5 - SQL Injection (2) Virtual Programming VP-ASP 5.00 - shopexd.asp SQL Injection (1) Virtual Programming VP-ASP 5.00 - shopexd.asp SQL Injection (2) Virtual Programming VP-ASP 5.00 - 'shopexd.asp' SQL Injection (1) Virtual Programming VP-ASP 5.00 - 'shopexd.asp' SQL Injection (2) OnlineArts DailyDose 1.1 - Denial of Servicee.pl Remote Command Execution OnlineArts DailyDose 1.1 - 'dose.pl' Remote Command Execution PHPOpenChat 2.3.4/3.0.1 - PoC_loginform.php phpbb_root_path Parameter Remote File Inclusion PHPOpenChat 2.3.4/3.0.1 - PoC.php Remote File Inclusion PHPOpenChat 2.3.4/3.0.1 - 'poc_loginform.php' phpbb_root_path Parameter Remote File Inclusion PHPOpenChat 2.3.4/3.0.1 - 'poc.php' Remote File Inclusion ActiveNews Manager - 'articleId' Parameter SQL Injection ActiveNews Manager - 'articleId' Parameter SQL Injection (1) Active News Manager - 'articleId' Parameter SQL Injection ActiveNews Manager - 'articleId' Parameter SQL Injection (2) Sagem Fast 3304-V2 - Authentication Bypass Sagem Fast 3304-V2 - Authentication Bypass (1) PG Auto Pro - SQL Injection / Cross-Site Scripting PGAUTOPro - SQL Injection / Cross-Site Scripting (2) Sagem FAST3304-V2 - Authentication Bypass Sagem FAST3304-V2 - Authentication Bypass (2) Trend Micro - Multiple HTTP Problems with CoreServiceShell.exe Trend Micro - 'CoreServiceShell.exe' Multiple HTTP Issues phpATM 1.32 - Arbitrary File Upload / Remote Command Execution (Windows Servers) phpATM 1.32 (Windows) - Arbitrary File Upload / Remote Command Execution Seagate Business NAS - Unauthenticated Remote Command Execution (Metasploit)	2017-04-02 05:01:18 +00:00
Offensive Security	52fd3d8a20	DB: 2017-04-01 2 new exploits Microsoft Windows Server 2003/XP - Samba Share Resource Exhaustion Exploit Microsoft Windows XP/2003 - Samba Share Resource Exhaustion Exploit Microsoft Windows Server 2000/XP - TCP Connection Reset Remote Attack Tool Microsoft Windows XP/2000 - TCP Connection Reset Remote Attack Tool Microsoft Windows Server 2003/XP - Remote Denial of Service Microsoft Windows XP/2003 - Remote Denial of Service Microsoft Windows Server 2003/XP - IPv6 Remote Denial of Service Microsoft Windows XP/2003 - IPv6 Remote Denial of Service Microsoft Windows Server 2003/XP - IGMP v3 Denial of Service (MS06-007) (1) Microsoft Windows XP/2003 - IGMP v3 Denial of Service (MS06-007) (1) Microsoft Windows Server 2003/XP - IGMP v3 Denial of Service (MS06-007) (2) Microsoft Windows XP/2003 - IGMP v3 Denial of Service (MS06-007) (2) Microsoft Windows Server 2000/2003/XP - 'win32k.sys' SfnLOGONNOTIFY Local kernel Denial of Service Microsoft Windows Server 2000/2003/XP - 'win32k.sys' SfnINSTRING Local kernel Denial of Service Microsoft Windows XP/2000/2003 - 'win32k.sys' SfnLOGONNOTIFY Local kernel Denial of Service Microsoft Windows XP/2000/2003 - 'win32k.sys' SfnINSTRING Local kernel Denial of Service Microsoft Windows - cmd.exe Unicode Buffer Overflow (SEH) Microsoft Windows - 'cmd.exe' Unicode Buffer Overflow (SEH) Microsoft Windows Win32k!xxxRealDrawMenuItem() - Missing HBITMAP Bounds Checks Microsoft Windows - Win32k!xxxRealDrawMenuItem() Missing HBITMAP Bounds Checks Microsoft Windows - (IcmpSendEcho2Ex Interrupting) Denial of Service Microsoft Windows - IcmpSendEcho2Ex Interrupting Denial of Service Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Denial of Service (1) Microsoft Windows 95/98 / NT Enterprise Server 4.0 SP5 / NT Terminal Server 4.0 SP4 / NT Workstation 4.0 SP5 - Denial of Service (1) Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Denial of Service (2) Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Denial of Service (3) Microsoft Windows 95/98 / NT Enterprise Server 4.0 SP5 / NT Terminal Server 4.0 SP4 / NT Workstation 4.0 SP5 - Denial of Service (2) Microsoft Windows 95/98 / NT Enterprise Server 4.0 SP5 / NT Terminal Server 4.0 SP4 / NT Workstation 4.0 SP5 - Denial of Service (3) Microsoft Windows Server 2000/XP - GDI Denial of Service Microsoft Windows XP/2000 - GDI Denial of Service Microsoft Windows Help program - 'WinHlp32.exe' Crash (PoC) Microsoft Windows Help Program - 'WinHlp32.exe' Crash (PoC) Microsoft Windows Server 2000/2003/XP - Graphical Device Interface Library Denial of Service Microsoft Windows XP/2000/2003 - Graphical Device Interface Library Denial of Service Microsoft Windows Server 2000/XP - Internet Protocol Validation Remote Code Execution (1) Microsoft Windows XP/2000 - Internet Protocol Validation Remote Code Execution (1) Microsoft Windows Server 2000/2003/XP - MSDTC TIP Denial of Service (MS05-051) Microsoft Windows XP/2000/2003 - MSDTC TIP Denial of Service (MS05-051) Microsoft Windows Server 2000/2003/XP - CreateRemoteThread Local Denial of Service Microsoft Windows XP/2000/2003 - CreateRemoteThread Local Denial of Service Microsoft Windows Server 2000/XP - Registry Access Local Denial of Service Microsoft Windows XP/2000 - Registry Access Local Denial of Service Microsoft Windows XP - cmd.exe Buffer Overflow Microsoft Windows XP - 'cmd.exe' Buffer Overflow Microsoft Windows Explorer - explorer.exe WMV File Handling Denial of Service Microsoft Windows Explorer - 'explorer.exe' .WMV File Handling Denial of Service Microsoft Windows Server 2003/XP - Explorer .WMF File Handling Denial of Service Microsoft Windows XP/2003 - Explorer .WMF File Handling Denial of Service Microsoft Windows Kernel 'win32k.sys' - Integer Overflow (MS13-101) Microsoft Windows Kernel - 'win32k.sys' Integer Overflow (MS13-101) Microsoft Windows Media Player 11 - AVI File Colorspace Conversion Remote Memory Corruption Microsoft Windows Media Player 11 - .AVI File Colorspace Conversion Remote Memory Corruption Microsoft Windows = devenum.dll!DeviceMoniker::Load() Heap Corruption Buffer Underflow (MS16-007) Microsoft Windows - devenum.dll!DeviceMoniker::Load() Heap Corruption Buffer Underflow (MS16-007) Microsoft Windows - (ListBox/ComboBox Control) Local Exploit (MS03-045) Microsoft Windows - ListBox/ComboBox Control Local Exploit (MS03-045) Microsoft Windows Server 2000/XP - Task Scheduler .job Exploit (MS04-022) Microsoft Windows Task Scheduler (Windows XP/2000) - '.job' Exploit (MS04-022) Microsoft Windows - (NtClose DeadLock) PoC (MS06-030) Microsoft Windows Server 2000/XP - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030) Microsoft Windows - NtClose DeadLock PoC (MS06-030) Microsoft Windows XP/2000 - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030) Microsoft Windows Server 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066) Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) (1) Adobe - Doc.media.newPlayer Use-After-Free (Metasploit) (1) Adobe - 'Doc.media.newPlayer' Use-After-Free (Metasploit) (1) Adobe - Collab.getIcon() Buffer Overflow (Metasploit) (1) Adobe - 'Collab.getIcon()' Buffer Overflow (Metasploit) (1) Adobe - Doc.media.newPlayer Use-After-Free (Metasploit) (2) Adobe - 'Doc.media.newPlayer' Use-After-Free (Metasploit) (2) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) (2) Adobe - Collab.getIcon() Buffer Overflow (Metasploit) (2) Adobe - 'Collab.getIcon()' Buffer Overflow (Metasploit) (2) Microsoft Windows Server 2003/XP - 'afd.sys' Privilege Escalation (MS11-080) Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (MS11-080) Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4 / Windows NT 3.5.1/SP1/SP2/SP3/SP4/SP5 - Screensaver Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4 / NT 3.5.1/SP1/SP2/SP3/SP4/SP5 - Screensaver Microsoft Windows Server 2000/2003/XP - Keyboard Event Privilege Escalation Microsoft Windows XP/2000/2003 - Keyboard Event Privilege Escalation Microsoft Windows Server 2003/XP - ReadDirectoryChangesW Information Disclosure Microsoft Windows XP/2003 - ReadDirectoryChangesW Information Disclosure Microsoft Windows Server 2003/XP - RPCSS Service Isolation Privilege Escalation Microsoft Windows XP/2003 - RPCSS Service Isolation Privilege Escalation Microsoft Windows Server 2000/2003/XP - Desktop Wall Paper System Parameter Privilege Escalation Microsoft Windows XP/2000/2003 - Desktop Wall Paper System Parameter Privilege Escalation Microsoft Windows Server 2000/2003/XP/Vista - Double-Free Memory Corruption Privilege Escalation Microsoft Windows XP/Vista/2000/2003 - Double-Free Memory Corruption Privilege Escalation KiTTY Portable 0.65.0.2p (Windows 8.1 / Windows 10) - Local kitty.ini Overflow KiTTY Portable 0.65.0.2p (Windows 8.1/10) - Local kitty.ini Overflow Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) (2) Microsoft Windows Server 2000/XP - 'RPC DCOM' Remote Exploit (MS03-026) Microsoft Windows XP/2000 - 'RPC DCOM' Remote Exploit (MS03-026) Microsoft Windows Server 2000/XP - RPC Remote (Non Exec Memory) Exploit Microsoft Windows Server 2000/XP - Workstation Service Overflow (MS03-049) Microsoft Windows XP/2000 - RPC Remote (Non Exec Memory) Exploit Microsoft Windows XP/2000 - Workstation Service Overflow (MS03-049) Microsoft Windows Messenger Service - Remote Exploit FR (MS03-043) Microsoft Windows Messenger Service (French) - Remote Exploit (MS03-043) Microsoft Windows Server 2000/XP - 'Lsasrv.dll' Remote Universal Exploit (MS04-011) Microsoft Windows XP/2000 - 'Lsasrv.dll' Remote Universal Exploit (MS04-011) Microsoft Windows Server 2003/XP - Metafile Escape() Code Execution (Metasploit) Microsoft Windows XP/2003 - Metafile Escape() Code Execution (Metasploit) eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (2) eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (3) Apple QuickTime 7.2/7.3 (Windows Vista / Windows XP) - RSTP Response Code Execution Apple QuickTime 7.2/7.3 (Windows Vista/XP) - RSTP Response Code Execution Microsoft Windows Server 2003/XP/Vista - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit) Microsoft Windows XP/Vista/2003 - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit) Microsoft IIS4 (Windows NT) - Remote Web-Based Administration Microsoft IIS4 (Windows NT) - Log Avoidance Microsoft IIS 4 (Windows NT) - Remote Web-Based Administration Microsoft IIS 4 (Windows NT) - Log Avoidance Microsoft IIS (Windows NT 4.0/SP1/SP2/SP3/SP4/SP5) - IIS IDC Path Mapping Microsoft IIS (Windows NT 4.0/SP1/SP2/SP3/SP4/SP5) - '.IDC' Path Mapping Microsoft Internet Explorer 4 (Windows 95/Windows NT 4) - Setupctl ActiveX Control Buffer Overflow Microsoft Internet Explorer 4 (Windows 95/NT 4) - Setupctl ActiveX Control Buffer Overflow Microsoft Windows Server 2000 - telnet.exe NTLM Authentication Microsoft Windows Server 2000 - 'telnet.exe' NTLM Authentication Microsoft Windows Server 2000/2003/XP - winhlp32 Phrase Integer Overflow Microsoft Windows Server 2000/2003/XP - winhlp32 Phrase Heap Overflow Microsoft Windows XP/2000/2003 -'winhlp32' Phrase Integer Overflow Microsoft Windows XP/2000/2003 - 'winhlp32' Phrase Heap Overflow Microsoft Windows Server 2000/XP - Internet Protocol Validation Remote Code Execution (2) Microsoft Windows XP/2000 - Internet Protocol Validation Remote Code Execution (2) Microsoft Windows Explorer 2000/2003/XP - Drag and Drop Remote Code Execution Microsoft Windows XP/2000/2003 - Explorer Drag and Drop Remote Code Execution Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) (1) Internet Information Services (IIS) 6.0 WebDAV - 'ScStoragePathFromUrl' Buffer Overflow Microsoft IIS 6.0 - WebDAV 'ScStoragePathFromUrl' Buffer Overflow Windows XP/Vista/Windows 7 - JITed egg-hunter stage-0 Shellcode Adjusted universal Windows XP/Vista/7 - JITed egg-hunter stage-0 Shellcode Adjusted Universal Dosya Yukle Scrtipi 1.0 - Arbitrary File Upload Dosya Yukle Scrtipi (DosyaYukle Scripti) 1.0 - Arbitrary File Upload DosyaYukle Scripti 1.0 - Arbitrary File Upload Splunk Enterprise - Information Disclosure Membership Formula - 'order' Parameter SQL Injection	2017-04-01 05:01:15 +00:00
Offensive Security	6d17bc529d	DB: 2017-03-31 4 new exploits dBpowerAMP Audio Player Release 2 - '.m3u' Buffer Overflow (PoC) dBpowerAMP Audio Player 2 - '.m3u' Buffer Overflow (PoC) Spider Solitaire - Denial of Service (PoC) Spider Solitaire - Denial of Service (PoC) Baby FTP Server 1.24 - Denial of Service Baby FTP Server 1.24 - Denial of Service (1) Baby FTP server 1.24 - Denial of Service Baby FTP server 1.24 - Denial of Service (2) Google Android - Unprotected MSRs in EL1 RKP Privilege Escalation Google Android - Unprotected MSRs in EL1 RKP Privilege Escalation Evostream Media Server 1.7.1 (x64) - Denial of Service Evostream Media Server 1.7.1 (x64) - Denial of Service Cerberus FTP Server 8.0.10.1 - Denial of Service Cerberus FTP Server 8.0.10.1 - Denial of Service Apple macOS/IOS 10.12.2(16C67) - mach_msg Heap Overflow Apache < 2.0.64 / < 2.2.21 mod_setenvif - Integer Overflow Apache < 2.0.64 / < 2.2.21 mod_setenvif - Integer Overflow Solaris 10 sysinfo() - Local Kernel Memory Disclosure Solaris 10 sysinfo() - Local Kernel Memory Disclosure (1) Solaris 10 sysinfo(2) - Local Kernel Memory Disclosure Solaris 10 sysinfo(2) - Local Kernel Memory Disclosure (2) Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) (1) Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail) Capabilities Privilege Escalation(1) Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail 8.10.1) Capabilities Privilege Escalation (2) Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail) Capabilities Privilege Escalation(1) Linux Kernel 2.2.x 2.4.0-test1 (SGI ProPack 1.2/1.3) - (Sendmail 8.10.1) Capabilities Privilege Escalation (2) Linux Kernel 3.13 - (SGID) Privilege Escalation (PoC) Linux Kernel 3.13 - (SGID) Privilege Escalation (PoC) Linux espfix64 - (Nested NMIs Interrupting) Privilege Escalation Linux espfix64 - (Nested NMIs Interrupting) Privilege Escalation Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (2) (MS16-008) Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (1) (MS16-008) Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (MS16-008) (2) Microsoft Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (MS16-008) (1) Forticlient 5.2.3 Windows 10 x64 (Pre Anniversary) - Privilege Escalation Forticlient 5.2.3 Windows 10 x64 (Post Anniversary) - Privilege Escalation Forticlient 5.2.3 (Windows 10 x64 Pre Anniversary) - Privilege Escalation Forticlient 5.2.3 (Windows 10 x64 Post Anniversary) - Privilege Escalation Ubuntu < 15.10 - PT Chown Arbitrary PTs Access Via UserNamespace Privilege Escalation Ubuntu < 15.10 - PT Chown Arbitrary PTs Access Via User Namespace Privilege Escalation Ubuntu 15.04 (Dev) - 'Upstart' Logrotation Privilege Escalation Ubuntu 15.04 (Development) - 'Upstart' Logrotation Privilege Escalation Linux Kernel 2.6.32 (Ubuntu 10.04) - /proc Handling SUID Privilege Escalation Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (1) Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) Microsoft Windows Message Queuing Service - RPC Buffer Overflow (MS07-065) (2) Yahoo! Music Jukebox 2.2 - AddImage() ActiveX Remote Buffer Overflow (1) Yahoo! Music Jukebox 2.2 - 'AddImage()' ActiveX Remote Buffer Overflow (1) dBpowerAMP Audio Player Release 2 - '.m3u' Buffer Overflow dBpowerAMP Audio Player 2 - '.m3u' Buffer Overflow Apache Tomcat < 6.0.18 - utf8 Directory Traversal (1) Apache Tomcat < 6.0.18 - 'utf8' Directory Traversal (PoC) Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Exploit (1) Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray (1) Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray Mozilla Firefox 3.5 - (Font tags) Remote Heap Spray (2) EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (1) Apache Tomcat < 6.0.18 - utf8 Directory Traversal (2) Apache Tomcat < 6.0.18 - 'utf8' Directory Traversal Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner() Remote Code Execution (Metasploit) (2) Samba 2.2.2 < 2.2.6 - nttrans Buffer Overflow (Metasploit) Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (2) EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (2) Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit) Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit) (1) Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit) Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit) (2) D-Link Devices - Unauthenticated Remote Command Execution (Metasploit) (2) D-Link Devices - 'command.php' Unauthenticated Remote Command Execution (Metasploit) D-Link Devices - Unauthenticated Remote Command Execution (Metasploit) (1) D-Link Devices - 'tools_vct.xgi' Unauthenticated Remote Command Execution (Metasploit) Azure Data Expert Ultimate 2.2.16 - Buffer Overflow Azure Data Expert Ultimate 2.2.16 - Buffer Overflow Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (1) Article Script 1.6.3 - 'rss.php' SQL Injection (1) Article Script 1.6.3 - 'rss.php' SQL Injection DBHcms 1.1.4 - Remote File Inclusion DBHcms 1.1.4 - 'code' Remote File Inclusion LaserNet CMS 1.5 - SQL Injection (2) LaserNet CMS 1.5 - SQL Injection Clever Copy 3.0 - 'postview.php' SQL Injection (1) Clever Copy 3.0 - 'postview.php' SQL Injection phpAuction - 'profile.php' SQL Injection phpAuction - 'profile.php' SQL Injection (1) Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection (1) Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection Arctic Issue Tracker 2.0.0 - 'filter' Parameter SQL Injection (2) Matterdaddy Market 1.1 - Multiple SQL Injections (1) Matterdaddy Market 1.1 - 'index.php' Multiple SQL Injections PHPWebGallery 1.3.4 - Blind SQL Injection PHPWebGallery 1.3.4 - Blind SQL Injection (1) PHPWebGallery 1.3.4 - Blind SQL Injection PHPWebGallery 1.3.4 - Blind SQL Injection (2) Zeeways Shaadi Clone 2.0 - Authentication Bypass Zeeways Shaadi Clone 2.0 - Authentication Bypass (1) Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities (1) DBHcms 1.1.4 - Remote File Inclusion DBHcms 1.1.4 - 'dbhcms_core_dir' Remote File Inclusion E-book Store - Multiple Vulnerabilities (1) Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion (1) E-book Store - Multiple Vulnerabilities (2) E-book Store - Multiple Vulnerabilities Classifieds Script - SQL Injection Classifieds Script - 'rate' SQL Injection Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion (2) DBHcms 1.1.4 - SQL Injection DBHcms 1.1.4 - 'dbhcms_pid' SQL Injection LaserNet CMS 1.5 - SQL Injection (1) Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection (2) Article Script 1.6.3 - 'rss.php' SQL Injection (2) Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection Alan Ward A-CART 2.0 - category.asp catcode Parameter SQL Injection (1) Openads (PHPAdsNew) < 2.0.8 - 'lib-remotehost.inc.php' Remote File Inclusion Openads (PHPAdsNew) < 2.0.8 - 'lib-remotehost.inc.php' Remote File Inclusion LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting (1) LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting LiveCart 1.0.1 - 'return' Parameter Cross-Site Scripting (2) Fonality trixbox 2.4.2 - Cross-Site Scripting Fonality trixbox 2.4.2 - Cross-Site Scripting (1) Fonality trixbox 2.4.2 - Cross-Site Scripting (2) Clever Copy 3.0 - 'postview.php' SQL Injection (2) phpAuction - 'profile.php' SQL Injection phpAuction - 'profile.php' SQL Injection (2) Zeeways Shaadi Clone 2.0 - Authentication Bypass Zeeways Shaadi Clone 2.0 - Authentication Bypass (2) DBHcms 1.1.4 - 'dbhcms_core_dir' Parameter Remote File Inclusion Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities Portili Personal and Team Wiki 1.14 - Multiple Vulnerabilities (2) Matterdaddy Market 1.1 - Multiple SQL Injections (2) Matterdaddy Market 1.1 - 'cat_name' Multiple SQL Injections WordPress Plugin WP Private Messages 1.0.1 - SQL Injection WordPress Plugin WP Private Messages 1.0.1 - SQL Injection (1) Huawei Flybox B660 - Cross-Site Request Forgery Huawei Flybox B660 - Cross-Site Request Forgery (1) Huawei Flybox B660 - Cross-Site Request Forgery Huawei Flybox B660 - Cross-Site Request Forgery (2) Classifieds Script - SQL Injection Classifieds Script - 'term' SQL Injection WordPress Plugin WP Private Messages 1.0.1 - SQL Injection WordPress Plugin WP Private Messages 1.0.1 - SQL Injection (2)	2017-03-31 05:01:16 +00:00
Offensive Security	8e03027ae5	DB: 2017-03-30 18 new exploits FUSE fusermount Tool - Race Condition Linux Kernel (Ubuntu 11.10/12.04) - binfmt_script Stack Data Disclosure Apache 2.2 - Scoreboard Invalid Free On Shutdown Apache < 2.0.64 / < 2.2.21 mod_setenvif - Integer Overflow FUSE fusermount Tool - Race Condition Ubuntu < 15.10 - PT Chown Arbitrary PTs Access Via UserNamespace Privilege Escalation AUFS (Ubuntu 15.10) - 'allow_userns' Fuse/Xattr User Namespaces Privilege Escalation Ubuntu 14.04/15.10 - User Namespace Overlayfs Xattr Setgid Privilege Escalation Ubuntu 15.10 - 'USERNS ' Overlayfs Over Fuse Privilege Escalation NTP - Privilege Escalation Ubuntu 15.04 (Dev) - 'Upstart' Logrotation Privilege Escalation Vm86 - Syscall Task Switch Kernel Panic / Privilege Escalation Disk Sorter Enterprise 9.5.12 - 'Import Command' Buffer Overflow DiskBoss Enterprise 7.8.16 - 'Import Command' Buffer Overflow Sync Breeze Enterprise 9.5.16 - 'Import Command' Buffer Overflow Sync Breeze Enterprise 9.5.16 - 'GET' Buffer Overflow (SEH) Linux/x86 - execve(/bin/sh_) Shellcode (19 bytes) Just Dial Clone Script - 'fid' SQL Injection Just Dial Clone Script - 'fid' Parameter SQL Injection Just Dial Clone Script - 'srch' SQL Injection Just Dial Clone Script - 'srch' Parameter SQL Injection Opensource Classified Ads Script - 'keyword' Parameter SQL Injection EyesOfNetwork (EON) 5.1 - SQL Injection	2017-03-30 05:01:15 +00:00
Offensive Security	8f7e041fcc	DB: 2017-03-29 6 new exploits MikroTik RouterBoard 6.38.5 - Denial of Service VX Search Enterprise 9.5.12 - 'Verify Email' Buffer Overflow Microsoft Outlook - HTML Email Denial of Service Intermec PM43 Industrial Printer - Privilege Escalation DzSoft PHP Editor 4.2.7 - File Enumeration Linux/x86-64 - execve(_/bin/sh_) Shellcode (21 Bytes)	2017-03-29 05:01:19 +00:00
Offensive Security	1f8c35c0c0	DB: 2017-03-28 25 new exploits Samba < 3.6.2 (x86) - Denial of Serviec (PoC) Samba < 3.6.2 (x86) - Denial of Service (PoC) Microsoft Visual Studio 2015 update 3 - Denial of Service Disk Sorter Enterprise 9.5.12 - Local Buffer Overflow Apple Safari - 'DateTimeFormat.format' Type Confusion Apple Safari - Builtin JavaScript Allows Function.caller to be Used in Strict Mode Apple Safari - Out-of-Bounds Read when Calling Bound Function QNAP QTS < 4.2.4 - Domain Privilege Escalation Internet Information Services (IIS) 6.0 WebDAV - 'ScStoragePathFromUrl' Buffer Overflow Samba 4.5.2 - Symlink Race Permits Opening Files Outside Share Directory Github Enterprise - Default Session Secret And Deserialization (Metasploit) B2B Alibaba Clone Script - SQL Injection B2B Alibaba Clone Script - 'IndustryID' Parameter SQL Injection Just Another Video Script 1.4.3 - SQL Injection Adult Tube Video Script - SQL Injection Alibaba Clone Script - SQL Injection B2B Marketplace Script 2.0 - SQL Injection Php Real Estate Property Script - SQL Injection Courier Tracking Software 6.0 - SQL Injection Parcel Delivery Booking Script 1.0 - SQL Injection Delux Same Day Delivery Script 1.0 - SQL Injection Hotel Booking Script 1.0 - SQL Injection Tour Package Booking 1.0 - SQL Injection Professional Bus Booking Script - 'hid_Busid' Parameter SQL Injection CouponPHP CMS 3.1 - 'code' Parameter SQL Injection EyesOfNetwork (EON) 5.0 - Remote Code Execution EyesOfNetwork (EON) 5.0 - SQL Injection Nuxeo 6.0 / 7.1 / 7.2 / 7.3 - Remote Code Execution (Metasploit) inoERP 0.6.1 - Cross-Site Scripting / Cross-Site Request Forgery / SQL Injection / Session Fixation	2017-03-28 05:01:16 +00:00
Offensive Security	d2c8c83204	DB: 2017-03-27 1 new exploits Linux/x86 - Reverse /bin/bash Shellcode (110 bytes)	2017-03-27 05:01:17 +00:00
Offensive Security	f3bbe1df4c	DB: 2017-03-26 2 new exploits Forticlient 5.2.3 Windows 10 x64 (Pre Anniversary) - Privilege Escalation Forticlient 5.2.3 Windows 10 x64 (Post Anniversary) - Privilege Escalation	2017-03-26 05:01:16 +00:00
Offensive Security	570f8aec26	DB: 2017-03-25 6 new exploits wifirxpower - Local Buffer Overflow Miele Professional PG 8528 - Directory Traversal NETGEAR WNR2000v5 - (Un)authenticated hidden_lang_avi Stack Overflow (Metasploit) Logsign 4.4.2 / 4.4.137 - Remote Command Injection (Metasploit) Gr8 Tutorial Script - SQL Injection Gr8 Gallery Script - SQL Injection	2017-03-25 05:01:17 +00:00
Offensive Security	3ad96f313d	DB: 2017-03-24 39 new exploits Android 4.2 Browser and WebView - 'addJavascriptInterface' Code Execution (Metasploit) Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) Mozilla Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution (Metasploit) Mozilla Firefox < 17.0.1 - Flash Privileged Code Injection (Metasploit) Sun Java Web Start Plugin - Command Line Argument Injection (Metasploit) Malwarebytes Anti-Malware < 2.0.3 / Anti-Exploit < 1.03.1.1220 - Update Remote Code Execution (Metasploit) Microsoft Silverlight - ScriptObject Unsafe Memory Access (MS13-022/MS13-087) (Metasploit) EMC Replication Manager < 5.3 - Command Execution (Metasploit) MOXA MediaDBPlayback - ActiveX Control Buffer Overflow (Metasploit) Microsoft Office - OLE Multiple DLL Side Loading Vulnerabilities (MS15-132/MS16-014/MS16-025/MS16-041/MS16-070) (Metasploit) CA Arcserve D2D - GWT RPC Credential Information Disclosure (Metasploit) Lenovo System Update - Privilege Escalation (Metasploit) Firebird - Relational Database CNCT Group Number Buffer Overflow (Metasploit) HP Intelligent Management Center < 5.0 E0102 - UAM Buffer Overflow (Metasploit) VMware Host Guest Client Redirector - DLL Side Loading (Metasploit) CADA 3S CoDeSys Gateway Server - Directory Traversal (Metasploit) MOXA Device Manager Tool 2.1 - Buffer Overflow (Metasploit) SysGauge 1.5.18 - SMTP Validation Buffer Overflow (Metasploit) Ceragon FibeAir IP-10 - SSH Private Key Exposure (Metasploit) ExaGrid - Known SSH Key and Default Password (Metasploit) GIT 1.8.5.6 / 1.9.5 / 2.0.5 / 2.1.4/ 2.2.1 & Mercurial < 3.2.3 - Multiple Vulnerabilities (Metasploit) Ruby on Rails 4.0.x / 4.1.x / 4.2.x (Web Console v2) - Whitelist Bypass Code Execution (Metasploit) Apache Struts < 1.3.10 / < 2.3.16.2 - ClassLoader Manipulation Remote Code Execution (Metasploit) Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) SSH - User Code Execution (Metasploit) Redmine SCM Repository - Arbitrary Command Execution (Metasploit) Linux/x86 - Bind Shell Shellcode (42 bytes) Linux/x86 - Bind Shell Shellcode (44 bytes) Joomla! Component Modern Booking 1.0 - 'coupon' Parameter SQL Injection Flippa Clone - SQL Injection Centreon < 2.5.1 / Centreon Enterprise Server < 2.2 - SQL Injection / Command Injection (Metasploit) D-Link/TRENDnet - NCC Service Command Injection (Metasploit) Seagate Business NAS - Unauthenticated Remote Command Execution (Metasploit) MantisBT 1.2.0a3 < 1.2.17 - XmlImportExport Plugin PHP Code Injection (Metasploit) OP5 5.3.5 / 5.4.0 / 5.4.2 / 5.5.0 / 5.5.1 - 'license.php' Remote Command Execution (Metasploit) OP5 5.3.5 / 5.4.0 / 5.4.2 / 5.5.0 / 5.5.1 - 'welcome' Remote Command Execution (Metasploit) PHPMailer < 5.2.19 - Sendmail Argument Injection (Metasploit) SysAid Help Desk Administrator Portal < 14.4 - Arbitrary File Upload (Metasploit) WordPress Plugin Ninja Forms 2.9.36 < 2.9.42 - Unauthenticated File Upload (Metasploit) SixApart MovableType < 5.2.12 - Storable Perl Code Execution (Metasploit) WordPress Theme Holding Pattern - Arbitrary File Upload (Metasploit) Distinct TFTP 3.10 - Writable Directory Traversal Execution (Metasploit)	2017-03-24 05:01:16 +00:00
Offensive Security	8b5b662af9	DB: 2017-03-23 8 new exploits SpyCamLizard 1.230 - Denial of Service APNGDis 2.8 - 'chunk size descriptor' Heap Buffer Overflow APNGDis 2.8 - 'image width / height chunk' Heap Buffer Overflow APNGDis 2.8 - 'filename' Stack Buffer Overflow Disk Sorter Enterprise 9.5.12 - 'GET' Buffer Overflow (SEH) SysGauge 1.5.18 - SMTP Validation Buffer Overflow (Metasploit) GLink Word Link Script 1.2.3 - SQL Injection Solare Datensysteme Solar-Log Devices 2.8.4-56 / 3.5.2-85 - Multiple Vulnerabilities	2017-03-23 05:01:16 +00:00
Offensive Security	93635f1158	DB: 2017-03-22 1 new exploits Joomla! Component Extra Search 2.2.8 - 'establename' Parameter SQL Injection	2017-03-22 05:01:16 +00:00
Offensive Security	07432556e0	DB: 2017-03-21 26 new exploits FTPShell Client 6.53 - Local Buffer Overflow FTPShell Client 6.53 - 'Session name' Local Buffer Overflow FTPShell Server 6.56 - 'ChangePassword' Buffer Overflow ExtraPuTTY 0.29-RC2 - Denial of Service Google Nest Cam 5.2.1  - Buffer Overflow Conditions Over Bluetooth LE Microsoft Windows Kernel - Registry Hive Loading Crashes in nt!nt!HvpGetBinMemAlloc and nt!ExpFindAndRemoveTagBigPages (MS17-017) Microsoft Windows - Uniscribe Font Processing Out-of-Bounds Read in usp10!otlChainRuleSetTable::rule (MS17-011) Microsoft Windows - 'USP10!otlList::insertAt' Uniscribe Font Processing Heap-Based Buffer Overflow (MS17-011) Microsoft Windows - Uniscribe Font Processing Heap-Based Out-of-Bounds Read/Write in 'USP10!AssignGlyphTypes' (MS17-011) Microsoft Windows - Uniscribe Font Processing Heap-Based Memory Corruption in 'USP10!otlCacheManager::GlyphsSubstituted' (MS17-011) Microsoft Windows - Uniscribe Font Processing Heap-Based Memory Corruption in 'USP10!MergeLigRecords' (MS17-011) Microsoft Windows - Uniscribe Font Processing Heap-Based Buffer Overflow in 'USP10!ttoGetTableData' (MS17-011) Microsoft Windows - Uniscribe Font Processing Heap-Based Out-of-Bounds Write in 'USP10!UpdateGlyphFlags' (MS17-011) Microsoft Windows - Uniscribe Font Processing Heap-Based Memory Corruption Around 'USP10!BuildFSM' (MS17-011) Microsoft Windows - Uniscribe Font Processing Buffer Overflow in 'USP10!FillAlternatesList' (MS17-011) Microsoft Windows - Uniscribe Font Processing Multiple Heap-Based Out-of-Bounds and Wild Reads (MS17-011) Microsoft GDI+ - 'gdiplus!GetRECTSForPlayback' Out-of-Bounds Read (MS17-013) Microsoft Color Management Module 'icm32.dll' - 'icm32!Fill_ushort_ELUTs_from_lut16Tag' Out-of-Bounds Read (MS17-013) Microsoft Windows - Uniscribe Heap-Based Out-of-Bounds Read in 'USP10!ScriptApplyLogicalWidth' Triggered via EMF (MS17-013) Microsoft Color Management Module 'icm32.dll' - 'icm32!LHCalc3toX_Di16_Do16_Lut8_G32' Out-of-Bounds Read (MS17-013) Mozilla Firefox - 'table' Use-After-Free Microsoft Internet Explorer - 'textarea.defaultValue' Memory Disclosure (MS17-006) HttpServer 1.0 - Directory Traversal Cobbler 2.8.0 - Authenticated Remote Code Execution Joomla! Component JooCart 2.x - 'product_id' Parameter SQL Injection Joomla! Component jCart for OpenCart 2.0 - 'product_id' Parameter SQL Injection phplist 3.2.6 - SQL Injection D-Link DGS-1510 - Multiple Vulnerabilities	2017-03-21 05:01:17 +00:00
Offensive Security	e3778e5508	DB: 2017-03-20 5 new exploits Linux/x86 - Bind Shell Shellcode (51 bytes) Linux/x86 - Bind Shell Shellcode (42 bytes) Linux/x86 - File Reader Shellcode (54 Bytes) iFdate Social Dating Script 2.0 - SQL Injection DIGISOL DG-HR1400 1.00.02 Wireless Router - Privilege Escalation Omegle Clone - SQL Injection Secure Download Links - 'dc' Parameter SQL Injection	2017-03-20 05:01:17 +00:00
Offensive Security	4da96605a4	DB: 2017-03-18 8 new exploits Cerberus FTP Server 8.0.10.3 - 'MLST' Buffer Overflow FTPShell Client 6.53 - Local Buffer Overflow Linux/x86 - Encoded exceve(_/bin/sh_) Shellcode (44 Bytes) Linux/x86 - Bind Shell Shellcode (51 bytes) Wordpress Plugin Membership Simplified 1.58 - Arbitrary File Download AXIS Communications - Cross-Site Scripting / Content Injection AXIS Multiple Products - Cross-Site Request Forgery Departmental Store Management System 1.2 - SQL Injection	2017-03-18 05:01:24 +00:00
g0tmi1k	5b8d706b7d	Merge pull request #81 from g0tmi1k/searchsploit Remove leading slash on path results & add manual references in	2017-03-17 10:56:15 +00:00
g0tmi1k	19f77d26f4	Remove leading slash on path results & add manual references in	2017-03-17 10:55:36 +00:00
g0tmi1k	641870e4f7	Merge pull request #79 from x42en/master Detailed JSON output	2017-03-17 09:25:01 +00:00
Offensive Security	c51cc48e0e	DB: 2017-03-17 2 new exploits Microsoft Edge 38.14393.0.0 - JavaScript Engine Use-After-Free Windows DVD Maker 6.1.7 - XML External Entity Injection	2017-03-17 05:01:19 +00:00
Ben Mz	0c1feefa49	show more detailed results with JSON output	2017-03-17 00:57:20 +01:00
Offensive Security	66117c63f5	DB: 2017-03-16 16 new exploits Adobe Flash - Metadata Parsing Out-of-Bounds Read Adobe Flash - MovieClip Attach init Object Use-After-Free Adobe Flash - ATF Thumbnailing Heap Overflow Adobe Flash - ATF Planar Decompression Heap Overflow Adobe Flash - AVC Header Slicing Heap Overflow Microsoft Windows - 'LoadUvsTable()' Heap-based Buffer Overflow USBPcap - Privilege Escalation USBPcap 1.1.0.0 (WireShark 2.2.5) - Privilege Escalation PCAUSA Rawether (ASUS PCE-AC56 WLAN Card Utilities Windows 10 x64) - Local Privilege Escalation Microsoft Windows - COM Session Moniker Privilege Escalation (MS17-012) Cisco Firepower Management Console 6.0 - Post Authentication UserAdd Cisco Firepower Management Console 6.0 - Post Authentication UserAdd (Metasploit) IBM WebSphere - RCE Java Deserialization (Metasploit) Apache Struts Jakarta - Multipart Parser OGNL Injection (Metasploit) Joomla! Component Vik Appointments 1.5 - SQL Injection Joomla! Component Vik Rent Items 1.3 - SQL Injection Joomla! Component Vik Rent Car 1.11 - SQL Injection GitHub Enterprise 2.8.0 < 2.8.6 - Remote Code Execution Steam Profile Integration 2.0.11 - SQL injection Sitecore CMS 8.1 Update-3 - Cross-Site Scripting	2017-03-16 05:01:20 +00:00
g0tmi1k	c321071567	Merge pull request #74 from rofl0r/patch-1 make searchploit work with non-gnu grep	2017-03-15 13:44:28 +00:00
Offensive Security	c7382d10cd	DB: 2017-03-15 4 new exploits MikroTik Router - ARP Table OverFlow Denial Of Service Netgear R7000 and R6400 - cgi-bin Command Injection (Metasploit) Netgear R7000 and R6400 - 'cgi-bin' Command Injection (Metasploit) D-Link DI-524 - Cross-Site Request Forgery Joomla! Component Simple Membership 3.3.3 - 'userId' Parameter SQL Injection Joomla! Component Advertisement Board 3.0.4 - 'id' Parameter SQL Injection	2017-03-15 05:01:18 +00:00
Offensive Security	8359f0a6a2	DB: 2017-03-14 5 new exploits Cerberus FTP Server 8.0.10.1 - Denial of Service VirtualBox - Cooperating VMs can Escape from Shared Folder Netgear R7000 and R6400 - cgi-bin Command Injection (Metasploit) Car Workshop System - SQL Injection Fiyo CMS 2.0.6.1 - Privilege Escalation	2017-03-14 05:01:18 +00:00
Offensive Security	d36dc6b95d	DB: 2017-03-12 14 new exploits MobaXterm Personal Edition 9.4 - Directory Traversal Windows x86 - Hide Console Window Shellcode (182 bytes) e107 <= 2.1.4 - 'keyword' Blind SQL Injection Domain Marketplace Script - SQL Injection Global In - SQL Injection Global In - Arbitrary File Upload Vanelo - SQL Injection Mirage - SQL Injection Pet Listing Script 3.0 - SQL Injection Property Listing Script 3.1 - SQL Injection Travel Tours Script 2.0 - SQL Injection Yacht Listing Script 2.0 - SQL Injection Yellow Pages Script 3.2 - 'category_id' Parameter SQL Injection PHP Forum Script 3.0 - SQL Injection	2017-03-12 05:01:18 +00:00
Offensive Security	f2327bc214	DB: 2017-03-11 5 new exploits Price Comparison Script 2017.1.8 - SQL Injection Clickbank Affiliate Marketplace Script 2017 - SQL Injection Kinsey Infor/Lawson / ESBUS - SQL Injection WatchGuard XTMv 11.12 Build 516911 - User Management Cross-Site Request Forgery dnaLIMS DNA Sequencing - Directory Traversal / Session Hijacking / Cross-Site Scripting	2017-03-11 05:01:19 +00:00
Offensive Security	6e7ec5be32	DB: 2017-03-10 20 new exploits Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 - Denial of Service Apache Struts2 - Skill Name Remote Code Execution Apache Struts 2 - Skill Name Remote Code Execution Linux - Reverse Shell Shellcode (65 bytes) Linux/x86 - SELinux Permissive Mode Switcher Shellcode (45 bytes) Linux - TCP Reverse Shell Shellcode (65 bytes) Linux/x86 - SELinux Permissive Mode Switcher Shellcode (45 bytes) Windows x86 - Executable Directory Search Shellcode (130 bytes) Apache Struts2 < 2.3.1 - Multiple Vulnerabilities Apache Struts 2 < 2.3.1 - Multiple Vulnerabilities Country on Sale Script - SQL Injection Media Search Engine Script - 'search' Parameter SQL Injection Soundify 1.1 - 'tid' Parameter SQL Injection BistroStays 3.0 - 'guests' Parameter SQL Injection Nlance 2.2 - SQL Injection Busewe 1.2 - SQL Injection Fashmark 1.2 - 'category' Parameter SQL Injection TradeMart 1.1 - SQL Injection Drupal 7.x Module Services - Remote Code Execution WordPress Plugin Mac Photo Gallery 3.0 - Arbitrary File Download WordPress Plugin Apptha Slider Gallery 1.0 - SQL Injection WordPress Plugin Apptha Slider Gallery 1.0 - Arbitrary File Download WordPress Plugin PICA Photo Gallery 1.0 - SQL Injection Apache Struts 2.3.5 < 2.3.31 / 2.5 < 2.5.10 - Remote Code Execution ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Cross-Site Scripting ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Session Stealing ASUSWRT RT-AC53 (3.0.0.4.380.6038) - Remote Code Execution FTP Voyager Scheduler 16.2.0 - Cross-Site Request Forgery	2017-03-10 05:01:18 +00:00
Offensive Security	06a7933be4	DB: 2017-03-09 8 new exploits USBPcap - Privilege Escalation Linux - Reverse Shell Shellcode (66 bytes) Linux - Reverse Shell Shellcode (65 bytes) Themeforest Clone Script - SQL Injection Graphicriver Clone Script - SQL Injection Codecanyon Clone Script - SQL Injection Audiojungle Clone Script - SQL Injection Videohive Clone Script - SQL Injection Envato Clone Script - SQL Injection Navetti PricePoint 4.6.0.0 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery	2017-03-09 05:01:19 +00:00
Offensive Security	6883068111	DB: 2017-03-08 5 new exploits Evostream Media Server 1.7.1 (x64) - Denial of Service Azure Data Expert Ultimate 2.2.16 - Buffer Overflow Mini CMS 1.1 - 'name' Parameter SQL Injection Daily Deals Script 1.0 - 'id' Parameter SQL Injection Bull/IBM AIX Clusterwatch/Watchware - Multiple Vulnerabilities	2017-03-08 05:01:19 +00:00
Offensive Security	9aef664a7e	DB: 2017-03-07 31 new exploits iSQL 1.0 - isql_main.c Buffer Overflow (PoC) iSQL 1.0 - 'isql_main.c' Buffer Overflow (PoC) Memcached 1.4.33 - 'Crash' PoC Memcached 1.4.33 - 'Add' PoC Memcached 1.4.33 - 'sasl' PoC Memcached 1.4.33 - 'Crash' (PoC) Memcached 1.4.33 - 'Add' (PoC) Memcached 1.4.33 - 'sasl' (PoC) Windows 10 (x86/x64) WLAN AutoConfig - Denial of Service (POC) Windows 10 (x86/x64) WLAN AutoConfig - Denial of Service (PoC) Microsoft Windows gdi32.dll - EMR_SETDIBITSTODEVICE Heap-Based Out-of-Bounds Reads / Memory Disclosure Microsoft Windows - 'gdi32.dll' EMR_SETDIBITSTODEVICE Heap-Based Out-of-Bounds Reads / Memory Disclosure Microsoft Office PowerPoint 2010 GDI - 'GDI32!ConvertDxArray' Insufficient Bounds Check Microsoft Office PowerPoint 2010 - GDI 'GDI32!ConvertDxArray' Insufficient Bounds Check Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free PoC Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free (PoC) Conext ComBox 865-1058 - Denial of Service Microsoft Internet Explorer 11 (Windows 10) - VBScript Memory Corruption Proof-of-Concept Exploit (MS16-051) Microsoft Internet Explorer 11 (Windows 10) - VBScript Memory Corruption (PoC) (MS16-051) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition PoC (Write Access) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition (PoC) (Write Access) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' PTRACE_POKEDATA Race Condition PoC (Write Access) Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' PTRACE_POKEDATA Race Condition (PoC) (Write Access) CyberGhost 6.0.4.2205 - Privilege Escalation FTPShell Client 6.53 - Buffer Overflow Linux/x86-64 - /bin/sh Shellcode Linux/x86-64 - /bin/sh Shellcode (34 bytes) Linux/x86-64 - Reverse Shell Shellcode Linux/x86-64 - Reverse Shell Shellcode (134 bytes) Linux/x86-64 - XOR Encode execve Shellcode Linux/x86-64 - XOR Encode execve Shellcode (84 bytes) Linux/x86_64 - Bind 5600 TCP Port - Shellcode (87 bytes) Linux/x86_64 - execve /bin/sh Shellcode (22 bytes) Linux/x86-64 - Bind 5600 TCP Port - Shellcode (87 bytes) Linux/x86-64 - execve /bin/sh Shellcode (22 bytes) Linux/x86_64 - Random Listener Shellcode (54 bytes) Linux/x86-64 - Random Listener Shellcode (54 bytes) Wordpress < 4.7.1 - Username Enumeration WordPress < 4.7.1 - Username Enumeration Advanced Bus Booking Script 2.04 - SQL Injection Entrepreneur Bus Booking Script 3.03 - 'hid_Busid' Parameter SQL Injection Single Theater Booking Script - 'newsid' Parameter SQL Injection Responsive Events & Movie Ticket Booking Script - SQL Injection Online Cinema and Event Booking Script 2.01 - 'newsid' Parameter SQL Injection Redbus Clone Script 3.05 - 'hid_Busid' Parameter SQL Injection Groupon Clone Script 3.01 - 'catid' Parameter SQL Injection Naukri Clone Script 3.02 - 'type' Parameter SQL Injection Yellow Pages Clone Script 1.3.4 - SQL Injection Advanced Matrimonial Script 2.0.3 - SQL Injection Advanced Real Estate Script 4.0.6 - SQL Injection PHP Classifieds Rental Script 3.6.0 - 'scatid' Parameter SQL Injection Entrepreneur B2B Script 2.0.4 - 'id' Parameter SQL Injection PHP Matrimonial Script 3.0 - SQL Injection MLM Binary Plan Script 2.0.5 - SQL Injection MLM Forced Matrix 2.0.7 - SQL Injection MLM Forex Market Plan Script 2.0.1 - SQL Injection MLM Membership Plan Script 2.0.5 - SQL Injection Multireligion Responsive Matrimonial Script 4.7.1 - SQL Injection Network Community Script 3.0.2 - SQL Injection PHP B2B Script 3.05 - SQL Injection Responsive Matrimonial Script 4.0.1 - SQL Injection Schools Alert Management Script 2.01 - 'list_id' Parameter SQL Injection Select Your College Script 2.01 - SQL Injection Social Network Script 3.01 - 'id' Parameter SQL Injection Website Broker Script 3.02 - 'view' Parameter SQL Injection WordPress Multiple Plugins - Arbitrary File Upload Deluge Web UI 1.3.13 - Cross-Site Request Forgery	2017-03-07 05:01:20 +00:00
Offensive Security	4811e36301	DB: 2017-03-06 9 new exploits Linux/x86-64 - Polymorphic Flush IPTables Shellcode (47 bytes) Linux/x86-64 - NetCat Reverse Shell Shellcode (72 bytes) Linux/x86-64 - Polymorphic NetCat Reverse Shell Shellcode (106 bytes) Joomla! Component com_jumi - (fileid) Blind SQL Injection Joomla! Component Jumi - 'fileid' Parameter Blind SQL Injection EPSON TMNet WebConfig 1.00 - Cross-Site Scripting Joomla! Component JUX EventOn 1.0.1 - 'id' Parameter SQL Injection Joomla! Component Monthly Archive 3.6.4 - 'author_form' Parameter SQL Injection Joomla! Component AYS Quiz 1.0 - 'id' Parameter SQL Injection Joomla! Component Content ConstructionKit 1.1 - SQL Injection Joomla! Component AltaUserPoints 1.1 - 'userid' Parameter SQL Injection	2017-03-06 05:01:18 +00:00
Offensive Security	d3106003d4	DB: 2017-03-04 5 new exploits Linux/x86-64 - Polymorphic Setuid(0) & Execve(/bin/sh) Shellcode (31 bytes) Wordpress < 4.7.1 - Username Enumeration NetGain Enterprise Manager 7.2.562 - 'Ping' Command Injection Joomla! Component Coupon 3.5 - SQL Injection pfSense 2.3.2 - Cross-Site Scripting / Cross-Site Request Forgery	2017-03-04 05:01:19 +00:00
Offensive Security	a3ee969c7d	DB: 2017-03-03 5 new exploits Php Classified OLX Clone Script - 'category' Parameter SQL Injection Joomla! Component Abstract 2.1 - SQL Injection Joomla! Component StreetGuessr Game 1.0 - SQL Injection Joomla! Component Guesser 1.0.4 - 'type' Parameter SQL Injection Joomla! Component Recipe Manager 2.2 - 'id' Parameter SQL Injection	2017-03-03 05:01:17 +00:00

1 2 3 4 5 ...

1255 commits