Exploit - Úvod  Remote Exploint  Web App  Local&Privilege Escalation  DoS & PoC  ShellCode  Exploit  Exploit prog.  Ex. Techniky  Exp. kit  Typy Exploitù

 

14.12.2018

Zortam MP3 Media Studio 24.15 - Local Buffer Overflow (SEH)

Responsive FileManager 9.13.4 - Multiple Vulnerabilities

Cisco RV110W - Password Disclosure / Command Execution

Angry IP Scanner 3.5.3 - Denial of Service (PoC)

Facebook And Google Reviews System For Businesses - Cross-Site Request Forgery (Change Admin Password)

Huawei Router HG532e - Command Execution

Fortify Software Security Center (SSC) 17.10/17.20/18.10 - Information Disclosure (2)

Fortify Software Security Center (SSC) 17.10/17.20/18.10 - Information Disclosure

13.12.2018

CyberLink LabelPrint 2.5 - Stack Buffer Overflow (Metasploit)

WebKit JIT - Int32/Double Arrays can have Proxy Objects in the Prototype Chains

Linux - 'userfaultfd' Bypasses tmpfs File Permissions

12.12.2018

Adobe ColdFusion 2018 - Arbitrary File Upload

ThinkPHP 5.0.23/5.1.31 - Remote Code Execution

WordPress Plugin AutoSuggest 0.24 - 'wpas_keys' SQL Injection

HotelDruid 2.3.0 - 'id_utente_mod' SQL Injection

Apache OFBiz 16.11.05 - Cross-Site Scripting

ZTE ZXHN H168N - Improper Access Restrictions

Huawei B315s-22 - Information Leak

TP-Link wireless router Archer C1200 - Cross-Site Scripting

PrinterOn Enterprise 4.1.4 - Arbitrary File Deletion

LanSpy 2.0.1.159 - Local Buffer Overflow (PoC)

DomainMOD 4.11.01 - Cross-Site Scripting

SmartFTP Client 9.0.2623.0 - Denial of Service (PoC)

PrestaShop 1.6.x/1.7.x - Remote Code Execution

McAfee True Key - McAfee.TrueKey.Service Privilege Escalation

XNU - POSIX Shared Memory Mappings have Incorrect Maximum Protection

11.12.2018

McAfee True Key - McAfee.TrueKey.Service Privilege Escalation

Alumni Tracer SMS Notification - SQL Injection / Cross-Site Request Forgery

Tourism Website Blog - Remote Code Execution / SQL Injection

XNU - POSIX Shared Memory Mappings have Incorrect Maximum Protection

10.12.2018

DomainMOD 4.11.01 - 'DisplayName' Cross-Site Scripting

Adiscon LogAnalyzer 4.1.7 - Cross-Site Scripting

i-doit CMDB 1.11.2 - Remote Code Execution

Textpad 8.1.2 - Denial Of Service (PoC)

5.12.2018HasanMWB 1.0 - SQL Injection
4.12.2018

Microsoft Lync for Mac 2011 - Injection Forced Browsing/Download

Rockwell Automation Allen-Bradley PowerMonitor 1000 - Incorrect Access Control Authentication Bypass

Xorg X11 Server (AIX) - Local Privilege Escalation

OpenSSH < 7.7 - User Enumeration (2)

DomainMOD 4.11.01 - Owner name Field Cross-Site Scripting

NEC Univerge Sv9100 WebPro - 6.00 - Predictable Session ID / Clear Text Password Storage

KeyBase Botnet 1.5 - SQL Injection

Dolibarr ERP/CRM 8.0.3 - Cross-Site Scripting

DomainMOD 4.11.01 - Custom Domain Fields Cross-Site Scripting

DomainMOD 4.11.01 - Custom SSL Fields Cross-Site Scripting

NUUO NVRMini2 3.9.1 - Authenticated Command Injection

DomainMOD 4.11.01 - Registrar Cross-Site Scripting

Wireshark - 'cdma2k_message_ACTIVE_SET_RECORD_FIELDS' Stack Corruption

Wireshark - 'find_signature' Heap Out-of-Bounds Read

HP Intelligent Management - Java Deserialization RCE (Metasploit)

Emacs - movemail Privilege Escalation (Metasploit)

FreshRSS 1.11.1 - Cross-Site Scripting

3.12.2018

PaloAlto Networks Expedition Migration Tool 1.0.106 - Information Disclosure

Rockwell Automation Allen-Bradley PowerMonitor 1000 - Cross-Site Scripting

Fleetco Fleet Maintenance Management 1.2 - Remote Code Execution

CyberArk 9.7 - Memory Disclosure

2.12.2018

Apache Spark - Unauthenticated Command Execution (Metasploit)

VBScript - 'rtFilter' Out-of-Bounds Read

VBScript - 'OLEAUT32!VariantClear' and 'scrrun!VBADictionary::put_Item' Use-After-Free

xorg-x11-server < 1.20.3 - 'modulepath' Local Privilege Escalation

HTML5 Video Player 1.2.5 - Buffer Overflow (Metasploit)

30.11.2018

Apache Spark - Unauthenticated Command Execution (Metasploit)

VBScript - 'rtFilter' Out-of-Bounds Read

VBScript - 'OLEAUT32!VariantClear' and 'scrrun!VBADictionary::put_Item' Use-After-Free

xorg-x11-server < 1.20.3 - 'modulepath' Local Privilege Escalation

HTML5 Video Player 1.2.5 - Buffer Overflow (Metasploit)

29.11.2018Netgear Devices - Unauthenticated Remote Command Execution (Metasploit)
28.11.2018

Xorg X11 Server - SUID privilege escalation (Metasploit)

Arm Whois 3.11 - Buffer Overflow (ASLR)

ELBA5 5.8.0 - Remote Code Execution

Zyxel VMG1312-B10D 5.13AAXA.8 - Directory Traversal

27.11.2018

Zyxel VMG1312-B10D 5.13AAXA.8 - Directory Traversal

No-Cms 1.0 - 'order_by' SQL Injection

No-Cms 1.0 - 'order_by' SQL Injection

Ticketly 1.0 - 'kind_id' SQL Injection

Wordpress Plugins Easy Testimonials 3.2 - Cross-Site Scripting

Ricoh myPrint 2.9.2.4 - Hard-Coded Credentials

MariaDB Client 10.1.26 - Denial of Service (PoC)

22.11.2018

WebOfisi E-Ticaret V4 - 'urun' SQL Injection

WordPress CherryFramework Themes 3.1.4 - Backup File Download

21.11.2018

Microsoft Windows - DfMarshal Unsafe Unmarshaling Privilege Escalation

macOS 10.13 - 'workq_kernreturn' Denial of Service (PoC)

ImageMagick - Memory Leak

Ticketly 1.0 - Cross-Site Request Forgery (Add Admin)

WebOfisi E-Ticaret V4 - 'urun' SQL Injection

WordPress CherryFramework Themes 3.1.4 - Backup File Download

Ticketly 1.0 - 'name' SQL Injection

20.11.2018

MacOS 10.13 - 'workq_kernreturn' Denial of Service (PoC)

Ticketly 1.0 - Cross-Site Request Forgery (Add Admin)

19.11.2018

Microsoft Edge Chakra - OP_Memset Type Confusion

XMPlay 3.8.3 - '.m3u' Denial of Service (PoC)

HTML Video Player 1.2.5 - Buffer-Overflow (SEH)

18.11.2018

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD 4.11.01 - Cross-Site Scripting

Warranty Tracking System 11.06.3 - 'txtCustomerCode' SQL Injection

Linux - Broken uid/gid Mapping for Nested User Namespaces

Easy Outlook Express Recovery 2.0 - Denial of Service (PoC)

Mumsoft Easy Software 2.0 - Denial of Service (PoC)

16.11.2018

DomainMOD 4.11.01 - Cross-Site Scripting

Helpdezk 1.1.1 - Arbitrary File Upload

Warranty Tracking System 11.06.3 - 'txtCustomerCode' SQL Injection

WordPress Plugin Ninja Forms 3.3.17 - Cross-Site Scripting

PHP Mass Mail 1.0 - Arbitrary File Upload

2-Plan Team 1.0.4 - Arbitrary File Upload

15.11.2018

Notepad3 1.0.2.350 - Denial of Service (PoC)

PHP 5.2.3 imap (Debian Based) - 'imap_open' Disable Functions Bypass

Atlassian Jira - Authenticated Upload Code Execution (Metasploit)

SwitchVPN for macOS 2.1012.03 - Privilege Escalation

Bosch Video Management System 8.0 - Configuration Client Denial of Service (PoC)

14.11.2018

Atlassian Jira - Authenticated Upload Code Execution (Metasploit)

Advanced Comment System 1.0 - SQL Injection

SwitchVPN for macOS 2.1012.03 - Privilege Escalation

EdTv 2 - 'id' SQL Injection

Electricks eCommerce 1.0 - Cross-Site Request Forgery (Change Admin Password)

AMPPS 2.7 - Denial of Service (PoC)

Electricks eCommerce 1.0 - Cross-Site Request Forgery (Change Admin Password)

Helpdezk 1.1.1 - 'query' SQL Injection

iServiceOnline 1.0 - 'r' SQL Injection

ntpd 4.2.8p10 - Out-of-Bounds Read (PoC)

13.11.2018

Linux/x86 - Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shellcode (58...

Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service

Evince 3.24.0 - Command Injection

SIPve 0.0.2-R19 - SQL Injection

Webiness Inventory 2.3 - SQL Injection

Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery (Add Admin)

12.11.2018

Nominas 0.27 - 'username' SQL Injection

D-LINK Central WifiManager CWM-100 - Server-Side Request Forgery

ServerZilla 1.0 - 'email' SQL Injection

TP-Link Archer C50 Wireless Router 171227 - Cross-Site Request Forgery (Configuration...

Paroiciel 11.20 - 'tRecIdListe' SQL Injection

Wordpress Plugin Media File Manager 1.4.2 - Directory Traversal

TufinOS 2.17 Build 1193 - XML External Entity Injection

Data Center Audit 2.6.2 - 'username' SQL Injection

HeidiSQL 9.5.0.5196 - Denial of Service (PoC)

9.11.2018

Microsoft Windows 10 (Build 17134) - Local Privilege Escalation (UAC Bypass)

OpenSLP 2.0.0 - Multiple Vulnerabilities

8.11.2018PlayJoom 0.10.1 - 'catid' SQL Injection
7.11.2018

LibreHealth 2.0.0 - Arbitrary File Actions

OpenBiz Cubi Lite 3.0.8 - 'username' SQL Injection

OOP CMS BLOG 1.0 - 'search' SQL Injection

Grocery crud 1.6.1 - 'search_field' SQL Injection

VSAXESS V2.6.2.70 build20171226_053 - 'organization' Denial of Service (PoC)

eToolz 3.4.8.0 - Denial of Service (PoC)

Blue Server 1.1 - Denial of Service (PoC)

6.11.2018

FaceTime - 'VCPDecompressionDecodeFrame' Memory Corruption

FaceTime - 'readSPSandGetDecoderParams' Stack Corruption

FaceTime - RTP Video Processing Heap Corruption

Voovi Social Networking Script 1.0 - 'user' SQL Injection

Royal TS/X - Information Disclosure

LiquidVPN 1.36 / 1.37 - Privilege Escalation

Morris Worm - fingerd Stack Buffer Overflow (Metasploit)

blueimp's jQuery 9.22.0 - (Arbitrary) File Upload (Metasploit)

Morris Worm - sendmail Debug Mode Shell Escape (Metasploit)

5.11.2018

Microsoft Internet Explorer 11 - Null Pointer Difference

Poppy Web Interface Generator 0.8 - Arbitrary File Upload

Virgin Media Hub 3.0 Router - Denial of Service (PoC)

WebVet 0.1a - 'id' SQL Injection

Advantech WebAccess SCADA 8.3.2 - Remote Code Execution

SiAdmin 1.1 - 'id' SQL Injection

Intel (Skylake / Kaby Lake) - 'PortSmash' CPU SMT Side-Channel

Softros LAN Messenger 9.2 - Denial of Service (PoC)

Voovi Social Networking Script 1.0 - 'user' SQL Injection

Royal TS/X - Information Disclosure

PHP Proxy 3.0.3 - Local File Inclusion

2.11.2018

Arm Whois 3.11 - Denial of Service (PoC)

WebDrive 18.00.5057 - Denial of Service (PoC)

Artha The Open Thesaurus 1.0.3.0 - Denial of Service (PoC)

qdPM 9.1 - 'filter_by' SQL Injection

Gate Pass Management System 2.1 - 'login' SQL Injection

Jelastic 5.4 - 'host' SQL Injection

Fantastic Blog CMS 1.0 - 'id' SQL Injection

Anviz AIM CrossChex Standard 4.3 - CSV Injection

1.11.2018

Arm Whois 3.11 - Denial of Service (PoC)

Arm Whois 3.11 - Denial of Service (PoC)

WebDrive 18.00.5057 - Denial of Service (PoC)

Artha The Open Thesaurus 1.0.3.0 - Denial of Service (PoC)

31.10.2018

Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution

SmartFTP Client 9.0.2615.0 - Denial of Service (PoC)

30.10.2018

Windows/x64 - Remote (Bind TCP) Keylogger Shellcode (864 bytes) (Generator)

Instagram Clone 1.0 - Arbitrary File Upload

Notes Manager 1.0 - Arbitrary File Upload

University Application System 1.0 - SQL Injection / Cross-Site Request Forgery (Add Admin)

NETGEAR WiFi Router R6120 - Credential Disclosure

Webiness Inventory 2.9 - Arbitrary File Upload

phptpoint Pharmacy Management System 1.0 - 'username' SQL Injection

Electricks eCommerce 1.0 - 'prodid' SQL Injection

South Gate Inn Online Reservation System 1.0 - 'q' SQL Injection

xorg-x11-server 1.20.3 - Privilege Escalation

R 3.4.4 - Buffer Overflow DEP/ASLR Bypass Win10 x86

29.10.2018

K-iwi Framework 1775 - SQL Injection

SaltOS Erp Crm 3.1 r8126 - Database File Download

SaltOS Erp Crm 3.1 r8126 - SQL Injection (2)

SaltOS Erp Crm 3.1 r8126 - SQL Injection

E-Negosyo System 1.0 - SQL Injection

RhinOS CMS 3.x - Arbitrary File Download

Modbus Slave PLC 7 - '.msw' Buffer Overflow (PoC)

Grapixel New Media 2 - 'pageref' SQL Injection

Paramiko 2.4.1 - Authentication Bypass

Modbus Slave PLC 7 - '.msw' Buffer Overflow (PoC)

Local Server 1.0.9 - Denial of Service (PoC)

AlienIP 2.41 - Denial of Service (PoC)

Navicat 12.0.29 - 'SSH' Denial of Service (PoC)

Open Faculty Evaluation System 5.6 - 'batch_name' SQL Injection

Open Faculty Evaluation System 7 - 'batch_name' SQL Injection

Library Management System 1.0 - 'frmListBooks' SQL Injection

School Equipment Monitoring System 1.0 - 'login' SQL Injection

AlienIP 2.41 - Denial of Service (PoC)

28.10.2018

Veterinary Clinic Management 00.02 - 'editpetnum' SQL Injection

Delta Sql 1.8.2 - 'id' SQL Injection

MPS Box 0.1.8.0 - Arbitrary File Upload

Quick Count 2.0 - 'txtInstID' SQL Injection

xorg-x11-server < 1.20.3 - Local Privilege Escalation

26.10.2018

WebExec - Authenticated User Code Execution (Metasploit)

libtiff 4.0.9 - Decodes Arbitrarily Sized JBIG into a Target Buffer

Open STA Manager 2.3 - Arbitrary File Download

MPS Box 0.1.8.0 - 'uuid' SQL Injection

AjentiCP 1.2.23.13 - Cross-Site Scripting

BORGChat 1.0.0 build 438 - Denial of Service (PoC)

25.10.2018

Microsoft Data Sharing - Local Privilege Escalation (PoC)

WebExec - Authenticated User Code Execution (Metasploit)

WebEx - Local Service Permissions Exploit (Metasploit)

Ekushey Project Manager CRM 3.1 - Cross-Site Scripting

ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution

exim 4.90 - Remote Code Execution

Apache OFBiz 16.11.04 - XML External Entity Injection

LANGO Codeigniter Multilingual Script 1.0 - Cross-Site Scripting

Axioscloud Sissiweb Registro Elettronico 7.0.0 - 'Error_desc' Cross-Site Scripting

24.10.2018

Linux/x86 - execve(/bin/cat /etc/ssh/sshd_config) Shellcode 44 Bytes

ADULT FILTER 1.0 - Denial of Service (PoC)

Axioscloud Sissiweb Registro Elettronico 7.0.0 - 'Error_desc' Cross-Site Scripting

Fifa Master XLS 2.3.2 - 'usw' SQL Injection

MGB OpenSource Guestbook 0.7.0.2 - 'id' SQL Injection

SIM-PKH 2.4.1 - 'id' SQL Injection

School ERP Pro+Responsive 1.0 - 'fid' SQL Injection

School ERP Pro+Responsive 1.0 - Arbitrary File Download

ServersCheck Monitoring Software 14.3.3 - Denial of Service (PoC)

23.10.2018

Microsoft Windows 10 - Local Privilege Escalation (UAC Bypass)

Viva Visitor & Volunteer ID Tracking 0.95.1 - 'fname' SQL Injection

The Open ISES Project 3.30A - Arbitrary File Download

eNdonesia Portal 8.7 - 'artid' SQL Injection

School ERP Ultimate 2018 - 'fid' SQL Injection

The Open ISES Project 3.30A - 'tick_lat' SQL Injection

22.10.2018

Windows - SetImeInfoEx Win32k NULL Pointer Dereference (Metasploit)

Apple iOS Kernel - Use-After-Free due to bad Error Handling in Personas

Apple iOS/macOS - Kernel Memory Corruption due to Integer Overflow in...

Apple iOS/macOS - Sandbox Escape due to mach Message sent from Shared Memory

Apple iOS - Kernel Stack Memory Disclosure due to Failure to Check copyin Return Value

Apple iOS/macOS - Sandbox Escape due to Trusted Length Field in Shared Memory used by HID...

Apple Intel GPU Driver - Use-After-Free/Double-Delete due to bad Locking

MySQL Edit Table 1.0 - 'id' SQL Injection

Modbus Poll 7.2.2 - Denial of Service (PoC)

The Open ISES Project 3.30A - 'tick_lat' SQL Injection

Oracle Siebel CRM 8.1.1 - CSV Injection

School ERP Ultimate 2018 - Arbitrary File Download

AudaCity 2.3 - Denial of Service (PoC)

19.10.2018

libSSH - Authentication Bypass

OwnTicket 1.0 - 'TicketID' SQL Injection

PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add admin)

Learning with Texts 1.6.2 - 'start' SQL Injection

18.10.2018

FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials

Time and Expense Management System 3.0 - 'table' SQL Injection

TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure

17.10.2018

Microsoft Windows - 'FSCTL_FIND_FILES_BY_SID' Information Disclosure

Any Sound Recorder 2.93 - Buffer Overflow (SEH)

Git Submodule - Arbitrary Code Execution

VLC Media Player - MKV Use-After-Free (Metasploit)

Solaris - RSH Stack Clash Privilege Escalation (Metasploit)

Time and Expense Management System 3.0 - Cross-Site Request Forgery (Add Admin)

BigTree CMS 4.2.23 - Cross-Site Scripting

Heatmiser Wifi Thermostat 1.7 - Credential Disclosure

15.10.2018

Academic Timetable Final Build 7.0a-7.0b - 'id' SQL Injection

FLIR AX8 Thermal Camera 1.32.16 - RTSP Stream Disclosure

MaxOn ERP Software 8.x-9.x - 'nomor' SQL Injection

Advanced HRM 1.6 - Remote Code Execution

College Notes Management System 1.0 - 'user' SQL Injection

FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution

AlchemyCMS 4.1 - Cross-Site Scripting

Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin)

14.10.2018

SugarCRM 6.5.26 - Cross-Site Scripting

HaPe PKH 1.1 - Arbitrary File Upload

CAMALEON CMS 2.4 - Cross-Site Scripting

HaPe PKH 1.1 - Cross-Site Request Forgery (Update Admin)

12.10.2018

Microsoft SQL Server Management Studio 17.9 - '.xmla' XML External Entity Injection

Microsoft SQL Server Management Studio 17.9 - '.xel' XML External Entity Injection

Microsoft SQL Server Management Studio 17.9 - XML External Entity Injection

E-Registrasi Pencak Silat 18.10 - 'id_partai' SQL Injection

WAGO 750-881 01.09.18 - Cross-Site Scripting

Wikidforum 2.20 - Cross-Site Scripting

jQuery-File-Upload 9.22.0 - Arbitrary File Upload

Phoenix Contact WebVisit 6.40.00 - Password Disclosure

11.10.2018

Microsoft SQL Server Management Studio 17.9 - '.xmla' XML External Entity Injection

Microsoft SQL Server Management Studio 17.9 - '.xel' XML External Entity Injection

Microsoft SQL Server Management Studio 17.9 - XML External Entity Injection

Phoenix Contact WebVisit 6.40.00 - Password Disclosure

jQuery-File-Upload 9.22.0 - Arbitrary File Upload

E-Registrasi Pencak Silat 18.10 - 'id_partai' SQL Injection

WAGO 750-881 01.09.18 - Cross-Site Scripting

Wikidforum 2.20 - Cross-Site Scripting

Ektron CMS 9.20 SP2 - Improper Access Restrictions

MicroTik RouterOS < 6.43rc3 - Remote Root

Ektron CMS 9.20 SP2 - Improper Access Restrictions

WhatsApp - RTP Processing Heap Corruption

FileZilla 3.33 - Buffer Overflow (PoC)

10.10.2018

Microsoft Edge Chakra JIT - Type Confusion

Microsoft Edge Chakra JIT - 'BailOutOnInvalidatedArrayHeadSegment' Check Bypass

Delta Electronics Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow...

Wikidforum 2.20 - 'message_id' SQL Injection

Wikidforum 2.20 - 'select_sort' SQL Injection

ifwatchd - Privilege Escalation (Metasploit)

ghostscript - executeonly Bypass with errorhandler Setup

Seqrite End Point Security 7.4 - Privilege Escalation

9.10.2018

Microsoft Windows - Net-NTLMv2 Reflection DCOM/RPC (Metasploit)

Navigate CMS - Unauthenticated Remote Code Execution (Metasploit)

Unitrends UEB - HTTP API Remote Code Execution (Metasploit)

Cisco Prime Infrastructure - Unauthenticated Remote Code Execution

Imperva SecureSphere 13 - Remote Command Execution

FLIR Thermal Traffic Cameras 1.01-0bb5b27 - Information Disclosure

Zahir Enterprise Plus 6 - Stack Buffer Overflow (Metasploit)

Git Submodule - Arbitrary Code Execution

Android - sdcardfs Changes current->fs Without Proper Locking

Linux - Kernel Pointer Leak via BPF

8.10.2018

360 3.5.0.1033 - Sandbox Escape

net-snmp 5.7.3 - Unauthenticated Denial of Service (PoC)

Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode...

Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 bytes)

Cisco Prime Infrastructure - Unauthenticated Remote Code Execution

Git Submodule - Arbitrary Code Execution

Linux Kernel < 4.11.8 - 'mq_notify: double sock_put()' Local Privilege Escalation

net-snmp 5.7.3 - Authenticated Denial of Service (PoC)

net-snmp 5.7.3 - Unauthenticated Denial of Service (PoC)

7.10.2018

Chamilo LMS 1.11.8 - Cross-Site Scripting

ISPConfig < 3.1.13 - Remote Command Execution

D-Link Central WiFiManager Software Controller 1.03 - Multiple Vulnerabilities

Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Request Forgery (Add Admin)

5.10.2018

LayerBB Forum 1.1.1 - 'search_query' SQL Injection

NICO-FTP 3.0.1.19 - Buffer Overflow (SEH)(ASLR)

4.10.2018

LayerBB Forum 1.1.1 - 'search_query' SQL Injection

virtualenv 16.0.0 - Sandbox Escape

FTP Voyager 16.2.0 - Denial of Service (PoC)

Linux\x86 - (NOT +SHIFT-N+ XOR-N) + encoded (/bin/sh) Shellcode (50 byes)

3.10.2018

OPAC EasyWeb Five 5.7 - 'nome' SQL Injection

Coaster CMS 5.5.0 - Cross-Site Scripting

OPAC EasyWeb Five 5.7 - 'biblio' SQL Injection

Joomla! Component Jimtawl 2.2.7 - 'id' SQL Injection

Zechat 1.5 - 'uname' SQL Injection

2.10.2018

OPAC EasyWeb Five 5.7 - 'nome' SQL Injection

Coaster CMS 5.5.0 - Cross-Site Scripting

OPAC EasyWeb Five 5.7 - 'biblio' SQL Injection

OPAC EasyWeb Five 5.7 - 'biblio' SQL InjectionLinux Kernel 2.6.x / 3.10.x / 4.14.x (RedHat / Debian / CentOS) (x64) - 'Mutagen...

Billion ADSL Router 400G 20151105641 - Cross-Site Scripting

1.10.2018

H2 Database 1.4.196 - Remote Code Execution

Zahir Enterprise Plus 6 build 10b - Buffer Overflow (SEH)

Snes9K 0.0.9z - Denial of Service (PoC)

Flippa Marketplace Clone 1.0 - 'date_started' SQL Injection

Binary MLM Software 1.0 - 'pid' SQL Injection

Singleleg MLM Software 1.0 - 'msg_id' SQL Injection

Education Website 1.0 - 'subject' SQL Injection

Hotel Booking Engine 1.0 - 'h_room_type' SQL Injection

Fork CMS 5.4.0 - Cross-Site Scripting

ManageEngine AssetExplorer 6.2.0 - Cross-Site Scripting

Zahir Enterprise Plus 6 build 10b - Buffer Overflow (SEH)

Snes9K 0.0.9z - Denial of Service (PoC)

30.9.2018

PCProtect 4.8.35 - Privilege Escalation
28.9.2018

Microsoft Edge - Sandbox Escape Microsoft Edge - Sandbox Escape

PCProtect 4.8.35 - Privilege Escalation

27.9.2018

Rausoft ID.prove 2.95 - 'Username' SQL injection

ManageEngine Desktop Central 10.0.271 - Cross-Site Scripting

iWay Data Quality Suite Web Console 10.6.1.ga - XML External Entity Injection

EE 4GEE Mini EE40_00_02.00_44 - Privilege Escalation

Linux - VMA Use-After-Free via Buggy vmacache_flush_all() Fastpath

CrossFont 7.5 - Denial of Service (PoC)

TransMac 12.2 - Denial of Service (PoC)

Linux/ARM - Bind (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (92 Bytes)

26.9.2018

Joomla! Component Responsive Portfolio 1.6.1 - 'filter_order_Dir' SQL Injection

RICOH MP C406Z Printer - Cross-Site Scripting

RICOH MP 305+ Printer - Cross-Site Scripting

Joomla! Component Timetable Schedule 3.6.8 - SQL Injection

Joomla! Component Article Factory Manager 4.3.9 - SQL Injection

Joomla! Component AlphaIndex Dictionaries 1.0 - SQL Injection

Joomla! Component Reverse Auction Factory 4.3.8 - SQL Injection

Faleemi Desktop Software 1.8.2 - 'Device alias' Local Buffer Overflow (SEH)

Solaris - 'EXTREMEPARR' dtappgather Privilege Escalation (Metasploit)

Easy PhoroResQ 1.0 - Buffer Overflow

WebKit - 'WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded'...

WebKit - 'WebCore::SVGTextLayoutAttributes::context' Use-After-Free

WebKit - 'WebCore::RenderLayer::updateDescendantDependentFlags' Use-After-Free

WebKit - 'WebCore::SVGTRefElement::updateReferencedText' Use-After-Free

WebKit - 'WebCore::RenderMultiColumnSet::updateMinimumColumnHeight' Use-After-Free

WebKit - 'WebCore::InlineTextBox::paint' Out-of-Bounds Read

WebKit - 'WebCore::Node::ensureRareData' Use-After-Free

24.9.2018

RICOH MP C6003 Printer - Cross-Site Scripting

Joomla! Component Auction Factory 4.5.5 - 'filter_order' SQL Injection

RICOH Aficio MP 301 Printer - Cross-Site Scripting

Joomla! Component Micro Deal Factory 2.4.0 - 'id' SQL Injection

Joomla! Component AMGallery 1.2.3 - 'filter_category_id' SQL Injection

MyBB Visual Editor 1.8.18 - Cross-Site Scripting

LG SuperSign EZ CMS 2.5 - Remote Code Execution

Beyond Remote 2.2.5.3 - Denial of Service (PoC)

SoftX FTP Client 3.3 - Denial of Service (PoC)

Termite 3.4 - Denial of Service (PoC)

udisks2 2.8.0 - Denial of Service (PoC)

Linux/ARM - sigaction() Based Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) Shellcode...

Linux/ARM - Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) Shellcode (28 Bytes)

22.9.2018

WebRTC - FEC Out-of-Bounds Read

WebRTC - VP9 Processing Use-After-Free

21.9.2018

NICO-FTP 3.0.1.19 - Buffer Overflow (SEH)

WebRTC - FEC Out-of-Bounds Read

WebRTC - VP9 Processing Use-After-Free

Linux/x86 - Egghunter (0x50905090) + sigaction() Shellcode (27 bytes)

19.9.2018

Microsoft Windows - Double Dereference in NtEnumerateKey Elevation of Privilege

Microsoft Windows - 'CiSetFileCache' WDAC Security Feature Bypass TOCTOU

Microsoft Edge Chakra JIT - 'localeCompare' Type Confusion

Microsoft Edge Chakra - 'PathTypeHandlerBase::SetAttributesHelper' Type Confusion

LG SuperSign EZ CMS 2.5 - Local File Inclusion

WordPress Plugin Localize My Post 1.0 - Local File Inclusion

WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion

Roundcube rcfilters plugin 2.1.6 - Cross-Site Scripting

18.9.2018

Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution

NUUO NVRMini2 3.8 - 'cgi_system' Buffer Overflow (Enable Telnet)

Linux/ARM - Jump Back Shellcode + execve("/bin/sh", NULL, NULL) Shellcode (4 Bytes)

CA Release Automation NiMi 6.5 - Remote Command Execution

Joomla Component JCK Editor 6.4.4 - 'parent' SQL Injection

Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Scripting

Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service (PoC)

17.9.2018

Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service (PoC)

CA Release Automation NiMi 6.5 - Remote Command Execution

Joomla Component JCK Editor 6.4.4 - 'parent' SQL Injection

Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Scripting

Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service (PoC)

Notebook Pro 2.0 - Denial Of Service (PoC)

XAMPP Control Panel 3.2.2 - Denial of Service (PoC)

16.9.2018

Linux/x86 - Random Bytewise XOR + Insertion Encoder Shellcode (54 bytes)

Linux/86 - File Modification(/etc/hosts) Polymorphic Shellcode (99 bytes)

Linux/x86 - Read File (/etc/passwd) MSF Optimized Shellcode (61 bytes)

Linux/x86 - Add User(r00t/blank) Polymorphic Shellcode (103 bytes)

14.9.2018

Watchguard AP100 AP102 AP200 1.2.9.15 - Remote Code Execution (Metasploit)

Chrome OS 10820.0.0 dev-channel - app->VM via garcon TCP Command Socket

Linux 4.18 - Arbitrary Kernel Read into dmesg via Missing Address Check in segfault...

TeamViewer App 13.0.100.0 - Denial of Service (PoC) MediaTek Wirless Utility rt2870 - Denial of Service (PoC)

Wordpress Plugin Survey & Poll 1.5.7.3 - 'sss_params' SQL Injection

Watchguard AP100 AP102 AP200 1.2.9.15 - Remote Code Execution (Metasploit)

Free MP3 CD Ripper 2.6 - '.wma' Local Buffer Overflow (SEH)

Faleemi Plus 1.0.2 - Denial of Service (PoC)

InfraRecorder 0.53 - '.txt' Denial of Service (PoC)

CdBurnerXP 4.5.8.6795 - 'File Name' Denial of Service (PoC)

13.9.2018

Apache Syncope 2.0.7 - Remote Code Execution

Apache Portals Pluto 3.0.0 - Remote Code Execution

Chrome OS 10820.0.0 dev-channel - app->VM via garcon TCP Command Socket

Socusoft Photo to Video Converter 8.07 - 'Registration Name' Buffer Overflow

Linux 4.18 - Arbitrary Kernel Read into dmesg via Missing Address Check in segfault...

TeamViewer App 13.0.100.0 - Denial of Service (PoC)

MediaTek Wirless Utility rt2870 - Denial of Service (PoC)

12.9.2018

Apple macOS 10.13.4 - Denial of Service (PoC)

Android - 'zygote->init;' Chain from USB Privilege Escalation

InTouch Machine Edition 8.1 SP1 - 'Nombre del Tag' Buffer Overflow (SEH)

Bayanno Hospital Management System 4.0 - Cross-Site Scripting

PicaJet FX 2.6.5 - Denial of Service (PoC)

RoboImport 1.2.0.72 - Denial of Service (PoC)

PixGPS 1.1.8 - Denial of Service (PoC)

jiNa OCR Image to Text 1.0 - Denial of Service (PoC)

11.9.2018

Apache Struts 2 - Namespace Redirect OGNL Injection (Metasploit)

Bayanno Hospital Management System 4.0 - Cross-Site Scripting

InTouch Machine Edition 8.1 SP1 - 'Nombre del Tag' Buffer Overflow (SEH)

HTML5 Video Player 1.2.5 - Denial of Service (PoC)

10.9.2018

Microsoft Baseline Security Analyzer 2.3 - XML External Entity Injection

Apache Struts 2 - Namespace Redirect OGNL Injection (Metasploit)

LW-N605R 12.20.2.1486 - Remote Code Execution

Ghostscript - Failed Restore Command Execution (Metasploit)

Zenmap (Nmap) 7.70 - Denial of Service (PoC)

Any Sound Recorder 2.93 - Denial of Service (PoC)

Flash Slideshow Maker Professional 5.20 - Buffer Overflow (SEH)

Photo To Video Converter Professional 8.07 - Buffer Overflow (SEH)

Socusoft 3GP Photo Slideshow 8.05 - Buffer Overflow (SEH)

SocuSoft iPod Photo Slideshow 8.05 - Buffer Overflow (SEH)

9.9.2018

D-Link Dir-600M N150 - Cross-Site Scripting

WirelessHART Fieldgate SWG70 3.0 - Directory Traversal

Apache Roller 5.0.3 - XML External Entity Injection (File Disclosure)

Jorani Leave Management 0.6.5 - 'startdate' SQL Injection

Tenable WAS-Scanner 7.4.1708 - Remote Command Execution

MedDream PACS Server Premium 6.7.1.1 - 'email' SQL Injection

7.9.2018

D-Link Dir-600M N150 - Cross-Site Scripting

WirelessHART Fieldgate SWG70 3.0 - Directory Traversal

Apache Roller 5.0.3 - XML External Entity Injection (File Disclosure)

Jorani Leave Management 0.6.5 - 'startdate' SQL Injection

Tenable WAS-Scanner 7.4.1708 - Remote Command Execution

MedDream PACS Server Premium 6.7.1.1 - 'email' SQL Injection

6.9.2018

WirelessHART Fieldgate SWG70 3.0 - Directory Traversal

Apache Roller 5.0.3 - XML External Entity Injection (File Disclosure)

Jorani Leave Management 0.6.5 - 'startdate' SQL Injection

Jorani Leave Management 0.6.5 - Cross-Site Scripting

NovaRad NovaPACS Diagnostics Viewer 8.5 - XML External Entity Injection (File Disclosure)

Cisco Umbrella Roaming Client 2.0.168 - Privilege Escalation

5.9.2018

Microsoft people 10.1807.2131.0 - Denial of service (PoC)

FTPShell Server 6.80 - 'Add Account Name' Buffer Overflow (SEH)

FUJI XEROX DocuCentre-V 3065 Printer - Remote Command Execution

iSmartViewPro 1.5 - 'DDNS' Buffer Overflow

Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode (20 Bytes)

4.9.2018

mooSocial Store Plugin 2.6 - SQL Injection

Simple POS 4.0.24 - 'columns[0][search][value]' SQL Injection

PHP File Browser Script 1 - Directory Traversal

Logicspice FAQ Script 2.9.7 - Remote Code Execution

Online Quiz Maker 1.0 - 'catid' SQL Injection

Admidio 3.3.5 - Cross-Site Request Forgery (Change Permissions)

FsPro Labs Event Log Explorer v4.6.1.2115 - XML External Entity Injection

iSmartViewPro 1.5 - 'DDNS' Buffer Overflow

3.9.2018

Microsoft Windows Explorer Out-of-Bound Read - Denial of Service (PoC)

Symantec Mobile Encryption for iPhone 2.1.0 - 'Server' Denial of Service (PoC)

Trend Micro Virtual Mobile Infrastructure 5.5.1336 - 'Server address' Denial of Service...

Wikipedia 12.0 - Denial of Service (PoC)

D-Link DIR-615 - Denial of Service (PoC)

Visual Ping 0.8.0.0 - 'Host' Denial of Service (PoC)

VSAXESS V2.6.2.70 build20171226_053 - 'Nickname' Denial of Service (PoC)

Online Quiz Maker 1.0 - 'catid' SQL Injection

Admidio 3.3.5 - Cross-Site Request Forgery (Change Permissions)

FsPro Labs Event Log Explorer v4.6.1.2115 - XML External Entity Injection

2.9.2018

Network Manager VPNC - Username Privilege Escalation (Metasploit)

Argus Surveillance DVR 4.0.0.0 - Privilege Escalation

Acunetix WVS Reporter 10.0 - Denial of Service (PoC)

31.8.2018

Cybrotech CyBroHttpServer 1.0.3 - Cross-Site Scripting

WordPress Plugin Quizlord 2.0 - Cross-Site Scripting

DLink DIR-601 - Credential Disclosure

WordPress Plugin Jibu Pro 1.7 - Cross-Site Scripting

Cybrotech CyBroHttpServer 1.0.3 - Directory Traversal

Nord VPN 6.14.31 - Denial of Service (PoC)

NetworkActiv Web Server 4.0 Pre-Alpha-3.7.2 - 'Username' Denial of Service (PoC)

Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode (28 Bytes)

30.8.2018

DLink DIR-601 - Credential Disclosure

WordPress Plugin Jibu Pro 1.7 - Cross-Site Scripting

Cybrotech CyBroHttpServer 1.0.3 - Directory Traversal

Nord VPN 6.14.31 - Denial of Service (PoC)

29.8.2018

Windows/x64 (10) - WoW64 Egghunter Shellcode (50 bytes)

Linux/x86 - IPv6 Reverse TCP Shellcode Generator (94 bytes)

Linux/x86 - Dual Network Stack (IPv4 and IPv6) Bind TCP Shellcode

Linux/ARM - execve("/bin/sh", ["/bin/sh"], NULL) Shellcode (32 Bytes)

Linux/MIPS64 - execve(/bin/sh) Shellcode (48 bytes)

Eaton Xpert Meter 13.4.0.10 - SSH Private Key Disclosure

Argus Surveillance DVR 4.0.0.0 - Directory Traversal

Episerver 7 patch 4 - XML External Entity Injection

phpMyAdmin 4.7.x - Cross-Site Request Forgery

R 3.4.4 - Buffer Overflow (SEH)

SIPP 3.3 - Stack-Based Buffer Overflow

Skype Empresarial Office 365 16.0.10730.20053 - 'Dirección de inicio de sesión' Denial of ...

Fathom 2.4 - Denial Of Service (PoC)

ipPulse 1.92 - 'TCP Port' Denial of Service (PoC)

Immunity Debugger 1.85 - Denial of Service (PoC)

NASA openVSP 3.16.1 - Denial of Service (PoC)

28.8.2018

Cisco Network Assistant 6.3.3 - 'Cisco Login' Denial of Service (PoC)

Schneider Electric BMX P34 CPU B - Open Redirect

UltraISO 9.7.1.3519 - Buffer Overflow (SEH)

Microsoft Windows - JScript RegExp.lastIndex Use-After-Free

Instagram App 41.1788.50991.0 - Denial of Service (PoC)

27.8.2018

Trend Micro Enterprise Mobile Security 2.0.0.1700 - 'Servidor' Denial of Service (PoC)

Firefox 55.0.3 - Denial of Service (PoC)

HP Jetdirect - Path Traversal Arbitrary Code Execution (Metasploit)

Electron WebPreferences - Remote Code Execution

Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (1)

Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (2)

WordPress Plugin Plainview Activity Monitor 20161228 - Command Injection

Responsive FileManager < 9.13.4 - Directory Traversal

Seagate Personal Cloud SRN21C 4.3.16.0 / 4.3.18.0 - SQL Injection

LiteCart 2.1.2 - Arbitrary File Upload

Sentrifugo HRMS 3.2 - 'deptid' SQL Injection

RICOH MP C4504ex Printer - Cross-Site Request Forgery (Add Admin)

Gleez CMS 1.2.0 - Cross-Site Request Forgery (Add Admin)

ManageEngine ADManager Plus 6.5.7 - Cross-Site Scripting

WordPress Plugin Gift Voucher 1.0.5 - 'template_id' SQL Injection

Foxit PDF Reader 9.0.1.1049 - Pointer Overwrite Use-After-Free (Metasploit)

CuteFTP 5.0 - Buffer Overflow

Adobe Flash - AVC Processing Out-of-Bounds Read

Libpango 1.40.8 - Denial of Service (PoC)

26.8.2018

Vox TG790 ADSL Router - Cross-Site Request Forgery (Add Admin)

SkypeApp 12.8.487.0 - 'Cuenta de Skype o Microsoft' Denial of Service (PoC)

ManageEngine ADManager Plus 6.5.7 - Cross-Site Scripting

WordPress Plugin Gift Voucher 1.0.5 - 'template_id' SQL Injection

24.8.2018

Vox TG790 ADSL Router - Cross-Site Request Forgery (Add Admin)

PCViewer vt1000 - Directory Traversal

Twitter-Clone 1 - 'code' SQL Injection

StyleWriter 4 1.0 - Denial of Service (PoC)

SkypeApp 12.8.487.0 - 'Cuenta de Skype o Microsoft' Denial of Service (PoC)

Epiphany Web Browser 3.28.1 - Denial of Service (PoC)

23.8.2018

PCViewer vt1000 - Directory Traversal

Twitter-Clone 1 - 'code' SQL Injection

Windows 10 Diagnostics Hub Standard Collector Service - Privilege Escalation

Epiphany Web Browser 3.28.1 - Denial of Service (PoC)

CuteFTP 8.3.1 - Denial of Service (PoC)

22.8.2018

Geutebrueck re_porter 16 - Cross-Site Scripting

Geutebrueck re_porter 7.8.974.20 - Credential Disclosure

KingMedia 4.1 - Remote Code Execution

ZyXEL VMG3312-B10B - Cross-Site Scripting

Windows 10 Diagnostics Hub Standard Collector Service - Privilege Escalation

Ghostscript - Multiple Vulnerabilities

Project64 2.3.2 - Buffer Overflow (SEH)

Easyboot 6.6.0 - Denial Of Service (PoC)

UltraISO 9.7.1.3519 - Denial Of Service (PoC)

Textpad 7.6.4 - Denial Of Service (PoC)

21.8.2018

Hikvision IP Camera 5.4.0 - User Enumeration (Metasploit)

Twitter-Clone 1 - 'userid' SQL Injection

Project64 2.3.2 - Denial Of Service (PoC)

OpenSSH 7.7 - Username Enumeration

Wordpress Plugin Ninja Forms 3.3.13 - CSV Injection

20.8.2018

Easylogin Pro 1.3.0 - Encryptor.php Unserialize Remote Code Execution

SEIG Modbus 3.4 - Remote Code Execution

SEIG SCADA System 9 - Remote Code Execution

WordPress Plugin Tagregator 0.6 - Cross-Site Scripting

MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Request Forgery

WordPress Plugin Chained Quiz 1.0.8 - 'answer' SQL Injection

Prime95 29.4b7 - Denial Of Service (PoC)

Restorator 1793 - Denial of Service (PoC)

Zortam MP3 Media Studio 23.95 - Denial of Service (PoC)

SEIG Modbus 3.4 - Denial of Service (PoC)

17.8.2018

Microsoft Edge Chakra JIT - InitializeNumberFormat and InitializeDateTimeFormat Type...

Microsoft Edge Chakra JIT - 'InlineArrayPush' Type Confusion

Microsoft Edge Chakra JIT - 'DictionaryPropertyDescriptor::CopyFrom' Type Confusion

Microsoft Edge Chakra JIT - Scope Parsing Type Confusion

Microsoft Edge Chakra JIT - ImplicitCallFlags Check Bypass with Intl

CEWE Photoshow 6.3.4 - Denial of Service (PoC)

Central Management Software 1.4.13 - Denial of Service (PoC)

OpenSSH 2.3 < 7.4 - Username Enumeration (PoC)

Mikrotik WinBox 6.42 - Credential Disclosure (golang)

ADM 3.1.2RHG1 - Remote Code Execution

WebkitGTK+ 2.20.3 - 'ImageBufferCairo::getImageData()' Buffer Overflow (PoC)

16.8.2018

Pimcore 5.2.3 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery

Wordpress Plugin Export Users to CSV 1.1.1 - CSV Injection

OpenEMR 5.0.1.3 - Arbitrary File Actions

WebkitGTK+ 2.20.3 - 'ImageBufferCairo::getImageData()' Buffer Overflow (PoC)

Central Management Software 1.4.13 - Denial of Service (PoC)

ObserverIP Scan Tool 1.4.0.1 - Denial of Service (PoC)

TP-Link WR840N 0.9.1 3.16 - Denial of Service (Po

15.8.2018

ASUS-DSL N10 1.1.2.2_17 - Authentication Bypass

ASUSTOR ADM 3.1.0.RFQ3 - Remote Command Execution / SQL Injection

JioFi 4G M2S 1.0.2 - Denial of Service (PoC)

Cloudme 1.9 - Buffer Overflow (DEP) (Metasploit)

Oracle GlassFish Server Open Source Edition 4.1 - Path Traversal (Metasploit)

cgit 1.2.1 - Directory Traversal (Metasploit)

Wansview 1.0.2 - Denial of Service (PoC)

14.8.2018

Oracle GlassFish Server Open Source Edition 4.1 - Path Traversal (Metasploit)

cgit 1.2.1 - Directory Traversal (Metasploit)

Cloudme 1.9 - Buffer Overflow (DEP) (Metasploit)

Wansview 1.0.2 - Denial of Service (PoC)

13.8.2018

Oracle Weblogic Server - Deserialization Remote Code Execution (Metasploit)

Android - Directory Traversal over USB via Injection in blkid Output

PostgreSQL 9.4-0.5.3 - Privilege Escalation

Monitoring software iSmartViewPro 1.5 - 'SavePath for ScreenShots' Buffer Overflow

Switch Port Mapping Tool 2.81.2 - 'Name Field' Denial of Service (PoC)

PLC Wireless Router GPN2.4P21-C-CN - Denial of Service

Acunetix WVS 10.0 Build 20150623 - Denial of Service (PoC)

IP Finder 1.5 - Denial of Service (PoC)

Linux/x64 - Add Root User (toor/toor) Shellcode (99 bytes)

Microsoft DirectX SDK - 'Xact.exe' Remote Code Execution

IBM Sterling B2B Integrator 5.2.0.1/5.2.6.3 - Cross-Site Scripting

10.8.2018

Mikrotik WinBox 6.42 - Credential Disclosure (Metasploit)

reSIProcate 1.10.2 - Heap Overflow

Zimbra 8.6.0_GA_1153 - Cross-Site Scripting

iSmartViewPro 1.5 - 'Password' Buffer Overflow

MyBB Like Plugin 3.0.0 - Cross-Site Scripting

MyBB Thank You/Like Plugin 3.0.0 - Cross-Site Scripting

9.8.2018

osTicket 1.10.1 - Arbitrary File Upload

LG-Ericsson iPECS NMS 30M - Directory Traversal

iSmartViewPro 1.5 - 'Account' Buffer Overflow

iSmartViewPro 1.5 - 'Device Alias' Buffer Overflow

TP-Link Wireless N Router WR840N - Denial of Service (PoC)

8.8.2018

OpenEMR < 5.0.1 - Remote Code Execution

iSmartViewPro 1.5 - 'Account' Buffer Overflow

iSmartViewPro 1.5 - 'Device Alias' Buffer Overflow

7.8.2018

QNap QVR Client 5.0.3.23100 - Denial of Service (PoC)

OpenEMR < 5.0.1 - Remote Code Execution

Open-AudIT Community 2.2.6 - Cross-Site Scripting

Monstra 3.0.4 - Cross-Site Scripting

onArcade 2.4.2 - Cross-Site Request Forgery (Add Admin)

LAMS < 3.1 - Cross-Site Scripting

Subrion CMS 4.2.1 - Cross-Site Scripting

2.8.2018

ipPulse 1.92 - 'Licence Key' Denial of Service (PoC)

Switch Port Mapping Tool 2.81 - 'SNMP Community Name' Denial of Service (PoC)

Linux/ARM - Reverse (::1:4444/TCP) Shell +IPv6 Shellcode (116 Bytes)

31.7.2018

H2 Database 1.4.197 - Information Disclosure

Charles Proxy 4.2 - Local Privilege Escalation

fusermount - user_allow_other Restriction Bypass and SELinux Label Control

Microsoft Windows Kernel - 'win32k!NtUserConsoleControl' Denial of Service (PoC)

ipPulse 1.92 - 'IP Address/HostName-Comment' Denial of Service (PoC)

30.7.2018

Microsoft Windows Kernel - 'win32k!NtUserConsoleControl' Denial of Service (PoC)

ipPulse 1.92 - 'IP Address/HostName-Comment' Denial of Service (PoC)

29.7.2018

WordPress Plugin Responsive Thumbnail Slider - Arbitrary File Upload (Metasploit)

SoftNAS Cloud < 4.0.3 - OS Command Injection

Online Trade 1 - Information Disclosure

Skia - Heap Overflow in SkScan::FillPath due to Precision Error

NetScanTools Basic Edition 2.5 - 'Hostname' Denial of Service (PoC)

QNap QVR Client 5.1.1.30070 - 'Password' Denial of Service (PoC)

26.7.2018

Trivum Multiroom Setup Tool 8.76 - Corss-Site Request Forgery (Admin Bypass)

10-Strike LANState 8.8 - Local Buffer Overflow (SEH)

10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow (SEH)

25.7.2018

10-Strike LANState 8.8 - Local Buffer Overflow (SEH)

10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow (SEH)

GetGo Download Manager 6.2.1.3200 - Denial of Service (PoC)

24.7.2018

Microsoft Windows - 'dnslint.exe' Drive-By Download

Windows Speech Recognition - Buffer Overflow

Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (100 bytes)

Tenda Wireless N150 Router 5.07.50 - Cross-Site Request Forgery (Reboot Router)

Davolink DVW 3200 Router - Password Disclosure

NUUO NVRmini - 'upgrade_handle.php' Remote Command Execution

Splinterware System Scheduler Pro 5.12 - Buffer Overflow (SEH)

22.7.2018

MyBB New Threads Plugin 1.1 - Cross-Site Scripting

WordPress Plugin All In One Favicon 4.6 - Cross-Site Scripting

19.7.2018

Linux - BPF Sign Extension Local Privilege Escalation (Metasploit)

WordPress Plugin All In One Favicon 4.6 - Cross-Site Scripting

MyBB New Threads Plugin 1.1 - Cross-Site Scripting

HomeMatic Zentrale CCU2 - Remote Code Execution

Modx Revolution < 2.6.4 - Remote Code Execution

FTP2FTP 1.0 - Arbitrary File Download

Open-AudIT Community 2.1.1 - Cross-Site Scripting

Smart SMS & Email Manager 3.3 - 'contact_type_id' SQL Injection

JavaScript Core - Arbitrary Code Execution

18.7.2018

HomeMatic Zentrale CCU2 - Remote Code Execution

Nanopool Claymore Dual Miner - APIs Remote Code Execution (Metasploit)

QNAP Q'Center - 'change_passwd' Command Execution (Metasploit)

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Default Credentials

Modx Revolution < 2.6.4 - Remote Code Execution

FTP2FTP 1.0 - Arbitrary File Download

Open-AudIT Community 2.1.1 - Cross-Site Scripting

Smart SMS & Email Manager 3.3 - 'contact_type_id' SQL Injection

17.7.2018

Microsoft Enterprise Mode Site List Manager - XML External Entity Injection

macOS/iOS - JavaScript Injection Bug in OfficeImporter

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Default Credentials

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Remote Root

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - File Manipulation

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Configuration Download

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Denial of Service

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Cross-Site Request Forgery

WordPress Plugin Job Manager 4.1.0 - Cross-Site Scripting

VelotiSmart WiFi B-380 Camera - Directory Traversal

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Restricted Shell Escape

Linux/x64 - Reverse (::1:1337/TCP) + IPv6 + Password (pwnd) Shellcode (115 bytes)

Linux/ARM - Bind (1234/TCP) Shell (/bin/sh) Shellcode (104 bytes)

12.7.2018

Microsoft Edge Chakra JIT - Type Confusion with Hoisted SetConcatStrMultiItemBE...

Microsoft Edge Chakra JIT - BoundFunction::NewInstance Out-of-Bounds Read

Microsoft Edge Chakra JIT - Out-of-Bounds Reads/Writes

IBM QRadar SIEM - Unauthenticated Remote Code Execution (Metasploit)

Dicoogle PACS 2.5.0 - Directory Traversal

Instagram-Clone Script 2.0 - Cross-Site Scripting

Linux Kernel < 4.13.9 (Ubuntu 16.04/Fedora 27) - Local Privilege Escalation

11.7.2018

D-Link DIR601 2.02 - Credential Disclosure

Elektronischer Leitz-Ordner 10 - SQL Injection

WolfSight CMS 3.2 - SQL Injection

Oracle WebLogic 12.1.2.0 - RMI Registry UnicastRef Object Java Deserialization Remote...

7.7.2018

PolarisOffice 2017 8 - Remote Code Execution

Airties AIR5444TT - Cross-Site Scripting

6.7.2018PolarisOffice 2017 8 - Remote Code Execution
5.7.2018

ADB Broadband Gateways / Routers - Privilege Escalation

ADB Broadband Gateways / Routers - Local Root Jailbreak

ADB Broadband Gateways / Routers - Authorization Bypass

SoftExpert Excellence Suite 2.0 - 'cddocument' SQL Injection

4.7.2018

ShopNx - Arbitrary File Upload

Online Trade - Information Disclosure

ManageEngine Exchange Reporter Plus < Build 5311 - Remote Code Execution

CMS Made Simple 2.2.5 - Remote Code Execution

ntop-ng < 3.4.180617 - Authentication Bypass

ModSecurity 3.0.0 - Cross-Site Scripting

Boxoft WAV to MP3 Converter 1.1 - Buffer Overflow (Metasploit)

openslp 2.0.0 - Double-Free

3.7.2018

Nagios XI 5.2.6-5.4.12 - Chained Remote Code Execution (Metasploit)

FTPShell Client 6.70 (Enterprise Edition) - Stack Buffer Overflow (Metasploit)

Dolibarr ERP CRM < 7.0.3 - PHP Code Injection

DAMICMS 6.0.0 - Cross-Site Request Forgery (Add Admin)

2.7.2018

VMware NSX SD-WAN Edge < 3.1.2 - Command Injection

Nagios XI 5.2.6-5.4.12 - Chained Remote Code Execution (Metasploit)

FTPShell client 6.70 (Enterprise edition) - Stack Buffer Overflow (Metasploit)

Dolibarr ERP CRM < 7.0.3 - PHP Code Injection

DAMICMS 6.0.0 - Cross-Site Request Forgery (Add Admin)

Geutebruck 5.02024 G-Cam/EFD-2250 - 'simple_loglistjs.cgi' Remote Command Execution...

Enhanced Mitigation Experience Toolkit (EMET) - XML External Entity Injection

Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow (PoC)

SIPp 3.6 - Local Buffer Overflow (PoC)

Core FTP LE 2.2 - Buffer Overflow (PoC)

Linux/x86 - Execve /bin/cat /etc/passwd Shellcode (37 bytes)

29.6.2018

Cisco Adaptive Security Appliance - Path Traversal

DIGISOL DG-HR3400 Wireless Router - Cross-Site Scripting

28.6.2018

Quest KACE Systems Management - Command Injection (Metasploit)

HPE VAN SDN 2.7.18.0503 - Remote Root

Wordpress < 4.9.6 - (Authenticated) Arbitrary File Deletion

DIGISOL DG-HR3400 Wireless Router - Cross-Site Scripting

hycus CMS 1.0.4 - Authentication Bypass

HongCMS 3.0.0 - SQL Injection

BEESCMS 4.0 - Cross-Site Request Forgery (Add Admin)

27.6.2018

Liferay Portal < 7.0.4 - Server-Side Request Forgery

PoDoFo 0.9.5 - Buffer Overflow

26.6.2018

Liferay Portal < 7.0.4 - Server-Side Request Forgery

PoDoFo 0.9.5 - Buffer Overflow

25.6.2018

Travel Agency 1.1 - 'cid' SQL Injection

WordPress Plugin iThemes Security < 7.0.3 - SQL Injection

Wordpress Plugin Comments Import & Export < 2.0.4 - CSV Injection

Intex Router N-150 - Arbitrary File Upload

Ecessa ShieldLink SL175EHQ < 10.7.4 - Cross-Site Request Forgery (Add Superuser)

AsusWRT RT-AC750GF - Cross-Site Request Forgery (Change Admin Password)

Ecessa WANWorx WVR-30 < 10.7.4 - Cross-Site Request Forgery (Add Superuser)

DIGISOL DG-BR4000NG - Cross-Site Scripting

DIGISOL DG-BR4000NG - Buffer Overflow (PoC)

22.6.2018

phpMyAdmin 4.8.1 - Local File Inclusion

phpLDAPadmin 1.2.2 - 'server_id' LDAP Injection (Username)

GreenCMS 2.3.0603 - Information Disclosure

LFCMS 3.7.0 - Cross-Site Request Forgery (Add Admin)

LFCMS 3.7.0 - Cross-Site Request Forgery (Add User)

Dell EMC RecoverPoint < 5.1.2 - Local Root Command Execution

21.6.2018

Windows 10 - Desktop Bridge Virtual Registry CVE-2018-0880 Incomplete Fix Privilege...

Windows 10 - Desktop Bridge Activation Arbitrary Directory Creation Privilege Escalation

ntp 4.2.8p11 - Local Buffer Overflow (PoC)

Redis 5.0 - Denial of Service

VideoInsight WebClient 5 - SQL Injection

IPConfigure Orchid VMS 2.0.5 - Directory Traversal Information Disclosure (Metasploit)

Apache CouchDB < 2.1.0 - Remote Code Execution

TP-Link TL-WA850RE - Remote Command Execution

NewMark CMS 2.1 - 'sec_id' SQL Injection

20.6.2018

Apache CouchDB < 2.1.0 - Remote Code Execution

TP-Link TL-WA850RE - Remote Command Execution

NewMark CMS 2.1 - 'sec_id' SQL Injection

MaDDash 2.0.2 - Directory Listing

Mirasys DVMS Workstation 5.12.6 - Path Traversal

ntp 4.2.8p11 - Local Buffer Overflow (PoC)

Redis 5.0 - Denial of Service

19.6.2018

Microsoft COM for Windows - Privilege Escalation

Redis-cli < 5.0 - Buffer Overflow (PoC)

18.6.2018

Redatam Web Server < 7 - Directory Traversal

RabbitMQ Web Management < 3.7.6 - Cross-Site Request Forgery

Joomla! Component jomres 9.11.2 - Cross-Site Request Forgery

Redis-cli < 5.0 - Buffer Overflow (PoC)

Audiograbber 1.83 - Local Buffer Overflow (SEH)

Pale Moon Browser < 27.9.3 - Use After Free (PoC)

Nikto 2.1.6 - CSV Injection

17.6.2018

Dimofinf CMS 3.0.0 - Cross-Site Scripting

OEcms 3.1 - Cross-Site Scripting

Soroush IM Desktop app 0.15 - Authentication Bypass

15.6.2018

Dimofinf CMS 3.0.0 - Cross-Site Scripting

OEcms 3.1 - Cross-Site Scripting

Joomla Component Ek rishta 2.10 - SQL Injection

Soroush IM Desktop app 0.15 - Authentication Bypass

rtorrent 0.9.6 - Denial of Service

14.6.2018

DHCP Client - Command Injection (DynoRoot) (Metasploit)

Joomla Component Ek rishta 2.10 - SQL Injection

Redaxo CMS Mediapool Addon < 5.5.1 - Arbitrary File Upload

MACCMS 10 - Cross-Site Request Forgery (Add User)

RSLinx Classic and FactoryTalk Linx Gateway - Privilege Escalation

glibc - 'realpath()' Privilege Escalation (Metasploit)

Microsoft Windows 10 - Child Process Restriction Mitigation Bypass

13.6.2018

MACCMS 10 - Cross-Site Request Forgery (Add User)

Canon LBP6030w - Authentication Bypass

Canon LBP7110Cw - Authentication Bypass

WordPress Ultimate Form Builder Lite Plugin < 1.3.7 - SQL Injection

WordPress Google Map Plugin < 4.0.4 - SQL Injection

12.6.2018

WordPress Ultimate Form Builder Lite Plugin < 1.3.7 - SQL Injection

WordPress Google Map Plugin < 4.0.4 - SQL Injection

Canon PrintMe EFI - Cross-Site Scripting

OX App Suite 7.8.4 - Multiple Vulnerabilities

Joomla! Component EkRishta 2.10 - 'username' SQL Injection

11.6.2018

 

Schools Alert Management Script - Arbitrary File Read

Schools Alert Management Script - 'get_sec.php' SQL Injection

userSpice 4.3.24 - Username Enumeration

userSpice 4.3.24 - 'X-Forwarded-For' Cross-Site Scripting

Schools Alert Management Script - Arbitrary File Deletion

Joomla! Component EkRishta 2.10 - 'cid' SQL Injection

Event Manager Admin panel - 'events_new.php' SQL injection

Schools Alert Management Script - SQL Injection

WebKitGTK+ < 2.21.3 - 'WebKitFaviconDatabase' DoS

22.5.2018

Superfood 1.0 - Multiple Vulnerabilities

21.5.2018

Superfood 1.0 - Multiple Vulnerabilities

mySCADA myPRO 7 - Hard-Coded Credentials

Superfood 1.0 - Multiple Vulnerabilities

Joomla! Component EkRishta 2.10 - Cross-Site Scripting / SQL Injection

19.5.2018

mySCADA myPRO 7 - Hard-Coded Credentials

Joomla! Component EkRishta 2.10 - Cross-Site Scripting / SQL Injection

Adobe Enterprise Manager (AEM) < 6.3 - Remote Code Execution

D-Link DSL-3782 - Authentication Bypass

HPE iMC 7.3 - Remote Code Execution (Metasploit)

SAP B2B / B2C CRM 2.x < 4.x - Local File Inclusion

Infinity Market Classified Ads Script 1.6.2 - Cross-Site Request Forgery

Cisco SA520W Security Appliance - Path Traversal

Linux 4.8.0 < 4.8.0-46 - AF_PACKET packet_set_ring Privilege Escalation (Metasploit)

DynoRoot DHCP - Client Command Injection

Microsoft Edge Chakra JIT - Bound Check Elimination Bug

18.5.2018

Healwire Online Pharmacy 3.0 - Persistent Cross-Site Scripting / Cross-Site Request...

Microsoft Edge Chakra JIT - Bound Check Elimination Bug

17.5.2018

Apache Struts 2 - Struts 1 Plugin Showcase OGNL Code Execution (Metasploit)

Jenkins CLI - HTTP Java Deserialization (Metasploit)

Nanopool Claymore Dual Miner 7.3 - Remote Code Execution

Powerlogic/Schneider Electric IONXXXX Series - Cross-Site Request Forgery

Linux < 4.16.9 / < 4.14.41 - 4-byte Infoleak via Uninitialized Struct Field in compat...

Powerlogic/Schneider Electric IONXXXX Series - Cross-Site Request Forgery

SuperCom Online Shopping Ecommerce Cart 1 - Persistent Cross-Site scripting / Cross site...

Nanopool Claymore Dual Miner 7.3 - Remote Code Execution

Intelbras NCLOUD 300 1.0 - Authentication bypass

NodAPS 4.0 - SQL injection / Cross-Site Request Forgery

16.5.2018

Microsoft Windows - Token Process Trust SID Access Check Bypass Privilege Escalation

WhatsApp 2.18.31 - Memory Corruption

Inteno IOPSYS 2.0 - 4.2.0 p910nd - Remote Command Execution

RSA Authentication Manager 8.2.1.4.0-build1394922 / < 8.3 P1 - XML External Entity...

WordPress Plugin Metronet Tag Manager 1.2.7 - Cross-Site Request Forgery

totemomail Encryption Gateway 6.0.0 Build 371 - Cross-Site Request Forgery

Horse Market Sell & Rent Portal Script 1.5.7 - Cross-Site Request Forgery

Multiplayer BlackJack Online Casino Game 2.5 - Persistent Cross-Site Scripting

Rockwell Scada System 27.011 - Cross-Site Scripting

VirtueMart 3.1.14 - Persistent Cross-Site Scripting

MyBB Admin Notes Plugin 1.1 - Cross-Site Request Forgery

Libuser - roothelper Privilege Escalation (Metasploit)

15.5.2018

XATABoost 1.0.0 - SQL Injection

Monstra CMS 3.0.4 - Remote Code Execution

2345 Security Guard 3.7 - '2345NsProtect.sys' Denial of Service

Linux/x86 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) Shellcode (96 Bytes)

12.5.2018

Open-AudIT Community - 2.2.0 – Cross-Site Scripting

Open-AudIT Professional - 2.1.1 - Cross-Site Scripting

EMC RecoverPoint 4.3 - 'Admin CLI' Command Injection

2345 Security Guard 3.7 - '2345BdPcSafe.sys' Denial of Service

Microsoft Windows 2003 SP2 - 'RRAS' SMB Remote Code Execution

WUZHI CMS 4.1.0 - 'tag[pinyin]' Cross-Site Scripting

11.5.2018

Mantis 1.1.3 - 'manage_proj_page' PHP Code Execution (Metasploit)

MyBB Latest Posts on Profile Plugin 1.1 - Cross-Site Scripting

Dell Touchpad - 'ApMsgFwd.exe' Denial of Service

Open-AudIT Community - 2.2.0 – Cross-Site Scripting

Open-AudIT Professional - 2.1.1 - Cross-Site Scripting

10.5.2018

Dell Touchpad - 'ApMsgFwd.exe' Denial of Service

Linux/x86 - Read /etc/passwd Shellcode (62 bytes)

MyBB Latest Posts on Profile Plugin 1.1 - Cross-Site Scripting

ModbusPal 1.6b - XML External Entity Injection

9.5.2018

Linux/x86 - Bind TCP Shell + fork() Shellcode (113 bytes)

GNU wget - Cookie Injection

2345 Security Guard 3.7 - Denial of Service

8.5.2018

FTPShell Client 6.7 - Buffer Overflow

PlaySMS 1.4 - sendfromfile.php Authenticated "Filename" Field Code Execution (Metasploit)

PlaySMS - import.php Authenticated CSV File Upload Code Execution (Metasploit)

Palo Alto Networks - readSessionVarsFromFile() Session Corruption (Metasploit)

7.5.2018

WordPress Plugin User Role Editor < 4.25 - Privilege Escalation

CSP MySQL User Manager 2.3.1 - Authentication Bypass

DeviceLock Plug and Play Auditor 5.72 - Unicode Buffer Overflow (SEH)

HWiNFO 5.82-3410 - Denial of Service

6.5.2018

Google Chrome V8 - Object Allocation Size Integer Overflow

Windows WMI - Recieve Notification Exploit (Metasploit)

IceWarp Mail Server < 11.1.1 - Directory Traversal

WordPress Plugin WF Cookie Consent 1.1.3 - Cross-Site Scripting

4.5.2018

GPON Routers - Authentication Bypass / Command Injection

Call of Duty Modern Warefare 2 - Buffer Overflow

TBK DVR4104 / DVR4216 - Credentials Leak

Schneider Electric InduSoft Web Studio and InTouch Machine Edition - Denial of Service

3.5.2018

Windows - Local Privilege Escalation

GPON Routers - Authentication Bypass / Command Injection

Call of Duty Modern Warefare 2 - Buffer Overflow

TBK DVR4104 / DVR4216 - Credentials Leak

Norton Core Secure WiFi Router - 'BLE' Command Injection (PoC)

Exim < 4.90.1 - 'base64d' Remote Code Execution

Metasploit Framework - 'msfd' Remote Code Execution (Metasploit)

Metasploit Framework - 'msfd' Remote Code Execution (via Browser) (Metasploit)

xdebug < 2.5.5 - Unauthenticated OS Command Execution (Metasploit)

Cockpit CMS 0.4.4 < 0.5.5 - Server-Side Request Forgery

Adobe Reader PDF - Client Side Request Injection

Easy MPEG to DVD Burner 1.7.11 - Local Buffer Overflow (SEH)

LibreOffice/Open Office - '.odt' Information Disclosure

Schneider Electric InduSoft Web Studio and InTouch Machine Edition - Denial of Service

WebKit - 'WebCore::jsElementScrollHeightGetter' Use-After-Free

Linux Kernel < 4.17-rc1 - 'AF_LLC' Double Free

2.5.2018

WordPress Plugin Responsive Cookie Consent 1.7 / 1.6 / 1.5 - Authenticated Persistent...

1.5.2018

Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code (Metasploit)

Wordpress Responsive Cookie Consent 1.7 / 1.6 / 1.5 - Authenticated Persistent Cross-Site...

30.4.2018

macOS/iOS - ReportCrash mach port Replacement due to Failure to Respect MIG Ownership...

macOS 10.13.2 - Double mach_port_deallocate in kextd due to Failure to Comply with MIG...

Navicat < 12.0.27 - Oracle Connection Overflow

Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code (Metasploit)

Oracle Weblogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.2 / 12.2.1.3 - Deserialization Remote...

Nagios XI 5.2.[6-9], 5.3, 5.4 - Chained Remote Root

WordPress Plugin Form Maker 1.12.20 - CSV Injection

29.4.2018

Oracle Weblogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.2 / 12.2.1.3 - Deserialization Remote...

27.4.2018

Frog CMS 0.9.5 - Persistent Cross-Site Scripting

TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Unauthenticated Remote Reboot

GitList 0.6 - Unauthenticated Remote Code Execution

MyBB Threads to Link Plugin 1.3 - Cross-Site Scripting

Allok AVI to DVD SVCD VCD Converter 4.0.1217 - Buffer Overflow (SEH)

26.4.2018

October CMS User Plugin v1.4.5 - Persistent Cross-Site Scripting

SickRage < v2018.03.09 - Clear-Text Credentials HTTP Response

WordPress Plugin WP with Spritz 1.0 - Remote File Inclusion

Jfrog Artifactory < 4.16 - Unauthenticated Arbitrary File Upload / Remote Command...

Drupal < 7.58 - 'drupalgeddon3' Authenticated Remote Code Execution (PoC)

Chrome V8 JIT - Arrow Function Scope Fixing Bug

Chrome V8 JIT - 'AwaitedPromise' Update Bug

Chrome V8 JIT - 'NodeProperties::InferReceiverMaps' Type Confusion

Adobe Flash - Out-of-Bounds Write in blur Filtering

Adobe Flash - Info Leak in Image Inflation

Adobe Flash - Overflow in Slab Rendering

Adobe Flash - Overflow when Playing Sound

HRSALE The Ultimate HRM v1.0.2 - Local File Inclusion

HRSALE The Ultimate HRM 1.0.2 - Authenticated Cross-Site Scripting

HRSALE The Ultimate HRM v1.0.2 - 'award_id' SQL Injection

HRSALE The Ultimate HRM v1.0.2 - CSV Injection

Blog Master Pro v1.0 - CSV Injection

Shopy Point of Sale v1.0 - CSV Injection

13.4.2018

Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution

Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)

Joomla Convert Forms version 2.0.3 - Formula Injection (CSV Injection)

12.4.2018

Linux/x64 - x64 Assembly Shellcode (Generator)

11.4.2018

Google Chrome V8 JIT - 'LoadElimination::ReduceTransitionElementsKind' Type Confusion

WordPress Plugin WordPress File Upload 4.3.3 - Stored XSS

WordPress File Upload Plugin 4.3.2 - Stored Cross Site Scripting

Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager - Invalid...

WUZHI CMS 4.1.0 - ‘Add User Account’ Cross-Site Request Forgery

WUZHI CMS 4.1.0 - ‘Add Admin Account’ Cross-Site Request Forgery

Wordpress Plugin Activity Log 2.4.0 - Stored Cross Site Scripting

iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting

DVD X Player Standard 5.5.3.9 - Buffer Overflow

10.4.2018

iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting

9 .4.2018

WordPress Plugin Google Drive 2.2 - Remote Code Execution

iScripts SonicBB 1.0 - Reflected Cross-Site Scripting

WooCommerce CSV-Importer-Plugin 3.3.6 - Remote Code Execution

Buddypress Xprofile Custom Fields Type 2.6.3 - Remote Code Execution

KYOCERA Net Admin 3.4 - Cross Site Request Forgery - Add Admin Exploit

KYOCERA Multi-Set Template Editor 3.4 - Out-Of-Band XML External Entity Injection

CyberArk Password Vault Web Access < 9.9.5 / < 9.10 / 10.1 - Remote Code Execution

WordPress Plugin Simple Fields 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code...

Yahei PHP Prober 0.4.7 - Cross-Site Scripting

WolfCMS 0.8.3.1 - Open Redirection

MyBB Plugin Recent Threads On Index - Cross-Site Scripting

Cobub Razor 0.7.2 - Add New Superuser Account

WolfCMS 0.8.3.1 - Cross Site Request Forgery

PMS 0.42 - Local Stack-Based Overflow (ROP)

GoldWave 5.70 - Local Buffer Overflow (SEH Unicode)

H2 Database - 'Alias' Arbitrary Code Execution

CyberArk Password Vault < 9.7 / < 10 - Memory Disclosure

WebKit - WebAssembly Parsing Does not Correctly Check Section Order

8.4.2018

LineageOS 14.1 Blueborne - Remote Code Execution

Cobub Razor 0.7.2 - Cross Site Request Forgery

DotNetNuke DNNarticle Module 11 - Directory Traversal

FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass

6 .4.2018

Sophos Endpoint Protection Control Panel 10.7 - Weak Password Encryption

Sophos Endpoint Protection 10.7 - Tamper-Protection Bypass

GetSimple CMS 3.3.13 - Cross-Site Scripting

Z-Blog 1.5.1.1740 - Full Path Disclosure

Z-Blog 1.5.1.1740 - Cross-Site Scripting

YzmCMS 3.6 - Cross-Site Scripting

5 .4.2018

Microsoft Windows - Multiple Use-After-Free Issues in jscript Array Methods

Microsoft Windows Defender - 'mpengine.dll' Memory Corruption

ProcessMaker - Plugin Upload (Metasploit)

Joomla! Component JS Jobs 1.2.0 - Cross-Site Scripting

MyBB Plugin Downloads 2.0.3 - Cross-Site Scripting

3 .4.2018

 

Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix 2)

Microsoft Edge Chakra JIT- Stack-to-Heap Copy (Incomplete Fix)

Google Chrome V8 - 'Genesis::InitializeGlobal' Out-of-Bounds Read/Write

Google Chrome V8 - 'ElementsAccessorBase::CollectValuesOrEntriesImpl' Type Confusion

Secutech RiS-11/RiS-22/RiS-33 - Remote DNS Change

OpenCMS 10.5.3 - Cross-Site Scripting

OpenCMS 10.5.3 - Cross-Site Request Forgery

DLink DIR-601 - Admin Password Disclosure

VideoFlow Digital Video Protection (DVP) 2.10 - Hard-Coded Credentials

VideoFlow Digital Video Protection (DVP) 2.10 - Directory Traversal

WampServer 3.1.2 - Cross-Site Request Forgery

WebLog Expert Enterprise 9.4 - Privilege Escalatio

2 .4.2018

DLink DIR-601 - Admin Password Disclosure

VideoFlow Digital Video Protection (DVP) 2.10 - Hard-Coded Credentials

VideoFlow Digital Video Protection (DVP) 2.10 - Directory Traversal

WampServer 3.1.2 - Cross-Site Request Forgery

WampServer 3.1.1 - Cross-Site Scripting / Cross-Site Request Forgery

Frog CMS 0.9.5 - Cross-Site Request Forgery (Add User)

WebLog Expert Enterprise 9.4 - Privilege Escalation s

1 .4.2018

Advantech WebAccess < 8.1 - webvrpcs DrawSrv.dll Path BwBuildPath Stack-Based Buffer...

Tenda FH303/A300 Firmware V5.07.68_EN - Remote DNS Change

Tenda W3002R/A302/w309r Wireless Router V5.07.64_en - Remote DNS Change (PoC)

Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload (Metasploit)

D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router - Authentication Bypass

Tenda W316R Wireless Router 5.07.50 - Remote DNS Change

osCommerce 2.3.4.1 - Remote Code Execution

Tenda W308R v2 Wireless Router 5.07.48 - Cookie Session Weakness Remote DNS Change

WordPress Plugin WP Security Audit Log 3.1.1 - Sensitive Information Disclosure

Joomla! Component AcySMS 3.5.0 - CSV Macro Injection

Joomla! Component Acymailing Starter 5.9.5 - CSV Macro Injection

Homematic CCU2 2.29.23 - Remote Command Execution

WordPress Plugin Contact Form 7 to Database Extension 2.10.32 - CSV Injection

WordPress Plugin Relevanssi 4.0.4 - Reflected Cross-Site Scripting

MiniCMS 1.10 - Cross-Site Request Forgery

Homematic CCU2 2.29.23 - Arbitrary File Write

Open-AuditIT Professional 2.1 - Cross-Site Request Forgery

Faleemi Windows Desktop Software - (DDNS/IP) Local Buffer Overflow

Allok WMV to AVI MPEG DVD WMV Converter 4.6.1217 - Buffer Overflow

Allok Video Joiner 4.6.1217 - Stack-Based Buffer Overflow

Allok AVI DivX MPEG to DVD Converter 2.6.1217 - Buffer Overflow (SEH)

Systematic SitAware - NVG Denial of Service

SysGauge 4.5.18 - Local Denial of Service

31 .3.2018

Exodus Wallet (ElectronJS Framework) - Remote Code Execution (Metasploit)

Joomla Component Fields - SQLi Remote Code Execution (Metasploit)

30 .3.2018

Exodus Wallet (ElectronJS Framework) - Remote Code Execution (Metasploit)

GitStack - Unsanitized Argument Remote Code Execution (Metasploit)

Joomla Component Fields - SQLi Remote Code Execution (Metasploit)

29 .3.2018

Microsoft Windows Remote Assistance - XML External Entity Injection

TwonkyMedia Server 7.0.11-8.5 - Persistent Cross-Site Scripting

TwonkyMedia Server 7.0.11-8.5 - Directory Traversal

ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)

TestLink Open Source Test Management < 1.9.16 - Remote Code Execution (PoC)

ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)

28 .3.2018

ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)

27 .3.2018

ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)

26 .3.2018

Acrolinx Server < 5.2.5 - Directory Traversal

Laravel Log Viewer < 0.13.0 - Local File Download

LabF nfsAxe 3.7 - Privilege Escalation

Fast AVI MPEG Splitter 1.2 - Stack-Based Buffer Overflow

23 .3.2018

Linux Kernel < 4.15.4 - 'show_floppy' KASLR Address Leak

Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion

MyBB Plugin Last User's Threads in Profile Plugin 1.2 - Persistent Cross-Site Scripting

XenForo 2 - CSS Loader Denial of Service

TL-WR720N 150Mbps Wireless N Router - Cross-Site Request Forgery

Hikvision IP Camera versions 5.2.0 - 5.3.9 (Builds 140721 - 170109) - Access Control...

Easy CD DVD Copy 1.3.24 - Local Buffer Overflow (SEH)

Crashmail 1.6 - Stack-Based Buffer Overflow ( ROP execve )

Allok Quicktime to AVI MPEG DVD Converter 4.6.1217 - Stack-Based Buffer Overflow

Linux Kernel < 4.15.4 - 'show_floppy' KASLR Address Leak

Easy Avi Divx Xvid to DVD Burner 2.9.11 - '.avi' Denial of Service

WM Recorder 16.8.1 - Denial of Service

Dell EMC NetWorker - Denial of Service

Android Bluetooth - BNEP BNEP_SETUP_CONNECTION_REQUEST_MSG Out-of-Bounds Read

Android Bluetooth - BNEP bnep_data_ind() Remote Heap Disclosure

21 .3.2018

Microsoft Windows - Desktop Bridge Virtual Registry NtLoadKey Arbitrary File Read/Write...

Microsoft Windows - Desktop Bridge Virtual Registry Arbitrary File Read/Write Privilege...
Microsoft Windows - Desktop Bridge VFS Privilege Escalation

Microsoft Windows Kernel - 'nt!NtWaitForDebugEvent' 64-bit Stack Memory Disclosure

Microsoft Windows Kernel - 'nt!KiDispatchException' 64-bit Stack Memory Disclosure

Microsoft Windows Kernel - 'NtQueryInformationThread(ThreadBasicInformation)' 64-bit...

Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)' 64-bit...

Google Software Updater macOS - Unsafe use of Distributed Objects Privilege Escalation

Cisco node-jos < 0.11.0 - Re-sign Tokens

Vehicle Sales Management System - Multiple Vulnerabilities

Intelbras Telefone IP TIP200 LITE - Local File Disclosure
Cisco node-jos < 0.11.0 - Re-sign Tokens

Linux/x86 - execve(/bin/sh) Shellcode (18 bytes)

19 .3.2018

Linux Kernel < 4.4.0-21 (Ubuntu 16.04 x64) - 'netfilter target_offset' Local Privilege...

Linux Kernel < 3.5.0-23 (Ubuntu 12.04.2 x64) - 'SOCK_DIAG' SMEP Bypass Local Privilege...

Linux Kernel < 4.4.0-116 (Ubuntu 16.04.4) - Local Privilege Escalation

18 .3.2018

Firefox 44.0.2 - ASM.JS JIT-Spray Remote Code Execution
Firefox 46.0.1 - ASM.JS JIT-Spray Remote Code Execution

MikroTik RouterOS < 6.41.3/6.42rc27 - SMB Buffer Overflow

SAP NetWeaver AS JAVA CRM - Log injection Remote Command Execution

Contec Smart Home 4.15 - Unauthorized Password Reset

Android DRM Services - Buffer Overflow

10.5.2018

Dell Touchpad - 'ApMsgFwd.exe' Denial of Service

Linux/x86 - Read /etc/passwd Shellcode (62 bytes)

MyBB Latest Posts on Profile Plugin 1.1 - Cross-Site Scripting

ModbusPal 1.6b - XML External Entity Injection

9.5.2018

Linux/x86 - Bind TCP Shell + fork() Shellcode (113 bytes)

GNU wget - Cookie Injection

2345 Security Guard 3.7 - Denial of Service

8.5.2018

FTPShell Client 6.7 - Buffer Overflow

PlaySMS 1.4 - sendfromfile.php Authenticated "Filename" Field Code Execution (Metasploit)

PlaySMS - import.php Authenticated CSV File Upload Code Execution (Metasploit)

Palo Alto Networks - readSessionVarsFromFile() Session Corruption (Metasploit)

7.5.2018

WordPress Plugin User Role Editor < 4.25 - Privilege Escalation

CSP MySQL User Manager 2.3.1 - Authentication Bypass

DeviceLock Plug and Play Auditor 5.72 - Unicode Buffer Overflow (SEH)

HWiNFO 5.82-3410 - Denial of Service

6.5.2018

Google Chrome V8 - Object Allocation Size Integer Overflow

Windows WMI - Recieve Notification Exploit (Metasploit)

IceWarp Mail Server < 11.1.1 - Directory Traversal

WordPress Plugin WF Cookie Consent 1.1.3 - Cross-Site Scripting

4.5.2018

GPON Routers - Authentication Bypass / Command Injection

Call of Duty Modern Warefare 2 - Buffer Overflow

TBK DVR4104 / DVR4216 - Credentials Leak

Schneider Electric InduSoft Web Studio and InTouch Machine Edition - Denial of Service

3.5.2018

Windows - Local Privilege Escalation

GPON Routers - Authentication Bypass / Command Injection

Call of Duty Modern Warefare 2 - Buffer Overflow

TBK DVR4104 / DVR4216 - Credentials Leak

Norton Core Secure WiFi Router - 'BLE' Command Injection (PoC)

Exim < 4.90.1 - 'base64d' Remote Code Execution

Metasploit Framework - 'msfd' Remote Code Execution (Metasploit)

Metasploit Framework - 'msfd' Remote Code Execution (via Browser) (Metasploit)

xdebug < 2.5.5 - Unauthenticated OS Command Execution (Metasploit)

Cockpit CMS 0.4.4 < 0.5.5 - Server-Side Request Forgery

Adobe Reader PDF - Client Side Request Injection

Easy MPEG to DVD Burner 1.7.11 - Local Buffer Overflow (SEH)

LibreOffice/Open Office - '.odt' Information Disclosure

Schneider Electric InduSoft Web Studio and InTouch Machine Edition - Denial of Service

WebKit - 'WebCore::jsElementScrollHeightGetter' Use-After-Free

Linux Kernel < 4.17-rc1 - 'AF_LLC' Double Free

2.5.2018

WordPress Plugin Responsive Cookie Consent 1.7 / 1.6 / 1.5 - Authenticated Persistent...

1.5.2018

Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code (Metasploit)

Wordpress Responsive Cookie Consent 1.7 / 1.6 / 1.5 - Authenticated Persistent Cross-Site...

30.4.2018

macOS/iOS - ReportCrash mach port Replacement due to Failure to Respect MIG Ownership...

macOS 10.13.2 - Double mach_port_deallocate in kextd due to Failure to Comply with MIG...

Navicat < 12.0.27 - Oracle Connection Overflow

Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code (Metasploit)

Oracle Weblogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.2 / 12.2.1.3 - Deserialization Remote...

Nagios XI 5.2.[6-9], 5.3, 5.4 - Chained Remote Root

WordPress Plugin Form Maker 1.12.20 - CSV Injection

29.4.2018

Oracle Weblogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.2 / 12.2.1.3 - Deserialization Remote...

27.4.2018

Frog CMS 0.9.5 - Persistent Cross-Site Scripting

TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Unauthenticated Remote Reboot

GitList 0.6 - Unauthenticated Remote Code Execution

MyBB Threads to Link Plugin 1.3 - Cross-Site Scripting

Allok AVI to DVD SVCD VCD Converter 4.0.1217 - Buffer Overflow (SEH)

26.4.2018

October CMS User Plugin v1.4.5 - Persistent Cross-Site Scripting

SickRage < v2018.03.09 - Clear-Text Credentials HTTP Response

WordPress Plugin WP with Spritz 1.0 - Remote File Inclusion

Jfrog Artifactory < 4.16 - Unauthenticated Arbitrary File Upload / Remote Command...

Drupal < 7.58 - 'drupalgeddon3' Authenticated Remote Code Execution (PoC)

Chrome V8 JIT - Arrow Function Scope Fixing Bug

Chrome V8 JIT - 'AwaitedPromise' Update Bug

Chrome V8 JIT - 'NodeProperties::InferReceiverMaps' Type Confusion

Adobe Flash - Out-of-Bounds Write in blur Filtering

Adobe Flash - Info Leak in Image Inflation

Adobe Flash - Overflow in Slab Rendering

Adobe Flash - Overflow when Playing Sound

HRSALE The Ultimate HRM v1.0.2 - Local File Inclusion

HRSALE The Ultimate HRM 1.0.2 - Authenticated Cross-Site Scripting

HRSALE The Ultimate HRM v1.0.2 - 'award_id' SQL Injection

HRSALE The Ultimate HRM v1.0.2 - CSV Injection

Blog Master Pro v1.0 - CSV Injection

Shopy Point of Sale v1.0 - CSV Injection

13.4.2018

Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution

Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)

Joomla Convert Forms version 2.0.3 - Formula Injection (CSV Injection)

12.4.2018

Linux/x64 - x64 Assembly Shellcode (Generator)

11.4.2018

Google Chrome V8 JIT - 'LoadElimination::ReduceTransitionElementsKind' Type Confusion

WordPress Plugin WordPress File Upload 4.3.3 - Stored XSS

WordPress File Upload Plugin 4.3.2 - Stored Cross Site Scripting

Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager - Invalid...

WUZHI CMS 4.1.0 - ‘Add User Account’ Cross-Site Request Forgery

WUZHI CMS 4.1.0 - ‘Add Admin Account’ Cross-Site Request Forgery

Wordpress Plugin Activity Log 2.4.0 - Stored Cross Site Scripting

iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting

DVD X Player Standard 5.5.3.9 - Buffer Overflow

10.4.2018

iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting

9 .4.2018

WordPress Plugin Google Drive 2.2 - Remote Code Execution

iScripts SonicBB 1.0 - Reflected Cross-Site Scripting

WooCommerce CSV-Importer-Plugin 3.3.6 - Remote Code Execution

Buddypress Xprofile Custom Fields Type 2.6.3 - Remote Code Execution

KYOCERA Net Admin 3.4 - Cross Site Request Forgery - Add Admin Exploit

KYOCERA Multi-Set Template Editor 3.4 - Out-Of-Band XML External Entity Injection

CyberArk Password Vault Web Access < 9.9.5 / < 9.10 / 10.1 - Remote Code Execution

WordPress Plugin Simple Fields 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code...

Yahei PHP Prober 0.4.7 - Cross-Site Scripting

WolfCMS 0.8.3.1 - Open Redirection

MyBB Plugin Recent Threads On Index - Cross-Site Scripting

Cobub Razor 0.7.2 - Add New Superuser Account

WolfCMS 0.8.3.1 - Cross Site Request Forgery

PMS 0.42 - Local Stack-Based Overflow (ROP)

GoldWave 5.70 - Local Buffer Overflow (SEH Unicode)

H2 Database - 'Alias' Arbitrary Code Execution

CyberArk Password Vault < 9.7 / < 10 - Memory Disclosure

WebKit - WebAssembly Parsing Does not Correctly Check Section Order

8.4.2018

LineageOS 14.1 Blueborne - Remote Code Execution

Cobub Razor 0.7.2 - Cross Site Request Forgery

DotNetNuke DNNarticle Module 11 - Directory Traversal

FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass

6 .4.2018

Sophos Endpoint Protection Control Panel 10.7 - Weak Password Encryption

Sophos Endpoint Protection 10.7 - Tamper-Protection Bypass

GetSimple CMS 3.3.13 - Cross-Site Scripting

Z-Blog 1.5.1.1740 - Full Path Disclosure

Z-Blog 1.5.1.1740 - Cross-Site Scripting

YzmCMS 3.6 - Cross-Site Scripting

5 .4.2018

 

Microsoft Windows - Multiple Use-After-Free Issues in jscript Array Methods

Microsoft Windows Defender - 'mpengine.dll' Memory Corruption

ProcessMaker - Plugin Upload (Metasploit)

Joomla! Component JS Jobs 1.2.0 - Cross-Site Scripting

MyBB Plugin Downloads 2.0.3 - Cross-Site Scripting

3 .4.2018

 

Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix 2)

Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix)

Google Chrome V8 - 'Genesis::InitializeGlobal' Out-of-Bounds Read/Write

Google Chrome V8 - 'ElementsAccessorBase::CollectValuesOrEntriesImpl' Type Confusion

Secutech RiS-11/RiS-22/RiS-33 - Remote DNS Change

OpenCMS 10.5.3 - Cross-Site Scripting

OpenCMS 10.5.3 - Cross-Site Request Forgery

DLink DIR-601 - Admin Password Disclosure

VideoFlow Digital Video Protection (DVP) 2.10 - Hard-Coded Credentials

VideoFlow Digital Video Protection (DVP) 2.10 - Directory Traversal

WampServer 3.1.2 - Cross-Site Request Forgery

WebLog Expert Enterprise 9.4 - Privilege Escalation

2 .4.2018

 

DLink DIR-601 - Admin Password Disclosure

VideoFlow Digital Video Protection (DVP) 2.10 - Hard-Coded Credentials

VideoFlow Digital Video Protection (DVP) 2.10 - Directory Traversal

WampServer 3.1.2 - Cross-Site Request Forgery

WampServer 3.1.1 - Cross-Site Scripting / Cross-Site Request Forgery

Frog CMS 0.9.5 - Cross-Site Request Forgery (Add User)

WebLog Expert Enterprise 9.4 - Privilege Escalation s

1 .4.2018

Advantech WebAccess < 8.1 - webvrpcs DrawSrv.dll Path BwBuildPath Stack-Based Buffer...

Tenda FH303/A300 Firmware V5.07.68_EN - Remote DNS Change

Tenda W3002R/A302/w309r Wireless Router V5.07.64_en - Remote DNS Change (PoC)

Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload (Metasploit)

D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router - Authentication Bypass

Tenda W316R Wireless Router 5.07.50 - Remote DNS Change

osCommerce 2.3.4.1 - Remote Code Execution

Tenda W308R v2 Wireless Router 5.07.48 - Cookie Session Weakness Remote DNS Change

WordPress Plugin WP Security Audit Log 3.1.1 - Sensitive Information Disclosure

Joomla! Component AcySMS 3.5.0 - CSV Macro Injection

Joomla! Component Acymailing Starter 5.9.5 - CSV Macro Injection

Homematic CCU2 2.29.23 - Remote Command Execution

WordPress Plugin Contact Form 7 to Database Extension 2.10.32 - CSV Injection

WordPress Plugin Relevanssi 4.0.4 - Reflected Cross-Site Scripting

MiniCMS 1.10 - Cross-Site Request Forgery

Homematic CCU2 2.29.23 - Arbitrary File Write

Open-AuditIT Professional 2.1 - Cross-Site Request Forgery

Faleemi Windows Desktop Software - (DDNS/IP) Local Buffer Overflow

Allok WMV to AVI MPEG DVD WMV Converter 4.6.1217 - Buffer Overflow

Allok Video Joiner 4.6.1217 - Stack-Based Buffer Overflow

Allok AVI DivX MPEG to DVD Converter 2.6.1217 - Buffer Overflow (SEH)

Systematic SitAware - NVG Denial of Service

SysGauge 4.5.18 - Local Denial of Service

31 .3.2018

Exodus Wallet (ElectronJS Framework) - Remote Code Execution (Metasploit)

Joomla Component Fields - SQLi Remote Code Execution (Metasploit)

30 .3.2018

Exodus Wallet (ElectronJS Framework) - Remote Code Execution (Metasploit)

GitStack - Unsanitized Argument Remote Code Execution (Metasploit)

Joomla Component Fields - SQLi Remote Code Execution (Metasploit)

29 .3.2018

Microsoft Windows Remote Assistance - XML External Entity Injection

TwonkyMedia Server 7.0.11-8.5 - Persistent Cross-Site Scripting

TwonkyMedia Server 7.0.11-8.5 - Directory Traversal

ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)

TestLink Open Source Test Management < 1.9.16 - Remote Code Execution (PoC)

ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)

28 .3.2018ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)
27 .3.2018ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)
26 .3.2018

Acrolinx Server < 5.2.5 - Directory Traversal

Laravel Log Viewer < 0.13.0 - Local File Download

LabF nfsAxe 3.7 - Privilege Escalation

Fast AVI MPEG Splitter 1.2 - Stack-Based Buffer Overflow

23 .3.2018

 

Linux Kernel < 4.15.4 - 'show_floppy' KASLR Address Leak

Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion

MyBB Plugin Last User's Threads in Profile Plugin 1.2 - Persistent Cross-Site Scripting

XenForo 2 - CSS Loader Denial of Service

TL-WR720N 150Mbps Wireless N Router - Cross-Site Request Forgery

Hikvision IP Camera versions 5.2.0 - 5.3.9 (Builds 140721 - 170109) - Access Control...

Easy CD DVD Copy 1.3.24 - Local Buffer Overflow (SEH)

Crashmail 1.6 - Stack-Based Buffer Overflow ( ROP execve )

Allok Quicktime to AVI MPEG DVD Converter 4.6.1217 - Stack-Based Buffer Overflow

Linux Kernel < 4.15.4 - 'show_floppy' KASLR Address Leak

Easy Avi Divx Xvid to DVD Burner 2.9.11 - '.avi' Denial of Service

WM Recorder 16.8.1 - Denial of Service

Dell EMC NetWorker - Denial of Service

Android Bluetooth - BNEP BNEP_SETUP_CONNECTION_REQUEST_MSG Out-of-Bounds Read

Android Bluetooth - BNEP bnep_data_ind() Remote Heap Disclosure

21 .3.2018

Microsoft Windows - Desktop Bridge Virtual Registry NtLoadKey Arbitrary File Read/Write...

Microsoft Windows- Desktop Bridge Virtual Registry Arbitrary File Read/Write Privilege...
Microsoft Windows - Desktop Bridge VFS Privilege Escalation

Microsoft Windows Kernel - 'nt!NtWaitForDebugEvent' 64-bit Stack Memory Disclosure

Microsoft Windows Kernel - 'nt!KiDispatchException' 64-bit Stack Memory Disclosure

Microsoft Windows Kernel - 'NtQueryInformationThread(ThreadBasicInformation)' 64-bit...

Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)' 64-bit...

Google Software Updater macOS - Unsafe use of Distributed Objects Privilege Escalation

Cisco node-jos < 0.11.0 - Re-sign Tokens

Vehicle Sales Management System - Multiple Vulnerabilities

Intelbras Telefone IP TIP200 LITE - Local File Disclosure
Cisco node-jos < 0.11.0 - Re-sign Tokens

Linux/x86 - execve(/bin/sh) Shellcode (18 bytes)

19 .3.2018

Linux Kernel < 4.4.0-21 (Ubuntu 16.04 x64) - 'netfilter target_offset' Local Privilege...

Linux Kernel < 3.5.0-23 (Ubuntu 12.04.2 x64) - 'SOCK_DIAG' SMEP Bypass Local Privilege...

Linux Kernel < 4.4.0-116 (Ubuntu 16.04.4) - Local Privilege Escalation

18 .3.2018

 

Firefox 44.0.2 - ASM.JS JIT-Spray Remote Code Execution
Firefox 46.0.1 - ASM.JS JIT-Spray Remote Code Execution

MikroTik RouterOS < 6.41.3/6.42rc27 - SMB Buffer Overflow

SAP NetWeaver AS JAVA CRM - Log injection Remote Command Execution

Contec Smart Home 4.15 - Unauthorized Password Reset

Android DRM Services - Buffer Overflow

15 .3.2018

Spring Data REST < 2.6.9 (Ingalls SR9), 3.0.1 (Kay SR1) - PATCH Request Remote Code...

WordPress Plugin Duplicator 1.2.32 - Cross-Site Scripting

13 .3.2018

Tuleap 9.17.99.189 - Blind SQL Injection

SecurEnvoy SecurMail 9.1.501 - Multiple Vulnerabilities

ACL Analytics 11.X - 13.0.0.579 - Arbitrary Code Execution

MikroTik RouterOS < 6.38.4 (x86) - 'Chimay Red' Stack Clash Remote Code Execution

MikroTik RouterOS < 6.38.4 (MIPSBE) - 'Chimay Red' Stack Clash Remote Code Execution

Eclipse Equinoxe OSGi Console - Command Execution (Metasploit)

DEWESoft X3 SP1 (64-bit) - Remote Command Execution

ACL Analytics 11.X - 13.0.0.579 - Arbitrary Code Execution

Advantech WebAccess < 8.3 - Directory Traversal / Remote Code Execution

SC 7.16 - Stack-Based Buffer Overflow

Sony Playstation 4 (PS4) 4.55 < 5.50 - WebKit Code Execution (PoC)

12 .3.2018

Eclipse Equinoxe OSGi Console - Command Execution (Metasploit)

DEWESoft X3 SP1 (64-bit) - Remote Command Execution

Advantech WebAccess < 8.3 - Directory Traversal / Remote Code Execution

TextPattern 4.6.2 - 'qty' SQL Injection

Prisma Industriale Checkweigher PrismaWEB 1.21 - Hard-Coded Credentials

ManageEngine Applications Manager 13.5 - Remote Code Execution (Metasploit)

SC 7.16 - Stack-Based Buffer Overflow

9 .3.2018

Bacula-Web < 8.0.0-rc2 - SQL Injection

WebLog Expert Enterprise 9.4 - Authentication Bypass

WebLog Expert Enterprise 9.4 - Denial of Service

Memcached 1.5.5 - 'Memcrashed ' Insufficient Control of Network Message Volume Denial of...

8 .3.2018

antMan 0.9.0c - Authentication Bypass

Redaxo CMS Addon MyEvents 2.2.1 - SQL Injection

7 .3.2018

Bravo Tejari Web Portal - Cross-Site Request Forgery

Memcached - 'memcrashed' Denial of Service

antMan 0.9.0c - Authentication Bypass

Redaxo CMS Addon MyEvents 2.2.1 - SQL Injection

Bravo Tejari Web Portal - Cross-Site Request Forgery

6 .3.2018

Chrome V8 JIT - Empty BytecodeJumpTable Out-of-Bounds Read

Chrome V8 JIT - 'GetSpecializationContext' Type Confusion

Chrome V8 JIT - JSBuiltinReducer::ReduceObjectCreate Fails to Ensure that the Prototype...

Chrome V8 JIT - Simplified-lowererer IrOpcode::kStoreField, IrOpcode::kStoreElement...

Softros Network Time System Server 2.3.4 - Denial of Service

Memcached - 'memcrashed' Denial of Service

Bravo Tejari Web Portal - Cross-Site Request Forgery

5 .3.2018

 

NETGEAR - 'TelnetEnable' Magic Packet (Metasploit)

ClipBucket < 4.0.0 - Release 4902 - Command Injection / File Upload / SQL Injection

Sophos UTM 9.410 - 'loginuser' 'confd' Service Privilege Escalation

Dup Scout Enterprise 10.5.12 - 'Share Username' Local Buffer Overflow

Xion 1.0.125 - '.m3u' Local SEH-Based Unicode Venetian Exploit

ActivePDF Toolkit < 8.1.0.19023 - Multiple Memory Corruptions Suricata < 4.0.4 - IDS Detection Bypass

4 .3.2018

TestLink Open Source Test Management < 1.9.16 - Remote Code Execution

uWSGI < 2.0.17 - Directory Traversal

D-Link DIR-600M Wireless - Cross-Site Scripting

DualDesk 20 - 'Proxy.exe' Denial of Service SEGGER embOS/IP FTP Server 3.22 - Denial of Service

2 .3.2018

D-Link DIR-600M Wireless - Cross-Site Scripting

IrfanView 4.50 Email Plugin - Buffer Overflow (SEH Unicode)

IrfanView 4.44 Email Plugin - Buffer Overflow (SEH)

SEGGER embOS/IP FTP Server 3.22 - Denial of Service

1 .3.2018

Sony Playstation 4 (PS4) 4.55 - Jailbreak (WebKit 5.01 / 'bpf' Kernel Loader 4.55)

Routers2 2.24 - Cross-Site Scripting

Apple iOS 11.2.5 / watchOS 4.2.2 / tvOS 11.2.5 - 'bluetoothd' Memory Corruption

Sony Playstation 4 (PS4) 5.01 < 5.05 - WebKit Code Execution (PoC)

28 .2.2018

GetGo Download Manager 5.3.0.2712 - Buffer Overflow (SEH)

Concrete5 < 8.3.0 - Username / Comments Enumeration

CMS Made Simple 2.1.6 - Remote Code Execution

School Management Script 3.0.4 - Authentication Bypass

Joomla! Component K2 2.8.0 - Arbitrary File Download

MyBB My Arcade Plugin 1.3 - Cross-Site Scripting

Schools Alert Management Script 2.0.2 - Authentication Bypass

Sony Playstation 4 4.55 FW - Local Kernel

Microsoft Windows Windows 8.1/2012 R2 - SMB Denial of Service

Asterisk chan_pjsip 15.2.0 - 'SUBSCRIBE' Stack Corruption

Asterisk chan_pjsip 15.2.0 - 'SDP fmtp' Denial of Service

Asterisk chan_pjsip 15.2.0 - 'SDP' Denial of Service

Asterisk chan_pjsip 15.2.0 - 'INVITE' Denial of Service

27 .2.2018

Sony Playstation 4 4.55 FW - Local Kernel

Chrome V8 - 'TranslatedState::MaterializeCapturedObjectAt' Type Confusion

Chrome V8 - 'PropertyArray' Integer Overflow

transmission - Integer Overflows Parsing Torrent Files

26 .2.2018

AsusWRT LAN - Unauthenticated Remote Code Execution (Metasploit)

CloudMe Sync 1.10.9 - Stack-Based Buffer Overflow (Metasploit)

Disk Savvy Enterprise 10.4.18 - Stack-Based Buffer Overflow (Metasploit)

23.2.2018

Groupon Clone Script 3.0.2 - Cross-Site Scripting

Alibaba Clone Script 1.0.2 - Cross-Site Scripting

Learning and Examination Management System - Cross-Site Scripting

Armadito Antivirus 0.12.7.2 - Detection Bypass

22.2.2018

 

Disk Pulse Enterprise 10.4.18 - 'Import Command' Buffer Overflow (SEH)

Disk Savvy Enterprise 10.4.18 - Buffer Overflow (SEH)

EChat Server 3.1 - 'CHAT.ghp' Buffer Overflow

Wavpack 5.1.0 - Denial of Service

Trend Micro Email Encryption Gateway 5.5 (Build 1111.00) - Multiple Vulnerabilities

Joomla! Component OS Property Real Estate 3.12.7 - SQL Injection

Joomla! Component Proclaim 9.1.1 - Arbitrary File Upload

Joomla! Component CheckList 1.1.1 - SQL Injection

Joomla! Component Alexandria Book Library 3.1.2 - 'letter' SQL Injection

Joomla! Component Ek Rishta 2.9 - SQL Injection

Joomla! Component PrayerCenter 3.0.2 - 'sessionid' SQL Injection

NoMachine x64 < 6.0.80 - 'nxfuse' Privilege Escalation

NoMachine x86 < 6.0.80 - 'nxfuse' Privilege Escalation

21.2.2018utorrent - JSON-RPC Remote Code Execution / Information Disclosure
20.2.2018

utorrent - JSON-RPC Remote Code Execution / Information Disclosure

Microsoft Windows - StorSvc SvcMoveFileInheritSecurity Arbitrary File Creation Privilege...

Microsoft Windows - Constrained Impersonation Capability Privilege Escalation

Microsoft Windows - NPFS Symlink Security Feature Bypass/Elevation of Privilege/Dangerous...

Microsoft Windows - Global Reparse Point Security Feature Bypass/Elevation of Privilege

Microsoft Internet Explorer 11 - 'Js::RegexHelper::RegexReplace' Use-After-Free

Microsoft Windows Kernel - 'nt!RtlpCopyLegacyContextX86' Stack Memory Disclosure

MagniComp SysInfo - mcsiwrapper Privilege Escalation (Metasploit)

19.2.2018

Aastra 6755i SIP SP4 - Denial of Service

October CMS < 1.0.431 - Cross-Site Scripting

Linux/ARM - Bind TCP (4444/TCP) Shell (/bin/sh) + IP Controlled (192.168.1.190) +...

17.2.2018

Oracle Primavera P6 Enterprise Project Portfolio Management - HTTP Response Splitting

PSNews Website 1.0.0 - 'Keywords' SQL Injection

PHIMS - Hospital Management Information System - 'Password' SQL Injection

Front Accounting ERP 2.4.3 - Cross-Site Request Forgery

Siemens SIPROTEC 4 and SIPROTEC Compact EN100 Ethernet Module < 4.25 - Denial of Service

JBoss Remoting 6.14.18 - Denial of Service

Microsoft Edge - 'UnmapViewOfFile' ACG Bypass

16.2.2018

 

EPIC MyChart - SQL Injection

ABRT - raceabrt Privilege Escalation(Metasploit)

Joomla! Component Gallery WD 1.3.6 - SQL Injection

Joomla! Component Form Maker 3.6.12 - SQL Injection

Joomla! Component File Download Tracker 3.0 - SQL Injection

Joomla! Component Fastball 2.5 - 'season' SQL Injection

Joomla! Component DT Register 3.2.7 - 'id' SQL Injection

Joomla! Component AllVideos Reloaded 1.2.x - 'divid' SQL Injection

Joomla! Component Aist 2.0 - 'id' SQL Injection

Siemens SIPROTEC 4 and SIPROTEC Compact EN100 Ethernet Module < 4.25 - Denial of Service

JBoss Remoting 6.14.18 - Denial of Service

Microsoft Edge - 'UnmapViewOfFile' ACG Bypass

15.2.2018

Chrome V8 - 'Runtime_RegExpReplace' Integer Overflow

Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace

Pdfium - Pattern Shading Integer Overflows

Microsoft Edge Chakra JIT - 'LdThis' Type Confusion

Microsoft Edge Chakra JIT - 'NewScObjectNoCtor' Array Type Confusion

Microsoft Edge Chakra JIT - 'Array.prototype.reverse' Array Type Confusion

Microsoft Edge Chakra JIT - Array Type Confusion via InitProto Instructions

Microsoft Edge Chakra JIT - ImplicitCallFlags Checks Bypass

Microsoft Edge Chakra JIT - Memory Corruption

Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly...

GNU binutils 2.26.1 - Integer Overflow (PoC)

Dell EMC Isilon OneFS - Multiple Vulnerabilities

userSpice 4.3 - Cross-Site Scripting

SOA School Management - 'access_login' SQL Injection

Social Oauth Login PHP - Authentication Bypass

GNU binutils 2.26.1 - Integer Overflow (POC)

14.2.2018

NAT32 2.2 Build 22284 - Cross-Site Request Forgery

NAT32 2.2 Build 22284 - Remote Command Execution

13.2.2018

LibreOffice < 6.0.1 - '=WEBSERVICE' Remote Arbitrary File Disclosure

glibc - 'LD_AUDIT' Arbitrary DSO Load Privilege Escalation (Metasploit)

glibc - '$ORIGIN' Expansion Privilege Escalation (Metasploit)

Juju-run Agent - Privilege Escalation (Metasploit)

Advantech WebAccess 8.3.0 - Remote Code Execution

CloudMe Sync < 1.11.0 - Buffer Overflow

News Website Script 2.0.4 - 'search' SQL Injection

TypeSetter CMS 5.1 - Cross-Site Request Forgery

TypeSetter CMS 5.1 - 'Host' Header Injection

LogicalDOC Enterprise 7.7.4 - Root Remote Code Execution

11.2.2018

JBoss 4.2.x/4.3.x - Information Disclosure

Multi Language Olx Clone Script - Cross-Site Scripting

Multi religion Responsive Matrimonial 4.7.2 - Cross-Site Scripting

Select Your College Script 2.0.2 - Authentication Bypass

Bitcoin MLM Software 1.0.2 - Cross-Site Scripting

Lawyer Search Script 1.0.2 - Cross-Site Scripting

Schools Alert Management Script 2.0.2 - Arbitrary File Upload

Facebook Clone Script 1.0.5 - Cross-Site Scripting

macOS Kernel - Use-After-Free Due to Lack of Locking in...

9.2.2018

 

HPE iLO 4 < 2.53 - Add New Administrator User

Marked2 - Local File Disclosure

macOS Kernel - Use-After-Free Due to Lack of Locking in...

8.2.2018

Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code...

HPE iLO4 < 2.53 - Add New Administrator User

Geovision Inc. IP Camera & Video - Remote Command Execution

Geovision Inc. IP Camera/Video/Access Control - Multiple Remote Command Execution / Stack...

Entrepreneur Dating Script 2.0.2 - Authentication Bypass

Online Test Script 2.0.7 - 'cid' SQL Injection

Hot Scripts Clone Script Classified - Persistent Cross-Site Scripting

Naukri Clone Script - Persistent Cross-Site Scripting

MalwareFox AntiMalware 2.74.0.150 - Privilege Escalation

Android - 'getpidcon' Permission Bypass in KeyStore Service

Cisco ASA - Crash PoC

7.2.2018

Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code...

Geovision Inc. IP Camera & Video - Remote Command Execution

Geovision Inc. IP Camera/Video/Access Control - Multiple Remote Command Execution / Stack...

Entrepreneur Dating Script 2.0.2 - Authentication Bypass

Online Test Script 2.0.7 - 'cid' SQL Injection

Hot Scripts Clone Script Classified - Persistent Cross-Site Scripting

Naukri Clone Script - Persistent Cross-Site Scripting

Multilanguage Real Estate MLM Script - Persistent Cross-Site Scripting

Doctor Search Script 1.0.2 - Persistent Cross-Site Scripting

Android - 'getpidcon' Permission Bypass in KeyStore Service

Asterisk 13.17.2 - 'chan_skinny' Remote Memory Corruption

Cisco ASA - Crash PoC

6.2.2018

Netis WF2419 Router - Cross-Site Scripting

Student Profile Management System Script 2.0.6 - Authentication Bypass

Joomla! Component JSP Tickets 1.1 - SQL Injection

Joomla! Component jLike 1.0 - Information Leak

Joomla! Component Zh GoogleMap 8.4.0.0 - SQL Injection

Joomla! Component Zh YandexMap 6.2.1.0 - 'id' SQL Injection

Joomla! Component Zh BaiduMap 3.0.0.1 - SQL Injection

5.2.2018

 

Windows - 'EternalRomance'/'EternalSynergy'/'EternalChampion' SMB Remote Code Execution...

Online Voting System - Authentication Bypass

NixCMS 1.0 - 'category_id' SQL Injection

Matrimonial Website Script 2.1.6 - 'uid' SQL Injection

MalwareFox AntiMalware 2.74.0.150 - Privilege Escalation

Apport/ABRT - 'chroot' Local Privilege Escalation (Metasploit)

Claymore Dual GPU Miner 10.5 - Format String

WordPress Core - 'load-scripts.php' Denial of Service

Wonder CMS 2.3.1 - 'Host' Header Injection

Wonder CMS 2.3.1 - Unrestricted File Upload

2.2.2018

Microsoft Windows Subsystem for Linux - Local Privilege Escalation

FiberHome AN5506 - Unauthenticated Remote DNS Change

Oracle Hospitality Simphony (MICROS) 2.7 < 2.9 - Directory Traversal

Joomla! Component JMS Music 1.1.1 - SQL Injection

Joomla! Component Jimtawl 2.1.6 - Arbitrary File Upload

Joomla! Component JEXTN Classified 1.0.0 - 'sid' SQL Injection

Joomla! Component JEXTN Reverse Auction 3.1.0 - SQL Injection

Event Manager 1.0 - SQL Injection

Joomla! Component JE PayperVideo 3.0.0 - 'usr_plan' SQL Injection

IPSwitch MOVEit 8.1 < 9.4 - Cross-Site Scripting

Advance Loan Management System - 'id' SQL Injection

Real Estate Custom Script - 'route' SQL Injection

Fancy Clone Script - 'search_browse_product' SQL Injection

Joomla! Component JEXTN Membership 3.1.0 - 'usr_plan' SQL Injection

BMC Server Automation RSCD Agent - NSH Remote Command Execution (Metasploit)

WebKit - 'WebCore::FrameView::clientToLayoutViewportPoint' Use-After-Free

WebKit - 'detachWrapper' Use-After-Free

Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (136 bytes)

Linux/x64 - Twofish Encoded + DNS (CNAME) Password + execve(/bin/sh) Shellcode

1.2.2018

Sync Breeze Enterprise 10.4.18 - Remote Buffer Overflow (SEH)

systemd (system-tmpfiles) < 236 - 'fs.protected_hardlinks=0' Local Privilege Escalation

30.1.2018

macOS - 'sysctl_vfs_generic_conf' Stack Leak Through Struct Padding

HPE iMC 7.3 - RMI Java Deserialization

Advantech WebAccess < 8.3 - SQL Injection

BMC BladeLogic RSCD Agent 8.3.00.64 - Windows Users Disclosure

Joomla! Component Visual Calendar 3.1.3 - 'id' SQL Injection

Joomla! Component CP Event Calendar 3.0.1 - 'id' SQL Injection

Joomla! Component Picture Calendar for Joomla 3.1.4 - Directory Traversal

29.1.2018

Trend Micro Threat Discovery Appliance 2.6.1062r1 - 'dlp_policy_upload.cgi' Remote Code...

Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh) Null Free Shellcode (80...

Linux/x86 - Egghunter Shellcode (12 Bytes)

KeystoneJS < 4.0.0-beta.7 - Cross-Site Request Forgery

Netis WF2419 Router - Cross-Site Request Forgery

Buddy Zone 2.9.9 - SQL Injection

Multilanguage Real Estate MLM Script 3.0 - 'srch' SQL Injection

Hot Scripts Clone - 'subctid' SQL Injection

TSiteBuilder 1.0 - SQL Injection

Task Rabbit Clone 1.0 - 'id' SQL Injection

24.1.2018

NEC Univerge SV9100/SV8100 WebPro 10.0 - Configuration Download

CentOS Web Panel 0.9.8.12 - 'row_id' / 'domain' SQL Injection

HP Connected Backup 8.6/8.8.6 - Local Privilege Escalation

RAVPower 2.000.056 - Memory Disclosure

MixPad 5.00 - Buffer Overflow

12.1.2018

Microsoft Edge Chakra - 'AppendLeftOverItemsFromEndSegment' Out-of-Bounds Read

macOS - 'process_policy' Stack Leak Through Uninitialized Field

Microsoft Windows SMB Server (v1/v2) - Mount Point Arbitrary Device Open Privilege...

Microsoft Windows - NtImpersonateAnonymousToken LPAC to Non-LPAC Privilege Escalation

Microsoft Windows - NtImpersonateAnonymousToken AC to Non-AC Privilege Escalation

Microsoft Windows - NTFS Owner/Mandatory Label Privilege Bypass

Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon

phpCollab 2.5.1 - Unauthenticated File Upload (Metasploit)

LabF nfsAxe 3.7 FTP Client - Stack Buffer Overflow (Metasploit)

D-Link Routers 110/412/615/815 < 1.03 - 'service.cgi' Arbitrary Code Execution

SAP NetWeaver J2EE Engine 7.40 - SQL Injection

Parity Browser < 1.6.10 - Bypass Same Origin Policy

Linux/ARM (Raspberry Pi) - Bind TCP /bin/sh Shell (0.0.0.0:4444/TCP) Null-Free Shellcode...

11.1.2018

 

D-Link Routers 110/412/615/815 < 1.03 - 'service.cgi' Arbitrary Code Execution

SAP NetWeaver J2EE Engine 7.40 - SQL Injection

Linux/ARM (Raspberry Pi) - Bind TCP /bin/sh Shell (0.0.0.0:4444/TCP) Null-Free Shellcode...

Parity Browser < 1.6.10 - Bypass Same Origin Policy

Microsoft Edge Chakra JIT - 'Lowerer::LowerSetConcatStrMultiItem' Missing Integer...

Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (53 bytes)

Linux/x86 - execve /bin/dash Shellcode (30 bytes)

HPE iMC - dbman RestartDB Unauthenticated Remote Command Execution (Metasploit)

HPE iMC - dbman RestoreDBase Unauthenticated Remote Command Execution (Metasploit)

DiskBoss Enterprise 8.8.16 - Buffer Overflow

Joomla! Component Easydiscuss < 4.0.21 - Cross-Site Scripting

WordPress Plugin WordPress Download Manager 2.9.60 - Cross-Site Request Forgery

WordPress Plugin Admin Menu Tree Page View 2.6.9 - Cross-Site Request Forgery / Privilege...

WordPress Plugin CMS Tree Page View 1.4 - Cross-Site Request Forgery / Privilege...

WordPress Plugin Social Media Widget by Acurax 3.2.5 - Cross-Site Request Forgery

WordPress Plugin Events Calendar - 'event_id' SQL Injection

Muviko 1.1 - SQL Injection

Jungo Windriver 12.5.1 - Privilege Escalation

Multiple CPUs - Information Leak Using Speculative Execution

10.1.2018

Commvault Communications Service (cvd) - Command Injection (Metasploit)

DiskBoss Enterprise 8.8.16 - Buffer Overflow

Muviko 1.1 - SQL Injection

Worpress Plugin Service Finder Booking < 3.2 - Local File Disclosure

Synology Photostation 6.7.2-3429 - Remote Code Execution (Metasploit)

Linux/x86 - execve /bin/dash Shellcode (30 bytes)

9.1.2018

 

Commvault Communications Service (cvd) - Command Injection (Metasploit)

Android - Inte-Process munmap due to Race Condition in ashmem

Microsoft Windows - 'nt!NtQuerySystemInformation (information class 138,...

Microsoft Windows - 'nt!NtQueryInformationProcess (information class 76,...

Microsoft Edge Chakra JIT - Escape Analysis Bug

Microsoft Edge Chakra - 'asm.js' Out-of-Bounds Read

Microsoft Edge Chakra JIT - BackwardPass::RemoveEmptyLoopAfterMemOp Does not Insert...

Microsoft Edge Chakra JIT - Op_MaxInAnArray and Op_MinInAnArray can Explicitly call...

Microsoft Windows - Local XPS Print Spooler Sandbox Escape

Linux/x86 - chmod 777 /etc/sudoers Shellcode (36 bytes)

BarcodeWiz ActiveX Control < 6.7 - Buffer Overflow (PoC)

Vanilla < 2.1.5 - Cross-Site Request Forgery

8.1.2018

DiskBoss Enterprise 8.5.12 - Denial of Service

Sync Breeze Enterprise 10.1.16 - Denial of Service

Disk Pulse Enterprise 10.1.18 - Denial of Service

VX Search Enterprise 10.1.12 - Denial of Service

Oracle WebLogic < 10.3.6 - 'wls-wsat' Component Deserialisation Remote Command Execution

SonicWall NSA 6600/5600/4600/3600/2600/250M - Multiple Vulnerabilities

Photos in Wifi 1.0.1 - Path Traversal

WordPress Plugin LearnDash 2.5.3 - Arbitrary File Upload

FiberHome LM53Q1 - Multiple Vulnerabilities

BarcodeWiz ActiveX Control < 6.7 - Buffer Overflow (PoC)

7.1.2018

Microsoft Windows win32k - Using SetClassLong to Switch Between CS_CLASSDC and CS_OWNDC...

Cisco IOS - Remote Code Execution

Ayukov NFTP FTP Client 2.0 - Buffer Overflow (Metasploit)

WDMyCloud < 2.30.165 - Multiple Vulnerabilities

Gespage 7.4.8 - SQL Injection

GetGo Download Manager 5.3.0.2712 - 'Proxy' Buffer Overflow

5.1.2018

Linux/x86 - Reverse TCP /bin/sh Shell (127.1.1.1:8888/TCP) Null-Free Shellcode (67/69...

gps-server.net GPS Tracking Software < 3.1 - Multiple Vulnerabilities

Multiple CPUs - 'Spectre' Information Disclosure (PoC)

GetGo Download Manager 5.3.0.2712 - 'Proxy' Buffer Overflow

WDMyCloud < 2.30.165 - Multiple Vulnerabilities

D-Link DNS-320 ShareCenter < 1.06 - Backdoor Acces

4.1.2018

Xplico - Remote Code Execution (Metasploit)

Linksys WVBR0-25 - User-Agent Command Execution (Metasploit)

EMC xPression 4.5SP1 Patch 13 - 'model.jobHistoryId' SQL Injection

EMC xPression 4.5SP1 Patch 13 - 'model.jobHistoryId' SQL Injection

WordPress Plugin Smart Google Code Inserter < 3.5 - Authentication Bypass / SQL Injection

Kingsoft Antivirus/Internet Security 9+ - Privilege Escalation

3.1.2018WordPress Plugin Smart Google Code Inserter < 3.5 - Authentication Bypass / SQL Injection
2.1.2018

PHP Melody 2.7.1 - 'playlist' SQL Injection

D3DGear 5.00 Build 2175 - Buffer Overflow

30.12.2017NetTransport 2.96L - Buffer Overflow (DEP Bypass) 
27.12.2017SilverStripe CMS 3.6.2 - CSV Excel Macro Injection 
Sendroid < 6.5.0 - SQL Injection 
Biometric Shift Employee Management System 3.0 - Local File Disclosure 
Joomla! Component JEXTN FAQ Pro 4.0.0 - 'id' SQL Injection 
GetGo Download Manager 5.3.0.2712 - Buffer Overflow 
Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure 
Telesquare SKT LTE Router SDT-CS3B1 - Cross-Site Request Forgery 
Easy!Appointments 1.2.1 - Cross-Site Scripting 
Xerox DC260 EFI Fiery Controller Webtools 2.0 - Arbitrary File Disclosure 
Sony Playstation 4 4.05 FW - Local Kernel Loader 
ALLMediaServer 0.95 - Buffer Overflow 
26.12.2017COMTREND ADSL Router CT-5367 - Remote Code Execution 
Ubiquiti UniFi Video 3.7.3 - Local Privilege Escalation 
GetGo Download Manager 5.3.0.2712 - Buffer Overflow 
22.12.2017Trend Micro Smart Protection Server - Session Hijacking / Log File Disclosure / Remote... 
21.12.2017Samsung Internet Browser - SOP Bypass (Metasploit) 
BEIMS ContractorWeb 5.18.0.0 - SQL Injection 
Ability Mail Server 3.3.2 - Cross-Site Scripting 
Conarc iChannel - Improper Access Restrictions 
20.12.2017Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)'... 
Samsung Internet Browser - SOP Bypass (Metasploit) 
19.12.2017Intel Content Protection HECI Service - Type Confusion Privilege Escalation 
Microsoft Windows - 'jscript!RegExpFncObj::LastParen' Out-of-Bounds Read 
Microsoft Windows - 'jscript!JsArraySlice' Uninitialized Variable 
Microsoft Windows - jscript.dll 'Array.sort' Heap Overflow 
Microsoft Windows - 'jscript!RegExpComp::Compile' Heap Overflow Through IE or Local... 
Microsoft Internet Explorer 11 - 'jscript!JSONStringifyObject' Use-After-Free 
Microsoft Windows - 'jscript!NameTbl::GetValDef' Use-After-Free 
GoAhead httpd 2.5 < 3.6.5 - 'LD_PRELOAD' Remote Code Execution 
Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit) 
Jenkins - XStream Groovy classpath Deserialization (Metasploit) 
Tuleap 9.6 - Second-Order PHP Object Injection (Metasploit) 
Joomla! Component NextGen Editor 2.1.0 - 'plname' SQL Injection 
BrightSign Digital Signage - Multiple Vulnerablities 
18.12.2017Joomla! Component My Projects 2.0 - SQL Injection 
Joomla! Component User Bench 1.0 - 'userid' SQL Injection 
Zoom Linux Client 2.0.106600.0904 - Stack-Based Buffer Overflow 
Zoom Linux Client 2.0.106600.0904 - Command Injection 
CDex 1.96 - Buffer Overflow 
Joomla! Component Guru Pro - 'promocode' SQL Injection 
Joomla! Component JB Visa 1.0 - 'visatype' SQL Injection 
Monstra CMS 3.0.4 - Arbitrary File Upload / Remote Code Execution 
Outlook for Android - Attachment Download Directory Traversal 
Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit) 
17.12.2017Movie Guide 2.0 - SQL Injection 
ITGuard-Manager 0.0.0.1 - Remote Code Execution 
15.12.2017Palo Alto Networks Firewalls - Remote root Code Execution 
pfSense 2.4.1 - CSRF Error Page Clickjacking (Metasploit) 
Dup Scout Enterprise - Login Buffer Overflow (Metasploit) 
Microsoft Office - DDE Payload Delivery (Metasploit) 
Movie Guide 2.0 - SQL Injection 
ITGuard-Manager 0.0.0.1 - Remote Code Execution 
Sync Breeze 10.2.12 - Denial of Service 
14.12.2017Microsoft Office - DDE Payload Delivery (Metasploit) 
Palo Alto Networks Firewalls - Remote root Code Execution 
pfSense 2.4.1 - CSRF Error Page Clickjacking (Metasploit) 
Dup Scout Enterprise - Login Buffer Overflow (Metasploit) 
glibc ld.so - Memory Leak / Buffer Overflow 
Advantech WebAccess 8.2-2017.03.31 - Webvrpcs Service Opcode 80061 Stack Buffer Overflow... 
Piwigo 2.9.1 - 'cat_true' / 'cat_false' SQL Injection 
Bus Booking Script 1.0 - 'txtname' SQL Injection 
FS Lynda Clone 1.0 - SQL Injection 
Paid To Read Script 2.0.5 - 'uid' / 'fnum' / 'fn' SQL Injection 
Readymade Video Sharing Script 3.2 - HTML Injection 
Meinberg LANTIME Web Configuration Utility 6.16.008 - Arbitrary File Read 
Joomla! Component JEXTN Video Gallery 3.0.5 - 'id' SQL Injection 
Joomla! Component JEXTN Question And Answer 3.1.0 - SQL Injection 
13.12.2017Meinberg LANTIME Web Configuration Utility 6.16.008 - Arbitrary File Read 
Accesspress Anonymous Post Pro < 3.2.0 - Unauthenticated Arbitrary File Upload 
glibc ld.so - Memory Leak / Buffer Overflow 
macOS/iOS - Kernel Double Free due to Incorrect API Usage in Flow Divert Socket Option... 
macOS - Kernel Code Execution due to Lack of Bounds Checking in... 
macOS/iOS - Multiple Kernel Use-After-Frees due to Incorrect IOKit Object Lifetime... 
Apple XNU Kernel - Memory Corruption due to Integer Overflow in __offsetof Usage in... 
12.12.2017macOS XNU Kernel - Memory Disclosure due to bug in Kernel API for Detecting Kernel Memory... 
iOS/macOS - Kernel Double Free due to IOSurfaceRootUserClient not Respecting MIG... 
macOS - 'getrusage' Stack Leak Through struct Padding 
macOS - 'necp_get_socket_attributes' so_pcb Type Confusion 
MikroTik 6.40.5 ICMP - Denial of Service 
LibTIFF pal2rgb 4.0.9 - Heap Buffer Overflow 
Vanguard 1.4 - SQL Injection 
Vanguard 1.4 - Arbitrary File Upload 
Basic Job Site Script 2.0.5 - SQL Injection 
Resume Clone Script 2.0.5 - SQL Injection 
Advanced World Database 2.0.5 - SQL Injection 
Muslim Matrimonial Script 3.02 - 'succid' SQL Injection 
Groupon Clone Script 3.01 - 'state_id' / 'search' SQL Injection 
Accesspress Anonymous Post Pro < 3.2.0 - Unauthenticated Arbitrary File Upload 
Joomla! Component JBuildozer 1.4.1 - 'appid' SQL Injection 
11.12.2017MikroTik 6.40.5 ICMP - Denial of Service 
MLM Forex Market Plan Script 2.0.4 - 'newid' / 'eventid' SQL Injection 
Entrepreneur Bus Booking Script 3.0.4 - 'sourcebus' SQL Injection 
Advanced Real Estate Script 4.0.7 - SQL Injection 
Single Theater Booking Script 3.2.1 - 'findcity.php?q' SQL Injection 
Multiplex Movie Theater Booking Script 3.1.5 - 'moid' / 'eid' SQL Injection 
Responsive Events & Movie Ticket Booking Script 3.2.1 - 'findcity.php?q' SQL Injection 
Multireligion Responsive Matrimonial 4.7.2 - 'succid' SQL Injection 
10.12.2017Beauty Parlour Booking Script 1.0 - 'gender' / 'city' SQL Injection 
Basic B2B Script 2.0.8 - 'product_details.php?id' SQL Injection 
Affiliate MLM Script 1.0 - 'product-category.php?key' SQL Injection 
Advance Online Learning Management Script 3.1 - 'subcatid' / 'popcourseid' SQL Injection 
LabF nfsAxe FTP Client 3.7 - Buffer Overflow (DEP Bypass) 
Apple macOS 10.13.1 (High Sierra) - Insecure Cron System Local Privilege Escalation 
FS Monster Clone 1.0 - 'Employer_Details.php?id' SQL Injection 
FS Olx Clone 1.0 - 'scat' / 'pid' SQL Injection 
FS Quibids Clone 1.0 - SQL Injection 
FS Shutterstock Clone 1.0 - 'keywords' SQL Injection 
FS Stackoverflow Clone 1.0 - 'keywords' SQL Injection 
FS Thumbtack Clone 1.0 - 'cat' / 'sc' SQL Injection 
Realestate Crowdfunding Script 2.7.2 - 'pid' SQL Injection 
8.12.2017Website Auction Marketplace 2.0.5 - 'cat_id' SQL Injection 
Simple Chatting System 1.0.0 - Arbitrary File Upload 
DomainSale PHP Script 1.0 - 'id' SQL Injection 
LabF nfsAxe FTP Client 3.7 - Buffer Overflow (DEP Bypass) 
Claymore Dual ETH + DCR/SC/LBC/PASC GPU Miner - Stack Buffer Overflow / Path Traversal 
Polycom Shell HDX Series - Traceroute Command Execution (Metasploit) 
LaCie 5big Network 2.2.8 - Command Injection 
OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting 
FS Facebook Clone - 'token' SQL Injection 
7.12.2017Linux Kernel - DCCP Socket Use-After-Free 
Wireshark 2.4.0 - 2.4.2 / 2.2.0 - 2.2.10 - CIP Safety Dissector Crash 
Microsoft Windows Defender - Controlled Folder Bypass Through UNC Path 
Polycom Shell HDX Series - Traceroute Command Execution (Metasploit) 
OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting 
FS Facebook Clone - 'token' SQL Injection 
FS IMDB Clone - 'id' SQL Injection 
6.12.2017FS Shaadi Clone - 'token' SQL Injection 
WinduCMS 3.1 - Local File Disclosure 
FS Makemytrip Clone - 'id' SQL Injection 
Readymade Classifieds Script 1.0 - SQL Injection 
Techno Portfolio Management Panel - 'id' SQL Injection 
Perspective ICM Investigation & Case 5.1.1.16 - Privilege Escalation 
Proxifier for Mac 2.19 - Local Privilege Escalation 
Hashicorp vagrant-vmware-fusion 4.0.23 - Local Privilege Escalation 
Hashicorp vagrant-vmware-fusion 4.0.24 - Local Privilege Escalation 
Hashicorp vagrant-vmware-fusion 5.0.0 - Local Privilege Escalation 
Sera 1.2 - Local Privilege Escalation / Password Disclosure 
Hashicorp vagrant-vmware-fusion 5.0.1 - Local Privilege Escalation 
Hashicorp vagrant-vmware-fusion 5.0.3 - Local Privilege Escalation 
5.12.2017VX Search 10.2.14 - 'command_name' Buffer Overflow 
Perspective ICM Investigation & Case 5.1.1.16 - Privilege Escalation 
Techno Portfolio Management Panel - 'id' SQL Injection 
Readymade Classifieds Script 1.0 - SQL Injection 
3.12.2017Artica Web Proxy 3.06 - Remote Code Execution 
MistServer 2.12 - Cross-Site Scripting 
Jobs2Careers / Coroflot Clone - SQL Injection 
Abyss Web Server < 2.11.6 - Heap Memory Corruption 
1.12.2017HP iMC Plat 7.2 - Remote Code Execution (2) 
HP iMC Plat 7.2 - Remote Code Execution 
Jobs2Careers / Coroflot Clone - SQL Injection 
WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal 
30.11.2017macOS High Sierra - Root Privilege Escalation (Metasploit) 
Linux Kernel - 'The Huge Dirty Cow' Overwriting The Huge Zero Page 
QEMU - NBD Server Long Export Name Stack Buffer Overflow 
29.11.2017Synology StorageManager 5.2 - Remote Root Command Execution 
Android Gmail < 7.11.5.176568039 - Directory Traversal in Attachment Download 
pfSense - Authenticated Group Member RCE (Metasploit) 
Microsoft Windows 10 Creators Update (version 1703) (x86) - 'WARBIRD'... 
28.11.2017Android Gmail < 7.11.5.176568039 - Directory Traversal in Attachment Download 
ZTE ZXDSL 831CII - Improper Access Restrictions 
Diving Log 6.0 - XML External Entity Injection 
27.11.2017Microsoft Edge Chakra JIT - 'BailOutOnTaggedValue' Bailouts Type Confusion 
Microsoft Edge Chakra JIT - 'Inline::InlineCallApplyTarget_Shared' does not Return the... 
Microsoft Edge Chakra JIT - Incorrect Function Declaration Scope 
Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly 
Exim 4.89 - 'BDAT' Denial of Service 
25.11.2017Linux - 'mincore()' Uninitialized Kernel Heap Page Disclosure 
ALLPlayer 7.5 - Local Buffer Overflow (SEH Unicode) 
23.11.2017WebKit - 'WebCore::FormSubmission::create' Use-After-Free 
WebKit - 'WebCore::RenderObject::previousSibling' Use-After-Free 
WebKit - 'WebCore::DocumentLoader::frameLoader' Use-After-Free 
WebKit - 'WebCore::Style::TreeResolver::styleForElement' Use-After-Free 
WebKit - 'WebCore::SVGPatternElement::collectPatternAttributes' Out-of-Bounds Read 
WebKit - 'WebCore::SimpleLineLayout::RunResolver::runForPoint' Out-of-Bounds Read 
WebKit - 'WebCore::RenderText::localCaretRect' Out-of-Bounds Read 
22.11.2017Vonage VDV-23 - Denial of Service 
Microsoft Windows 10 - 'nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry)' Pool... 
21.11.2017Microsoft Office - OLE Remote Code Execution 
Microsoft Windows 10 - CiSetFileCache TOCTOU Security Feature Bypass 
Microsoft Windows 10 - 'nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry)' Pool... 
20.11.2017iOS < 11.1 / tvOS < 11.1 / watchOS < 4.1 - Denial of Service 
Microsoft Windows 10 - CiSetFileCache TOCTOU Security Feature Bypass 
18.11.2017VX Search 10.2.14 - 'Proxy' Buffer Overflow (SEH) 
17.11.2017Zeta Components Mail 1.8.1 - Remote Code Execution 
Vonage VDV23 - Cross-Site Scripting 
VX Search 10.2.14 - 'Proxy' Buffer Overflow (SEH) 
16.11.2017Microsoft Edge Chakra: JIT - 'OP_Memset' Type Confusion 
Microsoft Edge Chakra: JIT - 'Lowerer::LowerBoundCheck' Incorrect Integer Overflow Check 
Microsoft Edge Chakra JIT - Type Confusion with switch Statements 
Microsoft Edge - 'Object.setPrototypeOf' Memory Corruption 
D-Link DIR605L - Denial of Service 
Vonage VDV23 - Cross-Site Scripting 
LanSweeper 6.0.100.75 - Cross-Site Scripting 
TP-Link TL-WR740N - Cross-Site Scripting 
15.11.2017Dup Scout Enterprise 10.0.18 - 'Login' Buffer Overflow 
D-Link DIR-850L - Unauthenticated OS Command Execution (Metasploit) 
Ulterius Server < 1.9.5.0 - Directory Traversal 
Kirby CMS < 2.5.7 - Cross-Site Scripting 
PSFTPd Windows FTP Server 10.0.4 Build 729 - Log Injection / Use-After-Free
14.11.2017Web Viewer 1.0.0.193 (Samsung SRN-1670D) - Unrestricted File Upload 
IKARUS anti.virus 2.16.7 - 'ntguard_x64' Privilege Escalation 
Xlight FTP Server 3.8.8.5 - Buffer Overflow (PoC) 
13.11.2017Symantec Endpoint Protection 12.1 - Tamper-Protection Bypass 
8.11.2017ManageEngine Applications Manager 13 - SQL Injection 
pfSense 2.3.1_1 - Command Execution 
7.11.2017Linux Kernel 4.13 (Ubuntu 17.10) - 'waitid()' SMEP/SMAP Privilege Escalation
SMPlayer 17.11.0 - '.m3u' Buffer Overflow (PoC)  
Logitech Media Server 7.9.0 - 'Radio URL' Cross-Site Scripting 
Logitech Media Server 7.9.0 - 'favorites' Cross-Site Scripting 
SMPlayer 17.11.0 - '.m3u' Buffer Overflow (PoC) 
Avaya OfficeScan (IPO) < 10.1 - ActiveX Buffer Overflow 
6.11.2017Actiontec C1000A Modem - Backdoor Account 
WordPress Plugin Userpro < 4.9.17.1 - Authentication Bypass 
Ipswitch WS_FTP Professional < 12.6.0.3 - Local Buffer Overflow (SEH) 
Avaya OfficeScan (IPO) < 10.1 - 'SoftConsole' Buffer Overflow (SEH) 
Avaya OfficeScan (IPO) < 10.1 - ActiveX Buffer Overflow 
Debut Embedded httpd 1.20 - Denial of Service 
5.11.2017Oracle PeopleSoft Enterprise PeopleTools < 8.55 - Remote Code Execution Via Blind... 
3.11.2017Vir.IT eXplorer Anti-Virus - Privilege Escalation 
tnftp - 'savefile' Arbitrary Command Execution (Metasploit) 
Ladon Framework for Python 0.9.40 - XML External Entity Expansion 
WordPress Plugin JTRT Responsive Tables 4.1 - SQL Injection 
GraphicsMagick - Memory Disclosure / Heap Overflow 
2.11.2017ZyXEL PK5001Z Modem - Backdoor Account 
Ingenious School Management System 2.3.0 - 'friend_index' SQL injection 
OctoberCMS 1.0.426 (Build 426) - Cross-Site Request Forgery 
Easy MPEG/AVI/DIVX/WMV/RM to DVD - 'Enter User Name' Buffer Overflow (SEH) 
WhatsApp 2.17.52 - Memory Corruption 
31.10.2017Oracle Java SE - Web Start jnlp XML External Entity Processing Information... 
Ingenious 2.3.0 - Arbitrary File Upload 
30.10.2017MitraStar DSL-100HN-T1/GPT-2541GNAC - Privilege Escalation 
Online Exam Test Application - 'sort' SQL Injection 
Php Inventory - Arbitrary File Upload 
Vastal I-Tech Agent Zone - SQL Injection 
Website Broker Script - 'status_id' SQL Injection 
Zomato Clone Script - 'resid' SQL Injection 
WordPress Plugin Ultimate Product Catalog 4.2.24 - PHP Object Injection 
29.10.2017Tizen Studio 1.3 Smart Development Bridge < 2.3.2 - Buffer Overflow (PoC) 
Watchdog Development Anti-Malware / Online Security Pro - NULL Pointer Dereference 
27.10.2017HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow 
PHPMailer < 5.2.21 - Local File Disclosure 
Watchdog Development Anti-Malware / Online Security Pro - NULL Pointer Dereference 
26.10.2017Netgear DGN1000 1.1.00.48 - 'Setup.cgi' Unauthenticated Remote Code Execution... 
KeystoneJS 4.0.0-beta.5 - Cross-Site Scripting 
KeystoneJS 4.0.0-beta.5 - CSV Excel Macro Injection 
24.10.2017Polycom - Command Shell Authorization Bypass (Metasploit) 
Unitrends UEB 9 - bpserverd Authentication Bypass Remote Command Execution... 
Unitrends UEB 9 - http api/storage Remote Root (Metasploit) 
Ayukov NFTP FTP Client < 2.0 - Buffer Overflow 
FS OLX Clone - 'catg_id' SQL Injection 
FS Lynda Clone - 'category' SQL Injection 
FS Indiamart Clone - 'keywords' SQL Injection 
FS Groupon Clone - 'category' SQL Injection 
FS Freelancer Clone - 'sk' SQL Injection 
FS Expedia Clone - 'hid' SQL Injection 
FS Food Delivery Script - 'keywords' SQL Injection 
Mikogo 5.4.1.160608 - Local Credentials Disclosure 
23.10.2017Ayukov NFTP FTP Client < 2.0 - Buffer Overflow 
CometChat < 6.2.0 BETA 1 - Local File Inclusion 
Logitech Media Server - Cross-Site Scripting 
TP-Link TL-MR3220 - Cross-Site Scripting 
ArGoSoft Mini Mail Server 1.0.0.2 - Denial of Service 
Linux Kernel 4.14.0-rc4+ - 'waitid()' Privilege Escalation 
Ayukov NFTP FTP Client < 2.0 - Buffer Overflow 
20.10.2017Microsoft Game Definition File Editor 6.3.9600 - XML External Entity Injection 
TP-Link WR940N - Authenticated Remote Code Exploit 
Check_MK 1.2.8p25 - Information Disclosure 
ZKTime Web Software 2.0 - Improper Access Restrictions 
ZKTime Web Software 2.0 - Cross-Site Request Forgery 
Mozilla Firefox < 55 - Denial of Service 
19.10.2017Xen - Unbounded Recursion in Pagetable De-typing 
Afian AB FileRun 2017.03.18 - Multiple Vulnerabilities 
Linksys E Series - Multiple Vulnerabilities 
Wordpress Plugin Car Park Booking - SQL Injection 
18.10.2017Microsoft Windows - 'nt!NtQueryObject (ObjectNameInformation)' Kernel Pool Memory... 
Microsoft Edge Chakra JIT - 'RegexHelper::StringReplace' Must Call the Callback... 
Microsoft Edge Chakra - Accesses to Uninitialized Pointers in... 
Microsoft Edge Chakra JIT - Incorrect GenerateBailOut Calling Patterns 
Microsoft Windows 10 - WLDP/MSHTML CLSID UMCI Bypass 
Microsoft Excel - OLE Arbitrary Code Execution 
Tomcat - Remote Code Execution via JSP Upload Bypass (Metasploit) 
Apple iOS 10.2 (14C92) - Remote Code Execution 
Apache Solr 7.0.1 - XML External Entity Expansion / Remote Code Execution 
OpenText Documentum Content Server - Arbitrary File Download 
OpenText Documentum Content Server - dmr_content Privilege Escalation 
OpenText Documentum Content Server - Arbitrary File Download Privilege Escalation 
OpenText Documentum Content Server - Privilege Escalation 
3CX Phone System 15.5.3554.1 - Directory Traversal 
Shadowsocks - Log File Command Execution 
shadowsocks-libev 3.1.0 - Command Execution 
Linux Kernel - 'AF_PACKET' Use-After-Free 
17.10.20173CX Phone System 15.5.3554.1 - Directory Traversal 
Vulnerabilities 
Windows x64 - API Hooking Shellcode (117 bytes) 
Microsoft Office Groove - 'Workspace Shortcut' Arbitrary Code Execution 
16.10.2017AlienVault Unified Security Management (USM) 5.4.2 - Cross-Site Request Forgery 
Webmin 1.850 - Multiple Vulnerabilities 
15.10.2017Sync Breeze Enterprise 10.1.16 - Buffer Overflow (SEH) (Metasploit) 
phpMyFAQ 2.9.8 - Cross-Site Scripting 
Dreambox Plugin BouquetEditor - Cross-Site Scripting 
TYPO3 Extension Restler 1.7.0 - Local File Disclosure 
E-Sic Software livre CMS - Cross Site Scripting 
E-Sic Software livre CMS - 'f' Parameter SQL Injection 
E-Sic Software livre CMS - 'cpfcnpj' Parameter SQL Injection 
E-Sic Software livre CMS - Autentication Bypass 
Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (30 bytes) 
13.10.2017OctoberCMS 1.0.425 (Build 425) - Cross-Site Scripting 
10.10.2017IBM Notes 8.5.x/9.0.x - Denial of Service (Metasploit) 
Complain Management System - Hard-Coded Credentials / Blind SQL injection 
ClipShare 7.0 - SQL Injection 
9.10.2017Metasploit < 4.14.1-20170828 - Cross-Site Request Forgery 
PyroBatchFTP 3.17 - Buffer Overflow (SEH) 
OrientDB 2.2.2 - 2.2.22 - Remote Code Execution (Metasploit) 
Rancher Server - Docker Daemon Code Execution (Metasploit) 
Metasploit < 4.14.1-20170828 - Cross-Site Request Forgery
6.10.2017Microsoft Windows 10 x64 RS2 - 'win32kfull!bFill' Pool Overflow 
Unitrends UEB 9.1 - Authentication Bypass / Remote Command Execution 
Unitrends UEB 9.1 - 'Unitrends bpserverd' Remote Command Execution 
Unitrends UEB 9.1 - Privilege Escalation 
NETGEAR ReadyNAS Surveillance 1.4.3-16 - Remote Command Execution 
5.10.2017ERS Data System 1.8.1 - Java Deserialization 
NETGEAR ReadyNAS Surveillance 1.4.3-16 - Remote Command Execution 
4.10.2017ERS Data System 1.8.1 - Java Deserialization 
Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass /... 
EPESI 1.8.2 rev20170830 - Cross-Site Scripting 
DiskBoss Enterprise 8.4.16 - Local Buffer Overflow 
3.10.2017Apple Mac OS X + Safari - Local Javascript Quarantine Bypass 
Fiberhome AN5506-04-F - Command Injection 
UCOPIA Wireless Appliance < 5.1 (Captive Portal) - Unauthenticated Root Remote Code... 
Qmail SMTP - Bash Environment Variable Injection (Metasploit) 
OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'documentId' SQL Injection 
OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'jobRunId' SQL Injection 
phpCollab 2.5.1 - SQL Injection phpCollab 2.5.1 - Arbitrary File Upload 
NPM-V (Network Power Manager) 2.4.1 - Password Reset 
UCOPIA Wireless Appliance < 5.1.8 - Restricted Shell Escape 
UCOPIA Wireless Appliance < 5.1.8 - Privilege Escalation 
Dnsmasq < 2.78 - Integer Underflow 
Dnsmasq < 2.78 - Lack of free() Denial of Service 
Dnsmasq < 2.78 - Information Leak 
Dnsmasq < 2.78 - Stack-Based Overflow 
Dnsmasq < 2.78 - Heap-Based Overflow 
Dnsmasq < 2.78 - 2-byte Heap-Based Overflow 
Linux Kernel < 4.14.rc3 - Local Denial of Service 
2.10.2017Linux Kernel < 4.14.rc3 - Local Denial of Service 
Sync Breeze Enterprise 10.0.28 - Buffer Overflow 
HBGK DVR 3.0.0 build20161206 - Authentication Bypass 
ConverTo Video Downloader & Converter 1.4.1 - Arbitrary File Download 
Real Estate MLM plan script 1.0 - 'srch' Parameter SQL Injection 
PHP Multi Vendor Script 1.02 - 'sid' Parameter SQL Injection 
WordPress Plugin WPHRM - SQL Injection 
SmarterStats 11.3.6347 - Cross-Site Scripting 
29.9.2017FileRun <= 2017.09.18 - SQL Injection 
Trend Micro OfficeScan 11.0/XG (12.0) - Memory Corruption 
Easy Blog PHP Script 1.3a - 'id' Parameter SQL Injection 
Roteador Wireless Intelbras WRN150 - Autentication Bypass 
Trend Micro OfficeScan 11.0/XG (12.0) - 'Host' Header Injection 
Trend Micro OfficeScan 11.0/XG (12.0) - Server Side Request Forgery 
Trend Micro OfficeScan 11.0/XG (12.0) - Information Disclosure 
Trend Micro OfficeScan 11.0/XG (12.0) - Code Execution / Memory Corruption 
Trend Micro OfficeScan 11.0/XG (12.0) - Private Key Disclosure 
Roteador Wireless Intelbras WRN150 - Autentication Bypass 
Easy Blog PHP Script 1.3a - 'id' Parameter SQL Injection 
28.9.2017Cisco Prime Collaboration Provisioning < 12.1 - Authentication Bypass / Remote Code... 
LAquis SCADA 4.1.0.2385 - Directory Traversal (Metasploit) 
27.9.2017WordPress Plugin WPAMS - SQL Injection 
WordPress Plugin School Management System - SQL Injection 
WordPress Plugin Hospital Management System - SQL Injection 
WordPress Plugin WPGYM - SQL Injection 
WordPress Plugin WPCHURCH - SQL Injection 
AMC Master - Arbitrary File Upload 
SMSmaster - SQL Injection 
26.9.2017Oracle 9i XDB 9.2.0.1 - HTTP PASS Buffer Overflow 
Supervisor 3.0a1 - 3.3.2 - XML-RPC Authenticated Remote Code Execution (Metasploit) 
Disk Pulse Enterprise 10.0.12 - GET Buffer Overflow (SEH) 
NodeJS Debugger - Command Injection (Metasploit) 
FLIR Thermal Camera F/FC/PT/D - SSH Backdoor 
Sitefinity CMS 9.2 - Cross-Site Scripting 
FLIR Thermal Camera F/FC/PT/D - Stream Disclosure 
FLIR Thermal Camera FC-S/PT - Command Injection 
FLIR Thermal Camera F/FC/PT/D - Information Disclosure 
FLIR Thermal Camera PT-Series (PT-334 200562) - Root Remote Code Execution 
Linux/x86_64 - mkdir() 'evil' Shellcode (30 bytes) 
14.9.2017Jungo DriverWizard WinDriver <= 12.4.0 - Kernel Pool Overflow 
ICLowBidAuction 3.3 - SQL Injection 
ICMLM 2.1 - 'key' Parameter SQL Injection 
Mako Web Server 2.5 - Multiple Vulnerabilities 
13.9.2017Trend Micro Control Manager - ImportFile Directory Traversal RCE (Metasploit) 
ZScada Modbus Buffer 2.0 - Stack-Based Buffer Overflow (Metasploit) 
Viap Automation WinPLC7 5.0.45.5921 - Recv Buffer Overflow (Metasploit) 
Sielco Sistemi Winlog 2.07.16 - Buffer Overflow (Metasploit) 
Alienvault Open Source SIEM (OSSIM) < 4.8.0 - 'get_file' Information Disclosure... 
Motorola Netopia Netoctopus SDCS - Stack Buffer Overflow (Metasploit) 
Jungo DriverWizard WinDriver <= 12.4.0 - Kernel Pool Overflow 
WebKit JSC - 'BytecodeGenerator::emitGetByVal' Incorrect Optimization 
Mako Web Server 2.5 - Multiple Vulnerabilities 
ICLowBidAuction 3.3 - SQL Injection 
ICMLM 2.1 - 'key' Parameter SQL Injection 
ICHotelReservation 3.3 - 'key' Parameter SQL Injection 
ICAuction 2.2 - 'id' Parameter SQL Injection 
ICDoctor Appointment 1.3 - 'key' Parameter SQL Injection 
ICRestaurant software 1.4 - 'key' Parameter SQL Injection 
ICDutchAuction 1.2 - SQL Injection 
12.9.2017tcprewrite - Heap-Based Buffer Overflow 
PHP Dashboards NEW 4.4 - Arbitrary File Read 
PHP Dashboards NEW 4.4 - SQL Injection 
JobStar Monster Clone Script 1.0 - SQL Injection 
iTech Book Store Script 2.02 - SQL Injection 
Docker Daemon - Unprotected TCP Socket (Metasploit) 
Nimble Professional 1.0 - Cross-Site Request Forgery (Update Admin) 
FiberHome ADSL AN1020-25 - Improper Access Restrictions 
WiseGiga NAS - Multiple Vulnerabilities 
11.9.2017Linux/ARM (Raspberry Pi) - Reverse TCP Shell (192.168.0.12:4444/TCP) Shellcode (160... 
Linux/ARM (Raspberry Pi) - Bind TCP Shell (4444/TCP) Shellcode (192 bytes) 
Escort Marketplace 1.0 - SQL Injection 
Babysitter Website Script 1.0 - SQL Injection 
Job Board Software 1.0 - SQL Injection 
RPi Cam Control <= 6.3.14 - Multiple Vulnerabilities 
Just Dial Marketplace 1.0 - SQL Injection 
Online Print Business 1.0 - SQL Injection 
Professional Service Booking 1.0 - SQL Injection
8.9.2017EzBan 5.3 - 'id' Parameter SQL Injection 
EzInvoice 6.02 - SQL Injection 
Roteador Wireless Intelbras WRN150 - Cross-Site Scripting 
Huawei HG255s - Directory Traversal 
7.9.2017Apache Struts 2.5 - Remote Code Execution 
Ultimate HR System <= 1.2 - Directory Traversal / Cross-Site Scripting 
Gh0st Client - Buffer Overflow (Metasploit) 
Ultimate HR System <= 1.2 - Directory Traversal / Cross-Site Scripting 
Online Invoice System 3.0 - SQL Injection 
6.9.2017Cory Support - 'pr' Parameter SQL Injection 
Advertiz PHP Script 0.2 - Cross-Site Request Forgery (Update Admin) 
Pay Banner Text Link Ad 1.0.6.1 - Cross-Site Request Forgery (Update Admin) 
Pay Banner Text Link Ad 1.0.6.1 - SQL Injection 
Jungo DriverWizard WinDriver - Kernel Pool Overflow 
Jungo DriverWizard WinDriver - Kernel Out-of-Bounds Write Privilege Escalation 
Tor - Linux Sandbox Breakout via X11 
Mongoose Web Server 6.5 - Cross-Site Request Forgery / Remote Code Execution 
A2billing 2.x - Backup File Download / Remote Code Execution 
iGreeting Cards 1.0 - SQL Injection 
WordPress Plugin Participants Database < 1.7.5.10 - Cross-Site Scripting 
The Car Project 1.0 - SQL Injection 
5.9.2017FineCMS 1.0 - Multiple Vulnerabilities 
Lotus Notes Diagnostic Tool 8.5/9.0 - Privilege Escalation 
IBM Notes 8.5.x/9.0.x - Denial of Service (2) 
IBM Notes 8.5.x/9.0.x - Denial of Service 
Wireless Repeater BE126 - Remote Code Execution 
Symantec Messaging Gateway < 10.6.3-267 - Cross-Site Request Forgery 
Wireless Repeater BE126 - Remote Code Execution 
RubyGems < 2.6.13 - Arbitrary File Overwrite 
Dup Scout Enterprise 9.9.14 - 'Input Directory' Local Buffer Overflow
3.9.2017Motorola Bootloader - Kernel Cmdline Injection Secure Boot and Device Locking Bypass 
OpenJPEG - 'mqc.c' Heap-Based Buffer Overflow 
FineCMS 1.0 - Multiple Vulnerabilities 
IBM Notes 8.5.x/9.0.x - Denial of Service 
31.8.2017Git <= 2.7.5 - Command Injection (Metasploit) 
Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection 
Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.7 - SQL Injection 
Joomla! Component Quiz Deluxe 3.7.4 - SQL Injection 
Joomla! Component Joomanager 2.0.0 - Arbitrary File Download 
iBall Baton 150M Wireless Router - Authentication Bypass 
Invoice Manager 3.1 - Cross-Site Request Forgery (Add Admin) 
Linux/x86 - Fork Bomb Shellcode (9 bytes)
30.8.2017QNAP Transcode Server - Command Execution (Metasploit) 
NethServer 7.3.1611 - Cross-Site Request Forgery / Cross-Site Scripting 
NethServer 7.3.1611 - Cross-Site Request Forgery (Create User / Enable SSH Access) 
D-Link DIR-600 - Authentication Bypass 
Car or Cab Booking Script - Authentication Bypass 
PHP Appointment Booking Script - Authentication Bypass 
User Login and Management - Multiple Vulnerabilities 
PHP Video Battle Script 1.0 - SQL Injection 
Easy Vedio to PSP Converter 1.6.20 - Buffer Overflow (SEH) 
29.8.2017NethServer 7.3.1611 - Cross-Site Request Forgery / Cross-Site Scripting 
NethServer 7.3.1611 - Cross-Site Request Forgery (Create User / Enable SSH Access) 
D-Link DIR-600 - Authentication Bypass 
Car or Cab Booking Script - Authentication Bypass 
PHP Appointment Booking Script - Authentication Bypass 
User Login and Management - Multiple Vulnerabilities 
PHP Video Battle Script 1.0 - SQL Injection 
Easy Vedio to PSP Converter 1.6.20 - Buffer Overflow (SEH) 
28.8.2017Dup Scout Enterprise 9.9.14 - Buffer Overflow (SEH) 
Disk Savvy Enterprise 9.9.14 - Buffer Overflow (SEH) 
Sync Breeze Enterprise 9.9.16 - Buffer Overflow (SEH) 
Disk Pulse Enterprise 9.9.16 - Buffer Overflow (SEH) 
Joomla! Component Photo Contest 1.0.2 - SQL Injection 
Joomla! Component OSDownloads 1.7.4 - SQL Injection 
AutoCar 1.1 - 'category' Parameter SQL Injection 
Joomla! Component Responsive Portfolio 1.6.1 - SQL Injection 
Matrimonial Script 2.7 - Authentication bypass 
Smart Chat 1.0.0 - SQL Injection 
FTP Made Easy PRO 1.2 - SQL Injection 
Easy RM RMVB to DVD Burner 1.8.11 - Buffer Overflow (SEH) 
Easy DVD Creator 2.5.11 - Buffer Overflow (SEH) 
Easy WMV/ASF/ASX to DVD Burner 2.3.11 - Buffer Overflow (SEH) 
27.8.2017Apple iOS <= 10.3.1 - Kernel Exploit 
25.8.2017Joomla! Component Bargain Product VM3 1.0 - 'product_id' Parameter SQL Injection 
Joomla! Component Price Alert 3.0.2 - 'product_id' Parameter SQL Injection 
Joomla! Component MasterForms 1.0.3 - SQL Injection 
Easy Video to iPod/MP4/PSP/3GP Converter 1.5.20 - Buffer Overflow (SEH) 
MP3 WAV to CD Burner 1.4.24 - Buffer Overflow (SEH) 
My Video Converter 1.5.24 - Buffer Overflow (SEH) 
Easy AVI DivX Converter 1.2.24 - Buffer Overflow (SEH) 
24.8.2017Matrimonial Script - SQL Injection 
Automated Logic WebCTRL 6.5 - Unrestricted File Upload / Remote Code Execution 
Automated Logic WebCTRL 6.1 - Path Traversal / Arbitrary File Write 
Automated Logic WebCTRL 6.5 - Local Privilege Escalation 
libgig 4.0.0 - LinuxSampler Multiple Vulnerabilities 
23.8.2017IBM OpenAdmin Tool - SOAP welcomeServer PHP Code Execution (Metasploit) 
Matrimonial Script - SQL Injection 
Automated Logic WebCTRL 6.5 - Unrestricted File Upload / Remote Code Execution 
Automated Logic WebCTRL 6.1 - Path Traversal / Arbitrary File Write 
VX Search Enterprise 9.9.12 - 'Import Command' Buffer Overflow 
Microsoft Windows - Escalate UAC Protection Bypass (Via COM Handler Hijack)... 
Disk Pulse Enterprise 9.9.16 - 'Import Command' Buffer Overflow 
Disk Savvy Enterprise 9.9.14 - 'Import Command' Buffer Overflow 
22.8.2017Easy DVD Creater 2.5.11 - Buffer Overflow (SEH) 
Apache2Triad 1.5.4 - Multiple Vulnerabilities 
Joomla! Component Flip Wall 8.0 - 'wallid' Parameter SQL Injection 
Joomla! Component Sponsor Wall 8.0 - SQL Injection 
PHP Classifieds Script 5.6.2 - SQL Injection 
Affiliate Niche Script 3.4.0 - SQL Injection 
PHP Coupon Script 6.0 - 'cid' Parameter SQL Injection 
iTech Social Networking Script 3.08 - SQL Injection 
VX Search Enterprise 9.9.12 - 'Import Command' Buffer Overflow 
Disk Pulse Enterprise 9.9.16 - 'Import Command' Buffer Overflow 
Disk Savvy Enterprise 9.9.14 - 'Import Command' Buffer Overflow 
Linux/x86_64 - Fork Bomb Shellcode (11 bytes) 
Linux/x86_64 - kill All Processes Shellcode (19 bytes) 
21.8.2017Apache2Triad 1.5.4 - Multiple Vulnerabilities 
Joomla! Component Flip Wall 8.0 - 'wallid' Parameter SQL Injection 
Joomla! Component Sponsor Wall 8.0 - SQL Injection 
PHP Classifieds Script 5.6.2 - SQL Injection 
Easy DVD Creater 2.5.11 - Buffer Overflow (SEH) 
Linux/x86_64 - kill All Processes Shellcode (19 bytes) 
Linux/x86_64 - Fork Bomb Shellcode (11 bytes) 
20.8.2017Symantec Messaging Gateway 10.6.3-2 - Unauthenticated root Remote Command Execution 
Symantec Messaging Gateway 10.6.3-2 - Unauthenticated root Remote Command Execution 
Symantec Messaging Gateway 10.6.3-2 - Unauthenticated root Remote Command Execution 
Symantec Messaging Gateway 10.6.3-2 - Unauthenticated root Remote Command Execution 
Symantec Messaging Gateway 10.6.3-2 - Unauthenticated root Remote Command Execution 
18.8.2017MyDoomScanner 1.00 - Local Buffer Overflow (PoC) 
Microsoft Edge Chakra - 'PreVisitCatch' Missing Call 
Microsoft Edge Chakra - 'chakra!Js::GlobalObject' Integer overflow 
Microsoft Edge Chakra - Buffer Overflow 
Microsoft Edge Chakra - NULL Pointer Dereference 
Microsoft Edge Chakra - Heap Buffer Overflow 
Microsoft Edge Chakra - 'InterpreterStackFrame::ProcessLinkFailedAsmJsModule'... 
Microsoft Edge Chakra - Incorrect Usage of 'PushPopFrameHelper' in... 
Microsoft Edge Chakra - Incorrect Usage of 'TryUndeleteProperty' 
Microsoft Edge Chakra - 'EmitAssignment' uses the 'this' Register Without Initializing 
Microsoft Edge Chakra - Incorrect JIT Optimization with TypedArray Setter #2 
Microsoft Edge Chakra - 'JavascriptArray::ConcatArgs' Type Confusion 
Microsoft Edge Chakra - 'JavascriptFunction::EntryCall' Fails to Handle 'CallInfo'... 
Microsoft Edge Chakra - Uninitialized Arguments (1) 
Microsoft Edge Chakra - Uninitialized Arguments (2) 
Microsoft Edge Chakra - 'EmitNew' Integer Overflow 
Microsoft Edge 40.15063.0.0 Chakra - Incorrect JIT Optimization with TypedArray Setter #3 
Adobe Flash - Invoke Accesses Trait Out-of-Bounds 
Microsoft Edge - Out-of-Bounds Access when Fetching Source 
MyDoomScanner 1.00 - Local Buffer Overflow (PoC) 
Mozilla Firefox < 45.0 - 'nsHtml5TreeBuilder' Use-After-Free (EMET 5.52 Bypass) 
Food Ordering Script 1.0 - SQL Injection 
Online Quiz Project 1.0 - SQL Injection 
Photogallery Project 1.0 - SQL Injection 
Doctor Patient Project 1.0 - SQL Injection 
16.8.2017Microsoft Edge 38.14393.1066.0 -... 
15.8.2017Quali CloudShell 7.1.0.6508 (Patch 6) - Persistent Cross-Site Scripting 
Xamarin Studio for Mac 6.2.1 (build 3)/6.3 (build 863) - Privilege Escalation 
Tomabo MP4 Converter 3.19.15 - Denial of Service 
ClipBucket 2.8.3 - Multiple Vulnerabilities 
14.8.2017RealTime RWR-3G-100 Router - Cross-Site Request Forgery (Change Admin Password)
13.8.2017DeWorkshop 1.0 - SQL Injection 
De-Journal 1.0 - SQL Injection 
De-Tutor 1.0 - SQL Injection 
11.8.2017Microsoft Edge 38.14393.1066.0 - 'textarea.defaultValue' Memory Disclosure 
GIF Collection 2.0 - SQL Injection 
ImageBay 1.0 - SQL Injection 
WebFile Explorer 1.0 - Arbitrary File Download 
10.8.2017DALIM SOFTWARE ES Core 5.0 build 7184.1 - User Enumeration 
DALIM SOFTWARE ES Core 5.0 build 7184.1 - Cross-Site Scripting / Cross-Site Request 
DALIM SOFTWARE ES Core 5.0 build 7184.1 - Directory Traversal 
DALIM SOFTWARE ES Core 5.0 build 7184.1 - Server-Side Request Forgery 
WebFile Explorer 1.0 - Arbitrary File Download 
9.8.2017Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098) (2) 
Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation... 
 
8.8.2017WordPress Plugin Easy Modal 2.0.17 - SQL Injection 
Microsoft Windows 7 SP1 x86 - GDI Palette Objects Local Privilege Escalation... 
Synology Photo Station 6.7.3-3432 / 6.3-2967 - Remote Code Execution 
WildMIDI 0.4.2 - Multiple Vulnerabilities 
6.8.2017Microsoft Windows - LNK Shortcut File Code Execution 
Linux x86 - /bin/sh Shellcode (24 bytes) 
3.8.2017Solarwinds Kiwi Syslog 9.6.1.6 - Denial of Service 
Premium Servers List Tracker 1.0 - SQL Injection 
EDUMOD Pro 1.3 - SQL Injection 
Muviko 1.0 - 'q' Parameter SQL Injection 
VirtualBox 5.1.22 - Windows Process DLL Signature Bypass Privilege Escalation 
VirtualBox 5.1.22 - Windows Process DLL UNC Path Signature Bypass Privilege... 
2.8.2017iOS/macOS - xpc_data Objects Sandbox Escape Privelege Escalation 
SOL.Connect ISET-mpp meter 1.2.4.2 - SQL Injection 
Entrepreneur B2B Script - 'pid' Parameter SQL Injection 
Joomla! Component SIMGenealogy 2.1.5 - SQL Injection 
Joomla! Component PHP-Bridge 1.2.3 - SQL Injection 
Joomla! Component LMS King Professional 3.2.4.0 - SQL Injection 
Joomla! Component Event Registration Pro Calendar 4.1.3 - SQL Injection 
Joomla! Component Ultimate Property Listing 1.0.2 - SQL Injection 
Advantech SUSIAccess <= 3.0 - Directory Traversal / Information Disclosure... 
1.8.2017Advantech SUSIAccess <= 3.0 - Directory Traversal / Information Disclosure... 
Advantech SUSIAccess <= 3.0 - 'RecoveryMgmt' File Upload 
DivFix++ 0.34 - Denial of Service 
Vorbis Tools oggenc 1.4.0 - '.wav' Denial of Service 
Sound eXchange (SoX) 14.4.2 - Multiple Vulnerabilities 
libvorbis 1.3.5 - Multiple Vulnerabilities 
libao 1.2.0 - Denial of Service 
31.7.2017VehicleWorkshop - SQL Injection 
Jenkins < 1.650 - Java Deserialization 
DiskBoss Enterprise 8.2.14 - Buffer Overflow 
VehicleWorkshop - SQL Injection 
30.7.2017Joomla! Component CCNewsLetter 2.1.9 - 'sbid' Parameter SQL Injection 
FortiOS < 5.6.0 - Cross-Site Scripting 
SoundTouch 1.9.2 - Multiple Vulnerabilities 
LAME 3.99.5 - Multiple Vulnerabilities 
libjpeg-turbo 1.5.1 - Denial of Service 
28.7.2017Friends in War Make or Break 1.7 - Cross-Site Request Forgery (Change Admin... 
MediaCoder 0.8.48.5888 - Local Buffer Overflow (SEH) 
AudioCoder 0.8.46 - Local Buffer Overflow (SEH) 
27.7.2017Friends in War Make or Break 1.7 - Authentication Bypass 
Friends in War Make or Break 1.7 - SQL Injection 
Microsoft Windows - LNK Shortcut File Code Execution (Metasploit) 
26.7.2017WebKit JSC - 'JSObject::putInlineSlow and JSValue::putToPrimitive' Universal... 
WebKit JSC - 'DFG::ByteCodeParser::flush(InlineStackEntry* inlineStackEntry)'... 
WebKit JSC - 'arrayProtoFuncSplice' Uninitialized Memory Reference 
WebKit JSC - 'JSArray::appendMemcpy' Uninitialized Memory Copy 
WebKit JSC - 'ArgumentsEliminationPhase::transform' Incorrect LoadVarargs Handling 
WebKit JSC - 'ObjectPatternNode::appendEntry' Stack Use-After-Free 
25.7.2017Microsoft Internet Explorer - 'mshtml.dll' Remote Code Execution (MS17-007) 
IPFire < 2.19 Update Core 110 - Remote Code Execution (Metasploit) 
VICIdial 2.9 RC 1 to 2.13 RC1 - user_authorization Unauthenticated Command... 
ManageEngine Desktop Central 10 Build 100087 - Remote Code Execution (Metasploit) 
PaulShop - SQL Injection / Cross-Site Scripting 
REDDOXX Appliance Build 2032 / 2.0.625 - Remote Command Execution 
REDDOXX Appliance Build 2032 / 2.0.625 - Arbitrary File Disclosure 
MAWK 1.3.3-17 - Local Buffer Overflow 
Razer Synapse 2.20.15.1104 - rzpnk.sys ZwOpenProcess (Metasploit) 
WebKit - 'WebCore::AccessibilityNodeObject::textUnderElement' Use-After-Free 
WebKit - 'WebCore::AccessibilityRenderObject::handleAriaExpandedChanged' Use-After-Free 
WebKit - 'WebCore::Node::nextSibling' Use-After-Free 
WebKit - 'WebCore::RenderSearchField::addSearchResult' Heap Buffer Overflow 
WebKit - 'WebCore::InputType::element' Use-After-Free 
WebKit - 'WebCore::RenderObject' with Accessibility Enabled Use-After-Free 
WebKit - 'WebCore::Node::getFlag' Use-After-Free