Exploit DoS & PoC 2019- Úvod  Remote  Web App  Local&Privilege Escalation  DoS & PoC  ShellCode  Exploit  Exploit prog.  Ex. Techniky  Exp. kit  Typy Exploitù  Exploit Articles 

DoS & PoC  H  2020  2019  2018


2019-12-20Microsoft Windows 10 BasicRender.sys - Denial of Service (PoC)dosWindows
2019-12-19FTP Navigator 8.03 - 'Custom Command' Denial of Service (SEH)dosWindows
2019-12-18XnView 2.49.1 - 'Research' Denial of Service (PoC)dosWindows
2019-12-18macOS 10.14.6 (18G87) - Kernel Use-After-Free due to Race Condition in wait_for_namespace_event()dosmacOS
2019-12-12Lenovo Power Management Driver 1.67.17.48 - 'pmdrvs.sys' Denial of Service (PoC)dosWindows
2019-12-11Product Key Explorer 4.2.0.0 - 'Name' Denial of Service (POC)dosWindows
2019-12-11Product Key Explorer 4.2.0.0 - 'Key' Denial of Service (PoC)dosWindows
2019-12-11AppXSvc 17763 - Arbitrary File Overwrite (DoS)dosWindows
2019-12-11Adobe Acrobat Reader DC - Heap-Based Memory Corruption due to Malformed TTF FontdosWindows
2019-12-09Omron PLC 1.0.0 - Denial of Service (PoC)dosHardware
2019-12-02Nsauditor 3.1.8.0 - 'Name' Denial of Service (PoC)dosWindows
2019-12-02Nsauditor 3.1.8.0 - 'Key' Denial of Service (PoC)dosWindows
2019-11-29SpotAuditor 5.3.2 - 'Key' Denial of ServicedosWindows
2019-11-29SpotAuditor 5.3.2 - 'Name' Denial of ServicedosWindows
2019-11-28GHIA CamIP 1.2 for iOS - 'Password' Denial of Service (PoC)dosiOS
2019-11-27Microsoft DirectX SDK 2010 - '.PIXrun' Denial Of Service (PoC)dosWindows
2019-11-27SpotAuditor 5.3.2 - 'Base64' Denial Of Service (PoC)dosWindows
2019-11-26iNetTools for iOS 8.20 - 'Whois' Denial of Service (PoC)dosiOS
2019-11-26InduSoft Web Studio 8.1 SP1 - "Atributos" Denial of Service (PoC)dosWindows
2019-11-25SMPlayer 19.5.0 - Denial of Service (PoC)dosWindows
2019-11-25InTouch Machine Edition 8.1 SP1 - 'Atributos' Denial of Service (PoC)dosWindows
2019-11-22Internet Explorer - Use-After-Free in JScript Arguments During toJSON CallbackdosWindows
2019-11-20Ubuntu 19.10 - ubuntu-aufs-modified mmap_region() Breaks Refcounting in overlayfs/shiftfs Error PathdosLinux
2019-11-20Ubuntu 19.10 - Refcount Underflow and Type Confusion in shiftfsdosLinux
2019-11-20iOS 12.4 - Sandbox Escape due to Integer Overflow in mediaserverddosiOS
2019-11-19ipPulse 1.92 - 'Enter Key' Denial of Service (PoC)dosWindows
2019-11-19Centova Cast 3.2.12 - Denial of Service (PoC)dosHardware
2019-11-19scadaApp for iOS 1.1.4.0 - 'Servername' Denial of Service (PoC)dosiOS
2019-11-19XMedia Recode 3.4.8.6 - '.m3u' Denial Of ServicedosWindows
2019-11-18iSmartViewPro 1.3.34 - Denial of Service (PoC)dosWindows
2019-11-18Open Proficy HMI-SCADA 5.0.0.25920 - 'Password' Denial of Service (PoC)dosiOS
2019-11-18Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service (PoC)dosWindows
2019-11-14Siemens Desigo PX 6.00 - Denial of Service (PoC)dosHardware
2019-11-11iOS IOUSBDeviceFamily 12.4.1 - 'IOInterruptEventSource' Heap Corruption (PoC)dosiOS
2019-11-11iMessage - Decoding NSSharedKeyDictionary can read ObjC Object at Attacker Controlled AddressdosMultiple
2019-11-11Adobe Acrobat Reader DC for Windows - Use of Uninitialized Pointer due to Malformed JBIG2Globals StreamdosWindows
2019-11-11Adobe Acrobat Reader DC for Windows - Use of Uninitialized Pointer due to Malformed OTF Font (CFF Table)dosWindows
2019-11-05FileOptimizer 14.00.2524 - Denial of Service (PoC)dosWindows
2019-11-05JavaScriptCore - Type Confusion During Bailout when Reconstructing Arguments ObjectsdosMultiple
2019-11-05WebKit - Universal XSS in JSObject::putInlineSlow and JSValue::putToPrimitivedosMultiple
2019-11-05macOS XNU - Missing Locking in checkdirs_callback() Enables Race with fchdir_common()dosmacOS
2019-11-04Apple macOS 10.15.1 - Denial of Service (PoC)dosmacOS
2019-10-30WMV to AVI MPEG DVD WMV Convertor 4.6.1217 - Denial of ServicedosWindows
2019-10-30JavaScriptCore - GetterSetter Type Confusion During DFG CompilationdosMultiple
2019-10-28WebKit - Universal XSS in HTMLFrameElementBase::isURLAlloweddosMultiple
2019-10-21winrar 5.80 64bit - Denial of ServicedosWindows
2019-10-21Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed JP2 Stream (2)dosWindows
2019-10-14SpotAuditor 5.3.1.0 - Denial of ServicedosWindows
2019-10-14ActiveFax Server 6.92 Build 0316 - 'POP3 Server' Denial of ServicedosWindows
2019-10-10Windows Kernel - win32k.sys TTF Font Processing Pool Corruption in win32k!ulClearTypeFilterdosWindows
2019-10-10Windows Kernel - NULL Pointer Dereference in nt!MiOffsetToProtos While Parsing Malformed PE FiledosWindows
2019-10-10Windows Kernel - Out-of-Bounds Read in CI!CipFixImageType While Parsing Malformed PE FiledosWindows
2019-10-10Windows Kernel - Out-of-Bounds Read in nt!MiParseImageLoadConfig While Parsing Malformed PE FiledosWindows
2019-10-10Windows Kernel - Out-of-Bounds Read in CI!HashKComputeFirstPageHash While Parsing Malformed PE FiledosWindows
2019-10-10Windows Kernel - Out-of-Bounds Read in nt!MiRelocateImage While Parsing Malformed PE FileDoSWindows
2019-10-10Windows Kernel - Out-of-Bounds Read in CI!HashKComputeFirstPageHash While Parsing Malformed PE FileDoSWindows
2019-10-10Windows Kernel - Out-of-Bounds Read in nt!MiParseImageLoadConfig While Parsing Malformed PE FileDoSWindows
2019-10-10Windows Kernel - Out-of-Bounds Read in CI!CipFixImageType While Parsing Malformed PE FileDoSWindows
2019-10-10Windows Kernel - NULL Pointer Dereference in nt!MiOffsetToProtos While Parsing Malformed PE FileDoSWindows
2019-10-10Windows Kernel - win32k.sys TTF Font Processing Pool Corruption in win32k!ulClearTypeFilterDoSWindows
2019-10-09XNU - Remote Double-Free via Data Race in IPComp Input PathDoSmacOS
2019-10-09Foscam Video Management System 1.1.6.6 - 'UID' Denial of Service (PoC)DoSWindows
2019-10-01WebKit - Universal XSS Using Cached PagesDoSMultiple
2019-10-01WebKit - User-agent Shadow root Leak in WebCore::ReplacementFragment::ReplacementFragmentDoSMultiple
2019-10-01WebKit - Universal XSS in WebCore::commandDoSMultiple
2019-10-01WebKit - UXSS Using JavaScript: URI and Synchronous Page LoadsDoSMultiple
2019-10-01kic 2.4a - Denial of ServiceDoSLinux
2019-09-25SpotIE Internet Explorer Password Recovery 2.9.5 - 'Key' Denial of ServiceDoSWindows
2019-09-24iMessage - Decoding NSSharedKeyDictionary Can Read Object Out of BoundsDoSiOS
2019-09-24Microsoft Windows cryptoapi - SymCrypt Modular Inverse Algorithm Denial of ServiceDoSWindows
2019-09-24DeviceViewer 3.12.0.1 - 'creating user' Denial of ServiceDoSWindows
2019-09-13Folder Lock 7.7.9 - Denial of ServiceDoSWindows
2019-09-12Microsoft DirectWrite - Out-of-Bounds Read in sfac_GetSbitBitmap While Processing TTF FontsDoSWindows
2019-09-12Microsoft DirectWrite - Invalid Read in SplicePixel While Processing OTF FontsDoSWindows
2019-08-30VX Search Enterprise 10.4.16 - 'User-Agent' Denial of ServiceDoSWindows
2019-08-30Asus Precision TouchPad 11.0.0.25 - Denial of ServiceDoSWindows
2019-08-30Easy MP3 Downloader 4.7.8.8 - 'Unlock Code' Denial of ServiceDoSWindows
2019-08-30SQL Server Password Changer 1.90 - Denial of ServiceDoSWindows
2019-08-29Webkit JSC: JIT - Uninitialized Variable Access in ArgumentsEliminationPhase::transformDoSMultiple
2019-08-28Outlook Password Recovery 2.10 - Denial of ServiceDoSWindows
2019-08-19RAR Password Recovery 1.80 - 'User Name and Registration Code' Denial of ServiceDoSWindows
2019-08-16GetGo Download Manager 6.2.2.3300 - Denial of ServiceDoSWindows_x86-64
2019-08-15Adobe Acrobat Reader DC for Windows - Double Free due to Malformed JP2 StreamDoSWindows
2019-08-15Adobe Acrobat Reader DC for Windows - free() of Uninitialized Pointer due to Malformed JBIG2Globals StreamDoSWindows
2019-08-15Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed JP2 StreamDoSWindows
2019-08-15Adobe Acrobat Reader DC for Windows - Heap-Based Memory Corruption due to Malformed TTF FontDoSWindows
2019-08-15Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow in CoolType.dllDoSWindows
2019-08-15Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed Font StreamDoSWindows
2019-08-15Adobe Acrobat Reader DC for Windows - Static Buffer Overflow due to Malformed Font StreamDoSWindows
2019-08-15Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow While Processing Malformed PDFDoSWindows
2019-08-15Adobe Acrobat Reader DC for Windows - Use-After-Free due to Malformed JP2 StreamDoSWindows
2019-08-15Adobe Acrobat Reader DC for Windows - Heap-Based Out-of-Bounds read due to Malformed JP2 StreamDoSWindows
2019-08-15Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in FixSbitSubTableFormat1DoSWindows
2019-08-15Microsoft Font Subsetting - DLL Heap Corruption in MakeFormat12MergedGlyphListDoSWindows
2019-08-15Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in WriteTableFromStructureDoSWindows
2019-08-15Microsoft Font Subsetting - DLL Heap Corruption in ReadAllocFormat12CharGlyphMapListDoSWindows
2019-08-15Microsoft Font Subsetting - DLL Heap Corruption in ReadTableIntoStructureDoSWindows
2019-08-15Microsoft Font Subsetting - DLL Heap Corruption in FixSbitSubTablesDoSWindows
2019-08-15Microsoft Font Subsetting - DLL Double Free in MergeFormat12Cmap / MakeFormat12MergedGlyphListDoSWindows
2019-08-15Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in GetGlyphIdxDoSWindows
2019-08-15Microsoft Font Subsetting - DLL Returning a Dangling Pointer via MergeFontPackageDoSWindows
2019-08-15Adobe Acrobat CoolType (AFDKO) - Call from Uninitialized Memory due to Empty FDArray in Type 1 FontsDoSWindows
2019-08-15Adobe Acrobat CoolType (AFDKO) - Memory Corruption in the Handling of Type 1 Font load/store OperatorsDoSWindows
2019-08-15NSKeyedUnarchiver - Info Leak in Decoding SGBigUTF8StringDoSMultiple
2019-08-14ABC2MTEX 1.6.1 - Command Line Stack OverflowDoSLinux
2019-08-14Windows PowerShell - Unsanitized Filename Command ExecutionDoSWindows
2019-08-12WebKit - UXSS via XSLT and Nested Document ReplacementsDoSMultiple
2019-08-12Linux - Use-After-Free Reads in show_numa_stats()DoSLinux
2019-08-12VxWorks 6.8 - TCP Urgent Pointer = 0 Integer UnderflowDoSVxWorks
2019-08-07Google Chrome 74.0.3729.0 / 76.0.3789.0 - Heap Use-After-Free in blink::PresentationAvailabilityState::UpdateAvailabilityDoSMultiple
2019-08-05macOS iMessage - Heap Overflow when DeserializingDoSmacOS
2019-07-30iMessage - NSKeyedUnarchiver Deserialization Allows file Backed NSData ObjectsDoSMultiple
2019-07-30iMessage - Memory Corruption when Decoding NSKnownKeysDictionary1DoSMultiple
2019-07-30iMessage - NSArray Deserialization can Invoke Subclass that does not Retain ReferencesDoSMultiple
2019-07-30macOS / iOS JavaScriptCore - JSValue Use-After-Free in ValueProfilesDoSMultiple
2019-07-30macOS / iOS JavaScriptCore - Loop-Invariant Code Motion (LICM) Leaves Object Property Access UnguardedDoSMultiple
2019-07-30macOS / iOS NSKeyedUnarchiver - Use-After-Free of ObjC Objects when Unarchiving OITSUIntDictionary InstancesDoSMultiple
2019-07-26pdfresurrect 0.15 - Buffer OverflowDoSLinux
2019-07-25WebKit - Universal Cross-Site Scripting due to Synchronous Page LoadsDoSMultiple
2019-07-24Apple iMessage - DigitalTouch tap Message Processing Out-of-Bounds ReadDoSwatchOS
2019-07-22BACnet Stack 0.8.6 - Denial of ServiceDoSLinux
2019-07-17WinMPG iPod Convert 3.0 - 'Register' Denial of ServiceDoSWindows
2019-07-16Microsoft Compiled HTML Help / Uncompiled .chm File - XML External Entity InjectionDoSWindows
2019-07-15Microsoft Windows Remote Desktop - 'BlueKeep' Denial of Service (Metasploit)DoSWindows
2019-07-15Android 7 - 9 VideoPlayer - 'ihevcd_parse_pps' Out-of-Bounds WriteDoSAndroid
2019-07-12Microsoft Font Subsetting - DLL Heap Corruption in ComputeFormat4CmapDataDoSWindows
2019-07-10Microsoft DirectWrite / AFDKO - Heap-Based Out-of-Bounds Read/Write in OpenType Font Handling Due to Empty ROS StringsDoSWindows
2019-07-10Microsoft DirectWrite / AFDKO - NULL Pointer Dereferences in OpenType Font Handling While Accessing Empty dynarraysDoSWindows
2019-07-10Microsoft DirectWrite / AFDKO - Multiple Bugs in OpenType Font Handling Related to the "post" TableDoSWindows
2019-07-10Microsoft DirectWrite / AFDKO - Out-of-Bounds Read in OpenType Font Handling Due to Undefined FontName IndexDoSWindows
2019-07-10Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling While Processing CFF Blend DICT OperatorDoSWindows
2019-07-10Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readStringsDoSWindows
2019-07-10Microsoft DirectWrite / AFDKO - Heap-Based Out-of-Bounds Read/Write in OpenType Font Handling Due to Unbounded iFDDoSWindows
2019-07-10Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow Due to Integer Overflow in readTTCDirectoryDoSWindows
2019-07-10Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readCharsetDoSWindows
2019-07-10Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readFDSelectDoSWindows
2019-07-10Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readEncodingDoSWindows
2019-07-10Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling Due to Incorrect Handling of blendArrayDoSWindows
2019-07-10Microsoft DirectWrite / AFDKO - Interpreter Stack Underflow in OpenType Font Handling Due to Missing CHKUFLOWDoSWindows
2019-07-10Microsoft DirectWrite / AFDKO - Use of Uninitialized Memory While Freeing Resources in var_loadavarDoSWindows
2019-07-10Microsoft DirectWrite / AFDKO - Stack-Based Buffer Overflow in do_set_weight_vector_cube for Large nAxesDoSWindows
2019-07-10Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling Due to Negative nAxesDoSWindows
2019-07-10Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling Due to Negative cubeStackDepthDoSWindows
2019-07-10Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling due to Out-of-Bounds cubeStackDepthDoSWindows
2019-07-10Mozilla Spidermonkey - Unboxed Objects Uninitialized Memory AccessDoSMultiple
2019-07-10Microsoft Windows - Font Subsetting DLL Heap-Based Out-of-Bounds Read in MergeFontsDoSWindows
2019-07-09Firefox 67.0.4 - Denial of ServiceDoSMultiple
2019-06-26Mozilla Spidermonkey - IonMonkey 'Array.prototype.pop' Type ConfusionDoSMultiple
2019-06-24Microsoft Windows Font Cache Service - Insecure Sections Privilege EscalationDoSWindows
2019-06-24Microsoft Windows - 'CmpAddRemoveContainerToCLFSLog' Arbitrary File/Directory CreationDoSWindows
2019-06-24GSearch 1.0.1.0 - Denial of Service (PoC)DoSWindows
2019-06-20Linux - Use-After-Free via race Between modify_ldt() and #BR ExceptionDoS

Linux

2019-06-17Thunderbird ESR < 60.7.XXX - 'icalrecur_add_bydayrules' Stack-Based Buffer OverflowDoSMultiple
2019-06-17Thunderbird ESR < 60.7.XXX - 'parser_get_next_char' Heap-Based Buffer OverflowDoSMultiple
2019-06-17Thunderbird ESR < 60.7.XXX - 'icalmemorystrdupanddequote' Heap-Based Buffer OverflowDoSMultiple
2019-06-17Thunderbird ESR < 60.7.XXX - Type ConfusionDoSMultiple
2019-06-17Netperf 2.6.0 - Stack-Based Buffer OverflowDoSLinux
2019-06-17HC10 HC.Server Service 10.14 - Remote Invalid Pointer WriteDoSWindows
2019-06-05Google Chrome 73.0.3683.103 - 'WasmMemoryObject::Grow' Use-After-FreeDoSMultiple
2019-05-30Microsoft Windows Remote Desktop - 'BlueKeep' Denial of ServiceDoSWindows
2019-05-29Qualcomm Android - Kernel Use-After-Free via Incorrect set_page_dirty() in KGSLDoSAndroid
2019-05-29Spidermonkey - IonMonkey Unexpected ObjectGroup in ObjectGroupDispatch OperationDoSMultiple
2019-05-29Spidermonkey - IonMonkey Leaks JS_OPTIMIZED_OUT Magic Value to ScriptDoSMultiple
2019-05-29Free SMTP Server 2.5 - Denial of Service (PoC)DoSWindows
2019-05-27Pidgin 2.13.0 - Denial of Service (PoC)DoSWindows
2019-05-24Fast AVI MPEG Joiner - 'License Name' Denial of Service (PoC)DoSWindows
2019-05-24Cyberoam General Authentication Client 2.1.2.7 - 'Server Address' Denial of Service (PoC)DoSWindows
2019-05-24Cyberoam Transparent Authentication Suite 2.1.2.5 - 'NetBIOS Name' Denial of Service (PoC)DoSWindows
2019-05-24Cyberoam Transparent Authentication Suite 2.1.2.5 - 'Fully Qualified Domain Name' Denial of Service (PoC)DoSWindows
2019-05-24Cyberoam SSLVPN Client 1.3.1.30 - 'HTTP Proxy' Denial of Service (PoC)DoSWindows
2019-05-24Cyberoam SSLVPN Client 1.3.1.30 - 'Connect To Server' Denial of Service (PoC)DoSWindows
2019-05-23Visual Voicemail for iPhone - IMAP NAMESPACE Processing Use-After-FreeDoSiOS
2019-05-23Terminal Services Manager 3.2.1 - Denial of ServiceDoSWindows
2019-05-23NetAware 1.20 - 'Share Name' Denial of Service (PoC)DoSWindows
2019-05-23NetAware 1.20 - 'Add Block' Denial of Service (PoC)DoSWindows
2019-05-22TapinRadio 2.11.6 - 'Uername' Denial of Service (PoC)DoSWindows
2019-05-22TapinRadio 2.11.6 - 'Address' Denial of Service (PoC)DoSWindows
2019-05-22RarmaRadio 2.72.3 - 'Username' Denial of Service (PoC)DoSWindows
2019-05-22RarmaRadio 2.72.3 - 'Server' Denial of Service (PoC)DoSWindows
2019-05-22BlueStacks 4.80.0.1060 - Denial of Service (PoC)DoSWindows
2019-05-21Apple macOS < 10.14.5 / iOS < 12.3 XNU - 'in6_pcbdetach' Stale Pointer Use-After-FreeDoSMultiple
2019-05-21Apple macOS < 10.14.5 / iOS < 12.3 XNU - Wild-read due to bad cast in stf_ioctlDoSMultiple
2019-05-21Apple macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - AIR Optimization Incorrectly Removes Assignment to RegisterDoSMultiple
2019-05-21Apple macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - Loop-Invariant Code Motion (LICM) in DFG JIT Leaves Stack Variable UninitializedDoSMultiple
2019-05-21Apple macOS < 10.14.5 / iOS < 12.3 DFG JIT Compiler - 'HasIndexedProperty' Use-After-FreeDoSMultiple
2019-05-21Deluge 1.3.15 - 'Webseeds' Denial of Service (PoC)DoSWindows
2019-05-21Deluge 1.3.15 - 'URL' Denial of Service (PoC)DoSMultiple
2019-05-20BulletProof FTP Server 2019.0.0.50 - 'Storage-Path' Denial of Service (PoC)DoSWindows
2019-05-20BulletProof FTP Server 2019.0.0.50 - 'DNS Address' Denial of Service (PoC)DoSWindows
2019-05-20AbsoluteTelnet 10.16 - 'License name' Denial of Service (PoC)DoSWindows
2019-05-20docPrint Pro 8.0 - Denial of Service (PoC)DoSWindows
2019-05-20PCL Converter 2.7 - Denial of Service (PoC)DoSWindows
2019-05-20Encrypt PDF 2.3 - Denial of Service (PoC)DoSWindows
2019-05-20Huawei eSpace 1.1.11.103 - 'ContactsCtrl.dll' / 'eSpaceStatusCtrl.dll' ActiveX Heap OverflowDoSWindows
2019-05-20Huawei eSpace 1.1.11.103 - Image File Format Handling Buffer OverflowDoSWindows
2019-05-20Huawei eSpace Meeting 1.1.11.103 - 'cenwpoll.dll' SEH Buffer Overflow (Unicode)DoSWindows
2019-05-17CEWE Photo Importer 6.4.3 - '.jpg' Denial of Service (PoC)DoSWindows
2019-05-17CEWE Photoshow 6.4.3 - 'Password' Denial of Service (PoC)DoSWindows
2019-05-17Sandboxie 5.30 - 'Programs Alerts' Denial of Service (PoC)DoSWindows
2019-05-16SEL AcSELerator Architect 2.2.24 - CPU Exhaustion Denial of ServiceDoSWindows
2019-05-16Axessh 4.2 - 'Log file name' Denial of Service (PoC)DoSWindows
2019-05-16ZOC Terminal v7.23.4 - 'Shell' Denial of Service (PoC)DoSWindows
2019-05-16ZOC Terminal v7.23.4 - 'Private key file' Denial of Service (PoC)DoSWindows
2019-05-16ZOC Terminal 7.23.4 - 'Script' Denial of Service (PoC)DoSWindows
2019-05-16WeChat for Android 7.0.4 - 'vcodec2_hls_filter' Denial of ServiceDoSAndroid
2019-05-15Tomabo MP4 Converter 3.25.22 - Denial of Service (PoC)DoSWindows
2019-05-14TwistedBrush Pro Studio 24.06 - '.srp' Denial of Service (PoC)DoSWindows
2019-05-14TwistedBrush Pro Studio 24.06 - 'Script Recorder' Denial of Service (PoC)DoSWindows
2019-05-14TwistedBrush Pro Studio 24.06 - 'Resize Image' Denial of Service (PoC)DoSWindows
2019-05-14Selfie Studio 2.17 - 'Resize Image' Denial of Service (PoC)DoSWindows
2019-05-13Google Chrome V8 - Turbofan JSCallReducer::ReduceArrayIndexOfIncludes Out-of-Bounds Read/WriteDoSMultiple
2019-05-13DNSS 2.1.8 - Denial of Service (PoC)DoSWindows
2019-05-13SpotMSN 2.4.6 - Denial of Service (PoC)DoSWindows
2019-05-10PHPRunner 10.1 - Denial of Service (PoC)DoSWindows
2019-05-10ASPRunner.NET 10.1 - Denial of Service (PoC)DoSWindows
2019-05-10SpotPaltalk 1.1.5 - Denial of Service (PoC)DoSWindows
2019-05-10SpotIM 2.2 - Denial of Service (PoC)DoSWindows
2019-05-10jetCast Server 2.0 - Denial of Service (PoC)DoSWindows
2019-05-09Convert Video jetAudio 8.1.7 - Denial of Service (PoC)DoSWindows
2019-05-09Lyric Maker 2.0.1.0 - Denial of Service (PoC)DoSWindows
2019-05-09Lyric Video Creator 2.1 - '.mp3' Denial of Service (PoC)DoSWindows
2019-05-08jetAudio 8.1.7.20702 Basic - 'Enter URL' Denial of Service (PoC)DoSWindows
2019-05-07Easy Chat Server 3.1 - 'message' Denial of Service (PoC)DoSWindows
2019-05-06iOS 12.1.3 - 'cfprefsd' Memory CorruptionDoSiOS
2019-05-03SolarWinds DameWare Mini Remote Control 10.0 - Denial of ServiceDoSWindows
2019-04-30Linux - Missing Locking Between ELF coredump code and userfaultfd VMA ModificationDoSLinux
2019-04-30SpotAuditor 5.2.6 - 'Name' Denial of Service (PoC)DoSWindows
2019-04-26systemd - DynamicUser can Create setuid Binaries when Assisted by Another ProcessDoSLinux
2019-04-26NSauditor 3.1.2.0 - 'Name' Denial of Service (PoC)DoSWindows
2019-04-26NSauditor 3.1.2.0 - 'Community' Denial of Service (PoC)DoSWindows
2019-04-25AnMing MP3 CD Burner 2.0 - Denial of Service (PoC)DoSWindows
2019-04-25JioFi 4G M2S 1.0.2 - Denial of ServiceDoSHardware
2019-04-25Backup Key Recovery 2.2.4 - Denial of Service (PoC)DoSWindows
2019-04-25HeidiSQL 10.1.0.5464 - Denial of Service (PoC)DoSWindows
2019-04-23Linux - 'page->_refcount' Overflow via FUSEDoSLinux
2019-04-23Linux - Missing Locking in Siemens R3964 Line Discipline Race ConditionDoSLinux
2019-04-23systemd - Lack of Seat Verification in PAM Module Permits Spoofing Active Session to polkitDoSLinux
2019-04-22Google Chrome 73.0.3683.103 V8 JavaScript Engine - Out-of-Memory in Invalid Table Size Denial of Service (PoC)DoSMultiple
2019-04-22QNAP myQNAPcloud Connect 1.3.4.0317 - 'Username/Password' Denial of ServiceDoSHardware
2019-04-22Ease Audio Converter 5.30 - '.mp4' Denial of Service (PoC)DoSWindows
2019-04-18Netwide Assembler (NASM) 2.14rc15 - NULL Pointer Dereference (PoC)DoSMultiple
2019-04-17Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in GlyphIterator::setCurrGlyphIDDoSMultiple
2019-04-17Oracle Java Runtime Environment - Heap Corruption During TTF font Rendering in sc_FindExtrema4DoSMultiple
2019-04-17DHCP Server 2.5.2 - Denial of Service (PoC)DoSWindows
2019-04-17ASUS HG100 - Denial of ServiceDoSHardware
2019-04-16AdminExpress 1.2.5 - 'Folder Path' Denial of Service (PoC)DoSWindows
2019-04-16PCHelpWare V2 1.0.0.5 - 'Group' Denial of Service (PoC)DoSWindows
2019-04-16PCHelpWare V2 1.0.0.5 - 'SC' Denial of Service (PoC)DoSWindows
2019-04-15UltraVNC Launcher 1.2.2.4 - 'Path' Denial of Service (PoC)DoSWindows
2019-04-15UltraVNC Viewer 1.2.2.4 - 'VNC Server' Denial of Service (PoC)DoSWindows
2019-04-04Magic ISO Maker 5.5(build 281) - 'Serial Code' Denial of Service (PoC)DoSWindows
2019-04-03Google Chrome 73.0.3683.39 / Chromium 74.0.3712.0 - 'ReadableStream' Internal Object Leak Type ConfusionDoSMultiple
2019-04-03Google Chrome 72.0.3626.81 - 'V8TrustedTypePolicyOptions::ToImpl' Type ConfusionDoSMultiple
2019-04-03WebKitGTK+ - 'ThreadedCompositor' Race ConditionDoSMultiple
2019-04-03WebKit JavaScriptCore - CodeBlock Dangling Watchpoints Use-After-FreeDoSMultiple
2019-04-03WebKit JavaScriptCore - Out-Of-Bounds Access in FTL JIT due to LICM Moving Array Access Before the Bounds CheckDoSMultiple
2019-04-03iOS < 12.2 / macOS < 10.14.4 XNU - pidversion Increment During execve is UnsafeDoSMultiple
2019-04-03WebKit JavaScriptCore - 'createRegExpMatchesArray' Type ConfusionDoSMultiple
2019-04-03SpiderMonkey - IonMonkey Compiled Code Fails to Update Inferred Property Types (Type Confusion)DoSMultiple
2019-03-28gnutls 3.6.6 - 'verify_crt()' Use-After-FreeDoSLinux
2019-03-28Microsoft Visio 2016 16.0.4738.1000 - 'Log in accounts' Denial of ServiceDoSWindows
2019-03-26Spidermonkey - IonMonkey Type Inference is Incorrect for Constructors Entered via OSRDoSMultiple
2019-03-26Firefox < 66.0.1 - 'Array.prototype.slice' Buffer OverflowDoSMultiple
2019-03-26Microsoft Windows 7/2008 - 'Win32k' Denial of Service (PoC)DoSWindows
2019-03-22snap - seccomp BBlacklist for TIOCSTI can be CircumventedDoSLinux
21.03.2019Canarytokens 2019-03-01 - Detection BypassdosWindows
19.03.2019libseccomp < 2.4.0 - Incorrect Compilation of Arithmetic ComparisonsdosLinux
19.03.2019Google Chrome < M73 - Double-Destruction Race in StoragePartitionServicedosMultiple
19.03.2019Google Chrome < M73 - Data Race in ExtensionsGuestViewMessageFilterdosMultiple
19.03.2019Microsoft Internet Explorer 11 - VBScript Execution Policy Bypass in MSHTMLdosWindows
19.03.2019Microsoft VBScript - VbsErase Memory CorruptiondosWindows
19.03.2019Microsoft Edge - Flash click2play Bypass with CObjectElement::FinalCreateObjectdosWindows
19.03.2019Google Chrome < M73 - MidiManagerWin Use-After-FreedosMultiple
19.03.2019Google Chrome < M73 - FileSystemOperationRunner Use-After-FreedosMultiple
18.03.2019WinMPG Video Convert 9.3.5 - Denial of ServicedosWindows
18.03.2019WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 - Denial of ServicedosWindows
13.03.2019Microsoft Windows - '.reg' File / Dialog Box Message SpoofingdosWindows
13.03.2019Core FTP Server FTP / SFTP Server v2 Build 674 - 'MDTM' Directory TraversaldosWindows
13.03.2019Core FTP Server FTP / SFTP Server v2 Build 674 - 'SIZE' Directory TraversaldosWindows
12.03.2019Core FTP 2.0 build 653 - 'PBSZ' Denial of Service (PoC)dosWindows
11.03.2019Linux Kernel 4.4 (Ubuntu 16.04) - 'snd_timer_user_ccallback()' Kernel Pointer LeakdosLinux
06.03.2019Linux < 4.20.14 - Virtual Address 0 is Mappable via Privileged write() to /proc/*/memdosLinux
06.03.2019Android - binder Use-After-Free via racy Initialization of ->allow_user_freedosAndroid
06.03.2019Android - getpidcon() Usage in Hardware binder ServiceManager Permits ACL BypassdosAndroid
04.03.2019Microsoft Edge Chakra 1.11.4 - Read Permission via Type ConfusiondosWindows
04.03.2019FileZilla 3.40.0 - 'Local search' / 'Local site' Denial of Service (PoC)dosLinux
01.03.2019Google Chrome < M72 - PaymentRequest Service Use-After-FreedosMultiple
01.03.2019Google Chrome < M72 - RenderFrameHostImpl::CreateMediaStreamDispatcherHost Use-After-FreedosMultiple
01.03.2019Google Chrome < M72 - Use-After-Free in RenderProcessHostImpl Binding for P2PSocketDispatcherHostdosMultiple
01.03.2019Google Chrome < M72 - FileWriterImpl Use-After-FreedosMultiple
01.03.2019tcpdump < 4.9.3 - Multiple Heap-Based Out-of-Bounds ReadsdosMultiple
01.03.2019Linux < 4.14.103 / < 4.19.25 - Out-of-Bounds Read and Write in SNMP NAT ModuledosLinux
01.03.2019macOS XNU - Copy-on-Write Behavior Bypass via Mount of User-Owned Filesystem ImagedosmacOS
28.02.2019FTP Server 1.32 - Denial of ServicedosAndroid
28.02.2019WebKitGTK 2.23.90 / WebKitGTK+ 2.22.6 - Denial of ServicedosLinux
28.02.2019TransMac 12.3 - Denial of Service (PoC)dosWindows
25.02.2019Xlight FTP Server 3.9.1 - Buffer Overflow (PoC)dosWindows
22.02.2019WebKit JSC - reifyStaticProperty Needs to set the PropertyAttribute::CustomAccessor flag for CustomGetterSetterdosMultiple
21.02.2019Valentina Studio 9.0.5 Linux - 'Host' Buffer Overflow (PoC)dosLinux
21.02.2019Virtual VCR Max .0a - '.vcr' Buffer Overflow (PoC)dosWindows
21.02.2019ScreenStream 3.0.15 - Denial of ServicedosAndroid
21.02.2019AirDrop 2.0 - Denial of Service (DoS)dosAndroid
20.02.2019FTPShell Server 6.83 - 'Account name to ban' Denial of Service (PoC)dosWindows
20.02.2019WinRAR 5.61 - '.lng' Denial of ServicedosWindows
20.02.2019FaceTime - Texture Processing Memory CorruptiondosmacOS
20.02.2019Android Kernel < 4.8 - ptrace seccomp Filter BypassdosAndroid
20.02.2019MatrixSSL < 4.0.2 - Stack Buffer Overflow Verifying x.509 CertificatesdosLinux
19.02.2019NetSetMan 4.7.1 - 'Workgroup' Denial of Service (PoC)dosWindows
19.02.2019Valentina Studio 9.0.4 - 'Host' Denial of Service (PoC)dosWindows
19.02.2019BulletProof FTP Server 2019.0.0.50 - 'SMTP Server' Denial of Service (PoC)dosWindows
18.02.2019Realterm Serial Terminal 2.0.0.70 - Denial of ServicedosWindows
18.02.2019Realterm Serial Terminal 2.0.0.70 - Local Buffer Overflow (SEH)dosWindows
18.02.2019NBMonitor 1.6.5.0 - 'Key' Denial of Service (PoC)dosWindows
18.02.2019Oracle Java Runtime Environment - Heap Out-of-Bounds Read During OTF Font Rendering in glyph_CloseContourdosJava
18.02.2019Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in OpenTypeLayoutEngine::adjustGlyphPositionsdosJava
18.02.2019Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in ExtractBitMap_blocClassdosJava
18.02.2019Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in AlternateSubstitutionSubtable::processdosJava
15.02.2019AirMore 1.6.1 - Denial of Service (PoC)dosAndroid
15.02.2019Free IP Switcher 3.1 - 'Computer Name' Denial of Service (PoC)dosWindows
15.02.2019Navicat for Oracle 12.1.15 - "Password" Denial of Service (PoC)dosWindows
15.02.2019VSCO 1.1.1.0 - Denial of Service (PoC)dosWindows
15.02.2019Linux - 'kvm_ioctl_create_device()' NULL Pointer DereferencedosLinux
14.02.2019Core FTP/SFTP Server 1.2 Build 589.42 - 'User domain' Denial of Service (PoC)dosWindows
14.02.2019MediaMonkey 4.1.23 - '.mp3' URL Denial of Service (PoC)dosWindows
14.02.2019ApowerManager 3.1.7 - Phone Manager Remote Denial of Service (PoC)dosAndroid
13.02.2019NetworkSleuth 3.0 - 'Name' Denial of Service (PoC)dosWindows
12.02.2019Android - binder Use-After-Free via fdget() OptimizationdosAndroid
12.02.2019Android - binder Use-After-Free of VMA via race Between reclaim and munmapdosAndroid
12.02.2019Skyworth GPON HomeGateways and Optical Network Terminals - Stack OverflowdosASP
11.02.2019AirDroid 4.2.1.6 - Denial of ServicedosAndroid
11.02.2019FutureDj Pro 1.7.2.0 - Denial of ServicedosWindows
11.02.2019NordVPN 6.19.6 - Denial of Service (PoC)dosWindows
06.02.2019Skia - Incorrect Convexity Assumptions Leading to Buffer OverflowsdosMultiple
05.02.2019Device Monitoring Studio 8.10.00.8925 - Denial of Service (PoC)dosWindows
05.02.2019River Past Audio Converter 7.7.16 - Denial of Service (PoC)dosWindows
04.02.2019MyVideoConverter Pro 3.14 - Denial of ServicedosWindows
04.02.2019River Past Ringtone Converter 2.7.6.1601 - Denial of Service (PoC)dosWindows
04.02.2019SpotAuditor 3.6.7 - Denial of Service (PoC)dosWindows
04.02.2019TaskInfo 8.2.0.280 - Denial of Service (PoC)dosWindows
01.02.2019Remote Process Explorer 1.0.0.16 - Buffer Overflow (PoC) (SEH Overwrite)dosWindows
31.01.2019Anyburn 4.3 - 'Convert image to file format' Denial of ServicedosWindows
31.01.2019Advanced Host Monitor 11.90 Beta - 'Registration number' Denial of Service (PoC)dosWindows
31.01.2019AMAC Address Change 5.4 - Denial of Service (PoC)dosWindows
31.01.2019ASPRunner Professional 6.0.766 - Denial of Service (PoC)dosWindows
31.01.2019FlexHEX 2.46 - Buffer Overflow (PoC) (SEH Overwrite)dosWindows
31.01.2019LanHelper 1.74 - Denial of Service (PoC)dosWindows
31.01.2019macOS XNU - Copy-on-Write Behaviour Bypass via Partial-Page Truncation of FiledosmacOS
31.01.2019macOS < 10.14.3 / iOS < 12.1.3 - Arbitrary mach Port Name Deallocation in XPC Services due to Invalid mach Message Parsing in _xpc_serializer_unpackdosMultiple
31.01.2019macOS < 10.14.3 / iOS < 12.1.3 - Sandbox Escapes due to Type Confusions and Memory Safety Issues in iohideventsystemdosMultiple
31.01.2019macOS < 10.14.3 / iOS < 12.1.3 XNU - 'vm_map_copy' Optimization which Requires Atomicity isn't AtomicdosMultiple
31.01.2019macOS < 10.14.3 / iOS < 12.1.3 - Kernel Heap Overflow in PF_KEY due to Lack of Bounds Checking when Retrieving StatisticsdosMultiple
30.01.2019Advanced File Manager 3.4.1 - Denial of Service (PoC)dosWindows
30.01.2019iOS/macOS 10.13.6 - 'if_ports_used_update_wakeuuid()' 16-byte Uninitialized Kernel Stack DisclosuredosMultiple
30.01.2019IP-Tools 2.50 - Local Buffer Overflow (PoC)dosWindows
30.01.2019Necrosoft DIG 0.4 - Buffer Overflow (PoC) (SEH Overwrite)dosWindows
29.01.2019MiniUPnPd 2.1 - Out-of-Bounds ReaddosLinux
28.01.2019Sricam gSOAP 2.8 - Denial of ServicedosHardware
28.01.2019Smart VPN 1.1.3.0 - Denial of Service (PoC)dosWindows
25.01.2019Lua 5.3.5 - 'debug.upvaluejoin' Use After FreedosMultiple
25.01.2019iOS/macOS - 'task_swap_mach_voucher()' Use-After-FreedosMultiple
24.01.2019Microsoft Remote Desktop 10.2.4(134) - Denial of Service (PoC)dosmacOS
21.01.2019Linux Kernel 4.13 - 'compat_get_timex()' Leak Kernel PointerdosLinux
21.01.2019Echo Mirage 3.1 - Buffer Overflow (PoC)dosWindows
18.01.2019Watchr 1.1.0.0 - Denial of Service (PoC)dosWindows
18.01.2019One Search 1.1.0.0 - Denial of Service (PoC)dosWindows
18.01.2019Eco Search 1.0.2.0 - Denial of Service (PoC)dosWindows
18.01.20197 Tik 1.0.1.0 - Denial of Service (PoC)dosWindows
18.01.2019VPN Browser+ 1.1.0.0 - Denial of Service (PoC)dosWindows
18.01.2019FastTube 1.0.1.0 - Denial of Service (PoC)dosWindows
18.01.2019Microsoft Edge Chakra - 'InlineArrayPush' Type ConfusiondosWindows
18.01.2019Microsoft Edge Chakra - 'NewScObjectNoCtor' or 'InitProto' Type ConfusiondosWindows
18.01.2019Microsoft Edge Chakra - 'InitClass' Type ConfusiondosWindows
18.01.2019Microsoft Edge Chakra - 'JsBuiltInEngineInterfaceExtensionObject::InjectJsBuiltInLibraryCode' Use-After-FreedosWindows
16.01.2019Spotify 1.0.96.181 - 'Proxy configuration' Denial of Service (PoC)dosWindows
16.01.2019NTPsec 1.1.2 - 'ctl_getitem' Out-of-Bounds Read (PoC)dosLinux
16.01.2019NTPsec 1.1.2 - 'ntp_control' Out-of-Bounds Read (PoC)dosLinux
16.01.2019NTPsec 1.1.2 - 'ntp_control' (Authenticated) NULL Pointer Dereference (PoC)dosLinux
16.01.2019NTPsec 1.1.2 - 'config' (Authenticated) Out-of-Bounds Write Denial of Service (PoC)dosLinux
16.01.2019Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory in Invalid Array LengthdosMultiple
16.01.2019WebKit JSC JIT - GetIndexedPropertyStorage Use-After-FreedosMultiple
16.01.2019Microsoft Windows 10 - 'RestrictedErrorInfo' Unmarshal Section Handle Use-After-FreedosWindows
15.01.20191Password < 7.0 - Denial of ServicedosAndroid
11.01.2019Selfie Studio 2.17 - Denial of Service (PoC)dosWindows
11.01.2019Tree Studio 2.17 - Denial of Service (PoC)dosWindows
11.01.2019Paint Studio 2.17 - Denial of Service (PoC)dosWindows
11.01.2019Pixel Studio 2.17 - Denial of Service (PoC)dosWindows
11.01.2019Liquid Studio 2.17 - Denial of Service (PoC)dosWindows
11.01.2019Blob Studio 2.17 - Denial of Service (PoC)dosWindows
11.01.2019Luminance Studio 2.17 - Denial of Service (PoC)dosWindows
09.01.2019Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory. Denial of Service (PoC)dosMultiple
09.01.2019Microsoft Office SharePoint Server 2016 - Denial of Service (Metasploit)dosWindows
09.01.2019polkit - Temporary auth Hijacking via PID Reuse and Non-atomic ForkdosLinux
08.01.2019Wireshark - 'get_t61_string' Heap Out-of-Bounds ReaddosMultiple
07.01.2019Microsoft Edge 44.17763.1.0 - NULL Pointer DereferencedosWindows
07.01.2019BlueAuditor 1.7.2.0 - 'Key' Denial of Service (PoC)dosWindows
07.01.2019SpotFTP Password Recover 2.4.2 - 'Name' Denial of Service (PoC)dosWindows
07.01.2019Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service (PoC)dosWindows
02.01.2019EZ CD Audio Converter 8.0.7 - Denial of Service (PoC)dosWindows_x86-64
02.01.2019NetworkSleuth 3.0.0.0 - 'Key' Denial of Service (PoC)dosWindows_x86-64
02.01.2019NBMonitor Network Bandwidth Monitor 1.6.5.0 - 'Name' Denial of Service (PoC)dosWindows_x86-64
02.01.2019WebKit JSC - 'AbstractValue::set' Use-After-FreedosMultiple
02.01.2019WebKit JSC - 'JSArray::shiftCountWithArrayStorage' Out-of-Bounds Read/WritedosMultiple