![]() 10 new exploits FreeBSD 6.1 /dev/crypto - Local Kernel Denial of Service FreeBSD 6.1 - '/dev/crypto' Local Kernel Denial of Service NetBSD FTPd / Tnftpd - Remote Stack Overflow (PoC) NetBSD - 'FTPd / Tnftpd' Remote Stack Overflow (PoC) FreeBSD 6/8 - ata device Local Denial of Service FreeBSD 6/8 - ata Device Local Denial of Service FreeBSD 7.2 - pecoff executable Local Denial of Service FreeBSD 7.2 - 'pecoff' Local Denial of Service FreeBSD / OpenBSD 'ftpd' - Null Pointer Dereference Denial of Service FreeBSD / OpenBSD - 'ftpd' Null Pointer Dereference Denial of Service FreeBSD 8.0 ftpd (FreeBSD-SA-10:05) - Off-By-One (PoC) FreeBSD 8.0 - 'ftpd' (FreeBSD-SA-10:05) Off-By-One (PoC) FreeBSD Kernel - 'mountnfs()' Exploit FreeBSD - 'mountnfs()' Exploit FreeBSD 8.1/7.3 - vm.pmap Kernel Local Race Condition FreeBSD 8.1/7.3 - 'vm.pmap' Local Race Condition Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service BSD/Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service FreeBSD 3.0/3.1/3.2 vfs_cache - Denial of Service FreeBSD 3.0/3.1/3.2 - 'vfs_cache' Denial of Service FreeBSD Kernel - SCTP Remote NULL Ptr Dereference Denial of Service FreeBSD - SCTP Remote NULL Ptr Dereference Denial of Service OpenBSD 3.3/3.4 sysctl - Local Denial of Service OpenBSD 3.3/3.4 - 'sysctl' Local Denial of Service FreeBSD 9.1 ftpd - Remote Denial of Service FreeBSD 9.1 - 'ftpd' Remote Denial of Service FreeBSD 6.0/6.1 Ftrucante - Local Denial of Service FreeBSD 6.0/6.1 - Ftrucante Local Denial of Service NetBSD 3.1 FTPd / Tnftpd - Port Remote Buffer Overflow NetBSD 3.1 - 'FTPd / Tnftpd' Port Remote Buffer Overflow Multiple BSD Distributions - 'strfmon()' Integer Overflow BSD (Multiple Distributions) - 'strfmon()' Integer Overflow Multiple BSD Distributions - 'gdtoa/misc.c' Memory Corruption BSD (Multiple Distributions) - 'gdtoa/misc.c' Memory Corruption Multiple BSD Distributions - 'printf(3)' Memory Corruption BSD (Multiple Distributions) - 'printf(3)' Memory Corruption FreeBSD Kernel - Multiple Vulnerabilities FreeBSD - Multiple Vulnerabilities FreeBSD 10.2 Kernel (x64) - 'amd64_set_ldt' Heap Overflow FreeBSD 10.2 (x64) - 'amd64_set_ldt' Heap Overflow ArGoSoft Mini Mail Server 1.0.0.2 - Denial of Service FreeBSD 3.5.1/4.2 - ports package xklock Privilege Escalation FreeBSD 3.5.1/4.2 - Ports Package elvrec Privilege Escalation FreeBSD 3.5.1/4.2 - Ports Package 'xklock' Privilege Escalation FreeBSD 3.5.1/4.2 - Ports Package 'elvrec' Privilege Escalation OpenBSD ftp - Exploit OpenBSD - 'ftp' Exploit FreeBSD /usr/bin/top - Format String FreeBSD - '/usr/bin/top' Format String FreeBSD 4.x / < 5.4 - master.passwd Disclosure FreeBSD 4.x / < 5.4 - 'master.passwd' Disclosure FreeBSD mcweject 0.9 (eject) - Buffer Overflow Privilege Escalation FreeBSD mcweject 0.9 'Eject' - Buffer Overflow Privilege Escalation Oracle 10g - CTX_DOC.MARKUP SQL Injection Oracle 10g - 'CTX_DOC.MARKUP' SQL Injection FreeBSD 6x/7 protosw Kernel - Privilege Escalation FreeBSD 6x/7 - 'protosw' Privilege Escalation FreeBSD 7.0-RELEASE Telnet Daemon - Privilege Escalation FreeBSD 7.0-RELEASE - Telnet Daemon Privilege Escalation FreeBSD 7.0/7.1 - 'ktimer' Kernel Privilege Escalation FreeBSD 7.0/7.1 - 'ktimer' Privilege Escalation FreeBSD 7.0/7.1 vfs.usermount - Privilege Escalation FreeBSD 7.0/7.1 - 'vfs.usermount' Privilege Escalation Multiple BSD Distributions - 'setusercontext()' Vulnerabilities BSD (Multiple Distributions) - 'setusercontext()' Vulnerabilities FreeBSD Kernel - 'nfs_mount()' Exploit FreeBSD - 'nfs_mount()' Exploit FreeBSD 5.4-RELEASE ftpd 6.00LS - sendfile kernel mem-leak Exploit FreeBSD 5.4-RELEASE ftpd 6.00LS - 'sendfile' Memory Leak Exploit Sun Solaris 7.0 sdtcm_convert - Exploit Sun Solaris 7.0 - 'sdtcm_convert' Exploit BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - libXt library Exploit (1) BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - libXt library Exploit (2) BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - libXt library Exploit (3) BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - rlogin Exploit BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Exploit (1) BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Exploit (2) BSD/OS 2.1 / Caldera UnixWare 7/7.1.0 / FreeBSD 1.1.5.1/2.0 / HP HP-UX 10.34 / IBM AIX 4.2 / SGI IRIX 6.3 / SunOS 4.1.4 - 'libXt Library' Exploit (3) BSD/OS 2.1 / DG/UX 4.0 / Debian 0.93 / Digital UNIX 4.0 B / FreeBSD 2.1.5 / HP-UX 10.34 / IBM AIX 4.1.5 / NetBSD 1.0/1.1 / NeXTstep 4.0 / SGI IRIX 6.3 / SunOS 4.1.4 - 'rlogin' Exploit NetBSD 1.3.2 / SGI IRIX 6.5.1 at(1) - Exploit NetBSD 1.3.2 / SGI IRIX 6.5.1 - 'at(1)' Exploit Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E. 6.1 - Lsof Buffer Overflow (1) Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E. 6.1 - Lsof Buffer Overflow (2) Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E. 6.1 - 'Lsof' Buffer Overflow (1) Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E. 6.1 - 'Lsof' Buffer Overflow (2) BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - lpr Buffer Overrun (1) BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - lpr Buffer Overrun (2) BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - 'lpr' Buffer Overrun (1) BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - 'lpr' Buffer Overrun (2) BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon Exploit FreeBSD 3.3 gdc - Buffer Overflow FreeBSD 3.3 gdc - Symlink Exploit FreeBSD 3.3 - Seyon setgid dialer FreeBSD 3.3 xmindpath - Buffer Overflow FreeBSD 3.3 angband - Buffer Overflow FreeBSD 3.3 - 'gdc' Buffer Overflow FreeBSD 3.3 - 'gdc' Symlink Exploit FreeBSD 3.3 - Seyon setgid Dialer FreeBSD 3.3 - 'xmindpath' Buffer Overflow FreeBSD 3.3 - 'angband' Buffer Overflow FreeBSD 3.0/3.1/3.2/3.3/3.4 Asmon/Ascpu - Exploit FreeBSD 3.0/3.1/3.2/3.3/3.4 - 'Asmon'/'Ascpu' Exploit BSD mailx 8.1.1-10 - Buffer Overflow (1) BSD mailx 8.1.1-10 - Buffer Overflow (2) BSD 'mailx' 8.1.1-10 - Buffer Overflow (1) BSD 'mailx' 8.1.1-10 - Buffer Overflow (2) OpenBSD 2.x - fstat Format String OpenBSD 2.x - 'fstat' Format String BSD lpr 0.54 -4 - Arbitrary Command Execution BSD 'lpr' 0.54 -4 - Arbitrary Command Execution FreeBSD 3.5/4.x /usr/bin/top - Format String FreeBSD 3.5/4.x - '/usr/bin/top' Format String Apple Mac OSX 10.x / FreeBSD 4.x / OpenBSD 2.x / Solaris 2.5/2.6/7.0/8 - exec C Library Standard I/O File Descriptor Closure Apple Mac OSX 10.x / FreeBSD 4.x / OpenBSD 2.x / Solaris 2.5/2.6/7.0/8 - 'exec C Library' Standard I/O File Descriptor Closure BSD lpr 2000.05.07/0.48/0.72 / lpr-ppd 0.72 - Local Buffer Overflow (2) BSD lpr 2000.05.07/0.48/0.72 / lpr-ppd 0.72 - Local Buffer Overflow (1) BSD 'lpr' 2000.05.07/0.48/0.72 / lpr-ppd 0.72 - Local Buffer Overflow (2) BSD 'lpr' 2000.05.07/0.48/0.72 / lpr-ppd 0.72 - Local Buffer Overflow (1) BSD Kernel - SHMAT System Call Privilege Escalation BSD - SHMAT System Call Privilege Escalation Linux Kernel < 3.8.x - open-time Capability file_ns_capable() Privilege Escalation Linux Kernel < 3.8.x - open-time Capability 'file_ns_capable()' Privilege Escalation FreeBSD 9.0 < 9.1 mmap/ptrace - Privilege Escalation FreeBSD 9.0 < 9.1 - 'mmap/ptrace' Privilege Escalation NetBSD mail.local(8) - Privilege Escalation (Metasploit) NetBSD - 'mail.local(8)' Privilege Escalation (Metasploit) OpenBSD 3.9/4.0 - ld.so Local Environment Variable Clearing OpenBSD 3.9/4.0 - 'ld.so' Local Environment Variable Clearing FreeBSD 7.1 libc - Berkley DB Interface Uninitialized Memory Local Information Disclosure FreeBSD 7.1 - libc Berkley DB Interface Uninitialized Memory Local Information Disclosure Apple Mac OSX 10.10 - DYLD_PRINT_TO_FILE Privilege Escalation Apple Mac OSX 10.10 - 'DYLD_PRINT_TO_FILE' Privilege Escalation Apple Mac OSX 10.10.5 - XNU Privilege Escalation Apple Mac OSX 10.10.5 - 'XNU' Privilege Escalation Apple Mac OSX 10.9.5/10.10.5 - rsh/libmalloc Privilege Escalation Apple Mac OSX 10.9.5/10.10.5 - 'rsh/libmalloc' Privilege Escalation Apple Mac OSX 10.9.5/10.10.5 - rsh/libmalloc Privilege Escalation (Metasploit) Apple Mac OSX 10.9.5/10.10.5 - 'rsh/libmalloc' Privilege Escalation (Metasploit) NetBSD mail.local(8) - Privilege Escalation (NetBSD-SA2016-006) NetBSD - 'mail.local(8)' Privilege Escalation Linux Kernel 4.8.0-41-generic (Ubuntu) - Packet Socket Local Privilege Escalation Linux Kernel 3.11 < 4.8 0 - 'SO_SNDBUFFORCE' & 'SO_RCVBUFFORCE' Local Privilege Escalation Linux Kernel 3.x (Ubuntu 14.04 / Mint 17.3 / Fedora 22) - Double-free usb-midi SMEP Local Privilege Escalation Linux Kernel 4.8.0-41-generic (Ubuntu) - Packet Socket Privilege Escalation Linux Kernel 3.11 < 4.8 0 - 'SO_SNDBUFFORCE' / 'SO_RCVBUFFORCE' Privilege Escalation Linux Kernel 3.x (Ubuntu 14.04 / Mint 17.3 / Fedora 22) - Double-free usb-midi SMEP Privilege Escalation Linux Kernel (Debian 7/8/9/10 / Fedora 23/24/25 / CentOS 5.3/5.11/6.0/6.8/7.2.1511) - 'ldso_hwcap Stack Clash' Local Privilege Escalation Linux Kernel (Debian 7.7/8.5/9.0 / Ubuntu 14.04.2/16.04.2/17.04 / Fedora 22/25 / CentOS 7.3.1611) - 'ldso_hwcap_64 Stack Clash' Local Privilege Escalation Linux Kernel (Debian 9/10 / Ubuntu 14.04.5/16.04.2/17.04 / Fedora 23/24/25) - 'ldso_dynamic Stack Clash' Local Privilege Escalation Linux Kernel (Debian 7/8/9/10 / Fedora 23/24/25 / CentOS 5.3/5.11/6.0/6.8/7.2.1511) - 'ldso_hwcap Stack Clash' Privilege Escalation Linux Kernel (Debian 7.7/8.5/9.0 / Ubuntu 14.04.2/16.04.2/17.04 / Fedora 22/25 / CentOS 7.3.1611) - 'ldso_hwcap_64 Stack Clash' Privilege Escalation Linux Kernel (Debian 9/10 / Ubuntu 14.04.5/16.04.2/17.04 / Fedora 23/24/25) - 'ldso_dynamic Stack Clash' Privilege Escalation Linux Kernel 4.14.0-rc4+ - 'waitid()' Privilege Escalation BSD TelnetD - Remote Command Execution (1) BSD - 'TelnetD' Remote Command Execution (1) ftpd / ProFTPd (FreeBSD) - Remote Command Execution FreeBSD - 'ftpd / ProFTPd' Remote Command Execution FreeBSD Telnet Service - Encryption Key ID Buffer Overflow (Metasploit) FreeBSD - Telnet Service Encryption Key ID Buffer Overflow (Metasploit) BSD 4.2 fingerd - Buffer Overflow BSD 4.2 - 'fingerd' Buffer Overflow BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - amd Buffer Overflow (1) BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - amd Buffer Overflow (2) BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - 'amd' Buffer Overflow (1) BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - 'amd' Buffer Overflow (2) BSD TelnetD - Remote Command Execution (2) BSD - 'TelnetD' Remote Command Execution (2) FreeBSD 3.x/4.x - ipfw Filtering Evasion FreeBSD 3.x/4.x - 'ipfw' Filtering Evasion FreeBSD 2.2-4.2 / NetBSD 1.2-4.5 / OpenBSD 2.x FTPd - 'glob()' Buffer Overflow FreeBSD 4.2-stable FTPd - 'glob()' Buffer Overflow Vulnerabilities FreeBSD 2.2-4.2 / NetBSD 1.2-4.5 / OpenBSD 2.x - FTPd 'glob()' Buffer Overflow FreeBSD 4.2-stable - FTPd 'glob()' Buffer Overflow Vulnerabilities Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - TelnetD Buffer Overflow Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - 'TelnetD' Buffer Overflow NetBSD 1.x TalkD - User Validation NetBSD 1.x - 'TalkD' User Validation tnftp - clientside BSD Exploit tnftp (FreeBSD 8/9/10) - 'tnftp' Client Eide Exploit Ayukov NFTP FTP Client < 2.0 - Buffer Overflow Unitrends UEB 9 - http api/storage Remote Root (Metasploit) Unitrends UEB 9 - bpserverd Authentication Bypass Remote Command Execution (Metasploit) Polycom - Command Shell Authorization Bypass (Metasploit) Joomla! Component Photo Blog alpha 3 - alpha 3a SQL Injection Joomla! Component Photo Blog alpha 3 < alpha 3a - SQL Injection cPanel 10.9 - dosetmytheme 'theme' Cross-Site Scripting cPanel 10.9 - 'dosetmytheme?theme' Cross-Site Scripting Korean GHBoard - Component/upload.jsp Unspecified Arbitrary File Upload Korean GHBoard - 'Component/upload.jsp' Unspecified Arbitrary File Upload TP-Link TL-MR3220 - Cross-Site Scripting Logitech Media Server - Cross-Site Scripting CometChat < 6.2.0 BETA 1 - Local File Inclusion Kaltura < 13.1.0 - Remote Code Execution |
||
---|---|---|
.. | ||
dos | ||
local | ||
remote | ||
shellcode | ||
webapps |