Exploit

Acunetix 8 build 20120704 - Remote Stack Based Overflow

Acunetix WP Security Plugin 3.0.3 - XSS

Acunetix WVS 10 - Local Privilege escalation

Acunetix WVS 10 - Remote Command Execution (System)

Ad Manager Pro Multiple Vulnerabilities

Ad Manager Pro v. 4 LFI

ADAN Neuronlabs (view.php ) SQL Injection Vulnerability

AdaptCMS 2.0.4 (config.php, question parameter) SQL Injection Vulnerability

AdaptCMS 3.0.3 - Multiple Vulnerabilities

Adem 0.5.1 - Local File Inclusion

ADH-Web Server IP-Cameras - Multiple Vulnerabilities

Admidio 2.3.5 Multiple Vulnerabilities

AdminStudio LaunchHelp.dll ActiveX Arbitrary Code Execution

Adobe Animate 15.2.1.95 - Memory Corruption

Adobe ColdFusion - Directory Traversal'

Adobe ColdFusion < 11 Update 10 - XML External Entity Injection

Adobe ColdFusion 9 - Administrative Login Bypass

Adobe ColdFusion 9 Administrative Login Bypass

Adobe Connect 9.5.7 - Cross-Site Scripting

Adobe Digital Editions <= 4.5.0 - .pdf Critical Memory Corruption

Adobe Flash - addProperty Use-After-Free

Adobe Flash - BitmapData.copyPixels Use-After-Free

Adobe Flash - Color.setTransform Use-After-Free

Adobe Flash - Crash When Freeing Memory After AVC decoding

Adobe Flash - Heap Overflow in ATF Processing (Image Reading)

Adobe Flash - JXR Processing Out-of-Bounds Read

Adobe Flash - Method Calls Use-After-Free

Adobe Flash - MovieClip Transform Getter Use-After-Free

Adobe Flash - MovieClip.duplicateMovieClip Use-After-Free

Adobe Flash - MP4 File Stack Corruption

Adobe Flash - Object.unwatch Use-After-Free Exploit

Adobe Flash - Out-of-Bounds Read when Placing Object

Adobe Flash - Overflow in Processing Raw 565 Textures

Adobe Flash - Selection.setFocus Use-After-Free

Adobe Flash - SetNative Use-After-Free

Adobe Flash - Shape Rendering Crash

Adobe Flash - SimpleButton Creation Type Confusion

Adobe Flash - Sprite Creation Use-After-Free

Adobe Flash - Stage.align Setter Use-After-Free

Adobe Flash - TextField.maxChars Use-After-Free

Adobe Flash - Transform.colorTranform Getter Info Leak

Adobe Flash - Type Confusion in FileReference Constructor

Adobe Flash - Uninitialized Stack Parameter Access in AsBroadcaster.broadcastMessage UaF Fix

Adobe Flash - Uninitialized Stack Parameter Access in MovieClip.swapDepths UaF Fix

Adobe Flash - Uninitialized Stack Parameter Access in Object.unwatch UaF Fix

Adobe Flash - URLStream.readObject Use-After-Free

Adobe Flash - Use-After-Free When Rendering Displays From Multiple Scripts

Adobe Flash - Use-After-Free When Returning Rectangle

Adobe Flash - Use-After-Free When Setting Stage

Adobe Flash - Video Decompression Memory Corruption

Adobe Flash - Zlib Codec Heap Overflow

Adobe Flash BlurFilter Processing - Out-of-Bounds Memset

Adobe Flash GradientFill - Use-After-Frees

Adobe Flash IExternalizable.writeExternal - Type Confusion

Adobe Flash MovieClip.lineStyle - Use-After-Frees

Adobe Flash opaqueBackground Use After Free

Adobe Flash Out-of-Bounds Memory Read While Parsing a Mutated SWF File

Adobe Flash Out-of-Bounds Memory Read While Parsing a Mutated SWF File (2)

Adobe Flash Out-of-Bounds Memory Read While Parsing a Mutated TTF File Embedded in SWF

Adobe Flash Player 11.3 Font Parsing Code Execution

Adobe Flash Player 23.0.0.162 - '.SWF' ConstantPool Critical Memory Corruption

Adobe Flash Player 24.0.0.186 - 'ActionGetURL2' Out-of-Bounds Memory Corruption

Adobe Flash Player AVM Bytecode Verification

Adobe Flash Player AVM Verification Logic Array Indexing Code Execution

Adobe Flash Player Drawing Fill Shader Memory Corruption

Adobe Flash Player Integer Underflow Remote Code Execution

Adobe Flash Player Regular Expression Heap Overflow

Adobe Flash Player Shader Buffer Overflow

Adobe Flash Player ShaderJob Buffer Overflow

Adobe Flash TextField.antiAliasType Setter - Use-After-Free

Adobe Flash TextField.gridFitType Setter - Use-After-Free

Adobe Flash Type Confusion in IExternalizable.readExternal When Performing Local Serialization

Adobe Flash Type Confusion in Serialization with ObjectEncoder.dynamicPropertyWriter

Adobe Flash Use-After-Free in XML.childNodes

Adobe Flash Use-After-Free When Setting Value

Adobe Flash Use-After-Free When Setting Variable

Adobe Illustrator CS5.5 Memory Corruption Exploit

Adobe Photoshop 12.1 Tiff Parsing Use-After-Free

Adobe Photoshop CC & Bridge CC IFF File Parsing Memory Corruption

Adobe Photoshop CC & Bridge CC PNG File Parsing Memory Corruption

Adobe Photoshop CC & Bridge CC PNG File Parsing Memory Corruption 2

Adobe Photoshop CS5.1 U3D.8BI Collada Asset Elements Stack Overflow

Adobe Reader 10.1.4 Crash PoC

Adobe Reader for Android 11.1.3 - Arbitrary JavaScript Execution

Adobe Reader for Android addJavascriptInterface Exploit

AdobeWorkgroupHelper 2.8.3.3 - Stack Based Buffer Overflow

Adult Webmaster PHP - Password Disclosure

Adult Webmaster Script Password Disclosure Vulnerability

Advance MLM Script - SQL Injection

Advanced Desktop Locker 6.0.0 - Lock Screen Bypass

Advanced Electron Forum 1.0.9 - CSRF Vulnerabilities

Advanced Electron Forum 1.0.9 - Persistent XSS Vulnerabilities

Advanced Electron Forum 1.0.9 - RFI / CSRF Vulnerability

Advantech EKI-6340 Command Injection

Advantech Switch Bash Environment Variable Code Injection (Shellshock)

Advantech WebAccess 8.0, 3.4.3 ActiveX - Multiple Vulnerabilities

Advantech WebAccess dvs.ocx GetColor Buffer Overflow

Advantech WebAccess HMI/SCADA Software Persistence XSS Vulnerability

Advertise With Pleasure! (AWP) 6.6 - SQL Injection Vulnerability

AfterLogic Mailsuite Pro (VMware Appliance) 6.3 Stored XSS

AfterLogic Pro and Lite 7.1.1.1 - Stored XSS

Agnitum Outpost Internet Security Local Privilege Escalation

Agnitum Outpost Security Suite 8.1 - Privilege Escalation

Agora-Project 2.12.11 Arbitrary File Upload Vulnerability

Achat v0.150 beta7 Buffer Overflow

Achievo 1.4.5 Multiple Vulnerabilities

AIOCP 1.4.001 CSRF Vulnerability

Air Disk Wireless 1.9 iPad iPhone - Multiple Vulnerabilities

Air Drive Plus 2.4 - Arbitrary File Upload Vulnerability

Air Files v2.6 for iPhone / iPod touch, Directory Traversal

Air Transfer Iphone 1.3.9 - Multiple Vulnerabilities

Airlive IP Cameras - Multiple Vulnerabilities

Airlock WAF 4.2.4 Overlong UTF-8 Sequence Bypass

Airmail 3.0.2 - Cross-Site Scripting

AirOS 6.x - Arbitrary File Upload

airVisionNVR 1.1.13 readfile() Disclosure and SQL Injection

AIX 7.1 - lquerylv Local Privilege Escalation

Ajaxel CMS 8.0 - Multiple Vulnerabilities

AjaXplorer 1.0 - Multiple Vulnerabilities

AjaXplorer checkInstall.php Remote Command Execution

AKIPS Network Monitor 15.37 through 16.5 - OS Command Injection

Aladdin Knowledge System Ltd - PrivAgent.ocx ChooseFilePath BOF

Aladdin Knowledge System Ltd ChooseFilePath Buffer Overflow

Aladdin Knowledge Systems Ltd. PrivAgent ActiveX Control Overflow

ALCASAR <= 2.8.1 - Remote Root Code Execution Vulnerability

ALCASAR 2.8 Remote Root Code Execution Vulnerability

Alcassoft's SOPHIA CMS SQL Injection Vulnerability

Alcatel Lucent Omnivista 8770 - Remote Code Execution

Alcatel-Lucent OmniSwitch - CSRF Vulnerability

AlegroCart 1.2.8 - LFI/RFI Vulnerability

AlegroCart 1.2.8 - Multiple SQL Injection Vulnerabilities

Alibaba Clone B2B Script - Admin Authentication Bypass

Alibaba Clone Tritanium Version (news_desc.html) - SQL Injection Vulnerability

AlienVault 4.3.1 - Unauthenticated SQL Injection

AlienVault OSSIM 3.1 Reflected XSS and Blind SQL Injection

AlienVault OSSIM 4.1.2 - Multiple SQL Injection Vulnerabilities

AlienVault OSSIM av-centerd Command Injection

Alienvault OSSIM Open Source SIEM 4.1 Multiple SQL Vulnerabilities

AlienVault OSSIM SQL Injection and Remote Code Execution

Alienvault OSSIM/USM 5.3.1 - Persistent Cross-Site Scripting

Alienvault OSSIM/USM 5.3.1 - PHP Object Injection

Alienvault OSSIM/USM 5.3.1 - SQL Injection

All In One Wordpress Firewall 3.8.3 - Persistent XSS Vulnerability

All Windows Null-Free Shellcode - Functional Keylogger to File - 601 (0x0259) bytes

Allied Telesis AT-MCF2000M 3.0.2 Gaining Root Shell Access

Allied Telesyn TFTP Server 1.9 Long Filename Overflow

ALLMediaServer 0.8 Buffer Overflow

ALLPlayer 5.6.2 (.m3u) - Local Buffer Overflow (SEH/Unicode)

ALLPlayer 5.6.2 (.m3u) - Local Buffer Overflow PoC

ALLPlayer 5.8.1 - (.m3u file) Buffer Overflow (SEH)

ALLPlayer M3U Buffer Overflow

AllReader 1.0 iOS - Multiple Vulnerabilities

AllWebMenus < 1.1.9 WordPress Menu Plugin Arbitrary File Upload

Allwin URLDownloadToFile + WinExec + ExitProcess Shellcode

Allwinner 3.4 Legacy Kernel - Local Privilege Escalation (Metasploit)

Aloaha Credential Provider Monitor 5.0.226 Local Privilege Escalation Vulnerability

Aloaha PDF Crypter (3.5.0.1164) ActiveX Arbitrary File Overwrite

Alpha Networks ADSL2/2+ Wireless Router ASL-26555 Password Disclosure

Alreader 2.5 .fb2 - SEH Based Stack Overflow (ASLR and DEP bypass)

Alternate Pic View 2.150 - .pgm Crash PoC

Alt-N MDaemon Free 12.5.4 Stored XSS

Amanda <= 3.3.1 - amstar Command Injection Local Root

Amanda <= 3.3.1 - Local Root Exploit

Ametys CMS 3.5.2 - (lang parameter) XPath Injection Vulnerability

Ammyy Admin 3.2 - Authentication Bypass

aMSN 0.98.9 Web App - Multiple Vulnerabilities

Android - 'BadKernel' Remote Code Execution

Android - Binder Generic ASLR Leak

Android - get_user/put_user Exploit (Metasploit)

Android - getpidcon Usage binder Service Replacement Race Condition

Android - 'gpsOneXtra' Data Files Denial of Service

Android - ih264d_process_intra_mb Memory Corruption

Android - IMemory Native Interface is Insecure for IPC Use

Android - Insufficient Binder Message Verification Pointer Leak

Android - Inter-Process munmap with User-Controlled Size in android.graphics.Bitmap

Android - IOMX getConfig/getParameter Information Disclosure

Android - IOMXNodeInstance::enableNativeBuffers Unchecked Index

Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow

Android 1.x/2.x Local Root Exploit

Android 2.0 ,2.1, 2.1.1 WebKit Use-After-Free Exploit

Android 5.0 <= 5.1.1 - Stagefright .MP4 tx3g Integer Overflow (Metasploit)

Android ADB Debug Server Remote Payload Execution

Android Broadcom Wi-Fi Driver - Memory Corruption

Android Browser and WebView addJavascriptInterface Code Execution

Android FTPServer 1.9.0 Remote DoS

Android libstagefright - Integer Overflow Remote Code Execution

Android One mt_wifi IOCTL_GET_STRUCT Privilege Escalation

Android sensord Local Root Exploit

Android Shellcode Telnetd with Parameters

Android Stagefright - Remote Code Execution

Android WAPPushManager - SQL Injection

Android WiFi-Direct Denial of Service

Android Zygote Socket Vulnerability Fork bomb Attack

AneCMS v.2e2c583 LFI exploit

AnimaGallery 2.6 - Local File Inclusion

AnoBBS 1.0.1 - Remote File Inclusion

Another Wordpress Classifieds Plugin - SQL Injection

Ansible 2.1.4 / 2.2.1 - Command Execution

AnvSoft Any Video Converter 4.3.6 Stack Overflow Exploit

AnyDesk 2.5.0 - Unquoted Service Path Privilege Escalation

AoA Audio Extractor Basic 2.3.7 - ActiveX Exploit

AoA DVD Creator 2.6.2 - ActiveX Exploit

AoA DVD Creator V2.5 ActiveX Stack Overflow Exploit

AoA MP4 Converter 4.1.2 - ActiveX Exploit

AoA Mp4 converter v4.1.0 ActiveX Stack Overflow Exploit

AOL Products downloadUpdater2 Plugin SRC Parameter Remote Code Execution

Apache / PHP 5.x Remote Code Execution Exploit

Apache + PHP 5.x - Remote Code Execution (Multithreaded Scanner v2)

Apache 2.4.7 mod_status Scoreboard Handling Race Condition

Apache ActiveMQ 5.11.1/5.13.2 - Directory Traversal / Command Execution

Apache Commons FileUpload and Apache Tomcat Denial-of-Service

Apache CouchDB 2.0.0 - Local Privilege Escalation

Apache Jetspeed Arbitrary File Upload

Apache Mina 2.0.13 - Remote Command Execution

Apache mod_cgi - Remote Exploit (Shellshock)

Apache mod_session_crypto - Padding Oracle

Apache OpenMeetings 1.9.x - 3.1.0 - ZIP File path Traversal

Apache Rave 0.11 - 0.20 - User Information Disclosure

Apache Sling Framework (Adobe AEM) 2.3.6 - Information Disclosure Vulnerability

Apache Struts <= 2.2.1.1 Remote Command Execution

Apache Struts ClassLoader Manipulation Remote Code Execution

Apache Struts Developer Mode OGNL Execution

Apache Struts Dynamic Method Invocation Remote Code Execution

Apache Struts includeParams Remote Code Execution

Apache suEXEC Privilege Elevation / Information Disclosure

Apache Tomcat 8/7/6 (Debian-Based Distros) - Privilege Escalation

Apache Tomcat 8/7/6 (RedHat-Based Distros) - Privilege Escalation

Apache Tomcat Manager Application Upload Authenticated Code Execution

Apache Tomcat Remote Exploit (PUT Request) and Account Scanner

Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object RCE

Apexis IP CAM - Information Disclosure

AppFusions Doxygen for Atlassian Confluence 1.3.2 - Cross-Site Scripting

ApPHP MicroBlog 1.0.2 - Cross-Site Request Forgery (Add New Author)

ApPHP MicroBlog 1.0.2 - Stored Cross Site Scripting

ApPHP MicroCMS 3.9.5 - (Add Admin) Cross-Site Request Forgery

ApPHP MicroCMS 3.9.5 - Stored Cross Site Scripting

Apple iCloud Desktop Client 5.2.1.0 - Local Credentials Disclosure

Apple Intel HD 3000 Graphics driver 10.0.0 - Local Privilege Escalation

Apple iOS 7.2 - Sim Lock Screen Display Bypass Vulnerability

Apple iTunes <= 10.6.1.7 Extended m3u Stack Buffer Overflow

Apple iTunes 10 Extended M3U Stack Buffer Overflow

Apple Mac OS X Lion Kernel <= xnu-1699.32.7 except xnu-1699.24.8 NFS Mount - Privilege Escalation Exploit

Apple Motion 5.0.7 Integer Overflow Vulnerability

Apple OS X Entitlements Rootpipe Privilege Escalation

Apple OS X Kernel - IOBluetoothFamily.kext Use-After-Free

Apple OS X/iOS - mach_ports_register Multiple Memory Safety Issues

Apple Patches iTunes, iCloud for Windows, Xcode Server

Apple qlmanage - SceneKit::daeElement::setElementName Heap Overflow

Apple Quick Time Player (Windows) Version 7.7.3 Out of Bound Read

Apple Quicktime - MOV File Parsing Memory Corruption Vulnerability

Apple Quicktime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 1

Apple Quicktime < 7.7.79.80.95 - FPX File Parsing Memory Corruption 2

Apple Quicktime < 7.7.79.80.95 - PSD File Parsing Memory Corruption

Apple Quicktime 7 Invalid Atom Length Buffer Overflow

Apple QuickTime 7.7.2 MIME Type Buffer Overflow

Apple QuickTime 7.7.2 Targa image Buffer Overflow

Apple QuickTime Player 7.7.2 Crash PoC

Apple QuickTime TeXML Stack Buffer Overflow

Apple Safari 6.0.1 for iOS 6.0 and OS X 10.7/8 - Heap Buffer Overflow

Apple watchOS 2 - Crash PoC

AppLocker Execution Prevention Bypass

Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution

appRain 3.0.2 - Blind SQL Injection Vulnerability

appRain CMF <= 0.1.5 (uploadify.php) Unrestricted File Upload Exploit

appRain CMF 3.0.2 - CSRF Add/Delete Admin Account

appRain CMF Arbitrary PHP File Upload Vulnerability

APT - Repository Signing Bypass via Memory Allocation Failure

Arab Portal 3 - SQL Injection Vulnerability

AraDown Blind SQL Injection

Arachni Web Application Scanner Web UI - Stored XSS Vulnerability

Arastta 1.1.5 - SQL Injection Vulnerabilities

ArcServe UDP 6.0.3792 Update 2 Build 516 - Unquoted Service Path Privilege...

Arctic Torrent 1.2.3 Memory Corruption (DoS)

ARG-W4 ADSL Router - Multiple Vulnerabilities

Archin WordPress Theme 3.2 Unauthenticated Configuration Access

Arris TG1682G Modem - Stored XSS Vulnerability

ArrowChat 1.5.61 Multiple Vulnerabilities

ArticleFR 11.06.2014 (data.php) - Privilege Escalation

Artiphp CMS 5.5.0 Database Backup Disclosure Exploit

Artweaver 3.1.5 (.AWD) - Buffer Overflow Vulnerability

Aruba Mobility Controller 6.4.2.8 - Multiple vulnerabilities

ARYADAD Multiple Vulnerabilities

asaanCart XSS/LFI Vulnerabilities

Asbru Web Content Management System 9.2.7 - Multiple Vulnerabilities

aSc Timetables 2013 - Stack Buffer Overflow Vulnerability

ASLDRService ATK Hotkey 1.0.69.0 - Unquoted Service Path Privilege Escalation

Aspen 0.8 - Directory Traversal

ASP-Nuke 2.0.7 - 'gotourl.asp' Open Redirect Vulnerability

Asseco SEE iBank FX Client 2.0.9.3 - Local Privilege Escalation Vulnerability

ASUS DSL-X11 ADSL Router - Unauthenticated DNS Change

ASUS Memory Mapping Driver (ASMMAP/ASMMAP64): Physical Memory Read/Write

ASUS Net4Switch ipswcom.dll ActiveX Stack Buffer Overflow

Asus RT56U 3.0.0.4.360 - Remote Command Injection

Asus RT-N66U 3.0.0.4.374_720 - CSRF Vulnerability

ASUSWRT 3.0.0.4.376_1071 - LAN Backdoor Command Execution

Asx to Mp3 2.7.5 - Stack Overflow

ATKGFNEXSrv ATKGFNEX 1.0.11.1 - Unquoted Service Path Privilege Escalation

Atlassian Confluence 4.3.5 - Multiple Vulnerabilities

Atlassian Confluence 5.9.12 - Persistent Cross-Site Scripting

Atlassian HipChat for Jira Plugin Velocity Template Injection

Atmail WebAdmin and Webmail Control Panel SQL Root Password Disclosure

Atmail Webmail 7.2 - Multiple Vulnerabilities

Attackers Replacing Firmware on Cisco Routers

ATutor 1.2 Multiple Vulnerabilities

ATutor 2.2 - Multiple XSS Vulnerabilities

ATutor 2.2.1 Directory Traversal / Remote Code Execution

ATutor 2.2.1 SQL Injection / Remote Code Execution

ATutor LMS install_modules.php CSRF Remote Code Execution Vulnerability

Audacious 3.7 - ID3 Local Crash PoC

Audio Editor Master 5.4.1.217 Denial Of Service Vulnerability

AudioCoder .M3U Buffer Overflow

AudioCoder 0.8.22 - Direct Retn Buffer Overflow

AudioCoder 0.8.22 (.m3u) - SEH Buffer Overflow

AudioCoder 0.8.29 - Memory Corruption (SEH)

Audiotran PLS File Stack Buffer Overflow

AuraCMS 2.3 - Multiple Vulnerabilities

Auto Database System 1.0 Infusion Addon SQL injection Vulnerability

AutoCAD DWG and DXF To PDF Converter 2.2 - Buffer Overflow

Auto-Exchanger 5.1.0 - CSRF Vulnerability

Autonics DAQMaster 1.7.3 - DQP Parsing Buffer Overflow Code Execution

AutoPlay v1.33 (autoplay.ini) Local Buffer Overflow Exploit (SEH)

AutoWeb 3.0 - (noticias.php id_cat) SQL Injection Exploit

Auxilium PetRatePro Multiple Vulnerabilities

Auxilium RateMyPet Arbitrary File Upload Vulnerability

AV Arcade Free Edition (add_rating.php, id parameter) Blind SQL Injection

Avast Antivirus X.509 Error Rendering Command Execution

Avast Heap Overflow Unpacking MoleBox Archives

Avast Integer Overflow Verifying numFonts in TTC Header

Avast JetDb::IsExploited4x - Performs Unbounded Search on Input

Avast OOB Write Decrypting PEncrypt Packed Executables

Avaya IP Office Manager 8.1 TFTP DOS

Avaya WinPDM UniteHostRouter <= 3.8.2 Remote Pre-Auth Command Execute

Avaya WinPMD UniteHostRouter Buffer Overflow

AVE.CMS <= 2.09 (index.php, module param) - Blind SQL Injection Exploit

AVerCaster Pro RS3400 Web Server Directory Traversal

Aviosoft Digital TV Player Professional 1.x (Direct Retn)

AVIPreview 0.26 Alpha Denial of Service

Avira - Heap Underflow Parsing PE Section Headers

Avira 14.0.7.342 - (avguard.exe) Service Trusted Path Privilege Escalation

Avira AntVir QUA file in (avcenter.exe) Local Crash PoC

Avira Internet Security avipbb.sys Filter Bypass and Privilege Escalation

Avira Secure Backup 1.0.0.1 Build 3616 (.reg) - Buffer Overflow

AVM FRITZ!Box < 6.30 - Buffer Overflow

AVTECH DVR Firmware 1017-1003-1009-1003 - Multiple Vulnerabilities

AVTECH IP Camera, NVR, and DVR Devices - Multiple Vulnerabilities

AWCM v2.2 final Persistent Cross Site Script Vulnerability

AWS XMS 2.5 (importer.php, what param) - Directory Traversal Vulnerability

Axessh 4.2 - Denial Of Service

Axigen Mail Server 8.0.1 Stored XSS

AXIS Media Control 6.2.10.11 - Unsafe ActiveX Method

Axis Network Cameras - Multiple Vulnerabilities

Axous 1.1.1 Multiple Vulnerabilities (CSRF - Persistent XSS)

Axway Secure Transport 5.1 SP2 - Arbitary File Upload via CSRF

B2B Portal Script - Blind SQL Injection

b2ePMS 1.0 Authentication Bypass Vulnerability

b2ePMS 1.0 multiple SQLi Vulnerabilities

b2evolution 4.1.6 - Multiple Vulnerabilities

b374k Web Shell - CSRF Command Injection

BabyGekko 1.2.2e Multiple Vulnerabilities

Bacula-web 1.3.x - 5.0.3 Multiple Remote Vulnerabilities

Baidu Spark Browser 43.23.1000.476 - Address Bar URL Spoofing

Baidu Spark Browser v26.5.9999.3511 - Remote Stack Overflow Vulnerability (DoS)

BananaDance Wiki b2.2 Multiple Vulnerabilities

Barracuda Cloud CC v3.04.015 - Multiple Web Vulnerabilities

Barracuda CudaTel 2.6.02.040 - SQL Injection Vulnerability

Barracuda Firewall 6.1.0.016 - Multiple Vulnerabilities

Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities

Barracuda Message Archiver 650 - Persistent XSS Vulnerability

Barracuda Networks #35 Web Firewall 610 6.0.1 - Filter Bypass & Persistent Vulnerability

Barracuda Networks Cloud Series - Filter Bypass Vulnerability

Barracuda Spam & Virus Firewall 5.1.3.007 - Remote Command Execution (Metasploit)

Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Remote Command Execution (Metasploit)

Base64 Decoder 1.1.2 - SEH OverWrite PoC

Bash - CGI RCE (MSF) Shellshock Exploit

Bash Environment Variables Code Injection Exploit

Basilic 1.5.14 diff.php Arbitrary Command Execution

Bassmaster 1.5.1 - Batch Arbitrary JavaScript Injection Remote Code Execution...

Battle.Net 1.5.0.7963 - Insecure File Permissions Privilege Escalation

Baumer VeriSens Application Suite 2.6.2 - Buffer Overflow Vulnerability

Beckhoff CX9020 CPU Module - Remote Code Execution Exploit

Bedita 3.5.1 - XSS Vulnerabilities

BEdita CMS 3.5.0 - Multiple Vulnerabilities

Beetel Connection Manager PCW_BTLINDV1.0.0B04 - SEH Buffer Overflow

Belkin N150 Wireless Home Router F9K1009 v1 - Multiple Vulnerabilities

Belkin n750 jump login Parameter Buffer Overflow

Belkin Router N150 1.00.08, 1.00.09 - Path Traversal Vulnerability

beSTORM 3.5.6 ActiveX (WinGraphviz.dll) Remote Heap Overflow

Betsy v4.0 (ress.php) Local File Include Vulnerability

BigAnt Server 2 SCH And DUPF Buffer Overflow

BigAnt Server 2.52 SP5 SEH Stack Overflow ROP-based exploit (ASLR + DEP bypass)

BigAnt Server DUPF Command Arbitrary File Upload

BigPond 3G21WB Multiple Vulnerabilities

Bigware Shop 2.3.01 - Multiple Local File Inclusion Vulnerabilities

Billion Router 7700NR4 - Remote Command Execution

Binary File Descriptor Library (libbfd) - Out-of-Bounds Crash

Binatone DT 850W Wireless Router - Multiple CSRF Vulnerabilities

BirdBlog 1.4.0 - (Add New Post) Cross-Site Request Forgery

BisonWare BisonFTP Server 3.5 - Directory Traversal Vulnerability

Bitbot C2 Panel gate2.php - Multiple Vulnerabilities

Bitdefender GravityZone 5.1.5.386 - Multiple Vulnerabilities

Bitrix bitrix.mpbuilder Module 1.0.10 - Local File Inclusion

Bitrix bitrix.xscan Module 1.0.3 - Directory Traversal

Bitsmith PS Knowbase 3.2.3 - Buffer Overflow Vulnerability

Bitweaver 2.8.1 Multiple Vulnerabilities

bitweaver 2.8.1 Multiple Vulnerabilities

Bitweaver 2.8.1 Persistant XSS Vulnerability

Bitweaver v2.81 Local File Inclusion Vulnerability

Blackberry Z10 Research Primer - Dissecting Blackberry 10 - An Initial Analysis

Blackboard LMS 9.1 SP14 - Cross-Site Scripting

BlackStratus LOGStorm 4.5.1.35/4.5.1.96 - Remote Code Execution

Blade API Monitor Unicode Bypass (Serial Number BOF)

Blat.exe 2.7.6 SMTP / NNTP Mailer - Buffer Overflow

BlazeDVD 6.2 (.plf) - Buffer Overflow (SEH)

BlazeDVD Pro 7.0 - (.plf) Stack Based Buffer Overflow (Direct RET)

BlazeDVD Pro 7.0 (.plf) - Buffer Overflow (SEH)

BlazeDVD Pro Player 6.1 - Stack Based Buffer Overflow Jump ESP

BlazeVideo HDTV Player 6.6 Professional (Direct Retn)

BlazeVideo HDTV Player 6.6 Professional SEH&DEP&ASLR

Blog Mod <= 0.1.9 (index.php, month parameter) SQL Injection

bloofox CMS 0.5.0 - Multiple Vulnerabilities

BLUE COM Router 5360/52018 - Password Reset Exploit

BlueStacks 2.5.55 - Unquoted Service Path Privilege Escalation

Bluethrust Clan Scripts v4 R17 - Multiple Vulnerabilities

Bluetooth Photo Share Pro 2.0 iOS - Multiple Vulnerabilities

Bluetooth Photo-File Share 2.1 iOS - Multiple Vulnerabilities

Bluetooth Text Chat 1.0 iOS - Code Execution Vulnerability

BMC Service Desk Express 10.2.1.95 - Multiple Vulnerabilities

BMC Track-It! - Multiple Vulnerabilities

BMForum Myna 6.0 SQL Injection Vulnerability

boastMachine v3.1 <= CSRF Add Admin Vulnerability

Boat Browser 8.0 and 8.0.1 - Remote Code Execution Vulnerability

Boilsoft RM TO MP3 Converter 1.72 - Crash POC (.wav)

BolinTech DreamFTP 1.02 - 'RETR' Command Remote Buffer Overflow

Bonefire v.0.7.1 - Reinstall Admin Account Exploit

Bonita BPM 6.5.1 - Multiple Vulnerabilities

Booking Calendar - Multiple Vulnerabilities

Booking System Pro CSRF Vulnerability

Boonex Dolphin 7.3.2 - Authentication Bypass

Bosch Security Systems Dinion NBN-498 Web Interface - XML Injection

Bosch Security Systems DVR 630/650/670 Series - Multiple Vulnerabilities

BoutikOne (description.php) SQL Injection Vulnerability

BoxBilling 3.6.11 (mod_notification) Stored Cross-Site Scripting Vulnerability

Boxoft Wav 1.0 - Buffer Overflow

Brave Browser 1.2.16/1.9.56 - Address Bar URL Spoofing

Brickcom Corporation Network Cameras - Multiple Vulnerabilities

Broadcom DoS on BCM4325 and BCM4329 Devices

Browser Navigation Download Trick

BrowserModifier:Win32/Smudplu

BSIGN 0.4.5 - Buffer Overflow

bsnes v0.87 Local Denial Of Service

Buffalo TeraStation TS-Series - Multiple Vulnerabilities

Buffalo WZR-HP-G300NH2 - CSRF Vulnerability

BulletProof FTP Client 2010 - Buffer Overflow (SEH)

BulletProof FTP Client 2010 - Buffer Overflow (SEH) Exploit

BulletProof FTP Client BPS Buffer Overflow

BusinessWiki 2.5RC3 Stored XSS & Arbitrary File Upload

BuyClassifiedScript PHP Code Injection Vulnerability

BWMeter v5.4.0 (.csv) Denial of Service Vulnerability

C/C++ Offline Compiler and C For OS - Persistent XSS

C2Box 4.0.0(r19171) - CSRF Vulnerability

C2S DVR Management IRDOME-II-C2S, IRBOX-II-C2S, DVR - Credentials Disclosure / Authentication Bypass

C99.php Shell - Authentication Bypass

CA 2E Web Option 8.1.2 - Authentication Bypass

CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow

Cacti Superlinks Plugin 1.4-2 RCE(LFI) via SQL Injection Exploit

CacheGuard-OS 5.7.7 - CSRF Vulnerability

CakePHP 2.x-2.2.0-RC2 XXE Injection

CakePHP Framework 3.2.4 - IP Spoofing

Calavera UpLoader 3.5 - SEH Buffer Overflow

CAM UnZip 5.1 - Archive Path Traversal

Cam2pc 4.6.2 - BMP Image Processing Integer Overflow Vulnerability

Cambium ePMP 1000 - Multiple Vulnerabilities

Cannonbolt Portfolio Manager v1.0 Multiple Vulnerabilities

Cart Engine 3.0 - Multiple Vulnerabilities

Cartweaver 3 Local File Inclusion Vulnerability

Categorizator 0.3.1 - SQL Injection

Catia V5-6R2013 "CATV5_AllApplications" - Stack Buffer Overflow

Catia V5-6R2013 "CATV5_Backbone_Bus" - Stack Buffer Overflow

CBHotel Hotel Software and Booking system 1.8 - Multiple Vulnerabilities

CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities

CCProxy 7.3 - Integer Overflow Exploit

CDex Genre 1.79 - Stack Buffer Overflow

Cells Blog 3.3 - XSS Reflected & Blind SQLite Injection

Cells Blog CMS v1.1 Multiple Web Vulnerabilites

Cemu 1.6.4b - Information Leak + Buffer Overflow (Emulator Breakout)

Centos 7.1/Fedora 22 - abrt Local Root

Centreon <= 2.5.3 - Remote Command Execution

Centreon 2.5.3 - Web Useralias Command Execution (Metasploit)

Centreon 2.6.1 - Multiple Vulnerabilities

Cerb 7.0.3 - CSRF Vulnerability

Certec EDV atvise SCADA Server 2.5.9 - Privilege Escalation

CF Image Host 1.65 - CSRF Vulnerability

CF Image Host 1.65 - PHP Command Injection

cFos Personal Net 3.09 - Remote Heap Memory Corruption Denial of Service

Cgiemail 1.6 - Source Code Disclosure

CCH Wolters Kluwer PFX Engagement <= 7.1 - Local Privilege Escalation

cChatBox for vBulletin 3.6.8 and 3.7.x SQL Injection Vulnerability

CIK Telecom VoIP router SVG6000RW - Privilege Escalation and Command Execution

CIScan 1.00 - Hostname/IP Field Crash PoC

CIScan 1.00 - Hostname/IP Field SEH Overwrite PoC

Cisco AnyConnect 3.1.08009 - Privilege Escalation via DMG Install Script

Cisco AnyConnect Secure Mobility 2.x, 3.x, 4.x - Client DoS PoC

Cisco AnyConnect Secure Mobility Client 3.1.08009 - Privilege Escalation

Cisco ASA - Authentication Bypass 'EXTRABACON' (Improved Shellcode) (69 bytes)

Cisco ASA / PIX - Privilege Escalation (EPICBANANA)

Cisco ASA < 8.4.4.6|8.2.5.32 Ethernet Information Leak

Cisco ASA 8.x - Authentication Bypass (EXTRABACON)

Cisco ASA 9.2(3) - Authentication Bypass (EXTRABACON Module)

Cisco ASA 9.2(3) - 'EXTRABACON' Authentication Bypass

Cisco ASA Software 8.x / 9.x - IKEv1 and IKEv2 Buffer Overflow

Cisco DPC2100 Denial of Service

Cisco EPC 3925 - Multiple Vulnerabilities

Cisco Firepower Management Console 6.0 - Post Authentication UserAdd

Cisco Linksys E4200 Firmware - Multiple Vulnerabilities

Cisco Linksys PlayerPT ActiveX Control Buffer Overflow

Cisco Linksys WAG54GS CSRF Change Admin Password

Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow Vulnerability

Cisco Patches Critical Vulnerability in Facility Events Response System

Cisco Prime Data Center Network Manager Arbitrary File Upload

Cisco Sourcefire User Agent 2.2 - Insecure File Permissions

Cisco UCS Manager 2.1(1b) - Shellshock Exploit

Cisco Unified Communications Manager - Multiple Vulnerabilities

Cisco Unified Communications Manager 7/8/9 - Directory Traversal

Cisco Unity Express Multiple Vulnerabilities

Cisco Video Surveillance Operations Manager 6.3.2 - Multiple vulnerabilities

Cisco Webex Player T29.10 - '.ARF' Out-of-Bounds Memory Corruption

Cisco Webex Player T29.10 - '.WRF' Use-After-Free Memory Corruption

Citrix Access Gateway Command Execution

Citrix NetScaler SOAP Handler Remote Code Execution

Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020000 Buffer Overflow

Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020002 Buffer Overflow

Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020004 Buffer Overflow

Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020006 Buffer Overflow

Citrix Receiver/Receiver Desktop Lock 4.5 - Authentication Bypass

CKEditor < 4.1 Drupal 6.x & 7.x - Persistent XSS Vulnerability

CKEditor 4.0.1 - Multiple Vulnerabilities

Clansphere 2010_3 Stored XSS Vulnerability

ClanSuite 2.9 Arbitrary File Upload Vulnerability

ClassApps SelectSurvey.net - Multiple SQL Injection Vulnerabilities

ClearSCADA - Remote Authentication Bypass Exploit

ClickDesk Multiple HTML Injection Vulnerabilities

ClickHeat <= 1.14 Change Admin Password CSRF

Clickheat 1.13+ Remote Command Execution

ClipBucket 2.5 CSRF Vulnerability

Clipbucket 2.7 RC3 0.9 - Blind SQL Injection

Clipbucket v2.5 Blind SQLi Vulnerability

Clipbucket v2.5 Directory Traversal

ClipperCMS 1.3.0 - Code Execution Vulnerability

ClipperCMS 1.3.0 - Multiple SQL Injection Vulnerabilities

ClipShare 4.1.1 - Multiples Vulnerabilites

ClipShare 4.1.1 (gmembers.php, gid param) - Blind SQL Injection Vulnerability

ClipShare 4.1.4 - Multiple Vulnerabilities

ClipSharePro <= 4.1 - Local File Inclusion

Clipster Video Persistent XSS Vulnerability

CLscript CMS v3.0 Multiple Vulnerabilities

CMS Formulasi 2.07 - Multiple Vulnerabilities

CMS Made Simple < 2.1.3 & < 1.12.1 - Web Server Cache Poisoning

CMS Made Simple 2.1.5 - Cross-Site Scripting

CMS Papoo 6.0.0 Rev. 4701 - Stored XSS

CMS phpshop 2.0 SQL Injection Vulnerability

CMS snews SQL Injection Vulnerability

CMSimple 4.4, 4.4.2 - Remote File Inclusion

CMSQLITE v1.3.2 Multiple Vulnerabiltiies

cnzz CMS SQLi (company.php)

CodeBlocks 12.11 (Mac OS X) - Crash POC

CodeBlocks v8.02 (cbp) Buffer Overflow Exploit

CodeMeter 4.50.906.503 - Service Trusted Path Privilege Escalation

CodoForum 3.2.1 - SQL Injection

Cogent Datahub <= 7.3.9 Gamma Script Elevation of Privilege

Cogent DataHub Command Injection

Cogent DataHub HTTP Server Buffer Overflow

ColdFusion 9-10 - Credential Disclosure Exploit

Collabtive 1.0 (manageuser.php, task param) - SQL Injection Vulnerability

Colloquy 1.3.5 and 1.3.6 Denial of Service Vulnerability

ColoradoFTP 1.3 Prime Edition (Build 8) - Directory Traversal

Colorful Blog - Cross-Site Request Forgery (Change Admin Password)

Colorful Blog - Stored Cross Site Scripting

Comcast DOCSIS 3.0 Business Gateways Multiple Vulnerabilities

Cometchat - Multiple Vulnerabilities

Cometchat Application - Multiple Vulnerabilities

Comment Rating 2.9.23 Wordpress Plugin Multiple Vulnerabilities

Comodo - Integer Overflow Leading to Heap Overflow in Win32 Emulation

Comodo - Integer Overlow Leading to Heap Overflow Parsing Composite Documents

Comodo - LZMA Decoder Heap Overflow via Insufficient Parameter Checks

Comodo - PackMan Unpacker Insufficient Parameter Validation

Comodo Antivirus - Heap Overflow in LZX Decompression

Comodo Antivirus Forwards Emulated API Calls to the Real API During Scans

Comodo Backup 4.4.0.0 - NULL Pointer Dereference EOP

Comodo Dragon Browser - Unquoted Service Path Privilege Escalation

Comodo Chromodo Browser - Unquoted Service Path Privilege Escalation

Comodo Internet Security - HIPS/Sandbox Escape PoC

CompuSource Systems - Real Time Home Banking - Local Privilege Escalation

ComSndFTP Server 1.3.7 Beta Remote Format String Overflow

ComSndFTP v1.3.7 Beta USER Buffer Overflow

Comtrend ADSL Router CT-5367 C01_R12 Remote Root

COMTREND ADSL Router CT-5367 C01_R12, CT-5624 C01_R03 - Unauthenticated DNS Change

Conceptronic Grab’n’Go Network Storage Directory Traversal

Concrete5 5.6.2.1 (index.php, cID param) - SQL Injection

concrete5 CMS 5.6.1.2 - Multiple Vulnerabilities

ConQuest DICOM Server 1.4.17d - Stack Buffer Overflow

Constructr CMS 3.03 Miltiple Remote Vulnerabilities

ContaoCMS (fka TYPOlight) <= 2.11 CSRF (Delete Admin- Delete Article)

Cool PDF Reader 3.0.2.256 Buffer Overflow

CoolPlayer Portable 2.19.2 Buffer Overflow ASLR bypass

CoolPlayer+ Portable 2.19.2 Buffer Overflow ASLR Bypass (Large Shellcode)

CoolPlayer+ Portable 2.19.6 - .m3u Stack Overflow (Egghunter+ASLR bypass)

CoolZip 2.0 zip Buffer Overflow Exploit

Coppermine Photo Gallery 1.5.x Remote Command Execution

Core FTP LE 2.2 - 'SSH/SFTP' Remote Buffer Overflow (PoC)

Core FTP Server 1.2 - Buffer Overflow PoC

CORE Multimedia Suite 2011 CORE Player 2.4 Buffer Overflow (.m3u)

Corel PDF Fusion Stack Buffer Overflow

CorelDRAW X7 CDR File (CdrTxt.dll) Off-By-One Stack Corruption Vulnerability

Counter-Strike 1.6 'GameInfo' Query Reflection DoS PoC

couponPHP CMS 1.0 - Multiple Stored XSS and SQL Injection Vulnerabilities

Course Registration Management System 2.1 Multiple Vulnerabilities

cPanel WebHost Manager 3.1 dofeaturemanager feature Parameter XSS

cPassMan v1.82 Remote Command Execution Exploit

crea8social 1.3 - Stored XSS Vulnerability

Crea8Social 2.0 - XSS Change Interface

CreateVision CMS Database injection.

Creative Contact Form - Arbitrary File Upload

Creative Contact Form (Wordpress 0.9.7 and Joomla 2.0.0) - Shell Upload Vulnerability

Crestron AM-100 - Multiple Vulnerabilities

CRLF injection / HTTP response Splitting

Croogo 2.0.0 - Arbitrary PHP Code Execution Exploit

Croogo 2.0.0 - Multiple Stored XSS Vulnerabilities

Crouzet em4 soft 1.1.04 - .pm4 Integer Division By Zero

Crouzet em4 soft 1.1.04 and M3 soft 3.1.2.0 - Insecure File Permissions

Cryptocat Arbitrary Script Injection Vulnerability

Csound hetro File Handling Stack Buffer Overflow

CTERA 3.2.29.0 and 3.2.42.0 - Stored XSS

CubeCart 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability

CubeCart 5.2.8 - Session Fixation

CubeCart 6.0.10 - Multiple Vulnerabilities

CUDA Cracking

CumulusClips 2.4.1 - Multiple Vulnerabilities

Cuppa CMS (alertConfigField.php, urlConfig param) - Remote/Local File Inclusion

CUPS Filter Bash Environment Variable Code Injection

cURL Buffer Overflow Vulnerability

CuteZip 2.1 Buffer Overflow Exploit

CVE-2012-1535: Adobe Flash Player Integer Overflow Vulnerability Analysis

CVE-2012-4969 Technical Analysis Report

CyberCop Scanner Smbgrind 5.5 - Buffer Overflow

CyberLink Power2Go Essential 9.0.1002.0 - Registry SEH/Unicode Buffer Overflow

CyberLink Power2Go name attribute (p2g) Stack Buffer Overflow Exploit

Cyberoam Firewall CR500iNG-XP - 10.6.2 MR-1 - Blind SQL Injection Vulnerability

Cyclope Employee Surveillance <= v8.6.1- Insecure File Permissions

Cyclope Employee Surveillance Solution v6 SQL Injection

Cyclope Employee Surveillance Solution v6.0 SQL Injection

Cydia Repo Manager CSRF Vulnerability

Cyme ChartFX Client Server ActiveX Control Array Indexing Vulnerability

Dahua DVR 2.608.0000.0 and 2.608.GV00.0 - Authentication Bypass

DaloRadius - Multiple Vulnerabilities

DATAC RealWin Multiple Vulnerabilities

DataLife Engine 9.7 (preview.php) PHP Code Injection Vulnerability

Daum Game 1.1.0.5 ActiveX (IconCreate Method) - Stack Buffer Overflow

davfs2 1.4.6/1.4.7 - Local Privilege Escalation Exploit

Davolink DV-2051 - Multiple Vulnerabilities

dbus-glib pam_fprintd - Local Root Exploit

DCMTK 3.6.0 storescp - Stack Buffer Overflow

DecisionTools SharpGrid ActiveX Control RCE

Deepin Linux 15 - lastore-daemon Privilege Escalation

DeepOfix SMTP Server 3.3 - Authentication Bypass

DeleGate 9.9.13 - Local Root Vulnerability

Dell EqualLogic Storage - Directory Traversal

Dell Kace 1000 SMA 5.4.742 - SQL Injection Vulnerabilities

Dell Kace 1000 SMA v5.4.70402 - Persistent XSS Vulnerabilities

Dell KACE K1000 File Upload

Dell Netvault Backup 10.0.1.24 - Denial of Service

Dell PacketTrap MSP RMM 6.6.x - Multiple XSS Vulnerabilities

Dell PacketTrap PSA 7.1 - Multiple XSS Vulnerabilities

Dell SonicWALL Global Management System GMS 8.1 - Blind SQL Injection

Dell SonicWall GMS 7.2.x - Code Injection

Dell SonicWall Scrutinizer <= 11.0.1 - setUserSkin/deleteTab SQL Injection Remote Code Execution

Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection

Dell SonicWALL Scrutinizer 9.0.1 (statusFilter.php q parameter) SQL Injection

Dell SonicWALL Secure Mobile Access SMA 8.1 - Cross-Site Scripting / Cross-Site...

Dell Webcam CrazyTalk ActiveX BackImage Vulnerability

Dell Webcam Software Bundled ActiveX Remote Buffer Overflow Vulnerability

Delta Industrial Automation DCISoft 1.12.09 - Stack Buffer Overflow Exploit

Denial of Service in FoxPlayer version 2.6.0

Depot WiFi 1.0.0 iOS - Multiple Vulnerabilities

DESlock+ <= 4.1.10 vdlptokn.sys Local Kernel ring0 SYSTEM Exploit

Detecting System Intrusions

deV!L`z Clanportal Witze Addon Versions 0.9 SQL Injection Vulnerability

DevExpress ASPxFileManager 10.2 to 13.2.8 - Directory Traversal

Device42 WAN Emulator 2.3 Ping Command Injection

Device42 WAN Emulator 2.3 Traceroute Command Injection

DeWeS 0.4.2 - Directory Traversal Vulnerability

Dew-NewPHPLinks v.2.1b (index.php) SQL Injection Vulnerability

Dexs PM System Wordpress Plugin - Authenticated Persistent XSS (0day)

Dexter (CasinoLoader) Panel - SQL Injection

Dexter (CasinoLoader) SQL Injection

DFLabs PTK <= 1.0.5 Multiple Vulnerabilities (Steal Authentication Credentials)

DirectAdmin 1.491 - CSRF Vulnerability

DirectAdmin 1.50.1 - Denial of Service

DirectAdmin ADD Sub Domain CSRF Exploit

DirectAdmin Web Control Panel 1.483 - Multiple Vulnerabilities

DirectShow Arbitrary Memory Overwrite Vulnerability (MS13-056)

DirPHP 1.0 - LFI Vulnerability

Disc ORGanizer - DORG - Multiple Vulnerabilities

Disconnect.me Mac OS X Client <= 2.0 - Local Privilege Escalation

Disk Pulse Enterprise 9.0.34 - Buffer Overflow Exploit

Disk Pulse Enterprise 9.1.16 - Buffer Overflow

Disk Savvy Enterprise 9.1.14 - Buffer Overflow

Disk Savvy Enterprise 9.1.14 - 'GET' Buffer Overflow

Disk Sorter Enterprise 9.1.12 - Buffer Overflow

DiskBoss Enterprise 7.4.28 - 'GET' Buffer Overflow

DiskBoss Enterprise 7.5.12 - 'POST' Buffer Overflow (SEH)

Disqus Blog Comments Blind SQL Injection Vulnerability

Disqus for Wordpress 2.7.5 Admin Stored CSRF and XSS

Distributed Ruby send syscall vulnerability

DIY Web CMS Multiple Vulnerabilities

DJ Studio Pro 5.1 .pls Stack Buffer Overflow

DJ Studio Pro 5.1.6.5.2 SEH Exploit MSF

DjVuLibre <= 3.5.25.3 - Out of Bounds Access Violation

D-Link AP 3200 Multiple Vulnerabilities

D-Link authentication.cgi Buffer Overflow

D-Link Cookie Command Execution

D-Link DCS Cameras - Multiple Vulnerabilities

Dlink DCS series CSRF Change Admin Password

D-Link DCS-5605 Network Surveillance ActiveX Control DcsCliCtrl.dll lstrcpyW Remote Buffer Overflow Vulnerability

D-Link DCS-930L Authenticated Remote Command Execution

D-Link DCS-931L File Upload

D-Link Devices HNAP SOAPAction-Header Command Execution

D-Link Devices Unauthenticated Remote Command Execution

D-Link Devices UPnP SOAP Command Execution

D-Link Devices UPnP SOAP Telnetd Command Execution

D-Link DGL5500 - HNAP Buffer Overflow Vulnerability

Dlink DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow (Metasploit)

D-Link DIR-100 - Multiple Vulnerabilities

D-Link DIR-505 1.06 - Multiple Vulnerabilities

D-Link DIR-600 and DIR-300 (rev B) Multiple Vulnerabilities

D-Link DIR-601 - Command Injection Vulnerability

D-Link DIR-605 CSRF Vulnerability

D-Link DIR-605L Captcha Handling Buffer Overflow

D-Link DIR-615 - Multiple Buffer Overflow Vulnerabilities

Dlink DIR-615 Hardware vE4 Firmware v5.10 - CSRF Vulnerability

D-Link DIR-615 rev H - Multiple Vulnerabilities

D-Link DIR615h OS Command Injection

D-Link DIR-635 - Multiple Vulnerabilities

D-Link DIR-645 - Multiple UPNP Vulnerabilities

D-Link DIR-815 - Multiple Vulnerabilities

D-Link DIR-815, DIR-850L - SSDP Command Injection

D-Link DIR-817LW - Multiple Vulnerabilities

D-Link DIR-818W - Multiple Vulnerabilities

D-Link DIR-825 (vC) - Multiple Vulnerabilities

D-Link DIR-866L - Multiple Buffer Overflow Vulnerabilities

D-Link DIR-880L - Multiple Buffer Overflow Vulnerabilities

D-Link DIR-890L/R - Multiple Buffer Overflow Vulnerabilities

D-Link DNS-323 - Multiple Vulnerabilities

D-Link DSL-2640B (ADSL Router) CSRF Vulnerability

D-Link DSL-2640B Authentication Bypass

D-Link DSL-2730B AU_2.01 - Authentication Bypass DNS Change

D-Link DSL-2740B - Multiple CSRF Vulnerabilities

D-Link DSL-2740R - Unauthenticated Remote DNS Change Exploit

D-Link DSL-2750B ADSL Router - CSRF Vulnerability

D-link DSL-2760U-E1 - Persistent XSS

D-Link DSL-2780B DLink_1.01.14 - Unauthenticated Remote DNS Change

D-Link DSL-320B - Multiple Vulnerabilities

D-Link DSL-526B ADSL2+ AU_2.01 - Unauthenticated Remote DNS Change

D-Link DSR Series Router - Remote Shell Root Exploit

DLink DVGN5402SP - Multiple Vulnerabilities

Dlink DWR-113 Rev. Ax - CSRF Denial of Service

D-Link DWR-932 Firmware 4.00 - Authentication Bypass

D-Link hedwig.cgi Buffer Overflow in Cookie Header

D-Link HNAP Request Remote Buffer Overflow

D-Link info.cgi POST Request Buffer Overflow

D-Link IP Cameras Multiple Vulnerabilities

D-Link Routers - Multiple Vulnerabilities

D-Link Unauthenticated UPnP M-SEARCH Multicast Command Injection

D-link Wireless Router DIR-816L – CSRF Vulnerability

docker 0.11 VMM-container Breakout

Docker Daemon - Privilege Escalation (Metasploit)

DO-CMS Multiple SQL Injection Vulnerabilities

Dolibarr CMS 3.5.3 - Multiple Security Vulnerabilities

Dolibarr ERP & CRM 3 Post-Auth OS Command Injection

Dolibarr ERP & CRM OS Command Injection

Dolibarr ERP/CMS 3.4.0 (exportcsv.php, sondage param) - SQL Injection

dompdf 0.6.0 (dompdf.php, read param) - Arbitrary File Read

DomPHP <= v0.83 - Local Directory Traversal Vulnerability

DOMSDAY - Analyzing a Dom-Based XSS in Yahoo!

DomsHttpd <= 1.0 Remote Denial Of Service Exploit

Doodle4Gift - Multiple Vulnerabilities

doorGets CMS 5.2 - SQL Injection Vulnerability

Dotclear 2.4.2 Arbitrary File Upload Vulnerability

dotDefender Firewall 5.00.12865 / 5.13-13282 - CSRF Vulnerability

DotNetNuke 07.04.00 - Administration Authentication Bypass

DotNetNuke DNNArticle Module 10.0 - SQL Injection Vulnerability

DotNetNuke DNNspot Store 3.0.0 Arbitary File Upload

dotProject <= 2.1.6 Remote File Inclusion Vulnerability

dotProject 2.1.5 CSRF Vulnerability

Dotproject 2.1.5 Multiple Vulnerabilities

Douran 3.9.7.8 File Download/Source Code Disclosure Vulnerability

Dovecot with Exim sender_address Parameter - Remote Command Execution

Dr. Web Control Center 6.00.3.201111300 XSS Vulnerability

Draytek Vigor 3900 1.06 - Privilege Escalation

DrayTek VigorACS SI 1.3.0 - Multiple Vulnerabilities

Dropbox < 3.3.x - OSX FinderLoadBundle Local Root Exploit

Dropbox Desktop Client 9.4.49 (64bit) - Local Credentials Disclosure

Drupal < 7.32 Pre Auth SQL Injection

Drupal < 7.34 - Denial of Service

Drupal CMS 7.12 (latest stable release) Multiple Vulnerabilities

Drupal CODER Module 2.5 - Remote Command Execution (Metasploit)

Drupal Core <= 7.32 - SQL Injection (#1)

Drupal Core <= 7.32 - SQL Injection (#2)

Drupal Core <= 7.32 - SQL Injection (PHP)

DS3 Authentication Server - Multiple Vulnerabilities

Dual DHCP DNS Server 7.29 - Denial of Service

DukaPress 2.5.2 - Path Traversal

Dup Scout Enterprise 9.1.14 - Buffer Overflow

Dup Scout Enterprise 9.1.14 - Buffer Overflow (SEH)

DVD-Lab Studio 1.25 DAL File Open Crash

DWebPro 8.4.2 - Multiple Vulnerabilities

Dyn DDoS Could Have Topped 1 Tbps

E SMS Script Multiple SQL Injection Vulnerabilities

EastFTP ActiveX Control 0Day

Easy Address Book Web Server 1.6 - Stack Buffer Overflow

Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow

Easy Banner Pro (index.php page) Local File Inclusion

Easy CD-DA Recorder Buffer Overflow Exploit (SEH)

Easy CD-DA Recorder PLS Buffer Overflow

Easy File Management Web Server 5.3 - Stack Buffer Overflow

Easy File Management Web Server 5.6 - USERID Remote Buffer Overflow

Easy File Management Web Server Stack Buffer Overflow

Easy File Management Web Server v5.3 - UserID Remote Buffer Overflow (ROP)

Easy File Sharing FTP Server 3.5 - Stack Buffer Overflow

Easy File Sharing HTTP Server 7.2 SEH Overflow

Easy File Sharing Web Server 6.9 - USERID Remote Buffer Overflow

Easy File Sharing Web Server 7.2 - GET HTTP Request SEH Buffer Overflow

Easy File Sharing Web Server 7.2 - HEAD HTTP Request SEH Buffer Overflow

Easy File Sharing Web Server 7.2 - Remote SEH Buffer Overflow (DEP Bypass with ROP)

Easy File Sharing Webserver <= 6.8 - Persistent XSS

Easy LAN Folder Share Version 3.2.0.100 - Buffer Overflow Vulnerability

Easy POS System - SQL Injection (login.php)

EasyCafe Server <= 2.2.14 Remote File Read

EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery / Remote Command Execution

EasyPHP Devserver 16.1.1 - Insecure File Permissions Privilege Escalation

Eaton Network Shutdown Module <= 3.21 - Remote PHP Code Injection

eBay Magento <= 1.9.2.1 - PHP FPM XML eXternal Entity Injection

eBay Magento CE <= 1.9.2.1 - Unrestricted Cron Script (Potential Code Execution / DoS)

eCan v0.1 => Local File Disclosure Vulnerability

EC-CUBE 2.12.6 - Server-Side Request Forgery

eClinicalWorks (CCMR) - Multiple Vulnerabilities

ecoCMS admin.php (amature version) Cross-Site-Scripting

ECommerceMajor - (productdtl.php, prodid param) SQL Injection Vulnerability

ECommerce-Multi-Vendor Software - Arbitrary File Upload

ECommerce-TIBSECART - Arbitrary File Upload

E-Detective Lawful Interception System - Multiple Vulnerabilities

Edimax BR6228nS/BR6228nC - Multiple Vulnerabilities

Edimax EW-7206-APg and EW-7209APg - Multiple Vulnerabilities

Edimax PS-1206MF - Web Admin Auth Bypass

EditMe CMS - Cross-Site Request Forgery (Add New Admin)

Edraw Office Viewer Component V7.4 ActiveX Stack Buffer Overflow

eFront 3.6.14.4 (surname param) - Persistent XSS Vulnerability

eFront v3.6.14 (build 18012) - Stored XSS in Multiple Parameters

EGallery PHP File Upload Vulnerability

EggAvatar 2.3.2 for vBulletin 3.8.x Local File Read

EggAvatar for vBulletin 3.8.x SQL Injection Vulnerability

eggBlog 4.1.2 - Arbitrary File Upload Vulnerability

EKG Gadu 1.9~pre+r2855-3+b1 - Local Buffer Overflow

Ektron CMS 8.5.0 Multiple Vulnerabilities

Ektron CMS 9.10 SP1 (Build 9.1.0.184.1.114) - CSRF Vulnerability

Elantech-Smart Pad 11.9.0.0 - Unquoted Service Path Privilege Escalation

ElasticSearch 1.6.0 - Arbitrary File Download

ElasticSearch Dynamic Script Arbitrary Java Execution

Elastix < 2.5 , PHP Code Injection Exploit

Elastix 2.2.0 LFI Exploit

Elcom CMS 7.4.10 Community Manager Insecure File Upload

eLearning Server 4G Multiple Remote Vulnerabilities

Elecard AVC_HD/MPEG Player 5.7 Buffer Overflow

Elecard MPEG Player 5.7 Local Buffer Overflow PoC (SEH)

Elemata CMS RC3.0 (global.php, id param) - SQL Injection

Elipse E3 HTTP Denial of Service

elproLOG MONITOR WebAccess 2.1 - Multiple Vulnerabilities

eM Client e-mail client v5.0.18025.0 Stored XSS vulnerability

E-Mail Security Virtual Appliance (ESVA) Remote Execution

E-Mail Security Virtual Appliance learn-msg.cgi Command Injection

EmailArchitect Enterprise Email Server 10.0 Stored XSS

EMC AlphaStor Device Manager Opcode 0x75 Command Injection

EMC Cloud Tiering Appliance v10.0 Unauthenticated XXE Arbitrary File Read

EMC Data Protection Advisor DPA Illuminator - EJBInvokerServlet RCE

EMC IRM License Server DoS Server 4.6.1.1995

EMC NetWorker <= 7.6 sp3 Denial of Service

EMC Networker Format String

EMC ViPR SRM - Cross-Site Request Forgery

Enable Media Replace WordPress Plugin Multiple Vulnerabilities

Enalean Tuleap 7.2 - XXE File Disclosure

Enalean Tuleap 7.4.99.5 - Blind SQL Injection

Enalean Tuleap 7.4.99.5 - Remote Command Execution

Encaps PHP Gallery SQL Injection

encoded 64 bit execve shellcode

Endeca Latitude 2.2.2 - CSRF Vulnerability

Endian Firewall Proxy Password Change Command Injection

Endian UTM Firewall v2.4.x & v2.5.0 - Multiple Web Vulnerabilities

Endpoint Protector v4.0.4.0 Multiple Vulnerabilities

EntryPass N5200 - Credentials Exposure

ePhoto Transfer v1.2.1 iOS - Multiple Vulnerabilities

Epicor Enterprise 7.4 - Multiple Vulnerabilities

Epson EventManager <= 2.50 Denial of Service

Ericom AccessNow Server Buffer Overflow

ERS Viewer 2011 ERS File Handling Buffer Overflow

ES Job Search Engine v3.0 SQL Injection Vulnerability

ESCON SupportPortal Pro 3.0 Stored XSS

Escort Agency CMS Blind SQL Injection Vunerability

Escort Directory CMS SQL Injection Vunerability

Escort und Begleitservice Agentur Script SQL Injection Vunerability

ESRI ArcGIS 10.0.X / ArcMap 9 Arbitrary Code Execution

Esselbach Storyteller CMS System Version 1.8 SQL Injection Vulnerability

e-ticketing' SQL Injection (CVE-2012-1673)

'e-ticketing' SQL Injection (CVE-2012-1673)

Ettercap 0.8.0-0.8.1 - Multiple Denial of Service Vulnerabilities

Event Script PHP v1.1 CMS Multiple Vulnerabilities

Eventum Issue Tracking System 2.3.1 stored XSS

Eventy CMS v1.8 Plus Multiple Vulnerabilities

Eventy Online Scheduler 1.8 - Multiple Vulnerabilities

Evince PDF Reader - 2.32.0.145 (Windows) and 3.4.0 (Linux) - Denial Of Service

Exagate WEBPack Management System - Multiple Vulnerabilities

Exim "perl_startup" Privilege Escalation

Exim < 4.86.2 - Local Root Privilege Escalation

exim <= 4.84-3 - Local Root Exploit

Exim sender_address Parameter - RCE Exploit

Exper EWM-01 ADSL/MODEM - Unauthenticated DNS Change

eXPert PDF Reader 4.0 NULL Pointer Dereference and Heap Corruption

Exploit: NCMedia Sound Editor Pro v7.5.1 SEH&DEP

Exponent CMS 2.2.0 beta 3 - Multiple Vulnerabilities

Exponent CMS 2.3.1 - Multiple XSS Vulnerabilities

Exponent CMS 2.3.9 - Blind SQL Injection

ExponentCMS 2.0.5 Multiple Vulnerabilities

Express Zip <= 2.40 - Path Traversal

eXtplorer 2.1.9 - Archive Path Traversal

eXtplorer v2.1 Arbitrary File Upload Vulnerability

EyeLock Myris 3.3.2 - SDK Service Unquoted Service Path Privilege Escalation

EyeLock nano NXT 3.5 - Local File Disclosure

EyeLock nano NXT 3.5 - Remote Root Exploit

EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities

EZHomeTech EzServer <= 6.4.017 Stack Buffer Overflow Vulnerability

EzPub Simple Classic ASP CMS SQL Injection Vulnerability

F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - File Path Traversal Vulnerability

F5 BIG-IP Remote Root Authentication Bypass Vulnerability

F5 iControl iCall::Script Root Command Execution

F5 iControl Remote Root Command Execution

Fake Webcam v 6.1 Local Crash PoC

Family CMS 2.9 and earlier multiple Vulnerabilities

Family Connections CMS 2.3.2 (POST) Stored XSS And XPath Injection

FAROL - SQL Injection Vulnerability

FBZX 2.10 - Local Stack-Based Buffer Overflow

FCKEditor ASP Version 2.6.8 File Upload Protection Bypass

Feng Office - Stored XSS

Feng Office 1.7.4 - Arbitrary File Upload

Feng Office 1.7.4 - Cross Site Scripting Vulnerabilities

FENIX 0.92 - Buffer Overflow

FHFS - FTP/HTTP File Server 2.1.2 Remote Command Execution

File Hub 1.9.1 iOS - Multiple Vulnerabilities

File Lite 3.3 & 3.5 PRO iOS - Multiple Vulnerabilities

File Manager 4.2.10 iOS - Code Execution Vulnerability

File Replication Pro <= 7.2.0 - Multiple Vulnerabilities

FileBound 6.2 Privilege Escalation Vulnerability

Filemaker Pro 13.03 & Advanced 12.04 - Login Bypass and Privilege Escalation

Filer Lite v2.1.0 for iPhone / iPod touch, Directory Traversal

Files Desk Pro v1.4 iOS - Local File Inclusion

Filezilla 3.11.0.2 - SFTP Module Denial of Service Vulnerability

FileZilla FTP Client 3.17.0.0 - Unquoted Path Privilege Escalation

FingerTec Fingerprint Reader - Remote Access and Remote Enrollment

FireEye - Privilege Escalation to root from Malware Input Processor (uid=mip)

FireEye Appliance Unauthorized File Disclosure

FireEye Wormable Remote Code Execution in MIP JAR Analysis

Firefox < 39.03 - pdf.js Same Origin Policy Exploit

Firefox 7/8 (<= 8.0.1) nsSVGValue Out-of-Bounds Access Vulnerability

Firefox 8/9 AttributeChildRemoved() Use-After-Free

Firefox onreadystatechange Event DocumentViewerImpl Use After Free

Firefox PDF.js Privileged Javascript Injection

Firefox toString console.time Privileged Javascript Injection

Firefox WebIDL Privileged Javascript Injection

Firefox XMLSerializer Use After Free

Firejail - Privilege Escalation

Fitbit Connect Service - Unquoted Service Path Privilege Escalation

FiverrScript CSRF Vulnerability (Add New Admin)

FL Studio 10 Producer Edition SEH Based Buffer Overflow PoC

Flash AS2 Use After Free in DisplacementMapFilter.mapBitmap

Flash AS2 Use After Free in TextField.filters

Flash AS2 Use After Free While Setting TextField.filters

Flash AVSS.setSubscribedTags Use After Free Memory Corruption

Flash Boundless Tunes - Universal SOP Bypass Through ActionSctipt's Sound Object

Flash Broker-Based Sandbox Escape via Forward Slash Instead of Backslash

Flash Broker-Based Sandbox Escape via Timing Attack Against File Moving

Flash Broker-Based Sandbox Escape via Unexpected Directory Lock

Flash Issues in DefineBitsLossless and DefineBitsLossless2 Leads to Using Uninitialized Memory

Flash JIT – Spraying info leak gadgets

Flash PCRE Regex Compilation Zero-Length Assertion Arbitrary Bytecode Execution

Flash Player Integer Overflow in Function.apply

Flash Uninitialized Stack Variable MPD Parsing Memory Corruption

Flash Use-After-Free in Display List Handling

Flash Use-After-Free in NetConnection.connect

Flash Use-After-Free with MovieClip.scrollRect in AS2

FlashFXP v4.1.8.1701 - Buffer Overflow Vulnerability

FlashChat - Arbitrary File Upload Vulnerability

Flatpress 1.0 - Remote Code Execution

FlexNet License Server Manager lmgrd Buffer Overflow

FlexNet License Server Manager Stack Overflow In lmgrd

Flussonic Media Server 4.1.25 - 4.3.3 - Aribtrary File Disclosure

Flux Player v3.1.0 iOS - Multiple Vulnerabilities

FMyLife Clone Script (Pro Edition) 1.1 - Cross-Site Request Forgery (Add Admin)

Foe CMS 1.6.5 - Multiple Vulnerabilities

Folder Plus 2.5.1 iOS - Persistent XSS Vulnerability

foobar2000 1.3.9 - (.asx) Local Crash PoC

foobar2000 1.3.9 - (.pls; .m3u; .m3u8) Local Crash PoC

Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection

Foreman (Red Hat OpenStack/Satellite) users/create Mass Assignment

ForkCMS 3.2.5 Multiple Vulnerabilities

FormatFactory v3.0.1 Profile File Handling Buffer Overflow

FortiAnalyzer 5.0.4 - CSRF Vulnerability

FortiClient SSLVPN 5.4 - Credentials Disclosure

Fortigate Firewalls - Remote Code Execution (EGREGIOUSBLUNDER)

FortiGate OS Version 4.x - 5.0.7 - SSH Backdoor

Fortigate UTM WAF Appliance Multiple Vulnerabilities

FortiManager 5.2.2 - Persistent XSS Vulnerabilities

Fortinet FortiMail 400 IBE Multiple Vulnerabilities

FortKnox Personal Firewall 9.0.305.0 & 10.0.305.0 - Kernel Driver (fortknoxfw.sys) Memory Corruption Vulnerability

Forum Oxalis <= 0.1.2 SQL Injection Vulnerability

FOSCAM IP-Cameras Improper Access Restrictions

Foxit Cloud Update Service - Unquoted Service Path Privilege Escalation

Foxit PDF Reader 4.2 Javascript File Write

Foxit Reader - PNG Conversion Parsing tEXt Chunk Arbitrary Code Execution

Foxit Reader <= 7.2.8.1124 - PDF Parsing Memory Corruption

Foxit Reader 3.0 Open Execute Action Stack Based Buffer Overflow

Foxit Reader 5.4.3.0920 Crash PoC

Foxit Reader Plugin URL Processing Buffer Overflow

FoxPlayer v2.9.0 Denial of Service Vulnerability

Franklin Fueling TS-550 evo 2.0.0.6833 - Multiple Vulnerabilities

Free Hosting Manager V2.0.2 Multiple SQLi

Free Monthly Websites v2.0 Multiple Vulnerabilities

Free Realty v3.1-0.6 Multiple Vulnerabilities

Free Screen To Video V1.2 DLL Hijacking Exploit (iacenc.dll)

Free WMA MP3 Converter 1.8 (.wav) - Buffer Overflow

FreeBSD <= 5.4-RELEASE ftpd (Version 6.00LS) sendfile kernel mem-leak Exploit

FreeBSD <= 6.4 Netgraph Local Privledge Escalation Exploit

FreeBSD 9.1 ftpd Remote Denial of Service

FreeBSD Kernel Multiple Vulnerabilities

FreeBSD SCTP ICMPv6 Error Processing Vulnerability

FreeDisk v1.01 iOS - Multiple Vulnerabilities

Freefloat FTP Server 1.0 - 'DIR' Command Buffer Overflow

Freefloat FTP Server 1.0 - 'SITE ZONE' Command Buffer Overflow

freeFTPd 1.0.10 (PASS Command) - SEH Buffer Overflow

freeFTPd 1.0.10 PASS Command SEH Overflow (msf)

freeFTPd 1.0.8 - 'mkd' Command Denial Of Service

freeFTPd PASS Command Buffer Overflow

FreeFTPD Remote Authentication Bypass Zeroday Exploit

FreePBX < 13.0.188 - Remote Command Execution (Metasploit)

Freepbx < 2.11.1.5 - Remote Code Execution

FreePBX 10.13.66 - Remote Command Execution / Privilege Escalation

FreePBX 13 / 14 - Remote Code Execution

FreePBX 13.0.35 - Remote Command Execution

FreePBX 13.0.35 - SQL Injection

Freepbx 13.0.x < 13.0.154 - Remote Command Execution

Freeproxy Internet Suite 4.10 - Denial of Service

Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities

Freesshd Authentication Bypass

FreeSSHD Remote Authentication Bypass Zeroday Exploit

FreeType 2.6.1 TrueType tt_cmap14_validate Parsing Heap-Based Out-of-Bounds Reads

FreeType 2.6.1 TrueType tt_sbit_decoder_load_bit_aligned Heap-Based Out-of-Bounds Read

FreiChat 9.6 - SQL Injection

FreshFTP 5.52 - .qfl Crash PoC

Friends in War Make or Break 1.7 - 'imgid' Parameter SQL Injection

Friends in War Make or Break v1.3 SQL Injection (authbypass) Vulnerability

friendsinwar FAQ Manager (view_faq.php, question param) SQL Injection Vulnerability

friendsinwar FAQ Manager SQL Injection (authbypass) Vulnerability

Fritz!Box Webcm Unauthenticated Command Injection

Froxlor Server Management Panel 0.9.33.1 - MySQL Login Information Disclosure

FTGate 2009 Build 6.4.00 - Multiple Vulnerabilities

FTGate 7 - CSRF Vulnerabilities

FTP Commander 8.02 - SEH Overwrite

FTP Sprite v1.2.1 iOS - Persistent XSS Vulnerability

FtpDisc v1.0 for iPhone / iPod touch, Directory Traversal

FTPShell Client 5.24 - (Create NewFolder) Local Buffer Overflow

FTPShell Client 5.24 - Buffer Overflow

FTPShell Client 5.24 - 'PWD' Remote Buffer Overflow

FTPShell Server 6.36 - '.csv' Local Denial of Service

FUDforum 3.0.6 - Cross-Site Scripting / Cross-Site Request Forgery

FUDforum 3.0.6 - Local File Inclusion

Full Player 8.2.1 - Memory Corruption PoC

Fuzzing: An introduction to Sulley Framework

Galette (picture.php) SQL Injection Vulnerability

Galilery 1.0 Local File Inclusion Vulnerability

GAME ENGINES: A 0-DAY’S TALE

Ganesha Digital Library 4.0 Multiple Vulnerabilities

Ganeti - Multiple Vulnerabilities

Ganglia Web Frontend < 3.5.1 - PHP Code Execution

GAzie 5.10 (Login parameter) Multiple Remote Vulnerabilities

GAzie 5.10 (Login parameter) Multiple Vulnerabilities

GDL 4.2 - Multiple Vulnerabilities

GE Industrial Solutions UPS SNMP Adapter < 4.8 - Multiple Vulnerabilities

GE Proficy CIMPLICITY gefebt.exe Remote Code Execution

Gemtek CPE7000 - WLTCS-106 Administrator SID Retriever (MSF)

Gemtek CPE7000 - WLTCS-106 sysconf.cgi Unauthenticated Remote Command Execution (MSF)

Gentoo Local Priv Escalation in QEMU

GENU CMS 2012.3 - Multiple SQL Injection Vulnerabilities

GENU CMS SQL Injection Vulnerability

GeoCore MAX DB Ver. 7.3.3 - Time-Based Blind Injection

Geomi CMS SQL Injection Vulnerability

GeoVision (GeoHttpServer) Webcams Remote File Disclosure Exploit

GestioIP Remote Command Execution

GetGo Download Manager 4.9.0.1982 - HTTP Response Header Buffer Overflow Remote Code Execution

GetSimpleCMS 3.2.1 Arbitrary File Upload Vulnerability

GigPress 2.1.10 Wordpress Plugin Stored XSS Vulnerability

GIMP 2.6 script-fu < 2.8.0 Buffer Overflow Vulnerability

GIMP scriptfu Server Buffer Overflow

Git-1.9.5 ssh-agent.exe Buffer Overflow

GitLab - 'impersonate' Feature Privilege Escalation

Gitlab-shell Code Execution

Gitlist <= 0.4.0 - Remote Code Execution

Gitlist Unauthenticated Remote Command Execution

Gitorious Arbitrary Command Execution

Gkplugins Picasaweb - Download File

Gleamtech FileVista/FileUltimate 4.6 Directory Traversal

glFusion 1.3.0 (search.php, cat_id param) - SQL Injection

glFusion CMS Blind SQL injection Vulnerability

glibc - getaddrinfo Stack Based Buffer Overflow

glibc - getaddrinfo Stack-Based Buffer Overflow

glibc and eglibc 2.5, 2.7, 2.13 - Buffer Overflow Vulnerability

glibc Off-by-One NUL Byte gconv_translit_find Exploit

globalSCAPE CuteZIP Stack Buffer Overflow

Glossword 1.8.12 Multiple Vulnerabilities

Glossword 1.8.3 SQL Injection Vulnerability

GLPI 0.84.1 - Multiple Vulnerabilities

GLPI 0.85 - Blind SQL Injection

GLPI 0.85.5 - RCE Through File Upload Filter Bypass

GLPi 0.90.2 - SQL Injection

GLPI install.php Remote Command Execution

Gnew 2013.1 - Multiple Vulnerabilities

Gnome Nautilus 3.16 - Denial of Service

GNU bash 4.3.11 Environment Variable dhclient Exploit

GNU bash Environment Variable Command Injection

GNU GTypist 2.9.5-2 - Local Buffer Overflow

GNU Wget < 1.18 - Access List Bypass / Race Condition

gnuboard <= 4.34.20 XSS Vulnerability

GoAhead Web Server 3.1.x - Denial of Service

godontologico 5 - SQL Injection (0day)

Gökhan Balbal Script 2.0 - CSRF Vulnerability

GoldMP4Player 3.3 - Buffer Overflow Exploit (SEH)

GOM Audio 2.0.8 - (.gas) Crash POC

Gom Player 2.1.44.5123 (Unicode) NULL Pointer Dereference

GOMPlayer 2.2.53.5169 (.wav) - Crash POC

Gongwalker API Manager 1.1 - Blind SQL Injection

Good for Enterprise 2.2.2.1611 - XSS Vulnerability

Google AdWords <= 6.2.0 API client libraries - XML eXternal Entity Injection (XXE)

Google AdWords API PHP client library <= 6.2.0 - Arbitrary PHP Code Execution

Google Android - WifiNative::setHotlist Stack Overflow

Google Android max86902 Driver - 'sysfs' Interfaces Race Condition

Google Chrome - Renderer Process to Browser Process Privilege Escalation

Google Chrome Silent HTTP Authentication

Google Talk gtalk:// Deprecated Uri Handler Parameter Injection Vulnerability

Google to Distrust WoSign, StartCom Certs in 2017

Google to Make Certificate Transparency Mandatory By 2017

Google Unveils Cryptographic Library Test Suite Wycheproof

Goron Webserver 2.0 - Multiple Vulnerabilities

GpicView 0.2.5 - Crash PoC

GPON Home Router FTP G-93RG1 - CSRF Command Execution Vulnerability

GQ File Manager 0.2.5 - Multiple Vulnerabilities

GRAND Flash Album Gallery 0.55 Wordpress Plugin Multiple Vulnerabilities

Graphite Web Unsafe Pickle Handling

Grassroots DICOM (GDCM) 2.6.0 and 2.6.1 - ImageRegionReader::ReadIntoBuffer Buffer Overflow

Grawlix 1.0.3 - CSRF Vulnerability

GreenBrowser 6.4.0515 - Heap Overflow Vulnerability

GroundWork monarch_scan.cgi OS Command Injection

Group Office Calendar (calendar/json.php) SQL Injection

GRR Système de Gestion et de Réservations de Ressources 3.0.0-RC1 - Arbitrary File Upload

GS Foto Uebertraeger 3.0 iOS - File Include Vulnerability

GSC Client 1.00 2067 - Privilege Escalation Vulnerability

GSM SIM Editor 5.15 Buffer Overflow

GTX CMS 2013 Optima - SQL Injection

GuestBook Scripts PHP v1.5 - Multiple Vulnerabilities

Guitar Pro 6.1.1 r10791 (.gpx) Crash POC

Guitar Pro 6.1.1 r10791 (.gpx) Denial of Service Exploit

Guppy CMS 5.0.9 & 5.00.10 Authentication Bypass/Change Email

GuppY CMS 5.0.9 & 5.00.10 Multiple CSRF Vulnerabilities

GWebmail 0.7.3 XSS & LFI RCE Vulnerabilities

h5ai < 0.25.0 - Unrestricted File Upload

Hak5 WiFi Pineapple - Preconfiguration Command Injection (Metasploit)

Halliburton LogView Pro 9.7.5 - (.cgm/.tif/.tiff/.tifh) Crash PoC

Halon Security Router (SR) 3.2-winter-r1 - Multiple Security Vulnerabilities

HandyPassword 4.9.3 - SEH Over-Write Exploit

haneWIN DNS Server 1.5.3 - Denial of Service

Hanso Converter 2.4.0 - 'ogg' Buffer Overflow(DoS)

Hanso Converter v1.1.0 BufferOverflow - Denial Of Service

Hanso Player 1.4.0.0 Buffer Overflow - DoS Skinfile

HansoPlayer 3.4.0 Memory Corruption PoC

Hastymail 2.1.1 RC1 Command Injection

Hastymail2 Webmail 1.1 RC2 Stored XSS

Havalite CMS v1.0.4 Multiple Vulnerabilities

Havij Pro - Crash POC

Havij Pro - Crash POC ,Linux x86 Egg Hunter Shellcode (19 bytes)

Hawkeye-G v3.0.1.4912 CSRF Vulnerability

Hawkeye-G v3.0.1.4912 Persistent XSS & Information Leakage

HCView WriteAV Crash PoC

Heartbleed OpenSSL - Information Leak Exploit

Heartbleed OpenSSL - Information Leak Exploit (2) - DTLS Support

Heartbleed OpenSSL - Information Leak Exploit

HelpDeskZ 1.0.2 - Unauthenticated Shell Upload

Heroes of Might and Magic III - Map Parsing Arbitrary Code Execution

Heroes of Might and Magic III .h3m Map file Buffer Overflow

Heroku Bug Bounty #2 - (API) Re Auth Session Bypass Vulnerability

Hex : Shard of Fate 1.0.1.026 - Unquoted Path Privilege Escalation

Hexamail Server <= 4.4.5 Persistent XSS Vulnerability

Hexchat IRC Client 2.11.0 - CAP LS Handling Buffer Overflow

Hexchat IRC Client 2.11.0 - Directory Traversal

Hiawatha WebServer 7.4 Denial of Service Vulnerability

Hikvision Digital Video Recorder - Cross-Site Request Forgery

Hikvision DVR RTSP Request Remote Code Execution

Hippo CMS 10.1 - Multiple Vulnerabilities

Hitron CGNV4 Modem/Router 4.3.9.9-SIP-UPC - Multiple Vulnerabilities

Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution

Hivemail Webmail Multiple Stored XSS Vulnerabilities

hMailServer 5.3.3 IMAP Remote Crash PoC

Home FTP SERVER 1.12 Directory Traversal

HomeSeer HS2 and HomeSeer PRO Multiple Vulnerabilities

Honeywell HSC Remote Deployer ActiveX Remote Code Execution

Honeywell IP-Camera HICC-1100PT - Credentials Disclosure

Honeywell IP-Camera HICC-1100PT - Local File Disclosure

Honeywell Tema Remote Installer ActiveX Remote Code Execution

Horde 3.3.12 Backdoor Arbitrary PHP Code Execution

Horde Groupware 5.2.10 - CSRF Vulnerability

Horde Groupware Web Mail Edition 5.1.2 - CSRF Vulnerability

Horde Horde_Image::factory driver Argument Local File Inclusion

Hornbill Supportworks ITSM 1.0.0 - SQL Injection Vulnerability

Horos 2.1.0 DICOM Medical Image Viewer - Denial of Service

Horos 2.1.0 Web Portal - Directory Traversal

Hotel Booking Portal' SQL Injection (CVE-2012-1672)

'Hotel Booking Portal' SQL Injection (CVE-2012-1672)

Hotel Booking Portal v0.1 Multiple Vulnerabilities

House Style 0.1.2 => readfile() Local File Disclosure Vulnerability

HP Application Lifecycle Management XGO.ocx ActiveX SetShapeNodeType() Remote Code Execution

HP AutoPass License Server File Upload

HP Client - Automation Command Injection / Remote Code Execution

HP Client Automation Command Injection

HP Data Protector 6.1 EXEC_CMD Remote Code Execution

HP Data Protector 8.10 Remote Command Execution

HP Data Protector Arbitrary Remote Command Execution

HP Data Protector Backup Client Service Directory Traversal

HP Data Protector Backup Client Service Remote Code Execution

HP Data Protector Cell Request Service Buffer Overflow

HP Data Protector Client EXEC_CMD Remote Code Execution

HP Data Protector EXEC_BAR Remote Command Execution

HP Data protector manager 8.10 remote command execution

HP Intelligent Management Center BIMS UploadServlet Directory Traversal

HP Intelligent Management Center UAM Buffer Overflow

HP LaserJet Pro P1606dn - Webadmin Password Reset

HP LoadRunner EmulationAdmin - Web Service Directory Traversal

HP LoadRunner lrFileIOService ActiveX Remote Code Execution

HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution

HP LoadRunner magentproc.exe Overflow

HP Managed Printing Administration jobAcct Remote Command Execution

HP Network Node Manager I PMD Buffer Overflow

HP NNM CGI webappmon.exe execvp Buffer Overflow

HP NNM CGI webappmon.exe OvJavaLocale Buffer Overflow

HP OpenView Network Node Manager getnnmdata.exe (ICount) CGI Buffer Overflow

HP OpenView Network Node Manager getnnmdata.exe (MaxAge) CGI Buffer Overflow

HP OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow

HP OpenView Network Node Manager ovwebsnmpsrv.exe main Buffer Overflow

HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil Buffer Overflow

HP OpenView Network Node Manager ovwebsnmpsrv.exe Unrecognized Option Buffer Overflow

HP OpenView Network Node Manager snmpviewer.exe Buffer Overflow

HP OpenView NNM nnmRptConfig nameParams Buffer Overflow

HP OpenView NNM nnmRptConfig.exe schdParams Buffer Overflow

HP OpenView Performance Insight Server Backdoor Account Code Execution

HP Operations Agent Opcode coda.exe 0x34 Buffer Overflow

HP Operations Agent Remote XSS iFrame Injection

HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload

HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload

HP Release Control Authenticated XXE

HP SiteScope Remote Code Execution

HP StorageWorks P4000 Virtual SAN Appliance Command Execution

HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow

HP System Management Homepage JustGetSNMPQueue Command Injection

HP TouchSmart Calendar 4.1.4245 - Insecure File Permissions Privilege Escalation

HP WebInspect <= 10.4 XML External Entity Injection

HT Editor 2.0.20 Buffer Overflow (ROP PoC)

HTCSyncManager 3.1.33.0 - Service Trusted Path Privilege Escalation

HTP Zine 5

Http File Server 2.3.x - Remote Command Execution

HTTP File Server 2.3a, 2.3b, 2.3c - Remote Command Execution

HttpCombiner ASP.NET - Remote File Disclosure Vulnerability

httpdx <= 1.5.4 Remote Heap Overflow

Huawei E5331 MiFi Mobile Hotspot 21.344.11.00.414 - Multiple Vulnerabilities

Huawei Flybox B660 - Cross-Site Request Forgery

Huawei HG630a and HG630a-50 - Default SSH Admin Password on ADSL Modems

Huawei HG866 Authentication Bypass

Huawei SNMPv3 Service - Multiple Buffer Overflow Vulnerabilities

Huawei Technologies Internet Mobile Unicode SEH Exploit

Huawei UTPS - Unquoted Service Path Privilege Escalation

HumHub 0.11.2 and 0.20.0-beta.2 - SQL Injection

Hupa Webmail 0.0.2 Stored XSS

HybridAuth install.php PHP Code Execution

Hyena Cart (index.php) SQL Injection Vulnerability

HylaFAX+ 5.2.4 - 5.5.3 - Buffer Overflow

Hyper-V - vmswitch.sys VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow

Chamilo 1.8.7 / Dokeos 1.8.6 Remote File Disclosure

Chamilo LMS - Persistent Cross Site Scripting Vulnerability

Chamilo LMS IDOR - (messageId) Delete POST Inject Vulnerability

Change CMS 3.6.8 - Multiple CSRF Vulnerabilities

Chasys Draw IES Buffer Overflow

ChatSecure IM 2.2.4 iOS - Persistent XSS Vulnerability

check_dhcp 2.0.2 (Nagios Plugins) - Arbitrary Option File Read Race Condition Exploit

Checkpoint Abra Multiple Vulnerabilities

CheckPoint/Sofaware Firewall Multiple Vulnerabilities

Cherry Music 0.35.1 - Arbitrary File Disclosure

chillyCMS 1.3.0 - Multiple Vulnerabilities

chkrootkit 0.49 - Local Root Vulnerability

Chkrootkit Local Privilege Escalation

Chrome - open-vcdiff OOB Read in Browser Process Integer Overflow

i.FTP 2.21 - Host Address / URL Field SEH Exploit

i.Hex 0.98 - Local Crash PoC

i.Mage 1.11 - Local Crash PoC

iAuto Mobile Application 2012 Multiple Vulnerabilities

iBackup 10.0.0.32 - Local Privilege Escalation

IBM 1754 GCM 1.18.0.22011 - Remote Command Execution

IBM AIX 5.3/6.1/7.1/7.2 - 'lquerylv' Privilege Escalation

IBM AIX 6.1 / 7.1 - Local root Privilege Escalation

IBM AIX 6.1.8 libodm - Arbitrary File Write

IBM AIX 6.1/7.1/7.2 - 'Bellmail' Privilege Escalation

IBM AIX 6.1/7.1/7.2.0.2 - 'lsmcode' Privilege Escalation

IBM AIX High Availability Cluster Multiprocessing (HACMP) Local Privilege Escalation 0day

IBM Algorithmics RICOS 4.5.0 - 4.7.0 - Multiple Vulnerabilities

IBM Cognos tm1admsd.exe Overflow Vulnerability

IBM Endpoint Manager - Stored XSS Vulnerability

IBM GCM16/32 1.20.0.22575 - Multiple Vulnerabilities

IBM i Access 7.1 - Buffer Overflow Code Execution

IBM Lotus Domino <= R8 Password Hash Extraction Exploit

IBM Lotus Domino LDAP Bind Request Remote Code Execution Vulnerability

IBM Personal Communications I-Series Access WorkStation 5.9 Profile

IBM Proventia Network Mail Security System 2.5 POST File Read

IBM Rational ClearQuest CQOle Remote Code Execution

IBM SPSS SamplePower C1Tab ActiveX Heap Overflow

IBM System Director Remote System Level Exploit

IBM System Storage DS Storage Manager Profiler Multiple Vulnerabilities

IBM Tivoli Monitoring 6.2.2 kbbacf1 - Privilege Escalation

IBM Tivoli Provisioning Manager Express for Software Distribution Isig.isigCtl.1 ActiveX RunAndUploadFile() Method Overflow

IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - _FXCLI_GetConfFileChunk Stack Buffer...

IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - _FXCLI_SetConfFileChunk Stack Buffer...

IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - Invalid Pointer Dereference

IBM WebSphere MQ File Transfer Edition Web Gateway CSRF Vulnerability

IBM WebSphere MQ File Transfer Edition Web Gateway Insufficient Access Control

iBoutique eCommerce v4.0 Multiple Web Vulnerabilites

iCAM Workstation Control 4.8.0.0 - Authentication Bypass

Iciniti Store SQL Injection - Security Advisory - SOS-12-003

IcoFX 2.5.0.0 (.ico) - Buffer Overflow Vulnerability

IconCool MP3 WAV Converter 3.00 Build 120518 - Stack Buffer Overflow Vulnerability

Iconics GENESIS32 and GENESIS64 Multiple Vulnerabilities

IconLover 5.42 - Local Buffer Overflow Exploit

Icy Phoenix 1.3.0.53a HTTP Referer stored XSS

Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload

Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload

iDev Rentals v1.0 Multiple Vulnerabilities

iDocManager v1.0.0 for iPhone / iPod touch, Directory Traversal

IE 11.0.9600.18097 COmWindowProxy::SwitchMarkup NULL PTR

IE Time Element Memory Corruption Exploit (MS11-050)

IE9, SharePoint, Lync toStaticHTML HTML Sanitizing Bypass

If-CMS 2.07 Pre-Auth Local File Inclusion 0day Exploit

i-FTP 2.20 - Buffer Overflow SEH Exploit

iFunBox Free 1.1 iOS - File Inclusion Vulnerability

IGSS 8 ODBC Server Multiple Remote Uninitialized Pointer Free DoS

IKE and AuthIP IPsec Keyring Modules Service (IKEEXT) Missing DLL

IKEView.exe Fox beta 1 - Stack Buffer Overflow

IKEView.exe R60 - .elg Local SEH Exploit

IKEView.exe R60 - Stack Buffer Overflow

Ilch CMS 2.0 - Persistent XSS Vulnerability

ImageCMS 4.0.0b Multiple Vulnerabilities

ImageMagick < 6.9.3-9 - Multiple Vulnerabilities

ImageMagick 6.8.8-4 - Local Buffer Overflow (SEH)

ImageMagick Delegate Arbitrary Command Execution

Imageview v6.0 Remote [and] Local Directory Traversal Vulnerability

ImgPals Photo Host Version 1.0 Admin Account Disactivation

Impero Education Pro - SYSTEM Remote Command Execution

Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities

Imperva SecureSphere Web Application Firewall MX 9.5.6 - Blind SQL Injection

ImpressCMS 1.3.5 - Multiple Vulnerabilities

ImpressCMS 1.3.9 - SQL Injection

ImpressPages CMS 3.8 - Stored XSS Vulnerability

ImpressPages CMS v3.6 manage() Function Remote Code Execution Exploit

ImpressPages CMS v3.6 Remote Arbitrary File Deletion Vulnerability

Incredible PBX 2.0.6.5.0 - Remote Command Execution

Indeed Job Search 2.5 iOS API - Multiple Vulnerabilities

Independent Escort CMS Blind SQL Injection Vunerability

Indusoft Thin Client 7.1 ActiveX - Buffer Overflow

InduSoft Web Studio Arbitrary Upload Remote Code Execution

Industrial Secure Routers EDR-810 / EDR-G902 / EDR-G903 - Insecure Configuration...

Inferno vBShout <= 2.5.2 SQL Injection

In-Flight Entertainment System Flaws Put Passenger Data at Risk

Infoblox 6.8.2.11 - OS Command Injection

Infor CRM 8.2.0.1136 - Multiple HTML Script Injection Vulnerabilities

iniNet SpiderControl PLC Editor Simatic 6.30.04 - Insecure File Permissions

iniNet SpiderControl SCADA Web Server Service 2.02 - Insecure File Permissions

Inmatrix Ltd. Zoom Player 8.5 Crafted JPEG File Exploit

Innovaphone PBX Admin-GUI - CSRF Vulnerability

Inout Mobile Webmail APP Persistent XSS Vulnerability

Insecure management of login credentials in PicsArt Photo Studio for Android [STIC-2014-0426] 2014-11-06

Insecure NAS Device Exposes 350 Ameriprise Investment Accounts

InsOnSrv Asus InstantOn 2.3.1.1 - Unquoted Service Path Privilege Escalation

InstantCoder 1.0 iOS - Multiple Vulnerabilities

Integrated CMS - SQL Injection

Intel(R) Management Engine Components 8.0.1.1399 - Unquoted Service Path Privilege...

Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed 15.1.0.0096 - Unquoted...

Intel(R) PROSet/Wireless WiFi Software 15.01.1000.0927 - Unquoted Service Path...

INTELLINET IP Camera INT-L100M20N - Unauthorized admin Credential Change

Inteno DG301 - Command Injection

Inteno EG101R1 VoIP Router - Unauthenticated DNS Change

Interactive Graphical SCADA System Remote Command Injection

Internet Download Accelerator 6.10.1.1527 - FTP Buffer Overflow (SEH)

Internet Download Manager - (.ief) Crash PoC

Internet Download Manager - (Find Download) Crash PoC

Internet Download Manager - OLE Automation Array Remote Code Execution

Internet Download Manager 6.25 Build 14 - 'Find file' Unicode SEH Exploit

Internet Explorer - MSHTML!CMultiReadStreamLifetimeManager::ReleaseThreadStateInternal Read AV

Internet Explorer - MSHTML!CSVGHelpers::SetAttributeStringAndPointer Use-After-Free (MS16-023)

Internet Explorer - Read AV in MSHTML!Layout::LayoutBuilderDivider::BuildPageLayout (MS16-023)

Internet Explorer < 11 - OLE Automation Array Remote Code Execution

Internet Explorer < 11 - OLE Automation Array Remote Code Execution (MSF)

Internet Explorer 10 & Adobe Flash Player (12.0.0.70, 12.0.0.77) - CMarkup Use-After-Free

Internet Explorer 11 - MSHTML!CMarkupPointer::UnEmbed Use After Free

Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 4.1.X Bypass

Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.0 Bypass (MS12-037)

Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.1 Bypass (MS12-037)

Internet Explorer 8 Fixed Col Span ID full ASLR & DEP bypass

Internet Explorer 8 MS14-035 Use-After-Free Exploit

Internet Explorer 9 XSS Filter Bypass

Internet Explorer 9, 10, 11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112)

Internet Explorer CTreeNode::GetCascadedLang Use-After-Free Vulnerability (MS15-079)

Internet Explorer MS14-029 Memory Corruption PoC

Internet Explorer OLE Pre-IE11 - Automation Array Remote Code Execution / Powershell VirtualAlloc (MS14-064)

Internet Haut Debit Mobile PCW_MATMARV1.0.0B03 - Buffer Overflow SEH

InternetExplorer8-FixedColSpanIDFullASLR,DEP&EMET4.1.XBypass

Interspire Email Marketer v6.0.1 Multiple Vulnerabilites

Intrasrv 1.0 Buffer Overflow

Intuit QuickBooks Desktop 2007 - 2016 - Arbitrary Code Execution

Invision IP.Board <= 3.3.4 unserialize() PHP Code Execution

Invision Power Board <= 3.3.4 unserialize Regex Bypass

Invision Power Board 3.3.0 Local File Inclusion

Invision Power Services Invision Gallery 1.0.1 Multiple SQL Injection Vulnerabilities

IObit Advanced SystemCare 10.0.2 - Unquoted Service Path Privilege Escalation

IObit Malware Fighter 4.3.1 - Unquoted Service Path Privilege Escalation

iOS 10.1.1 / macOS 10.12 16A323 XNU Kernel - set_dp_control_port Lack of Locking...

iOS 10.1.x - Certificate File Memory Corruption

iOS and OS X - NECP System Control Socket Packet Parsing Kernel Code Execution Integer Overflow

iOS and OS X Kernel - Double-Delete IOHIDEventQueue::start Code Execution

iOS Kernel - AppleOscarAccelerometer Use-After-Free

iOS Kernel - AppleOscarCMA Use-After-Free

iOS Kernel - AppleOscarCompass Use-After-Free

iOS Kernel - AppleOscarGyro Use-After-Free

iOS Kernel - IOHIDEventService Use-After-Free

iOS Kernel - IOReportHub Use-After-Free

iOS/OS X - Multiple Kernel Uninitialized Variable Bugs Leading to Code Execution

iOS/OS X - Unsandboxable Kernel Code Exection Due to iokit Double Release in IOKit

IP Board 3.x - CSRF Token hjiacking

IP.Gallery 4.2.x and 5.0.x Persistent XSS Vulnerability

IPB (Invision Power Board) all versions (1.x? / 2.x / 3.x) - Admin Account Takeover

Iperius Remote 1.7.0 - Unquoted Service Path Privilege Escalation

IPFire < 2.19 Core Update 101 - Remote Command Execution

iPhone Folders 2.5 Directory Traversal

iPhone Guitar Directory Traversal

iPhone iFile 2.0 Directory Traversal

iPhone ishred 1.93 Directory Traversal

iPhone MyDocs 2.7 Directory Traversal

iPhone PDF Reader Pro 2.3 Directory Traversal

iPod Touch/iPhone iFileExplorer Free Directory Traversal

Ipswitch IMail 11.01 - XSS Vulnerability

Ipswitch WhatsUp Gold 15.02 Stored XSS - Blind SQLi - RCE

IPUX CL5452/CL5132 IP Camera - (UltraSVCamX.ocx) ActiveX Stack Buffer Overflow

IPUX CS7522/CS2330/CS2030 IP Camera - (UltraHVCamX.ocx) ActiveX Stack Buffer Overflow

IPUX Cube Type CS303C IP Camera - (UltraMJCamX.ocx) ActiveX Stack Buffer Overflow

IrfanView 4.33 DJVU Image Processing Heap Overflow

IrfanView 4.33 Format PlugIn ECW Decompression Heap Overflow

IrfanView 4.33 Format PlugIn TTF File Parsing Stack Based Overflow

IrfanView RLE Image Decompression Buffer Overflow Vulnerability

IrfanView TIF Image Decompression Buffer Overflow Vulnerability

IRIS Citations Management Tool (post auth) Remote Command Execution

ISC BIND9 TKEY Remote DoS PoC

iScripts EasyCreate 3.0 - Multiple Vulnerabilities

iScripts EasyCreate 3.0 - Remote Code Execution Exploit

iScripts EasyCreate CMS v2.0 Multiple Vulnerabilities

Islamnt Islam Forum Script 1.2 Blind SQL Injection Exploit

ISPConfig 3.0.5.4p6 - Multiple Vulnerabilities

ISPConfig 3.0.54p1 - Authenticated Admin Local root Vulnerability

ISPConfig Authenticated Arbitrary PHP Code Execution

ispVM System XCF File Handling Overflow

iSupport v1.x CSRF HTML Code Injection to Add Admin

iTechClassifieds 3.03.057 - SQL Injection

IWantOneButton 3.0.1 Wordpress Plugin Multiple Vulnerabilities

iy10 Dizin Scripti - Multiple Vulnerabilities

jaangle 0.98i.977 - Denial of Service Vulnerability

JAKCMS <= v2.01 Code Execution Exploit

JAKCMS <= v2.01 RC1 Blind SQL Injection Exploit

JAKCMS 2.0 PRO RC5 stored XSS via useragent HTTP header Injection

JAMF Casper Suite MDM CSRF Vulnerability

Jaow <= 2.4.5 Blind SQL Injection

Jaow CMS v2.3 Blind SQLi Vulnerability

Jaow CMS v2.3 CSRF Vulnerability

Java 7 Applet Remote Code Execution

Java Applet AverageRangeStatisticImpl Remote Code Execution

Java Applet Driver Manager Privileged toString() Remote Code Execution

Java Applet Field Bytecode Verifier Cache Remote Code Execution

Java Applet JAX-WS Remote Code Execution

Java Applet JMX Remote Code Execution

Java Applet Method Handle Remote Code Execution

Java AtomicReferenceArray Type Violation Vulnerability

Java CMM Remote Code Execution

Java Debug Wire Protocol Remote Code Execution

Java JMX Server Insecure Configuration Java Code Execution

Java MixerSequencer Object GM_Song Structure Handling Vulnerability

Java storeImageArray() Invalid Array Indexing Vulnerability

Java Web Start Double Quote Injection Remote Code Execution

JBoss Application Server Remote Exploit

JBoss DeploymentFileRepository WAR Deployment (via JMXInvokerServlet)

JCraft/JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal

jDisk (stickto) v2.0.3 iOS - Multiple Vulnerabilities

JDownloader 2 Beta - Directory Traversal Vulnerability

Jenkins 1.626 - Cross Site Request Forgery / Code Execution

Jenkins 1.633 - Unauthenticated Credential Recovery

Jenkins CI Script Console Command Execution MSF Module

Jenkins Script-Console Java Execution

jetAudio 8.0.16.2000 Plus VX - (.wav) - Crash POC

jetAudio 8.1.3 Basic (mp3) - Crash PoC

Jildi FTP Client 1.5.6 (SEH) BOF

Jildi FTP Client Buffer Overflow PoC

JIRA 4.4.3, GreenHopper < 5.9.8 Multiple Vulnerabilities

JIRA and HipChat for JIRA Plugin Velocity Template Injection Vulnerability

JIRA Issues Collector Directory Traversal

Jira Scriptrunner 2.0.7 <= CSRF/RCE Exploit

Jive Forums <= 5.5.25 - Directory Traversal Vulnerability

JMX2 Email Tester - (save_email.php) Web Shell Upload

Job Portal Script 9.11 - Authentication Bypass

Job Site 1.0 - Multiple Vulnerabilities

Jobberbase 2.0 - Multiple Vulnerabilities

Joomla 1.5 - 3.4.5 - Object Injection RCE X-Forwarded-For Header

Joomla 1.5 - 3.4.5 - Object Injection Remote Command Execution

Joomla 2.5.0-2.5.1 Time Based SQL Injection Exploit

Joomla 3.2.1 - SQL Injection Vulnerability

Joomla 3.4.4 - 3.6.4 - Account Creation / Privilege Escalation

Joomla com_memorix component - SQL Injection vulnerability

Joomla com_niceajaxpoll <= 1.3.0 SQL Injection Vulnerability

Joomla Commedia Plugin (index.php, task parameter) SQL Injection

Joomla Component (com_acymailing) SQL Injection Vulnerability

joomla component (com_bearleague) SQL injection Vulnerability

joomla component (com_ponygallery) SQL injection Vulnerability

Joomla Component DT Register - 'cat' SQL Injection

Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection

joomla component The Estate Agent (com_estateagent) SQL injection Vulnerability

Joomla Content History SQLi Remote Code Execution

Joomla DOCman Component - Multiple Vulnerabilities

Joomla En Masse Component 1.2.0.4 SQL Injection

Joomla Face Gallery 1.0 - Multiple vulnerabilities

Joomla FireBoard Component (com_fireboard) SQL Injection Vulnerability

Joomla Freestyle Support 1.9.1.1447 (com_fss) SQL Injection

Joomla iCagenda Component (id parameter) Multiple Vulnerabilities

Joomla JNews (com_jnews) Component 8.5.1 - SQL Injection

Joomla JomSocial Component 2.6 - Code Execution Exploit

Joomla joomgalaxy 1.2.0.4 Multiple Vulnerabilities

Joomla JV Comment Extension 3.0.2 (index.php, id param) - SQL Injection

Joomla Komento Extension 1.7.2 - Stored XSS Vulnerabilities

Joomla Mac Gallery 1.5 - Arbitrary File Download

Joomla Media Manager File Upload Vulnerability

Joomla Movm Extension (com_movm) SQL Injection

Joomla OS Property 2.0.2 Unrestricted File Upload

Joomla redSHOP Component 1.2 - SQL Injection

Joomla RokModule Component (index.php, module parameter) Blind SQLi

Joomla RSfiles Component (cid param) - SQL Injection Vulnerability

Joomla SimpleImageUpload - Arbitrary File Upload

Joomla Spider Contacts 1.3.6 (index.php, contacts_id param) - SQL Injection

Joomla Tags (index.php, tag parameter) SQL Injection

Joomla XCloner Component (com_xcloner-backupandrestore) Remote Command Execution

Joomla Youtube Gallery Component - SQL Injection Vulnerability

Joomla! Component Blog Calendar - SQL Injection

Joomla! Component Catalog 1.0.7 - SQL Injection

Joomla! Component Event Booking 2.10.1 - SQL Injection

Joomla! Component Portfolio Gallery 1.0.6 - SQL Injection

Joomla! Helpdesk Pro Plugin < 1.4.0 - Multiple Vulnerabilities

Joomla! v1.5 + v1.6 JFilterInput XSS Bypass

JPEGsnoop <= 1.5.2 WriteAV Arbitrary Code Execution

JPEGView 1.0.29 - Crash PoC

jQuery Mega Menu 1.0 Wordpress Plugin Local File Inclusion

JRuby Sandbox 0.2.2 - Sandbox Escape

jSchool Advanced SQL Injection Vulnerability

JSN PowerAdmin Joomla! Extension 2.3.0 - Multiple Vulnerabilities

JSPMySQL Administrador - Multiple Vulnerabilities

JSSE SKIP-TLS Exploit

Just Dial Clone Script - SQL Injection

JVC IP-Camera VN-T216VPRU - Credentials Disclosure

JVC IP-Camera VN-T216VPRU - Local File Disclosure

Jzip SEH Unicode Buffer Overflow (Denial of Service)

Kajona 4.7 - Cross-Site Scripting / Directory Traversal

Kaltura Community Edition <=11.1.0-2 - Multiple Vulnerabilities

Kamads classifieds V2 Multiple Vulnerabilities

Kamailio 4.3.4 - Heap-Based Buffer Overflow

Kaseya 6.3.0.2 - Arbitrary File Upload Vulnerability

Kaseya Virtual System Administrator - Multiple Vulnerabilities

Kaseya VSA uploader.aspx Arbitrary File Upload

Kaspersky 17.0.0 - Local CA root Incorrectly Protected

Kaspersky Antivirus - Certificate Handling Path Traversal

Kaspersky Antivirus "Yoda's Protector" Unpacking Memory Corruption

Kaspersky Antivirus DEX File Format Parsing Memory Corruption

Kaspersky Antivirus ExeCryptor Parsing Memory Corruption

Kaspersky Antivirus CHM Parsing Stack Buffer Overflow

Kaspersky Antivirus PE Unpacking Integer Overflow

Kaspersky Antivirus ThinApp Parser Stack Buffer Overflow

Kaspersky Antivirus UPX Parsing Memory Corruption

Kaspersky Antivirus VB6 Parsing Integer Overflow

Kaspersky Internet Security 2013 - Denial Of Service Vulnerability

Kate's Video Toolkit Version 7.0 (.wav) - Crash POC

KCFinder 2.51 - Local File Disclosure

Keen Lab Takes Down iPhone 6S, Nexus 6P at Mobile Pwn2Own

KeePass Password Safe Classic 1.29 - Crash PoC

Keeper IP Camera 3.2.2.10 - Authentication Bypass

KeepNote 0.7.8 - Command Execution

KeepNote 0.7.8 - Remote Command Execution

Kentico CMS 7.0.75 - User Information Disclosure

Kerberos in Microsoft Windows - Security Feature Bypass (MS16-101)

Kerio Control <= 8.6.1 - Multiple Vulnerabilities

Kerio Control 8.3.1 - Blind SQL Injection

Kerio Control Unified Threat Management 9.1.0 build 1087, 9.1.1 build 1324 -...

Kerio WinRoute Firewall Web Server < 6 Source Code Disclosure

KeyHelp ActiveX LaunchTriPane Remote Code Execution Vulnerability

Keynect Ecommerce SQL Injection Vulnerability

Kimai 0.9.2.1306-3 - SQL Injection Vulnerability

Kimai v0.9.2 'db_restore.php "SQL Injection

KingScada kxClientDownload.ocx ActiveX Remote Code Execution

KingView 6.5.3 SCADA ActiveX Exploit

KingView 6.53 - ActiveX Remote File Creation / Overwrite (KChartXY)

KingView 6.53 - Insecure ActiveX Control (SuperGrid)

Kingview 6.53 SCADA HMI HistorySvr Heap Overflow

KingView Log File Parsing Buffer Overflow

Kirby CMS <= 2.1.0 - Authentication Bypass

Kirby CMS <= 2.1.0 - CSRF Content Upload and PHP Script Execution

kitForm CRM Extension 0.43 (sorter.php, sorter_value param) - SQL Injection

Kloxo 6.1.6 - Local Privilege Escalation

Kloxo SQL Injection and Remote Code Execution

Kloxo-MR 6.5.0 - CSRF Vulnerability

KMPlayer 3.7.0.109 (.wav) - Crash PoC

KMPlayer 3.8.0.117 - Buffer Overflow

KMPlayer 3.9.x - .srt Crash PoC

KNet Web Server 1.04b - Buffer Overflow SEH

KnFTPd 1.0.0 'FEAT' DoS PoC-Exploit

Kodi 15 - Arbitrary File Aaccess (Web Interface)

Koha <= 3.20.1 - Multiple SQL Injections

Kohana Framework v2.3.3 Directory Traversal Vulnerability

Kolibri <= v2.0 HTTP Server HEAD Buffer Overflow

Kolibri 2.0 GET Request - Stack Buffer Overflow

Kolibri Webserver 2.0 Buffer Overflow with EMET 5.0 and EMET 4.1 Partial Bypass

Komfy Switch with Camera DKZ-201S/W - WiFi Password Disclosure

Konftel 300IP SIP-based Conference Phone <= 2.1.2 - Remote Bypass Reboot

Konica Minolta FTP Utility 1.0 - Directory Traversal Vulnerability

Konica Minolta FTP Utility 1.0 - Remote Command Execution

Konica Minolta FTP Utility 1.00 Post Auth CWD Command SEH Overflow

Konke Smart Plug K - Authentication Bypass Vulnerability

Konqueror 4.7.3 Memory Corruption

Kunena < 1.5.13, < 1.6.3 SQL Injection Vulnerability

LamaHub 0.0.6.2 - Buffer Overflow

LAN Messenger <= v1.2.28 Denial of Service Vulnerability

LAN.FS Messenger v2.4 Command Execution Vulnerability

LANDesk Lenovo ThinkManagement Suite 9.0.3 Core Server Remote Arbitrary File Deletion Vulnerability

LANDesk Lenovo ThinkManagement Suite 9.0.3 Core Server Remote Code Execution Vulnerability

LanSpy 2.0.0.155 - Buffer Overflow

LanSpy 2.0.0.155 - Local Buffer Overflow

LanWhoIs.exe 1.0.1.120 - Stack Buffer Overflow

Last PassBroker 3.2.16 - Stack-Based Buffer Overflow

Lattice Semiconductor PAC-Designer 6.21 (*.PAC) Exploit

Lattice Semiconductor PAC-Designer 6.21 Symbol Value Buffer Overflow

Lc Flickr Carousel V1.0 => Local File Disclosure Vulnerability

Legend Perl IRC Bot Remote Code Execution

Lenovo RapidBoot HDD Accelerator 1.00.0802 - Unquoted Service Path Privilege...

Lenovo Slim USB Keyboard 1.09 - Unquoted Service Path Privilege Escalation

Lenovo ThinkVantage Communications Utility 3.0.42.0 - Unquoted Service Path...

LEPTON 2.2.2 - Remote Code Execution

LEPTON 2.2.2 - SQL Injection

Lepton CMS 2.2.0 / 2.2.1 - Directory Traversal

Lepton CMS 2.2.0 / 2.2.1 - PHP Code Injection

LetoDMS 3.3.6 Multiple Vulnerabilities

Lian Li NAS - Multiple Vulnerabilities

libgd 2.1.1 - Signedness Heap Overflow

Libmimedir VCF Memory Corruption PoC

libquicktime 1.2.4 - Integer Overflow

LibreOffice 3.5.2.2 Memory Corruption

LibrettoCMS 2.2.2 - Arbitrary File Upload

LibrettoCMS File Manager Arbitary File Upload Vulnerability

libsndfile 1.0.25 - Heap Overflow

Libuser Library - Multiple Vulnerabilities

libxml2 - htmlCurrentChar Heap-Based Buffer Overread

libxml2 - xmlDictAddString Heap-Based Buffer Overread

libxml2 - xmlParseEndTag2 Heap-Based Buffer Overread

libxml2 - xmlParserPrintFileContextInternal Heap-Based Buffer Overread

Liferay 6.0.x Webdav File Reading Vulnerability

Liferay Portal 5.1.2 - Persistent XSS

Liferay Portal 7.0.x <= 7.0.2 - Pre-Auth RCE

LifeSize Room 5.0.9 - Multiple Vulnerabilities

Light Alloy 4.7.3 (.m3u) - SEH Buffer Overflow (Unicode)

Light Audio Mixer Version 1.0.12 (.wav) - Crash POC

lighttpd 1.4.31 Denial of Service PoC

Limelight Software (article.php) SQL Injection Vulnerability

Limesurvey (PHPSurveyor v.1.91+ stable) Blind SQL Injection

Lingxia I.C.E CMS Remote Blind SQL Injection Exploit

Linksys Cisco WAG120N CSRF Vulnerability

Linksys E1500/E2500 - Multiple Vulnerabilities

Linksys E-series Unauthenticated Remote Code Execution Exploit

Linksys WAG200G - Multiple Vulnerabilities

Linksys WAP610N Unauthenticated Root Access Security Vulnerability

Linksys WRT110 Remote Command Execution

Linksys WRT160N - Multiple Vulnerabilities

Linksys WRT160nv2 apply.cgi Remote Command Injection

Linksys WRT54GL Firmware 4.30.15 build 2 Multiple Vulnerabilities

Linksys X3000 1.0.03 build 001 - Multiple Vulnerabilities

Linux - SELinux W+X Protection Bypass via AIO

Linux (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow)

Linux (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps

Linux <= 2.6.37-rc1 serial_core TIOCGICOUNT Leak Exploit

Linux 3.4+ Arbitrary write with CONFIG_X86_X32

linux 3.4+ local root (CONFIG_X86_X32=y)

Linux 3.4+ recvmmsg x32 compat Proof of Concept

Linux Classic Return-to-libc & Return-to-libc Chaining Tutorial

Linux Format String Exploitation

Linux group_info refcounter - Overflow Memory Corruption

Linux Integer Overflow and Underflow

Linux io_submit L2TP sendmsg - Integer Overflow

Linux Kenrel 2.6.10 < 2.6.31.5 - 'pipe.c' Privilege Escalation

Linux Kernel - aiptek Nullpointer Dereference

Linux Kernel - cdc_acm Nullpointer Dereference

Linux Kernel - cypress_m8 Nullpointer Dereference

Linux Kernel - digi_acceleport Nullpointer Dereference

Linux Kernel - mct_u232 Nullpointer Dereference

Linux Kernel - prima WLAN Driver Heap Overflow

Linux Kernel - visor (treo_attach) Nullpointer Dereference

Linux Kernel - visor clie_5_attach Nullpointer Dereference

Linux Kernel - Wacom Multiple Nullpointer Dereferences

Linux Kernel (Ubuntu / Fedora / Redhat) - 'Overlayfs' Privilege Escalation...

Linux Kernel /dev/ptmx Key Stroke Timing Local Disclosure

Linux Kernel < 2.6.37-rc2 TCP_MAXSEG Kernel Panic DoS

Linux Kernel <= 2.6.37 Local Kernel Denial of Service

Linux Kernel <= 3.13 - Local Privilege Escalation PoC (gid)

Linux Kernel 2.6.18 - 'move_pages()' Information Leak

Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition Privilege...

Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege...

Linux Kernel 2.6.22 < 3.9 (x86/x46) - 'Dirty COW' Race Condition Privilege...

Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' Race Condition Privilege...

Linux Kernel 2.6.32-642 / 3.16.0-4 - 'inode' Integer Overflow

Linux Kernel 2.6.32-642 / 3.16.0-4 - 'inode' Integer Overflow (PoC)

Linux Kernel 2.6.32-rc1 (x86-64) - Register Leak

Linux Kernel 3.13.1 - Recvmmsg Privilege Escalation (Metasploit)

Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation

Linux Kernel 3.16.1 - Remount FUSE Exploit

Linux Kernel 3.3-3.8 - SOCK_DIAG Local Root Exploit

Linux Kernel 4.4.x (Ubuntu 16.04) - Use-After-Free via double-fdput() in...

Linux Kernel 4.6.3 - Netfilter Privilege Escalation (Metasploit)

Linux Kernel Associative Array Garbage Collection - Crash PoC

Linux Kernel fs/eventpoll.c Local Denial of Service

Linux Kernel IRET Instruction #SS Fault Handling - Crash PoC

Linux Kernel libfutex Local Root for RHEL/CentOS 7.0.1406

Linux Kernel open-time Capability file_ns_capable() - Privilege Escalation Vulnerability

Linux Kernel open-time Capability file_ns_capable() Privilege Escalation

Linux Kernel overlayfs - Local Privilege Escalation

Linux kernel perf_swevent_init - Local root Exploit

Linux Kernel PPP-over-L2TP Socket Level Handling - Crash PoC

Linux Kernel ptrace/sysret - Local Privilege Escalation

Linux Kernel REFCOUNT Overflow/Use-After-Free in Keyrings

Linux Kernel remount FUSE Exploit

Linux Kernel 'SCTP_GET_ASSOC_STATS()' - Stack-Based Buffer Overflow

Linux Kernel Sendpage Local Privilege Escalation

Linux Local Root => 2.6.39 (32-bit & 64-bit) - Mempodipper #2

Linux NTP query client v4.2.6p1 Heap Overflow Vulnerability

Linux Off By One Vulnerabilities

Linux PERF_EVENTS - Local Root Exploit

Linux PolicyKit Race Condition Privilege Escalation

Linux Privilege Escalation Due to Nested NMIs Interrupting espfix64

Linux Stack Based Buffer Overflows

Linux udev Netlink Local Privilege Escalation

Linux x64 - Bind Shell Shellcode Generator

Linux x86 - /bin/sh ROL/ROR Encoded Shellcode

Linux x86 - Disable ASLR by Setting the RLIMIT_STACK Resource to Unlimited

Linux x86 ASLR deactivation - 83 bytes

Linux x86 Download & Execute Shellcode

Linux x86 chmod 666 /etc/passwd & /etc/shadow - 57 bytes

Linux x86 Memory Sinkhole Privilege Escalation PoC

Linux x86/x86_64 Read etc/passwd Shellcode

Linux x86/x86_64 tcp_bind Shellcode

Linux x86/x86_64 tcp_bind Shellcode #2

Linux x86_64 - add user with passwd (189 bytes)

Linux x86_64 Bindshell with Password (92 bytes)

Linux x86_64 Polymorphic execve Shellcode - 31 bytes

Linux/ARM - Connect back to {ip:port} with /bin/sh - 95 bytes

Linux/MIPS Kernel NetUSB - Remote Code Execution Exploit

Linux/x86 - /bin/bash -c Arbitrary Command Execution Shellcode (72 bytes)

Linux/x86 - /etc/passwd Reader (58 bytes)

Linux/x86 - Egg-hunter Shellcode (25 bytes)

Linux/x86 - execve("/bin/cat", ["/bin/cat", "/etc/passwd"], NULL)

Linux/x86 - chmod('/etc/gshadow') shellcode (37 bytes)

Linux/x86 - chmod('/etc/passwd',0777) shellcode (42 bytes)

Linux/x86 - mkdir HACK & chmod 777 and exit(0) - 29 Bytes

Linux/x86 - Netcat BindShell Port 5555 - 60 bytes

Linux/x86 - zsh Reverse TCP Shellcode port 9090 (80 bytes)

Linux/x86 - zsh TCP Bind Shell Port 9090 (96 bytes)

Linux/x86 Downloand & Execute

Linux/x86 execve "/bin/sh" - shellcode 26 bytes

Linux/x86 chmod('/etc/shadow','0777') shellcode (42 bytes)

Linux/x86 Multi-Egghunter

Linux/x86 Reboot - 28 Bytes

Linux/x86_64 - bindshell (Port 5600) - 86 bytes

Linux/x86_64 - bindshell (PORT: 5600) - 81 bytes

Linux/x86_64 - Read /etc/passwd - 65 bytes

Linux/x86_x64 - execve(/bin/bash) - 33 bytes

Linux/x86_x64 - execve(/bin/sh) - 25 bytes

Linux/x86_x64 - execve(/bin/sh) - 26 bytes

Linux/x86-64 - /bin/sh -c reboot Shellcode (89 bytes)

linux/x86-64 execve(/bin/sh) 30 bytes

LiquidXML Studio 2010 ActiveX Remote 0-day

LiquidXML Studio 2012 ActiveX Insecure Method Executable File Creation 0-day

LittleSite 0.1 'file' Parameter Local File Include Vulnerability

Livefyre LiveComments Plugin - Stored XSS

LiveZilla version 5.0.1.4 - Remote Code Execution

lizard cart SQLi (search.php)

LoadedCommerce7 - Systemic Query Factory Vulnerability

LocatePC v1.05 (Ligatt Version + Others) Trivial SQLi

Log1 CMS writeInfo() PHP Code Injection

Logitech Webcam Software 1.1 - eReg.exe SEH/Unicode Buffer Overflow

Lotus Mail Encryption Server (Protector for Mail) LFI to RCE

LotusCMS 3.0 eval() Remote Command Execution

LShell <= 0.9.15 - Remote Code Execution

Luch Web Designer Multiple SQL Injection Vulnerabilities

MAARCH 1.4 - Arbitrary File Upload

MAARCH 1.4 - SQL Injection

Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation

Mac OS X IOKit Keyboard Driver Root Privilege Escalation

Mac OS X Mavericks IOBluetoothHCIUserClient Privilege Escalation

Mac OS X Sudo Password Bypass

Mac OSX Server DirectoryService Buffer Overflow

MacOS 10.12 - 'task_t' Privilege Escalation

MacOS X 10.11 FTS Deep Structure of the File System Buffer Overflow

MacOS X 10.9 Hard Link Memory Corruption

Macro Expert 4.0 - Multiple Privilege Escalations

Mac's CMS 1.1.4 - Multiple Vulnerabilities

Madness Pro <= 1.14 - Persistent XSS

Madness Pro <= 1.14 - SQL Injection

Magento < 2.0.6 - Unauthenticated Arbitrary Unserialize -> Arbitrary Write File

Magento CE < 1.9.0.1 Post Auth RCE

Magento eCommerce - Remote Code Execution

Magento eCommerce Local File Disclosure

Magento Server MAGMI Plugin - Remote File Inclusion (RFI)

Magic Music Editor .cda Denial of Service

Magic Music Editor Buffer Overflow Exploit

Mach Race OS X Local Privilege Escalation Exploit

maian weblog <= v4.0 remote blind SQL injection exploit

Maian Weblog 4.0 - Cross-Site Request Forgery (Add New Post)

MailEnable Enterprise 6.5 Stored XSS

MailMax <=v4.6 POP3 "USER" Remote Buffer Overflow Exploit (No Login Needed)

MailOrderWorks v5.907 - Multiple Vulnerabilities

Mailspect Control Panel 4.0.5 - Multiple Vulnerabilities

MailTraq 2.17.3.3150 Stored XSS

Mainframe/System Z Bind Shell

Make 3.81 - Heap Overflow PoC

MakeSFX.exe 1.44 - Stack Buffer Overflow

Malwarebytes Antivirus 2.2.0 - DoS PoC

Manage Engine Application Manager 12.5 - Arbitrary Command Execution Vulnerability

Manage Engine Applications Manager 12 - Multiple Vulnerabilities

Manage Engine Network Configuration Manager Build 11000 - CSRF

ManageEngine Applications Manager Build 12700 - Multiple Vulnerabilities

ManageEngine Asset Explorer 6.1 - Stored XSS

ManageEngine Desktop Central - Arbitrary File Upload / RCE

ManageEngine Desktop Central StatusUpdate Arbitrary File Upload

ManageEngine DesktopCentral 8.0.0 build 80293 - Arbitrary File Upload Vulnerability

ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal Vulnerability

ManageEngine DeviceExpert 5.9 - User Credential Disclosure

ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Query Execution

ManageEngine Eventlog Analyzer Arbitrary File Upload

ManageEngine EventLog Analyzer Multiple Vulnerabilities

ManageEngine EventLog Analyzer Remote Code Execution

ManageEngine Firewall Analyzer 8.0 - Directory Traversal/XSS Vulnerabilities

ManageEngine Firewall Analyzer 8.5 - Multiple Vulnerabilities

ManageEngine Network Configuration Management Build 11000 - Privilege Escalation

ManageEngine OpManager / Social IT Arbitrary File Upload

ManageEngine OpManager 11.5 - Multiple Vulnerabilities

ManageEngine OpManager Remote Code Execution

ManageEngine OpManager, Social IT Plus and IT360 - Multiple Vulnerabilities

ManageEngine OpStor v7.4 Multiple Vulnerabilities

ManageEngine OPutils 8.0 - Multiple Vulnerabilities

ManageEngine Password Manager MetadataServlet.dat SQL Injection

ManageEngine Password Manager Pro 8102 to 8302 - Multiple Vulnerabilities

ManageEngine Security Manager Plus <= 5.5 build 5505 Path Traversal

ManageEngine Security Manager Plus <= 5.5 build 5505 Remote SYSTEM SQLi (MSF)

ManageEngine Security Manager Plus <= 5.5 build 5505 Remote SYSTEM/root SQLi

ManageEngine Security Manager Plus 5.5 build 5505 SQL Injection

ManageEngine Service Desk Plus 8.1 Stored XSS

ManageEngine ServiceDesk 8.0 Multiple Vulnerabilities

ManageEngine ServiceDesk Plus <= 9.1 build 9110 - Path Traversal

ManageEngine ServiceDesk Plus 9.0 (< Build 9031) - User Privileges Management Vulnerability

ManageEngine ServiceDesk Plus 9.2 Build 9207 - Unauthorized Information Disclosure

ManageEngine Support Center Plus <=7903 Multiple Vulnerabilities

ManageEngine Support Center Plus <=7908 Multiple Vulnerabilities

ManageEngine Support Center Plus 7916 - Directory Traversal

ManageEngine SupportCenter Plus 7.90 - Multiple Vulnerabilities

Mangallam CMS - SQL Injection Web Vulnerability

Mango Automation 2.6.0 - Multiple Vulnerabilities

Manhali v1.8 Local File Inclusion Vulnerability

Manipulating Memory for Fun & Profit

MantisBT XmlImportExport Plugin PHP Code Injection Vulnerability

MASM32 11R - Crash POC

MASM321 11 Quick Editor (.qeditor) 4.0g- .qse SEH Based Buffer Overflow (ASLR & SAFESEH bypass)

Matrimonial Website Script 1.0.2 - SQL Injection

Max Guestbook 1.0 Multiple Vulnerabilities

MaxForum v1.0.0 Local File Inclusion

MayGion IP Cameras Firmware 09.27 - Multiple Vulnerabilities

mbDriveHD 1.0.7 iOS - Multiple Vulnerabilities

McAfee ePO 4.6.6 - Multiple Vulnerabilities

McAfee ePolicy Orchestrator 4.6.0-4.6.5 (ePowner) - Multiple Vulnerabilities

McAfee LiveSafe 14.0 - Relocations Processing Memory Corruption

McAfee SiteAdvisor 3.7.2 (firefox) Use After Free PoC

McAfee Virtual Technician (MVT) 6.5.0.2101 - Insecure ActiveX Method

McAfee Virtual Technician MVTControl 6.3.0.1911 GetObject Vulnerability

McAfee Virus Scan Enterprise for Linux - Remote Code Execution

McAfee VirusScan Enterprise 8.8 - Security Restrictions Bypass

mcart.xls Bitrix Module 6.5.2 - SQL Injection Vulnerability

mcrypt <= 2.5.8 Stack Based Overflow

mcrypt <= 2.6.8 stack-based buffer overflow poc

MediaAccess TG788vn - Unauthenticated File Disclosure

Mediacoder (.lst) - SEH Buffer Overflow

Mediacoder (.m3u) - SEH Buffer Overflow

Mediacoder 0.8.33 build 5680 - SEH Buffer Overflow Exploit Dos (.lst)

Mediacoder 0.8.33 build 5680 - SEH Buffer Overflow Exploit Dos (.m3u)

MediaCoder 0.8.43.5852 - .m3u SEH Exploit

Mediacoder 2011 RC3 m3u Buffer Overflow Exploit

MediaCoder PMP Edition 0.8.17 (.m3u) - Buffer Overflow Exploit

MediaWiki <= 1.22.1 PdfHandler Remote Code Execution Exploit (CVE-2014-1610)

MediaWiki Thumb.php Remote Command Execution

MediaXxx Adult Video / Media Script SQL Injection

Mega File Manager - File Download Vulnerability

Memcached 1.4.33 - PoC (1)

Memcached 1.4.33 - PoC (2)

Memcached 1.4.33 - PoC (3)

Mempodipper - Linux Local Root for >=2.6.39, 32-bit and 64-bit

Merit Lilin IP Cameras - Multiple Vulnerabilities

Mess Emulator 0.154-3.1 - Local Buffer Overflow

MESSOA IP Cameras (Multiple Models) - Unauthenticated Password Change

MESSOA IP-Camera NIC990 - Auth Bypass / Configuration Download

Metaphor - Stagefright Exploit with ASLR Bypass

Metasploit < v4.4 pcap_log Plugin Privilege Escalation Exploit

Metasploit -The Exploit Learning Tree

Meteocontrol WEB’log - Admin Password Disclosure

Mezzanine 4.2.0 - Cross-Site Scripting

MG2 0.5.1 Multiple XSS Vulnerabilities

MiCasa VeraLite - Remote Code Execution

MiCollab 7.0 - SQL Injection Vulnerability

Micorosft Internet Explorer SetMouseCapture Use-After-Free

Micro Focus Rumba 9.3 - ActiveX Stack Buffer Overflow

Micro Focus Rumba 9.4 - Local Denial Of Service

Microix Timesheet Module - SQL Injection

MICROSENS Profi Line Switch 10.3.1 - Privilege Escalation

Microsoft Authorization Manager 6.1.7601 - 'azman' XML External Entity Injection

Microsoft Bluetooth Personal Area Networking (BthPan.sys) Privilege Escalation

Microsoft Edge - 'Array.filter' Info Leak

Microsoft Edge - Array.join Info Leak (MS16-119)

Microsoft Edge - Array.map Heap Overflow (MS16-119)

Microsoft Edge - 'Array.reverse' Overflow

Microsoft Edge - CBaseScriptable::PrivateQueryInterface Memory Corruption (M...

Microsoft Edge - CMarkup::EnsureDeleteCFState Use-After-Free (MS15-125)

Microsoft Edge - 'CTextExtractor::GetBlockText' Out-of-Bounds Read (MS16-104)

Microsoft Edge - 'eval' Type Confusion

Microsoft Edge - 'FillFromPrototypes' Type Confusion

Microsoft Edge - Internationalization Initialization Type Confusion (MS16-144)

Microsoft Edge - SIMD.toLocaleString Uninitialized Memory (MS16-145)

Microsoft Edge Scripting Engine - Memory Corruption (MS16-129)

Microsoft Event Viewer 1.0 - XML External Entity Injection

Microsoft Excel 2010 - Crash PoC

Microsoft Excel Starter 2010 - XML External Entity Injection

Microsoft Exchange IIS HTTP Internal IP Address Disclosure

Microsoft GDI+ - DecodeCompressedRLEBitmap Invalid Pointer Arithmetic Out-of-Bounds Write (MS16-097)

Microsoft GDI+ - EMR_EXTTEXTOUTA and EMR_POLYTEXTOUTA Heap-Based Buffer Overflow (MS16-097)

Microsoft GDI+ - ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097)

Microsoft HTML Help Compiler 4.74.8702.0 - SEH Based Overflow

Microsoft IIS 6.0 and 7.5 Multiple Vulnerabilities

Microsoft IIS MDAC msadcs.dll RDS DataStub Content-Type Overflow

Microsoft Internet Explorer 10 MSHTML - 'CEditAdorner::Detach' Use-After-Free ...

Microsoft Internet Explorer 11 - MSHTML CView::CalculateImageImmunity Use-After-Free

Microsoft Internet Explorer 11 - Stack Underflow Crash PoC

Microsoft Internet Explorer 11 - WeakMap Integer Divide-by-Zero

Microsoft Internet Explorer 11 MSHTML - CSpliceTreeEngine::RemoveSplice Us...

Microsoft Internet Explorer 11 MSHTML -...

Microsoft Internet Explorer 11.0.9600.18482 - Use After Free

Microsoft Internet Explorer 8 / 9 / 10 / 11 MSHTML - 'DOMImplementation' Type...

Microsoft Internet Explorer 8 jscript - 'RegExpBase::FBadHeader' Use-After-Free (...

Microsoft Internet Explorer 8 MSHTML - 'Ptls5::LsFindSpanVisualBoundaries' Mem...

Microsoft Internet Explorer 8 MSHTML - 'SRunPointer::SpanQualifier/RunType' Ou...

Microsoft Internet Explorer 9 - CDoc::ExecuteScriptUri Use-After-Free (MS13-009)

Microsoft Internet Explorer 9 - MSHTML CAttrArray Use-After-Free (MS14-056)

Microsoft Internet Explorer 9 IEFRAME - CMarkup::RemovePointerPos Use-After-Free (...

Microsoft Internet Explorer 9 IEFRAME -...

Microsoft Internet Explorer 9 MSHTML - CDispNode::InsertSiblingNode Us...

Microsoft Internet Explorer 9 MSHTML - CElement::HasFlag Memory Corruption

Microsoft Internet Explorer 9 MSHTML - CMarkup::ReloadInCompatView Us...

Microsoft Internet Explorer 9-11 MSHTML -...

Microsoft Internet Explorer CGenericElement Object Use-After-Free Vulnerability

Microsoft Internet Explorer Fixed Table Col Span Heap Overflow

Microsoft Internet Explorer jscript9 - JavaScriptStackWalker Memory Corruption (M...

Microsoft Internet Explorer Option Element Use-After-Free

Microsoft Internet Explorer SLayoutRun Use-After-Free (MS13-009)

Microsoft Internet Explorer textNode Use-After-Free

Microsoft MSINFO32.EXE 6.1.7601 - '.NFO' XML External Entity Injection

Microsoft Office / COM Object DLL Planting with comsvcs.dll Delay Load of mqrt.dll (MS15-132)

Microsoft Office / COM Object DLL Planting with WMALFXGFXDSP.dll (MS-16-007)

Microsoft Office 2007 - BIFFRecord Length Use-After-Free

Microsoft Office 2007 - msxml5.dll Crash PoC

Microsoft Office 2007 - OGL.dll ValidateBitmapInfo Bounds Check Failure (MS15-097)

Microsoft Office 2007 - OLESSDirectyEntry.CreateTime Type Confusion

Microsoft Office 2007 Malformed Document Stack-Based Buffer Overflow

Microsoft Office 2007 MSO.dll Arbitrary Free

Microsoft Office 2007 MSO.dll Use-After-Free

Microsoft Office 2007 MSPTLS Heap Index Integer Underflow

Microsoft Office 2007 OGL.dll DpOutputSpanStretch::OutputSpan Out of Bounds Write

Microsoft Office 2007 OneTableDocumentStream Invalid Object

Microsoft Office 2007 wwlib.dll fcPlcfFldMom Uninitialized Heap Usage

Microsoft Office 2007 wwlib.dll Type Confusion

Microsoft Office Excel 2007, 2010, 2013 - BIFFRecord Use-After-Free

Microsoft Office Excel 2010 Crash PoC

Microsoft Office Excel Out-of-Bounds Read Remote Code Execution (MS16-042)

Microsoft Office Picture Manager 2010 Crash PoC

Microsoft Office Publisher 2010 Crash PoC

Microsoft Office SharePoint Server 2007 Remote Code Execution

Microsoft Office Word 2007,2010,2013,2016 - Out-of-Bounds Read Remote Code Execution (MS16-099)

Microsoft Office Word 2010 Crash PoC

Microsoft Office Word 2013,2016 - sprmSdyaTop Denial of Service (MS16-099)

Microsoft Office Word 2013/2016 - sprmSdyaTop Denial of Service (MS16-099)

Microsoft PowerShell - XML External Entity Injection

Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Vulnerability MS13-067

Microsoft Source Code Analyzer for SQL Injection 1.3 Improper Permissions

Microsoft Tagged Image File Format (TIFF) Integer Overflow

Microsoft Windows - AFD.SYS Dangling Pointer Privilege Escalation (MS14-040)

Microsoft Windows - AFD.SYS Privilege Escalation (MS14-040) Win7x64

Microsoft Windows - Local Privilege Escalation (MS15-051)

Microsoft Windows - LSASS SMB NTLM Exchange Null-Pointer Dereference (MS16-137)

Microsoft Windows - RegLoadAppKey Hive Enumeration Privilege Escalation (MS16-111)

Microsoft Windows (x86) - 'afd.sys' Privilege Escalation (MS11-046)

Microsoft Windows (x86) - 'NDISTAPI' Privilege Escalation (MS11-062)

Microsoft Windows 10 10586 (x32/x64) / 8.1 Update 2 - NtLoadKeyEx User Hive...

Microsoft Windows 10 Edge - 'chakra.dll' Info Leak / Type Confusion Remote Code...

Microsoft Windows 7 - WebDAV Privilege Escalation Exploit (MS16-016) (2)

Microsoft Windows 7-10 & Server 2008-2012 - Local Privilege Escalation (x32/x64)...

Microsoft Windows 8.1 (x64) - RGNOBJ Integer Overflow (MS16-098)

Microsoft Windows devenum.dll!DeviceMoniker::Load() - Heap Corruption Buffer Underflow (MS16-007)

Microsoft Windows Group Policy - Privilege Escalation (MS16-072)

Microsoft Windows Help program (WinHlp32.exe) Crash PoC

Microsoft Windows HTA (HTML Application) - Remote Code Execution (MS14-064)

Microsoft Windows Kernel - win32k Denial of Service (MS16-135)

Microsoft Windows Kernel - 'win32k.sys' 'NtSetWindowLongPtr' Privilege Escalation...

Microsoft Windows Kernel Intel x64 SYSRET PoC

Microsoft Windows Kernel win32k.sys - 'NtSetWindowLongPtr' Privilege Escalation...

Microsoft Windows Media Center .MCL File Processing Remote Code Execution (MS16-059)

Microsoft Windows Media Center 6.1.7600 - 'ehshell.exe' XML External Entity...

Microsoft Windows Media Center Library Parsing RCE Vulnerability aka "self-executing" MCL File

Microsoft Windows Media Center Link File Incorrectly Resolved Reference

Microsoft Windows OLE Object File Handling Remote Code Execution

Microsoft Windows Server 2003 SP2 - Privilege Escalation

Microsoft Windows WebDAV BSoD PoC (MS-016)

Microsoft Windows xp Win32k.sys Local Kernel DoS Vulnerability

Microsoft WININET.dll - CHttpHeaderParser::ParseStatusLine Out-of-Bounds Read (M...

Microsoft Word Local Machine Zone Remote Code Execution Vulnerability

Microsoft XML Core Services MSXML Uninitialized Memory Corruption

Microsoft XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation

Microsoft XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation

Microweber 0.905 - Error Based SQL Injection

Microweber 1.0.3 - Stored XSS And CSRF Add Admin Exploit

Microweber 1.0.3 File Upload Filter Bypass Remote PHP Code Execution

Microweber CMS 0.93 - CSRF Vulnerability

Microweber CMS 0.95 - SQL Injection

MihanTools Script 1.3.3 SQL Injection Vulnerability

Mikrotik Router Denial of Service

Mikrotik RouterOS sshd (ROSSSH) - Remote Preauth Heap Corruption

Milw0rm Clone Script 1.0 - (Auth Bypass) SQL Injection Vulnerability

MinaliC Webserver 2.0.0 - Buffer Overflow (Egghunter)

Minecraft Launcher - Insecure File Permissions Privilege Escalation

miniBB 3.1 - Blind SQL Injection

miniblog 1.0.1 - Cross-Site Request Forgery (Add New Post)

miniCMS v1.0 : v2.0 php inject code

Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - (.wax) Buffer Overflow/DoS EIP Overwrite

Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 (.wax) SEH Buffer Overflow

Mini-stream RM-MP3 Converter v3.1.2.2 Local Buffer Overflow

MiniUPnPd 1.0 Stack Buffer Overflow Remote Code Execution

MiniWeb (Build 300) Arbitrary File Upload

MINIX 3.3.0 Local Denial of Service PoC

MINIX 3.3.0 Remote TCP/IP Stack DoS

Mirai Vulnerability Disclosed, But Exploits May Constitute Hacking Back

Mitsubishi MC-WorkX 8.02 ActiveX Control (IcoLaunch) File Execution

Mitsubishi MX ActiveX Component v3 (ActUWzd.dll (WzTitle)) - Remote Exploit

MLM (Multi Level Marketing) Script - Multiple Vulnerabilities

MLM Unilevel Plan Script 1.0.2 - SQL Injection

MLMAuction Script (gallery.php, id param) - SQL Injection

Moab < 7.2.9 - Authorization Bypass

MobileCartly 1.0 Arbitrary File Creation Vulnerability

MobileCartly 1.0 Remote File Upload Vulnerability

MobileIron Virtual Smartphone Platform Privilege Escalation Exploit

Mobipocket Reader 6.2 Build 608 Buffer Overflow

MOBOTIX Video Security Cameras - CSRF Add Admin Exploit

Mock SMTP Server 1.0 Remote Crash PoC

mod_accounting Module 0.5 - Blind SQL Injection

Mod_Auth_OpenID Session Stealing Vulnerability

Model Agentur Script SQL Injection Vunerability

modified eCommerce Shopsoftware 2.0.0.0 rev 9678 - Blind SQL Injection

ModX 2.2.0 Multiple Vulnerabilities

MoinMoin - Arbitrary Command Execution

MoinMoin twikidraw Action Traversal File Upload

Monsta FTP 1.6.2 - Multiple Vulnerabilities

Moodle 2.3.9, 2.4.6 - Multiple Vulnerabilities

Moodle 2.7 - Persistent XSS

Moodle Remote Command Execution

MooPlayer 1.3.0 'm3u' SEH Buffer Overflow

Motorola SBG901 Wireless Modem - CSRF Vulnerability

mount.cifs chdir() Arbitrary root File Identification

Movable Type Pro 5.13en Stored XSS Vulnerability

Movavi VideoSuite 8.0 MediaPlayer m3u Buffer Overflow

Movavi VideoSuite 8.0 Movie Editor avi Local Crash PoC

Movavi VideoSuite 8.0 SlideShow jpg Local Crash PoC

Movie Portal Script 7.35 - SQL Injection

MoviePlay 4.82 (.lst) Buffer Overflow

Moxa SoftCMS 1.5 - Denial of Service (PoC)

Mozilla Firefox 29.0 - Null Pointer Dereference Vulnerability

Mozilla Firefox 3.5.4 - Local Color Map Exploit

Mozilla Firefox 3.6 - Integer Overflow Exploit

Mozilla Firefox 7 / 8 Out-Of-Bounds Access

Mozilla Firefox Bootstrapped Addon Social Engineering Code Execution

Mozilla Firefox Firefox 4.0.1 Array.reduceRight() Exploit

Mozilla Thunderbird 17.0.6 - Input Validation Filter Bypass

MPlayer Lite r33064 m3u SEH Overflow Exploit

MPlayer SAMI Subtitle File Buffer Overflow

Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow

MS Office 2007 and 2010 - OLE Arbitrary Command Execution

MS SQL Server 2000/2005 SQLNS.SQLNamespace COM Object Refresh() Unhandled Pointer Exploit

MS Windows Server 2003 AD Pre-Auth BROWSER ELECTION Remote Heap Overflow

MS10-002 Internet Explorer Object Memory Use-After-Free

MS11-011(CVE-2011-0045): MS Windows XP WmiTraceMessageVa Integer Truncation Vulnerability PoC

MS11-046 Afd.sys Proof of Concept

MS11-080 AfdJoinLeaf Privilege Escalation

MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability

MS12-027 MSCOMCTL ActiveX Buffer Overflow

MS12-037 Internet Explorer Same ID Property Deleted Object Handling Memory Corruption

MS12-063 Microsoft Internet Explorer execCommand Use-After-Free Vulnerability

MS13-005 HWND_BROADCAST PoC

MS13-009 Microsoft Internet Explorer COALineDashStyleArray Integer Overflow

MS13-055 Microsoft Internet Explorer CAnchorElement Use-After-Free

MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free

MS13-069 Microsoft Internet Explorer CCaret Use-After-Free

MS13-071 Microsoft Windows Theme File Handling Arbitrary Code Execution

MS13-080 Microsoft Internet Explorer CDisplayPointer Use-After-Free

MS13-097 Registry Symlink IE Sandbox Escape

MS14-009 .NET Deployment Service IE Sandbox Escape

MS14-012 Internet Explorer CMarkup Use-After-Free

MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free

MS14-017 Microsoft Word RTF Object Confusion

MS14-060 Microsoft Windows OLE Package Manager Code Execution

MS14-064 Microsoft Windows OLE Package Manager Code Execution

MS14-064 Microsoft Windows OLE Package Manager Code Execution Through Python

MS15-078 Microsoft Windows Font Driver Buffer Overflow

MS15-100 Microsoft Windows Media Center MCL Vulnerability

MSI - NTIOLib.sys / WinIO.sys Local Privilege Escalation

MTS MBlaze Ultra Wi-Fi / ZTE AC3633 - Multiple Vulnerabilities

Mulesoft ESB Runtime 3.5.1 - Privilege Escalation Vulnerability

Mulitple WordPress Themes (admin-ajax.php, img param) - Arbitrary File Download

Multimedia Builder 4.9.8 Malicious mef Crash

Multiple Applications - Local Credentials Disclosure

Multiple CCTV-DVR Vendors - Remote Code Execution

Multiple JVC HDRs and Net Cameras - Multiple Vulnerabilities

Multiple SQL injection rivettracker <=1.03

Multiple Vendor Calendar Manager Remote Code Execution

Multiple Vendors (RomPager <= 4.34) - Misfortune Cookie Router Authentication Bypass

Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer

Multiples Nexon Games - Unquoted Path Privilege Escalation

MuM MapEdit 3.2.6.0 - Multiple Vulnerabilities

MuPDF 1.3 - Stack-based Buffer Overflow in xps_parse_color()

Mutiny 5 Arbitrary File Upload

Mutiny Remote Command Execution

MW6 Technologies Aztec ActiveX (Data param) - Buffer Overflow

MW6 Technologies DataMatrix ActiveX (Data param) - Buffer Overflow

MW6 Technologies MaxiCode ActiveX (Data param) - Buffer Overflow

My Click Counter 1.0 - Authentication Bypass

My File Explorer v1.3.1 iOS - Multiple Web Vulnerabilities

My Link Trader 1.1 - Authentication Bypass

My Link Trader 1.1 - 'id' Parameter SQL Injection

My PDF Creator & DE DM 1.4 iOS - Multiple Vulnerabilities

My Php Dating 2.0 - 'id' Parameter SQL Injection

My Php Dating 2.0 - 'path' Parameter SQL Injection

My.WiFi USB Drive 1.0 iOS - File Include Vulnerability

MyAuth3 Blind SQL Injection

MyBB <= 1.8.2 - unset_globals() Function Bypass and Remote Code Execution Vulnerability

MyBB 1.6.2 Stored XSS Vulnerability

MyBB 1.8 Beta 3 - Multiple Vulnerabilities

MyBB 1.8.6 - Cross-Site Scripting

MyBB 1.8.6 - SQL Injection

MyBB Ajaxfs v2 Plugin - SQL Injection Vulnerability

MyBB Profile Albums Plugin 0.9 (albums.php, album parameter) SQL Injection

MyBB User Social Networks Plugin 1.2 - Stored XSS

MyClientBase v0.12 - Multiple Vulnerabilities

myDBLite v1.1.10 for iPhone / iPod touch, Directory Traversal

MyMarket 1.71 (index.php) SQL Injection Vulnerability

MyMp3 Player Stack .m3u DEP Bypass Exploit

MYRE Real Estate Mobile 2012 Multiple Vulnerabilities

MYRE Realty Manager Multiple Vulnerabilities

mySCADAPro 7 - Local Privilege Escalation

mySeatXT 0.2134 - SQL Injection

MySms v1.0 Multiple Vulnerabilities

MySQL (Linux) Database Privilege Elevation Zeroday Exploit

MySQL (Linux) Heap Based Overrun PoC Zeroday

MySQL (Linux) Stack Based Buffer Overrun PoC Zeroday

MySQL / MariaDB / PerconaDB 5.5.52 / 5.6.33 / 5.7.15 - Code Execution / Privilege...

MySQL 5.0.x IF Query Handling Remote Denial Of Service Vulnerability

MySQL 5.1/5.5 WiNDOWS REMOTE R00T (mysqljackpot)

MySQL 5.5.45 (64bit) - Local Credentials Disclosure

MySQL Denial of Service Zeroday PoC

MySQL Remote Preauth User Enumeration Zeroday

MySQL Remote Root Authentication Bypass

MySQL Squid Access Report 2.1.4 HTML Injection

MySQL Windows Remote System Level Exploit (Stuxnet technique) 0day

N`CMS 1.1E Pre-Auth Local File Inclusion Remote Code Exploit

N-13 News 4.0 CSRF Vulnerability (Add Admin)

Naenara Browser 3.5 (RedStar 3.0 Desktop) - 'JACKRABBIT' Client-Side Command...

Nagios < 4.2.2 - Arbitrary Code Execution

Nagios < 4.2.4 - Privilege Escalation

Nagios 4.2.2 - Privilege Escalation

Nagios history.cgi Remote Command Execution Vulnerability

Nagios Incident Manager 2.0.0 - Multiple Vulnerabilities

Nagios Log Server 1.4.1 - Multiple Vulnerabilities

Nagios Network Analyzer 2.2.0 - Multiple Vulnerabilities

Nagios Network Analyzer 2.2.1 - Multiple CSRF

Nagios3 history.cgi Host Command Execution

Nakid CMS - Multiple Vulnerabilities

Narcissus Image Configuration Passthru Vulnerability

Narcissus Remote Command Execution Vulnerability

NAS4Free Arbitrary Remote Code Execution

NASdeluxe NDL-2400r 2.01.09 - OS Command Injection

NationBuilder Multiple Stored XSS Vulnerabilities

Navicat Premium 11.2.11 (64bit) - Local Database Password Disclosure

Navis WebAccess - SQL Injection

NCMedia Sound Editor Pro v7.5.1 MRUList201202.dat File Handling Buffer Overflow

NDPROXY Local SYSTEM Privilege Escalation

Nero MediaHome 4.5.8.0 Denial Of Service Vulnerability

Nessus Web UI 2.3.3 - Stored XSS

NetBilletterie 2.8 - Multiple Vulnerabilities

NetBSD mail.local - Privilege Escalation (Metasploit)

netbsd/x86 kill all processes shellcode 23 bytes

NetCat 0.7.1 - Denial of Service

NetCommWireless HSPA 3G10WVE Wireless Router – Multiple Vulnerabilities

NetDrive 2.6.12 - Unquoted Service Path Privilege Escalation

Netgear DGN1000 / DGN2200 - Multiple Vulnerabilities

Netgear DGN1000B - Multiple Vulnerabilities

NETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Password Disclosure vulnerability

NetGear DGN2200 N300 Wireless Router - Multiple Vulnerabilities

Netgear DGN2200B - Multiple Vulnerabilities

Netgear Genie 2.4.32 - Unquoted Service Path Elevation of Privilege

NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities

Netgear ProSafe - Denial of Service Vulnerability

Netgear ProSafe - Information Disclosure Vulnerability

NETGEAR ProSafe Network Management System 300 Arbitrary File Upload

NETGEAR ProSafe Network Management System NMS300 - Multiple Vulnerabilities

Netgear R7000 - Command Injection

Netgear R7000 - Cross-Site Scripting

Netgear SPH200D Multiple Vulnerabilities

Netgear Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities

NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation

Netgear Wireless Router WNR500 - Parameter Traversal Arbitrary File Access Exploit

Netgear WNR1000 - Authentication Bypass

Netgear WNR1000v3 - Password Recovery Credential Disclosure Vulnerability

Netgear WNR1000v4 - Authentication Bypass

NETGEAR WNR2000v5 - Remote Code Execution

Netgear WPN824v3 - Unauthorized Config Download

NetIQ Privileged User Manager 2.3.1 ldapagnt_eval() Remote Perl Code Execution

netis RealTek Wireless Router / ADSL Modem - Multiple Vulnerabilities

NetLink Arbitrary File Upload Vulnerability

NetMan 204 - Backdoor Account

Netmechanica NetDecision Dashboard Server Information Disclosure Vulnerability

Netmechanica NetDecision HTTP Server Denial Of Service Vulnerability

Netmechanica NetDecision Traffic Grapher Server Information Disclosure Vulnerability

netOffice Dwins <= 1.4p3 SQL Injection Vulnerability

NetOp Remote Control Client 9.5 Buffer Overflow',

NetSchedScan 1.0 - Crash PoC

Netsweeper WebAdmin Portal Multiple Vulnerabilities

NetUSB Kernel Stack Buffer Overflow

Netwin SurgeFTP Sever 23d6 - Stored Cross Site Scripting Vulnerabilities.

Network Scanner 4.0.0 - SEH Local Buffer Overflow

Network Scanner Version 4.0.0.0 - SEH Crash POC

Network Shutdown Module <= 3.21 (sort_values) Remote PHP Code Injection

Network Weathermap 0.97a (editor.php) - Persistent XSS

NetworX CMS - CSRF Add Admin

Netwrix Auditor 7.1.322.0 - ActiveX (sourceFile) Stack Buffer Overflow

News Script PHP v1.2 Multiple Vulnerabilites

NewsAdd <= 1.0 (lerNoticia.php id) SQL Injection Vulnerability

NewsAdd <=1.0 Multiple SQL Injection Vulnerabilities

Newscoop 3.5.3 Multiple Vulnerabilities

Nexpose Security Console CSRF Vulnerability

NFR Agent FSFUI Record File Upload RCE

NG WifiTransfer Pro 1.1 - Local File Inclusion

nginx 1.3.9/1.4.0 x86 Brute Force Remote Exploit

nginx 1.3.9-1.4.0 DoS PoC

nginx Exploit Documentation About a Generic Way to Exploit Linux Targets

NCH Software Express Burn Plus 4.68 (.EBP) Project File Buffer Overflow

Nibbleblog File Upload Vulnerability

Nidesoft MP3 Converter 2.6.18 - SEH Local Buffer Overflow

Nitro PDF Reader 1.4.0 Remote Heap Memory Corruption / DoS PoC

Nitro Pro <= 10.5.7.32 & Nitro Reader <= 5.5.3.1 - Heap Memory Corruption

Nitro Pro 8.0.3.1 - Crash PoC

No-CMS 0.6.6 rev 1 - Admin Account Hijacking / RCE Exploit via Static Encryption Key

nodCMS - Cross-Site Request Forgery

Node Browserify 4.2.0 - Remote Code Execution Vulnerability

Nodejs js-yaml load() Code Exec

NO-IP DUC v4.1.1 - Unquoted Service Path Privilege Escalation

No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow

Nokia N97 m3u Playlist Crash PoC

NotePad++ 6.6.9 - Buffer Overflow

Notepad++ DSpellCheck 1.2.12.0 - Denial of Service

Notepad++ NPPFtp Plugin 0.26.3 - Buffer Overflow

Notepad++ Plugin Notepad# 1.5 - Local Exploit

Nova CMS Directory Traversal

Novell Client 4.91 SP4 nwfs.sys Local Privilege Escalation

Novell Client 4.91 SP4 Privilege Escalation Exploit

Novell eDirectory 8 Buffer Overflow

Novell Groupwise 8.0.2 HP3 and 2012 Integer Overflow Vulnerability

Novell Groupwise Address Book Remote Code Execution

Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution

Novell Groupwise Internet Agent LDAP BIND Request Overflow Vulnerability

Novell iPrint Client ActiveX Control <= 5.52 Buffer Overflow

Novell Iprint LPD Remote Code Execution Vulnerability

Novell NCP Pre-Auth Remote Root Exploit

Novell NetIQ Privileged User Manager 2.3.1 auth.dll pa_modify_accounts() RCE

Novell NetIQ Privileged User Manager 2.3.1 ldapagnt.dll ldapagnt_eval() Perl Code Evaluation RCE

Novell Netware NWFTPD.NLM DELE Remote Code Execution Vulnerability

Novell Netware RPC XNFS xdrDecodeString Vulnerability

Novell Sentinel Log Manager <= 1.2.0.1 Directory Traversal

Novell Sentinel Log Manager <=1.2.0.2 Retention Policy Vulnerability

Novell Service Desk 7.1.0, 7.0.3 and 6.5 - Multiple Vulnerabilities

Novell ServiceDesk Authenticated File Upload

Novell ZenWorks 10 & 11 TFTPD Remote Code Execution Vulnerability

Novell ZENworks Asset Management Remote Execution

Novell ZENworks Configuration Management Preboot Service 0x06 Buffer Overflow

Novell ZENworks Configuration Management Preboot Service 0x21 Buffer Overflow

Novell ZENworks Configuration Management Preboot Service 0x4c Buffer Overflow

Novell ZENworks Configuration Management Preboot Service 0x6c Buffer Overflow

Novell Zenworks Mobile Device Managment Local File Inclusion Vulnerability

NRPE <= 2.15 - Remote Command Execution

NScan 0.9.1 - (Target) Buffer Overflow

ntop 2.3 <= 2.5 - Multiple Vulnerabilities

ntop-ng <= 2.0.151021 - Privilege Escalation

ntopng 1.2.0 - XSS Injection

NTP 4.2.8p3 - Denial of Service

NTP 4.2.8p8 - Denial of Service

NTP ntpd monlist Query Reflection - Denial of Service

Ntpd <= ntp-4.2.6p5 - ctl_putdata() Buffer Overflow

Ntpdc 4.2.6p3 - Local Buffer Overflow

NTR ActiveX Control Check() Method Buffer Overflow

NTR ActiveX Control StopModule() Remote Code Execution

Nucom ADSL ADSLR5000UN ISP Credentials Disclosure

Nuts CMS Remote PHP Code Injection / Execution

NUUO NVRmini 2 3.0.8 - (Add Admin) CSRF

NUUO NVRmini 2 3.0.8 - (strong_user.php) Backdoor Remote Shell Access

NUUO NVRmini 2 3.0.8 - Arbitrary File Deletion

NUUO NVRmini 2 3.0.8 - Local File Disclosure

NUUO NVRmini 2 3.0.8 - Remote Root Exploit

NUUO NVRmini 2 3.0.8 - ShellShock Remote Code Execution

NUUO NVRmini2 / NVRsolo / Crystal Devices and NETGEAR ReadyNAS Surveillance Application -...

NVidia Display Driver Service (Nsvr) Exploit

NVIDIA Driver - Escape 0x100010b Missing Bounds Check

NVIDIA Driver - Escape Code Leaks Uninitialised ExAllocatePoolWithTag Memory to...

NVIDIA Driver - Incorrect Bounds Check in Escape 0x70001b2

NVIDIA Driver - Missing Bounds Check in Escape 0x100009a

NVIDIA Driver - Missing Bounds Check in Escape 0x70000d5

NVIDIA Driver - No Bounds Checking in Escape 0x7000170

NVIDIA Driver - No Bounds Checking in Escape 0x7000194

NVIDIA Driver - NvStreamKms Stack Buffer Overflow in...

NVIDIA Driver - Stack Buffer Overflow in Escape 0x10000e9

NVIDIA Driver - Stack Buffer Overflow in Escape 0x7000014

NVIDIA Driver - Unchecked User-Provided Pointer in Escape 0x5000027

NVIDIA Driver - Unchecked Write to User-Provided Pointer in Escape 0x600000D

NVIDIA Driver - Unchecked Write to User-Provided Pointer in Escape 0x700010d

NVIDIA Driver - UVMLiteController ioctl Handling Unchecked Input/Output Lengths...

Nvidia Linux Driver Privilege Escalation

NVIDIA Stereoscopic 3D Driver Service 7.17.13.5382 - Arbitrary Run Key Creation

NXFilter 3.0.3 - CSRF Vulnerabilities

NXFilter 3.0.3 - Multiple XSS Vulnerabilities

Obfuscated Shellcode Linux x86 - chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User & Execute /bin/bash

ObiHai ObiPhone 1032/1062 < 5-0-0-3497 - Multiple Vulnerabilities

Observium 0.16.7533 - Authenticated Arbitrary Command Execution

Observium 0.16.7533 - Cross Site Request Forgery

Office 2008 sp0 RTF Pfragments MAC exploit

Office Assistant Pro 2.2.2 iOS - File Include Vulnerability

Offset2lib: Bypassing Full ASLR On 64bit Linux

Olat CMS 7.8.0.1 - Persistent XSS

Olive File Manager 1.0.1 iOS - Multiple Vulnerabilities

OliveOffice Mobile Suite 2.0.3 iOS - File Include Vulnerability

OmegaBill 1.0 Build 6 Multiple Vulnerabilities

Omeka 2.2 - CSRF And Stored XSS Vulnerability

Omeka 2.2.1 - Remote Code Execution Exploit

Omnistar Mailer v7.2 Multiple Vulnerabilities

OneFileCMS - Failure to Restrict URL Access

OneForum (topic.php) SQL Injection Vulnerability

OneForum SQL Injection Vulnerability

onehttpd 0.7 - Denial of Service

Online Airline Booking System - Multiple Vulnerabilities

Online Food Delivery 2.04 - Authentication Bypass

Onlineon E-Ticaret Database Disclosure Exploit

ONO Hitron CDE-30364 Router - Denial Of Service

Onpub CMS 1.4 & 1.5 - Multiple SQL Injection Vulnerabilities

op5 7.1.9 - Remote Command Execution

Open Flash Chart 2 Arbitrary File Upload

Open Real Estate CMS 1.5.1 - Multiple Vulnerabilities

Open Upload 0.4.2 - (Add Admin) CSRF

Open Web Analytics 1.5.4 (owa_email_address param) - SQL Injection Vulnerability

OpenBSD <= 5.5 - Local Kernel Panic

OpenCart 1.5.2.1 Multiple Vulnerabilities

OpenCart 2.1.0.2 to 2.2.0.0 - json_decode Function Remote Code Execution

OpenCimetiere v3.0.0-a5 - Blind SQL Injection

Openconstructor CMS 3.12.0 \'id\' Parameter Multiple SQL Injection

OpenDocMan 1.2.7 - Multiple Vulnerabilities

OpenDocMan 1.3.4 - CSRF Vulnerability

OpenDocMan v1.2.6.1 Password Change CSRF

Openedit <= v5.1294 Remote Code Execution Exploit

OpenEMR 4.1.1 Patch 14 - Multiple Vulnerabilities

OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution

OpenEMR PHP File Upload Vulnerability

OpenFiler 2.99.1 - CSRF Vulnerability

Openfiler v2.x NetworkCard Command Execution

Openfire <= 3.6.0a Admin Console Authentication Bypass

Openfire 3.10.2 - CSRF Vulnerabilities

Openfire 3.10.2 - Multiple XSS Vulnerabilities

Openfire 3.10.2 - Privilege Escalation

Openfire 3.10.2 - Remote File Inclusion

Openfire 3.10.2 - Unrestricted File Upload

Open-FTPD 1.2 Arbitrary File Upload

OpenLDAP 2.4.42 - ber_get_next Denial of Service

OpenMediaVault Cron Remote Command Execution

OpenMRS 2.3 (1.11.4) - Expression Language Injection Vulnerability

OpenMRS 2.3 (1.11.4) - Local File Disclosure Vulnerability

OpenMRS 2.3 (1.11.4) - Multiple Cross-Site Scripting Vulnerabilities

OpenMRS 2.3 (1.11.4) - XML External Entity (XXE) Processing Exploit

OpenMRS Reporting Module 0.9.7 - Remote Code Execution

OpenNMS - Java Object Unserialization Remote Code Execution (Metasploit)

OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow

OpenPLI v3.0 beta (OpenPLi-beta-dm7000-20130127-272) - Multiple Vulnerabilities

OpenSSH < 7.4 - agent Protocol Arbitrary Library Loading

OpenSSH < 7.4 - 'UsePrivilegeSeparation Disabled' Forwarded Unix Domain Sockets...

OpenSSH <= 7.2p1 - xauth Injection

OpenSSH 7.2 - Denial of Service

OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions)

OpenSSL 1.1.0a/1.1.0b - Denial of Service

OpenSSL Alternative Chains Certificate Forgery

OpenSSL ASN1 BIO Memory Corruption Vulnerability

OpenSSL Padding Oracle in AES-NI CBC MAC Check

OpenSSL TLS Heartbeat Extension - Memory Disclosure

OpenType Font File Format DoS Exploit pro Windows

OpenVAS Manager Command Injection Vulnerability

OpenX Backdoor PHP Code Execution

Open-Xchange App Suite 7.8.2 - Cross Site Scripting

Open-Xchange Guard 2.4.2 - Multiple Cross Site Scripting

Open-Xchange Server 6 - Multiple Vulnerabilities

Opera 11.01 NULL PTR Derefernce

Opera SVG Use After Free Vulnerability

Ophcrack 3.5.0 - Local Code Execution BOF

OPS Old Post Spinner 2.2.1 Wordpress Plugin LFI Vulnerability

Opsview <= 4.6.2 - Multiple XSS Vulnerabilities

Opsview pre 4.4.1 - Blind SQL Injection

Oracle 10/11g exp.exe - param file Local Buffer Overflow PoC Exploit

Oracle Application Framework Diagnostic Mode Bypass Vulnerability

Oracle Application Testing Suite 12.4.0.2.0 - Authentication Bypass and Arbitrary File...

Oracle Automated Service Manager 1.3 Installation Local Privilege Escalation

Oracle AutoVue ActiveX Control SetMarkupMode Buffer Overflow

Oracle BeeHive 2 voice-servlet prepareAudioToPlay() Arbitrary File Upload

Oracle BeeHive 2 voice-servlet processEvaluation() Vulnerability

Oracle BI Publisher 11.1.1.6.0 / 11.1.1.7.0 / 11.1.1.9.0 / 12.2.1.0.0 - XML...

Oracle Business Transaction Management FlashTunnelService Remote Code Execution

Oracle Business Transaction Management Server 12.1.0.2.7 FlashTunnelService Remote File Deletion

Oracle Business Transaction Management Server 12.1.0.2.7 FlashTunnelService WriteToFile Message RCE

Oracle Database Authentication Protocol Security Bypass

Oracle Database Client System Analyzer Arbitrary File Upload

Oracle Demantra 12.2.1 - Arbitrary File Disclosure

Oracle Demantra 12.2.1 - Database Credentials Disclosure

Oracle Demantra 12.2.1 - SQL Injection Vulnerability

Oracle Demantra 12.2.1 - Stored XSS Vulnerability

Oracle Event Processing FileUploadServlet Arbitrary File Upload

Oracle Forms and Reports 11.1 - Remote Exploit

Oracle Forms and Reports Remote Code Execution

Oracle GlassFish Server - REST CSRF

Oracle GlassFish Server 3.1.1 (build 12) Multiple XSS

Oracle HtmlConverter.exe - Buffer Overflow

Oracle Identity Manager 11g R2 SP1 (11.1.2.1.0) - Unvalidated Redirects

Oracle Java ByteComponentRaster.verify() Memory Corruption

Oracle Java BytePackedRaster.verify() Signed Integer Overflow

Oracle Java IntegerInterleavedRaster.verify() Signed Integer Overflow

Oracle Java lookUpByteBI - Heap Buffer Overflow

Oracle Java ShortComponentRaster.verify() Memory Corruption

Oracle Java storeImageArray() Invalid Array Indexing

Oracle MySQL Eventum 2.3 Remote Script Insertion Vulnerabilities

Oracle MySQL for Microsoft Windows Payload Execution

Oracle Netbeans IDE v8.1 - Import Directory Traversal

Oracle OpenSSO 8.0 Multiple XSS POST Injection Vulnerabilities

Oracle Outside In MDB File Parsing Stack Based Buffer Overflow PoC

Oracle Outside In PDF 8.5.2 - Parsing Memory Corruption Vulnerability

Oracle Outside In PDF 8.5.2 - Parsing Memory Corruption Vulnerability 2

Oracle Outside-In FPX File Parsing Heap Overflow

Oracle Outside-In JP2 File Parsing Heap Overflow

Oracle Outside-In LWP File Parsing Stack Based Buffer Overflow

Oracle VM VirtualBox 4.1 Local Denial of Service Vulnerability

Oracle VM VirtualBox 4.3.28 - '.ovf' Crash (PoC)

Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Remote Code Execution

Oracle WebCenter Sites (FatWire Content Server) Multiple Vulnerabilities

Oracle WebLogic Session Fixation Via HTTP POST

Orange Inventel LiveBox 5.08.3-sp - Cross-Site Request Forgery

Oreans Themida v2.1.8.0 TMD File Handling Buffer Overflow Vulnerability

Oreans WinLicense v2.1.8.0 XML File Handling Unspecified Memory Corruption

OroCRM - Stored XSS Vulnerability

Orthanc DICOM Server 1.1.0 - Memory Corruption

OS X - gst_configure Kernel Buffer Overflow

OS X - IntelAccelerator::gstqConfigure Exploitable Kernel NULL Dereference

OS X - IOBluetoothHCIPacketLogUserClient Memory Corruption

OS X - IOBluetoothHCIUserClient Arbitrary Kernel Code Execution

OS X - IOHDIXControllerUserClient::convertClientBuffer Integer Overflow

OS X - IOSCSIPeripheralDeviceType00 Userclient Type 12 Exploitable Kernel NULL Dereference

OS X - OSMetaClassBase::safeMetaCast in IOAccelContext2::connectClient Exploitable NULL Dereference

OS X / iOS Suid Binary Logic Error Kernel Code Execution

OS X < 10.10.x - Gatekeeper bypass Vulnerability

OS X 10.10 DYLD_PRINT_TO_FILE Local Privilege Escalation

OS X 10.10.5 - XNU Local Privilege Escalation

OS X and iOS Kernel - IOHDIXControllUserClient::clientClose Use-After-Free/Double Free

OS X and iOS Kernel - iokit Registry Iterator Manipulation Double Free

OS X and iOS Unsandboxable Kernel Use-After-Free in Mach Vouchers

OS X Install.framework Arbitrary mkdir, unlink and chown to admin Group

OS X Install.framework suid Helper Privilege Escalation

OS X Install.framework suid root Runner Binary Privilege Escalation

OS X Kernel - AppleKeyStore Use-After-Free

OS X Kernel - Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort

OS X Kernel - Hypervisor Driver Use-After-Free

OS X Kernel - IOAccelDisplayPipeUserClient2 Use-After-Free

OS X Kernel - IOAccelMemoryInfoUserClient Use-After-Free

OS X Kernel - no-more-senders Use-After-Free

OS X Kernel - Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method...

OS X Kernel Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver

OS X Local Root Exploit for Viscosity OpenVPN Client

OS X Regex Engine (TRE) - Integer Signedness and Overflow Issues

OS X Regex Engine (TRE) - Stack Buffer Overflow

OS X x64 - tcp bind shellcode, NULL byte free (144 bytes)

OS X x64 /bin/sh Shellcode, NULL Byte Free, 34 bytes

OS X/iOS Kernel - IOSurface Use-After-Free

OsClass 3.4.1 (index.php, file param) - Local File Inclusion

OsiriX DICOM Viewer 8.0.1 - Memory Corruption

OSSEC 2.7 <= 2.8.1 - Local Root Escalation

Osticket 1.9.14 - 'X-Forwarded-For' Cross-Site Scripting

OSX - io_service_close Use-After-Free

OSX <= 10.8.4 - Local Root Priv Escalation (py)

OTRS 3.1 Stored XSS Vulnerability

OTRS Open Technology Real Services 3.1.4 Stored XSS

Ovidentia 7.9.4 - Multiple Vulnerabilities

Ovidentia 7.9.6 - Multiple Vulnerabilities

Ovidentia maillist Module 4.0 - Remote File Inclusion Exploit

Ovidentia newsletter Module 2.2 - (admin.php) Remote File Inclusion Exploit

Ovidentia online Module 2.8 - GLOBALS[babAddonPhpPath] Remote File Inclusion

Ovidentia troubleticketsModule 7.6 - Remote File Inclusion

Ovidentia Widgets 1.0.61 - Remote Command Execution Exploit

ownCloud 4.0.x, 4.5.x (upload.php, filename param) - Remote Code Execution

ownCloud 6.0.0a - Multiple Vulnerabilities

Oxwall 1.7.0 - Multiple CSRF And HTML Injection Vulnerabilities

Oxwall 1.7.0 - Remote Code Execution Exploit

Oxwall 1.7.4 - CSRF Vulnerability

Paid Memberships Pro 1.7.14.2 Path Traversal

Palo Alto Networks PanOS appweb3 - Stack Buffer Overflow

Palo Alto Networks PanOS root_reboot - Privilege Escalation

Palo Alto Networks PanOS root_trace - Privilege Escalation

Panda Endpoint Administration Agent < 7.50.00 - Privilege Escalation

Panda Security URL Filtering < 4.3.1.9 - Privilege Escalation

Pandora FMS 5.0, 5.1 - Authentication Bypass

Pandora FMS 5.0RC1 - Remote Command Injection

Pandora FMS 5.1 SP1 - SQL Injection Vulnerability

Pandora FMS Remote Code Execution

Pandora FMS SQLi Remote Code Execution

Pandora v3.1 Auth Bypass and Arbitrary File Upload Vulnerability

Parallels PLESK 9.x Insecure Permissions

Parallels Plesk Sitebuilder 9.5 - Multiple Vulnerabilities

Parodia 6.8 employer-profile.asp SQL Injection

Parsp Shopping CMS [V5] Multiple Vulnerability

Passport PC To Host Malformed .zws file Memory Corruption Vulnerability

Password Manager Pro / Pro MSP - Blind SQL Injection

Paypal Currencucy Converter Basic For Woocommerce File Read

PayPal Inc BB #85 MB iOS 4.6 - Auth Bypass Vulnerability

PBBoard 2.1.4 Local File Inclusion

PBBoard CMS 3.0.1 - SQL Injection

PBBoard v2.1.4 CMS - Multiple Vulnerabilities

PBBoard v2.1.4 Multiple SQL Injection Vulnerabilities

PBlogEX v1.2 Multiply Vulnerabilities

PCAnywhere 12.5.0 build 463 Denial of Service

PCMAN FTP 2.07 STOR Command - Buffer Overflow Exploit

PCMAN FTP 2.07 STOR Command - Stack Overflow Exploit (MSF)

PCMan FTP Server 2.0.7 - 'ACCT' Command Buffer Overflow

PCMAN FTP Server 2.0.7 - 'DELETE' Command Buffer Overflow

PCMan FTP Server 2.0.7 - Directory Traversal Vulnerability

PCMan FTP Server 2.0.7 - 'NLST' Command Buffer Overflow

PCMan FTP Server 2.0.7 - 'PORT' Command Buffer Overflow

PCMan FTP Server 2.0.7 - PUT Command Buffer Overflow

PCMan FTP Server 2.0.7 - Remote Exploit (msf)

PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow (MSF)

PCMan FTP Server 2.0.7 - 'SITE CHMOD' Command Buffer Overflow

PCMAN FTP Server Buffer Overflow - PUT Command

PDF Album v1.7 iOS - File Include Web Vulnerability

PDF Complete 4.1.12 Corporate Edition - Unquoted Service Path Privilege Escalation

pdfium - opj_j2k_read_mcc (libopenjpeg) Heap-Based Out-of-Bounds Read

pdfium - opj_jp2_apply_pclr (libopenjpeg) Heap-Based Out-of-Bounds Read

pdfium - opj_t2_read_packet_header (libopenjpeg) Heap Use-After-Free

pdfium CPDF_DIBSource::DownSampleScanline32Bit - Heap-Based Out-of-Bounds Read

pdfium CPDF_Function::Call - Stack-Based Buffer Overflow

pdfium CPDF_TextObject::CalcPositionData - Heap-Based Out-of-Bounds Read

pdfium IsFlagSet (v8 memory management) - SIGSEGV

PDF-XChange Viewer 2.5.315.0 - Shading Type 7 Heap Memory Corruption

pdirl PHP Directory Listing 1.0.4 - Cross Site Scripting Web Vulnerabilities

PeerFTP Server <=v4.01 Remote Crash PoC

PEiD 0.95 - Memory Corruption POC

PEStudio 3.69 - Denial of Service

PFSense <= 2.2.5 - Directory Traversal

pfSense 2.1 build 20130911-1816 - Directory Traversal

pfSense Community Edition 2.2.6 - Multiple Vulnerabilities

pfSense Firewall <= 2.2.5 - Config File CSRF

pfSense Firewall <= 2.2.6 - Services CSRF

PFsense UTM Platform 2.0.1 XSS Vulnerability

pfSense2.1build20130911-1816-DirectoryTraversal

PG Portal Pro CSRF Vulnerability

phlyLabs phlyMail Lite 4.03.04 (go param) Open Redirect Vulnerability

phlyLabs phlyMail Lite 4.03.04 Path Disclosure and Stored XSS Vulnerabilities

Phoenix Contact ILC 150 ETH PLC Remote Control Script

PhonerLite 2.14 SIP Soft Phone - SIP Digest Disclosure

Photo Server 2.0 iOS - Multiple Vulnerabilities

Photo Transfer (2) 1.0 iOS - Denial of Service Vulnerability

Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities

Photo WiFi Transfer 1.01 - Directory Traversal Vulnerability

Photodex ProShow Producer 5.0.3310 - Local Buffer Overflow (SEH)

Photodex ProShow Producer v5.0.3256 Local Buffer Overflow Exploit

Photodex ProShow Producer v5.0.3297 (.pxs) Memory Corruption Exploit

Photorange 1.0 iOS - File Inclusion Vulnerability

Photos in Wifi 1.0.1 iOS - Arbitrary File Upload Vulnerability

PhotoWIFI Lite 1.0 iOS - Multiple Vulnerabilities

PHP <= 5.3.6 shmop_read() Integer Overflow DoS

PHP <= 5.4.3 (com_event_sink) Denial of Service

PHP <= 5.4.3 wddx_serialize_* / stream_bucket_* Variant Object Null Ptr Derefernce

PHP <= 7.0.4/5.5.33 - SNMP Format String Exploit

PHP 5.0.0 - domxml_open_file() Local Denial of Service

PHP 5.0.0 - fbird_[p]connect() Local Denial of Service

PHP 5.0.0 - simplexml_load_file() Local Denial of Service

PHP 5.0.0 - snmpwalk() Local Denial of Service

PHP 5.0.0 - snmpwalkoid() Local Denial of Service

PHP 5.0.0 - 'tidy_parse_file()' Buffer Overflow

PHP 5.0.0 - xmldocfile() Local Denial of Service

PHP 5.3.10 spl_autoload() Local Denial of Service

PHP 5.3.10 spl_autoload_call() Local Denial of Service

PHP 5.3.10 spl_autoload_register() Local Denial of Service

PHP 5.3.4 Win Com Module Com_sink Exploit

PHP 5.3.5 grapheme_extract() NULL Pointer Dereference PoC

PHP 5.4.0 Built-in Web Server DoS PoC

PHP 5.5.12 Locale::parseLocale Memory Corruption

PHP 5.5.33 - Invalid Memory Write

PHP 6.0 openssl_verify() Local Buffer Overflow PoC

PHP 7.0 - Object Cloning Local Denial of Service

PHP 7.0.0 - Format String Vulnerability

PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow

PHP 7.0.8 / 5.6.23 / 5.5.37 - bzread() Out-of-Bounds Write

PHP Address Book 6.2.12 Multiple security vulnerabilities

PHP apache_request_headers Function Buffer Overflow

PHP CGI Argument Injection

PHP CGI Argument Injection Exploit

PHP Classifieds Rental Script - Blind SQL Injection

PHP DateTime Use After Free Vulnerability

PHP Exif Extension 'exif_read_data()' Function Remote DoS

PHP gettext (gettext.php) 1.0.12 - Unauthenticated Code Execution

PHP Gift Registry 1.5.5 SQL Injection

PHP GMP unserialize() Use-After-Free

PHP IRC Bot pbot eval() Remote Code Execution

php ireport v1.0 Remote Html Code injection

PHP News Script 4.0.0 - SQL Injection

PHP Power Browse 1.2 - Directory Traversal

PHP Press Release - Cross-Site Request Forgery (Add Admin)

PHP Press Release - Stored Cross Site Scripting

PHP RSS Reader 2010 - SQL Injection

PHP Server Monitor 3.1.1- CSRF Privilege Escalation

PHP Server Monitor 3.1.1- Multiple CSRF Vulnerabilities

PHP Server Monitor Stored XSS

PHP Session Deserializer Use-After-Free

PHP Speedy <= 0.5.2 Wordpress Plugin (admin_container.php) Remote Code Exec Exploit

PHP SplDoublyLinkedList unserialize() Use-After-Free

PHP SplObjectStorage unserialize() Use-After-Free

PHP Stock Management System 1.02 - Multiple Vulnerabilty

PHP Telephone Directory - Multiple Vulnerabilities

PHP Ticket System Beta 1 (index.php p parameter) SQL Injection

PHP Utility Belt - Remote Code Execution

PHP Utility Belt Remote Code Execution

PHP Volunteer Management 1.0.2 Multiple Vulnerabilities

PHP Volunteer Management System v1.0.2 Arbitrary File Upload

PHP Webcam Video Conference - Multiple Vulnerabilities

PHP Webquest 2.6 - SQL Injection

PHP Weby Directory Software 1.2 Multiple Vulnerabilities

phpAcounts v.0.5.3 SQL Injection

PHPBack 1.3.0 - SQL Injection

PHPBTTracker+ 2.2 - SQL Injection

phpBugTracker 1.0.5 Multiple Reflected XSS Vulnerabilities

phpBugTracker 1.6.0 - Multiple Vulnerabilities

PHP-CMDB 0.7.3 - Multiple Vulnerabilities

phpCollab CMS 2.5 - (emailusers.php) SQL Injection

PHPCompta/NOALYSS 6.7.1 5638 - Remote Command Execution

phpDolphin <= 2.0.5 - Multiple Vulnerabilities

phpEnter 4.2.7 - (Add New Post) Cross-Site Request Forgery

phpFileManager 0.9.8 - CSRF Vulnerability

phpFileManager 0.9.8 - Remote Command Execution Vulnerability

phpFileManager 0.9.8 Remote Code Execution

PHPfileNavigator 2.3.3 - CSRF Vulnerability

PHPfileNavigator 2.3.3 - XSS Vulnerabilities

PHP-Fusion <= v7.02.07 - Blind SQL Injection

PHP-Fusion 7.02.07 - SQL Injection

php-Charts Arbitrary PHP Code Execution Vulnerability

PHP-Charts v1.0 PHP Code Execution Vulnerability

PHPIPAM 1.1.010 - Multiple Vulnerabilities

PHPIPAM 1.2.1 - Multiple Vulnerabilities

phplist - version 2.10.9 CSRF/XSS Vulnerability

phpList 2.10.17 Remote SQL Injection and XSS Vulnerability

PHPLIST 3.0.6 & 3.0.10 - SQL Injection Vulnerability

phpLiteAdmin 1.9.6 - Multiple Vulnerabilities

PHPMailer < 5.2.18 - Remote Code Execution (PHP)

PHPMailer < 5.2.18 - Remote Code Execution (Python)

PHPMailer < 5.2.20 - Remote Code Execution

PHPMailer < 5.2.20 / SwiftMailer < 5.4.5-DEV / Zend Framework / zend-mail < 2.4.11...

PHPMailer 5.2.17 - Remote Code Execution

PHPMoAdmin Unauthorized Remote Code Execution (0-Day)

PHPmongoDB 1.0.0 - Multiple Vulnerabilities

phpMyAdmin 3.5.2.2 server_sync.php Backdoor

phpMyAdmin 3.5.8 and 4.0.0-RC2 - Multiple Vulnerabilities

phpMyAdmin Authenticated Remote Code Execution via preg_replace()

phpMyBackupPro 2.5 - Remote Command Execution / CSRF

phpMyBitTorrent 2.0.4 SQL Injection Vulnerability

phpMyBitTorrent 2.04 Multiple Vulnerabilities

phpMyChat Plus v1.94 RC1 Multiple Remote Vulnerabilities

phpMyRecipes 1.2.2 (dosearch.php, words_exact param) - SQL Injection

PHP-Nuke 8.2.4 - Multiple Vulnerabilities

PHP-Nuke module(SPChat) SQL Injection Vulnerability

PhpOnlineChat 3.0 - XSS

phpPaleo' Local File Inclusion (CVE-2012-1671)

'phpPaleo' Local File Inclusion (CVE-2012-1671)

PHPShop 0.8.1 <= | Cross Site Scripting Vulnerability

PhpSocial 2.0.0304_20222226 - CSRF Vulnerability

phpSQLiteCMS - Multiple Vulnerabilities

phptax 0.8 <= Remote Code Execution Vulnerability

PhpTax pfilez Parameter Exec Remote Code Injection

phpVibe - Aribtrary File Disclosure ArticleFR 3.0.6 - Multiple Vulnerabilities

phpVID 1.2.3 - Multiple Vulnerabilities

PhpWiki - Remote Command Execution

PhpWiki 1.5.4 - Multiple Vulnerabilities

PhreeBooks R30RC4 Multiple Vulnerabilities

phxEventManager 2.0 beta 5 search.php search_terms SQL Injection

pChart 2.1.3 - Multiple Vulnerabilities

PicoPublisher v2.0 Remote SQL Injection

PictureTrails Photo Editor GE.exe 2.0.0 - .bmp Crash PoC

Pi-Hole Web Interface 2.8.1 - Stored XSS in Whitelist/Blacklist

PIKATEL 96338WS, 96338L-2M-8M - Unauthenticated DNS Change

Pimcore 3.0 & 2.3.0 CMS - SQL Injection Vulnerability

Pimcore CMS Build 3450 - Directory Traversal

PinApp Mail-SeCure 3.70 - Access Control Failure

PineApp MailSecure - Remote Command Execution

Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure

Pirelli Discus DRG A125g - Local Password Disclosure Vulnerability

Pirelli Discus DRG A125g - Password Disclosure Vulnerability.

Pirelli Discus DRG A125g - Remote Change SSID Value Vulnerability

Pirelli Discus DRG A125g - Remote Change WiFi Password Vulnerability

PivotX 2.3.11 - Directory Traversal

Piwigo 2.3.3 Multiple Vulnerabilities

Piwigo 2.4.6 (install.php) Remote Arbitrary File Read/Delete Vulnerability

Piwigo 2.6.1 - CSRF Vulnerability

Pixelpost 1.7.3 Multiple Persistent Cross-Site Scripting Vulnerabilities

Pixelpost 1.7.3 Multiple POST Variables SQL Injection Vulnerability

PIXORD Vehicle 3G Wi-Fi Router 3GR-431P - Multiple Vulnerabilities

PizzaInn_Project - SQL Injection

PLANET Technology IP Surveillance Cameras - Multiple Vulnerabilities

PLANET VDR-300NU ADSL Router - Unauthenticated DNS Change

PlaySMS <= 0.9.9.2 - CSRF

PLC Wireless Router GPN2.4P21-C-CN - Arbitrary File Disclosure

Plesk 10.4.4/11.0.9 - SSO XXE/XSS Injection Exploit

Plesk Apache Zeroday Remote Exploit

Plex Media Server 0.9.9.2.374-aa23a69 - Multiple Vulnerabilities

Pligg CMS 2.0.0rc2 - CSRF File Creation Vulnerability

Pligg CMS 2.0.2 - (load_data_for_search.php) SQL Injection

Pligg CMS 2.0.2 - CSRF Add Admin Exploit

Pligg CMS 2.0.2 - CSRF Code Execution

Pligg CMS 2.0.2 - Directory Traversal

Pligg CMS 2.0.2 - Multiple SQL Injection Vulnerabilities

Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential

Plogger 1.0 (RC1) - Multiple Vulnerabilities

Plogger 1.0-RC1 - Authenticated Arbitrary File Upload

Pluck CMS 4.7.3 - Cross-Site Request Forgery (Add Page)

PlumeCMS <= 1.2.4 CSRF Vulnerability

PlumeCMS <= 1.2.4 Multiple Persistent XSS

PMB <= 4.1.3 - Post-Auth SQL Injection Vulnerability

PMB Services <= 3.4.3 SQL Injection Vunerability

Podcast Generator 1.3 Multiple Vulnerabilities

PodHawk 1.85 - Arbitary File Upload Vulnerability

Poison Ivy 2.3.2 C&C Server Buffer Overflow

Polycom HDX Telnet Authorization Bypass

Polycom SoundPoint IP Devices Denial Of Service

Polycom VVX-Series Business Media Phones - Path Traversal Vulnerability

PonyOS <= 3.0 - ELF Loader Privilege Escalation

PonyOS <= 3.0 - tty ioctl() Local Kernel Exploit

PonyOS <= 3.0 - VFS Permissions Exploit

POP Peeper 4.0.1 - SEH Over-Write

Portable UPnP SDK unique_service_name() Remote Code Execution

Position independent & Alphanumeric 64-bit execve("/bin/sh\0",NULL,NULL); (87 bytes)

Postfix SMTP - Shellshock Exploit

PostgreSQL <= 8.4.1 JOIN Hashtable Size Integer Overflow Denial Of Service Vulnerability

PostgreSQL for Microsoft Windows Payload Execution

PotPlayer 1.5.39036 (.wav) - Crash PoC

PotPlayer 1.6.5x - .mp3 Crash PoC

PQI Air Pen Express 6W51-0000R2 and 6W51-0000R2XXX - Multiple Vulnerabilities

Practico 13.9 - Multiple Vulnerabilities

PRADO PHP Framework 3.2.0 Arbitrary File Read Vulnerability

Pragyan CMS v3.0 Multiple Vulnerabilities

Pre Printing Press product_desc.php (pid) SQL Injection Vulnerability

PrestaShop <= 1.5.1 Persistent XSS

Presto! PageManager <= 9.01 Multiple Vulnerabilities

Privacy Pro v1.2 HZ iOS - Local File Inclusion

Privacyware Privatefirewall 7.0 - Unquoted Service Path Privilege Escalation

Private Camera Pro 5.0 iOS - Multiple Vulnerabilities

PrivateTunnel Client 2.7.0 (x64) - Local Credentials Disclosure

ProcessMaker Open Source Authenticated PHP Code Execution

Pro-face Pro-Server EX WinGP PC Runtime Multiple Vulnerabilities

ProFTPD 1.3.5 Mod_Copy Command Execution

ProFTPD mod_sftp Integer Overflow DoS PoC

Progea Movicon 11 TCPUploadServer Remote Exploit

Progea Movicon TCPUploadServer Remote Exploit

Progress OpenEdge 11.2 - Directory Traversal

Project Pier Arbitrary File Upload Vulnerability

Project'Or RIA 3.4.0 (objectDetail.php, objectId param) - SQL Injection

ProjectSend Arbitrary File Upload

ProjectSend r561 - SQL Injection Vulnerability

ProjectSend r582 - Multiple Vulnerabilities

PROLiNK H5004NK ADSL Wireless Modem - Multiple Vulnerabilities

Prolink PRN2001 - Multiple Vulnerabilities

Proman Xpress v5.0.1 Multiple Vulnerabilities

Promise WebPAM v2.2.0.13 Multiple Remote Vulnerabilities

ProQuiz 2.0.0b Arbitrary Upload Vulnerability

ProQuiz v2.0.2 CSRF Vulnerability

ProQuiz v2.0.2 Multiple Vulnerabilities

Provj 5.1.5.8 - 'm3u' Buffer Overflow (PoC)

Proxmox VE 3/4 Insecure Hostname Checking Remote Root Exploit

PsychoStats 3.2.2b (awards.php, id param) - Blind SQL Injection

PTCeffect 4.6 - LFI & SQL Injection Vulnerabilities

Publish-It 3.6d - Buffer Overflow Vulnerability

Pure-FTPd External Authentication Bash Environment Variable Code Injection

Pure-FTPd v1.0.21 (centos 6.2, ubuntu 8.04) Crash PoC (Null Pointer Dereference)

Putty 0.64 - Denial of Service Vulnerability

PyroCMS 2.1.1 Multiple Vulnerabilities

Python - Interpreter Heap Memory Corruption (PoC)

Python 2.7 array.fromstring Method - Use After Free

Python 2.7 hotshot Module - pack_string Heap Buffer Overflow

Python 2.7 strop.replace() Method - Integer Overflow

Python 3.3 - 3.5 product_setstate() Function - Out-of-bounds Read

Python CGIHTTPServer Encoded Path Traversal

Python socket.recvfrom_into() - Remote Buffer Overflow

Python Untrusted Search Path/Code Execution Vulnerability

Qcodo Development Framework 0.3.3 Full Info Disclosure

qdPM v.7 Arbitrary File upload

qdPM v7 Arbitrary PHP File Upload Vulnerability

QEMU Programmable Interrupt Timer Controller Heap Overflow

Qlikview <= 11.20 SR11 - Blind XXE Injection Vulnerability

QNAP NAS Devices - Heap Overflow

QNap QVR Client 5.1.0.11290 - Crash PoC

QNAP Turbo NAS TS-1279U-RP Multiple Path Injection

QNX 6.4.x/6.5.x ifwatchd - Local root Exploit

QNX 6.4.x/6.5.x pppoectl - Information Disclosure

QNX 6.5.0 x86 io-graphics - Local root Exploit

QNX 6.5.0 x86 phfont - Local root Exploit

QNX phrelay/phindows/phditto Multiple Vulnerabilities

QQ INTERNATIONAL v Bêta 3 DLL Hijacking Exploit (mfc80fra.dll)

QQPlayer 3.7.892 m2p quartz.dll Heap Pointer Overwrite PoC

QSEE - PRDiag* Commands Privilege Escalation Exploit

Qualcomm Adreno GPU MSM Driver perfcounter Query Heap Overflow

Qualitynet CMS Remote Change Admin Password Exploit

Quest InTrust 10.4.x Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution

Quest InTrust 10.4.x ReportTree and SimpleTree Classes

Quest InTrust Annotation Objects Uninitialized Pointer

Quest Toad for Oracle Explain Plan Display ActiveX Control (QExplain2.dll 6.6.1.1115) Remote File Creation / Overwrite poc

Quest vWorkspace 7.5 Connection Broker Client ActiveX Control (pnllmcli.dll 7.5.304.547) SaveMiniLaunchFile() Method Remote File Creation / Overwrite poc

Quick 'n Easy FTP Server 3.2 Denial of Service

Quick Paypal Payments 3.0 - Presistant XSS (0day)

Quick Polls Local File Inclusion and Deletion Vulnerabilities

Quick TFTP Server 2.2 - Denial of Service

Quick Tftp Server Pro 2.3 - Read Mode Denial of Service

QuickHeal 16.00 - webssx.sys Driver DoS Vulnerability

QuickShare File Share 1.2.1 Directory Traversal Vulnerability

Quicktech SQL Injection Vulnerability

RadioCMS 2.2 (menager.php, playlist_id param) - SQL Injection Vulnerability

Rae Media Real Estate Multi Agent SQL Injection Vulnerability

Rae Media Real Estate Single Agent SQL Injection Vulnerability

Raidsonic IB-NAS5220 and IB-NAS4220-B - Multiple Vulnerabilities

Raidsonic NAS Devices Unauthenticated Remote Command Execution

Railo Remote File Include

Raja Natarajan Guestbook 1.0 Local File Inclusion Vulnerability

RaksoCT Multiple SQL Injection Vulnerabilities

Ramui Forum Script 9.0 - SQL Injection Exploit

Ramui Web Hosting Directory Script 4.0 - Remote File Inclusion

Rapid PHP Editor 14.1 - Remote Command Execution

Rapid7 AppSpider 6.12 - Local Privilege Escalation

Rar CmdExtract::UnstoreFile Integer Truncation Memory Corruption

Raritan PowerIQ 4.1.0 - SQL Injection Vulnerability

RASPcalendar 1.01 - [ASP] Admin Login Vlunerabilities

RBS Change Complet Open Source 3.6.8 - CSRF Vulnerability

Readmore Systems Script SQL Injection Vulnerability

Real-DRAW PRO 5.2.4 Import File Crash

RealNetworks RealPlayer CDDA URI Initialization Vulnerability

RealPlayer <= 14.0.1.633 Heap Overflow Vulnerability

RealPlayer 15.0.6.14 .3gp Crash PoC

RealPlayer 18.1.5.705 - '.QCP' Crash (PoC)

Realtek High Definition Audio Driver 6.0.1.6730 - Unquoted Service Path Privilege...

Realtyna RPL Joomla Extension 8.9.2 - Multiple SQL Injection Vulnerabilities

Realtyna RPL Joomla Extension 8.9.2 - Persistent XSS And CSRF Vulnerabilities

Rebus:list (list.php, list_id param) - SQL Injection Vulnerability

ReciPHP 1.1 SQL Injection Vulnerability

RecordPress 0.3.1 Multiple Vulnerabilities

Red Hat JBoss EAP - Deserialization of Untrusted Data

Red Hat Linux stickiness of /tmp

Redaxo 5.2.0 - Cross-Site Request Forgery

Redaxo CMS 5.0.0 - Multiple Vulnerabilities

Redaxscript 0.3.2 Multiple Vulnerabilities

RedStar 3.0 Server - 'BEAM & RSSMON' Command Execution (Shellshock)

refbase <= 0.9.6 - Multiple Vulnerabilities

Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution

Rejetto HttpFileServer Remote Command Execution

Relevanssi 2.7.2 Wordpress Plugin Stored XSS Vulnerability

Remote Utilities Host 6.3 - Denial of Service

ReOS 2.0.5 Multiple Vulnerabilities

Reserve Logic v1.2 Booking CMS Multiple Vulnerabilities

Resin Application Server 4.0.36 Source Code Disclosure Vulnerability

ResourceSpace 6.4.5976 - XSS / SQL Injection / Insecure Cookie Handling

Return Oriented Programming (ROP FTW)

RHEL 7.0/7.1 - abrt/sosreport Local Root

RHEL 7.1 Kernel - iowarrior driver Crash PoC

RHEL 7.1 Kernel - snd-usb-audio Crash PoC

Ricoh DC DL-10 SR10 FTP USER Command Buffer Overflow"

Rips Scanner 0.5 - (code.php) Local File Inclusion

Risky Schneider Electric SCADA Vulnerabilities Remain Unpatched

Rocket Servergraph Admin Center fileRequestor Remote Code Execution

Rough Auditing Tool for Security (RATS) 2.3 - Array Out of Block Crash

Rough Auditing Tool for Security (RATS) 2.3 - Crash PoC

Roundcube 1.1.3 - Path Traversal Vulnerability

Roundcube 1.2.2 - Remote Code Execution

Roundcube Webmail Version 0.8.0 Stored XSS

Router ONO Hitron CDE-30364 - CSRF Vulnerability

rpcbind (CALLIT Procedure) UDP Crash PoC

RPCScan 2.03 - Hostname/IP Field Crash PoC

RPCScan 2.03 - Hostname/IP Field SEH Overwrite PoC

RSA Enterprise Compromise Assessment Tool 4.1.0.1 - XML External Entity Injection

R-Scripts Vacation Rental Script 7R - Multiple Vulnerabilities

RTTucson Quotations Database - Multiple Vulnerabilities

Ruby on Rails - Dynamic Render File Upload Remote Code Execution

Ruby on Rails Development Web Console (v2) Code Execution

Ruby on Rails JSON Processor YAML Deserialization Code Execution

Ruby on Rails Known Secret Session Cookie Remote Code Execution

Ruby on Rails XML Processor YAML Deserialization Code Execution

Ruckus Wireless Zoneflex 2942 Wireless Access Point - Authentication Bypass

RuggedCom Devices Backdoor Access

Rumba FTP Client 4.x - Stack buffer overflow (SEH)

RunCMS 2.2.2 Multiple Vulnerabilities

RuubikCMS < v1.0.3 Shell Upload Vulnerability

RuubikCMS 1.1.1 (tinybrowser.php, folder param) - Path Traversal Vulnerability

RuubikCMS Version 1.0.3 Multiple Vulnerabilities

S9Y Serendipity 2.0.4 - Cross-Site Scripting

Safari 8.0 / OS X 10.10 - Crash PoC

Safari User-Assisted Applescript Exec Attack

SafeNet Sentinel Keys Server Crash PoC

SafeNet Sentinel Protection Server 7.0 - 7.4 and Sentinel Keys Server 1.0.3 - 1.0.4 Directory Traversal

Sagem Fast 3304-V1 - Denial Of Service Vulnerability

Sagem Fast 3304-V2 - Authentification Bypass

Sagem FAST3304-V2 - Authentication Bypass

Sagemcom F@st 3184 2.1.11 - Multiple Vulnerabilities

Sagemcom F@ST 3864 V2 - Get Admin Password

Sakai 10.7 - Multiple Vulnerabilities

Sam Spade 1.14 - (Crawl website) Buffer OverFlow

Sam Spade 1.14 - (Scan Addresses) Buffer Overflow Exploit

Sam Spade 1.14 - Browse URL Buffer Overflow PoC

Sam Spade 1.14 - Decode URL Buffer Overflow Crash PoC

Sam Spade 1.14 - Scan From IP Address Field SEH Overflow Crash PoC

Sam Spade 1.14 - S-Lang Command Field SEH Overflow

Saman Portal Local File Inclusion Vulnerability

Samba nttrans Reply - Integer Overflow Vulnerability

Samsung AllShare 2.1.1.0 NULL Pointer Deference

Samsung D6000 TV Multiple Vulnerabilities

Samsung Devices KNOX Extensions - OTP TrustZone Trustlet Stack Buffer Overflow

Samsung DVR Firmware 1.10 - Authentication Bypass

Samsung fimg2d FIMG2D_BITBLT_BLIT ioctl Concurrency Flaw

Samsung Galaxy KNOX Android Browser RCE

Samsung Galaxy S6 - android.media.process Face Recognition Memory Corruption

Samsung Galaxy S6 - libQjpeg DoIntegralUpsample Crash

Samsung Galaxy S6 - Samsung Gallery Bitmap Decoding Crash

Samsung Galaxy S6 Samsung Gallery - Bitmap Decoding Crash

Samsung Galaxy S6 Samsung Gallery - GIF Parsing Crash

Samsung Kies 2.3.2.12054_20 Multiple Vulnerabilities

Samsung libQjpeg Image Decoding Memory Corruption

Samsung m2m1shot Kernel Driver Buffer Overflow

SAMSUNG NET-i Viewer 1.37 SEH Overwrite

Samsung NET-i viewer Multiple ActiveX BackupToAvi() Remote Overflow

Samsung NET-i ware <= 1.37 Multiple Vulnerabilities

Samsung PS50C7700 TV - Denial of Service

Samsung SecEmailComposer QUICK_REPLY_BACKGROUND Permissions Weakness

Samsung SecEmailUI Script Injection

Samsung seiren Kernel Driver Buffer Overflow

Samsung Smart Home Camera SNH-P-6410 - Command Injection

Samsung SyncThruWeb 2.01.00.26 - SMB Hash Disclosure

SAP Adaptive Server Enterprise 16 - Denial of Service

SAP ConfigServlet Remote Unauthenticated Payload Execution

SAP HANA 1.00.095 - hdbindexserver Memory Corruption

SAP Netweaver < 7.01 - XML External Entity Injection

SAP NetWeaver AS JAVA - 'BC-BMT-BPM-DSK' XML External Entity Injection

SAP NetWeaver AS JAVA 7.1 - 7.5 - Information Disclosure

SAP NetWeaver AS JAVA 7.1 - 7.5 - SQL Injection

SAP NetWeaver Dispatcher DiagTraceR3Info Buffer Overflow

SAP Netweaver Dispatcher Multiple Vulnerabilities

SAP Netweaver Enqueue Server - Denial of Service

SAP NetWeaver KERNEL 7.0 < 7.5 - Denial of Service

SAP Router - Timing Attack Password Disclosure

SAP SAPCAR - Multiple Vulnerabilities

SAP SOAP RFC SXPG_CALL_SYSTEM Remote Command Execution

SAP SOAP RFC SXPG_COMMAND_EXECUTE Remote Command Execution

SAP Sybase Adaptive Server Enterprise XML External Entity Information Disclosure Vulnerability

SAP xMII 15.0 - Directory Traversal

SapLPD 7.40 - Denial of Service

SAS Integration Technologies Client 9.31_M1 (SASspk.dll) - Stack-Based Overflow

Saurus CMS 4.7.1 - Multiple Vulnerabilities

Savant Web Server 3.1 Buffer Overflow Exploit (Egghunter)

ScriptCase 8.1.053 - Multiple Vulnerabilities

Scripts Genie Hot Scripts Clone (showcategory.php, cid param) - SQL Injection Vulnerability

Scripts Genie Pet Rate Pro - Multiple Vulnerabilities

SDP Downloader 2.3.0 (http_response) Remote Buffer Overflow Exploit

Seafile-server <= 3.1.5 - Remote DoS

Seagate Business NAS Unauthenticated Remote Command Execution

Seagate Central 2014.0410.0026-F Remote Root Exploit

Secret Net 7 and Secret Net Studio 8 - Local Privilege Escalation

Sefrengo CMS 1.6.0 - SQL Injection

Sendy 1.1.8.4 - SQL Injection Vulnerability

SEO Control Panel 3.6.0 - Authenticated SQL Injection

Seo Panel 2.2.0 SQL Injection Vulnerabilities

Seowonintech Devices - Remote root Exploit

Seowonintech Routers <= fw: 2.3.9 Remote Root File Disclosure

SePortal SQLi Remote Code Execution

SerComm Device Remote Code Execution

Sercomm TCP/32674 Backdoor Reactivation

Serendipity 1.7.5 (Backend) - Multiple Vulnerabilities

Serva 3.0.0 HTTP Server - Denial of Service

Serva 32 TFTP 2.1.0 - Buffer Overflow Denial of service

Serva v2.0.0 DNS Server QueryName Remote Denial of Service Vulnerability

Serva v2.0.0 HTTP Server GET Remote Denial of Service Vulnerability

ServersCheck Monitoring Software v9.0.12 / 9.0.14 - Stored XSS

SevOne NMS <= 5.3.6.0 - Remote Root Exploit

sflog! <= 1.00 Multiple Vulnerabilities

Sflog! CMS 1.0 Arbitrary File Upload Vulnerability

Shadow Stream Recorder 3.0.1.7 Buffer Overflow

ShadowBrokers Dump Came from Internal Code Repository, Insider

Share KM 1.0.19 - Remote Denial Of Service

Share v1.0 for iPhone / iPod touch, Directory Traversal

Sharetronix 3.3 - Multiple Vulnerabilities

SHARP MX Series - Denial of Service

sheed AntiVirus - Unquoted Service Path Privilege Escalation

Shellcode Linux x86 - chmod (777 /etc/passwd & /etc/shadow), Add New Root User (ALI/ALI) & Execute /bin/sh

Shopizer 1.1.5 - Multiple Vulnerabilities

Shopware 3.5 SQL Injection

SHOUTcast DNAS 2.2.1 - Stored XSS

Shuttle Tech ADSL Wireless 920 WM - Multiple Vulnerabilities

Schneider Electric Accutech Manager Heap Overflow PoC

Schneider Electric SBO / AS - Multiple Vulnerabilities

SideBooks v1.0 for iPhone / iPod touch, Directory Traversal

Sielco Sistemi Winlog 2.07.16 Multiple Vulnerabilities

Sielco Sistemi Winlog Buffer Overflow 2.07.14

SIEMENS IP Camera CCMW1025 x.2.2.1798 - Remote Admin Credentials Change

SIEMENS IP Cameras (Multiple Models) - Credential Disclosure / Configuration Download

SIEMENS IP-Camera CVMS2025-IR, CCMS2025 - Credentials Disclosure

Siemens Simatic S7 1200 CPU Command Module (MSF)

Siemens Simatic S7-1200 CPU START/STOP Module

Siemens Simatic S7-300 PLC Remote Memory Viewer

Siemens Simatic S7-300/400 CPU START/STOP Module

SIEMENS Sipass Integrated 2.6 Ethernet Bus Arbitrary Pointer Dereference

SIEMENS Solid Edge ST4 SEListCtrlX ActiveX - SetItemReadOnly Arbitrary Memory Rewrite RCE

SIEMENS Solid Edge ST4 SEListCtrlX ActiveX Remote Code Execution

SIEMENS Solid Edge ST4 WebPartHelper ActiveX - RFMSsvs!JShellExecuteEx RCE

Siemens Tecnomatix FactoryLink 8.0.1.1473 Multiple Vulnerabilities

Silver Peak VXOA < 6.2.11 - Multiple Vulnerabilities

SIMOGEO FileManager 2.3.0 - Multiple Vulnerabilities

Simple Ads Manager 2.9.4.116 - SQL Injection

Simple Blog PHP 2.0 - Multiple Vulnerabilities

Simple Blog PHP 2.0 - SQL Injection

Simple e-document 1.31 - Login bypass

Simple E-Document Arbitrary File Upload

Simple Forum PHP 2.4 - Cross-Site Request Forgery (Edit Options)

Simple Forum PHP 2.4 - SQL Injection

Simple PHP Agenda <= 2.2.8 CSRF (Add Admin - Add Event)

Simple PHP Agenda 2.2.8 (edit_event.php, eventid param) - SQL Injection

Simple PHP Blog 0.8.4 - Cross-Site Request Forgery (Add Admin)

Simple PHP Polling System - Multiple Vulnerabilities

Simple Posting System Multiple Vulnerabilities

Simple Web Server 2.2 rc2 Remote Buffer Overflow Exploit

Simple Web Server 2.2-rc2 ASLR Bypass Exploit

Simple Web Server Connection Header Buffer Overflow

SimpleRisk 20130915-01 - Multiple Vulnerabilities

SimpleTransfer 2.2.1 - Command Injection Vulnerabilities

SimplyShare 1.4 iOS - Multiple Vulnerabilities

SiS Windows VGA Display Manager 6.14.10.3930 - Write-What-Where PoC

Sisfokol 4.0 Arbitrary File Upload

Sitecom Home Storage Center Auth Bypass Vulnerability

Sitecom Home Storage Center Directory Traversal

Sitecom MD-25x Multiple Vulnerabilities Reverse Root Shell Exploit

Sitecom N300/N600 Devices - Multiple Vulnerabilities

Sitecom WLM-2501 CSRF Vulnerabilities

SiteXCMS 080 build 522 Multiple Vulnerabilities

Sixnet Sixview 2.4.1 - Web Console Directory Traversal

SkaDate Lite 2.0 - Multiple CSRF And Persistent XSS Vulnerabilities

SkaDate Lite 2.0 - Remote Code Execution Exploit

Sky Broadband Router SR101 - Weak WPA-PSK Generation Algorithm

SkyBlueCanvas CMS Remote Code Execution

Skybox Platform <=7.0.611 - Multiple Vulnerabilities

Slider Revolution/Showbiz Pro Shell Upload Exploit

Slimpdf Reader 1.0 Memory Corruption

Smadav Anti Virus 9.1 Crash PoC

SmallFTPd 1.0.3 - 'mkd' Command Denial of Service

Smart Guard Network Manager 6.3.2 - SQL Injection

SmartCMS (index.php, idx parameter) SQL Injection Vulnerability

SmarterMail 7.3 and 7.4 Multiple Vulnerabilities

SmarterMail Enterprise and Standard <=11.x - Stored XSS

SmarterMail Free 9.2 Stored XSS

SmarterStats 6.0 Multiple Vulnerabilities

Smartfren Connex EC 1261-2 UI OUC Local Privilege Escalation Vulnerability

SMF (Simple Machine Forum) <= 2.0.10 - Remote Memory Exfiltration Exploit

SN News (visualiza.php) <= 1.2 SQL Injection

SnackAmp 3.1.3 Malicious aiff File Denial of service

SnapProof (cart.php) Cross Site Scripting

SnapProof (page.php) SQL Injection Vulnerability

sNews 1.7.1 - Arbitrary File Upload

sNews 1.7.1 - Cross-Site Request Forgery

Snort 2 DCE/RPC preprocessor Buffer Overflow

Snowfox CMS 1.0 - CSRF Add Admin Exploit

SNScan 1.05 - Scan Hostname/IP Field Buffer Overflow Crash PoC

soapbox <= 0.3.1 Local Root Exploit

SoapUI 4.6.3 - Remote Code Execution

Social Engine v4.2.5 Multiple Vulnerabilities

Social Microblogging PRO 1.5 Stored XSS Vulnerability

SocialEngine 4.2.2 Multiple Vulnerabilities

SocialEngine 4.8.9 - SQL Injection

SoftSphere DefenseWall FW/IPS 3.24 - Privilege Escalation

Software DEP Classified Script 2.5 SQL Injection Vulnerability

Soitec SmartEnergy 1.4 - SCADA Login SQL Injection Authentication Bypass Exploit

Solar FTP 2.1 Denial of Service Exploit

SolarWinds Kiwi CatTools 3.11.0 - Unquoted Service Path Privilege Escalation

SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation

Solarwinds Log and Event Manager/Trigeo SIM 6.1.0 - Remote Command Execution

Solarwinds Orion Service - SQL Injection Vulnerabilities

SolarWinds Server and Application Monitor ActiveX (Pepco32c) Buffer Overflow

Solarwinds Storage Manager 5.1.0 Remote SYSTEM SQL Injection Exploit

SolarWinds Storage Manager Authentication Bypass

SOLIDserver <=5.0.4 - Local File Inclusion Vulnerability

SolidWorks Workgroup PDM 2014 pdmwService.exe Arbitrary File Write

SolidWorks Workgroup PDM 2014 SP2 Opcode 2001 - Denial of Service

SonicWALL CDP 5040 v6.x Multiple Vulnerabilities

SonicWALL EMail Security 7.3.5 Multiple Vulnerabilities

SonicWALL GMS 6 Arbitrary File Upload

Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability (0Day)

SonicWALL GMS/VIEWPOINT 6.x Analyzer 7.x Remote Root/SYSTEM Exploit

SonicWALL GMS/Viewpoint/Analyzer Authentication Bypass

Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities

Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability

Sony Bravia Remote Denial of Service

Sony Playstation 3 (PS3) 4.31 - Save Game Preview SFO File Handling Local Command Execution

Sony VAIO Wireless Manager 4.0.0.0 Buffer Overflows

Sophos Products - Multiple Vulnerabilities

Sophos Web Protection Appliance - Multiple Vulnerabilities

Sophos Web Protection Appliance clear_keys.pl Local Privilege Escalation

Sophos Web Protection Appliance Interface Authenticated Arbitrary Command Execution

Sophos Web Protection Appliance sblistpack Arbitrary Command Execution

SourceBans 1.4.7 XSS Vulnerability

SpagoBI 4.0 - Arbitrary XSS File Upload

SpagoBI 4.0 - Persistent HTML Script Insertion

SpagoBI 4.0 - Persistent XSS Vulnerability

SpagoBI 4.0 - Privilege Escalation Vulnerability

SpamTitan Application v5.08x - SQL Injection Vulnerability

SphereFTP Server 2.0 - Crash PoC

Sphider Search Engine - Multiple Vulnerabilities

SpiceWorks 5.3.75941 Stored XSS and Post-Auth SQL Injection

Spiceworks 6.0.00993 Multiple Script Injection Vulnerabilities

SPIP connect Parameter PHP Injection

Spitfire CMS 1.1.4 - CSRF Vulnerability

Splash Pro Hd Player (.avi) Denial of Service

Splunk <= 4.3.3 Arbitrary File Read

Splunk 6.1.1 - 'Referer' Header Cross-Site Scripting

Splunk Enterprise 6.4.3 - Server-Side Request Forgery

SpoonFTP 1.2 RETR Denial of Service Vulnerability

Spy Emergency 23.0.205 - Unquoted Service Path Privilege Escalation

SQL Injection Vulnerability in WMS-CMS

SQLI Online Shop LeKommerce

Squash YAML Code Execution

Squid 3.3.5 - DoS PoC

Squirrelcart Cart Shop v3.3.4 Multiple Web Vulnerabilities

SSH.com Communications SSH Tectia Authentication Bypass Remote Zeroday Exploit

Stack Smashing On A Modern Linux System

Stark CRM 1.0 - Multiple Vulnerabilities

Status2k Server Monitoring Software - Multiple Vulnerabilities

Steam Browser Protocol Insecurity

STIMS Buffer - Buffer Overflow SEH - DoS

STIMS Cutter - Buffer Overflow DoS

Stoneware WebNetwork6 Multiple Vulnerabilities

STRATO Newsletter Manager Directory Traversal

Street Fighter 5 - 'Capcom.sys' Kernel Execution (Metasploit)

Stunnel CVE-2014-0016 PRNG Initialization Weakness

STUNSHELL Web Shell Remote Code Execution

STUNSHELL Web Shell Remote PHP Code Execution

Subrion 3.X.X - Multiple Vulnerabilities

Subrion CMS 2.2.1 Multiple Vulnerabilities

Subrion CMS 4.0.5 - SQL Injection

Subversion 1.6.6 / 1.6.12 - Code Execution

sudo v1.8.0-1.8.3p1 (sudo_debug) - Root Exploit + glibc FORTIFY_SOURCE Bypass

SugarCRM 6.5.23 - REST PHP Object Injection Exploit (Metasploit)

SugarCRM CE <= 6.3.1 "unserialize()" PHP Code Execution

SumatraPDF v2.0.1 .chm and .mobi Memory Corruption

Sun Java Applet2ClassLoader Remote Code Execution Exploit

Sun Java Runtime Environment 1.6 - Web Start JNLP File Stack Buffer Overflow Vulnerability

Sun Java Web Start Plugin Command Line Argument Injection (2012)

Sundown Exploit Kit ‘Larger Threat Than People Realize’

SunellSecurity NVR / Camera - Denial Of Service

Supermicro Onboard IPMI close_window.cgi Buffer Overflow

Supernews <= 2.6.1 (noticias.php cat) SQL Injection

Supernews <= 2.6.1 SQL Injection Exploit

SuperScan 4.1 - Scan Hostname/IP Field Buffer Overflow

SuperScan 4.1 - Tools Hostname/IP/URL Field Buffer Overflow

SuperScan 4.1 - Windows Enumeration Hostname/IP/URL Field SEH Overflow

Supr Shopsystem 5.1.0 - Persistent UI Vulnerability

SurgeMail 6.0a4 Stored XSS

SV: Milw0rm Clone Script v1.0 - (time based) SQLi

SweetRice 1.5.1 - Cross-Site Request Forgery

SWFUpload v2.5.0 Beta 3 File Arbitrary Upload

SwiftMailer < 5.4.5-DEV - Remote Code Execution

Swoopo Gold Shop CMS v8.4.56 - Multiple Web Vulnerabilities

Sybase EAServer 6.3.1 - Multiple Vulnerabilities

Symantec Altiris DS SQL Injection

Symantec Brightmail 10.6.0-7- LDAP Credentials Disclosure

Symantec End Point Protection 11.x & Symantec Network Access Control 11.x LCE POC

Symantec Endpoint Protection 11.x, 12.x - Kernel Pool Overflow

Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities

Symantec Endpoint Protection Manager 12.1.x - SEH Overflow POC

Symantec Endpoint Protection Manager Authentication Bypass and Code Execution

Symantec Endpoint Protection Manager Remote Command Execution

Symantec Endpoint Protection Manager Remote Command Execution Exploit

Symantec Endpoint Protection Manager Remote Command Execution

Symantec LiveUpdate Administrator Management GUI HTML Injection

Symantec Messaging Gateway 10.6.1 - Directory Traversal

Symantec pcAnywhere Insecure File Permissions Local Privilege Escalation

Symantec Web Gateway <= 5.0.3.18 Arbitrary Password Change

Symantec Web Gateway <= 5.0.3.18 Arbitrary Password Change (MSF)

Symantec Web Gateway 5 restore.php Post Authentication Command Injection

Symantec Web Gateway 5.0.2 (blocked.php id parameter) Blind SQL Injection

Symantec Web Gateway 5.0.2 Remote LFI Root Exploit

Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection

Symantec Web Gateway 5.0.2.8 Arbitrary PHP File Upload Vulnerability

Symantec Web Gateway 5.0.2.8 Command Execution Vulnerability

Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection

Symantec Web Gateway 5.0.3.18 (deptUploads_data.php groupid parameter) Blind SQLi

Symantec Web Gateway 5.0.3.18 Blind SQLi Backdoor via MySQL Triggers

Symantec Web Gateway 5.0.3.18 LFI Remote ROOT RCE Exploit

Symantec Web Gateway Cross Site Scripting

Symantec Workspace Streaming Arbitrary File Upload

Symantec Workspace Virtualization 6.4.1895.0 Local Kernel Mode Privilege Escalation

Symantec/Norton Antivirus - ASPack Remote Heap/Pool Memory Corruption Vulnerability

Symfony2 Local File Disclosure - Security Advisory - SOS-12-002

Symphony CMS 2.3 Multiple Vulnerabilities

Symphony CMS 2.6.3 – Multiple SQL Injection Vulnerabilities

Synactis PDF In-The-Box ConnectToSynactic Stack Buffer Overflow

Sync Breeze Enterprise 9.1.16 - Buffer Overflow

SynConnect PMS (index.php, loginid param) - SQL Injection Vulnerability

Synology DiskStation Manager (DSM) 4.3-3776 - Multiple Vulnerabilities

SysAid Help Desk 'rdslogs' Arbitrary File Upload

Sysax <= 5.60 Create SSL Certificate Buffer Overflow

Sysax 5.53 SSH Username Buffer Overflow (msf)

Sysax FTP Automation Server 5.33 Local Privilege Escalation

Sysax Multi Server 5.50 Create Folder Remote Code Exec BoF (MSF Module)

Sysax Multi Server 5.64 Create Folder Buffer Overflow

Sysax Multi Server 6.40 SSH Component Denial of Service

Sysax Multi Server 6.50 - HTTP File Share SEH Overflow RCE Exploit

Sysax Multi-Server 5.64 Create Folder Buffer Overflow

Syslog Server 1.2.3 - Crash PoC

Syslog Watcher Pro 2.8.0.812 - (Date Parameter) - Cross Site Scripting Vulnerability

Tableau Server - Blind SQL Injection Vulnerability

TACK 1.07 - Local Stack-Based Buffer Overflow

TagScanner v5.1 - Stack Buffer Overflow Vulnerability

Talkie Bluetooth Video iFiles 2.0 iOS - Multiple Vulnerabilities

TallSoft SNMP TFTP Server 1.0.0 - Denial of Service

TaskFreak! v0.6.4 Multiple Cross-Site Scripting Vulnerabilities

T-Content Managment System Multiple Vulnerabilities

TCP Reverse Shell with Password Prompt - 151 bytes

tcPbX - (tcpbx_lang) Local File Inclusion

tcpdump 4.6.2 Geonet Decoder Denial of Service

TcpDump rpki_rtr_pdu_print Out-of-Bounds Denial of Service

TCPing 2.1.0 - Buffer Overflow

T-dah Webmail Client 3.2.0-2.3 Stored XSS

T-dah Webmail CSRF & Stored XSS

T-dah Webmail Multiple Stored XSS

TeamPass 2.1.24 - Multiple Vulnerabilities

TeamSpeak Client 3.0.14 - Buffer Overflow Vulnerability

TeamViewer 11.0.65452 (64 bit) - Local Credentials Disclosure

TECO AP-PCLINK 1.094 - .tpc File Handling Buffer Overflow Vulnerability

TECO JN5 L510-DriveLink 1.482 - .lf5 SEH Overwrite Buffer Overflow Exploit

TECO SG2 FBD Client 3.51 - .gfb SEH Overwrite Buffer Overflow Vulnerability

TECO SG2 LAD Client 3.51 - .gen SEH Overwrite Buffer Overflow Exploit

TECO TP3-PCLINK 2.1 - .tpc File Handling Buffer Overflow Vulnerability

Technicolor DT5130 V2.05.C29GV - Multiple Vulnerabilities

Technicolor TC7200 - Credentials Disclosure

Technicolor TC7200 Modem/Router STD6.02.11 - Multiple Vulnerabilities

Telefonica O2 Connection Manager 3.4 - Local Privilege Escalation Vulnerability

Telefonica O2 Connection Manager 8.7 - Service Trusted Path Privilege Escalation

Telegram 3.2 - Input Length Handling Crash PoC

Template CMS 2.1.1 Multiple Vulnerabilities

Tenda A32 Router - CSRF Vulnerability

Tenda A5s Router 3.02.05_CN - Authentication Bypass Vulnerability

Tenda ADSL2/2+ Modem 963281TAN - Unauthenticated DNS Change

Tenda W309R Router 5.07.46 - Configuration Disclosure

Tenda/Dlink/Tplink TD-W8961ND - 'DHCP' Cross-Site Scripting

Tendoo CMS 1.3 - XSS Vulnerabilities

Teracom Modem T2-B-Gawv1.4U10Y-BI - CSRF Vulnerability

Teracom Modem T2-B-Gawv1.4U10Y-BI - Stored XSS Vulnerability

TeraCopy 2.3 (default.mo) Language File Integer Overflow Vulnerability

Terminal Server Client .rdp Denial of Service

TestLink 1.9.11 - Multiple SQL Injection Vulnerabilities

TestLink 1.9.14 - CSRF Vulnerability

TestLink 1.9.3 CSRF Vulnerability

TestLink v1.9.3 Arbitrary File Upload Vulnerability

Tetris Heap Spraying: Spraying the Heap on a Budget

Texas Instrument Emulator 3.03 - Local Buffer Overflow

Text Exchange Pro (index.php page) Local File Inclusion

TFM MMPlayer (m3u/ppl File) Buffer Overflow

Tftpd32 DNS Server 4.00 Denial Of Service

Th3 MMA mma.php Backdoor Arbitrary File Upload

TH692 Outdoor P2P HD Waterproof IP Camera - Hard Coded Credentials

Thatware 0.4.6 - SQL Injection

The Unarchiver 3.11.1 - '.tar.Z' Crash PoC

TheBlog <= 2.0 Multiple Vulnerabilities

Thomson CableHome Gateway (DWG849) Cable Modem Gateway - Information Exposure

Thomson TWG87OUIR - POST Password CSRF

Thomson Wireless VoIP Cable Modem Auth Bypass

Thomson Wireless VoIP Cable Modem TWG850-4B ST9C.05.08 - Authentication Bypass

Thru Managed File Transfer Portal 9.0.2 - SQL Injection

Tickets CAD 2.20G Multiple Vulnerabilities

TigerCom iFolder+ v1.2 iOS - Multiple Vulnerabilities

TigerCom My Assistant 1.1 iOS - Local File Inclusion

Tiki Wiki <= 8.3 unserialize() PHP Code Execution

Tiki Wiki CMS Groupware <= 8.3 "unserialize()" PHP Code Execution

Timeclock Software 0.995 - Multiple SQL Iinjection Vulnerabilities

Timesheet Next Gen 1.5.2 Multiple SQLi

Tincd Post-Authentication Remote TCP Stack Buffer Overflow

Tiny HTTP Server <=v1.1.9 Remote Crash PoC

Tiny Server <= 1.1.9 HTTP HEAD DoS

Tiny Tiny RSS - Blind SQL Injection

TinyWebGallery v 1.8.3 - Multiple Vulnerabilities

TIOD v1.3.3 for iPhone / iPod touch Directory Traversal

Titan FTP Server 10.32 Build 1816 - Directory Traversal Vulnerability

T-Mobile Internet Manager - Contact Name Crash PoC

Tom Sawyer Software GET Extension Factory Remote Code Execution

Tomabo MP4 Converter 3.10.12 - 3.11.12 (.m3u) Denial of service (Crush application)

Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow

Topics Viewer CSRF Add Admin

TopicsViewer 3.0 Beta 1 - Multiple Vulnerabilities

TOPSEC Firewalls - Remote Code Execution (ELIGIBLEBOMBSHELL)

TOPSEC Firewalls - Remote Code Execution (ELIGIBLECANDIDATE)

TOPSEC Firewalls - Remote Code Execution (ELIGIBLECONTESTANT)

TOPSEC Firewalls - Remote Exploit (ELIGIBLEBACHELOR)

TORQUE Resource Manager 2.5.x-2.5.13 - Stack Based Buffer Overflow Stub

TorrentTrader 2.08 Multiple Vulnerabilities

TOSHIBA e-Studio 232/233/282/283 - Change Admin Password CSRF Vulnerability

TOSHIBA IP-Camera IK-WP41A - Auth Bypass / Configuration Download

Toshiba Viewer v2 p3console - Local Denial of Service

Total Commander 8.52 - Buffer Overflow

Total Commander 8.52 - Buffer Overflow (Windows 10)

Total Commander 8.52 - SEH-Overwrite BOF

Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow

Totemomail 4.x and 5.x - Persistent XSS

TOTOLINK Routers - Backdoor and RCE Exploit PoC

TP Link Gateway v3.12.4 Multiple Vulnerabilities

TP-LINK Admin Panel Multiple CSRF Vulnerabilities

TP-Link ADSL2+ TD-W8950ND - Unauthenticated Remote DNS Change

TP-Link Archer CR-700 - Cross-Site Scripting

TP-Link IP Cameras Firmware 1.6.18P12 - Multiple Vulnerabilities

TP-LINK Model No. TL-WR340G / TL-WR340GD - Multiple Vulnerabilities

TP-LINK Model No. TL-WR841N / TL-WR841ND - Multiple Vulnerabilities

TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi - Hard-Coded Credentials

TP-LINK TDDP - Multiple Vulnerabilities

TP-LINK TD-W8151N - Denial of Service

TP-LINK TD-W8951ND - Denial of Service

TP-Link TD-W8951ND - Multiple Vulnerabilities

TP-Link TL-WA701N / TL-WA701ND - Multiple Vulnerabilities

TP-Link TL-WR740N - Denial Of Service

TP-Link TL-WR740N / TL-WR740ND - 150M Wireless Lite N Router HTTP DoS

TP-Link TL-WR740N v4 Router (FW-Ver. 3.16.6 Build 130529 Rel.47286n) - Command Execution

TP-LINK WDR4300 - Stored XSS & DoS 2014-09-21

TP-LINK WDR4300 HTML Injection and Denial of Service Vulnerabilities

TP-LINK WR842ND Remote Multiple SSID Directory Travesal Exploit

tplSoccerStats (player.php) SQL Injection Vulnerability

Transferable Remote v1.1 iPad iPhone - Multiple Vulnerabilities

Travel Portal Script 9.33 - SQL Injection

Travelon Express CMS v6.2.2 Multiple Vulnerabilities

Trend Micro Control Manager 5.5/6.0 AdHocQuery BlindSQL Injection (post-auth)

Trend Micro DirectPass 1.5.0.1060 - Multiple Software Vulnerabilities

Trendchip HG520 ADSL2+ Wireless Modem CSRF Vulnerability

TrendMicro - Multiple HTTP Problems with CoreServiceShell.exe

TrendMicro InterScan Web Security Virtual Appliance - Remote Code Execution...

TrendMicro node.js HTTP Server Listening on localhost Can Execute Commands

TRENDnet SecurView Internet Camera UltraMJCam OpenFileDlg Buffer Overflow

TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow

TRENDnet SecurView Wireless Network Camera TV-IP422WN (UltraCamX.ocx) Stack BoF

TRENDnet TE100-P1U Print Server Firmware 4.11 Authentication Bypass Vulnerability

Tribq CMS 5.2.7 - Adding/Editing New Administrator Account CSRF

Trigerring Java Code from a SVG Image

Tri-PLC Nano-10 r81 - Denial of Service

TRN Threaded USENET News Reader 3.6-23 - Local Stack-Based Overflow

Trojan.Encryptoraas

TrouSerS Denial Of Service Vulnerability

Truecrypt 7 / VeraCrypt 1.13 - Drive Letter Symbolic Link Creation Privilege Escalation

TUDU 0.82 - Local Stack-Based Buffer Overflow

Tuleap PHP Unserialize Code Execution

Tunnelblick Local Root Exploit

Turbo FTP Server 1.30.823 PORT Overflow

TVersity <= 1.9.7 Arbitrary File Download

TVT TD-2308SS-B DVR - Directory Traversal Vulnerability

Typo3 - Directory Traversal Vulnerability

Typo3 JobControl 2.14.0 - Cross Site Scripting / SQL Injection

TYPO3 ke DomPDF Extension - Remote Code Execution

Ubee EVW3226 Modem/Router 1.0.20 - Multiple Vulnerabilities

Uber to Quadruple Security Staff by 2016

UbiDisk File Manager v2.0 iOS - Multiple Web Vulnerabilities

Ubiquiti airCam RTSP Service 1.1.5 - Buffer Overflow

Ubiquiti Networks UniFi 3.2.10 - CSRF Vulnerability

Ubiquiti UbiFi / mFi / AirVision - CSRF Vulnerability

Ubisoft Rayman Legends 1.2.103716 - Remote Stack Buffer Overflow Vulnerability

Ubisoft uplay 2.0.3 Active X Control Arbitrary Code Execution

Ubuntu 12.04, 14.04, 14.10, 15.04 - overlayfs Local Root (Shadow File)

Ubuntu 12.04, 14.04, 14.10, 15.04 - overlayfs Local Root (Shell)

Ubuntu 12.04.0-2LTS x64 perf_swevent_init - Kernel Local Root Exploit

Ubuntu 12.10 64-Bit sock_diag_handlers Local Root Exploit

Ubuntu 14.04 LTS, 15.10 overlayfs - Local Root Exploit

Ubuntu 14.04 NetKit FTP Client - Crash/DoS PoC

Ubuntu Apport - Local Privilege Escalation

UCanCode - Multiple Vulnerabilities

UCCASS <= v1.8.1 Blind SQL Injection Vulnerability

UliCMS <= v9.8.1 - SQL Injection

Ultra Light Forum Persistant XSS Vulnerability

Ultra Mini HTTPD 1.21 - POST Request Stack Buffer Overflow

Ultra Mini HTTPD 1.21 - Stack Buffer Overflow

Ultra Mini HTTPD Stack Buffer Overflow

UltraVNC 1.0.2 Client (vncviewer.exe) Buffer Overflow

Umbraco CMS Remote Command Execution

UMI.CMS 2.9 - CSRF Vulnerability

UMPlayer Portable 0.95 Crash PoC

Understanding C Integer Boundaries (Overflows & Underflow)

UniPDF 1.1 - Crash PoC (SEH overwritten)

Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root RCE

Unreal Tournament Remote Buffer Overflow Exploit (SEH)

up.time 7.5.0 Arbitrary File Disclose And Delete Exploit

up.time 7.5.0 Superadmin Privilege Escalation Exploit

up.time 7.5.0 Upload And Execute File Exploit

up.time 7.5.0 XSS And CSRF Add Admin Exploit

Uptime Agent 5.0.1 - Stack Overflow Vulnerability

USB Sharp v1.3.4 iPad iPhone - Multiple Vulnerabilities

Useresponse <= 1.0.2 Privilege Escalation & RCE Exploit

Ushahidi 2.2 Multiple Vulnerabilites

uSQLite 1.0.0 - Denial Of Service

v0pCr3w Web Shell Remote Code Execution

Valhala Honeypot 1.8 - Stack-Based Buffer Overflow

VamCart v0.9 CMS - Multiple Vulnerabilities

VamCart v0.9 CSRF Vulnerability

Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities

Vanderbilt IP-Camera CCPW3025-IR, CVMW3025-IR - Credentials Disclosure

Vanderbilt IP-Camera CCPW3025-IR, CVMW3025-IR - Local File Disclosure

Vanilla FirstLastNames 1.3.2 Plugin Persistant XSS

Vanilla Forum Tagging PlugIn Enchanced 1.0.1 Stored XSS

Vanilla Forums 2.0 - 2.0.18.5 (class.utilitycontroller.php) - PHP Object Injection Vulnerability

Vanilla Forums 2.0.17.1 ~ 2.0.17.5 <= Cross Site Scripting Vulnerability

Vanilla Forums 2.0.18.4 Tagging Stored XSS

Vanilla Forums 2.0.18.8 - Multiple Vulnerabilities

Vanilla Forums About Me Plugin Persistant XSS

Vanilla Forums Poll Plugin 0.9 Stored XSS

Vanilla kPoll Plugin 1.2 Stored XSS

Varnish Cache CLI Interface Remote Code Execution

VBox Satellite Express 2.3.17.3 - Arbitrary Write

VBScript 5.8.7600.16385 / 5.8.9600.16384 - RegExpComp::PnodeParse Out-of-Bounds Read

VbsEdit 5.9.3 (.smi) - Buffer Overflow Vulnerability

vBshop persistent Persisstant XSS

vBulletin < 4.2.2 - Memcache Remote Code Execution

vBulletin 4.0.x - 4.1.2 (search.php, cat param) - SQL Injection Exploit

vBulletin 4.2.3 - SQL Injection

vBulletin 4.x Verify Email Before Registration Plugin - SQL Injection

vBulletin 5 - index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection

vBulletin 5 PreAuth Remote Code Execution

vBulletin 5.1.x - PreAuth 0day Remote Code Execution Exploit

vBulletin 5.2.2 - Preauth Server Side Request Forgery (SSRF)

vBulletin 5.x - Remote Code Execution Exploit

vBulletin ChangUonDyU Advanced Statistics SQL Injection Vulnerability

vBulletin Tapatalk - Blind SQL Injection

vBulletin vBay <=1.1.9 Error-Based SQL Injection

V-CMS PHP File Upload and Execute

Vembu StoreGrid 4.0 - Unquoted Service Path Privilege Escalation

Verizon Fios Router MI424WR-GEN3I - CSRF Vulnerability

VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow

VeryPDF Image2PDF Converter SEH Buffer Overflow

Vesta Control Panel <= 0.9.8-15 - Persistent XSS Vulnerability

Vestel TV 42pf9322 - Denial of Service

ViArt Shop Evaluation v4.1 Multiple Remote File Inclusion Vulnerabilities

Viber 4.2.0 - Non-Printable Characters Handling Denial of Service Vulnerability

Vice City Multiplayer Server 0.3z R2 Remote Code Execution

VICIDIAL Call Center Suite <=2.2.1-237 Multiple Vulnerabilities

VICIdial Manager Send OS Command Injection

Victory FTP Server 5.0 Denial of Service Exploit

Video WiFi Transfer 1.01 - Directory Traversal Vulnerability

VideoCharge Studio 2.12.3.685 - Buffer Overflow (SEH)

VideoCharge Studio 2.12.3.685 GetHttpResponse() - MITM Remote Code Execution Exploit

VideoCharge Studio Buffer Overflow (SEH)

VideoIQ Camera - Local File Disclosure

VideoLAN VLC Media Player 2.2.1 - 'DecodeAdpcmImaQT' Buffer Overflow

VideoSpirit Lite 1.77 - (SEH) Buffer Overflow

VideoSpirit Pro 1.90 - (SEH) Buffer Overflow

VidiScript SQL Injection Vulnerability

ViewGit 0.0.6 - Multiple XSS Vulnerabilities

Vifi Radio v1 - CSRF Vulnerability

Vino VNC Server 3.7.3 - Persistent Denial of Service

Viprinet Multichannel VPN Router 300 - Stored XSS Vulnerabilities

VirIT Explorer Lite & Pro 8.1.68 - Local Privilege Escalation

VirtualBox 3D Acceleration Virtual Machine Escape

VirtualBox Guest Additions VBoxGuest.sys Privilege Escalation

Viscacha Forum CMS v0.8.1.1 Multiple Vulnerabilities

Viscomsoft Calendar Active-X 2.0 - Multiple Crash PoCs

Visual Mining NetCharts Server Remote Code Execution

Visual Tools DVR <= 3.0.6.16, VX Series <= 4.2.19.2 Multiple Vulnerabilities

Vivotek Cameras Sensitive Information Disclosure

Vivotek IP Cameras - RTSP Authentication Bypass

Vivotek IP Cameras Multiple Vulnerabilities

VLC 1.2.0 (libtaglib_pluggin.dll) DoS

VLC 2.0.1 division by zero vulnerability

VLC 2.1.2 (.asf) - Crash PoC

VLC media player <= 1.1.11 (.flv) Denial of Service

VLC Media Player 2.2.1 - .mp4 Heap Memory Corruption

VLC Media Player 2.2.1 - Buffer Overflow

VLC Media Player 2.2.1 - m3u8/m3u Crash PoC

VLC Media Player RealText Subtitle Overflow

VLC Media Player Subtitle StripTags() Function Memory Corruption

VLC Player <= 2.0.3 ReadAV Crash PoC

VLC Player 2.0.8 (.m3u) - Local Crash PoC

VLC Player 2.1.5 - DEP Access Violation Vulnerability

VLC Player 2.1.5 - Write Access Violation Vulnerability

VLC Web Interface 2.2.1 - Metadata Title XSS Vulnerability

vlinks 2.0.3 (site.php id parameter) SQL Injection

VMCPlayer 1.0 Denial of Service

VMTurbo Operations Manager 4.6 vmtadmin.cgi Remote Command Execution

VMware Hyperic HQ Groovy Script-Console Java Execution

VMWare OVF Tools Format String Vulnerability

VMWare Setuid vmware-mount Unsafe popen(3)

VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload

VMware Workstation - vprintproxy.exe JPEG2000 Images Multiple Memory Corruptions

VMware Workstation - vprintproxy.exe TrueType NAME Tables Heap Buffer Overflow

VMware Workstations 10.0.0.40273 vmx86.sys Arbitrary Kernel Read

VNC Keyboard Remote Code Execution

Vodafone Mobile Wifi - Reset Admin Password

VOX Music Player 2.8.8 - '.pls' Denail of Service

VR GPub 4.0 CSRF Vulnerability

VSAT Sailor 900 - Remote Exploit

vsftpd 2.3.2 remote denial of service (CVE-2011-0762)

Vtiger 5.1.0 LFI

Vtiger CRM 5.0.4 Pre-Auth Local File Inclusion Exploit

vtiger CRM 5.1.0 Local File Inclusion

Vtiger CRM 5.4.0 (index.php, onlyforuser param) - SQL Injection

vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload

vTigerCRM v5.4.0/v5.3.0 Authenticated Remote Code Execution

VTLS Virtua InfoStation.cgi - SQL Injection

VUPlayer 2.49 - (.pls) Stack Buffer Overflow (DEP Bypass)

VX Search Enterprise 9.1.12 - Buffer Overflow

w3tw0rk / Pitbul IRC Bot Remote Code Execution

Wacom Consumer Service - Unquoted Service Path Privilege Escalation

WAN Emulator v2.3 Command Execution

Watermark Master Buffer Overflow (SEH)

Watermark Master v2.2.23 .wstyle - Buffer Overflow (SEH)

WatchGuard Firewall XTM 11.7.4u1 - Remote Buffer Overflow

WatchGuard Firewalls - ifconfig Privilege Escalation (ESCALATEPLOWMAN)

Watchguard XCS FixCorruptMail Local Privilege Escalation

Waves Audio Service - Unquoted Service Path Privilege Escalation

WaveSurfer 1.8.8p4 <= Memory Corruption PoC

w-CMS 2.0.1 - Remote Code Execution Vulnerability

w-CMS 2.0.1 Multiple Vulnerabilities

WD Arkeia Virtual Appliance 10.2.9 - Local File Inclusion

wdCalendar 2 - SQL Injection

WDS CMS - SQL Injection

Weathermap 0.97c (editor.php, mapname param) - Local File Inclusion

Web 2.0 Social Network Freunde Community SQL Injection Vunerability

Web Help Desk by SolarWinds - Stored XSS

Web interface for DNSmasq / Mikrotik - SQL Injection

web@all CMS 2.0 Multiple Vulnerabilities

web2Project 3.1 - Multiple Vulnerabilities

Web2py 2.14.5 - Multiple Vulnerabilities

WebCalendar <= 1.2.4 (install/index.php) Remote Code Execution

WebCalendar 1.2.4 Pre-Auth Remote Code Injection

WebcamXP and Webcam 7 Directory Traversal Vulnerability

WebDisk+ 2.1 iOS - Code Execution Vulnerability

webERP <= 4.08.1 Local/Remote File Inclusion Vulnerability

webERP <=4.08.4 WorkOrderEntry.php SQL Injection Vulnerability

webgrind 1.0 (file param) Local File Inclusion Vulnerability

WeBid <= 1.0.4 Multiple Vulnerabilities

WeBid <= 1.0.5 Directory Traversal

WeBid <=1.0.5 Cross Site Scripting Vulnerabilities

WeBid 1.1.1 Unrestricted File Upload Exploit

WeBid converter.php Remote PHP Code Injection

Webify Blog Arbitrary File Deletion Vulnerability

Webify Link Directory SQL Injection

Webmatic 3.1.1 Blind SQL Injection

WebNMS Framework Server 5.2 and 5.2 SP1 - Multiple Vulnerabilities

WebPA <= 1.1.0.1 Multiple Vulnerabilities

WebPagetest <= 2.6 Multiple Vulnerabilities

WebPageTest Arbitrary PHP File Upload

Websense Proxy Filter Bypass

Websitebaker Add-on Concert Calendar 2.1.4 Multiple Vulnerabilities

Webspell dailyinput Movie Addon 4.2.x SQL Injection Vulnerability

Webspell FIRSTBORN Movie-Addon Blind SQL Injection Vulnerability

WebTitan 4.01 (Build 68) - Multiple Vulnerabilities

Webuzo 2.1.3 - Multiple Vulnerabilities

WEG SuperDrive G2 12.0.0 - Insecure File Permissions

Werkzeug Debug Shell Command Execution

WespaJuris <= 3.0 Multiple Vulnerabilities

Western Digital Arkeia Appliance 10.0.10 - Multiple Vulnerabilities

Western Digital Arkeia Remote Code Execution

Western Digital My Cloud 04.01.03-421, 04.01.04-422 - Command Injection

WhatsApp < v2.11.7 - Remote Crash

WhatsApp <= 2.11.476 - Remote Reboot/Crash App Android

WhatsApp Status Changer v0.2 Exploit

WhatsUp Gold 16.3 - Unauthenticated Remote Code Execution

White Label CMS v 1.5 CSRF w/ persistent XSS

Whitepaper : Exploiting Transparent User Identification

WHMCS 4.x (invoicefunctions.php, id param) - SQL Injection Vulnerability

WHMCS 5.2.7 - SQL Injection Vulnerability

WHMCS Addon VMPanel 2.7.4 - SQL Injection

wicd Local Privilege Esclation Exploit

Wickr Desktop 2.2.1 Windows - Denial of Service Vulnerability

Wieland wieplan 4.1 Document Parsing Java Code Execution Using XMLDecoder

Wifi Album v1.47 iOS - Command Injection Vulnerability

WiFi Camera Roll 1.2 iOS - Multiple Vulnerabilities

WiFi HD v7.3.0 iOS - Multiple Vulnerabilities

Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities

WiFiles HD 1.3 iOS - File Inclusion Vulnerability

WiFly 1.0 Pro iOS - Multiple Vulnerabilities

Wiki Web Help 0.3.9 Multiple Stored XSS Vulnerabilities

Wildfly - WEB-INF and META-INF Information Disclosure via Filter Restriction Bypass

WIMAX LX350P(WIXFMR-108) - Multiple Vulnerabilities

WIMAX MT711x - Multiple Vulnerabilities

Win10Pcap - Local Privilege Escalation Vulnerability

Win2003 x64 - Token Stealing shellcode - 59 bytes

win32/xp[TR] sp3 MessageBox - 24Bytes

win32k Clipboard Bitmap - Use-After-Free Vulnerability

win32k Desktop and Clipboard - Null Pointer Derefence

Win32-Worm:VBS/Jenxcus.A Malware Report

WIN-911 7.17.00 - Multiple Vulnerabilities

Winamp MAKI Buffer Overflow

WinaXe 7.7 'FTP client' - Remote Buffer Overflow

Window Kernel - Bitmap Handling Use-After-Free (MS15-061) #2

Windows - CNG.SYS Kernel Security Feature Bypass PoC (MS15-052)

Windows - CSRSS BaseSrvCheckVDM Session 0 Process Creation Privilege Escalation (MS16-048)

Windows - Fileless UAC Protection Bypass Privilege Escalation (Metasploit)

Windows - gdi32.dll Heap-Based Buffer Overflow in ExtEscape() Triggerable via...

Windows - gdi32.dll Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055)

Windows - gdi32.dll Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055)

Windows - NtLoadKeyEx Read Only Hive Arbitrary File Write Privilege Escalation...

Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux (MS16-008)

Windows - Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux 2 (MS16-008)

Windows - Secondary Logon Standard Handles Missing Sanitization Privilege Escalation (MS16-032)

Windows "Meterpreter"less Post Exploitation

Windows 10 - pcap Driver Local Privilege Escalation

Windows 10 Build 10130 - User Mode Font Driver Thread Permissions Privilege Escalation

Windows 10 x86/x64 WLAN AutoConfig - Denial of Service (POC)

Windows 7 maybe other version as well System Resources kaput system hangs w loads of errors

Windows 7 x86 - localhost Port Scanner Shellcode (556 bytes)

Windows 8.0 - 8.1 x64 - TrackPopupMenu Privilege Escalation (MS14-058)

Windows 8.1 (32/64 bit) - Privilege Escalation (ahcache.sys/NtApphelpCacheControl)

Windows 8.1 DCOM DCE/RPC Local NTLM Reflection Privilege Escalation (MS15-076)

Windows AlwaysInstallElevated MSI

Windows ATMFD.DLL CFF table (ATMFD+0x34072 / ATMFD+0x3407b) Invalid Memory Access

Windows ATMFD.DLL CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access

Windows ATMFD.DLL CharString Stream Out-of-Bounds Reads

Windows ATMFD.DLL Out-of-Bounds Read Due to Malformed FDSelect Offset in the CFF Table

Windows ATMFD.DLL Out-of-Bounds Read Due to Malformed Name INDEX in the CFF Table

Windows ATMFD.DLL Write to Uninitialized Address Due to Malformed CFF Table

Windows ClientCopyImage Win32k Exploit

Windows CreateObjectTask SettingsSyncDiagnostics Privilege Escalation

Windows CreateObjectTask TileUserBroker Privilege Escalation

Windows Cursor Object Potential Memory Leak (MS15-115)

Windows DeviceApi CMApi - User Hive Impersonation Privilege Escalation (MS16-124)

Windows DeviceApi CMApi PiCMOpenDeviceKey - Arbitrary Registry Key Write Privilege...

Windows DFS Client Driver - Arbitrary Drive Mapping Privilege Escalation (MS16-123)

Windows Diagnostics Hub - DLL Load Privilege Escalation (MS16-125)

Windows Edge/IE - Isolated Private Namespace Insecure Boundary Descriptor Privilege...

Windows Edge/IE - Isolated Private Namespace Insecure DACL Privilege Escalation...

Windows Escalate Service Permissions Local Privilege Escalation

Windows Escalate Task Scheduler XML Privilege Escalation

Windows Escalate UAC Execute RunAs

Windows Escalate UAC Protection Bypass

Windows Firewall Control - Unquoted Service Path Privilege Escalation

Windows Kerberos - Elevation of Privilege (MS14-068)

Windows Kerberos Security Feature Bypass (MS16-014)

Windows Kernel - bGetRealizedBrush Use-After-Free (MS15-097)

Windows Kernel - Bitmap Handling Use-After-Free (MS15-061)

Windows Kernel - Brush Object Use-After-Free Vulnerability (MS15-061)

Windows Kernel - DeferWindowPos Use-After-Free (MS15-073)

Windows Kernel - DrawMenuBarTemp Wild-Write (MS16-039)

Windows Kernel - FlashWindowEx Memory Corruption (MS15-097)

Windows Kernel - HmgAllocateObjectAttr Use-After-Free (MS15-061)

Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097)

Windows Kernel - NtGdiGetTextExtentExW Out-of-Bounds Memory Read

Windows Kernel - NtGdiStretchBlt Pool Buffer Overflows (MS15-097)

Windows Kernel - NULL Pointer Dereference with Window Station and Clipboard (MS15-061)

Windows Kernel - Pool Buffer Overflow Drawing Caption Bar (MS15-061)

Windows Kernel - Registry Hive Loading Negative RtlMoveMemory Size in...

Windows Kernel - SURFOBJ NULL Pointer Dereference (MS15-061)

Windows Kernel - Use-After-Free with Cursor Object (MS15-097)

Windows Kernel - Use-After-Free with Printer Device Contexts (MS15-097)

Windows Kernel - UserCommitDesktopMemory Use-After-Free (MS15-073)

Windows Kernel - win32k!vSolidFillRect Buffer Overflow (MS15-061)

Windows Kernel - win32k.sys TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039)

Windows Kernel - WindowStation Use-After-Free (MS15-061)

Windows Kernel ATMFD.DLL OTF Font Processing Pool-Based Buffer Overflow (MS16-026)

Windows Kernel ATMFD.DLL OTF Font Processing Stack Corruption (MS16-026)

Windows Kernel Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115)

Windows Kernel win32k!OffsetChildren - Null Pointer Dereference

Windows Kernel win32k.sys Malformed OS/2 Table TTF Font Processing Pool-Based Buffer...

Windows Kernel win32k.sys Malformed TrueType Program TTF Font Processing Pool-Based...

Windows Kernel Win32k.sys Privilege Escalation Exploit (MS14-058)

Windows Light HTTPD 0.1 - Buffer Overflow

Windows Manage Memory Payload Injection

Windows Media Center - Command Execution (MS15-100)

Windows Movie Maker Version 2.1.4026.0 (.wav) - Crash POC

Windows ndis.sys IOCTL 0x170034 (ndis!ndisNsiGetIfNameForIfIndex) - Pool Buffer Overflow (MS15-117)

Windows NDProxy Privilege Escalation XP SP3 x86 and 2003 SP2 x86 (MS14-002)

Windows NtUserGetClipboardAccessToken Token Leak

Windows NTUserMessageCall Win32k Kernel Pool Overflow (Schlamperei)

Windows OLE Package Manager SandWorm Exploit

Windows Race Condition DestroySMWP Use-After-Free (MS15-115)

Windows RT ARM Bind Shell (Port 4444)

Windows Service Trusted Path Privilege Escalation

Windows Task Scheduler DeleteExpiredTaskAfter File Deletion Privilege Escalation

Windows TrackPopupMenu Win32k NULL Pointer Dereference

Windows TrackPopupMenuEx Win32k NULL Page

Windows win32k.sys - TTF Processing RCVT TrueType Instruction Handler Out-of-Bounds...

Windows win32k.sys - TTF Processing win32k!sbit_Embolden /...

Windows win32k.sys TTF Font Processing IUP[] Program Instruction Pool-Based Buffer Overflow

Windows win32k.sys TTF Font Processing win32k!fsc_BLTHoriz Out-of-Bounds Pool Write

Windows win32k.sys TTF Font Processing win32k!fsc_RemoveDups Out-of-Bounds Pool Memory Access

Windows win32k.sys TTF Font Processing win32k!scl_ApplyTranslation Pool-Based Buffer Overflow

Windows x64 - Bind Shell TCP Shellcode (508 bytes)

Windows x64 - Download & Execute Shellcode (358 bytes)

Windows x64 - Password Protected Bind Shellcode (825 bytes)

Windows x64 - Reverse Shell TCP Shellcode (694 bytes)

Windows x64 - WinExec() Shellcode (93 bytes)

Windows x86 - Bind Shell TCP Shellcode

Windows x86 - CreateProcessA cmd.exe Shellcode (253 bytes)

Windows x86 - InitiateSystemShutdownA() Shellcode (599 bytes)

Windows x86 - Keylogger Reverse UDP Shellcode (493 bytes)

Windows x86 - MessageBoxA Shellcode (242 bytes)

Windows x86 - Password Protected TCP Bind Shell (637 bytes)

Windows x86 - Persistent Reverse Shell TCP (494 Bytes)

Windows XP PRO SP3 - Full ROP calc shellcode

Windows XP-10 - Null-Free WinExec Shellcode (Python)

Wing FTP Server Authenticated Command Execution

Winlog Lite SCADA HMI system SEH 0verwrite Vulnerability

WinMerge v2.12.4 Project File Handling Stack Overflow Vulnerability

WinPower 4.9.0.4 - Privilege Escalation

WinRadius 2.11 - Denial of Service

WinRadius Server 2009 Denial Of Service

WinRar < 5.30 beta 4 - Settings Import Command Execution

WinRar 5.21 - SFX OLE Command Execution

WinRAR Filename Spoofing

WinRM VBS Remote Code Execution

WinWebMail Server 3.8.1.6 Stored XSS

WinylPlayer 3.0.3 Memory Corruption PoC

Wireless Disk PRO v2.3 iOS - Multiple Vulnerabilities

Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities

Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities

WirelessFiles v1.1 iPad iPhone - Multiple Vulnerabilities

Wireshark - add_ff_vht_compressed_beamforming_report Static Out-of-Bounds Read

Wireshark - addresses_equal (dissect_rsvp_common) Use-After-Free

Wireshark - AirPDcapPacketProcess Stack-Based Buffer Overflow

Wireshark - alloc_address_wmem Assertion Failure

Wireshark - ascend_seek Static Out-of-Bounds Read

Wireshark - dissct_rsl_ipaccess_msg Static Out-of-Bounds Read

Wireshark - dissect_2008_16_security_4 Stack-Based Buffer Overflow

Wireshark - dissect_ber_integer Static Out-of-Bounds Write

Wireshark - dissect_ber_set Static Out-of-Bounds Read

Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack-Based Buffer Overflow

Wireshark - dissect_nbap_MACdPDU_Size SIGSEGV

Wireshark - dissect_nhdr_extopt Stack-Based Buffer Overflow

Wireshark - dissect_oml_attrs Static Out-of-Bounds Read

Wireshark - dissect_pktc_rekey Heap-based Out-of-Bounds Read

Wireshark - dissect_tds7_colmetadata_token Stack-Based Buffer Overflow

Wireshark - dissect_zcl_pwr_prof_pwrprofstatersp Static Out-of-Bounds Read

Wireshark - ett_zbee_zcl_pwr_prof_enphases Static Out-of-Bounds Read

Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack-Based Buffer Overflow

Wireshark - find_signature Stack-Based Out-of-Bounds Read

Wireshark - getRate Stack-Based Out-of-Bounds Read

Wireshark - hiqnet_display_data Static Out-of-Bounds Read

Wireshark - iseries_check_file_type Stack-Based Out-of-Bounds Read

Wireshark - iseries_parse_packet Heap-Based Buffer Overflow

Wireshark - memcpy (get_value / dissect_btatt) SIGSEGV

Wireshark - my_dgt_tbcd_unpack Static Buffer Overflow

Wireshark - nettrace_3gpp_32_423_file_open Stack-Based Out-of-Bounds Read

Wireshark - print_hex_data_buffer / print_packet Use-After-Free

Wireshark - vwr_read_s2_s3_W_rec Heap-Based Buffer Overflow

Wireshark - wmem_alloc Assertion Failure

Wireshark <= 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow

Wireshark 1.12.0 to 1.12.12 - NDS Dissector Denial of Service

Wireshark 1.12.7 - Division by Zero Crash PoC

Wireshark 2.0.0 to 2.0.4 - CORBA IDL Dissectors Denial of Service

Wireshark 2.0.0 to 2.0.4 - MMSE, WAP, WBXML, and WSP Dissectors Denial of Service

Wireshark 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 - PacketBB Dissector Denial of Service

Wireshark 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 - RLC Dissector Denial of Service

Wireshark 2.0.0 to 2.0.4, 1.12.0 to 1.12.12 - WSP Dissector Denial of Service

Wireshark AirPDcapDecryptWPABroadcastKey - Heap-Based Out-of-Bounds Read

Wireshark 'call_dissector()' NULL Pointer Dereference Denial Of Service

Wireshark 'calldissector()' NULL Pointer Dereference Denial Of Service

Wireshark CAPWAP Dissector - Denial of Service (msf)

Wireshark DIAMETER Dissector Denial of Service

Wireshark dissect_ber_constrained_bitstring Heap-Based Out-of-Bounds Read

Wireshark infer_pkt_encap - Heap-Based Out-of-Bounds Read

Wireshark Misaligned Memory Denial of Service Vulnerability

Wireshark Multiple Dissector Denial of Service Vulnerabilities

Wise Care 365 4.27 / Wise Disk Cleaner 9.29 - Unquoted Service Path Privilege...

Wolf CMS Arbitrary File Upload To Command Execution

Wolf CMS v0.7.5 Multiple Vulnerabilities

Woltlab Burning Board 2.3.6 Addon (hilfsmittel.php) SQL Injection Vulnerability

Woltlab Burning Board FLVideo Addon (video.php, value param) - SQL Injection

Woltlab Burning Board Regenbogenwiese 2007 Addon SQL Injection Exploit.

WooCommerce Store Exporter 1.7.5 - Multiple XSS Vulnerabilities

Wordpess Simple Photo Gallery 1.7.8 Blind SQL Injection

Wordpress < 4.0.1 - Denial of Service

WordPress <= 3.3.1 Multiple Vulnerabilities

WordPress <=4.0 Denial of Service Exploit

Wordpress 3.9.1 - CSRF Vulnerability

WordPress 4.5.3 - Directory Traversal / Denial of Service

WordPress Abtest Plugin - Local File Inclusion

WordPress Acento Theme (view-pdf.php, file param) - Arbitrary File Download

WordPress Add From Server Plugin < 3.3.2 - (File Upload) CSRF

WordPress Admin Management Xtended Plugin 2.4.0 - Privilege escalation

Wordpress Ajax Load More PHP Upload Vulnerability

Wordpress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability

Wordpress Ajax Pagination Plugin 1.1 - Local File Inclusion

Wordpress All In One WP Security Plugin 3.8.2 - SQL Injection

WordPress ALO EasyMail Newsletter Plugin 2.6.01 - CSRF Vulnerability

WordPress ALO EasyMail Newsletter Plugin 2.9.2 - (Add/Import Arbitrary Subscribers) CSRF

Wordpress Amplus Theme - CSRF Vulnerability

WordPress Area53 theme Arbitrary File Upload Vulnerability

Wordpress Asset Manager Plugin 0.2 Arbitrary File Upload

Wordpress Automatic Plugin v2.0.3 CSRF Exploit

WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta Shell Upload

WordPress Best Web Soft Captcha Plugin <= 4.1.5 - Multiple Vulnerabilities

WordPress Booking Calendar Contact Form Plugin <= 1.0.23 - Multiple Vulnerabilities

Wordpress Booking Calendar Contact Form Plugin <=1.1.23 - Shortcode SQL Injection

Wordpress Booking Calendar Contact Form Plugin <=1.1.23 - Unauthenticated SQL injection

WordPress Booking Calendar Plugin 6.2 - SQL Injection

Wordpress BP Group Documents Plugin 1.2.1 - Multiple Vulnerabilities

WordPress BuddyPress Activity Plus Plugin 1.5 - CSRF Vulnerability

WordPress Bulk Delete Plugin 5.5.3 - Privilege Escalation

WordPress Candidate Application Form Plugin 1.0 - Arbitrary File Download

Wordpress Cart66 Plugin 1.5.1.14 - Multiple Vulnerabilities

WordPress Contact Form Generator <= 2.0.1 - Multiple CSRF Vulnerabilities

Wordpress Count per Day Plugin 3.2.3 XSS Vulnerability

WordPress Count per Day Plugin 3.2.5 (counter.php) - XSS Vulnerability

WordPress Count Per Day Plugin 3.4 - SQL Injection

WordPress Count per Day Plugin 3.5.4 - Stored Cross-Site Scripting

Wordpress CP Multi View Event Calendar 1.01 - SQL Injection

WordPress CP Polls Plugin 1.0.8 - Multiple Vulnerabilities

WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection

WordPress Curvo Themes - CSRF File Upload Vulnerability

Wordpress Custom Content Type Manager 0.9.5.13-pl Arbitrary File Upload Vulnerability

Wordpress Developer Formatter CSRF Vulnerability

Wordpress Diary/Notebook Site5 Theme Email Spoofing

Wordpress Dimension Theme - CSRF Vulnerability

Wordpress Download Manager 2.7.4 - Remote Code Execution Vulnerability

Wordpress drag and drop file upload 0.1 Arbitrary File Upload Vulnerability

Wordpress Easy Contact Forms Export Plugin 1.1.0 Information Disclosure Vulnerability

WordPress Easy Social Icons Plugin 1.2.2 - CSRF Vulnerability

WordPress eBook Download Plugin 1.1 - Directory Traversal

WordPress Encrypted Contact Form Plugin 1.0.4 - CSRF Vulnerability

Wordpress Euclid Theme - CSRF Vulnerability

WordPress Extra User Details Plugin 0.4.2 - Privilege Escalation

Wordpress Facebook Survey v1 SQL Injection Vulnerability

WordPress FeedWordPress Plugin 2015.0426 - SQL Injection

Wordpress Foxypress Plugin 0.4.1.1 0.4.2.1 Arbitrary File Upload

WordPress Front End Upload v0.5.4.4 Arbitrary PHP File Upload

Wordpress Front File Manager Plugin 0.1 Arbitrary File Upload

Wordpress Frontend Upload Plugin - Arbitrary File Upload

Wordpress FuneralPress Plugin 1.1.6 - Persistent XSS

Wordpress Gallery Plugin 3.06 Arbitrary File Upload

WordPress GeoPlaces3 Theme - Arbitrary File Upload Vulnerbility

WordPress Ghost Plugin 0.5.5 - Unrestricted Export Download

WordPress GigPress Plugin 2.3.8 - SQL Injection

Wordpress Google Document Embedder 2.5.14 - SQL Injection

Wordpress Google Maps via Store Locator Plugin Multiple Vulnerabilities

WordPress Gwolle Guestbook Plugin 1.5.3 - Remote File Inclusion

Wordpress HD Webplayer 1.1 SQL Injection Vulnerability

Wordpress History Collection <=1.1.1 Arbitrary File Download

Wordpress HMS Testimonials Plugin 2.0.10 - Multiple Vulnerabilities

WordPress HTML 5 MP3 Player with Playlist Plugin - Full Path Disclosure

Wordpress HTML5 AV Manager Plugin 0.2.7 Arbitrary File Upload

WordPress Huge-IT Slider 2.7.5 - Multiple Vulnerabilities

Wordpress church_admin Plugin 0.800 Stored XSS

WordPress Image Export Plugin 1.1.0 - Arbitrary File Disclosure

Wordpress iMember360 Plugin 3.8.012 - 3.9.001 - Multiple Vulnerabilities

WordPress Import CSV Plugin 1.0 - Directory Traversal

Wordpress IndiaNIC Testimonial Plugin - Multiple Vulnerabilities

Wordpress InfusionSoft Plugin Upload Vulnerability

WordPress Job Manager Plugin 0.7.22 - Persistent XSS

WordPress Kento Post View Counter Plugin 2.8 - CSRF/XSS

Wordpress Kish Guest Posting Plugin 1.0 Arbitrary File Upload

Wordpress Lazy SEO plugin Shell Upload Vulnerability

WordPress LeagueManager Plugin 3.8 - SQL Injection

WordPress leenk.me Plugin 2.5.0 - CSRF/XSS

Wordpress Like Dislike Counter 1.2.3 Plugin - SQL Injection Vulnerability

Wordpress Login Widget With Shortcode 3.1.1 - Multiple Vulnerabilities

Wordpress Mac Photo Gallery 2.7 Arbitrary File Upload

Wordpress MailChimp Subscribe Forms 1.1 Remote Code Execution

Wordpress MailPoet (wysija-newsletters) Unauthenticated File Upload

Wordpress Make A Statement (MaS) Theme - CSRF Vulnerability

WordPress MDC Private Message Plugin 1.0.0 - Persistent XSS

Wordpress Mini Mail Dashboard Widget 1.42 Stored XSS

Wordpress MM Forms Community Plugin 2.2.6 Arbitrary File Upload

WordPress More Fields <= 2.1 Plugin - CSRF Vulnerability

Wordpress Nextend Facebook Connect Plugin 1.4.59 - XSS Vulnerability

Wordpress NOSpamPTI Plugin - Blind SQL Injection

WordPress Occasions Plugin 1.0.4 - CSRF Vulnerability

WordPress Ocim MP3 Plugin - SQL Injection Vulnerability

Wordpress Orange Themes CSRF File Upload Vulnerability

Wordpress Participants Database 1.5.4.8 - SQL Injection

Wordpress Pica Photo Gallery 1.0 Arbitrary File Upload Vulnerability

Wordpress PICA Photo Gallery Plugin 1.0 Remote File Disclosure

WordPress Plugin 404 Redirection Manager 1.0 - SQL Injection

WordPress Plugin Advanced Custom Fields Remote File Inclusion

Wordpress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities

Wordpress Plugin Answer My Question 1.3 - SQL Injection

Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability

WordPress Plugin DZS Video Gallery 3.1.3 - Remote and Local File Disclosure Vulnerability

WordPress plugin Foxypress uploadify.php Arbitrary Code Execution

WordPress Plugin Free Counter 1.1 Stored XSS

WordPress Plugin Google Document Embedder Arbitrary File Disclosure

WordPress Plugin Instagram Feed 1.4.6.2 - Cross-Site Request Forgery

WordPress Plugin Multisite Post Duplicator 0.9.5.1 - Cross-Site Request Forgery

Wordpress Plugin Olimometer 2.56 - SQL Injection

WordPress Plugin Order Export Import for WooCommerce - Order Information Disclosure

WordPress Plugin Quiz And Survey Master 4.5.4 / 4.7.8 - Cross-Site Request Forgery

Wordpress Plugin Sell Download v1.0.16 - Local File Disclosure

WordPress Plugin Simply Poll 1.4.1 - SQL Injection

Wordpress Plugin Single Personal Message 1.0.3 - SQL Injection

Wordpress Plugin Sirv 1.3.1 - SQL Injection

WordPress Plugin Slider Templatic Tevolution < 2.3.6 - Arbitrary File Upload

Wordpress Plugin spider calendar Multiple Vulnerabilities

Wordpress Plugin TheCartPress v1.4.7 - Multiple Vulnerabilities

Wordpress Plugin WP Easy Poll 1.1.3 - XSS and CSRF

Wordpress Plugin 'WP Mobile Edition' - LFI Vulnerability

Wordpress Plugin WP Private Messages 1.0.1 - SQL Injection

WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 - Privilege...

Wordpress Plugin WP Support Plus Responsive Ticket System 7.1.3 - SQL Injection

Wordpress Plugin WP Vault 0.8.6.6 - Local File Inclusion

Wordpress Plugins Premium Gallery Manager Unauthenticated Configuration Access Vulnerability

WordPress Polls Widget Plugin 1.0.7 - SQL Injection Vulnerability

Wordpress Postie Plugin 1.4.3 Stored XSS

Wordpress Quick Contact Form Plugin 6.0 - Persistent XSS

WordPress RB Agency Plugin 2.4.7 - Local File Disclosure

Wordpress Really Simple Guest Post <= 1.0.6 - File Include

WordPress Recent Backups Plugin 0.7 - Arbitrary File Download

WordPress Responsive Thumbnail Slider Plugin 1.0 - Arbitrary File Upload

WordPress Resume Submissions & Job Postings v2.5.1 Unrestricted File Upload

Wordpress RLSWordPressSearch plugin SQL Injection

Wordpress RobotCPA Plugin V5 - Local File Inclusion

WordPress SAICO theme Arbitrary File Upload Vulnerability

WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal

Wordpress SfBrowser Version 1.4.5 Arbitrary File Upload Vulnerability

WordPress Shopping Cart 3.0.4 - Unrestricted File Upload

WordPress ShortCode Plugin 1.1 - Local File Inclusion Vulnerability

WordPress Simple Image Manipulator Plugin 1.0 - Arbitrary File Download

Wordpress Simple Share Buttons Adder Plugin 4.4 - Multiple Vulnerabilities

Wordpress SimpleMail Plugin 1.0.6 Stored XSS

WordPress Simply Poll Plugin 1.4.1 - Multiple Vulnerabilities

Wordpress Site Import Plugin 1.0.1 - Local and Remote File Inclusion

WordPress SiteMile Project Theme 2.0.9.5 - Multiple Vulnerabilities

Wordpress Slideshow Gallery 1.4.6 - Shell Upload (Python Exploit)

WordPress Slideshow Gallery Plugin 1.4.6 - Shell Upload Vulnerability

Wordpress Social Discussions Plugin 6.1.1 Multiple Vulnerabilities

WordPress SolveMedia 1.1.0 CSRF Vulnerability

Wordpress Spicy Blogroll Plugin - File Inclusion Vulnerability

Wordpress Spider Catalog 1.1 HTML Code Injection and Cross-Site scripting

Wordpress Spider Catalog Plugin 1.4.6 - Multiple Vulnerabilities

Wordpress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities

WordPress SupportEzzy Ticket System Plugin 1.2.5 - Stored XSS Vulnerability

Wordpress Survey and Poll Plugin 1.1 - Blind SQL Injection

WordPress Swim Team Plugin 1.44.10777 - Arbitrary File Download

WordPress Switchblade Themes Arbitrary File Upload Vulnerability

Wordpress Theme Elegance - Post Local File Disclosure

Wordpress Theme Infocus - Post Local File Disclosure

WordPress Theme Kernel - Remote File Upload Vulnerability

WordPress Theme LineNity 1.20 - Local File Inclusion

WordPress Think Responsive Themes Arbitrary File Upload Vulnerability

Wordpress ThreeWP Email Reflector Plugin 1.13 Stored XSS

Wordpress Top Quark Architecture Version 2.10 Arbitrary File Upload Vulnerability

Wordpress Ultimate Product Catalog 3.9.8 - (do_shortcode via ajax) Blind SQL Injection

WordPress Unite Gallery Lite Plugin 1.4.6 - Multiple Vulnerabilities

WordPress User Meta Manager Plugin 3.4.6 - Blind SQL Injection

WordPress User Meta Manager Plugin 3.4.6 - Information Disclosure

WordPress User Meta Manager Plugin 3.4.6 - Privilege Escalation

Wordpress User Meta Version 1.1.1 Arbitrary File Upload Vulnerability

WordPress User Photo Component Remote File Upload Vulnerability

Wordpress User Role Editor Plugin 3.12 - CSRF Vulnerability

WordPress Users Ultra Plugin 1.5.50 - Blind SQL injection

WordPress Users Ultra Plugin 1.5.50 - Persistent XSS

WordPress Users Ultra Plugin 1.5.50 - Unrestricted File Upload

WordPress Video Gallery 2.7 SQL Injection

Wordpress Video Gallery 2.7.0 - SQL Injection Vulnerability

Wordpress Video Gallery Plugin 2.5 - Multiple Vulnerabilities

Wordpress VideoWhisper 4.27.3 - Multiple Vulnerabilities

Wordpress W3 Total Cache PHP Code Execution

WordPress Website FAQ Plugin v1.0 SQL Injection

WordPress WooCommerce Store Toolkit Plugin 1.5.5 - Privilege Escalation

Wordpress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload

WordPress WP Advanced Comment Plugin 0.10 - Persistent XSS

WordPress WP Fastest Cache Plugin 0.8.4.8 - Blind SQL Injection

WordPress WP Live Chat Support Plugin 6.2.03 - Stored XSS

Wordpress WP Marketplace Plugin 1.5.0 1.6.1 Arbitrary File Upload

Wordpress Wp Symposium 14.11 - Unauthenticated Shell Upload Exploit

WordPress WP User Frontend Plugin < 2.3.11 - Unrestricted File Upload

Wordpress wpDataTables Plugin 1.5.3 - SQL Injection Vulnerability

Wordpress wpDataTables Plugin 1.5.3 - Unauthenticated Shell Upload Vulnerability

Wordpress wp-gpx-map version 1.1.21 Arbitrary File Upload Vulnerability

WordPress WP-Predict Plugin v1.0 Blind SQL Injection

Wordpress WPProperty Plugin 1.35.0 Arbitrary File Upload

Wordpress WP-SendSMS Plugin 1.0 - Multiple Vulnerabilities

WordPress WPTF Image Gallery 1.03 - Aribtrary File Download

Wordpress Wp-TopBar 4.02 Multiple Vulnerabilities

Wordpress Zingiri Web Shop Plugin <= 2.4.0 Multiple XSS Vulnerabilities

Wordpress Zingiri Web Shop Plugin <= 2.4.2 Persistent XSS

WordPress zM Ajax Login & Register Plugin 1.0.9 Local File Inclusion

World Of Warcraft 3.3.5a (macros-cache.txt) - Stack Overflow

WP Effective Lead Management v3.0.0 Persistent XSS

WP Forum Server 1.6.5 Wordpress Plugin SQL Injection Vulnerability

WP Symposium Pro Social Network Plugin 15.12 - Multiple Vulnerabilities

WP-Client 3.8.7 - Stored XSS Vulnerability

WPN-XM Serverstack 0.8.6 - Cross Site Request Forgery

WPS Office < 2016 - .doc OneTableDocumentStream Memory Corruption

WPS Office < 2016 - .ppt drawingContainer Memory Corruption

WPS Office < 2016 - .ppt Heap Memory Corruption

WPS Office < 2016 - .xls Heap Memory Corruption

WPS Office Wpsio.dll - Stack Buffer Overflow Vulnerability

WRT120N 1.0.0.7 Stack Overflow

WS10 Data Server SCADA Exploit Overflow PoC

WSO2 Carbon 4.4.5 - (Denial of Service) CSRF

WSO2 Carbon 4.4.5 - Local File Inclusion

WSO2 Carbon 4.4.5 - Stored XSS

WSO2 Identity Server 5.1.0 - Multiple Vulnerabilities

Wyse Machine Remote Power off (DOS) without any privilege

X2CRM 3.4.1 - Multiple Vulnerabilities

X2Engine 4.2 - Arbitrary File Upload

X2Engine 4.2 - CSRF Vulnerability

X360 VideoPlayer ActiveX Control Buffer Overflow

x64 Linux egghunter in 24 bytes

X7 Chat 2.0.5 lib/message.php preg_replace() PHP Code Execution

X7 Chat 2.0.5.1 CSRF Add Admin Exploit

x86 Windows Null-Free Download & Run via WebDAV Shellcode (96 bytes)

x86_64 Linux Polymorphic Execve-Stack - 47 bytes

x86_64 Linux shell_reverse_tcp with Password - Polymorphic Version

x86_64 Linux shell_reverse_tcp with Password - Polymorphic Version v2

x86_64 Linux xor/not/div Encoded execve Shellcode

XAMPP 1.8.1 (lang.php, WriteIntoLocalDisk method) - Local Write Access Vulnerability

XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities

XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities (XSS & CSRF)

XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities

XAMPP Control Panel - Denial Of Service

XAMPP for Windows 1.8.2 - Blind SQL Injection

XCart 5.2.6 - Code Execution Vulnerability

Xceedium Xsuite - Multiple Vulnerabilities

XCloner Wordpress/Joomla! Plugin - Multiple Vulnerabilities

Xdh / LinuxNet Perlbot / fBot IRC Bot Remote Code Execution

Xeams Email Server 4.4 Build 5720 Stored XSS

xEpan 1.0.1 - CSRF Vulnerability

Xerox DocuShare - SQL Injection

Xerox Multifunction Printers (MFP) "Patch" DLM Vulnerability

Xfinity Gateway - Cross-Site Request Forgery

Xfinity Gateway - Remote Code Execution

Xfinity Gateway (Technicolor DPC3941T) - Cross-Site Request Forgery

XGI Windows VGA Display Manager 6.14.10.1090 - Arbitrary Write PoC

XhP CMS 0.5.1 - Cross-Site Request Forgery / Persistent Cross-Site Scripting

Xibo 1.2.2 and 1.4.1 (index.php, p param) - Directory Traversal Vulnerability

Xion Audio Player <= 1.5 (build 160) - .mp3 Crash PoC

Xion Audio Player 1.5 build 155 Stack Based Buffer Overflow

Xitami Web Server 5.0a0 - Denial of Service

Xivo 1.2 Arbitrary File Download

XM Easy Personal FTP Server <= v5.30 Remote Format String Write4 Exploit

XM Easy Personal FTP Server 5.8 - (HELP) Remote DoS Vulnerability

XM Easy Personal FTP Server 5.8.0 (TYPE) Denial Of Service

XMPlay 3.8.1.12 - .pls Local Crash PoC

XnView 1.92.1 Command-Line Arguments Buffer Overflow Vulnerability

XnView 1.99.1 JLS File Decompression Heap Overflow

XnView 2.03 (.PCT) - Buffer Overflow Vulnerability

XnView ECW Image Processing Heap Overflow

XnView FlashPix Image Processing Heap Overflow

XnView RAS Image Processing Heap Overflow

XODA 0.4.5 Arbitrary PHP File Upload Vulnerability

XODA Document Management System v0.4.5 XSS & Arbitrary File Upload

XOOPS 2.5.4 Multiple XSS Vulnerabilities

Xoops 2.5.7.2 - Arbitrary User Deletions CSRF

Xoops 2.5.7.2 - Directory Traversal Bypass

XOS Shop 1.0 rc7o (redirect.php, goto param) - SQL Injection Vulnerability

Xpient Cash Drawer Operation Vulnerability

xRadio 0.95b (.xrl) Local Buffer Overflow (SEH)

XRMS - Blind SQL Injection and Command Execution

xt:Commerce <= v3.04 SP2.1 Time Based Blind SQL Injection

xt:Commerce VEYTON 4.0.15 (products_name_de) Script Insertion Vulnerability

XWiki 4.2-milestone-2 Multiple Stored XSS Vulnerabilities

Yasr Screen Reader 0.6.9 - Local Buffer Overflow

Yeager CMS 1.2.1 - Multiple Vulnerabilities

YeaLink IP Phone Firmware <=9.70.0.100 Unauthenticated Phone Call Vulnerability

Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability

Yealink VoIP Phone SIP-T38G - Default Credentials

Yealink VoIP Phone SIP-T38G - Local File Inclusion

Yealink VoIP Phone SIP-T38G - Privileges Escalation

Yealink VoIP Phone SIP-T38G - Remote Command Execution

YESWIKI 0.2 - Path Traversal Vulnerability

Yii Framework 1.1.8 Search SQL Injection Vulnerability

Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow

YourMembers Plugin - Blind SQL Injection

YouTube Automated CMS 1.0.7 - Cross-Site Request Forgery / Cross Site Scripting

YouTube Automated CMS 1.0.7 - Cross-Site Request Forgery / Persistent Cross-Site...

Zabbix 2.0 - 3.0.3 - SQL Injection

Zabbix 2.0.1 and Earlier Session Extractor 0day

Zabbix 2.0.5 - Cleartext ldap_bind_password Password Disclosure (MSF)

Zabbix 2.0.8 SQL Injection and Remote Code Execution

Zabbix 2.2.x, 3.0.x - SQL Injection

Zabbix Authenticated Remote Command Execution

Zabbix Server Arbitrary Command Execution

Zavio IP Cameras Firmware 1.6.03 - Multiple Vulnerabilities

ZCMS 1.1 - Multiple Vulnerabilities

ZeewaysCMS - Multiple Vulnerabilities

Zemra Botnet CnC Web Panel Remote Code Execution

Zen Cart 1.5.4 - Local File Inclusion

Zenbership 107 - Multiple Vulnerabilities

Zend Framework / zend-mail < 2.4.11 - Remote Code Execution

Zend Server 5.6.0 Multiple Remote Script Insertion Vulnerabilities

Zenphoto 1.4.10 - Local File Inclusion

Zenphoto 1.4.11 - Remote File Inclusion

Zenphoto 1.4.3.3 Multiple Vulnerabilities

ZenPhoto 1.4.8 - Multiple Vulnerabilities

ZeroCMS 1.0 - (zero_view_article.php, article_id param) - SQL Injection Vulnerability

ZeroCMS 1.0 - Persistent Cross-Site Scripting Vulnerability

ZeroCMS 1.0 - zero_transact_user.php, Handling Privilege Escalation

ZeroShell 'cgi-bin/kerbynet' - Local File Disclosure Vulnerability

ZeusCart 4.0 - CSRF Vulnerability

ZeusCart 4.0 - SQL Injection

Zeuscart v.4 - Multiple Vulnerabilities

zFTP Client 20061220 - (Connection Name) Local Buffer Overflow

ZHONE < S3.0.501 - Multiple Vulnerabilities

Zhone ADSL2+ 4P Bridge & Router (Broadcom) - Multiple Vulnerabilities

Zikula CMS <= 1.2.4 CSRF Vulnerability

Zimbra 0day exploit / Privilegie escalation via LFI

Zimbra 8.0.9 GA - CSRF Vulnerability

Zimplit CMS 3.0 - Multiple Vulnerabilities

ZineBasic 1.1 - Arbitrary File Disclosure

ZIP Password Recovery Professional 5.1 (.zip) - Crash POC

ZIPBOX media (album.php) SQL Injection Vulnerability

ZipItFast PRO v3.0 Heap Overflow Exploit

ZKTeco ZKAccess Professional 3.5.3 - Insecure File Permissions Privilege Escalation

ZKTeco ZKAccess Security System 5.3.1 - Persistent Cross-Site Scripting

ZKTeco ZKBioSecurity 3.0 - (Add Superadmin) Cross-Site Request Forgery

ZKTeco ZKBioSecurity 3.0 - (visLogin.jsp) Local Authorization Bypass

ZKTeco ZKBioSecurity 3.0 - Directory Traversal

ZKTeco ZKBioSecurity 3.0 - Hardcoded Credentials Remote SYSTEM Code Execution

ZKTeco ZKTime.Net 3.0.1.6 - Insecure File Permissions Privilege Escalation

ZOC Terminal Emulator 7 - (Quick Connection) Crash PoC

Zone Rouge CMS 2012 - SQL Injection Vulnerability

ZoneMinder Video Server packageControl Command Execution

Zoner Photo Studio v15 Build 3 (Zps.exe) Registry Value Parsing Exploit

Zoom Telephonics ADSL Modem/Router - Multiple Vulnerabilities

Zope Management Interface 4.3.7 - CSRF Vulnerabilities

Zortam Mp3 Media Studio 20.15 - SEH Overflow DoS

Zortam Mp3 Media Studio 21.15 - Insecure File Permissions Privilege Escalation

ZPanel <= 10.0.1 CSRF, XSS, SQLi, Password Reset

ZPanel 10.0.0.2 htpasswd Module Username Command Execution

Zpanel Remote Unauthenticated RCE

ZSNES 1.51 - Buffer Overflow

ZTE AC 3633R USB Modem Multiple Vulnerabilities

ZTE ADSL ZXV10 W300 Modems - Multiple Vulnerabilities

ZTE and TP-Link RomPager - DoS Exploit

ZTE Modem ZXDSL 531BIIV7.3.0f_D09_IN - Stored XSS Vulnerability

ZTE PC UI USB Modem Software - Buffer Overflow

ZTE WXV10 W300 - Multiple Vulnerabilities

ZTE ZXDSL 831CII - Insecure Direct Object Reference

ZTE ZXDSL-931VII - Unauthenticated Configuration Dump

ZTE ZXHN H108N R1A, ZXV10 W300 Routers - Multiple Vulnerabilities

ZTE ZXV10 W300 Router - Hardcoded Credentials

ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Delete Vulnerability

Zurmo CRM - Persistent XSS Vulnerability

Z-Vote 1.1 Wordpress Plugin SQL Injection Vulnerability

ZYCOO IP Phone System - Remote Command Execution

Zyxel P-660HW-T1 v3 Wireless Router - CSRF Vulnerability

ZyXEL PMG5318-B20A - OS Command Injection Vulnerability

ZyXEL Prestig P-660HNU-T1 ISP Credentials Disclosure