Exploit Database

Exploit Database - ┌vod  1  2  3  4  5

PoslednÝ aktualizace v 06.07.2017 15:23:47

 

"Ra1NX" PHP Bot pubcall Authentication Bypass Remote Code Execution
.NET Framework EncoderParameter Integer Overflow Vulnerability
.Net Framework Execute Native x86 Shellcode 
.Net Framework Tilde Character DoS
.NET Remoting Services Remote Command Execution 
.NET Runtime Optimization Service Privilege Escalation Exploit 0day
[Hebrew] Digital Whisper Security Magazine #39
[Raspberry Pi] Linux/ARM - execve("/bin/sh", [0], [0 vars]) - 30 bytes
[Raspberry Pi] Linux/ARM - chmod("/etc/shadow", 0777) - 41 bytes
[Raspberry Pi] Linux/ARM - reverse_shell(tcp,10.1.1.2,0x1337)
[Spanish] Hashcat Manual de Usuario
[Turkish] Pen-Tester's Guide for Metasploit Framework
1 Click Audio Converter 2.3.6 - Activex Buffer Overflow 
1 Click Extract Audio 2.3.6 - Activex Buffer Overflow 
15 TOTOLINK Router Models - Multiple RCE Vulnerabilities 
2X ApplicationServer 10.1 TuxSystem Class ActiveX Control Remote File Overwrite Vulnerability
2X Client for RDP 10.1.1204 ClientSystem Class ActiveX Control Download and Execute Vulnerability
4 TOTOLINK Router Models - Backdoor Credentials 
4 TOTOLINK Router Models - CSRF and XSS Vulnerabilities 
4digits 1.1.4 - Local Buffer Overflow 
4Images 1.7.13 - SQL Injection 
4PSA VoipNow Professional 2.5.3 Multiple Vulnerabilities
7-Technologies IGSS 9.00.00.11059 Multiple Vulnerabilities
8 TOTOLINK Router Models - Backdoor and RCE 
A Short Guide on ARM Exploitation
A10 Networks Loadbalancer - Directory Traversal
A10 Networks Loadbalancer - Directory Traversal 
Aanval 7.1 build 70151 - Multiple Vulnerabilities
Aanval 7.1 build 70151 - Multiple Vulnerabilities 
AB Banner Exchange (index.php page) Local File Inclusion
ABB MicroSCADA wserver.exe Remote Code Execution
ABB MicroSCADA wserver.exe Remote Code Execution 
ABBS Audio Media Player 3.0 .lst Buffer Overflow Exploit (SEH)
ABBS Audio Media Player Buffer Overflow Exploit (M3U/LST)
ABBS Electronic Flash Cards 2.1 .fcd Buffer Overflow Exploit
Ability FTP Server 2.1.4 - Admin Panel AUTHCODE Command Remote DoS 
Ability FTP Server 2.1.4 - afsmain.exe USER Command Remote DoS 
Ability Mail Server 2013 - Password Reset CSRF from Stored XSS (Web UI)
Ability Mail Server 2013 - Password Reset CSRF from Stored XSS (Web UI) 
ACal 2.2.6 (example.php, view param) - Local File Inclusion Vulneberality
ACal 2.2.6 (example.php, view param) - Local File Inclusion Vulneberality 
Acal calendar 2.2.6 CSRF Vulnerability
Accellion File Transfer Appliance MPIPE2 Command Execution
Accellion FTA getStatus verify_oauth_token Command Execution 
Acoustica Pianissimo 1.0 Build 12 (Registration ID) Buffer Overflow PoC 
Acrobat Reader DC 15.008.20082.15957 - PDF Parsing Memory Corruption Vulnerability 
ActFax 4.31 Local Privilege Escalation Exploit
ActFax 5.01 RAW Server Exploit
ActFax Server (LPD/LPR) Remote Buffer Overflow Exploit
ActFax Server FTP Remote BOF (post auth)
ACTi ASOC 2200 Web Configurator <= v2.6 Remote Root Command Execution
actiTIME 2015.2 - Multiple Vulnerabilities 
ActiveState Perl.exe x64 Client 5.20.2 - Crash PoC 
ActualAnalyzer 'ant' Cookie Command Execution
ActualAnalyzer 'ant' Cookie Command Execution 
ActualAnalyzer Lite 2.81 - Unauthenticated Command Execution 
Acunetix 8 build 20120704 - Remote Stack Based Overflow
Acunetix 8 build 20120704 - Remote Stack Based Overflow 
Acunetix WP Security Plugin 3.0.3 - XSS 
Acunetix WVS 10 - Local Privilege escalation
Acunetix WVS 10 - Local Privilege escalation 
Acunetix WVS 10 - Remote Command Execution (System) 
Ad Manager Pro Multiple Vulnerabilities
Ad Manager Pro v. 4 LFI
ADAN Neuronlabs (view.php ) SQL Injection Vulnerability
AdaptCMS 2.0.4 (config.php, question parameter) SQL Injection Vulnerability
AdaptCMS 3.0.3 - Multiple Vulnerabilities 
Adem 0.5.1 - Local File Inclusion 
ADH-Web Server IP-Cameras - Multiple Vulnerabilities 
Admidio 2.3.5 Multiple Vulnerabilities
AdminStudio LaunchHelp.dll ActiveX Arbitrary Code Execution
Adobe Animate 15.2.1.95 - Memory Corruption 
Adobe ColdFusion - Directory Traversal'
Adobe ColdFusion < 11 Update 10 - XML External Entity Injection 
Adobe ColdFusion 9 - Administrative Login Bypass
Adobe ColdFusion 9 - Administrative Login Bypass 
Adobe ColdFusion 9 Administrative Login Bypass
Adobe ColdFusion 9 Administrative Login Bypass 
Adobe Connect 9.5.7 - Cross-Site Scripting 
Adobe Digital Editions <= 4.5.0 - .pdf Critical Memory Corruption 
Adobe Flash - addProperty Use-After-Free 
Adobe Flash - BitmapData.copyPixels Use-After-Free 
Adobe Flash - Color.setTransform Use-After-Free 
Adobe Flash - Crash When Freeing Memory After AVC decoding 
Adobe Flash - Heap Overflow in ATF Processing (Image Reading) 
Adobe Flash - JXR Processing Out-of-Bounds Read 
Adobe Flash - Method Calls Use-After-Free 
Adobe Flash - MovieClip Transform Getter Use-After-Free 
Adobe Flash - MovieClip.duplicateMovieClip Use-After-Free 
Adobe Flash - MP4 File Stack Corruption 
Adobe Flash - Object.unwatch Use-After-Free Exploit 
Adobe Flash - Out-of-Bounds Read when Placing Object 
Adobe Flash - Overflow in Processing Raw 565 Textures 
Adobe Flash - Selection.setFocus Use-After-Free 
Adobe Flash - SetNative Use-After-Free 
Adobe Flash - Shape Rendering Crash 
Adobe Flash - SimpleButton Creation Type Confusion 
Adobe Flash - Sprite Creation Use-After-Free 
Adobe Flash - Stage.align Setter Use-After-Free 
Adobe Flash - TextField.maxChars Use-After-Free 
Adobe Flash - Transform.colorTranform Getter Info Leak 
Adobe Flash - Type Confusion in FileReference Constructor 
Adobe Flash - Uninitialized Stack Parameter Access in AsBroadcaster.broadcastMessage UaF Fix 
Adobe Flash - Uninitialized Stack Parameter Access in MovieClip.swapDepths UaF Fix 
Adobe Flash - Uninitialized Stack Parameter Access in Object.unwatch UaF Fix 
Adobe Flash - URLStream.readObject Use-After-Free 
Adobe Flash - Use-After-Free When Rendering Displays From Multiple Scripts 
Adobe Flash - Use-After-Free When Returning Rectangle 
Adobe Flash - Use-After-Free When Setting Stage 
Adobe Flash - Video Decompression Memory Corruption 
Adobe Flash - Zlib Codec Heap Overflow 
Adobe Flash BlurFilter Processing - Out-of-Bounds Memset 
Adobe Flash GradientFill - Use-After-Frees 
Adobe Flash IExternalizable.writeExternal - Type Confusion 
Adobe Flash MovieClip.lineStyle - Use-After-Frees 
Adobe Flash opaqueBackground Use After Free 
Adobe Flash Out-of-Bounds Memory Read While Parsing a Mutated SWF File 
Adobe Flash Out-of-Bounds Memory Read While Parsing a Mutated SWF File (2) 
Adobe Flash Out-of-Bounds Memory Read While Parsing a Mutated TTF File Embedded in SWF 
Adobe Flash Player 11.3 Font Parsing Code Execution
Adobe Flash Player 23.0.0.162 - '.SWF' ConstantPool Critical Memory Corruption 
Adobe Flash Player 24.0.0.186 - 'ActionGetURL2' Out-of-Bounds Memory Corruption 
Adobe Flash Player AVM Bytecode Verification
Adobe Flash Player AVM Verification Logic Array Indexing Code Execution
Adobe Flash Player Drawing Fill Shader Memory Corruption 
Adobe Flash Player Integer Underflow Remote Code Execution
Adobe Flash Player Regular Expression Heap Overflow
Adobe Flash Player Regular Expression Heap Overflow 
Adobe Flash Player Shader Buffer Overflow
Adobe Flash Player ShaderJob Buffer Overflow 
Adobe Flash TextField.antiAliasType Setter - Use-After-Free 
Adobe Flash TextField.gridFitType Setter - Use-After-Free 
Adobe Flash Type Confusion in IExternalizable.readExternal When Performing Local Serialization 
Adobe Flash Type Confusion in Serialization with ObjectEncoder.dynamicPropertyWriter 
Adobe Flash Use-After-Free in XML.childNodes 
Adobe Flash Use-After-Free When Setting Value 
Adobe Flash Use-After-Free When Setting Variable 
Adobe Illustrator CS5.5 Memory Corruption Exploit
Adobe Photoshop 12.1 Tiff Parsing Use-After-Free
Adobe Photoshop CC & Bridge CC IFF File Parsing Memory Corruption 
Adobe Photoshop CC & Bridge CC PNG File Parsing Memory Corruption 
Adobe Photoshop CC & Bridge CC PNG File Parsing Memory Corruption 2 
Adobe Photoshop CS5.1 U3D.8BI Collada Asset Elements Stack Overflow
Adobe Reader 10.1.4 Crash PoC
Adobe Reader for Android 11.1.3 - Arbitrary JavaScript Execution
Adobe Reader for Android 11.1.3 - Arbitrary JavaScript Execution 
Adobe Reader for Android addJavascriptInterface Exploit
Adobe Reader for Android addJavascriptInterface Exploit 
AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass
AdobeWorkgroupHelper 2.8.3.3 - Stack Based Buffer Overflow 
Adult Webmaster PHP - Password Disclosure
Adult Webmaster PHP - Password Disclosure 
Adult Webmaster Script Password Disclosure Vulnerability
Advance MLM Script - SQL Injection 
Advanced Desktop Locker 6.0.0 - Lock Screen Bypass 
Advanced Electron Forum 1.0.9 - CSRF Vulnerabilities 
Advanced Electron Forum 1.0.9 - Persistent XSS Vulnerabilities 
Advanced Electron Forum 1.0.9 - RFI / CSRF Vulnerability 
Advantech EKI-6340 Command Injection
Advantech Switch Bash Environment Variable Code Injection (Shellshock) 
Advantech WebAccess 8.0, 3.4.3 ActiveX - Multiple Vulnerabilities 
Advantech WebAccess dvs.ocx GetColor Buffer Overflow 
Advantech WebAccess HMI/SCADA Software Persistence XSS Vulnerability
Advertise With Pleasure! (AWP) 6.6 - SQL Injection Vulnerability 
AfterLogic Mailsuite Pro (VMware Appliance) 6.3 Stored XSS
AfterLogic Pro and Lite 7.1.1.1 - Stored XSS
AfterLogic Pro and Lite 7.1.1.1 - Stored XSS 
Agnitum Outpost Internet Security Local Privilege Escalation
Agnitum Outpost Internet Security Local Privilege Escalation 
Agnitum Outpost Security Suite 8.1 - Privilege Escalation
Agora-Project 2.12.11 Arbitrary File Upload Vulnerability
Achat v0.150 beta7 Buffer Overflow 
Achievo 1.4.5 Multiple Vulnerabilities
AIOCP 1.4.001 CSRF Vulnerability
Air Disk Wireless 1.9 iPad iPhone - Multiple Vulnerabilities
Air Drive Plus 2.4 - Arbitrary File Upload Vulnerability 
Air Files v2.6 for iPhone / iPod touch, Directory Traversal
Air Transfer Iphone 1.3.9 - Multiple Vulnerabilities 
Airlive IP Cameras - Multiple Vulnerabilities
Airlock WAF 4.2.4 Overlong UTF-8 Sequence Bypass
Airmail 3.0.2 - Cross-Site Scripting 
AirOS 6.x - Arbitrary File Upload 
airVisionNVR 1.1.13 readfile() Disclosure and SQL Injection
AIX 7.1 - lquerylv Local Privilege Escalation 
Ajaxel CMS 8.0 - Multiple Vulnerabilities 
AjaXplorer 1.0 - Multiple Vulnerabilities
AjaXplorer 1.0 - Multiple Vulnerabilities 
AjaXplorer checkInstall.php Remote Command Execution
AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection 
Aladdin Knowledge System Ltd - PrivAgent.ocx ChooseFilePath BOF
Aladdin Knowledge System Ltd ChooseFilePath Buffer Overflow
Aladdin Knowledge Systems Ltd. PrivAgent ActiveX Control Overflow
Aladdin Knowledge Systems Ltd. PrivAgent ActiveX Control Overflow 
ALCASAR <= 2.8.1 - Remote Root Code Execution Vulnerability
ALCASAR <= 2.8.1 - Remote Root Code Execution Vulnerability 
ALCASAR 2.8 Remote Root Code Execution Vulnerability 
Alcassoft's SOPHIA CMS SQL Injection Vulnerability
Alcatel Lucent Omnivista 8770 - Remote Code Execution 
Alcatel-Lucent OmniSwitch - CSRF Vulnerability 
AlegroCart 1.2.8 - LFI/RFI Vulnerability 
AlegroCart 1.2.8 - Multiple SQL Injection Vulnerabilities 
Alibaba Clone B2B Script - Admin Authentication Bypass 
Alibaba Clone Tritanium Version (news_desc.html) - SQL Injection Vulnerability
Alibaba Clone Tritanium Version (news_desc.html) - SQL Injection Vulnerability 
AlienVault 4.3.1 - Unauthenticated SQL Injection 
AlienVault OSSIM 3.1 Reflected XSS and Blind SQL Injection
AlienVault OSSIM 4.1.2 - Multiple SQL Injection Vulnerabilities
AlienVault OSSIM av-centerd Command Injection
AlienVault OSSIM av-centerd Command Injection 
Alienvault OSSIM Open Source SIEM 4.1 Multiple SQL Vulnerabilities
AlienVault OSSIM SQL Injection and Remote Code Execution
Alienvault OSSIM/USM 5.3.1 - Persistent Cross-Site Scripting 
Alienvault OSSIM/USM 5.3.1 - PHP Object Injection 
Alienvault OSSIM/USM 5.3.1 - SQL Injection 
All In One Wordpress Firewall 3.8.3 - Persistent XSS Vulnerability
All In One Wordpress Firewall 3.8.3 - Persistent XSS Vulnerability 
All Windows Null-Free Shellcode - Functional Keylogger to File - 601 (0x0259) bytes 
Allied Telesis AT-MCF2000M 3.0.2 Gaining Root Shell Access
Allied Telesyn TFTP Server 1.9 Long Filename Overflow
ALLMediaServer 0.8 Buffer Overflow
ALLPlayer 5.6.2 (.m3u) - Local Buffer Overflow (SEH/Unicode)
ALLPlayer 5.6.2 (.m3u) - Local Buffer Overflow (SEH/Unicode) 
ALLPlayer 5.6.2 (.m3u) - Local Buffer Overflow PoC
ALLPlayer 5.6.2 (.m3u) - Local Buffer Overflow PoC 
ALLPlayer 5.8.1 - (.m3u file) Buffer Overflow (SEH)
ALLPlayer 5.8.1 - (.m3u file) Buffer Overflow (SEH) 
ALLPlayer M3U Buffer Overflow
ALLPlayer M3U Buffer Overflow 
AllReader 1.0 iOS - Multiple Vulnerabilities
AllReader 1.0 iOS - Multiple Vulnerabilities 
AllWebMenus < 1.1.9 WordPress Menu Plugin Arbitrary File Upload
Allwin URLDownloadToFile + WinExec + ExitProcess Shellcode
Allwinner 3.4 Legacy Kernel - Local Privilege Escalation (Metasploit) 
Aloaha Credential Provider Monitor 5.0.226 Local Privilege Escalation Vulnerability
Aloaha PDF Crypter (3.5.0.1164) ActiveX Arbitrary File Overwrite
Alpha Networks ADSL2/2+ Wireless Router ASL-26555 Password Disclosure
Alreader 2.5 .fb2 - SEH Based Stack Overflow (ASLR and DEP bypass) 
Alternate Pic View 2.150 - .pgm Crash PoC 
Alt-N MDaemon Free 12.5.4 Stored XSS
Amanda <= 3.3.1 - amstar Command Injection Local Root 
Amanda <= 3.3.1 - Local Root Exploit 
Ametys CMS 3.5.2 - (lang parameter) XPath Injection Vulnerability
Ametys CMS 3.5.2 - (lang parameter) XPath Injection Vulnerability 
Ammyy Admin 3.2 - Authentication Bypass
Ammyy Admin 3.2 - Authentication Bypass 
aMSN 0.98.9 Web App - Multiple Vulnerabilities
Android - 'BadKernel' Remote Code Execution 
Android - Binder Generic ASLR Leak 
Android - get_user/put_user Exploit (Metasploit) 
Android - getpidcon Usage binder Service Replacement Race Condition 
Android - 'gpsOneXtra' Data Files Denial of Service 
Android - ih264d_process_intra_mb Memory Corruption 
Android - IMemory Native Interface is Insecure for IPC Use 
Android - Insufficient Binder Message Verification Pointer Leak 
Android - Inter-Process munmap with User-Controlled Size in android.graphics.Bitmap 
Android - IOMX getConfig/getParameter Information Disclosure 
Android - IOMXNodeInstance::enableNativeBuffers Unchecked Index 
Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow 
Android 1.x/2.x Local Root Exploit
Android 2.0 ,2.1, 2.1.1 WebKit Use-After-Free Exploit
Android 5.0 <= 5.1.1 - Stagefright .MP4 tx3g Integer Overflow (Metasploit) 
Android ADB Debug Server Remote Payload Execution 
Android Broadcom Wi-Fi Driver - Memory Corruption 
Android Browser and WebView addJavascriptInterface Code Execution
Android Browser and WebView addJavascriptInterface Code Execution 
Android FTPServer 1.9.0 Remote DoS
Android libstagefright - Integer Overflow Remote Code Execution 
Android One mt_wifi IOCTL_GET_STRUCT Privilege Escalation 
Android sensord Local Root Exploit
Android Shellcode Telnetd with Parameters 
Android Stagefright - Remote Code Execution 
Android WAPPushManager - SQL Injection
Android WAPPushManager - SQL Injection 
Android WiFi-Direct Denial of Service 
Android Zygote Socket Vulnerability Fork bomb Attack
Android Zygote Socket Vulnerability Fork bomb Attack 
AneCMS v.2e2c583 LFI exploit
AnimaGallery 2.6 - Local File Inclusion
AnoBBS 1.0.1 - Remote File Inclusion 
Another Wordpress Classifieds Plugin - SQL Injection 
Ansible 2.1.4 / 2.2.1 - Command Execution 
AnvSoft Any Video Converter 4.3.6 Stack Overflow Exploit
AnyDesk 2.5.0 - Unquoted Service Path Privilege Escalation 
AoA Audio Extractor Basic 2.3.7 - ActiveX Exploit 
AoA DVD Creator 2.6.2 - ActiveX Exploit 
AoA DVD Creator V2.5 ActiveX Stack Overflow Exploit
AoA MP4 Converter 4.1.2 - ActiveX Exploit 
AoA Mp4 converter v4.1.0 ActiveX Stack Overflow Exploit
AOL Products downloadUpdater2 Plugin SRC Parameter Remote Code Execution
Apache / PHP 5.x Remote Code Execution Exploit
Apache / PHP 5.x Remote Code Execution Exploit 
Apache + PHP 5.x - Remote Code Execution (Multithreaded Scanner v2)
Apache + PHP 5.x - Remote Code Execution (Multithreaded Scanner v2) 
Apache 2.4.7 mod_status Scoreboard Handling Race Condition
Apache 2.4.7 mod_status Scoreboard Handling Race Condition 
Apache ActiveMQ 5.11.1/5.13.2 - Directory Traversal / Command Execution 
Apache Commons FileUpload and Apache Tomcat Denial-of-Service
Apache CouchDB 2.0.0 - Local Privilege Escalation 
Apache Jetspeed Arbitrary File Upload 
Apache Mina 2.0.13 - Remote Command Execution 
Apache mod_cgi - Remote Exploit (Shellshock)
Apache mod_cgi - Remote Exploit (Shellshock) 
Apache mod_session_crypto - Padding Oracle 
Apache OpenMeetings 1.9.x - 3.1.0 - ZIP File path Traversal 
Apache Rave 0.11 - 0.20 - User Information Disclosure
Apache Sling Framework (Adobe AEM) 2.3.6 - Information Disclosure Vulnerability 
Apache Struts <= 2.2.1.1 Remote Command Execution
Apache Struts ClassLoader Manipulation Remote Code Execution
Apache Struts Developer Mode OGNL Execution
Apache Struts Dynamic Method Invocation Remote Code Execution 
Apache Struts includeParams Remote Code Execution
Apache suEXEC Privilege Elevation / Information Disclosure
Apache Tomcat 8/7/6 (Debian-Based Distros) - Privilege Escalation 
Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation 
Apache Tomcat Manager Application Upload Authenticated Code Execution
Apache Tomcat Remote Exploit (PUT Request) and Account Scanner
Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object RCE
Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object RCE 
Apexis IP CAM - Information Disclosure 
AppFusions Doxygen for Atlassian Confluence 1.3.2 - Cross-Site Scripting 
ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author) 
ApPHP MicroBlog 1.0.2 - Stored Cross Site Scripting 
ApPHP MicroCMS 3.9.5 - (Add Admin) Cross-Site Request Forgery 
ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting 
Apple iCloud Desktop Client 5.2.1.0 - Local Credentials Disclosure 
Apple Intel HD 3000 Graphics driver 10.0.0 - Local Privilege Escalation 
Apple iOS 7.2 - Sim Lock Screen Display Bypass Vulnerability
Apple iOS 7.2 - Sim Lock Screen Display Bypass Vulnerability 
Apple iTunes <= 10.6.1.7 Extended m3u Stack Buffer Overflow
Apple iTunes 10 Extended M3U Stack Buffer Overflow
Apple Mac OS X Lion Kernel <= xnu-1699.32.7 except xnu-1699.24.8 NFS Mount - Privilege Escalation Exploit
Apple Mac OS X Lion Kernel <= xnu-1699.32.7 except xnu-1699.24.8 NFS Mount - Privilege Escalation Exploit 
Apple Motion 5.0.7 Integer Overflow Vulnerability
Apple Motion 5.0.7 Integer Overflow Vulnerability 
Apple OS X Entitlements Rootpipe Privilege Escalation 
Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free 
Apple OS X/iOS - mach_ports_register Multiple Memory Safety Issues 
Apple Patches iTunes, iCloud for Windows, Xcode Server
Apple qlmanage - SceneKit::daeElement::setElementName Heap Overflow 
Apple Quick Time Player (Windows) Version 7.7.3 Out of Bound Read
Apple Quicktime - MOV File Parsing Memory Corruption Vulnerability 
Apple Quicktime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 1 
Apple Quicktime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 2 
Apple Quicktime < 7.7.79.80.95 - PSD File Parsing Memory Corruption 
Apple Quicktime 7 Invalid Atom Length Buffer Overflow
Apple QuickTime 7.7.2 MIME Type Buffer Overflow
Apple QuickTime 7.7.2 Targa image Buffer Overflow
Apple QuickTime Player 7.7.2 Crash PoC
Apple QuickTime TeXML Stack Buffer Overflow
Apple Safari 6.0.1 for iOS 6.0 and OS X 10.7/8 - Heap Buffer Overflow
Apple Safari 6.0.1 for iOS 6.0 and OS X 10.7/8 - Heap Buffer Overflow 
Apple watchOS 2 - Crash PoC 
AppLocker Execution Prevention Bypass 
Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution 
appRain 3.0.2 - Blind SQL Injection Vulnerability
appRain 3.0.2 - Blind SQL Injection Vulnerability 
appRain CMF <= 0.1.5 (uploadify.php) Unrestricted File Upload Exploit
appRain CMF 3.0.2 - CSRF Add/Delete Admin Account
appRain CMF 3.0.2 - CSRF Add/Delete Admin Account 
appRain CMF Arbitrary PHP File Upload Vulnerability
APT - Repository Signing Bypass via Memory Allocation Failure 
Arab Portal 3 - SQL Injection Vulnerability 
AraDown Blind SQL Injection
Arachni Web Application Scanner Web UI - Stored XSS Vulnerability
Arachni Web Application Scanner Web UI - Stored XSS Vulnerability 
Arastta 1.1.5 - SQL Injection Vulnerabilities 
ArcServe UDP 6.0.3792 Update 2 Build 516 - Unquoted Service Path Privilege... 
Arctic Torrent 1.2.3 Memory Corruption (DoS)
ARG-W4 ADSL Router - Multiple Vulnerabilities 
Archin WordPress Theme 3.2 Unauthenticated Configuration Access
Arris TG1682G Modem - Stored XSS Vulnerability 
ArrowChat 1.5.61 Multiple Vulnerabilities
ArticleFR 11.06.2014 (data.php) - Privilege Escalation
Artiphp CMS 5.5.0 Database Backup Disclosure Exploit
Artweaver 3.1.5 (.AWD) - Buffer Overflow Vulnerability
Aruba Mobility Controller 6.4.2.8 - Multiple vulnerabilities 
ARYADAD Multiple Vulnerabilities
asaanCart XSS/LFI Vulnerabilities
Asbru Web Content Management System 9.2.7 - Multiple Vulnerabilities 
aSc Timetables 2013 - Stack Buffer Overflow Vulnerability
ASLDRService ATK Hotkey 1.0.69.0 - Unquoted Service Path Privilege Escalation 
Aspen 0.8 - Directory Traversal
ASP-Nuke 2.0.7 - 'gotourl.asp' Open Redirect Vulnerability 
Asseco SEE iBank FX Client 2.0.9.3 - Local Privilege Escalation Vulnerability
Asseco SEE iBank FX Client 2.0.9.3 - Local Privilege Escalation Vulnerability 
ASUS DSL-X11 ADSL Router - Unauthenticated DNS Change 
ASUS Memory Mapping Driver (ASMMAP/ASMMAP64): Physical Memory Read/Write 
ASUS Net4Switch ipswcom.dll ActiveX Stack Buffer Overflow
Asus RT56U 3.0.0.4.360 - Remote Command Injection
Asus RT-N66U 3.0.0.4.374_720 - CSRF Vulnerability
Asus RT-N66U 3.0.0.4.374_720 - CSRF Vulnerability 
ASUSWRT 3.0.0.4.376_1071 - LAN Backdoor Command Execution 
Asx to Mp3 2.7.5 - Stack Overflow
ATKGFNEXSrv ATKGFNEX 1.0.11.1 - Unquoted Service Path Privilege Escalation 
Atlassian Confluence 4.3.5 - Multiple Vulnerabilities
Atlassian Confluence 5.2 / 5.8.14 / 5.8.15 - Multiple Vulnerabilities 
Atlassian Confluence 5.9.12 - Persistent Cross-Site Scripting 
Atlassian HipChat for Jira Plugin Velocity Template Injection 
Atmail WebAdmin and Webmail Control Panel SQL Root Password Disclosure
Atmail Webmail 7.2 - Multiple Vulnerabilities 
Attackers Replacing Firmware on Cisco Routers
ATutor 1.2 Multiple Vulnerabilities
ATutor 2.2 - Multiple XSS Vulnerabilities 
ATutor 2.2.1 Directory Traversal / Remote Code Execution 
ATutor 2.2.1 SQL Injection / Remote Code Execution 
ATutor LMS install_modules.php CSRF Remote Code Execution Vulnerability
Audacious 3.7 - ID3 Local Crash PoC 
Audio Editor Master 5.4.1.217 Denial Of Service Vulnerability
AudioCoder .M3U Buffer Overflow
AudioCoder 0.8.22 - Direct Retn Buffer Overflow
AudioCoder 0.8.22 (.m3u) - SEH Buffer Overflow
AudioCoder 0.8.29 - Memory Corruption (SEH) 
Audiotran PLS File Stack Buffer Overflow
Audiotran PLS File Stack Buffer Overflow 
AuraCMS 2.3 - Multiple Vulnerabilities
AuraCMS 2.3 - Multiple Vulnerabilities 
Auto Database System 1.0 Infusion Addon SQL injection Vulnerability
AutoCAD DWG and DXF To PDF Converter 2.2 - Buffer Overflow 
Auto-Exchanger 5.1.0 - CSRF Vulnerability 
Autonics DAQMaster 1.7.3 - DQP Parsing Buffer Overflow Code Execution 
AutoPlay v1.33 (autoplay.ini) Local Buffer Overflow Exploit (SEH)
AutoWeb 3.0 - (noticias.php id_cat) SQL Injection Exploit
AutoWeb 3.0 - (noticias.php id_cat) SQL Injection Exploit 
Auxilium PetRatePro Multiple Vulnerabilities
Auxilium RateMyPet Arbitrary File Upload Vulnerability
AV Arcade Free Edition (add_rating.php, id parameter) Blind SQL Injection
Avast Antivirus X.509 Error Rendering Command Execution
Avast Heap Overflow Unpacking MoleBox Archives 
Avast Integer Overflow Verifying numFonts in TTC Header 
Avast JetDb::IsExploited4x - Performs Unbounded Search on Input 
Avast OOB Write Decrypting PEncrypt Packed Executables 
Avaya IP Office Manager 8.1 TFTP DOS
Avaya WinPDM UniteHostRouter <= 3.8.2 Remote Pre-Auth Command Execute
Avaya WinPMD UniteHostRouter Buffer Overflow
AVE.CMS <= 2.09 (index.php, module param) - Blind SQL Injection Exploit
AVerCaster Pro RS3400 Web Server Directory Traversal
Aviosoft Digital TV Player Professional 1.x (Direct Retn)
AVIPreview 0.26 Alpha Denial of Service
Avira - Heap Underflow Parsing PE Section Headers 
Avira 14.0.7.342 - (avguard.exe) Service Trusted Path Privilege Escalation 
Avira AntVir QUA file in (avcenter.exe) Local Crash PoC
Avira Internet Security avipbb.sys Filter Bypass and Privilege Escalation
Avira Secure Backup 1.0.0.1 Build 3616 (.reg) - Buffer Overflow
Avira Secure Backup 1.0.0.1 Build 3616 (.reg) - Buffer Overflow 
AVM FRITZ!Box < 6.30 - Buffer Overflow 
AVTECH DVR Firmware 1017-1003-1009-1003 - Multiple Vulnerabilities
AVTECH DVR Firmware 1017-1003-1009-1003 - Multiple Vulnerabilities 
AVTECH IP Camera, NVR, and DVR Devices - Multiple Vulnerabilities 
AWCM v2.2 final Persistent Cross Site Script Vulnerability
AWS XMS 2.5 (importer.php, what param) - Directory Traversal Vulnerability
Axessh 4.2 - Denial Of Service 
Axigen Mail Server 8.0.1 Stored XSS
AXIS Media Control 6.2.10.11 - Unsafe ActiveX Method
AXIS Multiple Products - Authenticated Remote Command Execution via devtools Vector 
Axis Network Cameras - Multiple Vulnerabilities 
Axous 1.1.1 Multiple Vulnerabilities (CSRF - Persistent XSS)
Axway Secure Transport 5.1 SP2 - Arbitary File Upload via CSRF 
B2B Portal Script - Blind SQL Injection 
b2ePMS 1.0 Authentication Bypass Vulnerability
b2ePMS 1.0 multiple SQLi Vulnerabilities
b2evolution 4.1.6 - Multiple Vulnerabilities
b374k Web Shell - CSRF Command Injection
BabyGekko 1.2.2e Multiple Vulnerabilities
Bacula-web 1.3.x - 5.0.3 Multiple Remote Vulnerabilities
Baidu Spark Browser 43.23.1000.476 - Address Bar URL Spoofing 
Baidu Spark Browser v26.5.9999.3511 - Remote Stack Overflow Vulnerability (DoS)
Baidu Spark Browser v26.5.9999.3511 - Remote Stack Overflow Vulnerability (DoS) 
BananaDance Wiki b2.2 Multiple Vulnerabilities
Barracuda Cloud CC v3.04.015 - Multiple Web Vulnerabilities
Barracuda CudaTel 2.6.02.040 - SQL Injection Vulnerability
Barracuda Firewall 6.1.0.016 - Multiple Vulnerabilities
Barracuda Firewall 6.1.0.016 - Multiple Vulnerabilities 
Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities
Barracuda Message Archiver 650 - Persistent XSS Vulnerability
Barracuda Message Archiver 650 - Persistent XSS Vulnerability 
Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass & Persistent Vulnerability
Barracuda Networks Cloud Series - Filter Bypass Vulnerability 
Barracuda Spam & Virus Firewall 5.1.3.007 - Remote Command Execution (Metasploit) 
Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Remote Command Execution (Metasploit) 
Base64 Decoder 1.1.2 - SEH OverWrite PoC 
Bash - CGI RCE (MSF) Shellshock Exploit
Bash - CGI RCE (MSF) Shellshock Exploit 
Bash Environment Variables Code Injection Exploit 
Basilic 1.5.14 diff.php Arbitrary Command Execution
Bassmaster 1.5.1 - Batch Arbitrary JavaScript Injection Remote Code Execution... 
Battle.Net 1.5.0.7963 - Insecure File Permissions Privilege Escalation 
Baumer VeriSens Application Suite 2.6.2 - Buffer Overflow Vulnerability 
Beckhoff CX9020 CPU Module - Remote Code Execution Exploit
Beckhoff CX9020 CPU Module - Remote Code Execution Exploit 
Bedita 3.5.1 - XSS Vulnerabilities 
BEdita CMS 3.5.0 - Multiple Vulnerabilities 
Beetel Connection Manager PCW_BTLINDV1.0.0B04 - SEH Buffer Overflow
Beetel Connection Manager PCW_BTLINDV1.0.0B04 - SEH Buffer Overflow 
Belkin N150 Wireless Home Router F9K1009 v1 - Multiple Vulnerabilities 
Belkin n750 jump login Parameter Buffer Overflow
Belkin n750 jump login Parameter Buffer Overflow 
Belkin Router N150 1.00.08, 1.00.09 - Path Traversal Vulnerability 
beSTORM 3.5.6 ActiveX (WinGraphviz.dll) Remote Heap Overflow
Betsy v4.0 (ress.php) Local File Include Vulnerability
BigAnt Server 2 SCH And DUPF Buffer Overflow
BigAnt Server 2.52 SP5 SEH Stack Overflow ROP-based exploit (ASLR + DEP bypass)
BigAnt Server DUPF Command Arbitrary File Upload
BigPond 3G21WB Multiple Vulnerabilities
Bigware Shop 2.3.01 - Multiple Local File Inclusion Vulnerabilities 
Billion Router 7700NR4 - Remote Command Execution 
Binary File Descriptor Library (libbfd) - Out-of-Bounds Crash 
Binatone DT 850W Wireless Router - Multiple CSRF Vulnerabilities 
BirdBlog 1.4.0 - (Add New Post) Cross-Site Request Forgery
BisonWare BisonFTP Server 3.5 - Directory Traversal Vulnerability 
Bitbot C2 Panel gate2.php - Multiple Vulnerabilities
Bitbot C2 Panel gate2.php - Multiple Vulnerabilities 
Bitdefender GravityZone 5.1.5.386 - Multiple Vulnerabilities
Bitrix bitrix.mpbuilder Module 1.0.10 - Local File Inclusion 
Bitrix bitrix.xscan Module 1.0.3 - Directory Traversal 
Bitsmith PS Knowbase 3.2.3 - Buffer Overflow Vulnerability
Bitweaver 2.8.1 Multiple Vulnerabilities
Bitweaver 2.8.1 Persistant XSS Vulnerability
Bitweaver v2.81 Local File Inclusion Vulnerability
BlackBerry Enterprise Service < 12.4 (BES12) Self-Service - Multiple Vulnerabilities 
Blackberry Z10 Research Primer - Dissecting Blackberry 10 - An Initial Analysis
Blackboard LMS 9.1 SP14 - Cross-Site Scripting 
BlackStratus LOGStorm 4.5.1.35/4.5.1.96 - Remote Code Execution 
Blade API Monitor Unicode Bypass (Serial Number BOF)
Blat.exe 2.7.6 SMTP / NNTP Mailer - Buffer Overflow 
BlazeDVD 6.2 (.plf) - Buffer Overflow (SEH)
BlazeDVD Pro 7.0 - (.plf) Stack Based Buffer Overflow (Direct RET) 
BlazeDVD Pro 7.0 (.plf) - Buffer Overflow (SEH) 
BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow Jump ESP
BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow Jump ESP 
BlazeVideo HDTV Player 6.6 Professional (Direct Retn)
BlazeVideo HDTV Player 6.6 Professional SEH&DEP&ASLR
Blog Mod <= 0.1.9 (index.php, month parameter) SQL Injection
bloofox CMS 0.5.0 - Multiple Vulnerabilities
BLUE COM Router 5360/52018 - Password Reset Exploit
BLUE COM Router 5360/52018 - Password Reset Exploit 
BlueStacks 2.5.55 - Unquoted Service Path Privilege Escalation 
Bluethrust Clan Scripts v4 R17 - Multiple Vulnerabilities 
Bluetooth Photo Share Pro 2.0 iOS - Multiple Vulnerabilities
Bluetooth Photo Share Pro 2.0 iOS - Multiple Vulnerabilities 
Bluetooth Photo-File Share 2.1 iOS - Multiple Vulnerabilities
Bluetooth Photo-File Share 2.1 iOS - Multiple Vulnerabilities 
Bluetooth Text Chat 1.0 iOS - Code Execution Vulnerability
Bluetooth Text Chat 1.0 iOS - Code Execution Vulnerability 
BMC Service Desk Express 10.2.1.95 - Multiple Vulnerabilities
BMC Track-It! - Multiple Vulnerabilities 
BMForum Myna 6.0 SQL Injection Vulnerability
boastMachine v3.1 <= CSRF Add Admin Vulnerability
Boat Browser 8.0 and 8.0.1 - Remote Code Execution Vulnerability
Boat Browser 8.0 and 8.0.1 - Remote Code Execution Vulnerability 
Boilsoft RM TO MP3 Converter 1.72 - Crash POC (.wav)
Boilsoft RM TO MP3 Converter 1.72 - Crash POC (.wav) 
BolinTech DreamFTP 1.02 - 'RETR' Command Remote Buffer Overflow 
Bonefire v.0.7.1 - Reinstall Admin Account Exploit
Bonefire v.0.7.1 - Reinstall Admin Account Exploit 
Bonita BPM 6.5.1 - Multiple Vulnerabilities 
Booking Calendar - Multiple Vulnerabilities
Booking System Pro CSRF Vulnerability
Boonex Dolphin 7.3.2 - Authentication Bypass 
Bosch Security Systems Dinion NBN-498 Web Interface - XML Injection 
Bosch Security Systems DVR 630/650/670 Series - Multiple Vulnerabilities 
BoutikOne (description.php) SQL Injection Vulnerability
BoxBilling 3.6.11 (mod_notification) Stored Cross-Site Scripting Vulnerability
Boxoft Wav 1.0 - Buffer Overflow 
Brave Browser 1.2.16/1.9.56 - Address Bar URL Spoofing 
Brickcom Corporation Network Cameras - Multiple Vulnerabilities 
Broadcom DoS on BCM4325 and BCM4329 Devices
Browser Navigation Download Trick
BrowserModifier:Win32/Smudplu
BSIGN 0.4.5 - Buffer Overflow 
bsnes v0.87 Local Denial Of Service
Buffalo TeraStation TS-Series - Multiple Vulnerabilities
Buffalo WZR-HP-G300NH2 - CSRF Vulnerability
BulletProof FTP Client 2010 - Buffer Overflow (SEH)
BulletProof FTP Client 2010 - Buffer Overflow (SEH) 
BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit
BulletProof FTP Client BPS Buffer Overflow 
BusinessWiki 2.5RC3 Stored XSS & Arbitrary File Upload
BuyClassifiedScript PHP Code Injection Vulnerability
BWMeter v5.4.0 (.csv) Denial of Service Vulnerability
C/C++ Offline Compiler and C For OS - Persistent XSS 
C2Box 4.0.0(r19171) - CSRF Vulnerability 
C2S DVR Management IRDOME-II-C2S, IRBOX-II-C2S, DVR - Credentials Disclosure / Authentication Bypass 
C99.php Shell - Authentication Bypass 
CA 2E Web Option 8.1.2 - Authentication Bypass
CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow
CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow 
Cacti Superlinks Plugin 1.4-2 RCE(LFI) via SQL Injection Exploit 
CacheGuard-OS 5.7.7 - CSRF Vulnerability
CacheGuard-OS 5.7.7 - CSRF Vulnerability 
CakePHP 2.x-2.2.0-RC2 XXE Injection
CakePHP Framework 3.2.4 - IP Spoofing
Calavera UpLoader 3.5 - SEH Buffer Overflow
CAM UnZip 5.1 - Archive Path Traversal 
Cam2pc 4.6.2 - BMP Image Processing Integer Overflow Vulnerability
Cambium ePMP 1000 - Multiple Vulnerabilities 
Cannonbolt Portfolio Manager v1.0 Multiple Vulnerabilities
Cart Engine 3.0 - Multiple Vulnerabilities 
Cartweaver 3 Local File Inclusion Vulnerability
Categorizator 0.3.1 - SQL Injection 
Catia V5-6R2013 "CATV5_AllApplications" - Stack Buffer Overflow
Catia V5-6R2013 "CATV5_AllApplications" - Stack Buffer Overflow 
Catia V5-6R2013 "CATV5_Backbone_Bus" - Stack Buffer Overflow
Catia V5-6R2013 "CATV5_Backbone_Bus" - Stack Buffer Overflow 
CBHotel Hotel Software and Booking system 1.8 - Multiple Vulnerabilities
CBHotel Hotel Software and Booking system 1.8 - Multiple Vulnerabilities 
CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities 
CCProxy 7.3 - Integer Overflow Exploit
CDex Genre 1.79 - Stack Buffer Overflow 
Cells Blog 3.3 - XSS Reflected & Blind SQLite Injection
Cells Blog 3.3 - XSS Reflected & Blind SQLite Injection 
Cells Blog CMS v1.1 Multiple Web Vulnerabilites
Cemu 1.6.4b - Information Leak + Buffer Overflow (Emulator Breakout) 
Centos 7.1/Fedora 22 - abrt Local Root 
Centreon <= 2.5.3 - Remote Command Execution 
Centreon 2.5.3 - Web Useralias Command Execution (Metasploit)
Centreon 2.6.1 - Multiple Vulnerabilities 
Cerb 7.0.3 - CSRF Vulnerability 
Certec EDV atvise SCADA Server 2.5.9 - Privilege Escalation 
CF Image Host 1.65 - CSRF Vulnerability 
CF Image Host 1.65 - PHP Command Injection 
cFos Personal Net 3.09 - Remote Heap Memory Corruption Denial of Service
cFos Personal Net 3.09 - Remote Heap Memory Corruption Denial of Service 
Cgiemail 1.6 - Source Code Disclosure 
CCH Wolters Kluwer PFX Engagement <= 7.1 - Local Privilege Escalation
cChatBox for vBulletin 3.6.8 and 3.7.x SQL Injection Vulnerability
CIK Telecom VoIP router SVG6000RW - Privilege Escalation and Command Execution 
CIScan 1.00 - Hostname/IP Field Crash PoC 
CIScan 1.00 - Hostname/IP Field SEH Overwrite PoC 
Cisco AnyConnect 3.1.08009 - Privilege Escalation via DMG Install Script 
Cisco AnyConnect Secure Mobility 2.x, 3.x, 4.x - Client DoS PoC
Cisco AnyConnect Secure Mobility Client 3.1.08009 - Privilege Escalation 
Cisco ASA - Authentication Bypass 'EXTRABACON' (Improved Shellcode) (69 bytes) 
Cisco ASA / PIX - Privilege Escalation (EPICBANANA) 
Cisco ASA < 8.4.4.6|8.2.5.32 Ethernet Information Leak
Cisco ASA 8.x - Authentication Bypass (EXTRABACON) 
Cisco ASA 9.2(3) - Authentication Bypass (EXTRABACON Module) 
Cisco ASA 9.2(3) - 'EXTRABACON' Authentication Bypass 
Cisco ASA Software 8.x / 9.x - IKEv1 and IKEv2 Buffer Overflow
Cisco DPC2100 Denial of Service
Cisco EPC 3925 - Multiple Vulnerabilities 
Cisco Firepower Management Console 6.0 - Post Authentication UserAdd 
Cisco Linksys E4200 Firmware - Multiple Vulnerabilities
Cisco Linksys PlayerPT ActiveX Control Buffer Overflow
Cisco Linksys WAG54GS CSRF Change Admin Password
Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow Vulnerability
Cisco Patches Critical Vulnerability in Facility Events Response System
Cisco Prime Data Center Network Manager Arbitrary File Upload
Cisco Prime Data Center Network Manager Arbitrary File Upload 
Cisco Sourcefire User Agent 2.2 - Insecure File Permissions 
Cisco UCS Manager 2.1(1b) - Shellshock Exploit 
Cisco Unified Communications Manager - Multiple Vulnerabilities 
Cisco Unified Communications Manager 7/8/9 - Directory Traversal 
Cisco Unity Express Multiple Vulnerabilities
Cisco Video Surveillance Operations Manager 6.3.2 - Multiple vulnerabilities
Cisco Webex Player T29.10 - '.ARF' Out-of-Bounds Memory Corruption 
Cisco Webex Player T29.10 - '.WRF' Use-After-Free Memory Corruption 
Citrix Access Gateway Command Execution
Citrix NetScaler SOAP Handler Remote Code Execution
Citrix NetScaler SOAP Handler Remote Code Execution 
Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020000 Buffer Overflow
Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020002 Buffer Overflow
Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020004 Buffer Overflow
Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020006 Buffer Overflow
Citrix Receiver/Receiver Desktop Lock 4.5 - Authentication Bypass 
CKEditor < 4.1 Drupal 6.x & 7.x - Persistent XSS Vulnerability
CKEditor 4.0.1 - Multiple Vulnerabilities
Clansphere 2010_3 Stored XSS Vulnerability
ClanSuite 2.9 Arbitrary File Upload Vulnerability
ClassApps SelectSurvey.net - Multiple SQL Injection Vulnerabilities
ClassApps SelectSurvey.net - Multiple SQL Injection Vulnerabilities 
ClearSCADA - Remote Authentication Bypass Exploit
ClearSCADA - Remote Authentication Bypass Exploit 
ClickDesk Multiple HTML Injection Vulnerabilities
ClickHeat <= 1.14 Change Admin Password CSRF 
Clickheat 1.13+ Remote Command Execution 
ClipBucket 2.5 CSRF Vulnerability
Clipbucket 2.7 RC3 0.9 - Blind SQL Injection 
Clipbucket v2.5 Blind SQLi Vulnerability
Clipbucket v2.5 Directory Traversal
ClipperCMS 1.3.0 - Code Execution Vulnerability 
ClipperCMS 1.3.0 - Multiple SQL Injection Vulnerabilities 
ClipShare 4.1.1 - Multiples Vulnerabilites
ClipShare 4.1.1 (gmembers.php, gid param) - Blind SQL Injection Vulnerability
ClipShare 4.1.4 - Multiple Vulnerabilities
ClipSharePro <= 4.1 - Local File Inclusion
ClipSharePro <= 4.1 - Local File Inclusion 
Clipster Video Persistent XSS Vulnerability
CLscript CMS v3.0 Multiple Vulnerabilities
CMS Formulasi 2.07 - Multiple Vulnerabilities
CMS Formulasi 2.07 - Multiple Vulnerabilities 
CMS Made Simple < 2.1.3 & < 1.12.1 - Web Server Cache Poisoning 
CMS Made Simple 2.1.5 - Cross-Site Scripting 
CMS Papoo 6.0.0 Rev. 4701 - Stored XSS 
CMS phpshop 2.0 SQL Injection Vulnerability
CMS snews SQL Injection Vulnerability
CMSimple 4.4, 4.4.2 - Remote File Inclusion
CMSQLITE v1.3.2 Multiple Vulnerabiltiies
cnzz CMS SQLi (company.php)
cnzz CMS SQLi (company.php) 
CodeBlocks 12.11 (Mac OS X) - Crash POC
CodeBlocks v8.02 (cbp) Buffer Overflow Exploit
CodeMeter 4.50.906.503 - Service Trusted Path Privilege Escalation 
CodoForum 3.2.1 - SQL Injection 
Cogent Datahub <= 7.3.9 Gamma Script Elevation of Privilege 
Cogent DataHub Command Injection
Cogent DataHub Command Injection 
Cogent DataHub HTTP Server Buffer Overflow
Cogent DataHub HTTP Server Buffer Overflow 
ColdFusion 9-10 - Credential Disclosure Exploit
Collabtive 1.0 (manageuser.php, task param) - SQL Injection Vulnerability
Colloquy 1.3.5 and 1.3.6 Denial of Service Vulnerability
ColoradoFTP 1.3 Prime Edition (Build 8) - Directory Traversal
Colorful Blog - Cross-Site Request Forgery (Change Admin Password) 
Colorful Blog - Stored Cross Site Scripting 
Comcast DOCSIS 3.0 Business Gateways Multiple Vulnerabilities
Cometchat - Multiple Vulnerabilities
Cometchat Application - Multiple Vulnerabilities
Comment Rating 2.9.23 Wordpress Plugin Multiple Vulnerabilities
Comodo - Integer Overflow Leading to Heap Overflow in Win32 Emulation 
Comodo - Integer Overlow Leading to Heap Overflow Parsing Composite Documents 
Comodo - LZMA Decoder Heap Overflow via Insufficient Parameter Checks 
Comodo - PackMan Unpacker Insufficient Parameter Validation 
Comodo Antivirus - Heap Overflow in LZX Decompression 
Comodo Antivirus Forwards Emulated API Calls to the Real API During Scans 
Comodo Backup 4.4.0.0 - NULL Pointer Dereference EOP 
Comodo Dragon Browser - Unquoted Service Path Privilege Escalation 
Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation 
Comodo Internet Security - HIPS/Sandbox Escape PoC 
CompuSource Systems - Real Time Home Banking - Local Privilege Escalation 
ComSndFTP Server 1.3.7 Beta Remote Format String Overflow
ComSndFTP v1.3.7 Beta USER Buffer Overflow
Comtrend ADSL Router CT-5367 C01_R12 Remote Root
COMTREND ADSL Router CT-5367 C01_R12, CT-5624 C01_R03 - Unauthenticated DNS Change 
Conceptronic GrabĺnĺGo Network Storage Directory Traversal
Concrete5 5.6.2.1 (index.php, cID param) - SQL Injection
Concrete5 5.6.2.1 (index.php, cID param) - SQL Injection 
concrete5 CMS 5.6.1.2 - Multiple Vulnerabilities
ConQuest DICOM Server 1.4.17d - Stack Buffer Overflow 
Constructr CMS 3.03 Miltiple Remote Vulnerabilities
ContaoCMS (fka TYPOlight) <= 2.11 CSRF (Delete Admin- Delete Article)
Cool PDF Reader 3.0.2.256 Buffer Overflow
CoolPlayer Portable 2.19.2 Buffer Overflow ASLR bypass
CoolPlayer+ Portable 2.19.2 Buffer Overflow ASLR Bypass (Large Shellcode)
CoolPlayer+ Portable 2.19.6 - .m3u Stack Overflow (Egghunter+ASLR bypass) 
CoolZip 2.0 zip Buffer Overflow Exploit
Coppermine Photo Gallery 1.5.x Remote Command Execution
Core FTP LE 2.2 - 'SSH/SFTP' Remote Buffer Overflow (PoC) 
Core FTP Server 1.2 - Buffer Overflow PoC 
CORE Multimedia Suite 2011 CORE Player 2.4 Buffer Overflow (.m3u)
Corel PDF Fusion Stack Buffer Overflow
CorelDRAW X7 CDR File (CdrTxt.dll) Off-By-One Stack Corruption Vulnerability 
Counter-Strike 1.6 'GameInfo' Query Reflection DoS PoC 
couponPHP CMS 1.0 - Multiple Stored XSS and SQL Injection Vulnerabilities
couponPHP CMS 1.0 - Multiple Stored XSS and SQL Injection Vulnerabilities 
Course Registration Management System 2.1 Multiple Vulnerabilities
cPanel WebHost Manager 3.1 dofeaturemanager feature Parameter XSS
cPanel WebHost Manager 3.1 dofeaturemanager feature Parameter XSS 
cPassMan v1.82 Remote Command Execution Exploit
crea8social 1.3 - Stored XSS Vulnerability
Crea8Social 2.0 - XSS Change Interface 
CreateVision CMS Database injection.
Creative Contact Form - Arbitrary File Upload 
Creative Contact Form (Wordpress 0.9.7 and Joomla 2.0.0) - Shell Upload Vulnerability 
Crestron AM-100 - Multiple Vulnerabilities 
CRLF injection / HTTP response Splitting
Croogo 2.0.0 - Arbitrary PHP Code Execution Exploit 
Croogo 2.0.0 - Multiple Stored XSS Vulnerabilities 
Crouzet em4 soft 1.1.04 - .pm4 Integer Division By Zero 
Crouzet em4 soft 1.1.04 and M3 soft 3.1.2.0 - Insecure File Permissions 
Cryptocat Arbitrary Script Injection Vulnerability
Cryptocat Arbitrary Script Injection Vulnerability 
Csound hetro File Handling Stack Buffer Overflow
CTERA 3.2.29.0 and 3.2.42.0 - Stored XSS
CTERA 3.2.29.0 and 3.2.42.0 - Stored XSS 
CubeCart 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability
CubeCart 5.2.8 - Session Fixation
CubeCart 6.0.10 - Multiple Vulnerabilities 
CUDA Cracking
CumulusClips 2.4.1 - Multiple Vulnerabilities 
Cuppa CMS (alertConfigField.php, urlConfig param) - Remote/Local File Inclusion
CUPS Filter Bash Environment Variable Code Injection
cURL Buffer Overflow Vulnerability
CuteZip 2.1 Buffer Overflow Exploit
CVE-2012-1535: Adobe Flash Player Integer Overflow Vulnerability Analysis
CVE-2012-4969 Technical Analysis Report
CyberCop Scanner Smbgrind 5.5 - Buffer Overflow 
CyberLink Power2Go Essential 9.0.1002.0 - Registry SEH/Unicode Buffer Overflow 
CyberLink Power2Go name attribute (p2g) Stack Buffer Overflow Exploit
Cyberoam Firewall CR500iNG-XP - 10.6.2 MR-1 - Blind SQL Injection Vulnerability 
Cyclope Employee Surveillance <= v8.6.1- Insecure File Permissions
Cyclope Employee Surveillance Solution v6 SQL Injection
Cyclope Employee Surveillance Solution v6.0 SQL Injection
Cydia Repo Manager CSRF Vulnerability
Cyme ChartFX Client Server ActiveX Control Array Indexing Vulnerability
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 - Authentication Bypass
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 - Authentication Bypass 
DaloRadius - Multiple Vulnerabilities
DATAC RealWin Multiple Vulnerabilities
DataLife Engine 9.7 (preview.php) PHP Code Injection Vulnerability
Daum Game 1.1.0.5 ActiveX (IconCreate Method) - Stack Buffer Overflow
Daum Game 1.1.0.5 ActiveX (IconCreate Method) - Stack Buffer Overflow 
davfs2 1.4.6/1.4.7 - Local Privilege Escalation Exploit
davfs2 1.4.6/1.4.7 - Local Privilege Escalation Exploit 
Davolink DV-2051 - Multiple Vulnerabilities 
dbus-glib pam_fprintd - Local Root Exploit
dbus-glib pam_fprintd - Local Root Exploit 
DCMTK 3.6.0 storescp - Stack Buffer Overflow 
DecisionTools SharpGrid ActiveX Control RCE
Deepin Linux 15 - lastore-daemon Privilege Escalation 
DeepOfix SMTP Server 3.3 - Authentication Bypass
DeepOfix SMTP Server 3.3 - Authentication Bypass 
DeleGate 9.9.13 - Local Root Vulnerability 
Dell EqualLogic Storage - Directory Traversal 
Dell Kace 1000 SMA 5.4.742 - SQL Injection Vulnerabilities
Dell Kace 1000 SMA v5.4.70402 - Persistent XSS Vulnerabilities
Dell KACE K1000 File Upload 
Dell Netvault Backup 10.0.1.24 - Denial of Service
Dell PacketTrap MSP RMM 6.6.x - Multiple XSS Vulnerabilities
Dell PacketTrap PSA 7.1 - Multiple XSS Vulnerabilities
Dell SonicWALL Global Management System GMS 8.1 - Blind SQL Injection 
Dell SonicWall GMS 7.2.x - Code Injection 
Dell SonicWall Scrutinizer <= 11.0.1 - setUserSkin/deleteTab SQL Injection Remote Code Execution 
Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection 
Dell SonicWALL Scrutinizer 9.0.1 (statusFilter.php q parameter) SQL Injection
Dell SonicWALL Secure Mobile Access SMA 8.1 - Cross-Site Scripting / Cross-Site... 
Dell Webcam CrazyTalk ActiveX BackImage Vulnerability
Dell Webcam Software Bundled ActiveX Remote Buffer Overflow Vulnerability
Delta Industrial Automation DCISoft 1.12.09 - Stack Buffer Overflow Exploit 
Denial of Service in FoxPlayer version 2.6.0
Depot WiFi 1.0.0 iOS - Multiple Vulnerabilities
Depot WiFi 1.0.0 iOS - Multiple Vulnerabilities 
DESlock+ <= 4.1.10 vdlptokn.sys Local Kernel ring0 SYSTEM Exploit
Detecting System Intrusions
deV!L`z Clanportal Witze Addon Versions 0.9 SQL Injection Vulnerability
DevExpress ASPxFileManager 10.2 to 13.2.8 - Directory Traversal
DevExpress ASPxFileManager 10.2 to 13.2.8 - Directory Traversal 
Device42 WAN Emulator 2.3 Ping Command Injection
Device42 WAN Emulator 2.3 Ping Command Injection 
Device42 WAN Emulator 2.3 Traceroute Command Injection
Device42 WAN Emulator 2.3 Traceroute Command Injection 
DeWeS 0.4.2 - Directory Traversal Vulnerability
DeWeS 0.4.2 - Directory Traversal Vulnerability 
Dew-NewPHPLinks v.2.1b (index.php) SQL Injection Vulnerability
Dexs PM System Wordpress Plugin - Authenticated Persistent XSS (0day)
Dexs PM System Wordpress Plugin - Authenticated Persistent XSS (0day) 
Dexter (CasinoLoader) Panel - SQL Injection
Dexter (CasinoLoader) Panel - SQL Injection 
Dexter (CasinoLoader) SQL Injection
Dexter (CasinoLoader) SQL Injection 
DFLabs PTK <= 1.0.5 Multiple Vulnerabilities (Steal Authentication Credentials)
DirectAdmin 1.491 - CSRF Vulnerability 
DirectAdmin 1.50.1 - Denial of Service 
DirectAdmin ADD Sub Domain CSRF Exploit
DirectAdmin Web Control Panel 1.483 - Multiple Vulnerabilities 
DirectShow Arbitrary Memory Overwrite Vulnerability (MS13-056)
DirPHP 1.0 - LFI Vulnerability 
Disc ORGanizer - DORG - Multiple Vulnerabilities 
Disconnect.me Mac OS X Client <= 2.0 - Local Privilege Escalation 
Disk Pulse Enterprise 9.0.34 - Buffer Overflow Exploit 
Disk Pulse Enterprise 9.1.16 - Buffer Overflow 
Disk Savvy Enterprise 9.1.14 - Buffer Overflow 
Disk Savvy Enterprise 9.1.14 - 'GET' Buffer Overflow 
Disk Sorter Enterprise 9.1.12 - Buffer Overflow 
DiskBoss Enterprise 7.4.28 - 'GET' Buffer Overflow 
DiskBoss Enterprise 7.5.12 - 'POST' Buffer Overflow (SEH) 
Disqus Blog Comments Blind SQL Injection Vulnerability
Disqus for Wordpress 2.7.5 Admin Stored CSRF and XSS 
Distributed Ruby send syscall vulnerability
DIY Web CMS Multiple Vulnerabilities
DJ Studio Pro 5.1 .pls Stack Buffer Overflow
DJ Studio Pro 5.1.6.5.2 SEH Exploit MSF
DjVuLibre <= 3.5.25.3 - Out of Bounds Access Violation
DjVuLibre <= 3.5.25.3 - Out of Bounds Access Violation 
D-Link AP 3200 Multiple Vulnerabilities
D-Link AP 3200 Multiple Vulnerabilities 
D-Link authentication.cgi Buffer Overflow
D-Link authentication.cgi Buffer Overflow 
D-Link Cookie Command Execution 
D-Link DCS Cameras - Multiple Vulnerabilities
Dlink DCS series CSRF Change Admin Password
D-Link DCS-5605 Network Surveillance ActiveX Control DcsCliCtrl.dll lstrcpyW Remote Buffer Overflow Vulnerability
D-Link DCS-930L Authenticated Remote Command Execution 
D-Link DCS-931L File Upload 
D-Link Devices HNAP SOAPAction-Header Command Execution 
D-Link Devices Unauthenticated Remote Command Execution
D-Link Devices UPnP SOAP Command Execution
D-Link Devices UPnP SOAP Telnetd Command Execution
D-Link Devices UPnP SOAP Telnetd Command Execution 
D-Link DGL5500 - HNAP Buffer Overflow Vulnerability 
Dlink DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit) 
D-Link DIR-100 - Multiple Vulnerabilities
D-Link DIR-505 1.06 - Multiple Vulnerabilities
D-Link DIR-505 1.06 - Multiple Vulnerabilities 
D-Link DIR-600 and DIR-300 (rev B) Multiple Vulnerabilities
D-Link DIR-601 - Command Injection Vulnerability 
D-Link DIR-605 CSRF Vulnerability
D-Link DIR-605L Captcha Handling Buffer Overflow
D-Link DIR-605L Captcha Handling Buffer Overflow 
D-Link DIR-615 - Multiple Buffer Overflow Vulnerabilities 
Dlink DIR-615 Hardware vE4 Firmware v5.10 - CSRF Vulnerability
Dlink DIR-615 Hardware vE4 Firmware v5.10 - CSRF Vulnerability 
D-Link DIR-615 rev H - Multiple Vulnerabilities
D-Link DIR615h OS Command Injection
D-Link DIR-635 - Multiple Vulnerabilities
D-Link DIR-645 - Multiple UPNP Vulnerabilities 
D-Link DIR-815 - Multiple Vulnerabilities 
D-Link DIR-815, DIR-850L - SSDP Command Injection 
D-Link DIR-817LW - Multiple Vulnerabilities 
D-Link DIR-818W - Multiple Vulnerabilities 
D-Link DIR-825 (vC) - Multiple Vulnerabilities 
D-Link DIR-866L - Multiple Buffer Overflow Vulnerabilities 
D-Link DIR-880L - Multiple Buffer Overflow Vulnerabilities 
D-Link DIR-890L/R - Multiple Buffer Overflow Vulnerabilities 
D-Link DNS-323 - Multiple Vulnerabilities
D-Link DSL-2640B (ADSL Router) CSRF Vulnerability
D-Link DSL-2640B Authentication Bypass
D-Link DSL-2730B AU_2.01 - Authentication Bypass DNS Change 
D-Link DSL-2740B - Multiple CSRF Vulnerabilities
D-Link DSL-2740B - Multiple CSRF Vulnerabilities 
D-Link DSL-2740R - Unauthenticated Remote DNS Change Exploit 
D-Link DSL-2750B ADSL Router - CSRF Vulnerability
D-Link DSL-2750B ADSL Router - CSRF Vulnerability 
D-link DSL-2760U-E1 - Persistent XSS
D-link DSL-2760U-E1 - Persistent XSS 
D-Link DSL-2780B DLink_1.01.14 - Unauthenticated Remote DNS Change 
D-Link DSL-320B - Multiple Vulnerabilities
D-Link DSL-526B ADSL2+ AU_2.01 - Unauthenticated Remote DNS Change 
D-Link DSR Series Router - Remote Shell Root Exploit
DLink DVGşN5402SP - Multiple Vulnerabilities 
Dlink DWR-113 Rev. Ax - CSRF Denial of Service
Dlink DWR-113 Rev. Ax - CSRF Denial of Service 
D-Link DWR-932 Firmware 4.00 - Authentication Bypass 
D-Link hedwig.cgi Buffer Overflow in Cookie Header
D-Link hedwig.cgi Buffer Overflow in Cookie Header 
D-Link HNAP Request Remote Buffer Overflow
D-Link HNAP Request Remote Buffer Overflow 
D-Link info.cgi POST Request Buffer Overflow
D-Link info.cgi POST Request Buffer Overflow 
D-Link IP Cameras Multiple Vulnerabilities
D-Link Routers - Multiple Vulnerabilities
D-Link Routers - Multiple Vulnerabilities 
D-Link Unauthenticated UPnP M-SEARCH Multicast Command Injection
D-Link Unauthenticated UPnP M-SEARCH Multicast Command Injection 
D-link Wireless Router DIR-816L ľ CSRF Vulnerability 
docker 0.11 VMM-container Breakout
docker 0.11 VMM-container Breakout 
Docker Daemon - Privilege Escalation (Metasploit) 
DO-CMS Multiple SQL Injection Vulnerabilities
Dolibarr CMS 3.5.3 - Multiple Security Vulnerabilities
Dolibarr CMS 3.5.3 - Multiple Security Vulnerabilities 
Dolibarr ERP & CRM 3 Post-Auth OS Command Injection
Dolibarr ERP & CRM OS Command Injection
Dolibarr ERP/CMS 3.4.0 (exportcsv.php, sondage param) - SQL Injection
Dolibarr ERP/CMS 3.4.0 (exportcsv.php, sondage param) - SQL Injection 
dompdf 0.6.0 (dompdf.php, read param) - Arbitrary File Read 
DomPHP <= v0.83 - Local Directory Traversal Vulnerability
DOMSDAY - Analyzing a Dom-Based XSS in Yahoo!
DomsHttpd <= 1.0 Remote Denial Of Service Exploit
Doodle4Gift - Multiple Vulnerabilities
Doodle4Gift - Multiple Vulnerabilities 
doorGets CMS 5.2 - SQL Injection Vulnerability
doorGets CMS 5.2 - SQL Injection Vulnerability 
Dotclear 2.4.2 Arbitrary File Upload Vulnerability
dotDefender Firewall 5.00.12865 / 5.13-13282 - CSRF Vulnerability 
DotNetNuke 07.04.00 - Administration Authentication Bypass 
DotNetNuke DNNArticle Module 10.0 - SQL Injection Vulnerability
DotNetNuke DNNArticle Module 10.0 - SQL Injection Vulnerability 
DotNetNuke DNNspot Store 3.0.0 Arbitary File Upload 
dotProject <= 2.1.6 Remote File Inclusion Vulnerability
dotProject 2.1.5 CSRF Vulnerability
Dotproject 2.1.5 Multiple Vulnerabilities
Douran 3.9.7.8 File Download/Source Code Disclosure Vulnerability
Dovecot with Exim sender_address Parameter - Remote Command Execution
Dovecot with Exim sender_address Parameter - Remote Command Execution 
Dr. Web Control Center 6.00.3.201111300 XSS Vulnerability
Draytek Vigor 3900 1.06 - Privilege Escalation
DrayTek VigorACS SI 1.3.0 - Multiple Vulnerabilities 
Dropbox < 3.3.x - OSX FinderLoadBundle Local Root Exploit 
Dropbox Desktop Client 9.4.49 (64bit) - Local Credentials Disclosure 
Drupal < 7.32 Pre Auth SQL Injection 
Drupal < 7.34 - Denial of Service 
Drupal CMS 7.12 (latest stable release) Multiple Vulnerabilities
Drupal CODER Module 2.5 - Remote Command Execution (Metasploit) 
Drupal Core <= 7.32 - SQL Injection (#1) 
Drupal Core <= 7.32 - SQL Injection (#2) 
Drupal Core <= 7.32 - SQL Injection (PHP) 
DS3 Authentication Server - Multiple Vulnerabilities
Dual DHCP DNS Server 7.29 - Denial of Service 
DukaPress 2.5.2 - Path Traversal
Dup Scout Enterprise 9.1.14 - Buffer Overflow 
Dup Scout Enterprise 9.1.14 - Buffer Overflow (SEH) 
DVD-Lab Studio 1.25 DAL File Open Crash
DWebPro 8.4.2 - Multiple Vulnerabilities 
Dyn DDoS Could Have Topped 1 Tbps
E SMS Script Multiple SQL Injection Vulnerabilities
EastFTP ActiveX Control 0Day
Easy Address Book Web Server 1.6 - Stack Buffer Overflow 
Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow 
Easy Banner Pro (index.php page) Local File Inclusion
Easy CD-DA Recorder Buffer Overflow Exploit (SEH)