Exploit -

Úvod  Remote   Web App  Local&Privilege Escalation  DoS & PoC  ShellCode  Exploit  Exploit prog.  Ex. Techniky  Exp. kit  Typy Exploitù  Exploit Articles 

 

24.4.19 VirtualBox 6.0.4 r128413 - COM RPC Interface Code Injection Host Privilege Escalation

23.4.19

Linux - 'page->_refcount' Overflow via FUSE

Linux - Missing Locking in Siemens R3964 Line Discipline Race Condition

systemd - Lack of Seat Verification in PAM Module Permits Spoofing Active Session to polkit

Ross Video DashBoard 8.5.1 - Insecure Permissions

22.4.19

UliCMS 2019.2 / 2019.1 - Multiple Cross-Site Scripting

ManageEngine Applications Manager 14.0 - Authentication Bypass / Remote Command Execution (Metasploit)

Msvod 10 - Cross-Site Request Forgery (Change User Information)

74CMS 5.0.1 - Cross-Site Request Forgery (Add New Admin User)

LabF nfsAxe 3.7 Ping Client - 'Host IP' Buffer Overflow (Direct Ret)

Google Chrome 73.0.3683.103 V8 JavaScript Engine - Out-of-Memory in Invalid Table Size Denial of Service (PoC)

WordPress Plugin Contact Form Builder 1.0.67 - Cross-Site Request Forgery / Local File Inclusion

QNAP myQNAPcloud Connect 1.3.4.0317 - 'Username/Password' Denial of Service

Ease Audio Converter 5.30 - '.mp4' Denial of Service (PoC)

20.4.19

Atlassian Confluence Widget Connector Macro - Velocity Template Injection (Metasploit)

SystemTap 1.3 - MODPROBE_OPTIONS Privilege Escalation (Metasploit)

Oracle Business Intelligence / XML Publisher 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - XML External Entity Injection

Oracle Business Intelligence 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - Directory Traversal

19.4.19

Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in GlyphIterator::setCurrGlyphID

Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in sc_FindExtrema4

LibreOffice < 6.0.7 / 6.1.3 - Macro Code Execution (Metasploit)

Netwide Assembler (NASM) 2.14rc15 - NULL Pointer Dereference (PoC)

ManageEngine Applications Manager 11.0 < 14.0 - SQL Injection / Remote Code Execution (Metasploit)

Evernote 7.9 - Code Execution via Path Traversal

18.4.19

DHCP Server 2.5.2 - Denial of Service (PoC)

ASUS HG100 - Denial of Service

MailCarrier 2.51 - POP3 'RETR' SEH Buffer Overflow

17.4.19

Microsoft Windows 10 1809 - LUAFV PostLuafvPostReadWrite SECTION_OBJECT_POINTERS Race Condition Privilege Escalation

Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cache Manager Poisoning Privilege Escalation

Microsoft Windows 10 1809 - LUAFV NtSetCachedSigningLevel Device Guard Bypass

Microsoft Windows 10 1809 - LUAFV LuafvCopyShortName Arbitrary Short Name Privilege Escalation

Microsoft Windows 10 1809 - LUAFV Delayed Virtualization Cross Process Handle Duplication Privilege Escalation

Microsoft Windows 10 1809 - LUAFV Delayed Virtualization MAXIMUM_ACCESS DesiredAccess Privilege Escalation

Microsoft Windows 10 1809 / 1709 - CSRSS SxSSrv Cached Manifest Privilege Escalation

AdminExpress 1.2.5 - 'Folder Path' Denial of Service (PoC)

Joomla Core 1.5.0 - 3.9.4 - Directory Traversal / Authenticated Arbitrary File Deletion

PCHelpWare V2 1.0.0.5 - 'Group' Denial of Service (PoC)

PCHelpWare V2 1.0.0.5 - 'SC' Denial of Service (PoC)

Zoho ManageEngine ADManager Plus 6.6 (Build < 6659) - Privilege Escalation

Zyxel ZyWall 310 / ZyWall 110 / USG1900 / ATP500 / USG40 - Login Page Cross-Site Scripting

16.4.19

Cisco RV130W Routers - Management Interface Remote Command Execution (Metasploit)

UltraVNC Launcher 1.2.2.4 - 'Path' Denial of Service (PoC)

UltraVNC Viewer 1.2.2.4 - 'VNC Server' Denial of Service (PoC)

MailCarrier 2.51 - POP3 'TOP' SEH Buffer Overflow

MailCarrier 2.51 - POP3 'LIST' SEH Buffer Overflow

MailCarrier 2.51 - POP3 'USER' Buffer Overflow

CuteNews 2.1.2 - 'avatar' Remote Code Execution (Metasploit)

RemoteMouse 3.008 - Arbitrary Remote Command Execution

MailCarrier 2.51 - 'RCPT TO' Buffer Overflow

DirectAdmin 1.561 - Multiple Vulnerabilities

13.4.19

Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)

Microsoft Windows - Contact File Format Arbitary Code Execution (Metasploit)

ATutor < 2.2.4 - 'file_manager' Remote Code Execution (Metasploit)

Microsoft Internet Explorer 11 - XML External Entity Injection

CyberArk EPM 10.2.1.603 - Security Restrictions Bypass

12.4.19 D-Link DI-524 V2.06RU - Multiple Cross-Site Scripting

10.4.19

FTPShell Server 6.83 - 'Virtual Path Mapping' Local Buffer

FTPShell Server 6.83 - 'Account name to ban' Local Buffer

Dell KACE Systems Management Appliance (K1000) 6.4.120756 - Unauthenticated Remote Code Execution

Microsoft Windows - AppX Deployment Service Privilege Escalation

Apache Axis 1.4 - Remote Code Execution

9.4.19

PHP 7.2 - 'imagecolormatch()' Out of Band Heap Write

Ashop Shopping Cart Software - 'bannedcustomers.php?blacklistitemid' SQL Injection

TP-LINK TL-WR940N / TL-WR941ND - Buffer Overflow

8.4.19

Apache 2.4.17 < 2.4.38 - 'apache2ctl graceful' 'logrotate' Local Privilege Escalation

QNAP Netatalk < 3.1.12 - Authentication Bypass

ManageEngine ServiceDesk Plus 9.3 - User Enumeration

Download Accelerator Plus (DAP) 10.0.6.0 - SEH Buffer Overflow

WordPress Plugin Limit Login Attempts Reloaded 2.7.4 - Login Limit Bypass

Tradebox CryptoCurrency - 'symbol' SQL Injection

River Past Cam Do 3.7.6 - 'Activation Code' Local Buffer Overflow

CentOS Web Panel 0.9.8.793 (Free) / 0.9.8.753 (Pro) - Cross-Site Scripting

AllPlayer 7.4 - SEH Buffer Overflow (Unicode)

SaLICru -SLC-20-cube3(5) - HTML Injection

ShoreTel Connect ONSITE < 19.49.1500.0 - Multiple Vulnerabilities

FlexHEX 2.71 - SEH Buffer Overflow (Unicode)

Bolt CMS 3.6.6 - Cross-Site Request Forgery / Remote Code Execution

Jobgator - 'experience' SQL Injection

5.4.19

FreeSMS 2.1.2 - SQL Injection (Authentication Bypass)

AIDA64 Engineer 5.99.4900 - 'Load from file' Field Buffer Overflow (SEH)

Magic ISO Maker 5.5(build 281) - 'Serial Code' Denial of Service (PoC)

Cisco RV320 and RV325 - Unauthenticated Remote Code Execution (Metasploit)

Google Chrome 72.0.3626.96 / 74.0.3702.0 - 'JSPromise::TriggerPromiseReactions' Type Confusion

Google Chrome 73.0.3683.39 / Chromium 74.0.3712.0 - 'ReadableStream' Internal Object Leak Type Confusion

Google Chrome 72.0.3626.81 - 'V8TrustedTypePolicyOptions::ToImpl' Type Confusion

WebKitGTK+ - 'ThreadedCompositor' Race Condition

WebKit JavaScriptCore - CodeBlock Dangling Watchpoints Use-After-Free

WebKit JavaScriptCore - Out-Of-Bounds Access in FTL JIT due to LICM Moving Array Access Before the Bounds Check

iOS < 12.2 / macOS < 10.14.4 XNU - pidversion Increment During execve is Unsafe

WebKit JavaScriptCore - 'createRegExpMatchesArray' Type Confusion

SpiderMonkey - IonMonkey Compiled Code Fails to Update Inferred Property Types (Type Confusion)

PhreeBooks ERP 5.2.3 - Remote Command Execution

PhreeBooks ERP 5.2.3 - Arbitrary File Upload

Ashop Shopping Cart Software - SQL Injection

Clinic Pro v4 - 'month' SQL Injection

TeemIp IPAM < 2.4.0 - 'new_config' Command Injection (Metasploit)

4.4.19

PhreeBooks ERP 5.2.3 - Arbitrary File Upload

Ashop Shopping Cart Software - SQL Injection

Clinic Pro v4 - 'month' SQL Injection

TeemIp IPAM < 2.4.0 - 'new_config' Command Injection (Metasploit)

iScripts ReserveLogic - SQL Injection

AIDA64 Business 5.99.4900 - SEH Buffer Overflow (EggHunter)

3.4.19

phpFileManager 1.7.8 - Local File Inclusion

Fiverr Clone Script 1.2.2 - SQL Injection / Cross-Site Scripting

AIDA64 Extreme Edition 5.99.4800 - Local SEH Buffer Overflow

CMS Made Simple < 2.2.10 - SQL Injection

LimeSurvey < 3.16 - Remote Code Execution

JioFi 4G M2S 1.0.2 - Cross-Site Request Forgery

WordPress Plugin PayPal Checkout Payment Gateway 1.6.8 - Parameter Tampering

Inout RealEstate - 'city' SQL Injection

Inout EasyRooms - SQL Injection

30.3.19

CentOS Web Panel 0.9.8.789 - NameServer Field Persistent Cross-Site Scripting

Oracle Weblogic Server Deserialization RCE - Raw Object (Metasploit)

CMS Made Simple (CMSMS) Showtime2 - File Upload RCE (Metasploit)

gnutls 3.6.6 - 'verify_crt()' Use-After-Free

29.3.19

Base64 Decoder 1.1.2 - Local Buffer Overflow (SEH Egghunter)

Jettweb PHP Hazır Rent A Car Sitesi Scripti V2 - 'arac_kategori_id' SQL Injection

BigTree 4.3.4 CMS - Multiple SQL Injection

Job Portal 3.1 - 'job_submit' SQL Injection

Microsoft Visio 2016 16.0.4738.1000 - 'Log in accounts' Denial of Service

i-doit 1.12 - 'qr.php' Cross-Site Scripting

WordPress Plugin Loco Translate 2.2.1 - Local File Inclusion

WordPress Plugin Anti-Malware Security and Brute-Force Firewall 4.18.63 - Local File Inclusion

Fat Free CRM 0.19.0 - HTML Injection

Airbnb Clone Script - Multiple SQL Injection

Thomson Reuters Concourse & Firm Central < 2.13.0097 - Directory Traversal / Local File Inclusion

27.3.19

Jettweb Hazır Rent A Car Scripti V4 - SQL Injection

Microsoft Windows 7/2008 - 'Win32k' Denial of Service (PoC)

Spidermonkey - IonMonkey Type Inference is Incorrect for Constructors Entered via OSR

SJS Simple Job Script - SQL Injection / Cross-Site Scripting

Titan FTP Server Version 2019 Build 3505 - Directory Traversal / Local File Inclusion

XooDigital - 'p' SQL Injection

XooGallery - Multiple SQL Injection

Rukovoditel ERP & CRM 2.4.1 - 'path' Cross-Site Scripting

Jettweb Php Hazır İlan Sitesi Scripti V2 - SQL Injection

27.3.19

VMware Workstation 14.1.5 / VMware Player 15 - Host VMX Process COM Class Hijack Privilege Escalation

VMware Workstation 14.1.5 / VMware Player 15.0.2 - Host VMX Process Impersonation Hijack Privilege Escalation

Zeeways Matrimony CMS - SQL Injection

Zeeways Jobsite CMS - 'id' SQL Injection

Jettweb PHP Hazır Haber Sitesi Scripti V3 - SQL Injection

Jettweb PHP Hazır Haber Sitesi Scripti V2 - SQL Injection (Authentication Bypass)

Jettweb PHP Hazır Haber Sitesi Scripti V1 - SQL Injection

X-NetStat Pro 5.63 - Local Buffer Overflow

Apache CouchDB 2.3.1 - Cross-Site Request Forgery / Cross-Site Scripting

24.3.19

snap - seccomp BBlacklist for TIOCSTI can be Circumvented

Inout Article Base CMS - SQL Injection

22.3.19

Meeplace Business Review Script - 'id' SQL Injection

Matri4Web Matrimony Website Script - Multiple SQL Injection

21.3.19

Bootstrapy CMS - Multiple SQL Injection

Canarytokens 2019-03-01 - Detection Bypass

Placeto CMS Alpha v4 - 'page' SQL Injection

uHotelBooking System - 'system_page' SQL Injection

The Company Business Website CMS - Multiple Vulnerabilities

Rails 5.2.1 - Arbitrary File Content Disclosure

DVD X Player 5.5.3 - '.plf' Buffer Overflow

Netartmedia Vlog System - 'email' SQL Injection

21.3.19

PLC Wireless Router GPN2.4P21-C-CN - Cross-Site Request Forgery

PLC Wireless Router GPN2.4P21-C-CN - Incorrect Access Control

202CMS v10beta - Multiple SQL Injection

NetShareWatcher 1.5.8.0 - Local SEH Buffer Overflow

Netartmedia PHP Business Directory 4.2 - SQL Injection

Netartmedia PHP Dating Site - SQL Injection

Netartmedia Jobs Portal 6.1 - SQL Injection

Netartmedia PHP Real Estate Agency 4.0 - SQL Injection

Netartmedia PHP Car Dealer - SQL Injection

19.3.19

Microsoft Edge - Flash click2play Bypass with CObjectElement::FinalCreateObject

Microsoft VBScript - VbsErase Memory Corruption

Microsoft Internet Explorer 11 - VBScript Execution Policy Bypass in MSHTML

Google Chrome < M73 - FileSystemOperationRunner Use-After-Free

Google Chrome < M73 - MidiManagerWin Use-After-Free

Google Chrome < M73 - Data Race in ExtensionsGuestViewMessageFilter

Google Chrome < M73 - Double-Destruction Race in StoragePartitionService

Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming RCE (Metasploit)

libseccomp < 2.4.0 - Incorrect Compilation of Arithmetic Comparisons

Netartmedia Real Estate Portal 5.0 - SQL Injection

Netartmedia PHP Mall 4.1 - SQL Injection

Advanced Host Monitor 11.92 beta - Local Buffer Overflow

Netartmedia Event Portal 2.0 - 'Email' SQL Injection

eNdonesia Portal 8.7 - Multiple Vulnerabilities

MyBB Upcoming Events Plugin 1.32 - Cross-Site Scripting

Gila CMS 1.9.1 - Cross-Site Scripting

18.3.19

BMC Patrol Agent - Privilege Escalation Cmd Execution (Metasploit)

TheCarProject v2 - Multiple SQL Injection

WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 - Denial of Service

WinMPG Video Convert 9.3.5 - Denial of Service

17.3.19

WinRAR 5.61 - Path Traversal

15.3.19

Apache UNO / LibreOffice Version: 6.1.2 / OpenOffice 4.1.6 API - Remote Code Execution

FTPGetter Standard 5.97.0.177 - Remote Code Execution

Pegasus CMS 1.0 - 'extra_fields.php' Plugin Remote Code Execution

Intel Modular Server System 10.18 - Cross-Site Request Forgery (Change Admin Password)

Moodle 3.4.1 - Remote Code Execution

Laundry CMS - Multiple Vulnerabilities

Vembu Storegrid Web Interface 4.4.0 - Multiple Vulnerabilities

ICE HRM 23.0 - Multiple Vulnerabilities

Mail Carrier 2.5.1 - 'MAIL FROM' Buffer Overflow

CMS Made Simple Showtime2 Module 3.6.2 - Authenticated Arbitrary File Upload

NetData 1.13.0 - HTML Injection

14.3.19

Microsoft Windows - .reg File / Dialog Box Message Spoofing

Microsoft Windows MSHTML Engine - "Edit" Remote Code Execution

Apache Tika-server < 1.18 - Command Injection

Core FTP Server FTP / SFTP Server v2 Build 674 - 'MDTM' Directory Traversal

Core FTP Server FTP / SFTP Server v2 Build 674 - 'SIZE' Directory Traversal

WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion

pfSense 2.4.4-p1 (HAProxy Package 0.59_14) - Persistent Cross-Site Scripting

elFinder PHP Connector < 2.1.48 - exiftran Command Injection (Metasploit)

13.3.19

Core FTP 2.0 build 653 - 'PBSZ' Denial of Service (PoC)

PilusCart 1.4.1 - Cross-Site Request Forgery (Add Admin)

12.3.19

OpenKM 6.3.2 < 6.3.7 - Remote Command Execution (Metasploit)

Liferay CE Portal < 7.1.2 ga3 - Remote Command Execution (Metasploit)

NetSetMan 4.7.1 - Local Buffer Overflow (SEH Unicode)

Linux Kernel 4.4 (Ubuntu 16.04) - 'snd_timer_user_ccallback()' Kernel Pointer Leak

Flexpaper PHP Publish Service 2.3.6 - Remote Code Execution

PRTG Network Monitor 18.2.38 - Authenticated Remote Code Execution

11.3.19

DirectAdmin 1.55 - 'CMD_ACCOUNT_ADMIN' Cross-Site Request Forgery

McAfee ePO 5.9.1 - Registered Executable Local Access Bypass

OrientDB 3.0.17 GA Community Edition - Cross-Site Request Forgery / Cross-Site Scripting

8.3.19

Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit)

Imperva SecureSphere 13.x - 'PWS' Command Injection (Metasploit)

FreeBSD - Intel SYSRET Privilege Escalation (Metasploit)

Anyburn 4.3 x86 - 'Copy disc to image file' Buffer Overflow (Unicode) (SEH)

QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)

Kados R10 GreenBee - Multiple SQL Injection

6.3.19

Android - getpidcon() Usage in Hardware binder ServiceManager Permits ACL Bypass

Android - binder Use-After-Free via racy Initialization of ->allow_user_free

Linux < 4.20.14 - Virtual Address 0 is Mappable via Privileged write() to /proc/*/mem

5.3.19

Microsoft Edge Chakra 1.11.4 - Read Permission via Type Confusion

Fiberhome AN5506-04-F RP2669 - Persistent Cross-Site Scripting

WordPress Plugin Cerber Security, Antispam & Malware Scan 8.0 - Multiple Bypass Vulnerabilities

Craft CMS 3.1.12 Pro - Cross-Site Scripting

Bolt CMS 3.6.4 - Cross-Site Scripting

MarcomCentral FusionPro VDP Creator < 10.0 - Directory Traversal

Raisecom XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 - Remote Code Execution

zzzphp CMS 1.6.1 - Cross-Site Request Forgery

Splunk Enterprise 7.2.4 - Custom App RCE (Persistent Backdoor - Custom Binary Payload)

Booked Scheduler 2.7.5 - Remote Command Execution (Metasploit)

FileZilla 3.40.0 - 'Local search' / 'Local site' Denial of Service (PoC)

OOP CMS BLOG 1.0 - Multiple Cross-Site Request Forgery

OOP CMS BLOG 1.0 - Multiple SQL Injection

elFinder 2.1.47 - Command Injection vulnerability in the PHP connector

CMSsite 1.0 - Multiple Cross-Site Request Forgery

4.3.19 Cisco WebEx Meetings < 33.6.6 / < 33.9.1 - Privilege Escalation

1.3.19

macOS XNU - Copy-on-Write Behavior Bypass via Mount of User-Owned Filesystem Image

Linux < 4.14.103 / < 4.19.25 - Out-of-Bounds Read and Write in SNMP NAT Module

tcpdump < 4.9.3 - Multiple Heap-Based Out-of-Bounds Reads

Google Chrome < M72 - FileWriterImpl Use-After-Free

Google Chrome < M72 - Use-After-Free in RenderProcessHostImpl Binding for P2PSocketDispatcherHost

Google Chrome < M72 - RenderFrameHostImpl::CreateMediaStreamDispatcherHost Use-After-Free

Google Chrome < M72 - PaymentRequest Service Use-After-Free

28.2.19

Feng Office 3.7.0.5 - Remote Command Execution (Metasploit)

TransMac 12.3 - Denial of Service (PoC)

Usermin 1.750 - Remote Command Execution (Metasploit)

Joomla! Component J2Store < 3.3.7 - SQL Injection

Joomla! Component J2Store < 3.3.7 - SQL Injection

FTP Server 1.32 - Denial of Service

Simple Online Hotel Reservation System - Cross-Site Request Forgery (Delete Admin)

Simple Online Hotel Reservation System - Cross-Site Request Forgery (Add Admin)

Simple Online Hotel Reservation System - SQL Injection

26.2.19

Drupal < 8.6.9 - REST Module Remote Code Execution

Xlight FTP Server 3.9.1 - Buffer Overflow (PoC)

Advance Gift Shop Pro Script 2.0.3 - SQL Injection

News Website Script 2.0.5 - SQL Injection

PHP Ecommerce Script 2.0.6 - Cross-Site Scripting / SQL Injection

Jenkins Plugin Script Security 1.49/Declarative 1.3.4/Groovy 2.60 - Remote Code Execution

24.2.19

Drupal < 8.6.10 / < 8.5.11 - REST Module Remote Code Execution

Teracue ENC-400 - Command Injection / Missing Authentication

Micro Focus Filr 3.4.0.217 - Path Traversal / Local Privilege Escalation

Nuuo Central Management - Authenticated SQL Server SQL Injection (Metasploit)

WebKit JSC - reifyStaticProperty Needs to set the PropertyAttribute::CustomAccessor flag for CustomGetterSetter

22.2.19

Quest NetVault Backup Server < 11.4.5 - Process Manager Service SQL Injection / Remote Code Execution

AirDrop 2.0 - Denial of Service (DoS)

MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT Bypass

ScreenStream 3.0.15 - Denial of Service

Virtual VCR Max .0a - '.vcr' Buffer Overflow (PoC)

RealTerm Serial Terminal 2.0.0.70 - 'Echo Port' Buffer Overflow (SEH)

EI-Tube 3 - SQL Injection

Valentina Studio 9.0.5 Linux - 'Host' Buffer Overflow (PoC)

C4G Basic Laboratory Information System (BLIS) 3.4 - SQL Injection

Memu Play 6.0.7 - Privilege Escalation

21.2.19

AirDrop 2.0 - Denial of Service (DoS)

MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT Bypass

ScreenStream 3.0.15 - Denial of Service

Virtual VCR Max .0a - '.vcr' Buffer Overflow (PoC)

RealTerm Serial Terminal 2.0.0.70 - 'Echo Port' Buffer Overflow (SEH)

EI-Tube 3 - SQL Injection

Valentina Studio 9.0.5 Linux - 'Host' Buffer Overflow (PoC)

C4G Basic Laboratory Information System (BLIS) 3.4 - SQL Injection

Memu Play 6.0.7 - Privilege Escalation

20.2.19

Belkin Wemo UPnP - Remote Code Execution (Metasploit)

MatrixSSL < 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates

Android Kernel < 4.8 - ptrace seccomp Filter Bypass

FaceTime - Texture Processing Memory Corruption

WinRAR 5.61 - '.lng' Denial of Service

FTPShell Server 6.83 - 'Account name to ban' Denial of Service (PoC)

HotelDruid 2.3 - Cross-Site Scripting

Apple macOS 10.13.5 - Local Privilege Escalation

Jenkins - Remote Code Execution

Ask Expert Script 3.0.5 - Cross Site Scripting / SQL Injection

Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 - Path Traversal / Cross-Site Scripting

XAMPP 5.6.8 - SQL Injection / Persistent Cross-Site Scripting

eDirectory - SQL Injection

BulletProof FTP Server 2019.0.0.50 - 'SMTP Server' Denial of Service (PoC)

Valentina Studio 9.0.4 - 'Host' Denial of Service (PoC)

Zuz Music 2.1 - 'zuzconsole/___contact ' Persistent Cross-Site Scripting

Listing Hub CMS 1.0 - 'pages.php id' SQL Injection

Find a Place CMS Directory 1.5 - 'assets/external/data_2.php cate' SQL Injection

NetSetMan 4.7.1 - 'Workgroup' Denial of Service (PoC)

MaxxAudio Drivers WavesSysSvc64.exe 1.6.2.0 - Local Privilege Escalation

18.2.19

WordPress Plugin WooCommerce - GloBee (cryptocurrency) Payment Gateway 1.1.1 - Payment Bypass / Unauthorized Order Status Spoofing

Zoho ManageEngine ServiceDesk Plus (SDP) < 10.0 build 10012 - Arbitrary File Upload

Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in AlternateSubstitutionSubtable::process

Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in ExtractBitMap_blocClass

Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in OpenTypeLayoutEngine::adjustGlyphPositions

Oracle Java Runtime Environment - Heap Out-of-Bounds Read During OTF Font Rendering in glyph_CloseContour

Comodo Dome Firewall 2.7.0 - Cross-Site Scripting

ArangoDB Community Edition 3.4.2-1 - Cross-Site Scripting

Apache CouchDB 2.3.0 - Cross-Site Scripting

Webiness Inventory 2.3 - 'ProductModel' Arbitrary File Upload

M/Monit 3.7.2 - Privilege Escalation

NBMonitor 1.6.5.0 - 'Key' Denial of Service (PoC)

CMSsite 1.0 - 'post' SQL Injection

MISP 2.4.97 - SQL Command Execution via Command Injection in STIX Module

Master IP CAM 01 3.3.4.2103 - Remote Command Execution

qdPM 9.1 - 'search[keywords]' Cross-Site Scripting

qdPM 9.1 - 'type' Cross-Site Scripting

mIRC < 7.55 - Remote Command Execution Using Argument Injection Through Custom URI Protocol Handlers

Realterm Serial Terminal 2.0.0.70 - Local Buffer Overflow (SEH)

Realterm Serial Terminal 2.0.0.70 - Denial of Service

15.2.19

ApowerManager 3.1.7 - Phone Manager Remote Denial of Service (DoS)

LayerBB 1.1.2 - Cross-Site Request Forgery (Add Admin)

MediaMonkey 4.1.23 - '.mp3' URL Denial of Service (PoC)

WordPress Plugin Booking Calendar 8.4.3 - Authenticated SQL Injection

DomainMOD 4.11.01 - 'assets/edit/host.php?whid=5' Cross-Site Scripting

DomainMOD 4.11.01 - 'assets/add/dns.php' Cross-Site Scripting

DomainMOD 4.11.01 - 'category.php CatagoryName, StakeHolder' Cross-Site Scripting

DomainMOD 4.11.01 - 'ssl-accounts.php username' Cross-Site Scripting

DomainMOD 4.11.01 - 'ssl-provider-name' Cross-Site Scripting

Core FTP/SFTP Server 1.2 Build 589.42 - 'User domain' Denial of Service (PoC)

exacqVision ESM 5.12.2 - Privilege Escalation

14.2.19

Android - binder Use-After-Free of VMA via race Between reclaim and munmap

Android - binder Use-After-Free via fdget() Optimization

NetworkSleuth 3.0 - 'Name' Denial of Service (PoC)

Rukovoditel Project Management CRM 2.4.1 - Cross-Site Scripting

Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Admin Token Disclosure)

Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Password Disclosure)

Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Reflected Cross-Site Scripting

Ubuntu snapd < 2.37.1 - Local Privilege Escalation

snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (2)

snapd < 2.37 (Ubuntu) - 'dirty_sock' Local Privilege Escalation (1)

runc< 1.0-rc6 (Docker < 18.09.2) - Host Command Execution

Skyworth GPON HomeGateways and Optical Network Terminals - Stack Overflow

LayerBB 1.1.2 - Cross-Site Scripting

BlogEngine.NET 3.3.6 - Directory Traversal / Remote Code Execution

Jenkins 2.150.2 - Remote Command Execution (Metasploit)

OPNsense < 19.1.1 - Cross-Site Scripting

13.2.19

OPNsense < 19.1.1 - Cross-Site Scripting

Jenkins 2.150.2 - Remote Command Execution (Metasploit)

LayerBB 1.1.2 - Cross-Site Scripting

runc< 1.0-rc6 (Docker < 18.09.2) - Host Command Execution

Skyworth GPON HomeGateways and Optical Network Terminals - Stack Overflow

10.2.19

Smoothwall Express 3.1-SP4 - Cross-Site Scripting

River Past Cam Do 3.7.6 - Local Buffer Overflow (SEH)

IP-Tools 2.5 - Local Buffer Overflow (SEH) (Egghunter)

VA MAX 8.3.4 - Authenticated Remote Code Execution

MyBB Bans List 1.0 - Cross-Site Scripting

River Past Video Cleaner 7.6.3 - Local Buffer Overflow (SEH)

Avast Anti-Virus < 19.1.2360 - Local Credentials Disclosure

IPFire 2.21 - Cross-Site Scripting

NordVPN 6.19.6 - Denial of Service (PoC)

Indusoft Web Studio 8.1 SP2 - Remote Code Execution

Evince - CBT File Command Injection (Metasploit)

NUUO NVRmini - upgrade_handle.php Remote Command Execution (Metasploit)

Adobe Flash Player - DeleteRangeTimelineOperation Type Confusion (Metasploit)

FutureDj Pro 1.7.2.0 - Denial of Service

AirDroid 4.2.1.6 - Denial of Service

Coship Wireless Router 4.0.0.x/5.0.0.x - WiFi Password Reset

7.2.19

Skia - Incorrect Convexity Assumptions Leading to Buffer Overflows

River Past Audio Converter 7.7.16 - Buffer Overflow (SEH)

osCommerce 2.3.4.1 - 'reviews_id' SQL Injection

osCommerce 2.3.4.1 - 'products_id' SQL Injection

osCommerce 2.3.4.1 - 'currency' SQL Injection

5.2.19

OpenMRS Platform < 2.24.0 - Insecure Object Deserialization

Zyxel VMG3312-B10B DSL-491HNU-B1B v2 Modem - Cross-Site Request Forgery

devolo dLAN 550 duo+ Starter Kit - Cross-Site Request Forgery

River Past Audio Converter 7.7.16 - Denial of Service (PoC)

Device Monitoring Studio 8.10.00.8925 - Denial of Service (PoC)

BEWARD N100 H.264 VGA IP Camera M2.1.6 - Arbitrary File Disclosure

BEWARD N100 H.264 VGA IP Camera M2.1.6 - Remote Code Execution

BEWARD N100 H.264 VGA IP Camera M2.1.6 - Cross-Site Request Forgery (Add Admin)

BEWARD N100 H.264 VGA IP Camera M2.1.6 - RTSP Stream Disclosure

4.2.19

Nessus 8.2.1 - Cross-Site Scripting

pfSense 2.4.4-p1 - Cross-Site Scripting

TaskInfo 8.2.0.280 - Denial of Service (PoC)

SpotAuditor 3.6.7 - Denial of Service (PoC)

LibSSH 0.7.6 / 0.8.4 - Unauthorized Access

MyVideoConverter Pro 3.14 - Denial of Service

River Past Ringtone Converter 2.7.6.1601 - Denial of Service (PoC)

SuiteCRM 7.10.7 - 'record' SQL Injection

SuiteCRM 7.10.7 - 'parentTab' SQL Injection

ResourceSpace 8.6 - 'watched_searches.php' SQL Injection

3.2.19

SureMDM < 2018-11 Patch - Local / Remote File Inclusion

Remote Process Explorer 1.0.0.16 - Denial of Service SEH Overwrite (PoC)

1.2.19

macOS < 10.14.3 / iOS < 12.1.3 - Kernel Heap Overflow in PF_KEY due to Lack of Bounds Checking when Retrieving Statistics

macOS < 10.14.3 / iOS < 12.1.3 XNU - 'vm_map_copy' Optimization which Requires Atomicity isn't Atomic

macOS < 10.14.3 / iOS < 12.1.3 - Sandbox Escapes due to Type Confusions and Memory Safety Issues in iohideventsystem

macOS < 10.14.3 / iOS < 12.1.3 - Arbitrary mach Port Name Deallocation in XPC Services due to Invalid mach Message Parsing in _xpc_serializer_unpack

macOS XNU - Copy-on-Write Behaviour Bypass via Partial-Page Truncation of File

LanHelper 1.74 - Denial of Service (PoC)

FlexHEX 2.46 - Denial of Service SEH Overwrite (PoC)

ASPRunner Professional 6.0.766 - Denial of Service (PoC)

AMAC Address Change 5.4 - Denial of Service (PoC)

Advanced Host Monitor 11.90 Beta - 'Registration number' Denial of Service (PoC)

UltraISO 9.7.1.3519 - 'Output FileName' Local Buffer Overflow (SEH)

Anyburn 4.3 - 'Convert image to file format' Denial of Service

R 3.5.0 - Local Buffer Overflow (SEH)

Necrosoft DIG 0.4 - Denial of Service SEH Overwrite (PoC)

IP-Tools 2.50 - Denial of Service SEH Overwrite (PoC)

iOS/macOS 10.13.6 - 'if_ports_used_update_wakeuuid()' 16-byte Uninitialized Kernel Stack Disclosure

Advanced File Manager 3.4.1 - Denial of Service (PoC)

10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow (SEH) (DEP Bypass)

Rukovoditel Project Management CRM 2.4.1 - 'lists_id' SQL Injection

30.1.19

HTML5 Video Player 1.2.5 - Local Buffer Overflow - Non SEH

MiniUPnPd 2.1 - Out-of-Bounds Read

PDF Signer 3.0 - SSTI to RCE via CSRF Cookie

29.1.19

ResourceSpace 8.6 - 'collection_edit.php' SQL Injection

MyBB IP History Logs Plugin 1.0.2 - Cross-Site Scripting

Smart VPN 1.1.3.0 - Denial of Service (PoC)

Mess Management System 1.0 - SQL Injection

Teameyo Project Management System 1.0 - SQL Injection

Faleemi Desktop Software 1.8 - Local Buffer Overflow (SEH)(DEP Bypass)

Care2x 2.7 (HIS) Hospital Information System - Multiple SQL Injection

BEWARD Intercom 2.3.1 - Credentials Disclosure

Newsbull Haber Script 1.0.0 - 'search' SQL Injection

R 3.4.4 XP SP3 - Buffer Overflow (Non SEH)

Cisco Firepower Management Center 6.2.2.2 / 6.2.3 - Cross-Site Scripting

Cisco RV300 / RV320 - Information Disclosure

Sricam gSOAP 2.8 - Denial of Service

CMSsite 1.0 - 'search' SQL Injection

CMSsite 1.0 - 'cat_id' SQL Injection

Easy Video to iPod Converter 1.6.20 - Buffer Overflow (SEH)

LogonBox Limited / Hypersocket Nervepoint Access Manager - Unauthenticated Insecure Direct Object Reference

AirTies Air5341 Modem 1.0.0.12 - Cross-Site Request Forgery

WordPress Plugin Ad Manager WD 1.0.11 - Arbitrary File Download

Rundeck Community Edition < 3.0.13 - Persistent Cross-Site Scripting

CloudMe Sync 1.11.2 Buffer Overflow - WoW64 (DEP Bypass)

MySQL User-Defined (Linux) (x32/x86_64) - 'sys_exec' Local Privilege Escalation

28.1.19

Cisco RV320 Dual Gigabit WAN VPN Router 1.4.2.15 - Command Injection

iOS/macOS - 'task_swap_mach_voucher()' Use-After-Free

Wordpress Plugin Wisechat 2.6.3 - Reverse Tabnabbing

Lua 5.3.5 - 'debug.upvaluejoin' Use After Free

GreenCMS 2.x - Arbitrary File Download

GreenCMS 2.x - SQL Injection

25.1.19

Microsoft Remote Desktop 10.2.4(134) - Denial of Service (PoC)

Zyxel NBG-418N v2 Modem 1.00(AAXM.6)C0 - Cross-Site Request Forgery

Ghostscript 9.26 - Pseudo-Operator Remote Code Execution

AddressSanitizer (ASan) - SUID Executable Privilege Escalation (Metasploit)

ImpressCMS 1.3.11 - 'bid' SQL Injection

Splunk Enterprise 7.2.3 - Authenticated Custom App RCE

SirsiDynix e-Library 3.5.x - Cross-Site Scripting

SimplePress CMS 1.0.7 - SQL Injection

Joomla! Component JHotelReservation 6.0.7 - SQL Injection

Joomla! Component J-CruisePortal 6.0.4 - SQL Injection

24.1.19

Microsoft Windows CONTACT - HTML Injection / Remote Code Execution

Nagios XI 5.5.6 - Remote Code Execution / Privilege Escalation

Joomla! Component J-BusinessDirectory 4.9.7 - 'type' SQL Injection

Joomla! Component VMap 1.9.6 - SQL Injection

Joomla! Component vRestaurant 1.9.4 - SQL Injection

Joomla! Component vReview 1.9.11 - SQL Injection

Joomla! Component vAccount 2.0.2 - 'vid' SQL Injection

Joomla! Component vWishlist 1.0.1 - SQL Injection

Joomla! Component vBizz 1.0.7 - Remote Code Execution

Joomla! Component vBizz 1.0.7 - SQL Injection

23.1.19

Microsoft Windows VCF or Contact' File - URL Manipulation-Spoof Arbitrary Code Execution

Joomla! Component Easy Shop 1.2.3 - Local File Inclusion

CloudMe Sync 1.11.2 - Buffer Overflow + Egghunt

Adianti Framework 5.5.0 - SQL Injection

22.1.19

Linux Kernel 4.13 - 'compat_get_timex()' Leak Kernel Pointer

Kepler Wallpaper Script 1.1 - SQL Injection

Echo Mirage 3.1 - Buffer Overflow (PoC)

GattLib 0.2 - Stack Buffer Overflow

PHP Uber-style GeoTracking 1.1 - SQL Injection

PHP Dashboards NEW 5.8 - Local File Inclusion

PHP Dashboards NEW 5.8 - 'dashID' SQL Injection

MoneyFlux 1.0 - 'id' SQL Injection

Reservic 1.0 - 'id' SQL Injection

Coman 1.0 - 'id' SQL Injection

18.1.19

Check Point ZoneAlarm 8.8.1.110 - Local Privilege Escalation

Microsoft Windows CONTACT - Remote Code Execution

Oracle Reports Developer Component 12.2.1.3 - Cross-site Scripting

16.1.19

Microsoft Windows 10 - XmlDocument Insecure Sharing Privilege Escalation

Microsoft Windows 10 - 'RestrictedErrorInfo' Unmarshal Section Handle Use-After-Free

blueman - set_dhcp_handler D-Bus Privilege Escalation (Metasploit)

WebKit JSC JIT - GetIndexedPropertyStorage Use-After-Free

Blueimp's jQuery File Upload 9.22.0 - Arbitrary File Upload Exploit

Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory in Invalid Array Length

Coship Wireless Router 4.0.0.48 / 4.0.0.40 / 5.0.0.54 / 5.0.0.55 / 10.0.0.49 - Unauthenticated Admin Password Reset

GL-AR300M-Lite 2.27 - Authenticated Command Injection / Arbitrary File Download / Directory Traversal

NTPsec 1.1.2 - 'config' Authenticated Out-of-Bounds Write Denial of Service (PoC)

NTPsec 1.1.2 - 'ntp_control' Authenticated NULL Pointer Dereference (PoC)

NTPsec 1.1.2 - 'ntp_control' Out-of-Bounds Read (PoC)

NTPsec 1.1.2 - 'ctl_getitem' Out-of-Bounds Read (PoC)

ShoreTel / Mitel Connect ONSITE 19.49.5200.0 - Remote Code Execution

doorGets CMS 7.0 - Arbitrary File Download

Roxy Fileman 1.4.5 - Arbitrary File Download

FortiGate FortiOS < 6.0.3 - LDAP Credential Disclosure

Roxy Fileman 1.4.5 - Arbitrary File Download

doorGets CMS 7.0 - Arbitrary File Download

Spotify 1.0.96.181 - 'Proxy configuration' Denial of Service (PoC)

15.1.19

Microsoft Windows VCF - Remote Code Execution

Microsoft Windows 10 - COM Desktop Broker Privilege Escalation

Microsoft Windows 10 - Browser Broker Cross Session Privilege Escalation

Microsoft Windows 10 - DSSVC MoveFileInheritSecurity Privilege Escalation

Microsoft Windows 10 - DSSVC CanonicalAndValidateFilePath Security Feature Bypass

Microsoft Windows 10 - DSSVC DSOpenSharedFile Arbitrary File Delete Privilege Escalation

Microsoft Windows 10 - DSSVC DSOpenSharedFile Arbitrary File Open Privilege Escalation

Microsoft Windows 10 - SSPI Network Authentication Session 0 Privilege Escalation

AudioCode 400HD - Command Injection

Portier Vision 4.4.4.2 / 4.4.4.6 - SQL Injection

Dokany 1.2.0.1000 - Stack-Based Buffer Overflow Privilege Escalation

Bigcart - Ecommerce Multivendor System 1.0 - SQL Injection

Bigcart - Ecommerce Multivendor System 1.0 - SQL Injection

Job Portal Platform 1.0 - SQL Injection

Real Estate Custom Script 2.0 - SQL Injection

ThinkPHP 5.X - Remote Command Execution

Hucart CMS 5.7.4 - Cross-Site Request Forgery (Add Administrator Account)

HealthNode Hospital Management System 1.0 - SQL Injection

Lenovo R2105 - Cross-Site Request Forgery (Command Execution)

Cleanto 5.0 - SQL Injection

Find a Place CMS Directory 1.5 - SQL Injection

Craigs Classified Ads CMS Theme 1.0.2 - SQL Injection

Hootoo HT-05 - Remote Code Execution (Metasploit)

xorg-x11-server < 1.20.3 - Local Privilege Escalation (Solaris 11 inittab)

Live Call Support Widget 1.5 - Remote Code Execution / SQL Injection

Live Call Support Widget 1.5 - Cross-Site Request Forgery (Add Admin)

Twilio WEB To Fax Machine System Application 1.0 - SQL Injection

Modern POS 1.3 - SQL Injection

Modern POS 1.3 - Arbitrary File Download

Horde Imp - 'imap_open' Remote Command Execution

i-doit CMDB 1.12 - SQL Injection

i-doit CMDB 1.12 - Arbitrary File Download

Across DR-810 ROM-0 - Backup File Disclosure

14.1.19

Luminance Studio 2.17 - Denial of Service (PoC)

Blob Studio 2.17 - Denial of Service (PoC)

Liquid Studio 2.17 - Denial of Service (PoC)

Pixel Studio 2.17 - Denial of Service (PoC)

Paint Studio 2.17 - Denial of Service (PoC)

Tree Studio 2.17 - Denial of Service (PoC)

Selfie Studio 2.17 - Denial of Service (PoC)

Joomla! Component JoomCRM 1.1.1 - SQL Injection

Joomla! Component JoomProject 1.1.3.2 - Information Disclosure

Code Blocks 17.12 - Local Buffer Overflow (SEH) (Unicode)

Adapt Inventory Management System 1.0 - SQL Injection

12.1.19

Luminance Studio 2.17 - Denial of Service (PoC)

Blob Studio 2.17 - Denial of Service (PoC)

Liquid Studio 2.17 - Denial of Service (PoC)

Pixel Studio 2.17 - Denial of Service (PoC)

Paint Studio 2.17 - Denial of Service (PoC)

Tree Studio 2.17 - Denial of Service (PoC)

Selfie Studio 2.17 - Denial of Service (PoC)

Joomla! Component JoomCRM 1.1.1 - SQL Injection

Joomla! Component JoomProject 1.1.3.2 - Information Disclosure

Code Blocks 17.12 - Local Buffer Overflow (SEH) (Unicode)

Adapt Inventory Management System 1.0 - SQL Injection

11.1.19

OpenSource ERP 6.3.1. - SQL Injection

eBrigade ERP 4.5 - SQL Injection

Event Locations 1.0.1 - 'id' SQL Injection

Event Calendar 3.7.4 - 'id' SQL Injection

MLMPro 1.0 - SQL Injection

Architectural 1.0 - 'email' SQL Injection

Shield CMS 2.2 - 'email' SQL Injection

doitX 1.0 - 'search' SQL Injection

Matrix MLM Script 1.0 - Information Disclosure

eBrigade ERP 4.5 - Arbitrary File Download

PEAR Archive_Tar < 1.4.4 - PHP Object Injection

RGui 3.5.0 - Local Buffer Overflow (SEH)(DEP Bypass)

BlogEngine 3.3 - XML External Entity Injection

polkit - Temporary auth Hijacking via PID Reuse and Non-atomic Fork

Microsoft Windows - DSSVC CheckFilePermission Arbitrary File Deletion

ZTE MF65 BD_HDV6MF65V1.0.0B05 - Cross-Site Scripting

Microsoft Office SharePoint Server 2016 - Denial of Service (Metasploit)

Heatmiser Wifi Thermostat 1.7 - Cross-Site Request Forgery (Update Admin)

Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory. Denial of Service (PoC)

10.1.19

MLMPro 1.0 - SQL Injection

Architectural 1.0 - 'email' SQL Injection

Shield CMS 2.2 - 'email' SQL Injection

doitX 1.0 - 'search' SQL Injection

Matrix MLM Script 1.0 - Information Disclosure

eBrigade ERP 4.5 - Arbitrary File Download

PEAR Archive_Tar < 1.4.4 - PHP Object Injection

RGui 3.5.0 - Local Buffer Overflow (SEH)(DEP Bypass)

BlogEngine 3.3 - XML External Entity Injection

polkit - Temporary auth Hijacking via PID Reuse and Non-atomic Fork

Microsoft Windows - DSSVC CheckFilePermission Arbitrary File Deletion

ZTE MF65 BD_HDV6MF65V1.0.0B05 - Cross-Site Scripting

Microsoft Office SharePoint Server 2016 - Denial of Service (Metasploit)

Heatmiser Wifi Thermostat 1.7 - Cross-Site Request Forgery (Update Admin)

Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory. Denial of Service (PoC)

9.1.19

Microsoft Windows - Windows Error Reporting Local Privilege Escalation

MDwiki < 0.6.2 - Cross-Site Scripting

8.1.19

Wireshark - 'get_t61_string' Heap Out-of-Bounds Read

Dolibarr ERP-CRM 8.0.4 - 'rowid' SQL Injection

CF Image Hosting Script 1.6.5 - (Delete all Pictures) Privilege Escalation

KioWare Server Version 4.9.6 - Weak Folder Permissions Privilege Escalation

Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery (Send SMS)

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - JS/HTML Code Injection

Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - Cross-Site Request Forgery

7.1.19

Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service (PoC)

SpotFTP Password Recover 2.4.2 - 'Name' Denial of Service (PoC)

BlueAuditor 1.7.2.0 - 'Key' Denial of Service (PoC)

Ajera Timesheets 9.10.16 - Deserialization of Untrusted Data

Roxy Fileman 1.4.5 - Unrestricted File Upload / Directory Traversal

MyT Project Management 1.5.1 - 'Charge[group_total]' SQL Injection

Wordpress Plugin UserPro < 4.9.21 - User Registration Privilege Escalation

phpMoAdmin MongoDB GUI 1.1.5 - Cross-Site Request Forgery / Cross-Site Scripting

PLC Wireless Router GPN2.4P21-C-CN - Cross-Site Scripting

MyBB OUGC Awards Plugin 1.8.3 - Persistent Cross-Site Scripting

LayerBB 1.1.1 - Persistent Cross-Site Scripting

Microsoft Edge 44.17763.1.0 - NULL Pointer Dereference

All in One Video Downloader 1.2 - Authenticated SQL Injection

Embed Video Scripts - Persistent Cross-Site Scripting

Mailcleaner - Authenticated Remote Code Execution (Metasploit)

2.1.19

NetworkSleuth 3.0.0.0 - 'Key' Denial of Service (PoC)

EZ CD Audio Converter 8.0.7 - Denial of Service (PoC)

Frog CMS 0.9.5 - Cross-Site Scripting

WordPress Plugin Adicon Server 1.2 - 'selectedPlace' SQL Injection

Vtiger CRM 7.1.0 - Remote Code Execution

NBMonitor Network Bandwidth Monitor 1.6.5.0 - 'Name' Denial of Service (PoC)

28.12.18

ShareAlarmPro 2.1.4 - Denial of Service (PoC)

NetShareWatcher 1.5.8 - Denial of Service (PoC)

WordPress Plugin Baggage Freight Shipping Australia 0.1.0 - Arbitrary File Upload

bludit Pages Editor 3.0.0 - Arbitrary File Upload

Iperius Backup 5.8.1 - Buffer Overflow (SEH)

Terminal Services Manager 3.1 - Local Buffer Overflow (SEH)

Product Key Explorer 4.0.9 - Denial of Service (PoC)

MAGIX Music Editor 3.1 - Buffer Overflow (SEH)

WordPress Plugin Audio Record 1.0 - Arbitrary File Upload

Craft CMS 3.0.25 - Cross-Site Scripting

24.12.18

Microsoft Edge 42.17134.1.0 - 'Tree::ANode::DocumentLayout' Denial of Service

Microsoft Windows - 'MsiAdvertiseProduct' Arbitrary File Read

Netatalk < 3.1.12 - Authentication Bypass

SQLScan 1.0 - Denial of Service (PoC)

ZeusCart 4.0 - Cross-Site Request Forgery (Deactivate Customer Accounts)

AnyBurn 4.3 - Local Buffer Overflow (SEH)

Angry IP Scanner for Linux 3.5.3 - Denial of Service (PoC)

FrontAccounting 2.4.5 - 'SubmitUser' SQL Injection

WSTMart 2.0.8 - Cross-Site Request Forgery (Add Admin)

WSTMart 2.0.8 - Cross-Site Scripting

22.12.18

Erlang - Port Mapper Daemon Cookie RCE (Metasploit)

VBScript - MSXML Execution Policy Bypass

VBScript - VbsErase Reference Leak Use-After-Free

Base64 Decoder 1.1.2 - Local Buffer Overflow (SEH)

XMPlay 3.8.3 - '.m3u' Local Stack Overflow Code Execution

LanSpy 2.0.1.159 - Buffer Overflow (SEH) (Egghunter)

20.12.18

IBM Operational Decision Manager 8.x - XML External Entity Injection

LanSpy 2.0.1.159 - Buffer Overflow (SEH) (Egghunter)

19.12.18

IBM Operational Decision Manager 8.x - XML External Entity Injection

PDF Explorer 1.5.66.2 - Buffer Overflow (SEH)

Yeswiki Cercopitheque - 'id' SQL Injection

Bolt CMS < 3.6.2 - Cross-Site Scripting

Integria IMS 5.0.83 - Cross-Site Request Forgery

Integria IMS 5.0.83 - 'search_string' Cross-Site Scripting

Rukovoditel Project Management CRM 2.3.1 - Remote Code Execution (Metasploit)

Hotel Booking Script 3.4 - Cross-Site Request Forgery (Change Admin Password)

LanSpy 2.0.1.159 - Local Buffer Overflow

PassFab RAR 9.3.2 - Buffer Overflow (SEH)

Linux Kernel 4.4 - 'rtnetlink' Stack Memory Disclosure

18.12.18

Microsoft Windows - 'jscript!JsArrayFunctionHeapSort' Out-of-Bounds Write

Exel Password Recovery 8.2.0.0 - Local Buffer Overflow Denial of Service

AnyBurn 4.3 - Local Buffer Overflow Denial of Service

SDL Web Content Manager 8.5.0 - XML External Entity Injection

MiniShare 1.4.1 - Remote Buffer Overflow HEAD and POST Method

14.12.18

Zortam MP3 Media Studio 24.15 - Local Buffer Overflow (SEH)

Responsive FileManager 9.13.4 - Multiple Vulnerabilities

Cisco RV110W - Password Disclosure / Command Execution

Angry IP Scanner 3.5.3 - Denial of Service (PoC)

Facebook And Google Reviews System For Businesses - Cross-Site Request Forgery (Change Admin Password)

Huawei Router HG532e - Command Execution

Fortify Software Security Center (SSC) 17.10/17.20/18.10 - Information Disclosure (2)

Fortify Software Security Center (SSC) 17.10/17.20/18.10 - Information Disclosure

13.12.18

CyberLink LabelPrint 2.5 - Stack Buffer Overflow (Metasploit)

WebKit JIT - Int32/Double Arrays can have Proxy Objects in the Prototype Chains

Linux - 'userfaultfd' Bypasses tmpfs File Permissions

12.12.18

Adobe ColdFusion 18 - Arbitrary File Upload

ThinkPHP 5.0.23/5.1.31 - Remote Code Execution

WordPress Plugin AutoSuggest 0.24 - 'wpas_keys' SQL Injection

HotelDruid 2.3.0 - 'id_utente_mod' SQL Injection

Apache OFBiz 16.11.05 - Cross-Site Scripting

ZTE ZXHN H168N - Improper Access Restrictions

Huawei B315s-22 - Information Leak

TP-Link wireless router Archer C1200 - Cross-Site Scripting

PrinterOn Enterprise 4.1.4 - Arbitrary File Deletion

LanSpy 2.0.1.159 - Local Buffer Overflow (PoC)

DomainMOD 4.11.01 - Cross-Site Scripting

SmartFTP Client 9.0.2623.0 - Denial of Service (PoC)

PrestaShop 1.6.x/1.7.x - Remote Code Execution

McAfee True Key - McAfee.TrueKey.Service Privilege Escalation

XNU - POSIX Shared Memory Mappings have Incorrect Maximum Protection

11.12.18

McAfee True Key - McAfee.TrueKey.Service Privilege Escalation

Alumni Tracer SMS Notification - SQL Injection / Cross-Site Request Forgery

Tourism Website Blog - Remote Code Execution / SQL Injection

XNU - POSIX Shared Memory Mappings have Incorrect Maximum Protection

10.12.18

DomainMOD 4.11.01 - 'DisplayName' Cross-Site Scripting

Adiscon LogAnalyzer 4.1.7 - Cross-Site Scripting

i-doit CMDB 1.11.2 - Remote Code Execution

Textpad 8.1.2 - Denial Of Service (PoC)

5.12.18

HasanMWB 1.0 - SQL Injection

4.12.18

Microsoft Lync for Mac 2011 - Injection Forced Browsing/Download

Rockwell Automation Allen-Bradley PowerMonitor 1000 - Incorrect Access Control Authentication Bypass

Xorg X11 Server (AIX) - Local Privilege Escalation

OpenSSH < 7.7 - User Enumeration (2)

DomainMOD 4.11.01 - Owner name Field Cross-Site Scripting

NEC Univerge Sv9100 WebPro - 6.00 - Predictable Session ID / Clear Text Password Storage

KeyBase Botnet 1.5 - SQL Injection

Dolibarr ERP/CRM 8.0.3 - Cross-Site Scripting

DomainMOD 4.11.01 - Custom Domain Fields Cross-Site Scripting

DomainMOD 4.11.01 - Custom SSL Fields Cross-Site Scripting

NUUO NVRMini2 3.9.1 - Authenticated Command Injection

DomainMOD 4.11.01 - Registrar Cross-Site Scripting

Wireshark - 'cdma2k_message_ACTIVE_SET_RECORD_FIELDS' Stack Corruption

Wireshark - 'find_signature' Heap Out-of-Bounds Read

HP Intelligent Management - Java Deserialization RCE (Metasploit)

Emacs - movemail Privilege Escalation (Metasploit)

FreshRSS 1.11.1 - Cross-Site Scripting

3.12.18

PaloAlto Networks Expedition Migration Tool 1.0.106 - Information Disclosure

Rockwell Automation Allen-Bradley PowerMonitor 1000 - Cross-Site Scripting

Fleetco Fleet Maintenance Management 1.2 - Remote Code Execution

CyberArk 9.7 - Memory Disclosure

2.12.18

Apache Spark - Unauthenticated Command Execution (Metasploit)

VBScript - 'rtFilter' Out-of-Bounds Read

VBScript - 'OLEAUT32!VariantClear' and 'scrrun!VBADictionary::put_Item' Use-After-Free

xorg-x11-server < 1.20.3 - 'modulepath' Local Privilege Escalation

HTML5 Video Player 1.2.5 - Buffer Overflow (Metasploit)

30.11.18

Apache Spark - Unauthenticated Command Execution (Metasploit)

VBScript - 'rtFilter' Out-of-Bounds Read

VBScript - 'OLEAUT32!VariantClear' and 'scrrun!VBADictionary::put_Item' Use-After-Free

xorg-x11-server < 1.20.3 - 'modulepath' Local Privilege Escalation

HTML5 Video Player 1.2.5 - Buffer Overflow (Metasploit)

29.11.18

Netgear Devices - Unauthenticated Remote Command Execution (Metasploit)

28.11.18

Xorg X11 Server - SUID privilege escalation (Metasploit)

Arm Whois 3.11 - Buffer Overflow (ASLR)

ELBA5 5.8.0 - Remote Code Execution

Zyxel VMG1312-B10D 5.13AAXA.8 - Directory Traversal

27.11.18

Zyxel VMG1312-B10D 5.13AAXA.8 - Directory Traversal

No-Cms 1.0 - 'order_by' SQL Injection

No-Cms 1.0 - 'order_by' SQL Injection

Ticketly 1.0 - 'kind_id' SQL Injection

Wordpress Plugins Easy Testimonials 3.2 - Cross-Site Scripting

Ricoh myPrint 2.9.2.4 - Hard-Coded Credentials

MariaDB Client 10.1.26 - Denial of Service (PoC)

22.11.18

WebOfisi E-Ticaret V4 - 'urun' SQL Injection

WordPress CherryFramework Themes 3.1.4 - Backup File Download

21.11.18

Microsoft Windows - DfMarshal Unsafe Unmarshaling Privilege Escalation

macOS 10.13 - 'workq_kernreturn' Denial of Service (PoC)

ImageMagick - Memory Leak

Ticketly 1.0 - Cross-Site Request Forgery (Add Admin)

WebOfisi E-Ticaret V4 - 'urun' SQL Injection

WordPress CherryFramework Themes 3.1.4 - Backup File Download

Ticketly 1.0 - 'name' SQL Injection

20.11.18

MacOS 10.13 - 'workq_kernreturn' Denial of Service (PoC)

Ticketly 1.0 - Cross-Site Request Forgery (Add Admin)

19.11.18

Microsoft Edge Chakra - OP_Memset Type Confusion

XMPlay 3.8.3 - '.m3u' Denial of Service (PoC)

HTML Video Player 1.2.5 - Buffer-Overflow (SEH)

18.11.18

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD 4.11.01 - Cross-Site Scripting

Warranty Tracking System 11.06.3 - 'txtCustomerCode' SQL Injection

Linux - Broken uid/gid Mapping for Nested User Namespaces

Easy Outlook Express Recovery 2.0 - Denial of Service (PoC)

Mumsoft Easy Software 2.0 - Denial of Service (PoC)

16.11.18

DomainMOD 4.11.01 - Cross-Site Scripting

Helpdezk 1.1.1 - Arbitrary File Upload

Warranty Tracking System 11.06.3 - 'txtCustomerCode' SQL Injection

WordPress Plugin Ninja Forms 3.3.17 - Cross-Site Scripting

PHP Mass Mail 1.0 - Arbitrary File Upload

2-Plan Team 1.0.4 - Arbitrary File Upload

15.11.18

Notepad3 1.0.2.350 - Denial of Service (PoC)

PHP 5.2.3 imap (Debian Based) - 'imap_open' Disable Functions Bypass

Atlassian Jira - Authenticated Upload Code Execution (Metasploit)

SwitchVPN for macOS 2.1012.03 - Privilege Escalation

Bosch Video Management System 8.0 - Configuration Client Denial of Service (PoC)

14.11.18

Atlassian Jira - Authenticated Upload Code Execution (Metasploit)

Advanced Comment System 1.0 - SQL Injection

SwitchVPN for macOS 2.1012.03 - Privilege Escalation

EdTv 2 - 'id' SQL Injection

Electricks eCommerce 1.0 - Cross-Site Request Forgery (Change Admin Password)

AMPPS 2.7 - Denial of Service (PoC)

Electricks eCommerce 1.0 - Cross-Site Request Forgery (Change Admin Password)

Helpdezk 1.1.1 - 'query' SQL Injection

iServiceOnline 1.0 - 'r' SQL Injection

ntpd 4.2.8p10 - Out-of-Bounds Read (PoC)

13.11.18

Linux/x86 - Bind (99999/TCP) NetCat Traditional (/bin/nc) Shell (/bin/bash) Shellcode (58...

Cisco Immunet < 6.2.0 / Cisco AMP For Endpoints 6.2.0 - Denial of Service

Evince 3.24.0 - Command Injection

SIPve 0.0.2-R19 - SQL Injection

Webiness Inventory 2.3 - SQL Injection

Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery (Add Admin)

12.11.18

Nominas 0.27 - 'username' SQL Injection

D-LINK Central WifiManager CWM-100 - Server-Side Request Forgery

ServerZilla 1.0 - 'email' SQL Injection

TP-Link Archer C50 Wireless Router 171227 - Cross-Site Request Forgery (Configuration...

Paroiciel 11.20 - 'tRecIdListe' SQL Injection

Wordpress Plugin Media File Manager 1.4.2 - Directory Traversal

TufinOS 2.17 Build 1193 - XML External Entity Injection

Data Center Audit 2.6.2 - 'username' SQL Injection

HeidiSQL 9.5.0.5196 - Denial of Service (PoC)

9.11.18

Microsoft Windows 10 (Build 17134) - Local Privilege Escalation (UAC Bypass)

OpenSLP 2.0.0 - Multiple Vulnerabilities

8.11.18

PlayJoom 0.10.1 - 'catid' SQL Injection

7.11.18

LibreHealth 2.0.0 - Arbitrary File Actions

OpenBiz Cubi Lite 3.0.8 - 'username' SQL Injection

OOP CMS BLOG 1.0 - 'search' SQL Injection

Grocery crud 1.6.1 - 'search_field' SQL Injection

VSAXESS V2.6.2.70 build20171226_053 - 'organization' Denial of Service (PoC)

eToolz 3.4.8.0 - Denial of Service (PoC)

Blue Server 1.1 - Denial of Service (PoC)

6.11.18

FaceTime - 'VCPDecompressionDecodeFrame' Memory Corruption

FaceTime - 'readSPSandGetDecoderParams' Stack Corruption

FaceTime - RTP Video Processing Heap Corruption

Voovi Social Networking Script 1.0 - 'user' SQL Injection

Royal TS/X - Information Disclosure

LiquidVPN 1.36 / 1.37 - Privilege Escalation

Morris Worm - fingerd Stack Buffer Overflow (Metasploit)

blueimp's jQuery 9.22.0 - (Arbitrary) File Upload (Metasploit)

Morris Worm - sendmail Debug Mode Shell Escape (Metasploit)

5.11.18

Microsoft Internet Explorer 11 - Null Pointer Difference

Poppy Web Interface Generator 0.8 - Arbitrary File Upload

Virgin Media Hub 3.0 Router - Denial of Service (PoC)

WebVet 0.1a - 'id' SQL Injection

Advantech WebAccess SCADA 8.3.2 - Remote Code Execution

SiAdmin 1.1 - 'id' SQL Injection

Intel (Skylake / Kaby Lake) - 'PortSmash' CPU SMT Side-Channel

Softros LAN Messenger 9.2 - Denial of Service (PoC)

Voovi Social Networking Script 1.0 - 'user' SQL Injection

Royal TS/X - Information Disclosure

PHP Proxy 3.0.3 - Local File Inclusion

2.11.18

Arm Whois 3.11 - Denial of Service (PoC)

WebDrive 18.00.5057 - Denial of Service (PoC)

Artha The Open Thesaurus 1.0.3.0 - Denial of Service (PoC)

qdPM 9.1 - 'filter_by' SQL Injection

Gate Pass Management System 2.1 - 'login' SQL Injection

Jelastic 5.4 - 'host' SQL Injection

Fantastic Blog CMS 1.0 - 'id' SQL Injection

Anviz AIM CrossChex Standard 4.3 - CSV Injection

1.11.18

Arm Whois 3.11 - Denial of Service (PoC)

Arm Whois 3.11 - Denial of Service (PoC)

WebDrive 18.00.5057 - Denial of Service (PoC)

Artha The Open Thesaurus 1.0.3.0 - Denial of Service (PoC)

31.10.18

Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution

SmartFTP Client 9.0.2615.0 - Denial of Service (PoC)

30.10.18

Windows/x64 - Remote (Bind TCP) Keylogger Shellcode (864 bytes) (Generator)

Instagram Clone 1.0 - Arbitrary File Upload

Notes Manager 1.0 - Arbitrary File Upload

University Application System 1.0 - SQL Injection / Cross-Site Request Forgery (Add Admin)

NETGEAR WiFi Router R6120 - Credential Disclosure

Webiness Inventory 2.9 - Arbitrary File Upload

phptpoint Pharmacy Management System 1.0 - 'username' SQL Injection

Electricks eCommerce 1.0 - 'prodid' SQL Injection

South Gate Inn Online Reservation System 1.0 - 'q' SQL Injection

xorg-x11-server 1.20.3 - Privilege Escalation

R 3.4.4 - Buffer Overflow DEP/ASLR Bypass Win10 x86

29.10.18

K-iwi Framework 1775 - SQL Injection

SaltOS Erp Crm 3.1 r8126 - Database File Download

SaltOS Erp Crm 3.1 r8126 - SQL Injection (2)

SaltOS Erp Crm 3.1 r8126 - SQL Injection

E-Negosyo System 1.0 - SQL Injection

RhinOS CMS 3.x - Arbitrary File Download

Modbus Slave PLC 7 - '.msw' Buffer Overflow (PoC)

Grapixel New Media 2 - 'pageref' SQL Injection

Paramiko 2.4.1 - Authentication Bypass

Modbus Slave PLC 7 - '.msw' Buffer Overflow (PoC)

Local Server 1.0.9 - Denial of Service (PoC)

AlienIP 2.41 - Denial of Service (PoC)

Navicat 12.0.29 - 'SSH' Denial of Service (PoC)

Open Faculty Evaluation System 5.6 - 'batch_name' SQL Injection

Open Faculty Evaluation System 7 - 'batch_name' SQL Injection

Library Management System 1.0 - 'frmListBooks' SQL Injection

School Equipment Monitoring System 1.0 - 'login' SQL Injection

AlienIP 2.41 - Denial of Service (PoC)

28.10.18

Veterinary Clinic Management 00.02 - 'editpetnum' SQL Injection

Delta Sql 1.8.2 - 'id' SQL Injection

MPS Box 0.1.8.0 - Arbitrary File Upload

Quick Count 2.0 - 'txtInstID' SQL Injection

xorg-x11-server < 1.20.3 - Local Privilege Escalation

26.10.18

WebExec - Authenticated User Code Execution (Metasploit)

libtiff 4.0.9 - Decodes Arbitrarily Sized JBIG into a Target Buffer

Open STA Manager 2.3 - Arbitrary File Download

MPS Box 0.1.8.0 - 'uuid' SQL Injection

AjentiCP 1.2.23.13 - Cross-Site Scripting

BORGChat 1.0.0 build 438 - Denial of Service (PoC)

25.10.18

Microsoft Data Sharing - Local Privilege Escalation (PoC)

WebExec - Authenticated User Code Execution (Metasploit)

WebEx - Local Service Permissions Exploit (Metasploit)

Ekushey Project Manager CRM 3.1 - Cross-Site Scripting

ProjeQtOr Project Management Tool 7.2.5 - Remote Code Execution

exim 4.90 - Remote Code Execution

Apache OFBiz 16.11.04 - XML External Entity Injection

LANGO Codeigniter Multilingual Script 1.0 - Cross-Site Scripting

Axioscloud Sissiweb Registro Elettronico 7.0.0 - 'Error_desc' Cross-Site Scripting

24.10.18

Linux/x86 - execve(/bin/cat /etc/ssh/sshd_config) Shellcode 44 Bytes

ADULT FILTER 1.0 - Denial of Service (PoC)

Axioscloud Sissiweb Registro Elettronico 7.0.0 - 'Error_desc' Cross-Site Scripting

Fifa Master XLS 2.3.2 - 'usw' SQL Injection

MGB OpenSource Guestbook 0.7.0.2 - 'id' SQL Injection

SIM-PKH 2.4.1 - 'id' SQL Injection

School ERP Pro+Responsive 1.0 - 'fid' SQL Injection

School ERP Pro+Responsive 1.0 - Arbitrary File Download

ServersCheck Monitoring Software 14.3.3 - Denial of Service (PoC)

23.10.18

Microsoft Windows 10 - Local Privilege Escalation (UAC Bypass)

Viva Visitor & Volunteer ID Tracking 0.95.1 - 'fname' SQL Injection

The Open ISES Project 3.30A - Arbitrary File Download

eNdonesia Portal 8.7 - 'artid' SQL Injection

School ERP Ultimate 18 - 'fid' SQL Injection

The Open ISES Project 3.30A - 'tick_lat' SQL Injection

22.10.18

Windows - SetImeInfoEx Win32k NULL Pointer Dereference (Metasploit)

Apple iOS Kernel - Use-After-Free due to bad Error Handling in Personas

Apple iOS/macOS - Kernel Memory Corruption due to Integer Overflow in...

Apple iOS/macOS - Sandbox Escape due to mach Message sent from Shared Memory

Apple iOS - Kernel Stack Memory Disclosure due to Failure to Check copyin Return Value

Apple iOS/macOS - Sandbox Escape due to Trusted Length Field in Shared Memory used by HID...

Apple Intel GPU Driver - Use-After-Free/Double-Delete due to bad Locking

MySQL Edit Table 1.0 - 'id' SQL Injection

Modbus Poll 7.2.2 - Denial of Service (PoC)

The Open ISES Project 3.30A - 'tick_lat' SQL Injection

Oracle Siebel CRM 8.1.1 - CSV Injection

School ERP Ultimate 18 - Arbitrary File Download

AudaCity 2.3 - Denial of Service (PoC)

19.10.18

libSSH - Authentication Bypass

OwnTicket 1.0 - 'TicketID' SQL Injection

PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add admin)

Learning with Texts 1.6.2 - 'start' SQL Injection

18.10.18

FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials

Time and Expense Management System 3.0 - 'table' SQL Injection

TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure

17.10.18

Microsoft Windows - 'FSCTL_FIND_FILES_BY_SID' Information Disclosure

Any Sound Recorder 2.93 - Buffer Overflow (SEH)

Git Submodule - Arbitrary Code Execution

VLC Media Player - MKV Use-After-Free (Metasploit)

Solaris - RSH Stack Clash Privilege Escalation (Metasploit)

Time and Expense Management System 3.0 - Cross-Site Request Forgery (Add Admin)

BigTree CMS 4.2.23 - Cross-Site Scripting

Heatmiser Wifi Thermostat 1.7 - Credential Disclosure

15.10.18

Academic Timetable Final Build 7.0a-7.0b - 'id' SQL Injection

FLIR AX8 Thermal Camera 1.32.16 - RTSP Stream Disclosure

MaxOn ERP Software 8.x-9.x - 'nomor' SQL Injection

Advanced HRM 1.6 - Remote Code Execution

College Notes Management System 1.0 - 'user' SQL Injection

FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution

AlchemyCMS 4.1 - Cross-Site Scripting

Academic Timetable Final Build 7.0b - Cross-Site Request Forgery (Add Admin)

14.10.18

SugarCRM 6.5.26 - Cross-Site Scripting

HaPe PKH 1.1 - Arbitrary File Upload

CAMALEON CMS 2.4 - Cross-Site Scripting

HaPe PKH 1.1 - Cross-Site Request Forgery (Update Admin)

12.10.18

Microsoft SQL Server Management Studio 17.9 - '.xmla' XML External Entity Injection

Microsoft SQL Server Management Studio 17.9 - '.xel' XML External Entity Injection

Microsoft SQL Server Management Studio 17.9 - XML External Entity Injection

E-Registrasi Pencak Silat 18.10 - 'id_partai' SQL Injection

WAGO 750-881 01.09.18 - Cross-Site Scripting

Wikidforum 2.20 - Cross-Site Scripting

jQuery-File-Upload 9.22.0 - Arbitrary File Upload

Phoenix Contact WebVisit 6.40.00 - Password Disclosure

11.10.18

Microsoft SQL Server Management Studio 17.9 - '.xmla' XML External Entity Injection

Microsoft SQL Server Management Studio 17.9 - '.xel' XML External Entity Injection

Microsoft SQL Server Management Studio 17.9 - XML External Entity Injection

Phoenix Contact WebVisit 6.40.00 - Password Disclosure

jQuery-File-Upload 9.22.0 - Arbitrary File Upload

E-Registrasi Pencak Silat 18.10 - 'id_partai' SQL Injection

WAGO 750-881 01.09.18 - Cross-Site Scripting

Wikidforum 2.20 - Cross-Site Scripting

Ektron CMS 9.20 SP2 - Improper Access Restrictions

MicroTik RouterOS < 6.43rc3 - Remote Root

Ektron CMS 9.20 SP2 - Improper Access Restrictions

WhatsApp - RTP Processing Heap Corruption

FileZilla 3.33 - Buffer Overflow (PoC)

10.10.18

Microsoft Edge Chakra JIT - Type Confusion

Microsoft Edge Chakra JIT - 'BailOutOnInvalidatedArrayHeadSegment' Check Bypass

Delta Electronics Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow...

Wikidforum 2.20 - 'message_id' SQL Injection

Wikidforum 2.20 - 'select_sort' SQL Injection

ifwatchd - Privilege Escalation (Metasploit)

ghostscript - executeonly Bypass with errorhandler Setup

Seqrite End Point Security 7.4 - Privilege Escalation

9.10.18

Microsoft Windows - Net-NTLMv2 Reflection DCOM/RPC (Metasploit)

Navigate CMS - Unauthenticated Remote Code Execution (Metasploit)

Unitrends UEB - HTTP API Remote Code Execution (Metasploit)

Cisco Prime Infrastructure - Unauthenticated Remote Code Execution

Imperva SecureSphere 13 - Remote Command Execution

FLIR Thermal Traffic Cameras 1.01-0bb5b27 - Information Disclosure

Zahir Enterprise Plus 6 - Stack Buffer Overflow (Metasploit)

Git Submodule - Arbitrary Code Execution

Android - sdcardfs Changes current->fs Without Proper Locking

Linux - Kernel Pointer Leak via BPF

8.10.18

360 3.5.0.1033 - Sandbox Escape

net-snmp 5.7.3 - Unauthenticated Denial of Service (PoC)

Linux/MIPS (Big Endian) - execve(/bin/sh) + Reverse TCP 192.168.2.157/31337 Shellcode...

Linux/x86 - execve(/bin/sh) + MMX/ROT13/XOR Shellcode (Encoder/Decoder) (104 bytes)

Cisco Prime Infrastructure - Unauthenticated Remote Code Execution

Git Submodule - Arbitrary Code Execution

Linux Kernel < 4.11.8 - 'mq_notify: double sock_put()' Local Privilege Escalation

net-snmp 5.7.3 - Authenticated Denial of Service (PoC)

net-snmp 5.7.3 - Unauthenticated Denial of Service (PoC)

7.10.18

Chamilo LMS 1.11.8 - Cross-Site Scripting

ISPConfig < 3.1.13 - Remote Command Execution

D-Link Central WiFiManager Software Controller 1.03 - Multiple Vulnerabilities

Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Request Forgery (Add Admin)

5.10.18

LayerBB Forum 1.1.1 - 'search_query' SQL Injection

NICO-FTP 3.0.1.19 - Buffer Overflow (SEH)(ASLR)

4.10.18

LayerBB Forum 1.1.1 - 'search_query' SQL Injection

virtualenv 16.0.0 - Sandbox Escape

FTP Voyager 16.2.0 - Denial of Service (PoC)

Linux\x86 - (NOT +SHIFT-N+ XOR-N) + encoded (/bin/sh) Shellcode (50 byes)

3.10.18

OPAC EasyWeb Five 5.7 - 'nome' SQL Injection

Coaster CMS 5.5.0 - Cross-Site Scripting

OPAC EasyWeb Five 5.7 - 'biblio' SQL Injection

Joomla! Component Jimtawl 2.2.7 - 'id' SQL Injection

Zechat 1.5 - 'uname' SQL Injection

2.10.18

OPAC EasyWeb Five 5.7 - 'nome' SQL Injection

Coaster CMS 5.5.0 - Cross-Site Scripting

OPAC EasyWeb Five 5.7 - 'biblio' SQL Injection

OPAC EasyWeb Five 5.7 - 'biblio' SQL InjectionLinux Kernel 2.6.x / 3.10.x / 4.14.x (RedHat / Debian / CentOS) (x64) - 'Mutagen...

Billion ADSL Router 400G 20151105641 - Cross-Site Scripting

1.10.18

H2 Database 1.4.196 - Remote Code Execution

Zahir Enterprise Plus 6 build 10b - Buffer Overflow (SEH)

Snes9K 0.0.9z - Denial of Service (PoC)

Flippa Marketplace Clone 1.0 - 'date_started' SQL Injection

Binary MLM Software 1.0 - 'pid' SQL Injection

Singleleg MLM Software 1.0 - 'msg_id' SQL Injection

Education Website 1.0 - 'subject' SQL Injection

Hotel Booking Engine 1.0 - 'h_room_type' SQL Injection

Fork CMS 5.4.0 - Cross-Site Scripting

ManageEngine AssetExplorer 6.2.0 - Cross-Site Scripting

Zahir Enterprise Plus 6 build 10b - Buffer Overflow (SEH)

Snes9K 0.0.9z - Denial of Service (PoC)

30.9.18

PCProtect 4.8.35 - Privilege Escalation

28.9.18

Microsoft Edge - Sandbox Escape Microsoft Edge - Sandbox Escape

PCProtect 4.8.35 - Privilege Escalation

27.9.18

Rausoft ID.prove 2.95 - 'Username' SQL injection

ManageEngine Desktop Central 10.0.271 - Cross-Site Scripting

iWay Data Quality Suite Web Console 10.6.1.ga - XML External Entity Injection

EE 4GEE Mini EE40_00_02.00_44 - Privilege Escalation

Linux - VMA Use-After-Free via Buggy vmacache_flush_all() Fastpath

CrossFont 7.5 - Denial of Service (PoC)

TransMac 12.2 - Denial of Service (PoC)

Linux/ARM - Bind (0.0.0.0:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (92 Bytes)

26.9.18

Joomla! Component Responsive Portfolio 1.6.1 - 'filter_order_Dir' SQL Injection

RICOH MP C406Z Printer - Cross-Site Scripting

RICOH MP 305+ Printer - Cross-Site Scripting

Joomla! Component Timetable Schedule 3.6.8 - SQL Injection

Joomla! Component Article Factory Manager 4.3.9 - SQL Injection

Joomla! Component AlphaIndex Dictionaries 1.0 - SQL Injection

Joomla! Component Reverse Auction Factory 4.3.8 - SQL Injection

Faleemi Desktop Software 1.8.2 - 'Device alias' Local Buffer Overflow (SEH)

Solaris - 'EXTREMEPARR' dtappgather Privilege Escalation (Metasploit)

Easy PhoroResQ 1.0 - Buffer Overflow

WebKit - 'WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded'...

WebKit - 'WebCore::SVGTextLayoutAttributes::context' Use-After-Free

WebKit - 'WebCore::RenderLayer::updateDescendantDependentFlags' Use-After-Free

WebKit - 'WebCore::SVGTRefElement::updateReferencedText' Use-After-Free

WebKit - 'WebCore::RenderMultiColumnSet::updateMinimumColumnHeight' Use-After-Free

WebKit - 'WebCore::InlineTextBox::paint' Out-of-Bounds Read

WebKit - 'WebCore::Node::ensureRareData' Use-After-Free

24.9.18

RICOH MP C6003 Printer - Cross-Site Scripting

Joomla! Component Auction Factory 4.5.5 - 'filter_order' SQL Injection

RICOH Aficio MP 301 Printer - Cross-Site Scripting

Joomla! Component Micro Deal Factory 2.4.0 - 'id' SQL Injection

Joomla! Component AMGallery 1.2.3 - 'filter_category_id' SQL Injection

MyBB Visual Editor 1.8.18 - Cross-Site Scripting

LG SuperSign EZ CMS 2.5 - Remote Code Execution

Beyond Remote 2.2.5.3 - Denial of Service (PoC)

SoftX FTP Client 3.3 - Denial of Service (PoC)

Termite 3.4 - Denial of Service (PoC)

udisks2 2.8.0 - Denial of Service (PoC)

Linux/ARM - sigaction() Based Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) Shellcode...

Linux/ARM - Egghunter (PWN!) + execve("/bin/sh", NULL, NULL) Shellcode (28 Bytes)

22.9.18

WebRTC - FEC Out-of-Bounds Read

WebRTC - VP9 Processing Use-After-Free

21.9.18

NICO-FTP 3.0.1.19 - Buffer Overflow (SEH)

WebRTC - FEC Out-of-Bounds Read

WebRTC - VP9 Processing Use-After-Free

Linux/x86 - Egghunter (0x50905090) + sigaction() Shellcode (27 bytes)

19.9.18

Microsoft Windows - Double Dereference in NtEnumerateKey Elevation of Privilege

Microsoft Windows - 'CiSetFileCache' WDAC Security Feature Bypass TOCTOU

Microsoft Edge Chakra JIT - 'localeCompare' Type Confusion

Microsoft Edge Chakra - 'PathTypeHandlerBase::SetAttributesHelper' Type Confusion

LG SuperSign EZ CMS 2.5 - Local File Inclusion

WordPress Plugin Localize My Post 1.0 - Local File Inclusion

WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion

Roundcube rcfilters plugin 2.1.6 - Cross-Site Scripting

18.9.18

Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution

NUUO NVRMini2 3.8 - 'cgi_system' Buffer Overflow (Enable Telnet)

Linux/ARM - Jump Back Shellcode + execve("/bin/sh", NULL, NULL) Shellcode (4 Bytes)

CA Release Automation NiMi 6.5 - Remote Command Execution

Joomla Component JCK Editor 6.4.4 - 'parent' SQL Injection

Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Scripting

Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service (PoC)

17.9.18

Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service (PoC)

CA Release Automation NiMi 6.5 - Remote Command Execution

Joomla Component JCK Editor 6.4.4 - 'parent' SQL Injection

Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Scripting

Netis ADSL Router DL4322D RTK 2.1.1 - Denial of Service (PoC)

Notebook Pro 2.0 - Denial Of Service (PoC)

XAMPP Control Panel 3.2.2 - Denial of Service (PoC)

16.9.18

Linux/x86 - Random Bytewise XOR + Insertion Encoder Shellcode (54 bytes)

Linux/86 - File Modification(/etc/hosts) Polymorphic Shellcode (99 bytes)

Linux/x86 - Read File (/etc/passwd) MSF Optimized Shellcode (61 bytes)

Linux/x86 - Add User(r00t/blank) Polymorphic Shellcode (103 bytes)

14.9.18

Watchguard AP100 AP102 AP200 1.2.9.15 - Remote Code Execution (Metasploit)

Chrome OS 10820.0.0 dev-channel - app->VM via garcon TCP Command Socket

Linux 4.18 - Arbitrary Kernel Read into dmesg via Missing Address Check in segfault...

TeamViewer App 13.0.100.0 - Denial of Service (PoC) MediaTek Wirless Utility rt2870 - Denial of Service (PoC)

Wordpress Plugin Survey & Poll 1.5.7.3 - 'sss_params' SQL Injection

Watchguard AP100 AP102 AP200 1.2.9.15 - Remote Code Execution (Metasploit)

Free MP3 CD Ripper 2.6 - '.wma' Local Buffer Overflow (SEH)

Faleemi Plus 1.0.2 - Denial of Service (PoC)

InfraRecorder 0.53 - '.txt' Denial of Service (PoC)

CdBurnerXP 4.5.8.6795 - 'File Name' Denial of Service (PoC)

13.9.18

Apache Syncope 2.0.7 - Remote Code Execution

Apache Portals Pluto 3.0.0 - Remote Code Execution

Chrome OS 10820.0.0 dev-channel - app->VM via garcon TCP Command Socket

Socusoft Photo to Video Converter 8.07 - 'Registration Name' Buffer Overflow

Linux 4.18 - Arbitrary Kernel Read into dmesg via Missing Address Check in segfault...

TeamViewer App 13.0.100.0 - Denial of Service (PoC)

MediaTek Wirless Utility rt2870 - Denial of Service (PoC)

12.9.18

Apple macOS 10.13.4 - Denial of Service (PoC)

Android - 'zygote->init;' Chain from USB Privilege Escalation

InTouch Machine Edition 8.1 SP1 - 'Nombre del Tag' Buffer Overflow (SEH)

Bayanno Hospital Management System 4.0 - Cross-Site Scripting

PicaJet FX 2.6.5 - Denial of Service (PoC)

RoboImport 1.2.0.72 - Denial of Service (PoC)

PixGPS 1.1.8 - Denial of Service (PoC)

jiNa OCR Image to Text 1.0 - Denial of Service (PoC)

11.9.18

Apache Struts 2 - Namespace Redirect OGNL Injection (Metasploit)

Bayanno Hospital Management System 4.0 - Cross-Site Scripting

InTouch Machine Edition 8.1 SP1 - 'Nombre del Tag' Buffer Overflow (SEH)

HTML5 Video Player 1.2.5 - Denial of Service (PoC)

10.9.18

Microsoft Baseline Security Analyzer 2.3 - XML External Entity Injection

Apache Struts 2 - Namespace Redirect OGNL Injection (Metasploit)

LW-N605R 12.20.2.1486 - Remote Code Execution

Ghostscript - Failed Restore Command Execution (Metasploit)

Zenmap (Nmap) 7.70 - Denial of Service (PoC)

Any Sound Recorder 2.93 - Denial of Service (PoC)

Flash Slideshow Maker Professional 5.20 - Buffer Overflow (SEH)

Photo To Video Converter Professional 8.07 - Buffer Overflow (SEH)

Socusoft 3GP Photo Slideshow 8.05 - Buffer Overflow (SEH)

SocuSoft iPod Photo Slideshow 8.05 - Buffer Overflow (SEH)

9.9.18

D-Link Dir-600M N150 - Cross-Site Scripting

WirelessHART Fieldgate SWG70 3.0 - Directory Traversal

Apache Roller 5.0.3 - XML External Entity Injection (File Disclosure)

Jorani Leave Management 0.6.5 - 'startdate' SQL Injection

Tenable WAS-Scanner 7.4.1708 - Remote Command Execution

MedDream PACS Server Premium 6.7.1.1 - 'email' SQL Injection

7.9.18

D-Link Dir-600M N150 - Cross-Site Scripting

WirelessHART Fieldgate SWG70 3.0 - Directory Traversal

Apache Roller 5.0.3 - XML External Entity Injection (File Disclosure)

Jorani Leave Management 0.6.5 - 'startdate' SQL Injection

Tenable WAS-Scanner 7.4.1708 - Remote Command Execution

MedDream PACS Server Premium 6.7.1.1 - 'email' SQL Injection

6.9.18

WirelessHART Fieldgate SWG70 3.0 - Directory Traversal

Apache Roller 5.0.3 - XML External Entity Injection (File Disclosure)

Jorani Leave Management 0.6.5 - 'startdate' SQL Injection

Jorani Leave Management 0.6.5 - Cross-Site Scripting

NovaRad NovaPACS Diagnostics Viewer 8.5 - XML External Entity Injection (File Disclosure)

Cisco Umbrella Roaming Client 2.0.168 - Privilege Escalation

5.9.18

Microsoft people 10.1807.2131.0 - Denial of service (PoC)

FTPShell Server 6.80 - 'Add Account Name' Buffer Overflow (SEH)

FUJI XEROX DocuCentre-V 3065 Printer - Remote Command Execution

iSmartViewPro 1.5 - 'DDNS' Buffer Overflow

Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode (20 Bytes)

4.9.18

mooSocial Store Plugin 2.6 - SQL Injection

Simple POS 4.0.24 - 'columns[0][search][value]' SQL Injection

PHP File Browser Script 1 - Directory Traversal

Logicspice FAQ Script 2.9.7 - Remote Code Execution

Online Quiz Maker 1.0 - 'catid' SQL Injection

Admidio 3.3.5 - Cross-Site Request Forgery (Change Permissions)

FsPro Labs Event Log Explorer v4.6.1.2115 - XML External Entity Injection

iSmartViewPro 1.5 - 'DDNS' Buffer Overflow

3.9.18

Microsoft Windows Explorer Out-of-Bound Read - Denial of Service (PoC)

Symantec Mobile Encryption for iPhone 2.1.0 - 'Server' Denial of Service (PoC)

Trend Micro Virtual Mobile Infrastructure 5.5.1336 - 'Server address' Denial of Service...

Wikipedia 12.0 - Denial of Service (PoC)

D-Link DIR-615 - Denial of Service (PoC)

Visual Ping 0.8.0.0 - 'Host' Denial of Service (PoC)

VSAXESS V2.6.2.70 build20171226_053 - 'Nickname' Denial of Service (PoC)

Online Quiz Maker 1.0 - 'catid' SQL Injection

Admidio 3.3.5 - Cross-Site Request Forgery (Change Permissions)

FsPro Labs Event Log Explorer v4.6.1.2115 - XML External Entity Injection

2.9.18

Network Manager VPNC - Username Privilege Escalation (Metasploit)

Argus Surveillance DVR 4.0.0.0 - Privilege Escalation

Acunetix WVS Reporter 10.0 - Denial of Service (PoC)

31.8.18

Cybrotech CyBroHttpServer 1.0.3 - Cross-Site Scripting

WordPress Plugin Quizlord 2.0 - Cross-Site Scripting

DLink DIR-601 - Credential Disclosure

WordPress Plugin Jibu Pro 1.7 - Cross-Site Scripting

Cybrotech CyBroHttpServer 1.0.3 - Directory Traversal

Nord VPN 6.14.31 - Denial of Service (PoC)

NetworkActiv Web Server 4.0 Pre-Alpha-3.7.2 - 'Username' Denial of Service (PoC)

Linux/ARM - read(0, buf, 0xff) stager + execve("/bin/sh", NULL, NULL) Shellcode (28 Bytes)

30.8.18

DLink DIR-601 - Credential Disclosure

WordPress Plugin Jibu Pro 1.7 - Cross-Site Scripting

Cybrotech CyBroHttpServer 1.0.3 - Directory Traversal

Nord VPN 6.14.31 - Denial of Service (PoC)

29.8.18

Windows/x64 (10) - WoW64 Egghunter Shellcode (50 bytes)

Linux/x86 - IPv6 Reverse TCP Shellcode Generator (94 bytes)

Linux/x86 - Dual Network Stack (IPv4 and IPv6) Bind TCP Shellcode

Linux/ARM - execve("/bin/sh", ["/bin/sh"], NULL) Shellcode (32 Bytes)

Linux/MIPS64 - execve(/bin/sh) Shellcode (48 bytes)

Eaton Xpert Meter 13.4.0.10 - SSH Private Key Disclosure

Argus Surveillance DVR 4.0.0.0 - Directory Traversal

Episerver 7 patch 4 - XML External Entity Injection

phpMyAdmin 4.7.x - Cross-Site Request Forgery

R 3.4.4 - Buffer Overflow (SEH)

SIPP 3.3 - Stack-Based Buffer Overflow

Skype Empresarial Office 365 16.0.10730.20053 - 'Dirección de inicio de sesión' Denial of ...

Fathom 2.4 - Denial Of Service (PoC)

ipPulse 1.92 - 'TCP Port' Denial of Service (PoC)

Immunity Debugger 1.85 - Denial of Service (PoC)

NASA openVSP 3.16.1 - Denial of Service (PoC)

28.8.18

Cisco Network Assistant 6.3.3 - 'Cisco Login' Denial of Service (PoC)

Schneider Electric BMX P34 CPU B - Open Redirect

UltraISO 9.7.1.3519 - Buffer Overflow (SEH)

Microsoft Windows - JScript RegExp.lastIndex Use-After-Free

Instagram App 41.1788.50991.0 - Denial of Service (PoC)

27.8.18

Trend Micro Enterprise Mobile Security 2.0.0.1700 - 'Servidor' Denial of Service (PoC)

Firefox 55.0.3 - Denial of Service (PoC)

HP Jetdirect - Path Traversal Arbitrary Code Execution (Metasploit)

Electron WebPreferences - Remote Code Execution

Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (1)

Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (2)

WordPress Plugin Plainview Activity Monitor 20161228 - Command Injection

Responsive FileManager < 9.13.4 - Directory Traversal

Seagate Personal Cloud SRN21C 4.3.16.0 / 4.3.18.0 - SQL Injection

LiteCart 2.1.2 - Arbitrary File Upload

Sentrifugo HRMS 3.2 - 'deptid' SQL Injection

RICOH MP C4504ex Printer - Cross-Site Request Forgery (Add Admin)

Gleez CMS 1.2.0 - Cross-Site Request Forgery (Add Admin)

ManageEngine ADManager Plus 6.5.7 - Cross-Site Scripting

WordPress Plugin Gift Voucher 1.0.5 - 'template_id' SQL Injection

Foxit PDF Reader 9.0.1.1049 - Pointer Overwrite Use-After-Free (Metasploit)

CuteFTP 5.0 - Buffer Overflow

Adobe Flash - AVC Processing Out-of-Bounds Read

Libpango 1.40.8 - Denial of Service (PoC)

26.8.18

Vox TG790 ADSL Router - Cross-Site Request Forgery (Add Admin)

SkypeApp 12.8.487.0 - 'Cuenta de Skype o Microsoft' Denial of Service (PoC)

ManageEngine ADManager Plus 6.5.7 - Cross-Site Scripting

WordPress Plugin Gift Voucher 1.0.5 - 'template_id' SQL Injection

24.8.18

Vox TG790 ADSL Router - Cross-Site Request Forgery (Add Admin)

PCViewer vt1000 - Directory Traversal

Twitter-Clone 1 - 'code' SQL Injection

StyleWriter 4 1.0 - Denial of Service (PoC)

SkypeApp 12.8.487.0 - 'Cuenta de Skype o Microsoft' Denial of Service (PoC)

Epiphany Web Browser 3.28.1 - Denial of Service (PoC)

23.8.18

PCViewer vt1000 - Directory Traversal

Twitter-Clone 1 - 'code' SQL Injection

Windows 10 Diagnostics Hub Standard Collector Service - Privilege Escalation

Epiphany Web Browser 3.28.1 - Denial of Service (PoC)

CuteFTP 8.3.1 - Denial of Service (PoC)

22.8.18

Geutebrueck re_porter 16 - Cross-Site Scripting

Geutebrueck re_porter 7.8.974.20 - Credential Disclosure

KingMedia 4.1 - Remote Code Execution

ZyXEL VMG3312-B10B - Cross-Site Scripting

Windows 10 Diagnostics Hub Standard Collector Service - Privilege Escalation

Ghostscript - Multiple Vulnerabilities

Project64 2.3.2 - Buffer Overflow (SEH)

Easyboot 6.6.0 - Denial Of Service (PoC)

UltraISO 9.7.1.3519 - Denial Of Service (PoC)

Textpad 7.6.4 - Denial Of Service (PoC)

21.8.18

Hikvision IP Camera 5.4.0 - User Enumeration (Metasploit)

Twitter-Clone 1 - 'userid' SQL Injection

Project64 2.3.2 - Denial Of Service (PoC)

OpenSSH 7.7 - Username Enumeration

Wordpress Plugin Ninja Forms 3.3.13 - CSV Injection

20.8.18

Easylogin Pro 1.3.0 - Encryptor.php Unserialize Remote Code Execution

SEIG Modbus 3.4 - Remote Code Execution

SEIG SCADA System 9 - Remote Code Execution

WordPress Plugin Tagregator 0.6 - Cross-Site Scripting

MyBB Moderator Log Notes Plugin 1.1 - Cross-Site Request Forgery

WordPress Plugin Chained Quiz 1.0.8 - 'answer' SQL Injection

Prime95 29.4b7 - Denial Of Service (PoC)

Restorator 1793 - Denial of Service (PoC)

Zortam MP3 Media Studio 23.95 - Denial of Service (PoC)

SEIG Modbus 3.4 - Denial of Service (PoC)

17.8.18

Microsoft Edge Chakra JIT - InitializeNumberFormat and InitializeDateTimeFormat Type...

Microsoft Edge Chakra JIT - 'InlineArrayPush' Type Confusion

Microsoft Edge Chakra JIT - 'DictionaryPropertyDescriptor::CopyFrom' Type Confusion

Microsoft Edge Chakra JIT - Scope Parsing Type Confusion

Microsoft Edge Chakra JIT - ImplicitCallFlags Check Bypass with Intl

CEWE Photoshow 6.3.4 - Denial of Service (PoC)

Central Management Software 1.4.13 - Denial of Service (PoC)

OpenSSH 2.3 < 7.4 - Username Enumeration (PoC)

Mikrotik WinBox 6.42 - Credential Disclosure (golang)

ADM 3.1.2RHG1 - Remote Code Execution

WebkitGTK+ 2.20.3 - 'ImageBufferCairo::getImageData()' Buffer Overflow (PoC)

16.8.18

Pimcore 5.2.3 - SQL Injection / Cross-Site Scripting / Cross-Site Request Forgery

Wordpress Plugin Export Users to CSV 1.1.1 - CSV Injection

OpenEMR 5.0.1.3 - Arbitrary File Actions

WebkitGTK+ 2.20.3 - 'ImageBufferCairo::getImageData()' Buffer Overflow (PoC)

Central Management Software 1.4.13 - Denial of Service (PoC)

ObserverIP Scan Tool 1.4.0.1 - Denial of Service (PoC)

TP-Link WR840N 0.9.1 3.16 - Denial of Service (Po

15.8.18

ASUS-DSL N10 1.1.2.2_17 - Authentication Bypass

ASUSTOR ADM 3.1.0.RFQ3 - Remote Command Execution / SQL Injection

JioFi 4G M2S 1.0.2 - Denial of Service (PoC)

Cloudme 1.9 - Buffer Overflow (DEP) (Metasploit)

Oracle GlassFish Server Open Source Edition 4.1 - Path Traversal (Metasploit)

cgit 1.2.1 - Directory Traversal (Metasploit)

Wansview 1.0.2 - Denial of Service (PoC)

14.8.18

Oracle GlassFish Server Open Source Edition 4.1 - Path Traversal (Metasploit)

cgit 1.2.1 - Directory Traversal (Metasploit)

Cloudme 1.9 - Buffer Overflow (DEP) (Metasploit)

Wansview 1.0.2 - Denial of Service (PoC)

13.8.18

Oracle Weblogic Server - Deserialization Remote Code Execution (Metasploit)

Android - Directory Traversal over USB via Injection in blkid Output

PostgreSQL 9.4-0.5.3 - Privilege Escalation

Monitoring software iSmartViewPro 1.5 - 'SavePath for ScreenShots' Buffer Overflow

Switch Port Mapping Tool 2.81.2 - 'Name Field' Denial of Service (PoC)

PLC Wireless Router GPN2.4P21-C-CN - Denial of Service

Acunetix WVS 10.0 Build 20150623 - Denial of Service (PoC)

IP Finder 1.5 - Denial of Service (PoC)

Linux/x64 - Add Root User (toor/toor) Shellcode (99 bytes)

Microsoft DirectX SDK - 'Xact.exe' Remote Code Execution

IBM Sterling B2B Integrator 5.2.0.1/5.2.6.3 - Cross-Site Scripting

10.8.18

Mikrotik WinBox 6.42 - Credential Disclosure (Metasploit)

reSIProcate 1.10.2 - Heap Overflow

Zimbra 8.6.0_GA_1153 - Cross-Site Scripting

iSmartViewPro 1.5 - 'Password' Buffer Overflow

MyBB Like Plugin 3.0.0 - Cross-Site Scripting

MyBB Thank You/Like Plugin 3.0.0 - Cross-Site Scripting

9.8.18

osTicket 1.10.1 - Arbitrary File Upload

LG-Ericsson iPECS NMS 30M - Directory Traversal

iSmartViewPro 1.5 - 'Account' Buffer Overflow

iSmartViewPro 1.5 - 'Device Alias' Buffer Overflow

TP-Link Wireless N Router WR840N - Denial of Service (PoC)

8.8.18

OpenEMR < 5.0.1 - Remote Code Execution

iSmartViewPro 1.5 - 'Account' Buffer Overflow

iSmartViewPro 1.5 - 'Device Alias' Buffer Overflow

7.8.18

QNap QVR Client 5.0.3.23100 - Denial of Service (PoC)

OpenEMR < 5.0.1 - Remote Code Execution

Open-AudIT Community 2.2.6 - Cross-Site Scripting

Monstra 3.0.4 - Cross-Site Scripting

onArcade 2.4.2 - Cross-Site Request Forgery (Add Admin)

LAMS < 3.1 - Cross-Site Scripting

Subrion CMS 4.2.1 - Cross-Site Scripting

2.8.18

ipPulse 1.92 - 'Licence Key' Denial of Service (PoC)

Switch Port Mapping Tool 2.81 - 'SNMP Community Name' Denial of Service (PoC)

Linux/ARM - Reverse (::1:4444/TCP) Shell +IPv6 Shellcode (116 Bytes)

31.7.18

H2 Database 1.4.197 - Information Disclosure

Charles Proxy 4.2 - Local Privilege Escalation

fusermount - user_allow_other Restriction Bypass and SELinux Label Control

Microsoft Windows Kernel - 'win32k!NtUserConsoleControl' Denial of Service (PoC)

ipPulse 1.92 - 'IP Address/HostName-Comment' Denial of Service (PoC)

30.7.18

Microsoft Windows Kernel - 'win32k!NtUserConsoleControl' Denial of Service (PoC)

ipPulse 1.92 - 'IP Address/HostName-Comment' Denial of Service (PoC)

29.7.18

WordPress Plugin Responsive Thumbnail Slider - Arbitrary File Upload (Metasploit)

SoftNAS Cloud < 4.0.3 - OS Command Injection

Online Trade 1 - Information Disclosure

Skia - Heap Overflow in SkScan::FillPath due to Precision Error

NetScanTools Basic Edition 2.5 - 'Hostname' Denial of Service (PoC)

QNap QVR Client 5.1.1.30070 - 'Password' Denial of Service (PoC)

26.7.18

Trivum Multiroom Setup Tool 8.76 - Corss-Site Request Forgery (Admin Bypass)

10-Strike LANState 8.8 - Local Buffer Overflow (SEH)

10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow (SEH)

25.7.18

10-Strike LANState 8.8 - Local Buffer Overflow (SEH)

10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow (SEH)

GetGo Download Manager 6.2.1.3200 - Denial of Service (PoC)

24.7.18

Microsoft Windows - 'dnslint.exe' Drive-By Download

Windows Speech Recognition - Buffer Overflow

Linux/x86 - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (100 bytes)

Tenda Wireless N150 Router 5.07.50 - Cross-Site Request Forgery (Reboot Router)

Davolink DVW 3200 Router - Password Disclosure

NUUO NVRmini - 'upgrade_handle.php' Remote Command Execution

Splinterware System Scheduler Pro 5.12 - Buffer Overflow (SEH)

22.7.18

MyBB New Threads Plugin 1.1 - Cross-Site Scripting

WordPress Plugin All In One Favicon 4.6 - Cross-Site Scripting

19.7.18

Linux - BPF Sign Extension Local Privilege Escalation (Metasploit)

WordPress Plugin All In One Favicon 4.6 - Cross-Site Scripting

MyBB New Threads Plugin 1.1 - Cross-Site Scripting

HomeMatic Zentrale CCU2 - Remote Code Execution

Modx Revolution < 2.6.4 - Remote Code Execution

FTP2FTP 1.0 - Arbitrary File Download

Open-AudIT Community 2.1.1 - Cross-Site Scripting

Smart SMS & Email Manager 3.3 - 'contact_type_id' SQL Injection

JavaScript Core - Arbitrary Code Execution

18.7.18

HomeMatic Zentrale CCU2 - Remote Code Execution

Nanopool Claymore Dual Miner - APIs Remote Code Execution (Metasploit)

QNAP Q'Center - 'change_passwd' Command Execution (Metasploit)

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Default Credentials

Modx Revolution < 2.6.4 - Remote Code Execution

FTP2FTP 1.0 - Arbitrary File Download

Open-AudIT Community 2.1.1 - Cross-Site Scripting

Smart SMS & Email Manager 3.3 - 'contact_type_id' SQL Injection

17.7.18

Microsoft Enterprise Mode Site List Manager - XML External Entity Injection

macOS/iOS - JavaScript Injection Bug in OfficeImporter

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Default Credentials

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Remote Root

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - File Manipulation

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Configuration Download

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Denial of Service

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Cross-Site Request Forgery

WordPress Plugin Job Manager 4.1.0 - Cross-Site Scripting

VelotiSmart WiFi B-380 Camera - Directory Traversal

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Restricted Shell Escape

Linux/x64 - Reverse (::1:1337/TCP) + IPv6 + Password (pwnd) Shellcode (115 bytes)

Linux/ARM - Bind (1234/TCP) Shell (/bin/sh) Shellcode (104 bytes)

12.7.18

Microsoft Edge Chakra JIT - Type Confusion with Hoisted SetConcatStrMultiItemBE...

Microsoft Edge Chakra JIT - BoundFunction::NewInstance Out-of-Bounds Read

Microsoft Edge Chakra JIT - Out-of-Bounds Reads/Writes

IBM QRadar SIEM - Unauthenticated Remote Code Execution (Metasploit)

Dicoogle PACS 2.5.0 - Directory Traversal

Instagram-Clone Script 2.0 - Cross-Site Scripting

Linux Kernel < 4.13.9 (Ubuntu 16.04/Fedora 27) - Local Privilege Escalation

11.7.18

D-Link DIR601 2.02 - Credential Disclosure

Elektronischer Leitz-Ordner 10 - SQL Injection

WolfSight CMS 3.2 - SQL Injection

Oracle WebLogic 12.1.2.0 - RMI Registry UnicastRef Object Java Deserialization Remote...

7.7.18

PolarisOffice 2017 8 - Remote Code Execution

Airties AIR5444TT - Cross-Site Scripting

6.7.18

PolarisOffice 2017 8 - Remote Code Execution

5.7.18

ADB Broadband Gateways / Routers - Privilege Escalation

ADB Broadband Gateways / Routers - Local Root Jailbreak

ADB Broadband Gateways / Routers - Authorization Bypass

SoftExpert Excellence Suite 2.0 - 'cddocument' SQL Injection

4.7.18

ShopNx - Arbitrary File Upload

Online Trade - Information Disclosure

ManageEngine Exchange Reporter Plus < Build 5311 - Remote Code Execution

CMS Made Simple 2.2.5 - Remote Code Execution

ntop-ng < 3.4.180617 - Authentication Bypass

ModSecurity 3.0.0 - Cross-Site Scripting

Boxoft WAV to MP3 Converter 1.1 - Buffer Overflow (Metasploit)

openslp 2.0.0 - Double-Free

3.7.18

Nagios XI 5.2.6-5.4.12 - Chained Remote Code Execution (Metasploit)

FTPShell Client 6.70 (Enterprise Edition) - Stack Buffer Overflow (Metasploit)

Dolibarr ERP CRM < 7.0.3 - PHP Code Injection

DAMICMS 6.0.0 - Cross-Site Request Forgery (Add Admin)

2.7.18

VMware NSX SD-WAN Edge < 3.1.2 - Command Injection

Nagios XI 5.2.6-5.4.12 - Chained Remote Code Execution (Metasploit)

FTPShell client 6.70 (Enterprise edition) - Stack Buffer Overflow (Metasploit)

Dolibarr ERP CRM < 7.0.3 - PHP Code Injection

DAMICMS 6.0.0 - Cross-Site Request Forgery (Add Admin)

Geutebruck 5.02024 G-Cam/EFD-2250 - 'simple_loglistjs.cgi' Remote Command Execution...

Enhanced Mitigation Experience Toolkit (EMET) - XML External Entity Injection

Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow (PoC)

SIPp 3.6 - Local Buffer Overflow (PoC)

Core FTP LE 2.2 - Buffer Overflow (PoC)

Linux/x86 - Execve /bin/cat /etc/passwd Shellcode (37 bytes)

29.6.18

Cisco Adaptive Security Appliance - Path Traversal

DIGISOL DG-HR3400 Wireless Router - Cross-Site Scripting

28.6.18

Quest KACE Systems Management - Command Injection (Metasploit)

HPE VAN SDN 2.7.18.0503 - Remote Root

Wordpress < 4.9.6 - (Authenticated) Arbitrary File Deletion

DIGISOL DG-HR3400 Wireless Router - Cross-Site Scripting

hycus CMS 1.0.4 - Authentication Bypass

HongCMS 3.0.0 - SQL Injection

BEESCMS 4.0 - Cross-Site Request Forgery (Add Admin)

27.6.18

Liferay Portal < 7.0.4 - Server-Side Request Forgery

PoDoFo 0.9.5 - Buffer Overflow

26.6.18

Liferay Portal < 7.0.4 - Server-Side Request Forgery

PoDoFo 0.9.5 - Buffer Overflow

25.6.18

Travel Agency 1.1 - 'cid' SQL Injection

WordPress Plugin iThemes Security < 7.0.3 - SQL Injection

Wordpress Plugin Comments Import & Export < 2.0.4 - CSV Injection

Intex Router N-150 - Arbitrary File Upload

Ecessa ShieldLink SL175EHQ < 10.7.4 - Cross-Site Request Forgery (Add Superuser)

AsusWRT RT-AC750GF - Cross-Site Request Forgery (Change Admin Password)

Ecessa WANWorx WVR-30 < 10.7.4 - Cross-Site Request Forgery (Add Superuser)

DIGISOL DG-BR4000NG - Cross-Site Scripting

DIGISOL DG-BR4000NG - Buffer Overflow (PoC)

22.6.18

phpMyAdmin 4.8.1 - Local File Inclusion

phpLDAPadmin 1.2.2 - 'server_id' LDAP Injection (Username)

GreenCMS 2.3.0603 - Information Disclosure

LFCMS 3.7.0 - Cross-Site Request Forgery (Add Admin)

LFCMS 3.7.0 - Cross-Site Request Forgery (Add User)

Dell EMC RecoverPoint < 5.1.2 - Local Root Command Execution

21.6.18

Windows 10 - Desktop Bridge Virtual Registry CVE-18-0880 Incomplete Fix Privilege...

Windows 10 - Desktop Bridge Activation Arbitrary Directory Creation Privilege Escalation

ntp 4.2.8p11 - Local Buffer Overflow (PoC)

Redis 5.0 - Denial of Service

VideoInsight WebClient 5 - SQL Injection

IPConfigure Orchid VMS 2.0.5 - Directory Traversal Information Disclosure (Metasploit)

Apache CouchDB < 2.1.0 - Remote Code Execution

TP-Link TL-WA850RE - Remote Command Execution

NewMark CMS 2.1 - 'sec_id' SQL Injection

20.6.18

Apache CouchDB < 2.1.0 - Remote Code Execution

TP-Link TL-WA850RE - Remote Command Execution

NewMark CMS 2.1 - 'sec_id' SQL Injection

MaDDash 2.0.2 - Directory Listing

Mirasys DVMS Workstation 5.12.6 - Path Traversal

ntp 4.2.8p11 - Local Buffer Overflow (PoC)

Redis 5.0 - Denial of Service

19.6.18

Microsoft COM for Windows - Privilege Escalation

Redis-cli < 5.0 - Buffer Overflow (PoC)

18.6.18

Redatam Web Server < 7 - Directory Traversal

RabbitMQ Web Management < 3.7.6 - Cross-Site Request Forgery

Joomla! Component jomres 9.11.2 - Cross-Site Request Forgery

Redis-cli < 5.0 - Buffer Overflow (PoC)

Audiograbber 1.83 - Local Buffer Overflow (SEH)

Pale Moon Browser < 27.9.3 - Use After Free (PoC)

Nikto 2.1.6 - CSV Injection

17.6.18

Dimofinf CMS 3.0.0 - Cross-Site Scripting

OEcms 3.1 - Cross-Site Scripting

Soroush IM Desktop app 0.15 - Authentication Bypass

15.6.18

Dimofinf CMS 3.0.0 - Cross-Site Scripting

OEcms 3.1 - Cross-Site Scripting

Joomla Component Ek rishta 2.10 - SQL Injection

Soroush IM Desktop app 0.15 - Authentication Bypass

rtorrent 0.9.6 - Denial of Service

14.6.18

DHCP Client - Command Injection (DynoRoot) (Metasploit)

Joomla Component Ek rishta 2.10 - SQL Injection

Redaxo CMS Mediapool Addon < 5.5.1 - Arbitrary File Upload

MACCMS 10 - Cross-Site Request Forgery (Add User)

RSLinx Classic and FactoryTalk Linx Gateway - Privilege Escalation

glibc - 'realpath()' Privilege Escalation (Metasploit)

Microsoft Windows 10 - Child Process Restriction Mitigation Bypass

13.6.18

MACCMS 10 - Cross-Site Request Forgery (Add User)

Canon LBP6030w - Authentication Bypass

Canon LBP7110Cw - Authentication Bypass

WordPress Ultimate Form Builder Lite Plugin < 1.3.7 - SQL Injection

WordPress Google Map Plugin < 4.0.4 - SQL Injection

12.6.18

WordPress Ultimate Form Builder Lite Plugin < 1.3.7 - SQL Injection

WordPress Google Map Plugin < 4.0.4 - SQL Injection

Canon PrintMe EFI - Cross-Site Scripting

OX App Suite 7.8.4 - Multiple Vulnerabilities

Joomla! Component EkRishta 2.10 - 'username' SQL Injection

11.6.18

 

Schools Alert Management Script - Arbitrary File Read

Schools Alert Management Script - 'get_sec.php' SQL Injection

userSpice 4.3.24 - Username Enumeration

userSpice 4.3.24 - 'X-Forwarded-For' Cross-Site Scripting

Schools Alert Management Script - Arbitrary File Deletion

Joomla! Component EkRishta 2.10 - 'cid' SQL Injection

Event Manager Admin panel - 'events_new.php' SQL injection

Schools Alert Management Script - SQL Injection

WebKitGTK+ < 2.21.3 - 'WebKitFaviconDatabase' DoS

22.5.18

Superfood 1.0 - Multiple Vulnerabilities

21.5.18

Superfood 1.0 - Multiple Vulnerabilities

mySCADA myPRO 7 - Hard-Coded Credentials

Superfood 1.0 - Multiple Vulnerabilities

Joomla! Component EkRishta 2.10 - Cross-Site Scripting / SQL Injection

19.5.18

mySCADA myPRO 7 - Hard-Coded Credentials

Joomla! Component EkRishta 2.10 - Cross-Site Scripting / SQL Injection

Adobe Enterprise Manager (AEM) < 6.3 - Remote Code Execution

D-Link DSL-3782 - Authentication Bypass

HPE iMC 7.3 - Remote Code Execution (Metasploit)

SAP B2B / B2C CRM 2.x < 4.x - Local File Inclusion

Infinity Market Classified Ads Script 1.6.2 - Cross-Site Request Forgery

Cisco SA520W Security Appliance - Path Traversal

Linux 4.8.0 < 4.8.0-46 - AF_PACKET packet_set_ring Privilege Escalation (Metasploit)

DynoRoot DHCP - Client Command Injection

Microsoft Edge Chakra JIT - Bound Check Elimination Bug

18.5.18

Healwire Online Pharmacy 3.0 - Persistent Cross-Site Scripting / Cross-Site Request...

Microsoft Edge Chakra JIT - Bound Check Elimination Bug

17.5.18

Apache Struts 2 - Struts 1 Plugin Showcase OGNL Code Execution (Metasploit)

Jenkins CLI - HTTP Java Deserialization (Metasploit)

Nanopool Claymore Dual Miner 7.3 - Remote Code Execution

Powerlogic/Schneider Electric IONXXXX Series - Cross-Site Request Forgery

Linux < 4.16.9 / < 4.14.41 - 4-byte Infoleak via Uninitialized Struct Field in compat...

Powerlogic/Schneider Electric IONXXXX Series - Cross-Site Request Forgery

SuperCom Online Shopping Ecommerce Cart 1 - Persistent Cross-Site scripting / Cross site...

Nanopool Claymore Dual Miner 7.3 - Remote Code Execution

Intelbras NCLOUD 300 1.0 - Authentication bypass

NodAPS 4.0 - SQL injection / Cross-Site Request Forgery

16.5.18

Microsoft Windows - Token Process Trust SID Access Check Bypass Privilege Escalation

WhatsApp 2.18.31 - Memory Corruption

Inteno IOPSYS 2.0 - 4.2.0 p910nd - Remote Command Execution

RSA Authentication Manager 8.2.1.4.0-build1394922 / < 8.3 P1 - XML External Entity...

WordPress Plugin Metronet Tag Manager 1.2.7 - Cross-Site Request Forgery

totemomail Encryption Gateway 6.0.0 Build 371 - Cross-Site Request Forgery

Horse Market Sell & Rent Portal Script 1.5.7 - Cross-Site Request Forgery

Multiplayer BlackJack Online Casino Game 2.5 - Persistent Cross-Site Scripting

Rockwell Scada System 27.011 - Cross-Site Scripting

VirtueMart 3.1.14 - Persistent Cross-Site Scripting

MyBB Admin Notes Plugin 1.1 - Cross-Site Request Forgery

Libuser - roothelper Privilege Escalation (Metasploit)

15.5.18

XATABoost 1.0.0 - SQL Injection

Monstra CMS 3.0.4 - Remote Code Execution

2345 Security Guard 3.7 - '2345NsProtect.sys' Denial of Service

Linux/x86 - Reverse TCP (127.0.0.1:4444/TCP) Shell (/bin/sh) Shellcode (96 Bytes)

12.5.18

Open-AudIT Community - 2.2.0 – Cross-Site Scripting

Open-AudIT Professional - 2.1.1 - Cross-Site Scripting

EMC RecoverPoint 4.3 - 'Admin CLI' Command Injection

2345 Security Guard 3.7 - '2345BdPcSafe.sys' Denial of Service

Microsoft Windows 2003 SP2 - 'RRAS' SMB Remote Code Execution

WUZHI CMS 4.1.0 - 'tag[pinyin]' Cross-Site Scripting

11.5.18

Mantis 1.1.3 - 'manage_proj_page' PHP Code Execution (Metasploit)

MyBB Latest Posts on Profile Plugin 1.1 - Cross-Site Scripting

Dell Touchpad - 'ApMsgFwd.exe' Denial of Service

Open-AudIT Community - 2.2.0 – Cross-Site Scripting

Open-AudIT Professional - 2.1.1 - Cross-Site Scripting

10.5.18

Dell Touchpad - 'ApMsgFwd.exe' Denial of Service

Linux/x86 - Read /etc/passwd Shellcode (62 bytes)

MyBB Latest Posts on Profile Plugin 1.1 - Cross-Site Scripting

ModbusPal 1.6b - XML External Entity Injection

9.5.18

Linux/x86 - Bind TCP Shell + fork() Shellcode (113 bytes)

GNU wget - Cookie Injection

2345 Security Guard 3.7 - Denial of Service

8.5.18

FTPShell Client 6.7 - Buffer Overflow

PlaySMS 1.4 - sendfromfile.php Authenticated "Filename" Field Code Execution (Metasploit)

PlaySMS - import.php Authenticated CSV File Upload Code Execution (Metasploit)

Palo Alto Networks - readSessionVarsFromFile() Session Corruption (Metasploit)

7.5.18

WordPress Plugin User Role Editor < 4.25 - Privilege Escalation

CSP MySQL User Manager 2.3.1 - Authentication Bypass

DeviceLock Plug and Play Auditor 5.72 - Unicode Buffer Overflow (SEH)

HWiNFO 5.82-3410 - Denial of Service

6.5.18

Google Chrome V8 - Object Allocation Size Integer Overflow

Windows WMI - Recieve Notification Exploit (Metasploit)

IceWarp Mail Server < 11.1.1 - Directory Traversal

WordPress Plugin WF Cookie Consent 1.1.3 - Cross-Site Scripting

4.5.18

GPON Routers - Authentication Bypass / Command Injection

Call of Duty Modern Warefare 2 - Buffer Overflow

TBK DVR4104 / DVR4216 - Credentials Leak

Schneider Electric InduSoft Web Studio and InTouch Machine Edition - Denial of Service

3.5.18

Windows - Local Privilege Escalation

GPON Routers - Authentication Bypass / Command Injection

Call of Duty Modern Warefare 2 - Buffer Overflow

TBK DVR4104 / DVR4216 - Credentials Leak

Norton Core Secure WiFi Router - 'BLE' Command Injection (PoC)

Exim < 4.90.1 - 'base64d' Remote Code Execution

Metasploit Framework - 'msfd' Remote Code Execution (Metasploit)

Metasploit Framework - 'msfd' Remote Code Execution (via Browser) (Metasploit)

xdebug < 2.5.5 - Unauthenticated OS Command Execution (Metasploit)

Cockpit CMS 0.4.4 < 0.5.5 - Server-Side Request Forgery

Adobe Reader PDF - Client Side Request Injection

Easy MPEG to DVD Burner 1.7.11 - Local Buffer Overflow (SEH)

LibreOffice/Open Office - '.odt' Information Disclosure

Schneider Electric InduSoft Web Studio and InTouch Machine Edition - Denial of Service

WebKit - 'WebCore::jsElementScrollHeightGetter' Use-After-Free

Linux Kernel < 4.17-rc1 - 'AF_LLC' Double Free

2.5.18

WordPress Plugin Responsive Cookie Consent 1.7 / 1.6 / 1.5 - Authenticated Persistent...

1.5.18

Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code (Metasploit)

Wordpress Responsive Cookie Consent 1.7 / 1.6 / 1.5 - Authenticated Persistent Cross-Site...

30.4.18

macOS/iOS - ReportCrash mach port Replacement due to Failure to Respect MIG Ownership...

macOS 10.13.2 - Double mach_port_deallocate in kextd due to Failure to Comply with MIG...

Navicat < 12.0.27 - Oracle Connection Overflow

Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code (Metasploit)

Oracle Weblogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.2 / 12.2.1.3 - Deserialization Remote...

Nagios XI 5.2.[6-9], 5.3, 5.4 - Chained Remote Root

WordPress Plugin Form Maker 1.12.20 - CSV Injection

29.4.18

Oracle Weblogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.2 / 12.2.1.3 - Deserialization Remote...

27.4.18

Frog CMS 0.9.5 - Persistent Cross-Site Scripting

TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Unauthenticated Remote Reboot

GitList 0.6 - Unauthenticated Remote Code Execution

MyBB Threads to Link Plugin 1.3 - Cross-Site Scripting

Allok AVI to DVD SVCD VCD Converter 4.0.1217 - Buffer Overflow (SEH)

26.4.18

October CMS User Plugin v1.4.5 - Persistent Cross-Site Scripting

SickRage < v18.03.09 - Clear-Text Credentials HTTP Response

WordPress Plugin WP with Spritz 1.0 - Remote File Inclusion

Jfrog Artifactory < 4.16 - Unauthenticated Arbitrary File Upload / Remote Command...

Drupal < 7.58 - 'drupalgeddon3' Authenticated Remote Code Execution (PoC)

Chrome V8 JIT - Arrow Function Scope Fixing Bug

Chrome V8 JIT - 'AwaitedPromise' Update Bug

Chrome V8 JIT - 'NodeProperties::InferReceiverMaps' Type Confusion

Adobe Flash - Out-of-Bounds Write in blur Filtering

Adobe Flash - Info Leak in Image Inflation

Adobe Flash - Overflow in Slab Rendering

Adobe Flash - Overflow when Playing Sound

HRSALE The Ultimate HRM v1.0.2 - Local File Inclusion

HRSALE The Ultimate HRM 1.0.2 - Authenticated Cross-Site Scripting

HRSALE The Ultimate HRM v1.0.2 - 'award_id' SQL Injection

HRSALE The Ultimate HRM v1.0.2 - CSV Injection

Blog Master Pro v1.0 - CSV Injection

Shopy Point of Sale v1.0 - CSV Injection

13.4.18

Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution

Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)

Joomla Convert Forms version 2.0.3 - Formula Injection (CSV Injection)

12.4.18

Linux/x64 - x64 Assembly Shellcode (Generator)

11.4.18

Google Chrome V8 JIT - 'LoadElimination::ReduceTransitionElementsKind' Type Confusion

WordPress Plugin WordPress File Upload 4.3.3 - Stored XSS

WordPress File Upload Plugin 4.3.2 - Stored Cross Site Scripting

Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager - Invalid...

WUZHI CMS 4.1.0 - ‘Add User Account’ Cross-Site Request Forgery

WUZHI CMS 4.1.0 - ‘Add Admin Account’ Cross-Site Request Forgery

Wordpress Plugin Activity Log 2.4.0 - Stored Cross Site Scripting

iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting

DVD X Player Standard 5.5.3.9 - Buffer Overflow

10.4.18

iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting

9 .4.18

WordPress Plugin Google Drive 2.2 - Remote Code Execution

iScripts SonicBB 1.0 - Reflected Cross-Site Scripting

WooCommerce CSV-Importer-Plugin 3.3.6 - Remote Code Execution

Buddypress Xprofile Custom Fields Type 2.6.3 - Remote Code Execution

KYOCERA Net Admin 3.4 - Cross Site Request Forgery - Add Admin Exploit

KYOCERA Multi-Set Template Editor 3.4 - Out-Of-Band XML External Entity Injection

CyberArk Password Vault Web Access < 9.9.5 / < 9.10 / 10.1 - Remote Code Execution

WordPress Plugin Simple Fields 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code...

Yahei PHP Prober 0.4.7 - Cross-Site Scripting

WolfCMS 0.8.3.1 - Open Redirection

MyBB Plugin Recent Threads On Index - Cross-Site Scripting

Cobub Razor 0.7.2 - Add New Superuser Account

WolfCMS 0.8.3.1 - Cross Site Request Forgery

PMS 0.42 - Local Stack-Based Overflow (ROP)

GoldWave 5.70 - Local Buffer Overflow (SEH Unicode)

H2 Database - 'Alias' Arbitrary Code Execution

CyberArk Password Vault < 9.7 / < 10 - Memory Disclosure

WebKit - WebAssembly Parsing Does not Correctly Check Section Order

8.4.18

LineageOS 14.1 Blueborne - Remote Code Execution

Cobub Razor 0.7.2 - Cross Site Request Forgery

DotNetNuke DNNarticle Module 11 - Directory Traversal

FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass

6 .4.18

Sophos Endpoint Protection Control Panel 10.7 - Weak Password Encryption

Sophos Endpoint Protection 10.7 - Tamper-Protection Bypass

GetSimple CMS 3.3.13 - Cross-Site Scripting

Z-Blog 1.5.1.1740 - Full Path Disclosure

Z-Blog 1.5.1.1740 - Cross-Site Scripting

YzmCMS 3.6 - Cross-Site Scripting

5 .4.18

Microsoft Windows - Multiple Use-After-Free Issues in jscript Array Methods

Microsoft Windows Defender - 'mpengine.dll' Memory Corruption

ProcessMaker - Plugin Upload (Metasploit)

Joomla! Component JS Jobs 1.2.0 - Cross-Site Scripting

MyBB Plugin Downloads 2.0.3 - Cross-Site Scripting

3 .4.18

 

Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix 2)

Microsoft Edge Chakra JIT- Stack-to-Heap Copy (Incomplete Fix)

Google Chrome V8 - 'Genesis::InitializeGlobal' Out-of-Bounds Read/Write

Google Chrome V8 - 'ElementsAccessorBase::CollectValuesOrEntriesImpl' Type Confusion

Secutech RiS-11/RiS-22/RiS-33 - Remote DNS Change

OpenCMS 10.5.3 - Cross-Site Scripting

OpenCMS 10.5.3 - Cross-Site Request Forgery

DLink DIR-601 - Admin Password Disclosure

VideoFlow Digital Video Protection (DVP) 2.10 - Hard-Coded Credentials

VideoFlow Digital Video Protection (DVP) 2.10 - Directory Traversal

WampServer 3.1.2 - Cross-Site Request Forgery

WebLog Expert Enterprise 9.4 - Privilege Escalatio

2 .4.18

DLink DIR-601 - Admin Password Disclosure

VideoFlow Digital Video Protection (DVP) 2.10 - Hard-Coded Credentials

VideoFlow Digital Video Protection (DVP) 2.10 - Directory Traversal

WampServer 3.1.2 - Cross-Site Request Forgery

WampServer 3.1.1 - Cross-Site Scripting / Cross-Site Request Forgery

Frog CMS 0.9.5 - Cross-Site Request Forgery (Add User)

WebLog Expert Enterprise 9.4 - Privilege Escalation s

1 .4.18

Advantech WebAccess < 8.1 - webvrpcs DrawSrv.dll Path BwBuildPath Stack-Based Buffer...

Tenda FH303/A300 Firmware V5.07.68_EN - Remote DNS Change

Tenda W3002R/A302/w309r Wireless Router V5.07.64_en - Remote DNS Change (PoC)

Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload (Metasploit)

D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router - Authentication Bypass

Tenda W316R Wireless Router 5.07.50 - Remote DNS Change

osCommerce 2.3.4.1 - Remote Code Execution

Tenda W308R v2 Wireless Router 5.07.48 - Cookie Session Weakness Remote DNS Change

WordPress Plugin WP Security Audit Log 3.1.1 - Sensitive Information Disclosure

Joomla! Component AcySMS 3.5.0 - CSV Macro Injection

Joomla! Component Acymailing Starter 5.9.5 - CSV Macro Injection

Homematic CCU2 2.29.23 - Remote Command Execution

WordPress Plugin Contact Form 7 to Database Extension 2.10.32 - CSV Injection

WordPress Plugin Relevanssi 4.0.4 - Reflected Cross-Site Scripting

MiniCMS 1.10 - Cross-Site Request Forgery

Homematic CCU2 2.29.23 - Arbitrary File Write

Open-AuditIT Professional 2.1 - Cross-Site Request Forgery

Faleemi Windows Desktop Software - (DDNS/IP) Local Buffer Overflow

Allok WMV to AVI MPEG DVD WMV Converter 4.6.1217 - Buffer Overflow

Allok Video Joiner 4.6.1217 - Stack-Based Buffer Overflow

Allok AVI DivX MPEG to DVD Converter 2.6.1217 - Buffer Overflow (SEH)

Systematic SitAware - NVG Denial of Service

SysGauge 4.5.18 - Local Denial of Service

31 .3.18

Exodus Wallet (ElectronJS Framework) - Remote Code Execution (Metasploit)

Joomla Component Fields - SQLi Remote Code Execution (Metasploit)

30 .3.18

Exodus Wallet (ElectronJS Framework) - Remote Code Execution (Metasploit)

GitStack - Unsanitized Argument Remote Code Execution (Metasploit)

Joomla Component Fields - SQLi Remote Code Execution (Metasploit)

29 .3.18

Microsoft Windows Remote Assistance - XML External Entity Injection

TwonkyMedia Server 7.0.11-8.5 - Persistent Cross-Site Scripting

TwonkyMedia Server 7.0.11-8.5 - Directory Traversal

ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)

TestLink Open Source Test Management < 1.9.16 - Remote Code Execution (PoC)

ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)

28 .3.18

ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)

27 .3.18

ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)

26 .3.18

Acrolinx Server < 5.2.5 - Directory Traversal

Laravel Log Viewer < 0.13.0 - Local File Download

LabF nfsAxe 3.7 - Privilege Escalation

Fast AVI MPEG Splitter 1.2 - Stack-Based Buffer Overflow

23 .3.18

Linux Kernel < 4.15.4 - 'show_floppy' KASLR Address Leak

Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion

MyBB Plugin Last User's Threads in Profile Plugin 1.2 - Persistent Cross-Site Scripting

XenForo 2 - CSS Loader Denial of Service

TL-WR720N 150Mbps Wireless N Router - Cross-Site Request Forgery

Hikvision IP Camera versions 5.2.0 - 5.3.9 (Builds 140721 - 170109) - Access Control...

Easy CD DVD Copy 1.3.24 - Local Buffer Overflow (SEH)

Crashmail 1.6 - Stack-Based Buffer Overflow ( ROP execve )

Allok Quicktime to AVI MPEG DVD Converter 4.6.1217 - Stack-Based Buffer Overflow

Linux Kernel < 4.15.4 - 'show_floppy' KASLR Address Leak

Easy Avi Divx Xvid to DVD Burner 2.9.11 - '.avi' Denial of Service

WM Recorder 16.8.1 - Denial of Service

Dell EMC NetWorker - Denial of Service

Android Bluetooth - BNEP BNEP_SETUP_CONNECTION_REQUEST_MSG Out-of-Bounds Read

Android Bluetooth - BNEP bnep_data_ind() Remote Heap Disclosure

21 .3.18

Microsoft Windows - Desktop Bridge Virtual Registry NtLoadKey Arbitrary File Read/Write...

Microsoft Windows - Desktop Bridge Virtual Registry Arbitrary File Read/Write Privilege...
Microsoft Windows - Desktop Bridge VFS Privilege Escalation

Microsoft Windows Kernel - 'nt!NtWaitForDebugEvent' 64-bit Stack Memory Disclosure

Microsoft Windows Kernel - 'nt!KiDispatchException' 64-bit Stack Memory Disclosure

Microsoft Windows Kernel - 'NtQueryInformationThread(ThreadBasicInformation)' 64-bit...

Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)' 64-bit...

Google Software Updater macOS - Unsafe use of Distributed Objects Privilege Escalation

Cisco node-jos < 0.11.0 - Re-sign Tokens

Vehicle Sales Management System - Multiple Vulnerabilities

Intelbras Telefone IP TIP200 LITE - Local File Disclosure
Cisco node-jos < 0.11.0 - Re-sign Tokens

Linux/x86 - execve(/bin/sh) Shellcode (18 bytes)

19 .3.18

Linux Kernel < 4.4.0-21 (Ubuntu 16.04 x64) - 'netfilter target_offset' Local Privilege...

Linux Kernel < 3.5.0-23 (Ubuntu 12.04.2 x64) - 'SOCK_DIAG' SMEP Bypass Local Privilege...

Linux Kernel < 4.4.0-116 (Ubuntu 16.04.4) - Local Privilege Escalation

18 .3.18

Firefox 44.0.2 - ASM.JS JIT-Spray Remote Code Execution
Firefox 46.0.1 - ASM.JS JIT-Spray Remote Code Execution

MikroTik RouterOS < 6.41.3/6.42rc27 - SMB Buffer Overflow

SAP NetWeaver AS JAVA CRM - Log injection Remote Command Execution

Contec Smart Home 4.15 - Unauthorized Password Reset

Android DRM Services - Buffer Overflow

10.5.18

Dell Touchpad - 'ApMsgFwd.exe' Denial of Service

Linux/x86 - Read /etc/passwd Shellcode (62 bytes)

MyBB Latest Posts on Profile Plugin 1.1 - Cross-Site Scripting

ModbusPal 1.6b - XML External Entity Injection

9.5.18

Linux/x86 - Bind TCP Shell + fork() Shellcode (113 bytes)

GNU wget - Cookie Injection

2345 Security Guard 3.7 - Denial of Service

8.5.18

FTPShell Client 6.7 - Buffer Overflow

PlaySMS 1.4 - sendfromfile.php Authenticated "Filename" Field Code Execution (Metasploit)

PlaySMS - import.php Authenticated CSV File Upload Code Execution (Metasploit)

Palo Alto Networks - readSessionVarsFromFile() Session Corruption (Metasploit)

7.5.18

WordPress Plugin User Role Editor < 4.25 - Privilege Escalation

CSP MySQL User Manager 2.3.1 - Authentication Bypass

DeviceLock Plug and Play Auditor 5.72 - Unicode Buffer Overflow (SEH)

HWiNFO 5.82-3410 - Denial of Service

6.5.18

Google Chrome V8 - Object Allocation Size Integer Overflow

Windows WMI - Recieve Notification Exploit (Metasploit)

IceWarp Mail Server < 11.1.1 - Directory Traversal

WordPress Plugin WF Cookie Consent 1.1.3 - Cross-Site Scripting

4.5.18

GPON Routers - Authentication Bypass / Command Injection

Call of Duty Modern Warefare 2 - Buffer Overflow

TBK DVR4104 / DVR4216 - Credentials Leak

Schneider Electric InduSoft Web Studio and InTouch Machine Edition - Denial of Service

3.5.18

Windows - Local Privilege Escalation

GPON Routers - Authentication Bypass / Command Injection

Call of Duty Modern Warefare 2 - Buffer Overflow

TBK DVR4104 / DVR4216 - Credentials Leak

Norton Core Secure WiFi Router - 'BLE' Command Injection (PoC)

Exim < 4.90.1 - 'base64d' Remote Code Execution

Metasploit Framework - 'msfd' Remote Code Execution (Metasploit)

Metasploit Framework - 'msfd' Remote Code Execution (via Browser) (Metasploit)

xdebug < 2.5.5 - Unauthenticated OS Command Execution (Metasploit)

Cockpit CMS 0.4.4 < 0.5.5 - Server-Side Request Forgery

Adobe Reader PDF - Client Side Request Injection

Easy MPEG to DVD Burner 1.7.11 - Local Buffer Overflow (SEH)

LibreOffice/Open Office - '.odt' Information Disclosure

Schneider Electric InduSoft Web Studio and InTouch Machine Edition - Denial of Service

WebKit - 'WebCore::jsElementScrollHeightGetter' Use-After-Free

Linux Kernel < 4.17-rc1 - 'AF_LLC' Double Free

2.5.18

WordPress Plugin Responsive Cookie Consent 1.7 / 1.6 / 1.5 - Authenticated Persistent...

1.5.18

Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code (Metasploit)

Wordpress Responsive Cookie Consent 1.7 / 1.6 / 1.5 - Authenticated Persistent Cross-Site...

30.4.18

macOS/iOS - ReportCrash mach port Replacement due to Failure to Respect MIG Ownership...

macOS 10.13.2 - Double mach_port_deallocate in kextd due to Failure to Comply with MIG...

Navicat < 12.0.27 - Oracle Connection Overflow

Drupal < 7.58 - 'Drupalgeddon3' Authenticated Remote Code (Metasploit)

Oracle Weblogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.2 / 12.2.1.3 - Deserialization Remote...

Nagios XI 5.2.[6-9], 5.3, 5.4 - Chained Remote Root

WordPress Plugin Form Maker 1.12.20 - CSV Injection

29.4.18

Oracle Weblogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.2 / 12.2.1.3 - Deserialization Remote...

27.4.18

Frog CMS 0.9.5 - Persistent Cross-Site Scripting

TP-Link Technologies TL-WA850RE Wi-Fi Range Extender - Unauthenticated Remote Reboot

GitList 0.6 - Unauthenticated Remote Code Execution

MyBB Threads to Link Plugin 1.3 - Cross-Site Scripting

Allok AVI to DVD SVCD VCD Converter 4.0.1217 - Buffer Overflow (SEH)

26.4.18

October CMS User Plugin v1.4.5 - Persistent Cross-Site Scripting

SickRage < v18.03.09 - Clear-Text Credentials HTTP Response

WordPress Plugin WP with Spritz 1.0 - Remote File Inclusion

Jfrog Artifactory < 4.16 - Unauthenticated Arbitrary File Upload / Remote Command...

Drupal < 7.58 - 'drupalgeddon3' Authenticated Remote Code Execution (PoC)

Chrome V8 JIT - Arrow Function Scope Fixing Bug

Chrome V8 JIT - 'AwaitedPromise' Update Bug

Chrome V8 JIT - 'NodeProperties::InferReceiverMaps' Type Confusion

Adobe Flash - Out-of-Bounds Write in blur Filtering

Adobe Flash - Info Leak in Image Inflation

Adobe Flash - Overflow in Slab Rendering

Adobe Flash - Overflow when Playing Sound

HRSALE The Ultimate HRM v1.0.2 - Local File Inclusion

HRSALE The Ultimate HRM 1.0.2 - Authenticated Cross-Site Scripting

HRSALE The Ultimate HRM v1.0.2 - 'award_id' SQL Injection

HRSALE The Ultimate HRM v1.0.2 - CSV Injection

Blog Master Pro v1.0 - CSV Injection

Shopy Point of Sale v1.0 - CSV Injection

13.4.18

Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution

Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)

Joomla Convert Forms version 2.0.3 - Formula Injection (CSV Injection)

12.4.18

Linux/x64 - x64 Assembly Shellcode (Generator)

11.4.18

Google Chrome V8 JIT - 'LoadElimination::ReduceTransitionElementsKind' Type Confusion

WordPress Plugin WordPress File Upload 4.3.3 - Stored XSS

WordPress File Upload Plugin 4.3.2 - Stored Cross Site Scripting

Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager - Invalid...

WUZHI CMS 4.1.0 - ‘Add User Account’ Cross-Site Request Forgery

WUZHI CMS 4.1.0 - ‘Add Admin Account’ Cross-Site Request Forgery

Wordpress Plugin Activity Log 2.4.0 - Stored Cross Site Scripting

iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting

DVD X Player Standard 5.5.3.9 - Buffer Overflow

10.4.18

iScripts Easycreate 3.2.1 - Stored Cross-Site Scripting

9 .4.18

WordPress Plugin Google Drive 2.2 - Remote Code Execution

iScripts SonicBB 1.0 - Reflected Cross-Site Scripting

WooCommerce CSV-Importer-Plugin 3.3.6 - Remote Code Execution

Buddypress Xprofile Custom Fields Type 2.6.3 - Remote Code Execution

KYOCERA Net Admin 3.4 - Cross Site Request Forgery - Add Admin Exploit

KYOCERA Multi-Set Template Editor 3.4 - Out-Of-Band XML External Entity Injection

CyberArk Password Vault Web Access < 9.9.5 / < 9.10 / 10.1 - Remote Code Execution

WordPress Plugin Simple Fields 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code...

Yahei PHP Prober 0.4.7 - Cross-Site Scripting

WolfCMS 0.8.3.1 - Open Redirection

MyBB Plugin Recent Threads On Index - Cross-Site Scripting

Cobub Razor 0.7.2 - Add New Superuser Account

WolfCMS 0.8.3.1 - Cross Site Request Forgery

PMS 0.42 - Local Stack-Based Overflow (ROP)

GoldWave 5.70 - Local Buffer Overflow (SEH Unicode)

H2 Database - 'Alias' Arbitrary Code Execution

CyberArk Password Vault < 9.7 / < 10 - Memory Disclosure

WebKit - WebAssembly Parsing Does not Correctly Check Section Order

8.4.18

LineageOS 14.1 Blueborne - Remote Code Execution

Cobub Razor 0.7.2 - Cross Site Request Forgery

DotNetNuke DNNarticle Module 11 - Directory Traversal

FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass

6 .4.18

Sophos Endpoint Protection Control Panel 10.7 - Weak Password Encryption

Sophos Endpoint Protection 10.7 - Tamper-Protection Bypass

GetSimple CMS 3.3.13 - Cross-Site Scripting

Z-Blog 1.5.1.1740 - Full Path Disclosure

Z-Blog 1.5.1.1740 - Cross-Site Scripting

YzmCMS 3.6 - Cross-Site Scripting

5 .4.18

 

Microsoft Windows - Multiple Use-After-Free Issues in jscript Array Methods

Microsoft Windows Defender - 'mpengine.dll' Memory Corruption

ProcessMaker - Plugin Upload (Metasploit)

Joomla! Component JS Jobs 1.2.0 - Cross-Site Scripting

MyBB Plugin Downloads 2.0.3 - Cross-Site Scripting

3 .4.18

 

Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix 2)

Microsoft Edge Chakra JIT - Stack-to-Heap Copy (Incomplete Fix)

Google Chrome V8 - 'Genesis::InitializeGlobal' Out-of-Bounds Read/Write

Google Chrome V8 - 'ElementsAccessorBase::CollectValuesOrEntriesImpl' Type Confusion

Secutech RiS-11/RiS-22/RiS-33 - Remote DNS Change

OpenCMS 10.5.3 - Cross-Site Scripting

OpenCMS 10.5.3 - Cross-Site Request Forgery

DLink DIR-601 - Admin Password Disclosure

VideoFlow Digital Video Protection (DVP) 2.10 - Hard-Coded Credentials

VideoFlow Digital Video Protection (DVP) 2.10 - Directory Traversal

WampServer 3.1.2 - Cross-Site Request Forgery

WebLog Expert Enterprise 9.4 - Privilege Escalation

2 .4.18

 

DLink DIR-601 - Admin Password Disclosure

VideoFlow Digital Video Protection (DVP) 2.10 - Hard-Coded Credentials

VideoFlow Digital Video Protection (DVP) 2.10 - Directory Traversal

WampServer 3.1.2 - Cross-Site Request Forgery

WampServer 3.1.1 - Cross-Site Scripting / Cross-Site Request Forgery

Frog CMS 0.9.5 - Cross-Site Request Forgery (Add User)

WebLog Expert Enterprise 9.4 - Privilege Escalation s

1 .4.18

Advantech WebAccess < 8.1 - webvrpcs DrawSrv.dll Path BwBuildPath Stack-Based Buffer...

Tenda FH303/A300 Firmware V5.07.68_EN - Remote DNS Change

Tenda W3002R/A302/w309r Wireless Router V5.07.64_en - Remote DNS Change (PoC)

Vtiger CRM 6.3.0 - Authenticated Arbitrary File Upload (Metasploit)

D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router - Authentication Bypass

Tenda W316R Wireless Router 5.07.50 - Remote DNS Change

osCommerce 2.3.4.1 - Remote Code Execution

Tenda W308R v2 Wireless Router 5.07.48 - Cookie Session Weakness Remote DNS Change

WordPress Plugin WP Security Audit Log 3.1.1 - Sensitive Information Disclosure

Joomla! Component AcySMS 3.5.0 - CSV Macro Injection

Joomla! Component Acymailing Starter 5.9.5 - CSV Macro Injection

Homematic CCU2 2.29.23 - Remote Command Execution

WordPress Plugin Contact Form 7 to Database Extension 2.10.32 - CSV Injection

WordPress Plugin Relevanssi 4.0.4 - Reflected Cross-Site Scripting

MiniCMS 1.10 - Cross-Site Request Forgery

Homematic CCU2 2.29.23 - Arbitrary File Write

Open-AuditIT Professional 2.1 - Cross-Site Request Forgery

Faleemi Windows Desktop Software - (DDNS/IP) Local Buffer Overflow

Allok WMV to AVI MPEG DVD WMV Converter 4.6.1217 - Buffer Overflow

Allok Video Joiner 4.6.1217 - Stack-Based Buffer Overflow

Allok AVI DivX MPEG to DVD Converter 2.6.1217 - Buffer Overflow (SEH)

Systematic SitAware - NVG Denial of Service

SysGauge 4.5.18 - Local Denial of Service

31 .3.18

Exodus Wallet (ElectronJS Framework) - Remote Code Execution (Metasploit)

Joomla Component Fields - SQLi Remote Code Execution (Metasploit)

30 .3.18

Exodus Wallet (ElectronJS Framework) - Remote Code Execution (Metasploit)

GitStack - Unsanitized Argument Remote Code Execution (Metasploit)

Joomla Component Fields - SQLi Remote Code Execution (Metasploit)

29 .3.18

Microsoft Windows Remote Assistance - XML External Entity Injection

TwonkyMedia Server 7.0.11-8.5 - Persistent Cross-Site Scripting

TwonkyMedia Server 7.0.11-8.5 - Directory Traversal

ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)

TestLink Open Source Test Management < 1.9.16 - Remote Code Execution (PoC)

ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)

28 .3.18

ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)

27 .3.18

ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)

26 .3.18

Acrolinx Server < 5.2.5 - Directory Traversal

Laravel Log Viewer < 0.13.0 - Local File Download

LabF nfsAxe 3.7 - Privilege Escalation

Fast AVI MPEG Splitter 1.2 - Stack-Based Buffer Overflow

23 .3.18

 

Linux Kernel < 4.15.4 - 'show_floppy' KASLR Address Leak

Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion

MyBB Plugin Last User's Threads in Profile Plugin 1.2 - Persistent Cross-Site Scripting

XenForo 2 - CSS Loader Denial of Service

TL-WR720N 150Mbps Wireless N Router - Cross-Site Request Forgery

Hikvision IP Camera versions 5.2.0 - 5.3.9 (Builds 140721 - 170109) - Access Control...

Easy CD DVD Copy 1.3.24 - Local Buffer Overflow (SEH)

Crashmail 1.6 - Stack-Based Buffer Overflow ( ROP execve )

Allok Quicktime to AVI MPEG DVD Converter 4.6.1217 - Stack-Based Buffer Overflow

Linux Kernel < 4.15.4 - 'show_floppy' KASLR Address Leak

Easy Avi Divx Xvid to DVD Burner 2.9.11 - '.avi' Denial of Service

WM Recorder 16.8.1 - Denial of Service

Dell EMC NetWorker - Denial of Service

Android Bluetooth - BNEP BNEP_SETUP_CONNECTION_REQUEST_MSG Out-of-Bounds Read

Android Bluetooth - BNEP bnep_data_ind() Remote Heap Disclosure

21 .3.18

Microsoft Windows - Desktop Bridge Virtual Registry NtLoadKey Arbitrary File Read/Write...

Microsoft Windows- Desktop Bridge Virtual Registry Arbitrary File Read/Write Privilege...
Microsoft Windows - Desktop Bridge VFS Privilege Escalation

Microsoft Windows Kernel - 'nt!NtWaitForDebugEvent' 64-bit Stack Memory Disclosure

Microsoft Windows Kernel - 'nt!KiDispatchException' 64-bit Stack Memory Disclosure

Microsoft Windows Kernel - 'NtQueryInformationThread(ThreadBasicInformation)' 64-bit...

Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)' 64-bit...

Google Software Updater macOS - Unsafe use of Distributed Objects Privilege Escalation

Cisco node-jos < 0.11.0 - Re-sign Tokens

Vehicle Sales Management System - Multiple Vulnerabilities

Intelbras Telefone IP TIP200 LITE - Local File Disclosure
Cisco node-jos < 0.11.0 - Re-sign Tokens

Linux/x86 - execve(/bin/sh) Shellcode (18 bytes)

19 .3.18

Linux Kernel < 4.4.0-21 (Ubuntu 16.04 x64) - 'netfilter target_offset' Local Privilege...

Linux Kernel < 3.5.0-23 (Ubuntu 12.04.2 x64) - 'SOCK_DIAG' SMEP Bypass Local Privilege...

Linux Kernel < 4.4.0-116 (Ubuntu 16.04.4) - Local Privilege Escalation

18 .3.18

 

Firefox 44.0.2 - ASM.JS JIT-Spray Remote Code Execution
Firefox 46.0.1 - ASM.JS JIT-Spray Remote Code Execution

MikroTik RouterOS < 6.41.3/6.42rc27 - SMB Buffer Overflow

SAP NetWeaver AS JAVA CRM - Log injection Remote Command Execution

Contec Smart Home 4.15 - Unauthorized Password Reset

Android DRM Services - Buffer Overflow

15 .3.18

Spring Data REST < 2.6.9 (Ingalls SR9), 3.0.1 (Kay SR1) - PATCH Request Remote Code...

WordPress Plugin Duplicator 1.2.32 - Cross-Site Scripting

13 .3.18

Tuleap 9.17.99.189 - Blind SQL Injection

SecurEnvoy SecurMail 9.1.501 - Multiple Vulnerabilities

ACL Analytics 11.X - 13.0.0.579 - Arbitrary Code Execution

MikroTik RouterOS < 6.38.4 (x86) - 'Chimay Red' Stack Clash Remote Code Execution

MikroTik RouterOS < 6.38.4 (MIPSBE) - 'Chimay Red' Stack Clash Remote Code Execution

Eclipse Equinoxe OSGi Console - Command Execution (Metasploit)

DEWESoft X3 SP1 (64-bit) - Remote Command Execution

ACL Analytics 11.X - 13.0.0.579 - Arbitrary Code Execution

Advantech WebAccess < 8.3 - Directory Traversal / Remote Code Execution

SC 7.16 - Stack-Based Buffer Overflow

Sony Playstation 4 (PS4) 4.55 < 5.50 - WebKit Code Execution (PoC)

12 .3.18

Eclipse Equinoxe OSGi Console - Command Execution (Metasploit)

DEWESoft X3 SP1 (64-bit) - Remote Command Execution

Advantech WebAccess < 8.3 - Directory Traversal / Remote Code Execution

TextPattern 4.6.2 - 'qty' SQL Injection

Prisma Industriale Checkweigher PrismaWEB 1.21 - Hard-Coded Credentials

ManageEngine Applications Manager 13.5 - Remote Code Execution (Metasploit)

SC 7.16 - Stack-Based Buffer Overflow

9 .3.18

Bacula-Web < 8.0.0-rc2 - SQL Injection

WebLog Expert Enterprise 9.4 - Authentication Bypass

WebLog Expert Enterprise 9.4 - Denial of Service

Memcached 1.5.5 - 'Memcrashed ' Insufficient Control of Network Message Volume Denial of...

8 .3.18

antMan 0.9.0c - Authentication Bypass

Redaxo CMS Addon MyEvents 2.2.1 - SQL Injection

7 .3.18

Bravo Tejari Web Portal - Cross-Site Request Forgery

Memcached - 'memcrashed' Denial of Service

antMan 0.9.0c - Authentication Bypass

Redaxo CMS Addon MyEvents 2.2.1 - SQL Injection

Bravo Tejari Web Portal - Cross-Site Request Forgery

6 .3.18

Chrome V8 JIT - Empty BytecodeJumpTable Out-of-Bounds Read

Chrome V8 JIT - 'GetSpecializationContext' Type Confusion

Chrome V8 JIT - JSBuiltinReducer::ReduceObjectCreate Fails to Ensure that the Prototype...

Chrome V8 JIT - Simplified-lowererer IrOpcode::kStoreField, IrOpcode::kStoreElement...

Softros Network Time System Server 2.3.4 - Denial of Service

Memcached - 'memcrashed' Denial of Service

Bravo Tejari Web Portal - Cross-Site Request Forgery

5 .3.18

 

NETGEAR - 'TelnetEnable' Magic Packet (Metasploit)

ClipBucket < 4.0.0 - Release 4902 - Command Injection / File Upload / SQL Injection

Sophos UTM 9.410 - 'loginuser' 'confd' Service Privilege Escalation

Dup Scout Enterprise 10.5.12 - 'Share Username' Local Buffer Overflow

Xion 1.0.125 - '.m3u' Local SEH-Based Unicode Venetian Exploit

ActivePDF Toolkit < 8.1.0.19023 - Multiple Memory Corruptions Suricata < 4.0.4 - IDS Detection Bypass

4 .3.18

TestLink Open Source Test Management < 1.9.16 - Remote Code Execution

uWSGI < 2.0.17 - Directory Traversal

D-Link DIR-600M Wireless - Cross-Site Scripting

DualDesk 20 - 'Proxy.exe' Denial of Service SEGGER embOS/IP FTP Server 3.22 - Denial of Service

2 .3.18

D-Link DIR-600M Wireless - Cross-Site Scripting

IrfanView 4.50 Email Plugin - Buffer Overflow (SEH Unicode)

IrfanView 4.44 Email Plugin - Buffer Overflow (SEH)

SEGGER embOS/IP FTP Server 3.22 - Denial of Service

1 .3.18

Sony Playstation 4 (PS4) 4.55 - Jailbreak (WebKit 5.01 / 'bpf' Kernel Loader 4.55)

Routers2 2.24 - Cross-Site Scripting

Apple iOS 11.2.5 / watchOS 4.2.2 / tvOS 11.2.5 - 'bluetoothd' Memory Corruption

Sony Playstation 4 (PS4) 5.01 < 5.05 - WebKit Code Execution (PoC)

28 .2.18

GetGo Download Manager 5.3.0.2712 - Buffer Overflow (SEH)

Concrete5 < 8.3.0 - Username / Comments Enumeration

CMS Made Simple 2.1.6 - Remote Code Execution

School Management Script 3.0.4 - Authentication Bypass

Joomla! Component K2 2.8.0 - Arbitrary File Download

MyBB My Arcade Plugin 1.3 - Cross-Site Scripting

Schools Alert Management Script 2.0.2 - Authentication Bypass

Sony Playstation 4 4.55 FW - Local Kernel

Microsoft Windows Windows 8.1/2012 R2 - SMB Denial of Service

Asterisk chan_pjsip 15.2.0 - 'SUBSCRIBE' Stack Corruption

Asterisk chan_pjsip 15.2.0 - 'SDP fmtp' Denial of Service

Asterisk chan_pjsip 15.2.0 - 'SDP' Denial of Service

Asterisk chan_pjsip 15.2.0 - 'INVITE' Denial of Service

27 .2.18

Sony Playstation 4 4.55 FW - Local Kernel

Chrome V8 - 'TranslatedState::MaterializeCapturedObjectAt' Type Confusion

Chrome V8 - 'PropertyArray' Integer Overflow

transmission - Integer Overflows Parsing Torrent Files

26 .2.18

AsusWRT LAN - Unauthenticated Remote Code Execution (Metasploit)

CloudMe Sync 1.10.9 - Stack-Based Buffer Overflow (Metasploit)

Disk Savvy Enterprise 10.4.18 - Stack-Based Buffer Overflow (Metasploit)

23.2.18

Groupon Clone Script 3.0.2 - Cross-Site Scripting

Alibaba Clone Script 1.0.2 - Cross-Site Scripting

Learning and Examination Management System - Cross-Site Scripting

Armadito Antivirus 0.12.7.2 - Detection Bypass

22.2.18

 

Disk Pulse Enterprise 10.4.18 - 'Import Command' Buffer Overflow (SEH)

Disk Savvy Enterprise 10.4.18 - Buffer Overflow (SEH)

EChat Server 3.1 - 'CHAT.ghp' Buffer Overflow

Wavpack 5.1.0 - Denial of Service

Trend Micro Email Encryption Gateway 5.5 (Build 1111.00) - Multiple Vulnerabilities

Joomla! Component OS Property Real Estate 3.12.7 - SQL Injection

Joomla! Component Proclaim 9.1.1 - Arbitrary File Upload

Joomla! Component CheckList 1.1.1 - SQL Injection

Joomla! Component Alexandria Book Library 3.1.2 - 'letter' SQL Injection

Joomla! Component Ek Rishta 2.9 - SQL Injection

Joomla! Component PrayerCenter 3.0.2 - 'sessionid' SQL Injection

NoMachine x64 < 6.0.80 - 'nxfuse' Privilege Escalation

NoMachine x86 < 6.0.80 - 'nxfuse' Privilege Escalation

21.2.18

utorrent - JSON-RPC Remote Code Execution / Information Disclosure

20.2.18

utorrent - JSON-RPC Remote Code Execution / Information Disclosure

Microsoft Windows - StorSvc SvcMoveFileInheritSecurity Arbitrary File Creation Privilege...

Microsoft Windows - Constrained Impersonation Capability Privilege Escalation

Microsoft Windows - NPFS Symlink Security Feature Bypass/Elevation of Privilege/Dangerous...

Microsoft Windows - Global Reparse Point Security Feature Bypass/Elevation of Privilege

Microsoft Internet Explorer 11 - 'Js::RegexHelper::RegexReplace' Use-After-Free

Microsoft Windows Kernel - 'nt!RtlpCopyLegacyContextX86' Stack Memory Disclosure

MagniComp SysInfo - mcsiwrapper Privilege Escalation (Metasploit)

19.2.18

Aastra 6755i SIP SP4 - Denial of Service

October CMS < 1.0.431 - Cross-Site Scripting

Linux/ARM - Bind TCP (4444/TCP) Shell (/bin/sh) + IP Controlled (192.168.1.190) +...

17.2.18

Oracle Primavera P6 Enterprise Project Portfolio Management - HTTP Response Splitting

PSNews Website 1.0.0 - 'Keywords' SQL Injection

PHIMS - Hospital Management Information System - 'Password' SQL Injection

Front Accounting ERP 2.4.3 - Cross-Site Request Forgery

Siemens SIPROTEC 4 and SIPROTEC Compact EN100 Ethernet Module < 4.25 - Denial of Service

JBoss Remoting 6.14.18 - Denial of Service

Microsoft Edge - 'UnmapViewOfFile' ACG Bypass

16.2.18

 

EPIC MyChart - SQL Injection

ABRT - raceabrt Privilege Escalation(Metasploit)

Joomla! Component Gallery WD 1.3.6 - SQL Injection

Joomla! Component Form Maker 3.6.12 - SQL Injection

Joomla! Component File Download Tracker 3.0 - SQL Injection

Joomla! Component Fastball 2.5 - 'season' SQL Injection

Joomla! Component DT Register 3.2.7 - 'id' SQL Injection

Joomla! Component AllVideos Reloaded 1.2.x - 'divid' SQL Injection

Joomla! Component Aist 2.0 - 'id' SQL Injection

Siemens SIPROTEC 4 and SIPROTEC Compact EN100 Ethernet Module < 4.25 - Denial of Service

JBoss Remoting 6.14.18 - Denial of Service

Microsoft Edge - 'UnmapViewOfFile' ACG Bypass

15.2.18

Chrome V8 - 'Runtime_RegExpReplace' Integer Overflow

Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace

Pdfium - Pattern Shading Integer Overflows

Microsoft Edge Chakra JIT - 'LdThis' Type Confusion

Microsoft Edge Chakra JIT - 'NewScObjectNoCtor' Array Type Confusion

Microsoft Edge Chakra JIT - 'Array.prototype.reverse' Array Type Confusion

Microsoft Edge Chakra JIT - Array Type Confusion via InitProto Instructions

Microsoft Edge Chakra JIT - ImplicitCallFlags Checks Bypass

Microsoft Edge Chakra JIT - Memory Corruption

Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly...

GNU binutils 2.26.1 - Integer Overflow (PoC)

Dell EMC Isilon OneFS - Multiple Vulnerabilities

userSpice 4.3 - Cross-Site Scripting

SOA School Management - 'access_login' SQL Injection

Social Oauth Login PHP - Authentication Bypass

GNU binutils 2.26.1 - Integer Overflow (POC)

14.2.18

NAT32 2.2 Build 22284 - Cross-Site Request Forgery

NAT32 2.2 Build 22284 - Remote Command Execution

13.2.18

LibreOffice < 6.0.1 - '=WEBSERVICE' Remote Arbitrary File Disclosure

glibc - 'LD_AUDIT' Arbitrary DSO Load Privilege Escalation (Metasploit)

glibc - '$ORIGIN' Expansion Privilege Escalation (Metasploit)

Juju-run Agent - Privilege Escalation (Metasploit)

Advantech WebAccess 8.3.0 - Remote Code Execution

CloudMe Sync < 1.11.0 - Buffer Overflow

News Website Script 2.0.4 - 'search' SQL Injection

TypeSetter CMS 5.1 - Cross-Site Request Forgery

TypeSetter CMS 5.1 - 'Host' Header Injection

LogicalDOC Enterprise 7.7.4 - Root Remote Code Execution

11.2.18

JBoss 4.2.x/4.3.x - Information Disclosure

Multi Language Olx Clone Script - Cross-Site Scripting

Multi religion Responsive Matrimonial 4.7.2 - Cross-Site Scripting

Select Your College Script 2.0.2 - Authentication Bypass

Bitcoin MLM Software 1.0.2 - Cross-Site Scripting

Lawyer Search Script 1.0.2 - Cross-Site Scripting

Schools Alert Management Script 2.0.2 - Arbitrary File Upload

Facebook Clone Script 1.0.5 - Cross-Site Scripting

macOS Kernel - Use-After-Free Due to Lack of Locking in...

9.2.18

 

HPE iLO 4 < 2.53 - Add New Administrator User

Marked2 - Local File Disclosure

macOS Kernel - Use-After-Free Due to Lack of Locking in...

8.2.18

Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code...

HPE iLO4 < 2.53 - Add New Administrator User

Geovision Inc. IP Camera & Video - Remote Command Execution

Geovision Inc. IP Camera/Video/Access Control - Multiple Remote Command Execution / Stack...

Entrepreneur Dating Script 2.0.2 - Authentication Bypass

Online Test Script 2.0.7 - 'cid' SQL Injection

Hot Scripts Clone Script Classified - Persistent Cross-Site Scripting

Naukri Clone Script - Persistent Cross-Site Scripting

MalwareFox AntiMalware 2.74.0.150 - Privilege Escalation

Android - 'getpidcon' Permission Bypass in KeyStore Service

Cisco ASA - Crash PoC

7.2.18

Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code...

Geovision Inc. IP Camera & Video - Remote Command Execution

Geovision Inc. IP Camera/Video/Access Control - Multiple Remote Command Execution / Stack...

Entrepreneur Dating Script 2.0.2 - Authentication Bypass

Online Test Script 2.0.7 - 'cid' SQL Injection

Hot Scripts Clone Script Classified - Persistent Cross-Site Scripting

Naukri Clone Script - Persistent Cross-Site Scripting

Multilanguage Real Estate MLM Script - Persistent Cross-Site Scripting

Doctor Search Script 1.0.2 - Persistent Cross-Site Scripting

Android - 'getpidcon' Permission Bypass in KeyStore Service

Asterisk 13.17.2 - 'chan_skinny' Remote Memory Corruption

Cisco ASA - Crash PoC

6.2.18

Netis WF2419 Router - Cross-Site Scripting

Student Profile Management System Script 2.0.6 - Authentication Bypass

Joomla! Component JSP Tickets 1.1 - SQL Injection

Joomla! Component jLike 1.0 - Information Leak

Joomla! Component Zh GoogleMap 8.4.0.0 - SQL Injection

Joomla! Component Zh YandexMap 6.2.1.0 - 'id' SQL Injection

Joomla! Component Zh BaiduMap 3.0.0.1 - SQL Injection

5.2.18

 

Windows - 'EternalRomance'/'EternalSynergy'/'EternalChampion' SMB Remote Code Execution...

Online Voting System - Authentication Bypass

NixCMS 1.0 - 'category_id' SQL Injection

Matrimonial Website Script 2.1.6 - 'uid' SQL Injection

MalwareFox AntiMalware 2.74.0.150 - Privilege Escalation

Apport/ABRT - 'chroot' Local Privilege Escalation (Metasploit)

Claymore Dual GPU Miner 10.5 - Format String

WordPress Core - 'load-scripts.php' Denial of Service

Wonder CMS 2.3.1 - 'Host' Header Injection

Wonder CMS 2.3.1 - Unrestricted File Upload

2.2.18

Microsoft Windows Subsystem for Linux - Local Privilege Escalation

FiberHome AN5506 - Unauthenticated Remote DNS Change

Oracle Hospitality Simphony (MICROS) 2.7 < 2.9 - Directory Traversal

Joomla! Component JMS Music 1.1.1 - SQL Injection

Joomla! Component Jimtawl 2.1.6 - Arbitrary File Upload

Joomla! Component JEXTN Classified 1.0.0 - 'sid' SQL Injection

Joomla! Component JEXTN Reverse Auction 3.1.0 - SQL Injection

Event Manager 1.0 - SQL Injection

Joomla! Component JE PayperVideo 3.0.0 - 'usr_plan' SQL Injection

IPSwitch MOVEit 8.1 < 9.4 - Cross-Site Scripting

Advance Loan Management System - 'id' SQL Injection

Real Estate Custom Script - 'route' SQL Injection

Fancy Clone Script - 'search_browse_product' SQL Injection

Joomla! Component JEXTN Membership 3.1.0 - 'usr_plan' SQL Injection

BMC Server Automation RSCD Agent - NSH Remote Command Execution (Metasploit)

WebKit - 'WebCore::FrameView::clientToLayoutViewportPoint' Use-After-Free

WebKit - 'detachWrapper' Use-After-Free

Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (136 bytes)

Linux/x64 - Twofish Encoded + DNS (CNAME) Password + execve(/bin/sh) Shellcode

1.2.18

Sync Breeze Enterprise 10.4.18 - Remote Buffer Overflow (SEH)

systemd (system-tmpfiles) < 236 - 'fs.protected_hardlinks=0' Local Privilege Escalation

30.1.18

macOS - 'sysctl_vfs_generic_conf' Stack Leak Through Struct Padding

HPE iMC 7.3 - RMI Java Deserialization

Advantech WebAccess < 8.3 - SQL Injection

BMC BladeLogic RSCD Agent 8.3.00.64 - Windows Users Disclosure

Joomla! Component Visual Calendar 3.1.3 - 'id' SQL Injection

Joomla! Component CP Event Calendar 3.0.1 - 'id' SQL Injection

Joomla! Component Picture Calendar for Joomla 3.1.4 - Directory Traversal

29.1.18

Trend Micro Threat Discovery Appliance 2.6.1062r1 - 'dlp_policy_upload.cgi' Remote Code...

Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh) Null Free Shellcode (80...

Linux/x86 - Egghunter Shellcode (12 Bytes)

KeystoneJS < 4.0.0-beta.7 - Cross-Site Request Forgery

Netis WF2419 Router - Cross-Site Request Forgery

Buddy Zone 2.9.9 - SQL Injection

Multilanguage Real Estate MLM Script 3.0 - 'srch' SQL Injection

Hot Scripts Clone - 'subctid' SQL Injection

TSiteBuilder 1.0 - SQL Injection

Task Rabbit Clone 1.0 - 'id' SQL Injection

24.1.18

NEC Univerge SV9100/SV8100 WebPro 10.0 - Configuration Download

CentOS Web Panel 0.9.8.12 - 'row_id' / 'domain' SQL Injection

HP Connected Backup 8.6/8.8.6 - Local Privilege Escalation

RAVPower 2.000.056 - Memory Disclosure

MixPad 5.00 - Buffer Overflow

12.1.18

Microsoft Edge Chakra - 'AppendLeftOverItemsFromEndSegment' Out-of-Bounds Read

macOS - 'process_policy' Stack Leak Through Uninitialized Field

Microsoft Windows SMB Server (v1/v2) - Mount Point Arbitrary Device Open Privilege...

Microsoft Windows - NtImpersonateAnonymousToken LPAC to Non-LPAC Privilege Escalation

Microsoft Windows - NtImpersonateAnonymousToken AC to Non-AC Privilege Escalation

Microsoft Windows - NTFS Owner/Mandatory Label Privilege Bypass

Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon

phpCollab 2.5.1 - Unauthenticated File Upload (Metasploit)

LabF nfsAxe 3.7 FTP Client - Stack Buffer Overflow (Metasploit)

D-Link Routers 110/412/615/815 < 1.03 - 'service.cgi' Arbitrary Code Execution

SAP NetWeaver J2EE Engine 7.40 - SQL Injection

Parity Browser < 1.6.10 - Bypass Same Origin Policy

Linux/ARM (Raspberry Pi) - Bind TCP /bin/sh Shell (0.0.0.0:4444/TCP) Null-Free Shellcode...

11.1.18

 

D-Link Routers 110/412/615/815 < 1.03 - 'service.cgi' Arbitrary Code Execution

SAP NetWeaver J2EE Engine 7.40 - SQL Injection

Linux/ARM (Raspberry Pi) - Bind TCP /bin/sh Shell (0.0.0.0:4444/TCP) Null-Free Shellcode...

Parity Browser < 1.6.10 - Bypass Same Origin Policy

Microsoft Edge Chakra JIT - 'Lowerer::LowerSetConcatStrMultiItem' Missing Integer...

Linux/x86 - execve(/bin/sh) Polymorphic Shellcode (53 bytes)

Linux/x86 - execve /bin/dash Shellcode (30 bytes)

HPE iMC - dbman RestartDB Unauthenticated Remote Command Execution (Metasploit)

HPE iMC - dbman RestoreDBase Unauthenticated Remote Command Execution (Metasploit)

DiskBoss Enterprise 8.8.16 - Buffer Overflow

Joomla! Component Easydiscuss < 4.0.21 - Cross-Site Scripting

WordPress Plugin WordPress Download Manager 2.9.60 - Cross-Site Request Forgery

WordPress Plugin Admin Menu Tree Page View 2.6.9 - Cross-Site Request Forgery / Privilege...

WordPress Plugin CMS Tree Page View 1.4 - Cross-Site Request Forgery / Privilege...

WordPress Plugin Social Media Widget by Acurax 3.2.5 - Cross-Site Request Forgery

WordPress Plugin Events Calendar - 'event_id' SQL Injection

Muviko 1.1 - SQL Injection

Jungo Windriver 12.5.1 - Privilege Escalation

Multiple CPUs - Information Leak Using Speculative Execution

10.1.18

Commvault Communications Service (cvd) - Command Injection (Metasploit)

DiskBoss Enterprise 8.8.16 - Buffer Overflow

Muviko 1.1 - SQL Injection

Worpress Plugin Service Finder Booking < 3.2 - Local File Disclosure

Synology Photostation 6.7.2-3429 - Remote Code Execution (Metasploit)

Linux/x86 - execve /bin/dash Shellcode (30 bytes)

9.1.18

 

Commvault Communications Service (cvd) - Command Injection (Metasploit)

Android - Inte-Process munmap due to Race Condition in ashmem

Microsoft Windows - 'nt!NtQuerySystemInformation (information class 138,...

Microsoft Windows - 'nt!NtQueryInformationProcess (information class 76,...

Microsoft Edge Chakra JIT - Escape Analysis Bug

Microsoft Edge Chakra - 'asm.js' Out-of-Bounds Read

Microsoft Edge Chakra JIT - BackwardPass::RemoveEmptyLoopAfterMemOp Does not Insert...

Microsoft Edge Chakra JIT - Op_MaxInAnArray and Op_MinInAnArray can Explicitly call...

Microsoft Windows - Local XPS Print Spooler Sandbox Escape

Linux/x86 - chmod 777 /etc/sudoers Shellcode (36 bytes)

BarcodeWiz ActiveX Control < 6.7 - Buffer Overflow (PoC)

Vanilla < 2.1.5 - Cross-Site Request Forgery

8.1.18

DiskBoss Enterprise 8.5.12 - Denial of Service

Sync Breeze Enterprise 10.1.16 - Denial of Service

Disk Pulse Enterprise 10.1.18 - Denial of Service

VX Search Enterprise 10.1.12 - Denial of Service

Oracle WebLogic < 10.3.6 - 'wls-wsat' Component Deserialisation Remote Command Execution

SonicWall NSA 6600/5600/4600/3600/2600/250M - Multiple Vulnerabilities

Photos in Wifi 1.0.1 - Path Traversal

WordPress Plugin LearnDash 2.5.3 - Arbitrary File Upload

FiberHome LM53Q1 - Multiple Vulnerabilities

BarcodeWiz ActiveX Control < 6.7 - Buffer Overflow (PoC)

7.1.18

Microsoft Windows win32k - Using SetClassLong to Switch Between CS_CLASSDC and CS_OWNDC...

Cisco IOS - Remote Code Execution

Ayukov NFTP FTP Client 2.0 - Buffer Overflow (Metasploit)

WDMyCloud < 2.30.165 - Multiple Vulnerabilities

Gespage 7.4.8 - SQL Injection

GetGo Download Manager 5.3.0.2712 - 'Proxy' Buffer Overflow

5.1.18

Linux/x86 - Reverse TCP /bin/sh Shell (127.1.1.1:8888/TCP) Null-Free Shellcode (67/69...

gps-server.net GPS Tracking Software < 3.1 - Multiple Vulnerabilities

Multiple CPUs - 'Spectre' Information Disclosure (PoC)

GetGo Download Manager 5.3.0.2712 - 'Proxy' Buffer Overflow

WDMyCloud < 2.30.165 - Multiple Vulnerabilities

D-Link DNS-320 ShareCenter < 1.06 - Backdoor Acces

4.1.18

Xplico - Remote Code Execution (Metasploit)

Linksys WVBR0-25 - User-Agent Command Execution (Metasploit)

EMC xPression 4.5SP1 Patch 13 - 'model.jobHistoryId' SQL Injection

EMC xPression 4.5SP1 Patch 13 - 'model.jobHistoryId' SQL Injection

WordPress Plugin Smart Google Code Inserter < 3.5 - Authentication Bypass / SQL Injection

Kingsoft Antivirus/Internet Security 9+ - Privilege Escalation

3.1.18

WordPress Plugin Smart Google Code Inserter < 3.5 - Authentication Bypass / SQL Injection

2.1.18

PHP Melody 2.7.1 - 'playlist' SQL Injection

D3DGear 5.00 Build 2175 - Buffer Overflow

30.12.2017

NetTransport 2.96L - Buffer Overflow (DEP Bypass) 

27.12.2017

SilverStripe CMS 3.6.2 - CSV Excel Macro Injection 

Sendroid < 6.5.0 - SQL Injection 

Biometric Shift Employee Management System 3.0 - Local File Disclosure 

Joomla! Component JEXTN FAQ Pro 4.0.0 - 'id' SQL Injection 

GetGo Download Manager 5.3.0.2712 - Buffer Overflow 

Telesquare SKT LTE Router SDT-CS3B1 - Information Disclosure 

Telesquare SKT LTE Router SDT-CS3B1 - Cross-Site Request Forgery 

Easy!Appointments 1.2.1 - Cross-Site Scripting 

Xerox DC260 EFI Fiery Controller Webtools 2.0 - Arbitrary File Disclosure 

Sony Playstation 4 4.05 FW - Local Kernel Loader 

ALLMediaServer 0.95 - Buffer Overflow 

26.12.2017

COMTREND ADSL Router CT-5367 - Remote Code Execution 

Ubiquiti UniFi Video 3.7.3 - Local Privilege Escalation 

GetGo Download Manager 5.3.0.2712 - Buffer Overflow 

22.12.2017

Trend Micro Smart Protection Server - Session Hijacking / Log File Disclosure / Remote... 

21.12.2017

Samsung Internet Browser - SOP Bypass (Metasploit) 

BEIMS ContractorWeb 5.18.0.0 - SQL Injection 

Ability Mail Server 3.3.2 - Cross-Site Scripting 

Conarc iChannel - Improper Access Restrictions 

20.12.2017

Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)'... 

Samsung Internet Browser - SOP Bypass (Metasploit) 

19.12.2017

Intel Content Protection HECI Service - Type Confusion Privilege Escalation 

Microsoft Windows - 'jscript!RegExpFncObj::LastParen' Out-of-Bounds Read 

Microsoft Windows - 'jscript!JsArraySlice' Uninitialized Variable 

Microsoft Windows - jscript.dll 'Array.sort' Heap Overflow 

Microsoft Windows - 'jscript!RegExpComp::Compile' Heap Overflow Through IE or Local... 

Microsoft Internet Explorer 11 - 'jscript!JSONStringifyObject' Use-After-Free 

Microsoft Windows - 'jscript!NameTbl::GetValDef' Use-After-Free 

GoAhead httpd 2.5 < 3.6.5 - 'LD_PRELOAD' Remote Code Execution 

Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit) 

Jenkins - XStream Groovy classpath Deserialization (Metasploit) 

Tuleap 9.6 - Second-Order PHP Object Injection (Metasploit) 

Joomla! Component NextGen Editor 2.1.0 - 'plname' SQL Injection 

BrightSign Digital Signage - Multiple Vulnerablities 

18.12.2017

Joomla! Component My Projects 2.0 - SQL Injection 

Joomla! Component User Bench 1.0 - 'userid' SQL Injection 

Zoom Linux Client 2.0.106600.0904 - Stack-Based Buffer Overflow 

Zoom Linux Client 2.0.106600.0904 - Command Injection 

CDex 1.96 - Buffer Overflow 

Joomla! Component Guru Pro - 'promocode' SQL Injection 

Joomla! Component JB Visa 1.0 - 'visatype' SQL Injection 

Monstra CMS 3.0.4 - Arbitrary File Upload / Remote Code Execution 

Outlook for Android - Attachment Download Directory Traversal 

Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit) 

17.12.2017

Movie Guide 2.0 - SQL Injection 

ITGuard-Manager 0.0.0.1 - Remote Code Execution 

15.12.2017

Palo Alto Networks Firewalls - Remote root Code Execution 

pfSense 2.4.1 - CSRF Error Page Clickjacking (Metasploit) 

Dup Scout Enterprise - Login Buffer Overflow (Metasploit) 

Microsoft Office - DDE Payload Delivery (Metasploit) 

Movie Guide 2.0 - SQL Injection 

ITGuard-Manager 0.0.0.1 - Remote Code Execution 

Sync Breeze 10.2.12 - Denial of Service 

14.12.2017

Microsoft Office - DDE Payload Delivery (Metasploit) 

Palo Alto Networks Firewalls - Remote root Code Execution 

pfSense 2.4.1 - CSRF Error Page Clickjacking (Metasploit) 

Dup Scout Enterprise - Login Buffer Overflow (Metasploit) 

glibc ld.so - Memory Leak / Buffer Overflow 

Advantech WebAccess 8.2-2017.03.31 - Webvrpcs Service Opcode 80061 Stack Buffer Overflow... 

Piwigo 2.9.1 - 'cat_true' / 'cat_false' SQL Injection 

Bus Booking Script 1.0 - 'txtname' SQL Injection 

FS Lynda Clone 1.0 - SQL Injection 

Paid To Read Script 2.0.5 - 'uid' / 'fnum' / 'fn' SQL Injection 

Readymade Video Sharing Script 3.2 - HTML Injection 

Meinberg LANTIME Web Configuration Utility 6.16.008 - Arbitrary File Read 

Joomla! Component JEXTN Video Gallery 3.0.5 - 'id' SQL Injection 

Joomla! Component JEXTN Question And Answer 3.1.0 - SQL Injection 

13.12.2017

Meinberg LANTIME Web Configuration Utility 6.16.008 - Arbitrary File Read 

Accesspress Anonymous Post Pro < 3.2.0 - Unauthenticated Arbitrary File Upload 

glibc ld.so - Memory Leak / Buffer Overflow 

macOS/iOS - Kernel Double Free due to Incorrect API Usage in Flow Divert Socket Option... 

macOS - Kernel Code Execution due to Lack of Bounds Checking in... 

macOS/iOS - Multiple Kernel Use-After-Frees due to Incorrect IOKit Object Lifetime... 

Apple XNU Kernel - Memory Corruption due to Integer Overflow in __offsetof Usage in... 

12.12.2017

macOS XNU Kernel - Memory Disclosure due to bug in Kernel API for Detecting Kernel Memory... 

iOS/macOS - Kernel Double Free due to IOSurfaceRootUserClient not Respecting MIG... 

macOS - 'getrusage' Stack Leak Through struct Padding 

macOS - 'necp_get_socket_attributes' so_pcb Type Confusion 

MikroTik 6.40.5 ICMP - Denial of Service 

LibTIFF pal2rgb 4.0.9 - Heap Buffer Overflow 

Vanguard 1.4 - SQL Injection 

Vanguard 1.4 - Arbitrary File Upload 

Basic Job Site Script 2.0.5 - SQL Injection 

Resume Clone Script 2.0.5 - SQL Injection 

Advanced World Database 2.0.5 - SQL Injection 

Muslim Matrimonial Script 3.02 - 'succid' SQL Injection 

Groupon Clone Script 3.01 - 'state_id' / 'search' SQL Injection 

Accesspress Anonymous Post Pro < 3.2.0 - Unauthenticated Arbitrary File Upload 

Joomla! Component JBuildozer 1.4.1 - 'appid' SQL Injection 

11.12.2017

MikroTik 6.40.5 ICMP - Denial of Service 

MLM Forex Market Plan Script 2.0.4 - 'newid' / 'eventid' SQL Injection 

Entrepreneur Bus Booking Script 3.0.4 - 'sourcebus' SQL Injection 

Advanced Real Estate Script 4.0.7 - SQL Injection 

Single Theater Booking Script 3.2.1 - 'findcity.php?q' SQL Injection 

Multiplex Movie Theater Booking Script 3.1.5 - 'moid' / 'eid' SQL Injection 

Responsive Events & Movie Ticket Booking Script 3.2.1 - 'findcity.php?q' SQL Injection 

Multireligion Responsive Matrimonial 4.7.2 - 'succid' SQL Injection 

10.12.2017

Beauty Parlour Booking Script 1.0 - 'gender' / 'city' SQL Injection 

Basic B2B Script 2.0.8 - 'product_details.php?id' SQL Injection 

Affiliate MLM Script 1.0 - 'product-category.php?key' SQL Injection 

Advance Online Learning Management Script 3.1 - 'subcatid' / 'popcourseid' SQL Injection 

LabF nfsAxe FTP Client 3.7 - Buffer Overflow (DEP Bypass) 

Apple macOS 10.13.1 (High Sierra) - Insecure Cron System Local Privilege Escalation 

FS Monster Clone 1.0 - 'Employer_Details.php?id' SQL Injection 

FS Olx Clone 1.0 - 'scat' / 'pid' SQL Injection 

FS Quibids Clone 1.0 - SQL Injection 

FS Shutterstock Clone 1.0 - 'keywords' SQL Injection 

FS Stackoverflow Clone 1.0 - 'keywords' SQL Injection 

FS Thumbtack Clone 1.0 - 'cat' / 'sc' SQL Injection 

Realestate Crowdfunding Script 2.7.2 - 'pid' SQL Injection 

8.12.2017

Website Auction Marketplace 2.0.5 - 'cat_id' SQL Injection 

Simple Chatting System 1.0.0 - Arbitrary File Upload 

DomainSale PHP Script 1.0 - 'id' SQL Injection 

LabF nfsAxe FTP Client 3.7 - Buffer Overflow (DEP Bypass) 

Claymore Dual ETH + DCR/SC/LBC/PASC GPU Miner - Stack Buffer Overflow / Path Traversal 

Polycom Shell HDX Series - Traceroute Command Execution (Metasploit) 

LaCie 5big Network 2.2.8 - Command Injection 

OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting 

FS Facebook Clone - 'token' SQL Injection 

7.12.2017

Linux Kernel - DCCP Socket Use-After-Free 

Wireshark 2.4.0 - 2.4.2 / 2.2.0 - 2.2.10 - CIP Safety Dissector Crash 

Microsoft Windows Defender - Controlled Folder Bypass Through UNC Path 

Polycom Shell HDX Series - Traceroute Command Execution (Metasploit) 

OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting 

FS Facebook Clone - 'token' SQL Injection 

FS IMDB Clone - 'id' SQL Injection 

6.12.2017

FS Shaadi Clone - 'token' SQL Injection 

WinduCMS 3.1 - Local File Disclosure 

FS Makemytrip Clone - 'id' SQL Injection 

Readymade Classifieds Script 1.0 - SQL Injection 

Techno Portfolio Management Panel - 'id' SQL Injection 

Perspective ICM Investigation & Case 5.1.1.16 - Privilege Escalation 

Proxifier for Mac 2.19 - Local Privilege Escalation 

Hashicorp vagrant-vmware-fusion 4.0.23 - Local Privilege Escalation 

Hashicorp vagrant-vmware-fusion 4.0.24 - Local Privilege Escalation 

Hashicorp vagrant-vmware-fusion 5.0.0 - Local Privilege Escalation 

Sera 1.2 - Local Privilege Escalation / Password Disclosure 

Hashicorp vagrant-vmware-fusion 5.0.1 - Local Privilege Escalation 

Hashicorp vagrant-vmware-fusion 5.0.3 - Local Privilege Escalation 

5.12.2017

VX Search 10.2.14 - 'command_name' Buffer Overflow 

Perspective ICM Investigation & Case 5.1.1.16 - Privilege Escalation 

Techno Portfolio Management Panel - 'id' SQL Injection 

Readymade Classifieds Script 1.0 - SQL Injection 

3.12.2017

Artica Web Proxy 3.06 - Remote Code Execution 

MistServer 2.12 - Cross-Site Scripting 

Jobs2Careers / Coroflot Clone - SQL Injection 

Abyss Web Server < 2.11.6 - Heap Memory Corruption 

1.12.2017

HP iMC Plat 7.2 - Remote Code Execution (2) 

HP iMC Plat 7.2 - Remote Code Execution 

Jobs2Careers / Coroflot Clone - SQL Injection 

WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal 

30.11.2017

macOS High Sierra - Root Privilege Escalation (Metasploit) 

Linux Kernel - 'The Huge Dirty Cow' Overwriting The Huge Zero Page 

QEMU - NBD Server Long Export Name Stack Buffer Overflow 

29.11.2017

Synology StorageManager 5.2 - Remote Root Command Execution 

Android Gmail < 7.11.5.176568039 - Directory Traversal in Attachment Download 

pfSense - Authenticated Group Member RCE (Metasploit) 

Microsoft Windows 10 Creators Update (version 1703) (x86) - 'WARBIRD'... 

28.11.2017

Android Gmail < 7.11.5.176568039 - Directory Traversal in Attachment Download 

ZTE ZXDSL 831CII - Improper Access Restrictions 

Diving Log 6.0 - XML External Entity Injection 

27.11.2017

Microsoft Edge Chakra JIT - 'BailOutOnTaggedValue' Bailouts Type Confusion 

Microsoft Edge Chakra JIT - 'Inline::InlineCallApplyTarget_Shared' does not Return the... 

Microsoft Edge Chakra JIT - Incorrect Function Declaration Scope 

Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly 

Exim 4.89 - 'BDAT' Denial of Service 

25.11.2017

Linux - 'mincore()' Uninitialized Kernel Heap Page Disclosure 

ALLPlayer 7.5 - Local Buffer Overflow (SEH Unicode) 

23.11.2017

WebKit - 'WebCore::FormSubmission::create' Use-After-Free 

WebKit - 'WebCore::RenderObject::previousSibling' Use-After-Free 

WebKit - 'WebCore::DocumentLoader::frameLoader' Use-After-Free 

WebKit - 'WebCore::Style::TreeResolver::styleForElement' Use-After-Free 

WebKit - 'WebCore::SVGPatternElement::collectPatternAttributes' Out-of-Bounds Read 

WebKit - 'WebCore::SimpleLineLayout::RunResolver::runForPoint' Out-of-Bounds Read 

WebKit - 'WebCore::RenderText::localCaretRect' Out-of-Bounds Read 

22.11.2017

Vonage VDV-23 - Denial of Service 

Microsoft Windows 10 - 'nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry)' Pool... 

21.11.2017

Microsoft Office - OLE Remote Code Execution 

Microsoft Windows 10 - CiSetFileCache TOCTOU Security Feature Bypass 

Microsoft Windows 10 - 'nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry)' Pool... 

20.11.2017

iOS < 11.1 / tvOS < 11.1 / watchOS < 4.1 - Denial of Service 

Microsoft Windows 10 - CiSetFileCache TOCTOU Security Feature Bypass 

18.11.2017

VX Search 10.2.14 - 'Proxy' Buffer Overflow (SEH) 

17.11.2017

Zeta Components Mail 1.8.1 - Remote Code Execution 

Vonage VDV23 - Cross-Site Scripting 

VX Search 10.2.14 - 'Proxy' Buffer Overflow (SEH) 

16.11.2017

Microsoft Edge Chakra: JIT - 'OP_Memset' Type Confusion 

Microsoft Edge Chakra: JIT - 'Lowerer::LowerBoundCheck' Incorrect Integer Overflow Check 

Microsoft Edge Chakra JIT - Type Confusion with switch Statements 

Microsoft Edge - 'Object.setPrototypeOf' Memory Corruption 

D-Link DIR605L - Denial of Service 

Vonage VDV23 - Cross-Site Scripting 

LanSweeper 6.0.100.75 - Cross-Site Scripting 

TP-Link TL-WR740N - Cross-Site Scripting 

15.11.2017

Dup Scout Enterprise 10.0.18 - 'Login' Buffer Overflow 

D-Link DIR-850L - Unauthenticated OS Command Execution (Metasploit) 

Ulterius Server < 1.9.5.0 - Directory Traversal 

Kirby CMS < 2.5.7 - Cross-Site Scripting 

PSFTPd Windows FTP Server 10.0.4 Build 729 - Log Injection / Use-After-Free

14.11.2017

Web Viewer 1.0.0.193 (Samsung SRN-1670D) - Unrestricted File Upload 

IKARUS anti.virus 2.16.7 - 'ntguard_x64' Privilege Escalation 

Xlight FTP Server 3.8.8.5 - Buffer Overflow (PoC) 

13.11.2017

Symantec Endpoint Protection 12.1 - Tamper-Protection Bypass 

8.11.2017

ManageEngine Applications Manager 13 - SQL Injection 

pfSense 2.3.1_1 - Command Execution 

7.11.2017

Linux Kernel 4.13 (Ubuntu 17.10) - 'waitid()' SMEP/SMAP Privilege Escalation

SMPlayer 17.11.0 - '.m3u' Buffer Overflow (PoC)  

Logitech Media Server 7.9.0 - 'Radio URL' Cross-Site Scripting 

Logitech Media Server 7.9.0 - 'favorites' Cross-Site Scripting 

SMPlayer 17.11.0 - '.m3u' Buffer Overflow (PoC) 

Avaya OfficeScan (IPO) < 10.1 - ActiveX Buffer Overflow 

6.11.2017

Actiontec C1000A Modem - Backdoor Account 

WordPress Plugin Userpro < 4.9.17.1 - Authentication Bypass 

Ipswitch WS_FTP Professional < 12.6.0.3 - Local Buffer Overflow (SEH) 

Avaya OfficeScan (IPO) < 10.1 - 'SoftConsole' Buffer Overflow (SEH) 

Avaya OfficeScan (IPO) < 10.1 - ActiveX Buffer Overflow 

Debut Embedded httpd 1.20 - Denial of Service 

5.11.2017

Oracle PeopleSoft Enterprise PeopleTools < 8.55 - Remote Code Execution Via Blind... 

3.11.2017

Vir.IT eXplorer Anti-Virus - Privilege Escalation 

tnftp - 'savefile' Arbitrary Command Execution (Metasploit) 

Ladon Framework for Python 0.9.40 - XML External Entity Expansion 

WordPress Plugin JTRT Responsive Tables 4.1 - SQL Injection 

GraphicsMagick - Memory Disclosure / Heap Overflow 

2.11.2017

ZyXEL PK5001Z Modem - Backdoor Account 

Ingenious School Management System 2.3.0 - 'friend_index' SQL injection 

OctoberCMS 1.0.426 (Build 426) - Cross-Site Request Forgery 

Easy MPEG/AVI/DIVX/WMV/RM to DVD - 'Enter User Name' Buffer Overflow (SEH) 

WhatsApp 2.17.52 - Memory Corruption 

31.10.2017

Oracle Java SE - Web Start jnlp XML External Entity Processing Information... 

Ingenious 2.3.0 - Arbitrary File Upload 

30.10.2017

MitraStar DSL-100HN-T1/GPT-2541GNAC - Privilege Escalation 

Online Exam Test Application - 'sort' SQL Injection 

Php Inventory - Arbitrary File Upload 

Vastal I-Tech Agent Zone - SQL Injection 

Website Broker Script - 'status_id' SQL Injection 

Zomato Clone Script - 'resid' SQL Injection 

WordPress Plugin Ultimate Product Catalog 4.2.24 - PHP Object Injection 

29.10.2017

Tizen Studio 1.3 Smart Development Bridge < 2.3.2 - Buffer Overflow (PoC) 

Watchdog Development Anti-Malware / Online Security Pro - NULL Pointer Dereference 

27.10.2017

HitmanPro 3.7.15 Build 281 - Kernel Pool Overflow 

PHPMailer < 5.2.21 - Local File Disclosure 

Watchdog Development Anti-Malware / Online Security Pro - NULL Pointer Dereference 

26.10.2017

Netgear DGN1000 1.1.00.48 - 'Setup.cgi' Unauthenticated Remote Code Execution... 

KeystoneJS 4.0.0-beta.5 - Cross-Site Scripting 

KeystoneJS 4.0.0-beta.5 - CSV Excel Macro Injection 

24.10.2017

Polycom - Command Shell Authorization Bypass (Metasploit) 

Unitrends UEB 9 - bpserverd Authentication Bypass Remote Command Execution... 

Unitrends UEB 9 - http api/storage Remote Root (Metasploit) 

Ayukov NFTP FTP Client < 2.0 - Buffer Overflow 

FS OLX Clone - 'catg_id' SQL Injection 

FS Lynda Clone - 'category' SQL Injection 

FS Indiamart Clone - 'keywords' SQL Injection 

FS Groupon Clone - 'category' SQL Injection 

FS Freelancer Clone - 'sk' SQL Injection 

FS Expedia Clone - 'hid' SQL Injection 

FS Food Delivery Script - 'keywords' SQL Injection 

Mikogo 5.4.1.160608 - Local Credentials Disclosure 

23.10.2017

Ayukov NFTP FTP Client < 2.0 - Buffer Overflow 

CometChat < 6.2.0 BETA 1 - Local File Inclusion 

Logitech Media Server - Cross-Site Scripting 

TP-Link TL-MR3220 - Cross-Site Scripting 

ArGoSoft Mini Mail Server 1.0.0.2 - Denial of Service 

Linux Kernel 4.14.0-rc4+ - 'waitid()' Privilege Escalation 

Ayukov NFTP FTP Client < 2.0 - Buffer Overflow 

20.10.2017

Microsoft Game Definition File Editor 6.3.9600 - XML External Entity Injection 

TP-Link WR940N - Authenticated Remote Code Exploit 

Check_MK 1.2.8p25 - Information Disclosure 

ZKTime Web Software 2.0 - Improper Access Restrictions 

ZKTime Web Software 2.0 - Cross-Site Request Forgery 

Mozilla Firefox < 55 - Denial of Service 

19.10.2017

Xen - Unbounded Recursion in Pagetable De-typing 

Afian AB FileRun 2017.03.18 - Multiple Vulnerabilities 

Linksys E Series - Multiple Vulnerabilities 

Wordpress Plugin Car Park Booking - SQL Injection 

18.10.2017

Microsoft Windows - 'nt!NtQueryObject (ObjectNameInformation)' Kernel Pool Memory... 

Microsoft Edge Chakra JIT - 'RegexHelper::StringReplace' Must Call the Callback...