Exploit - ┌vod  Remote Exploint  Web Applications  Local&Privilege Escalation  DoS & PoC  ShellCode  Exploit  Exploit program  Exploit techniky  Exploint kit  Typy Exploit¨

Remote Exploint

 

2019-12-06 Integard Pro NoJs 2.2.0.9026 - Remote Buffer Overflow remote Windows
2019-11-20 FusionPBX - Operator Panel exec.php Command Execution (Metasploit) remote Multiple
2019-11-20 FreeSWITCH - Event Socket Command Execution (Metasploit) remote Multiple
2019-11-20 Bludit - Directory Traversal Image File Upload (Metasploit) remote PHP
2019-11-20 Pulse Secure VPN - Arbitrary Command Execution (Metasploit) remote Multiple
2019-11-19 Microsoft Windows 7 (x86) - 'BlueKeep' Remote Desktop Protocol (RDP) Remote Windows Kernel Use After Free remote Windows_x86
2019-11-18 nipper-ng 0.11.10 - Remote Buffer Overflow (PoC) remote Linux
2019-11-12 eMerge E3 Access Controller 4.6.07 - Remote Code Execution remote Hardware
2019-11-12 eMerge E3 Access Controller 4.6.07 - Remote Code Execution (Metasploit) remote Hardware
2019-11-12 CBAS-Web 19.0.0 - Information Disclosure remote Hardware
2019-11-08 rConfig - install Command Execution (Metasploit) remote Linux
2019-11-04 Ayukov NFTP client 1.71 - 'SYST' Buffer Overflow remote Windows
2019-11-01 Nostromo - Directory Traversal Remote Command Execution (Metasploit) remote Multiple
2019-10-31 MikroTik RouterOS 6.45.6 - DNS Cache Poisoning remote Hardware
2019-10-29 Win10 MailCarrier 2.51 - 'POP3 User' Remote Buffer Overflow remote Windows
2019-10-29 Microsoft Windows Server 2012 - 'Group Policy' Remote Code Execution remote Windows
2019-10-29 Microsoft Windows Server 2012 - 'Group Policy' Security Feature Bypass remote Windows
2019-10-22 Total.js CMS 12 - Widget JavaScript Code Injection (Metasploit) remote Multiple
2019-10-22 Moxa EDR-810 - Command Injection / Information Disclosure remote Hardware
2019-10-17 ThinVNC 1.0b1 - Authentication Bypass remote Windows
2019-10-16 Whatsapp 2.19.216 - Remote Code Execution remote Android
2019-10-15 Podman & Varlink 1.5.1 - Remote Code Execution remote Linux
2019-10-07 freeFTP 1.0.8 - 'PASS' Remote Buffer Overflow Remote Windows
2019-10-02 DOUBLEPULSAR - Payload Execution and Neutralization (Metasploit) Remote Windows
2019-09-30 Cisco Small Business 220 Series - Multiple Vulnerabilities Remote Hardware
2019-09-30 GoAhead 2.5.0 - Host Header Injection Remote Multiple
2019-09-24 Microsoft Windows - BlueKeep RDP Remote Windows Kernel Use After Free (Metasploit) Remote Windows
2019-09-24 File Sharing Wizard 1.5.0 - POST SEH Overflow Remote Windows
2019-09-23 HPE Intelligent Management Center < 7.3 E0506P09 - Information Disclosure Remote watchOS
2019-09-23 Hisilicon HiIpcam V100R003 Remote ADSL - Credentials Disclosure Remote Hardware
2019-09-16 Inteno IOPSYS Gateway - Improper Access Restrictions Remote Hardware
2019-09-10 October CMS - Upload Protection Bypass Code Execution (Metasploit) Remote PHP
2019-09-10 LibreNMS - Collectd Command Injection (Metasploit) Remote Linux
2019-09-06 FusionPBX 4.4.8 - Remote Code Execution Remote Linux
2019-09-06 Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN - Remote Code Execution Remote Multiple
2019-09-05 AwindInc SNMP Service - Command Injection (Metasploit) Remote Linux
2019-09-03 Cisco RV110W/RV130(W)/RV215W Routers Management Interface - Remote Command Execution (Metasploit) Remote Hardware
2019-09-03 Cisco Data Center Network Manager - Unauthenticated Remote Code Execution (Metasploit) Remote Java
2019-09-03 Cisco UCS Director - default scpuser password (Metasploit) Remote Unix
2019-09-02 IntelBras TELEFONE IP TIP200/200 LITE 60.61.75.15 - Arbitrary File Read Remote Hardware
2019-09-02 Cisco Email Security Appliance (IronPort) C160 - 'Host' Header Injection Remote Hardware
2019-08-20 QEMU - Denial of Service Remote Linux
2019-08-21 Cisco UCS Director, Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data - Multiple Vulnerabilities Remote Multiple
2019-08-21 LibreOffice < 6.2.6 Macro - Python Code Execution (Metasploit) Remote Multiple
2019-08-14 Agent Tesla Botnet - Arbitrary Code Execution (Metasploit) Remote PHP
2019-08-13 AZORult Botnet - SQL Injection Remote PHP
2019-08-13 Agent Tesla Botnet - Arbitrary Code Execution Remote PHP
2019-08-12 Webmin 1.920 - Unauthenticated Remote Code Execution (Metasploit) Remote Linux
2019-08-12 ManageEngine OpManager 12.4x - Unauthenticated Remote Command Execution (Metasploit) Remote Multiple
2019-08-12 ManageEngine Application Manager 14.2 - Privilege Escalation / Remote Command Execution (Metasploit) Remote Multiple
2019-08-12 ManageEngine OpManager 12.4x - Privilege Escalation / Remote Command Execution (Metasploit) Remote Multiple
2019-08-08 Baldr Botnet Panel - Arbitrary Code Execution (Metasploit) Remote PHP
2019-08-05 ARMBot Botnet - Arbitrary Code Execution Remote Multiple
2019-08-05 Apache Tika 1.15 - 1.17 - Header Command Injection (Metasploit) Remote Windows
2019-07-30 Redis 4.x / 5.x - Unauthenticated Code Execution (Metasploit) Remote Linux
2019-07-29 WordPress Plugin Database Backup < 5.2 - Remote Code Execution (Metasploit) Remote PHP
2019-07-29 Schneider Electric Pelco Endura NET55XX Encoder - Authentication Bypass (Metasploit) Remote Unix
2019-07-24 Trend Micro Deep Discovery Inspector IDS - Security Bypass Remote Multiple
2019-07-19 MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow (EggHunter) Remote Windows_x86
2019-07-17 MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow Remote Windows
2019-07-16 PHP Laravel Framework 5.5.40 / 5.6.x < 5.6.30 - token Unserialize Remote Command Execution (Metasploit) Remote Linux
2019-07-12 Xymon 4.3.25 - useradm Command Execution (Metasploit) Remote Multiple
2019-07-07 Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuckV2.c' Remote Buffer Overflow (2) Remote Unix
2019-07-05 Microsoft Exchange 2003 - base64-MIME Remote Code Execution Remote Windows
2019-07-03 Apache Tomcat - CGIServlet enableCmdLineArguments Remote Code Execution (Metasploit) Remote Windows
2019-07-01 FaceSentry Access Control System 6.4.8 - Remote SSH Root Remote Hardware
2019-07-01 Linux Mint 18.3-19.1 - 'yelp' Command Injection (Metasploit) Remote Linux
2019-06-26 Nagios XI 5.5.6 - Magpie_debug.php Root Remote Code Execution (Metasploit) Remote Linux
2019-06-25 SAPIDO RB-1732 - Remote Command Execution Remote Hardware
2019-06-25 SuperDoctor5 - 'NRPE' Remote Code Execution Remote Multiple
2019-06-21 EA Origin < 10.5.38 - Remote Code Execution Remote Windows
2019-06-20 Cisco Prime Infrastructure Health Monitor - TarArchive Directory Traversal (Metasploit) Remote Linux
2019-06-17 AROX School-ERP Pro - Unauthenticated Remote Command Execution (Metasploit) Remote PHP
2019-06-11 Webmin 1.910 - 'Package Updates' Remote Command Execution (Metasploit) Remote Linux
2019-06-05 Exim 4.87 < 4.91 - (Local / Remote) Command Execution Remote Linux
2019-06-05 LibreNMS - addhost Command Injection (Metasploit) Remote Linux
2019-06-05 IBM Websphere Application Server - Network Deployment Untrusted Data Deserialization Remote Code Execution (Metasploit) Remote Windows
2019-06-04 Cisco RV130W 1.0.3.44 - Remote Stack Overflow Remote Hardware
2019-06-04 NUUO NVRMini 2 3.9.1 - 'sscanf' Stack Overflow Remote Hardware
2019-05-29 Oracle Application Testing Suite - WebLogic Server Administration Console War Deployment (Metasploit) Remote Java
2019-05-28 Petraware pTransformer ADC < 2.1.7.22827 - Login Bypass Remote Windows
2019-05-27 Typora 0.9.9.24.6 - Directory Traversal Remote macOS
2019-05-24 Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption Remote Windows
2019-05-23 Shopware - createInstanceFromNamedArguments PHP Object Instantiation Remote Code Execution (Metasploit) Remote PHP
2019-05-20 GetSimpleCMS - Unauthenticated Remote Code Execution (Metasploit) Remote PHP
2019-05-14 PHP-Fusion 9.03.00 - 'Edit Profile' Remote Code Execution (Metasploit) Remote PHP
2019-05-08 Oracle Weblogic Server - 'AsyncResponseService' Deserialization Remote Code Execution (Metasploit) Remote Multiple
2019-05-08 PostgreSQL 9.3 - COPY FROM PROGRAM Command Execution (Metasploit) Remote Multiple
2019-05-08 Google Chrome 72.0.3626.119 - 'FileReader' Use-After-Free (Metasploit) Remote Windows_x86
2019-05-08 Lotus Domino 8.5.3 - 'EXAMINE' Stack Buffer Overflow DEP/ASLR Bypass (NSA's EMPHASISMINE) Remote Windows
2019-05-06 Xitami Web Server 2.5 - Remote Buffer Overflow (SEH + Egghunter) Remote Windows
2019-05-06 LG Supersign EZ CMS - Remote Code Execution (Metasploit) Remote Hardware
2019-05-03 Blue Angel Software Suite - Command Execution Remote Linux
2019-05-03 Windows PowerShell ISE - Remote Code Execution Remote Windows
2019-05-02 Ruby On Rails - DoubleTap Development Mode secret_key_base Remote Code Execution (Metasploit) Remote Linux
2019-04-30 Pimcore < 5.71 - Unserialize Remote Code Execution (Metasploit) Remote PHP
2019-04-30 AIS logistics ESEL-Server - Unauthenticated SQL Injection Remote Code Execution (Metasploit) Remote Windows
2019-04-30 Moodle 3.6.3 - 'Install Plugin' Remote Command Execution (Metasploit) Remote PHP
2019-04-30 Freefloat FTP Server 1.0 - 'STOR' Remote Buffer Overflow Remote Windows
2019-04-30 Freefloat FTP Server 1.0 - 'SIZE' Remote Buffer Overflow Remote Windows
2019-04-24 Google Chrome 72.0.3626.121 / 74.0.3725.0 - 'NewFixedDoubleArray' Integer Overflow Remote Multiple
2019-04-22 ManageEngine Applications Manager 14.0 - Authentication Bypass / Remote Command Execution (Metasploit) Remote Multiple
2019-04-19 Atlassian Confluence Widget Connector Macro - Velocity Template Injection (Metasploit) Remote Multiple
2019-04-18 ManageEngine Applications Manager 11.0 < 14.0 - SQL Injection / Remote Code Execution (Metasploit) Remote Windows
2019-04-17 MailCarrier 2.51 - POP3 'RETR' SEH Buffer Overflow Remote Windows
2019-04-15 Cisco RV130W Routers - Management Interface Remote Command Execution (Metasploit) Remote Hardware
2019-04-15 MailCarrier 2.51 - POP3 'TOP' SEH Buffer Overflow Remote Windows
2019-04-15 MailCarrier 2.51 - POP3 'LIST' SEH Buffer Overflow Remote Windows
2019-04-15 MailCarrier 2.51 - POP3 'USER' Buffer Overflow Remote Windows
2019-04-15 CuteNews 2.1.2 - 'avatar' Remote Code Execution (Metasploit) Remote PHP
2019-04-15 RemoteMouse 3.008 - Arbitrary Remote Command Execution Remote Windows
2019-04-15 MailCarrier 2.51 - 'RCPT TO' Buffer Overflow Remote Windows
2019-04-12 Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit) Remote Linux
2019-04-09 Apache Axis 1.4 - Remote Code Execution Remote Multiple
2019-04-09 TP-LINK TL-WR940N / TL-WR941ND - Buffer Overflow Remote Hardware
2019-02-27 PHP 7.2 - 'imagecolormatch()' Out of Band Heap Write Remote PHP
2019-04-08 QNAP Netatalk < 3.1.12 - Authentication Bypass Remote Multiple
2019-04-05 WordPress 5.0.0 - Crop-image Shell Upload (Metasploit) Remote PHP
2019-04-03 Cisco RV320 and RV325 - Unauthenticated Remote Code Execution (Metasploit) Remote Hardware
2019-04-03 Google Chrome 72.0.3626.96 / 74.0.3702.0 - 'JSPromise::TriggerPromiseReactions' Type Confusion Remote Multiple
2019-04-03 PhreeBooks ERP 5.2.3 - Remote Command Execution Remote Python
2019-04-03 TeemIp IPAM < 2.4.0 - 'new_config' Command Injection (Metasploit) Remote PHP
2019-03-28 Oracle Weblogic Server Deserialization RCE - Raw Object (Metasploit) Remote Multiple
2019-03-28 CMS Made Simple (CMSMS) Showtime2 - File Upload Remote Code Execution (Metasploit) Remote PHP
19.03.2019 Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming RCE (Metasploit) remote Java
18.03.2019 BMC Patrol Agent - Privilege Escalation Code Execution Execution (Metasploit) remote Multiple
15.03.2019 Mail Carrier 2.5.1 - 'MAIL FROM' Buffer Overflow remote Windows
14.03.2019 FTPGetter Standard 5.97.0.177 - Remote Code Execution remote Windows
14.03.2019 Apache UNO / LibreOffice Version: 6.1.2 / OpenOffice 4.1.6 API - Remote Code Execution remote Multiple
13.03.2019 elFinder PHP Connector < 2.1.48 - exiftran Command Injection (Metasploit) remote PHP
13.03.2019 Apache Tika-server < 1.18 - Command Injection remote Windows
07.03.2019 QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit) remote Hardware
07.03.2019 Imperva SecureSphere 13.x - 'PWS' Command Injection (Metasploit) remote Linux
07.03.2019 Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit) remote PHP
28.02.2019 Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow remote Hardware
22.02.2019 Nuuo Central Management - (Authenticated) SQL Server SQL Injection (Metasploit) remote Windows
21.02.2019 MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT Bypass remote Hardware
20.02.2019 Belkin Wemo UPnP - Remote Code Execution (Metasploit) remote Hardware
18.02.2019 mIRC < 7.55 - 'Custom URI Protocol Handlers' Remote Command Execution remote Windows
11.02.2019 Adobe Flash Player - DeleteRangeTimelineOperation Type Confusion (Metasploit) remote OSX
11.02.2019 NUUO NVRmini - upgrade_handle.php Remote Command Execution (Metasploit) remote PHP
11.02.2019 Indusoft Web Studio 8.1 SP2 - Remote Code Execution remote Multiple
28.01.2019 CloudMe Sync 1.11.2 Buffer Overflow - WoW64 (DEP Bypass) remote Windows_x86-64
24.01.2019 Ghostscript 9.26 - Pseudo-Operator Remote Code Execution remote Linux
22.01.2019 CloudMe Sync 1.11.2 - Buffer Overflow + Egghunt remote Windows
22.01.2019 Microsoft Windows VCF or Contact' File - URL Manipulation-Spoof Arbitrary Code Execution remote Windows
21.01.2019 GattLib 0.2 - Stack Buffer Overflow remote Linux
18.01.2019 Webmin 1.900 - Remote Command Execution (Metasploit) remote CGI
18.01.2019 SCP Client - Multiple Vulnerabilities (SSHtranger Things) remote Multiple
14.01.2019 Hootoo HT-05 - Remote Code Execution (Metasploit) remote Hardware
11.01.2019 OpenSSH SCP Client - Write Arbitrary Files remote Multiple
07.01.2019 Mailcleaner - (Authenticated) Remote Code Execution (Metasploit) remote Python
02.01.2019 Hashicorp Consul - Remote Command Execution via Rexec (Metasploit) remote Linux
02.01.2019 Hashicorp Consul - Remote Command Execution via Services API (Metasploit) remote Linux
21.12.2018 Netatalk 3.1.12 - Authentication Bypass remote Multiple
20.12.2018 Erlang - Port Mapper Daemon Cookie RCE (Metasploit) remote Multiple
18.12.2018 MiniShare 1.4.1 - 'HEAD/POST' Remote Buffer Overflow remote Windows
14.12.2018 Cisco RV110W - Password Disclosure / Command Execution remote Hardware
14.12.2018 Safari - Proxy Object Type Confusion (Metasploit) remote macOS
10.12.2018 Kubernetes - (Unauthenticated) Arbitrary Requests remote Multiple
10.12.2018 Kubernetes - (Authenticated) Arbitrary Requests remote Multiple
04.12.2018 OpenSSH < 7.7 - User Enumeration (2) remote Linux
04.12.2018 HP Intelligent Management - Java Deserialization RCE (Metasploit) remote Windows
03.12.2018 CyberArk 9.7 - Memory Disclosure remote Windows
30.11.2018 Apache Spark - (Unauthenticated) Command Execution (Metasploit) remote Java
29.11.2018 PHP imap_open - Remote Code Execution (Metasploit) remote Linux
29.11.2018 TeamCity Agent - XML-RPC Command Execution (Metasploit) remote Multiple
27.11.2018 Netgear Devices - (Unauthenticated) Remote Command Execution (Metasploit) remote Hardware
26.11.2018 ELBA5 5.8.0 - Remote Code Execution remote Windows
14.11.2018 Atlassian Jira - (Authenticated) Upload Code Execution (Metasploit) remote Java
06.11.2018 Morris Worm - sendmail Debug Mode Shell Escape (Metasploit) remote Unix
06.11.2018 blueimp's jQuery 9.22.0 - (Arbitrary) File Upload (Metasploit) remote PHP
06.11.2018 Morris Worm - fingerd Stack Buffer Overflow (Metasploit) remote BSD
30.10.2018 Nutanix AOS & Prism < 5.5.5 (LTS) / < 5.8.1 (STS) - SFTP Authentication Bypass remote Multiple
29.10.2018 Paramiko 2.4.1 - Authentication Bypass remote Linux
25.10.2018 WebExec - (Authenticated) User Code Execution (Metasploit) remote Windows
25.10.2018 Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass) remote Multiple
24.10.2018 exim 4.90 - Remote Code Execution remote Linux
23.10.2018 ServersCheck Monitoring Software 14.3.3 - Arbitrary File Write remote Windows
20.10.2018 LibSSH 0.7.6 / 0.8.4 - Unauthorized Access remote Linux
18.10.2018 libSSH - Authentication Bypass remote Linux
17.10.2018 FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials remote Hardware
15.10.2018 NoMachine < 5.3.27 - Remote Code Execution remote Windows
10.10.2018 MicroTik RouterOS < 6.43rc3 - Remote Root remote Hardware
09.10.2018 Delta Electronics Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow (Metasploit) remote Windows
08.10.2018 Unitrends UEB - HTTP API Remote Code Execution (Metasploit) remote Linux
08.10.2018 Navigate CMS - (Unauthenticated) Remote Code Execution (Metasploit) remote PHP
04.10.2018 Cisco Prime Infrastructure - (Unauthenticated) Remote Code Execution remote Multiple
27.09.2018 Microsoft Edge - Sandbox Escape remote Windows
18.09.2018 NUUO NVRMini2 3.8 - 'cgi_system' Buffer Overflow (Enable Telnet) remote Hardware
18.09.2018 Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution remote Windows
17.09.2018 CA Release Automation NiMi 6.5 - Remote Command Execution remote Java
10.09.2018 Apache Struts 2 - Namespace Redirect OGNL Injection (Metasploit) remote Multiple
07.09.2018 Tenable WAS-Scanner 7.4.1708 - Remote Command Execution remote Linux
05.09.2018 FUJI XEROX DocuCentre-V 3065 Printer - Remote Command Execution remote Hardware
29.08.2018 Eaton Xpert Meter 13.4.0.10 - SSH Private Key Disclosure remote Hardware
27.08.2018 Electron WebPreferences - Remote Code Execution remote Multiple
27.08.2018 HP Jetdirect - Path Traversal Arbitrary Code Execution (Metasploit) remote Unix
26.08.2018 Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (1) remote Linux
25.08.2018 Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (2) remote Multiple
21.08.2018 OpenSSH 2.3 < 7.7 - Username Enumeration remote Linux
20.08.2018 SEIG Modbus 3.4 - Remote Code Execution remote Windows_x86
20.08.2018 Easylogin Pro 1.3.0 - 'Encryptor.php' Unserialize Remote Code Execution remote PHP
19.08.2018 SEIG SCADA System 9 - Remote Code Execution remote Windows_x86
16.08.2018 OpenSSH 2.3 < 7.7 - Username Enumeration (PoC) remote Linux
14.08.2018 Cloudme 1.9 - Buffer Overflow (DEP) (Metasploit) remote Windows_x86-64
13.08.2018 Microsoft DirectX SDK - 'Xact.exe' Remote Code Execution remote Windows
13.08.2018 Oracle Weblogic Server - Deserialization Remote Code Execution (Metasploit) remote Windows
09.08.2018 Mikrotik WinBox 6.42 - Credential Disclosure (Metasploit) remote Windows
01.08.2018 SonicWall Global Management System - XMLRPC set_time_zone Command Injection (Metasploit) remote Linux
27.07.2018 WordPress Plugin Responsive Thumbnail Slider - Arbitrary File Upload (Metasploit) remote PHP
27.07.2018 Axis Network Camera - .srv to parhand RCE (Metasploit) remote Linux
23.07.2018 Microsoft Windows - 'dnslint.exe' Drive-By Download remote Windows
18.07.2018 HomeMatic Zentrale CCU2 - Remote Code Execution remote Hardware
17.07.2018 Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Default Credentials remote Hardware
17.07.2018 QNAP Q'Center - 'change_passwd' Command Execution (Metasploit) remote Linux
17.07.2018 Nanopool Claymore Dual Miner - APIs Remote Code Execution (Metasploit) remote Multiple
13.07.2018 Manage Engine Exchange Reporter Plus - Remote Code Execution (Metasploit) remote Java
13.07.2018 Apache CouchDB - Arbitrary Command Execution (Metasploit) remote Linux
13.07.2018 phpMyAdmin - (Authenticated) Remote Code Execution (Metasploit) remote PHP
13.07.2018 Hadoop YARN ResourceManager - Command Execution (Metasploit) remote Linux
11.07.2018 IBM QRadar SIEM - Remote Code Execution (Metasploit) remote Unix
09.07.2018 Activision Infinity Ward Call of Duty Modern Warfare 2 - Buffer Overflow remote Windows
09.07.2018 HP VAN SDN Controller - Root Command Injection (Metasploit) remote Linux
09.07.2018 HID discoveryd - 'command_blink_on' Remote Code Execution (Metasploit) remote Linux
09.07.2018 GitList 0.6.0 - Argument Injection (Metasploit) remote PHP
06.07.2018 PolarisOffice 2017 8 - Remote Code Execution remote Windows
02.07.2018 FTPShell Client 6.70 (Enterprise Edition) - Stack Buffer Overflow (Metasploit) remote Windows
02.07.2018 Nagios XI 5.2.6-5.4.12 - Chained Remote Code Execution (Metasploit) remote Linux
27.06.2018 Quest KACE Systems Management - Command Injection (Metasploit) remote Unix
25.06.2018 Foxit Reader 9.0.1.1049 - Remote Code Execution remote Windows
21.06.2018 Dell EMC RecoverPoint < 5.1.2 - Remote Root Command Execution remote Linux
13.06.2018 DHCP Client - Command Injection 'DynoRoot' (Metasploit) remote Linux
05.06.2018 WebKit - not_number defineProperties UAF (Metasploit) remote iOS
04.06.2018 CyberArk < 10 - Memory Disclosure remote Linux
28.05.2018 CloudMe Sync < 1.11.0 - Buffer Overflow (SEH) (DEP Bypass) remote Windows_x86-64
27.05.2018 Bitmain Antminer D3/L3+/S9 - Remote Command Execution remote Hardware
25.05.2018 D-Link DSL-2750B - OS Command Injection (Metasploit) remote Hardware
18.05.2018 HPE iMC 7.3 - Remote Code Execution (Metasploit) remote Windows
17.05.2018 Nanopool Claymore Dual Miner 7.3 - Remote Code Execution remote Windows
17.05.2018 Jenkins CLI - HTTP Java Deserialization (Metasploit) remote Linux
17.05.2018 Apache Struts 2 - Struts 1 Plugin Showcase OGNL Code Execution (Metasploit) remote Multiple
16.05.2018 Inteno IOPSYS 2.0 < 4.2.0 - 'p910nd' Remote Command Execution remote Hardware
13.05.2018 Microsoft Windows 2003 SP2 - 'RRAS' SMB Remote Code Execution remote Windows
10.05.2018 Mantis Bug Tracker 1.1.3 - 'manage_proj_page' PHP Code Execution (Metasploit) remote PHP
08.05.2018 FTPShell Client 6.7 - Buffer Overflow remote Windows
08.05.2018 Palo Alto Networks - 'readSessionVarsFromFile()' Session Corruption (Metasploit) remote Unix
08.05.2018 PlaySMS - 'import.php' (Authenticated) CSV File Upload Code Execution (Metasploit) remote PHP
08.05.2018 PlaySMS 1.4 - 'sendfromfile.php?Filename' (Authenticated) 'Code Execution (Metasploit) remote PHP
04.05.2018 Google Chrome V8 - Object Allocation Size Integer Overflow remote Multiple
03.05.2018 GPON Routers - Authentication Bypass / Command Injection remote Hardware
02.05.2018 xdebug < 2.5.5 - OS Command Execution (Metasploit) remote PHP
02.05.2018 Metasploit Framework - 'msfd' Remote Code Execution (via Browser) (Metasploit) remote Ruby
02.05.2018 Metasploit Framework - 'msfd' Remote Code Execution (Metasploit) remote Ruby
02.05.2018 Exim < 4.90.1 - 'base64d' Remote Code Execution remote Linux
02.05.2018 Norton Core Secure WiFi Router - 'BLE' Command Injection (PoC) remote Hardware
02.05.2018 TBK DVR4104 / DVR4216 - Credentials Leak remote Hardware
02.05.2018 Call of Duty Modern Warefare 2 - Buffer Overflow remote Windows
24.04.2018 Easy File Sharing Web Server 7.2 - 'UserID' Remote Buffer Overflow (DEP Bypass) remote Windows
24.04.2018 ASUS infosvr - Authentication Bypass Command Execution (Metasploit) remote Hardware
22.04.2018 Oracle Weblogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.2 / 12.2.1.3 - Deserialization Remote Command Execution remote Multiple
18.04.2018 Easy File Sharing Web Server 7.2 - Stack Buffer Overflow remote Windows
17.04.2018 D-Link DIR-615 Wireless Router - Persistent Cross Site Scripting remote Hardware
17.04.2018 Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (Metasploit) remote PHP
13.04.2018 Microsoft Credential Security Support Provider - Remote Code Execution remote Windows
06.04.2018 Adobe Flash < 28.0.0.161 - Use-After-Free remote Multiple
06.04.2018 LineageOS 14.1 Blueborne - Remote Code Execution remote Android
30.03.2018 Advantech WebAccess < 8.1 - webvrpcs DrawSrv.dll Path BwBuildPath Stack-Based Buffer Overflow remote Windows
29.03.2018 GitStack - Unsanitized Argument Remote Code Execution (Metasploit) remote Windows
29.03.2018 Exodus Wallet (ElectronJS Framework) - Remote Code Execution (Metasploit) remote Windows
28.03.2018 TeamCity < 9.0.2 - Disabled Registration Bypass remote Multiple
27.03.2018 TestLink Open Source Test Management < 1.9.16 - Remote Code Execution (PoC) remote Linux
26.03.2018 Acrolinx Server < 5.2.5 - Directory Traversal remote Windows
20.03.2018 OpenSSH < 6.6 SFTP - Command Execution remote Linux
16.03.2018 Firefox 46.0.1 - ASM.JS JIT-Spray Remote Code Execution remote Windows
16.03.2018 Firefox 44.0.2 - ASM.JS JIT-Spray Remote Code Execution remote Windows
16.03.2018 Unitrends UEB 10.0 - Root Remote Code Execution remote Linux
15.03.2018 MikroTik RouterOS < 6.41.3/6.42rc27 - SMB Buffer Overflow remote Hardware
14.03.2018 SAP NetWeaver AS JAVA CRM - Log injection Remote Command Execution remote Windows
12.03.2018 DEWESoft X3 SP1 (64-bit) - Remote Command Execution remote Windows
12.03.2018 Eclipse Equinoxe OSGi Console - Command Execution (Metasploit) remote Multiple
12.03.2018 MikroTik RouterOS < 6.38.4 (MIPSBE) - 'Chimay Red' Stack Clash Remote Code Execution remote Hardware
12.03.2018 MikroTik RouterOS < 6.38.4 (x86) - 'Chimay Red' Stack Clash Remote Code Execution remote Hardware
05.03.2018 NETGEAR - 'TelnetEnable' Magic Packet (Metasploit) remote Hardware
02.03.2018 TestLink Open Source Test Management < 1.9.16 - Remote Code Execution remote PHP
27.02.2018 GetGo Download Manager 5.3.0.2712 - Buffer Overflow (SEH) remote Windows
27.02.2018 Sony Playstation 4 (PS4) 4.55 - 'Jailbreak' 'setAttributeNodeNS' WebKit 5.02 / 'bpf' Kernel Loader 4.55 remote Hardware
26.02.2018 Disk Savvy Enterprise 10.4.18 - Stack-Based Buffer Overflow (Metasploit) remote Windows
26.02.2018 CloudMe Sync 1.10.9 - Stack-Based Buffer Overflow (Metasploit) remote Windows
26.02.2018 AsusWRT LAN - Remote Code Execution (Metasploit) remote Hardware
25.02.2018 Papenmeier WiFi Baby Monitor Free & Lite < 2.02.2 - Remote Audio Record remote Android
21.02.2018 EChat Server 3.1 - 'CHAT.ghp' Buffer Overflow remote Windows
21.02.2018 Disk Savvy Enterprise 10.4.18 - Buffer Overflow (SEH) remote Windows
21.02.2018 Disk Pulse Enterprise 10.4.18 - 'Import Command' Buffer Overflow (SEH) remote Windows
20.02.2018 μTorrent (uTorrent) Classic/Web - JSON-RPC Remote Code Execution / Information Disclosure remote Multiple
14.02.2018 Tenda AC15 Router - Remote Code Execution remote Hardware
13.02.2018 CloudMe Sync < 1.11.0 - Buffer Overflow remote Windows
13.02.2018 Advantech WebAccess 8.3.0 - Remote Code Execution remote Windows
10.02.2018 LibreOffice < 6.0.1 - '=WEBSERVICE' Remote Arbitrary File Disclosure remote Linux
07.02.2018 Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code Execution remote Windows
05.02.2018 Microsoft Windows - 'EternalRomance'/'EternalSynergy'/'EternalChampion' SMB Remote Code Execution (Metasploit) (MS17-010) remote Windows
05.02.2018 HPE iLO 4 < 2.53 - Add New Administrator User remote Multiple
01.02.2018 Sync Breeze Enterprise 10.4.18 - Remote Buffer Overflow (SEH) remote Windows
01.02.2018 BMC Server Automation RSCD Agent - NSH Remote Command Execution (Metasploit) remote Multiple
01.02.2018 Geovision Inc. IP Camera/Video/Access Control - Multiple Remote Command Execution / Stack Overflow / Double Free / Unauthorized Access remote Hardware
01.02.2018 Geovision Inc. IP Camera & Video - Remote Command Execution remote Hardware
30.01.2018 HPE iMC 7.3 - RMI Java Deserialization remote Windows
29.01.2018 Oracle WebLogic - wls-wsat Component Deserialization Remote Code Execution (Metasploit) remote Multiple
28.01.2018 Werkzeug - 'Debug Shell' Command Execution remote Multiple
28.01.2018 Trend Micro Threat Discovery Appliance 2.6.1062r1 - 'dlp_policy_upload.cgi' Remote Code Execution remote Linux
26.01.2018 BMC BladeLogic 8.3.00.64 - Remote Command Execution remote Multiple
25.01.2018 Exodus Wallet (ElectronJS Framework) - Remote Code Execution remote Windows
24.01.2018 RAVPower 2.000.056 - Root Remote Code Execution remote Hardware
24.01.2018 Kaltura - Remote PHP Code Execution over Cookie (Metasploit) remote PHP
24.01.2018 GoAhead Web Server 2.5 < 3.6.5 - HTTPd 'LD_PRELOAD' Arbitrary Module Load (Metasploit) remote Multiple
22.01.2018 AsusWRT Router < 3.0.0.4.380.7743 - LAN Remote Code Execution remote Hardware
22.01.2018 Herospeed - 'TelnetSwitch' Remote Stack Overflow / Overwrite Password / Enable TelnetD remote Hardware
17.01.2018 Master IP CAM 01 - Multiple Vulnerabilities remote Hardware
15.01.2018 SysGauge Server 3.6.18 - Remote Buffer Overflow remote Windows
15.01.2018 Disk Pulse Enterprise 10.1.18 - Remote Buffer Overflow remote Windows
15.01.2018 Synology Photo Station 6.8.2-3461 - 'SYNOPHOTO_Flickr_MultiUpload' Race Condition File Write Remote Code Execution remote Hardware
11.01.2018 Seagate Personal Cloud - Multiple Vulnerabilities remote Hardware
11.01.2018 Transmission - RPC DNS Rebinding remote Multiple
11.01.2018 LabF nfsAxe 3.7 FTP Client - Stack Buffer Overflow (Metasploit) remote Windows
11.01.2018 phpCollab 2.5.1 - File Upload (Metasploit) remote PHP
11.01.2018 ALLMediaServer 0.95 - Remote Buffer Overflow remote Windows
10.01.2018 DiskBoss Enterprise 8.8.16 - Remote Buffer Overflow remote Windows
10.01.2018 HPE iMC - dbman 'RestoreDBase' Remote Command Execution (Metasploit) remote Windows
10.01.2018 HPE iMC - dbman 'RestartDB' Remote Command Execution (Metasploit) remote Windows
09.01.2018 Commvault Communications Service (cvd) - Command Injection (Metasploit) remote Windows
05.01.2018 Ayukov NFTP FTP Client 2.0 - Remote Buffer Overflow (Metasploit) remote Windows
05.01.2018 Cisco IOS - Remote Code Execution remote Hardware
04.01.2018 Linksys WVBR0-25 - User-Agent Command Execution (Metasploit) remote Hardware
04.01.2018 Xplico - Remote Code Execution (Metasploit) remote Linux
03.01.2018 D-Link DNS-320 ShareCenter < 1.06 - Backdoor Access remote Hardware
03.01.2018 WDMyCloud < 2.30.165 - Multiple Vulnerabilities remote Hardware
03.01.2018 Oracle WebLogic < 10.3.6 - 'wls-wsat' Component Deserialisation Remote Command Execution remote Multiple
01.01.2018 HP Mercury LoadRunner Agent magentproc.exe - Remote Command Execution (Metasploit) remote Windows
01.01.2018 Cambium ePMP1000 - 'ping' Shell via Command Injection (Metasploit) remote Unix
01.01.2018 Cambium ePMP1000 - 'get_chart' Shell via Command Injection (Metasploit) remote CGI