Exploit Database 1

Exploit Database 1

Exploit Database - Úvod 1 2 3 4 5

Poslední aktualizace v 06.07.2017 15:16:03

Easy CD-DA Recorder Buffer Overflow Exploit (SEH)

Easy CD-DA Recorder PLS Buffer Overflow

Easy File Management Web Server 5.3 - Stack Buffer Overflow

Easy File Management Web Server 5.6 - USERID Remote Buffer Overflow

Easy File Management Web Server Stack Buffer Overflow

Easy File Management Web Server v5.3 - UserID Remote Buffer Overflow (ROP)

Easy File Sharing FTP Server 3.5 - Stack Buffer Overflow

Easy File Sharing HTTP Server 7.2 SEH Overflow

Easy File Sharing Web Server 6.9 - USERID Remote Buffer Overflow

Easy File Sharing Web Server 7.2 - GET HTTP Request SEH Buffer Overflow

Easy File Sharing Web Server 7.2 - HEAD HTTP Request SEH Buffer Overflow

Easy File Sharing Web Server 7.2 - Remote SEH Buffer Overflow (DEP Bypass with ROP)

Easy File Sharing Webserver <= 6.8 - Persistent XSS

Easy LAN Folder Share Version 3.2.0.100 - Buffer Overflow Vulnerability

Easy POS System - SQL Injection (login.php)

EasyCafe Server <= 2.2.14 Remote File Read

EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery / Remote Command Execution

EasyPHP Devserver 16.1.1 - Insecure File Permissions Privilege Escalation

Eaton Network Shutdown Module <= 3.21 - Remote PHP Code Injection

eBay Magento <= 1.9.2.1 - PHP FPM XML eXternal Entity Injection

eBay Magento CE <= 1.9.2.1 - Unrestricted Cron Script (Potential Code Execution / DoS)

eCan v0.1 => Local File Disclosure Vulnerability

EC-CUBE 2.12.6 - Server-Side Request Forgery

eClinicalWorks (CCMR) - Multiple Vulnerabilities

ecoCMS admin.php (amature version) Cross-Site-Scripting

ECommerceMajor - (productdtl.php, prodid param) SQL Injection Vulnerability

ECommerce-Multi-Vendor Software - Arbitrary File Upload

ECommerce-TIBSECART - Arbitrary File Upload

E-Detective Lawful Interception System - Multiple Vulnerabilities

Edimax BR6228nS/BR6228nC - Multiple Vulnerabilities

Edimax EW-7206-APg and EW-7209APg - Multiple Vulnerabilities

Edimax PS-1206MF - Web Admin Auth Bypass

EditMe CMS - Cross-Site Request Forgery (Add New Admin)

Edraw Office Viewer Component V7.4 ActiveX Stack Buffer Overflow

eFront 3.6.14.4 (surname param) - Persistent XSS Vulnerability

eFront v3.6.14 (build 18012) - Stored XSS in Multiple Parameters

EGallery PHP File Upload Vulnerability

EggAvatar 2.3.2 for vBulletin 3.8.x Local File Read

EggAvatar for vBulletin 3.8.x SQL Injection Vulnerability

eggBlog 4.1.2 - Arbitrary File Upload Vulnerability

EKG Gadu 1.9~pre+r2855-3+b1 - Local Buffer Overflow

Ektron CMS 8.5.0 Multiple Vulnerabilities

Ektron CMS 9.10 SP1 (Build 9.1.0.184.1.114) - CSRF Vulnerability

Elantech-Smart Pad 11.9.0.0 - Unquoted Service Path Privilege Escalation

ElasticSearch 1.6.0 - Arbitrary File Download

ElasticSearch Dynamic Script Arbitrary Java Execution

Elastix < 2.5 , PHP Code Injection Exploit

Elastix 2.2.0 LFI Exploit

Elcom CMS 7.4.10 Community Manager Insecure File Upload

eLearning Server 4G Multiple Remote Vulnerabilities

Elecard AVC_HD/MPEG Player 5.7 Buffer Overflow

Elecard MPEG Player 5.7 Local Buffer Overflow PoC (SEH)

Elemata CMS RC3.0 (global.php, id param) - SQL Injection

Elipse E3 HTTP Denial of Service

elproLOG MONITOR WebAccess 2.1 - Multiple Vulnerabilities

eM Client e-mail client v5.0.18025.0 Stored XSS vulnerability

E-Mail Security Virtual Appliance (ESVA) Remote Execution

E-Mail Security Virtual Appliance learn-msg.cgi Command Injection

EmailArchitect Enterprise Email Server 10.0 Stored XSS

EMC AlphaStor Device Manager Opcode 0x75 Command Injection

EMC Cloud Tiering Appliance v10.0 Unauthenticated XXE Arbitrary File Read

EMC Data Protection Advisor DPA Illuminator - EJBInvokerServlet RCE

EMC IRM License Server DoS Server 4.6.1.1995

EMC NetWorker <= 7.6 sp3 Denial of Service

EMC Networker Format String

EMC ViPR SRM - Cross-Site Request Forgery

Enable Media Replace WordPress Plugin Multiple Vulnerabilities

Enalean Tuleap 7.2 - XXE File Disclosure

Enalean Tuleap 7.4.99.5 - Blind SQL Injection

Enalean Tuleap 7.4.99.5 - Remote Command Execution

Encaps PHP Gallery SQL Injection

encoded 64 bit execve shellcode

Endeca Latitude 2.2.2 - CSRF Vulnerability

Endian Firewall Proxy Password Change Command Injection

Endian UTM Firewall v2.4.x & v2.5.0 - Multiple Web Vulnerabilities

Endpoint Protector v4.0.4.0 Multiple Vulnerabilities

EntryPass N5200 - Credentials Exposure

ePhoto Transfer v1.2.1 iOS - Multiple Vulnerabilities

Epicor Enterprise 7.4 - Multiple Vulnerabilities

Epson EventManager <= 2.50 Denial of Service

Ericom AccessNow Server Buffer Overflow

ERS Viewer 2011 ERS File Handling Buffer Overflow

ES Job Search Engine v3.0 SQL Injection Vulnerability

ESCON SupportPortal Pro 3.0 Stored XSS

Escort Agency CMS Blind SQL Injection Vunerability

Escort Directory CMS SQL Injection Vunerability

Escort und Begleitservice Agentur Script SQL Injection Vunerability

ESRI ArcGIS 10.0.X / ArcMap 9 Arbitrary Code Execution

Esselbach Storyteller CMS System Version 1.8 SQL Injection Vulnerability

e-ticketing' SQL Injection (CVE-2012-1673)

'e-ticketing' SQL Injection (CVE-2012-1673)

Ettercap 0.8.0-0.8.1 - Multiple Denial of Service Vulnerabilities

Event Script PHP v1.1 CMS Multiple Vulnerabilities

Eventum Issue Tracking System 2.3.1 stored XSS

Eventy CMS v1.8 Plus Multiple Vulnerabilities

Eventy Online Scheduler 1.8 - Multiple Vulnerabilities

Evince PDF Reader - 2.32.0.145 (Windows) and 3.4.0 (Linux) - Denial Of Service

Exagate WEBPack Management System - Multiple Vulnerabilities

Exim "perl_startup" Privilege Escalation

Exim < 4.86.2 - Local Root Privilege Escalation

exim <= 4.84-3 - Local Root Exploit

Exim sender_address Parameter - RCE Exploit

Exper EWM-01 ADSL/MODEM - Unauthenticated DNS Change

eXPert PDF Reader 4.0 NULL Pointer Dereference and Heap Corruption

Exploit: NCMedia Sound Editor Pro v7.5.1 SEH&DEP

Exponent CMS 2.2.0 beta 3 - Multiple Vulnerabilities

Exponent CMS 2.3.1 - Multiple XSS Vulnerabilities

Exponent CMS 2.3.9 - Blind SQL Injection

ExponentCMS 2.0.5 Multiple Vulnerabilities

Express Zip <= 2.40 - Path Traversal

eXtplorer 2.1.9 - Archive Path Traversal

eXtplorer v2.1 Arbitrary File Upload Vulnerability

EyeLock Myris 3.3.2 - SDK Service Unquoted Service Path Privilege Escalation

EyeLock nano NXT 3.5 - Local File Disclosure

EyeLock nano NXT 3.5 - Remote Root Exploit

EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities

EZHomeTech EzServer <= 6.4.017 Stack Buffer Overflow Vulnerability

EzPub Simple Classic ASP CMS SQL Injection Vulnerability

Ezylog Photovoltaic Management Server Multiple Vulnerabilities

F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - File Path Traversal Vulnerability

F5 BIG-IP Remote Root Authentication Bypass Vulnerability

F5 iControl iCall::Script Root Command Execution

F5 iControl Remote Root Command Execution

Fake Webcam v 6.1 Local Crash PoC

Family CMS 2.9 and earlier multiple Vulnerabilities

Family Connections CMS 2.3.2 (POST) Stored XSS And XPath Injection

FAROL - SQL Injection Vulnerability

FBZX 2.10 - Local Stack-Based Buffer Overflow

FCKEditor ASP Version 2.6.8 File Upload Protection Bypass

Feng Office - Stored XSS

Feng Office 1.7.4 - Arbitrary File Upload

Feng Office 1.7.4 - Cross Site Scripting Vulnerabilities

FENIX 0.92 - Buffer Overflow

FHFS - FTP/HTTP File Server 2.1.2 Remote Command Execution

File Hub 1.9.1 iOS - Multiple Vulnerabilities

File Lite 3.3 & 3.5 PRO iOS - Multiple Vulnerabilities

File Manager 4.2.10 iOS - Code Execution Vulnerability

File Replication Pro <= 7.2.0 - Multiple Vulnerabilities

FileBound 6.2 Privilege Escalation Vulnerability

Filemaker Pro 13.03 & Advanced 12.04 - Login Bypass and Privilege Escalation

Filer Lite v2.1.0 for iPhone / iPod touch, Directory Traversal

Files Desk Pro v1.4 iOS - Local File Inclusion

Filezilla 3.11.0.2 - SFTP Module Denial of Service Vulnerability

FileZilla FTP Client 3.17.0.0 - Unquoted Path Privilege Escalation

FingerTec Fingerprint Reader - Remote Access and Remote Enrollment

FireEye - Privilege Escalation to root from Malware Input Processor (uid=mip)

FireEye Appliance Unauthorized File Disclosure

FireEye Wormable Remote Code Execution in MIP JAR Analysis

Firefox < 39.03 - pdf.js Same Origin Policy Exploit

Firefox 7/8 (<= 8.0.1) nsSVGValue Out-of-Bounds Access Vulnerability

Firefox 8/9 AttributeChildRemoved() Use-After-Free

Firefox onreadystatechange Event DocumentViewerImpl Use After Free

Firefox PDF.js Privileged Javascript Injection

Firefox toString console.time Privileged Javascript Injection

Firefox WebIDL Privileged Javascript Injection

Firefox XMLSerializer Use After Free

Firejail - Privilege Escalation

Fitbit Connect Service - Unquoted Service Path Privilege Escalation

FiverrScript CSRF Vulnerability (Add New Admin)

FL Studio 10 Producer Edition SEH Based Buffer Overflow PoC

Flash AS2 Use After Free in DisplacementMapFilter.mapBitmap

Flash AS2 Use After Free in TextField.filters

Flash AS2 Use After Free While Setting TextField.filters

Flash AVSS.setSubscribedTags Use After Free Memory Corruption

Flash Boundless Tunes - Universal SOP Bypass Through ActionSctipt's Sound Object

Flash Broker-Based Sandbox Escape via Forward Slash Instead of Backslash

Flash Broker-Based Sandbox Escape via Timing Attack Against File Moving

Flash Broker-Based Sandbox Escape via Unexpected Directory Lock

Flash Issues in DefineBitsLossless and DefineBitsLossless2 Leads to Using Uninitialized Memory

Flash JIT – Spraying info leak gadgets

Flash PCRE Regex Compilation Zero-Length Assertion Arbitrary Bytecode Execution

Flash Player Integer Overflow in Function.apply

Flash Uninitialized Stack Variable MPD Parsing Memory Corruption

Flash Use-After-Free in Display List Handling

Flash Use-After-Free in NetConnection.connect

Flash Use-After-Free with MovieClip.scrollRect in AS2

FlashFXP v4.1.8.1701 - Buffer Overflow Vulnerability

FlashChat - Arbitrary File Upload Vulnerability

Flatpress 1.0 - Remote Code Execution

FlexNet License Server Manager lmgrd Buffer Overflow

FlexNet License Server Manager Stack Overflow In lmgrd

Flussonic Media Server 4.1.25 - 4.3.3 - Aribtrary File Disclosure

Flux Player v3.1.0 iOS - Multiple Vulnerabilities

FMyLife Clone Script (Pro Edition) 1.1 - Cross-Site Request Forgery (Add Admin)

Foe CMS 1.6.5 - Multiple Vulnerabilities

Folder Plus 2.5.1 iOS - Persistent XSS Vulnerability

foobar2000 1.3.9 - (.asx) Local Crash PoC

foobar2000 1.3.9 - (.pls; .m3u; .m3u8) Local Crash PoC

Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection

Foreman (Red Hat OpenStack/Satellite) users/create Mass Assignment

ForkCMS 3.2.5 Multiple Vulnerabilities

FormatFactory v3.0.1 Profile File Handling Buffer Overflow

FortiAnalyzer 5.0.4 - CSRF Vulnerability

FortiClient SSLVPN 5.4 - Credentials Disclosure

Fortigate Firewalls - Remote Code Execution (EGREGIOUSBLUNDER)

FortiGate OS Version 4.x - 5.0.7 - SSH Backdoor

Fortigate UTM WAF Appliance Multiple Vulnerabilities

FortiManager 5.2.2 - Persistent XSS Vulnerabilities

Fortinet FortiMail 400 IBE Multiple Vulnerabilities

FortKnox Personal Firewall 9.0.305.0 & 10.0.305.0 - Kernel Driver (fortknoxfw.sys) Memory Corruption Vulnerability

Forum Oxalis <= 0.1.2 SQL Injection Vulnerability

FOSCAM IP-Cameras Improper Access Restrictions

Foxit Cloud Update Service - Unquoted Service Path Privilege Escalation

Foxit PDF Reader 4.2 Javascript File Write

Foxit Reader - PNG Conversion Parsing tEXt Chunk Arbitrary Code Execution

Foxit Reader <= 7.2.8.1124 - PDF Parsing Memory Corruption

Foxit Reader 3.0 Open Execute Action Stack Based Buffer Overflow

Foxit Reader 5.4.3.0920 Crash PoC

Foxit Reader Plugin URL Processing Buffer Overflow

FoxPlayer v2.9.0 Denial of Service Vulnerability

Franklin Fueling TS-550 evo 2.0.0.6833 - Multiple Vulnerabilities

Free Hosting Manager V2.0.2 Multiple SQLi

Free Monthly Websites v2.0 Multiple Vulnerabilities

Free Realty v3.1-0.6 Multiple Vulnerabilities

Free Screen To Video V1.2 DLL Hijacking Exploit (iacenc.dll)

Free WMA MP3 Converter 1.8 (.wav) - Buffer Overflow

FreeBSD <= 5.4-RELEASE ftpd (Version 6.00LS) sendfile kernel mem-leak Exploit

FreeBSD <= 6.4 Netgraph Local Privledge Escalation Exploit

FreeBSD 9.1 ftpd Remote Denial of Service

FreeBSD Kernel Multiple Vulnerabilities

FreeBSD SCTP ICMPv6 Error Processing Vulnerability

FreeDisk v1.01 iOS - Multiple Vulnerabilities

Freefloat FTP Server 1.0 - 'DIR' Command Buffer Overflow

Freefloat FTP Server 1.0 - 'SITE ZONE' Command Buffer Overflow

freeFTPd 1.0.10 (PASS Command) - SEH Buffer Overflow

freeFTPd 1.0.10 PASS Command SEH Overflow (msf)

freeFTPd 1.0.8 - 'mkd' Command Denial Of Service

freeFTPd PASS Command Buffer Overflow

FreeFTPD Remote Authentication Bypass Zeroday Exploit

FreePBX < 13.0.188 - Remote Command Execution (Metasploit)

Freepbx < 2.11.1.5 - Remote Code Execution

FreePBX 10.13.66 - Remote Command Execution / Privilege Escalation

FreePBX 13 / 14 - Remote Code Execution

FreePBX 13.0.35 - Remote Command Execution

FreePBX 13.0.35 - SQL Injection

Freepbx 13.0.x < 13.0.154 - Remote Command Execution

Freeproxy Internet Suite 4.10 - Denial of Service

Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities

Freesshd Authentication Bypass

FreeSSHD Remote Authentication Bypass Zeroday Exploit

FreeType 2.6.1 TrueType tt_cmap14_validate Parsing Heap-Based Out-of-Bounds Reads

FreeType 2.6.1 TrueType tt_sbit_decoder_load_bit_aligned Heap-Based Out-of-Bounds Read

FreiChat 9.6 - SQL Injection

FreshFTP 5.52 - .qfl Crash PoC

Friends in War Make or Break 1.7 - 'imgid' Parameter SQL Injection

Friends in War Make or Break v1.3 SQL Injection (authbypass) Vulnerability

friendsinwar FAQ Manager (view_faq.php, question param) SQL Injection Vulnerability

friendsinwar FAQ Manager SQL Injection (authbypass) Vulnerability

Fritz!Box Webcm Unauthenticated Command Injection

Froxlor Server Management Panel 0.9.33.1 - MySQL Login Information Disclosure

FTGate 2009 Build 6.4.00 - Multiple Vulnerabilities

FTGate 7 - CSRF Vulnerabilities

FTP Commander 8.02 - SEH Overwrite

FTP Sprite v1.2.1 iOS - Persistent XSS Vulnerability

FtpDisc v1.0 for iPhone / iPod touch, Directory Traversal

FTPShell Client 5.24 - (Create NewFolder) Local Buffer Overflow

FTPShell Client 5.24 - Buffer Overflow

FTPShell Client 5.24 - 'PWD' Remote Buffer Overflow

FTPShell Server 6.36 - '.csv' Local Denial of Service

FUDforum 3.0.6 - Cross-Site Scripting / Cross-Site Request Forgery

FUDforum 3.0.6 - Local File Inclusion

Full Player 8.2.1 - Memory Corruption PoC

Fuzzing: An introduction to Sulley Framework

Galette (picture.php) SQL Injection Vulnerability

Galilery 1.0 Local File Inclusion Vulnerability

GAME ENGINES: A 0-DAY’S TALE

Ganesha Digital Library 4.0 Multiple Vulnerabilities

Ganeti - Multiple Vulnerabilities

Ganglia Web Frontend < 3.5.1 - PHP Code Execution

GAzie 5.10 (Login parameter) Multiple Remote Vulnerabilities

GAzie 5.10 (Login parameter) Multiple Vulnerabilities

GDL 4.2 - Multiple Vulnerabilities

GE Industrial Solutions UPS SNMP Adapter < 4.8 - Multiple Vulnerabilities

GE Proficy CIMPLICITY gefebt.exe Remote Code Execution

Gemtek CPE7000 - WLTCS-106 Administrator SID Retriever (MSF)

Gemtek CPE7000 - WLTCS-106 sysconf.cgi Unauthenticated Remote Command Execution (MSF)

Gentoo Local Priv Escalation in QEMU

GENU CMS 2012.3 - Multiple SQL Injection Vulnerabilities

GENU CMS SQL Injection Vulnerability

GeoCore MAX DB Ver. 7.3.3 - Time-Based Blind Injection

Geomi CMS SQL Injection Vulnerability

GeoVision (GeoHttpServer) Webcams Remote File Disclosure Exploit

GestioIP Remote Command Execution

GetGo Download Manager 4.9.0.1982 - HTTP Response Header Buffer Overflow Remote Code Execution

GetSimpleCMS 3.2.1 Arbitrary File Upload Vulnerability

GigPress 2.1.10 Wordpress Plugin Stored XSS Vulnerability

GIMP 2.6 script-fu < 2.8.0 Buffer Overflow Vulnerability

GIMP scriptfu Server Buffer Overflow

Git-1.9.5 ssh-agent.exe Buffer Overflow

GitLab - 'impersonate' Feature Privilege Escalation

Gitlab-shell Code Execution

Gitlist <= 0.4.0 - Remote Code Execution

Gitlist Unauthenticated Remote Command Execution

Gitorious Arbitrary Command Execution

Gkplugins Picasaweb - Download File

Gleamtech FileVista/FileUltimate 4.6 Directory Traversal

glFusion 1.3.0 (search.php, cat_id param) - SQL Injection

glFusion CMS Blind SQL injection Vulnerability

glibc - getaddrinfo Stack Based Buffer Overflow

glibc - getaddrinfo Stack-Based Buffer Overflow

glibc and eglibc 2.5, 2.7, 2.13 - Buffer Overflow Vulnerability

glibc Off-by-One NUL Byte gconv_translit_find Exploit

globalSCAPE CuteZIP Stack Buffer Overflow

Glossword 1.8.12 Multiple Vulnerabilities

Glossword 1.8.3 SQL Injection Vulnerability

GLPI 0.84.1 - Multiple Vulnerabilities

GLPI 0.85 - Blind SQL Injection

GLPI 0.85.5 - RCE Through File Upload Filter Bypass

GLPi 0.90.2 - SQL Injection

GLPI install.php Remote Command Execution

Gnew 2013.1 - Multiple Vulnerabilities

Gnome Nautilus 3.16 - Denial of Service

GNU bash 4.3.11 Environment Variable dhclient Exploit

GNU bash Environment Variable Command Injection

GNU GTypist 2.9.5-2 - Local Buffer Overflow

GNU Wget < 1.18 - Access List Bypass / Race Condition

gnuboard <= 4.34.20 XSS Vulnerability

GoAhead Web Server 3.1.x - Denial of Service

godontologico 5 - SQL Injection (0day)

Gökhan Balbal Script 2.0 - CSRF Vulnerability

GoldMP4Player 3.3 - Buffer Overflow Exploit (SEH)

GOM Audio 2.0.8 - (.gas) Crash POC

Gom Player 2.1.44.5123 (Unicode) NULL Pointer Dereference

GOMPlayer 2.2.53.5169 (.wav) - Crash POC

Gongwalker API Manager 1.1 - Blind SQL Injection

Good for Enterprise 2.2.2.1611 - XSS Vulnerability

Google AdWords <= 6.2.0 API client libraries - XML eXternal Entity Injection (XXE)

Google AdWords API PHP client library <= 6.2.0 - Arbitrary PHP Code Execution

Google Android - WifiNative::setHotlist Stack Overflow

Google Android max86902 Driver - 'sysfs' Interfaces Race Condition

Google Chrome - Renderer Process to Browser Process Privilege Escalation

Google Chrome Silent HTTP Authentication

Google Talk gtalk:// Deprecated Uri Handler Parameter Injection Vulnerability

Google to Distrust WoSign, StartCom Certs in 2017

Google to Make Certificate Transparency Mandatory By 2017

Google Unveils Cryptographic Library Test Suite Wycheproof

Goron Webserver 2.0 - Multiple Vulnerabilities

GpicView 0.2.5 - Crash PoC

GPON Home Router FTP G-93RG1 - CSRF Command Execution Vulnerability

GQ File Manager 0.2.5 - Multiple Vulnerabilities

GRAND Flash Album Gallery 0.55 Wordpress Plugin Multiple Vulnerabilities

Graphite Web Unsafe Pickle Handling

Grassroots DICOM (GDCM) 2.6.0 and 2.6.1 - ImageRegionReader::ReadIntoBuffer Buffer Overflow

Grawlix 1.0.3 - CSRF Vulnerability

GreenBrowser 6.4.0515 - Heap Overflow Vulnerability

GroundWork monarch_scan.cgi OS Command Injection

Group Office Calendar (calendar/json.php) SQL Injection

GRR Système de Gestion et de Réservations de Ressources 3.0.0-RC1 - Arbitrary File Upload

GS Foto Uebertraeger 3.0 iOS - File Include Vulnerability

GSC Client 1.00 2067 - Privilege Escalation Vulnerability

GSM SIM Editor 5.15 Buffer Overflow

GTX CMS 2013 Optima - SQL Injection

GuestBook Scripts PHP v1.5 - Multiple Vulnerabilities

Guitar Pro 6.1.1 r10791 (.gpx) Crash POC

Guitar Pro 6.1.1 r10791 (.gpx) Denial of Service Exploit

Guppy CMS 5.0.9 & 5.00.10 Authentication Bypass/Change Email

GuppY CMS 5.0.9 & 5.00.10 Multiple CSRF Vulnerabilities

GWebmail 0.7.3 XSS & LFI RCE Vulnerabilities

h5ai < 0.25.0 - Unrestricted File Upload

Hak5 WiFi Pineapple - Preconfiguration Command Injection (Metasploit)

Halliburton LogView Pro 9.7.5 - (.cgm/.tif/.tiff/.tifh) Crash PoC

Halon Security Router (SR) 3.2-winter-r1 - Multiple Security Vulnerabilities

HandyPassword 4.9.3 - SEH Over-Write Exploit

haneWIN DNS Server 1.5.3 - Denial of Service

Hanso Converter 2.4.0 - 'ogg' Buffer Overflow(DoS)

Hanso Converter v1.1.0 BufferOverflow - Denial Of Service

Hanso Player 1.4.0.0 Buffer Overflow - DoS Skinfile

HansoPlayer 3.4.0 Memory Corruption PoC

Hastymail 2.1.1 RC1 Command Injection

Hastymail2 Webmail 1.1 RC2 Stored XSS

Havalite CMS v1.0.4 Multiple Vulnerabilities

Havij Pro - Crash POC

Havij Pro - Crash POC ,Linux x86 Egg Hunter Shellcode (19 bytes)

Hawkeye-G v3.0.1.4912 CSRF Vulnerability

Hawkeye-G v3.0.1.4912 Persistent XSS & Information Leakage

HCView WriteAV Crash PoC

Heartbleed OpenSSL - Information Leak Exploit

Heartbleed OpenSSL - Information Leak Exploit (2) - DTLS Support

HelpDeskZ 1.0.2 - Unauthenticated Shell Upload

Heroes of Might and Magic III - Map Parsing Arbitrary Code Execution

Heroes of Might and Magic III .h3m Map file Buffer Overflow

Heroku Bug Bounty #2 - (API) Re Auth Session Bypass Vulnerability

Hex : Shard of Fate 1.0.1.026 - Unquoted Path Privilege Escalation

Hexamail Server <= 4.4.5 Persistent XSS Vulnerability

Hexchat IRC Client 2.11.0 - CAP LS Handling Buffer Overflow

Hexchat IRC Client 2.11.0 - Directory Traversal

Hiawatha WebServer 7.4 Denial of Service Vulnerability

Hikvision Digital Video Recorder - Cross-Site Request Forgery

Hikvision DVR RTSP Request Remote Code Execution

Hippo CMS 10.1 - Multiple Vulnerabilities

Hitron CGNV4 Modem/Router 4.3.9.9-SIP-UPC - Multiple Vulnerabilities

Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution

Hivemail Webmail Multiple Stored XSS Vulnerabilities

hMailServer 5.3.3 IMAP Remote Crash PoC

Home FTP SERVER 1.12 Directory Traversal

HomeSeer HS2 and HomeSeer PRO Multiple Vulnerabilities

Honeywell HSC Remote Deployer ActiveX Remote Code Execution

Honeywell IP-Camera HICC-1100PT - Credentials Disclosure

Honeywell IP-Camera HICC-1100PT - Local File Disclosure

Honeywell Tema Remote Installer ActiveX Remote Code Execution

Horde 3.3.12 Backdoor Arbitrary PHP Code Execution

Horde Groupware 5.2.10 - CSRF Vulnerability

Horde Groupware Web Mail Edition 5.1.2 - CSRF Vulnerability

Horde Horde_Image::factory driver Argument Local File Inclusion

Hornbill Supportworks ITSM 1.0.0 - SQL Injection Vulnerability

Horos 2.1.0 DICOM Medical Image Viewer - Denial of Service

Horos 2.1.0 Web Portal - Directory Traversal

Hotel Booking Portal' SQL Injection (CVE-2012-1672)

'Hotel Booking Portal' SQL Injection (CVE-2012-1672)

Hotel Booking Portal v0.1 Multiple Vulnerabilities

House Style 0.1.2 => readfile() Local File Disclosure Vulnerability

HP Application Lifecycle Management XGO.ocx ActiveX SetShapeNodeType() Remote Code Execution

HP AutoPass License Server File Upload

HP Client - Automation Command Injection / Remote Code Execution

HP Client Automation Command Injection

HP Data Protector 6.1 EXEC_CMD Remote Code Execution

HP Data Protector 8.10 Remote Command Execution

HP Data Protector Arbitrary Remote Command Execution

HP Data Protector Backup Client Service Directory Traversal

HP Data Protector Backup Client Service Remote Code Execution

HP Data Protector Cell Request Service Buffer Overflow

HP Data Protector Client EXEC_CMD Remote Code Execution

HP Data Protector EXEC_BAR Remote Command Execution

HP Data protector manager 8.10 remote command execution

HP Intelligent Management Center BIMS UploadServlet Directory Traversal

HP Intelligent Management Center UAM Buffer Overflow

HP LaserJet Pro P1606dn - Webadmin Password Reset

HP LoadRunner EmulationAdmin - Web Service Directory Traversal

HP LoadRunner lrFileIOService ActiveX Remote Code Execution

HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution

HP LoadRunner magentproc.exe Overflow

HP Managed Printing Administration jobAcct Remote Command Execution

HP Network Node Manager I PMD Buffer Overflow

HP NNM CGI webappmon.exe execvp Buffer Overflow

HP NNM CGI webappmon.exe OvJavaLocale Buffer Overflow

HP OpenView Network Node Manager getnnmdata.exe (ICount) CGI Buffer Overflow

HP OpenView Network Node Manager getnnmdata.exe (MaxAge) CGI Buffer Overflow

HP OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow

HP OpenView Network Node Manager ovwebsnmpsrv.exe main Buffer Overflow

HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil Buffer Overflow

HP OpenView Network Node Manager ovwebsnmpsrv.exe Unrecognized Option Buffer Overflow

HP OpenView Network Node Manager snmpviewer.exe Buffer Overflow

HP OpenView NNM nnmRptConfig nameParams Buffer Overflow

HP OpenView NNM nnmRptConfig.exe schdParams Buffer Overflow

HP OpenView Performance Insight Server Backdoor Account Code Execution

HP Operations Agent Opcode coda.exe 0x34 Buffer Overflow

HP Operations Agent Remote XSS iFrame Injection

HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload

HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload

HP Release Control Authenticated XXE

HP SiteScope Remote Code Execution

HP StorageWorks P4000 Virtual SAN Appliance Command Execution

HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow

HP System Management Homepage JustGetSNMPQueue Command Injection

HP TouchSmart Calendar 4.1.4245 - Insecure File Permissions Privilege Escalation

HP WebInspect <= 10.4 XML External Entity Injection

HT Editor 2.0.20 Buffer Overflow (ROP PoC)

HTCSyncManager 3.1.33.0 - Service Trusted Path Privilege Escalation

HTP Zine 5

Http File Server 2.3.x - Remote Command Execution

HTTP File Server 2.3a, 2.3b, 2.3c - Remote Command Execution

HttpCombiner ASP.NET - Remote File Disclosure Vulnerability

httpdx <= 1.5.4 Remote Heap Overflow

Huawei E5331 MiFi Mobile Hotspot 21.344.11.00.414 - Multiple Vulnerabilities

Huawei Flybox B660 - Cross-Site Request Forgery

Huawei HG630a and HG630a-50 - Default SSH Admin Password on ADSL Modems

Huawei HG866 Authentication Bypass

Huawei SNMPv3 Service - Multiple Buffer Overflow Vulnerabilities

Huawei Technologies Internet Mobile Unicode SEH Exploit

Huawei UTPS - Unquoted Service Path Privilege Escalation

HumHub 0.11.2 and 0.20.0-beta.2 - SQL Injection

Hupa Webmail 0.0.2 Stored XSS

HybridAuth install.php PHP Code Execution

Hyena Cart (index.php) SQL Injection Vulnerability

HylaFAX+ 5.2.4 - 5.5.3 - Buffer Overflow

Hyper-V - vmswitch.sys VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow

Chamilo 1.8.7 / Dokeos 1.8.6 Remote File Disclosure

Chamilo LMS - Persistent Cross Site Scripting Vulnerability

Chamilo LMS IDOR - (messageId) Delete POST Inject Vulnerability

Change CMS 3.6.8 - Multiple CSRF Vulnerabilities

Chasys Draw IES Buffer Overflow

ChatSecure IM 2.2.4 iOS - Persistent XSS Vulnerability

check_dhcp 2.0.2 (Nagios Plugins) - Arbitrary Option File Read Race Condition Exploit

Checkpoint Abra Multiple Vulnerabilities

CheckPoint/Sofaware Firewall Multiple Vulnerabilities

Cherry Music 0.35.1 - Arbitrary File Disclosure

chillyCMS 1.3.0 - Multiple Vulnerabilities

chkrootkit 0.49 - Local Root Vulnerability

Chkrootkit Local Privilege Escalation

Chrome - open-vcdiff OOB Read in Browser Process Integer Overflow

i.FTP 2.21 - Host Address / URL Field SEH Exploit

i.Hex 0.98 - Local Crash PoC

i.Mage 1.11 - Local Crash PoC

iAuto Mobile Application 2012 Multiple Vulnerabilities

iBackup 10.0.0.32 - Local Privilege Escalation

IBM 1754 GCM 1.18.0.22011 - Remote Command Execution

IBM AIX 5.3/6.1/7.1/7.2 - 'lquerylv' Privilege Escalation

IBM AIX 6.1 / 7.1 - Local root Privilege Escalation

IBM AIX 6.1.8 libodm - Arbitrary File Write

IBM AIX 6.1/7.1/7.2 - 'Bellmail' Privilege Escalation

IBM AIX 6.1/7.1/7.2.0.2 - 'lsmcode' Privilege Escalation

IBM AIX High Availability Cluster Multiprocessing (HACMP) Local Privilege Escalation 0day

IBM Algorithmics RICOS 4.5.0 - 4.7.0 - Multiple Vulnerabilities

IBM Cognos tm1admsd.exe Overflow Vulnerability

IBM Endpoint Manager - Stored XSS Vulnerability

IBM GCM16/32 1.20.0.22575 - Multiple Vulnerabilities

IBM i Access 7.1 - Buffer Overflow Code Execution

IBM Lotus Domino <= R8 Password Hash Extraction Exploit

IBM Lotus Domino LDAP Bind Request Remote Code Execution Vulnerability

IBM Personal Communications I-Series Access WorkStation 5.9 Profile

IBM Proventia Network Mail Security System 2.5 POST File Read

IBM Rational ClearQuest CQOle Remote Code Execution

IBM SPSS SamplePower C1Tab ActiveX Heap Overflow

IBM System Director Remote System Level Exploit

IBM System Storage DS Storage Manager Profiler Multiple Vulnerabilities

IBM Tivoli Monitoring 6.2.2 kbbacf1 - Privilege Escalation

IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 ActiveX RunAndUploadFile() Method Overflow

IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - _FXCLI_GetConfFileChunk Stack Buffer...

IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - _FXCLI_SetConfFileChunk Stack Buffer...

IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - Invalid Pointer Dereference

IBM WebSphere MQ File Transfer Edition Web Gateway CSRF Vulnerability

IBM WebSphere MQ File Transfer Edition Web Gateway Insufficient Access Control

iBoutique eCommerce v4.0 Multiple Web Vulnerabilites

iCAM Workstation Control 4.8.0.0 - Authentication Bypass

Iciniti Store SQL Injection - Security Advisory - SOS-12-003

IcoFX 2.5.0.0 (.ico) - Buffer Overflow Vulnerability

IconCool MP3 WAV Converter 3.00 Build 120518 - Stack Buffer Overflow Vulnerability

Iconics GENESIS32 and GENESIS64 Multiple Vulnerabilities

IconLover 5.42 - Local Buffer Overflow Exploit

Icy Phoenix 1.3.0.53a HTTP Referer stored XSS

Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload

Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload

iDev Rentals v1.0 Multiple Vulnerabilities

iDocManager v1.0.0 for iPhone / iPod touch, Directory Traversal

IE 11.0.9600.18097 COmWindowProxy::SwitchMarkup NULL PTR

IE Time Element Memory Corruption Exploit (MS11-050)

IE9, SharePoint, Lync toStaticHTML HTML Sanitizing Bypass

If-CMS 2.07 Pre-Auth Local File Inclusion 0day Exploit

i-FTP 2.20 - Buffer Overflow SEH Exploit

iFunBox Free 1.1 iOS - File Inclusion Vulnerability

IGSS 8 ODBC Server Multiple Remote Uninitialized Pointer Free DoS

IKE and AuthIP IPsec Keyring Modules Service (IKEEXT) Missing DLL

IKEView.exe Fox beta 1 - Stack Buffer Overflow

IKEView.exe R60 - .elg Local SEH Exploit

IKEView.exe R60 - Stack Buffer Overflow

Ilch CMS 2.0 - Persistent XSS Vulnerability

ImageCMS 4.0.0b Multiple Vulnerabilities

ImageMagick < 6.9.3-9 - Multiple Vulnerabilities

ImageMagick 6.8.8-4 - Local Buffer Overflow (SEH)

ImageMagick Delegate Arbitrary Command Execution

Imageview v6.0 Remote [and] Local Directory Traversal Vulnerability

ImgPals Photo Host Version 1.0 Admin Account Disactivation

Impero Education Pro - SYSTEM Remote Command Execution

Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities

Imperva SecureSphere Web Application Firewall MX 9.5.6 - Blind SQL Injection

ImpressCMS 1.3.5 - Multiple Vulnerabilities

ImpressCMS 1.3.9 - SQL Injection

ImpressPages CMS 3.8 - Stored XSS Vulnerability

ImpressPages CMS v3.6 manage() Function Remote Code Execution Exploit

ImpressPages CMS v3.6 Remote Arbitrary File Deletion Vulnerability

Incredible PBX 2.0.6.5.0 - Remote Command Execution

Indeed Job Search 2.5 iOS API - Multiple Vulnerabilities

Independent Escort CMS Blind SQL Injection Vunerability

Indusoft Thin Client 7.1 ActiveX - Buffer Overflow

InduSoft Web Studio Arbitrary Upload Remote Code Execution

Industrial Secure Routers EDR-810 / EDR-G902 / EDR-G903 - Insecure Configuration...

Inferno vBShout <= 2.5.2 SQL Injection

In-Flight Entertainment System Flaws Put Passenger Data at Risk

Infoblox 6.8.2.11 - OS Command Injection

Infor CRM 8.2.0.1136 - Multiple HTML Script Injection Vulnerabilities

iniNet SpiderControl PLC Editor Simatic 6.30.04 - Insecure File Permissions

iniNet SpiderControl SCADA Web Server Service 2.02 - Insecure File Permissions

Inmatrix Ltd. Zoom Player 8.5 Crafted JPEG File Exploit

Innovaphone PBX Admin-GUI - CSRF Vulnerability

Inout Mobile Webmail APP Persistent XSS Vulnerability

Insecure management of login credentials in PicsArt Photo Studio for Android [STIC-2014-0426] 2014-11-06

Insecure NAS Device Exposes 350 Ameriprise Investment Accounts

InsOnSrv Asus InstantOn 2.3.1.1 - Unquoted Service Path Privilege Escalation

InstantCoder 1.0 iOS - Multiple Vulnerabilities

Integrated CMS - SQL Injection

Intel(R) Management Engine Components 8.0.1.1399 - Unquoted Service Path Privilege...

Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed 15.1.0.0096 - Unquoted...

Intel(R) PROSet/Wireless WiFi Software 15.01.1000.0927 - Unquoted Service Path...

INTELLINET IP Camera INT-L100M20N - Unauthorized admin Credential Change

Inteno DG301 - Command Injection

Inteno EG101R1 VoIP Router - Unauthenticated DNS Change

Interactive Graphical SCADA System Remote Command Injection

Internet Download Accelerator 6.10.1.1527 - FTP Buffer Overflow (SEH)

Internet Download Manager - (.ief) Crash PoC

Internet Download Manager - (Find Download) Crash PoC

Internet Download Manager - OLE Automation Array Remote Code Execution

Internet Download Manager 6.25 Build 14 - 'Find file' Unicode SEH Exploit

Internet Explorer - MSHTML!CMultiReadStreamLifetimeManager::ReleaseThreadStateInternal Read AV

Internet Explorer - MSHTML!CSVGHelpers::SetAttributeStringAndPointer Use-After-Free (MS16-023)

Internet Explorer - Read AV in MSHTML!Layout::LayoutBuilderDivider::BuildPageLayout (MS16-023)

Internet Explorer < 11 - OLE Automation Array Remote Code Execution

Internet Explorer < 11 - OLE Automation Array Remote Code Execution (MSF)

Internet Explorer 10 & Adobe Flash Player (12.0.0.70, 12.0.0.77) - CMarkup Use-After-Free

Internet Explorer 11 - MSHTML!CMarkupPointer::UnEmbed Use After Free

Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 4.1.X Bypass

Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.0 Bypass (MS12-037)

Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.1 Bypass (MS12-037)

Internet Explorer 8 Fixed Col Span ID full ASLR & DEP bypass

Internet Explorer 8 MS14-035 Use-After-Free Exploit

Internet Explorer 9 XSS Filter Bypass

Internet Explorer 9, 10, 11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)

Internet Explorer CTreeNode::GetCascadedLang Use-After-Free Vulnerability (MS15-079)

Internet Explorer MS14-029 Memory Corruption PoC

Internet Explorer OLE Pre-IE11 - Automation Array Remote Code Execution / Powershell VirtualAlloc (MS14-064)

Internet Haut Debit Mobile PCW_MATMARV1.0.0B03 - Buffer Overflow SEH

InternetExplorer8-FixedColSpanIDFullASLR,DEP&EMET4.1.XBypass

Interspire Email Marketer v6.0.1 Multiple Vulnerabilites

Intrasrv 1.0 Buffer Overflow

Intuit QuickBooks Desktop 2007 - 2016 - Arbitrary Code Execution

Invision IP.Board <= 3.3.4 unserialize() PHP Code Execution

Invision Power Board <= 3.3.4 unserialize Regex Bypass

Invision Power Board 3.3.0 Local File Inclusion

Invision Power Services Invision Gallery 1.0.1 Multiple SQL Injection Vulnerabilities

IObit Advanced SystemCare 10.0.2 - Unquoted Service Path Privilege Escalation

IObit Malware Fighter 4.3.1 - Unquoted Service Path Privilege Escalation

iOS 10.1.1 / macOS 10.12 16A323 XNU Kernel - set_dp_control_port Lack of Locking...

iOS 10.1.x - Certificate File Memory Corruption

iOS and OS X - NECP System Control Socket Packet Parsing Kernel Code Execution Integer Overflow

iOS and OS X Kernel - Double-Delete IOHIDEventQueue::start Code Execution

iOS Kernel - AppleOscarAccelerometer Use-After-Free

iOS Kernel - AppleOscarCMA Use-After-Free

iOS Kernel - AppleOscarCompass Use-After-Free

iOS Kernel - AppleOscarGyro Use-After-Free

iOS Kernel - IOHIDEventService Use-After-Free

iOS Kernel - IOReportHub Use-After-Free

iOS/OS X - Multiple Kernel Uninitialized Variable Bugs Leading to Code Execution

iOS/OS X - Unsandboxable Kernel Code Exection Due to iokit Double Release in IOKit

IP Board 3.x - CSRF Token hjiacking

IP.Gallery 4.2.x and 5.0.x Persistent XSS Vulnerability

IPB (Invision Power Board) all versions (1.x? / 2.x / 3.x) - Admin Account Takeover

Iperius Remote 1.7.0 - Unquoted Service Path Privilege Escalation

IPFire < 2.19 Core Update 101 - Remote Command Execution

iPhone Folders 2.5 Directory Traversal

iPhone Guitar Directory Traversal

iPhone iFile 2.0 Directory Traversal

iPhone ishred 1.93 Directory Traversal

iPhone MyDocs 2.7 Directory Traversal

iPhone PDF Reader Pro 2.3 Directory Traversal

iPod Touch/iPhone iFileExplorer Free Directory Traversal

Ipswitch IMail 11.01 - XSS Vulnerability

Ipswitch WhatsUp Gold 15.02 Stored XSS - Blind SQLi - RCE

IPUX CL5452/CL5132 IP Camera - (UltraSVCamX.ocx) ActiveX Stack Buffer Overflow

IPUX CS7522/CS2330/CS2030 IP Camera - (UltraHVCamX.ocx) ActiveX Stack Buffer Overflow

IPUX Cube Type CS303C IP Camera - (UltraMJCamX.ocx) ActiveX Stack Buffer Overflow

IrfanView 4.33 DJVU Image Processing Heap Overflow

IrfanView 4.33 Format PlugIn ECW Decompression Heap Overflow

IrfanView 4.33 Format PlugIn TTF File Parsing Stack Based Overflow

IrfanView RLE Image Decompression Buffer Overflow Vulnerability

IrfanView TIF Image Decompression Buffer Overflow Vulnerability

IRIS Citations Management Tool (post auth) Remote Command Execution

ISC BIND9 TKEY Remote DoS PoC

iScripts EasyCreate 3.0 - Multiple Vulnerabilities

iScripts EasyCreate 3.0 - Remote Code Execution Exploit

iScripts EasyCreate CMS v2.0 Multiple Vulnerabilities

Islamnt Islam Forum Script 1.2 Blind SQL Injection Exploit

ISPConfig 3.0.5.4p6 - Multiple Vulnerabilities

ISPConfig 3.0.54p1 - Authenticated Admin Local root Vulnerability

ISPConfig Authenticated Arbitrary PHP Code Execution

ispVM System XCF File Handling Overflow

iSupport v1.x CSRF HTML Code Injection to Add Admin

iTechClassifieds 3.03.057 - SQL Injection

IWantOneButton 3.0.1 Wordpress Plugin Multiple Vulnerabilities

iy10 Dizin Scripti - Multiple Vulnerabilities

jaangle 0.98i.977 - Denial of Service Vulnerability

JAKCMS <= v2.01 Code Execution Exploit

JAKCMS <= v2.01 RC1 Blind SQL Injection Exploit

JAKCMS 2.0 PRO RC5 stored XSS via useragent HTTP header Injection

JAMF Casper Suite MDM CSRF Vulnerability

Jaow <= 2.4.5 Blind SQL Injection

Jaow CMS v2.3 Blind SQLi Vulnerability

Jaow CMS v2.3 CSRF Vulnerability

Java 7 Applet Remote Code Execution

Java Applet AverageRangeStatisticImpl Remote Code Execution

Java Applet Driver Manager Privileged toString() Remote Code Execution

Java Applet Field Bytecode Verifier Cache Remote Code Execution

Java Applet JAX-WS Remote Code Execution

Java Applet JMX Remote Code Execution

Java Applet Method Handle Remote Code Execution

Java AtomicReferenceArray Type Violation Vulnerability

Java CMM Remote Code Execution

Java Debug Wire Protocol Remote Code Execution

Java JMX Server Insecure Configuration Java Code Execution

Java MixerSequencer Object GM_Song Structure Handling Vulnerability

Java storeImageArray() Invalid Array Indexing Vulnerability

Java Web Start Double Quote Injection Remote Code Execution

JBoss Application Server Remote Exploit

JBoss DeploymentFileRepository WAR Deployment (via JMXInvokerServlet)

JCraft/JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal

jDisk (stickto) v2.0.3 iOS - Multiple Vulnerabilities

JDownloader 2 Beta - Directory Traversal Vulnerability

Jenkins 1.626 - Cross Site Request Forgery / Code Execution

Jenkins 1.633 - Unauthenticated Credential Recovery

Jenkins CI Script Console Command Execution MSF Module

Jenkins Script-Console Java Execution

jetAudio 8.0.16.2000 Plus VX - (.wav) - Crash POC

jetAudio 8.1.3 Basic (mp3) - Crash PoC

Jildi FTP Client 1.5.6 (SEH) BOF

Jildi FTP Client Buffer Overflow PoC

JIRA 4.4.3, GreenHopper < 5.9.8 Multiple Vulnerabilities

JIRA and HipChat for JIRA Plugin Velocity Template Injection Vulnerability

JIRA Issues Collector Directory Traversal

Jira Scriptrunner 2.0.7 <= CSRF/RCE Exploit

Jive Forums <= 5.5.25 - Directory Traversal Vulnerability

JMX2 Email Tester - (save_email.php) Web Shell Upload

Job Portal Script 9.11 - Authentication Bypass

Job Site 1.0 - Multiple Vulnerabilities

Jobberbase 2.0 - Multiple Vulnerabilities

Joomla 1.5 - 3.4.5 - Object Injection RCE X-Forwarded-For Header

Joomla 1.5 - 3.4.5 - Object Injection Remote Command Execution

Joomla 2.5.0-2.5.1 Time Based SQL Injection Exploit

Joomla 3.2.1 - SQL Injection Vulnerability

Joomla 3.4.4 - 3.6.4 - Account Creation / Privilege Escalation

Joomla com_memorix component - SQL Injection vulnerability

Joomla com_niceajaxpoll <= 1.3.0 SQL Injection Vulnerability

Joomla Commedia Plugin (index.php, task parameter) SQL Injection

Joomla Component (com_acymailing) SQL Injection Vulnerability

joomla component (com_bearleague) SQL injection Vulnerability

joomla component (com_ponygallery) SQL injection Vulnerability

Joomla Component DT Register - 'cat' SQL Injection

Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection

joomla component The Estate Agent (com_estateagent) SQL injection Vulnerability

Joomla Content History SQLi Remote Code Execution

Joomla DOCman Component - Multiple Vulnerabilities

Joomla En Masse Component 1.2.0.4 SQL Injection

Joomla Face Gallery 1.0 - Multiple vulnerabilities

Joomla FireBoard Component (com_fireboard) SQL Injection Vulnerability

Joomla Freestyle Support 1.9.1.1447 (com_fss) SQL Injection

Joomla iCagenda Component (id parameter) Multiple Vulnerabilities

Joomla JNews (com_jnews) Component 8.5.1 - SQL Injection

Joomla JomSocial Component 2.6 - Code Execution Exploit

Joomla joomgalaxy 1.2.0.4 Multiple Vulnerabilities

Joomla JV Comment Extension 3.0.2 (index.php, id param) - SQL Injection

Joomla Komento Extension 1.7.2 - Stored XSS Vulnerabilities

Joomla Mac Gallery 1.5 - Arbitrary File Download

Joomla Media Manager File Upload Vulnerability

Joomla Movm Extension (com_movm) SQL Injection

Joomla OS Property 2.0.2 Unrestricted File Upload

Joomla redSHOP Component 1.2 - SQL Injection

Joomla RokModule Component (index.php, module parameter) Blind SQLi

Joomla RSfiles Component (cid param) - SQL Injection Vulnerability

Joomla SimpleImageUpload - Arbitrary File Upload

Joomla Spider Contacts 1.3.6 (index.php, contacts_id param) - SQL Injection

Joomla Tags (index.php, tag parameter) SQL Injection

Joomla XCloner Component (com_xcloner-backupandrestore) Remote Command Execution

Joomla Youtube Gallery Component - SQL Injection Vulnerability

Joomla! Component Blog Calendar - SQL Injection

Joomla! Component Catalog 1.0.7 - SQL Injection

Joomla! Component Event Booking 2.10.1 - SQL Injection

Joomla! Component Portfolio Gallery 1.0.6 - SQL Injection

Joomla! Helpdesk Pro Plugin < 1.4.0 - Multiple Vulnerabilities

Joomla! v1.5 + v1.6 JFilterInput XSS Bypass

JPEGsnoop <= 1.5.2 WriteAV Arbitrary Code Execution

JPEGView 1.0.29 - Crash PoC

jQuery Mega Menu 1.0 Wordpress Plugin Local File Inclusion

JRuby Sandbox 0.2.2 - Sandbox Escape

jSchool Advanced SQL Injection Vulnerability

JSN PowerAdmin Joomla! Extension 2.3.0 - Multiple Vulnerabilities

JSPMySQL Administrador - Multiple Vulnerabilities

JSSE SKIP-TLS Exploit

Just Dial Clone Script - SQL Injection

JVC IP-Camera VN-T216VPRU - Credentials Disclosure

JVC IP-Camera VN-T216VPRU - Local File Disclosure

Jzip SEH Unicode Buffer Overflow (Denial of Service)

Kajona 4.7 - Cross-Site Scripting / Directory Traversal

Kaltura Community Edition <=11.1.0-2 - Multiple Vulnerabilities

Kamads classifieds V2 Multiple Vulnerabilities

Kamailio 4.3.4 - Heap-Based Buffer Overflow

Kaseya 6.3.0.2 - Arbitrary File Upload Vulnerability

Kaseya Virtual System Administrator - Multiple Vulnerabilities

Kaseya VSA uploader.aspx Arbitrary File Upload

Kaspersky 17.0.0 - Local CA root Incorrectly Protected

Kaspersky Antivirus - Certificate Handling Path Traversal

Kaspersky Antivirus "Yoda's Protector" Unpacking Memory Corruption

Kaspersky Antivirus DEX File Format Parsing Memory Corruption

Kaspersky Antivirus ExeCryptor Parsing Memory Corruption

Kaspersky Antivirus CHM Parsing Stack Buffer Overflow

Kaspersky Antivirus PE Unpacking Integer Overflow

Kaspersky Antivirus ThinApp Parser Stack Buffer Overflow

Kaspersky Antivirus UPX Parsing Memory Corruption

Kaspersky Antivirus VB6 Parsing Integer Overflow

Kaspersky Internet Security 2013 - Denial Of Service Vulnerability

Kate's Video Toolkit Version 7.0 (.wav) - Crash POC

KCFinder 2.51 - Local File Disclosure

Keen Lab Takes Down iPhone 6S, Nexus 6P at Mobile Pwn2Own

KeePass Password Safe Classic 1.29 - Crash PoC

Keeper IP Camera 3.2.2.10 - Authentication Bypass

KeepNote 0.7.8 - Command Execution

KeepNote 0.7.8 - Remote Command Execution

Kentico CMS 7.0.75 - User Information Disclosure

Kerberos in Microsoft Windows - Security Feature Bypass (MS16-101)

Kerio Control <= 8.6.1 - Multiple Vulnerabilities

Kerio Control 8.3.1 - Blind SQL Injection

Kerio Control Unified Threat Management 9.1.0 build 1087, 9.1.1 build 1324 -...

Kerio WinRoute Firewall Web Server < 6 Source Code Disclosure

KeyHelp ActiveX LaunchTriPane Remote Code Execution Vulnerability

Keynect Ecommerce SQL Injection Vulnerability

Kimai 0.9.2.1306-3 - SQL Injection Vulnerability

Kimai v0.9.2 'db_restore.php "SQL Injection

KingScada kxClientDownload.ocx ActiveX Remote Code Execution

KingView 6.5.3 SCADA ActiveX Exploit

KingView 6.53 - ActiveX Remote File Creation / Overwrite (KChartXY)

KingView 6.53 - Insecure ActiveX Control (SuperGrid)

Kingview 6.53 SCADA HMI HistorySvr Heap Overflow

KingView Log File Parsing Buffer Overflow

Kirby CMS <= 2.1.0 - Authentication Bypass

Kirby CMS <= 2.1.0 - CSRF Content Upload and PHP Script Execution

kitForm CRM Extension 0.43 (sorter.php, sorter_value param) - SQL Injection

Kloxo 6.1.6 - Local Privilege Escalation

Kloxo SQL Injection and Remote Code Execution

Kloxo-MR 6.5.0 - CSRF Vulnerability

KMPlayer 3.7.0.109 (.wav) - Crash PoC

KMPlayer 3.8.0.117 - Buffer Overflow

KMPlayer 3.9.x - .srt Crash PoC

KNet Web Server 1.04b - Buffer Overflow SEH

KnFTPd 1.0.0 'FEAT' DoS PoC-Exploit

Knowledge Base Enterprise Edition 4.62.00 SQL Injection Vulnerability

Kodi 15 - Arbitrary File Aaccess (Web Interface)

Koha <= 3.20.1 - Multiple SQL Injections

Kohana Framework v2.3.3 Directory Traversal Vulnerability

Kolibri <= v2.0 HTTP Server HEAD Buffer Overflow

Kolibri 2.0 GET Request - Stack Buffer Overflow

Kolibri Webserver 2.0 Buffer Overflow with EMET 5.0 and EMET 4.1 Partial Bypass

Komfy Switch with Camera DKZ-201S/W - WiFi Password Disclosure

Konftel 300IP SIP-based Conference Phone <= 2.1.2 - Remote Bypass Reboot

Konica Minolta FTP Utility 1.0 - Directory Traversal Vulnerability

Konica Minolta FTP Utility 1.0 - Remote Command Execution

Konica Minolta FTP Utility 1.00 Post Auth CWD Command SEH Overflow

Konke Smart Plug K - Authentication Bypass Vulnerability

Konqueror 4.7.3 Memory Corruption

Kunena < 1.5.13, < 1.6.3 SQL Injection Vulnerability

LamaHub 0.0.6.2 - Buffer Overflow

LAN Messenger <= v1.2.28 Denial of Service Vulnerability

LAN.FS Messenger v2.4 Command Execution Vulnerability

LANDesk Lenovo ThinkManagement Suite 9.0.3 Core Server Remote Arbitrary File Deletion Vulnerability

LANDesk Lenovo ThinkManagement Suite 9.0.3 Core Server Remote Code Execution Vulnerability

LanSpy 2.0.0.155 - Buffer Overflow

LanSpy 2.0.0.155 - Local Buffer Overflow

LanWhoIs.exe 1.0.1.120 - Stack Buffer Overflow

Last PassBroker 3.2.16 - Stack-Based Buffer Overflow

Lattice Semiconductor PAC-Designer 6.21 (*.PAC) Exploit

Lattice Semiconductor PAC-Designer 6.21 Symbol Value Buffer Overflow

Lc Flickr Carousel V1.0 => Local File Disclosure Vulnerability

Legend Perl IRC Bot Remote Code Execution

Lenovo RapidBoot HDD Accelerator 1.00.0802 - Unquoted Service Path Privilege...

Lenovo Slim USB Keyboard 1.09 - Unquoted Service Path Privilege Escalation

Lenovo ThinkVantage Communications Utility 3.0.42.0 - Unquoted Service Path...

LEPTON 2.2.2 - Remote Code Execution

LEPTON 2.2.2 - SQL Injection

Lepton CMS 2.2.0 / 2.2.1 - Directory Traversal

Lepton CMS 2.2.0 / 2.2.1 - PHP Code Injection

LetoDMS 3.3.6 Multiple Vulnerabilities

Lian Li NAS - Multiple Vulnerabilities

libgd 2.1.1 - Signedness Heap Overflow

Libmimedir VCF Memory Corruption PoC

libquicktime 1.2.4 - Integer Overflow

LibreOffice 3.5.2.2 Memory Corruption

LibrettoCMS 2.2.2 - Arbitrary File Upload

LibrettoCMS File Manager Arbitary File Upload Vulnerability

libsndfile 1.0.25 - Heap Overflow

Libuser Library - Multiple Vulnerabilities

libxml2 - htmlCurrentChar Heap-Based Buffer Overread

libxml2 - xmlDictAddString Heap-Based Buffer Overread

libxml2 - xmlParseEndTag2 Heap-Based Buffer Overread

libxml2 - xmlParserPrintFileContextInternal Heap-Based Buffer Overread

Liferay 6.0.x Webdav File Reading Vulnerability

Liferay Portal 5.1.2 - Persistent XSS

Liferay Portal 7.0.x <= 7.0.2 - Pre-Auth RCE

LifeSize Room 5.0.9 - Multiple Vulnerabilities

Light Alloy 4.7.3 (.m3u) - SEH Buffer Overflow (Unicode)

Light Audio Mixer Version 1.0.12 (.wav) - Crash POC

lighttpd 1.4.31 Denial of Service PoC

Limelight Software (article.php) SQL Injection Vulnerability

Limesurvey (PHPSurveyor v.1.91+ stable) Blind SQL Injection