Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2018-03-20	Internet Explorer – ‘RegExp.lastMatch’ Memory Disclosure	dos	windows	Google Security Research
2018-03-20	Microsoft Windows – Desktop Bridge VFS Privilege Escalation	local	windows_x86-64	Google Security Research
2018-03-20	Microsoft Windows – Desktop Bridge Virtual Registry NtLoadKey Arbitrary File Read/Write Privilege Escalation	local	windows	Google Security Research
2018-03-20	Intelbras Telefone IP TIP200 LITE – Local File Disclosure	webapps	hardware	anhax0r
2018-03-20	Microsoft Windows – Desktop Bridge Virtual Registry Arbitrary File Read/Write Privilege Escalation	local	windows	Google Security Research
2018-03-20	Vehicle Sales Management System – Multiple Vulnerabilities	webapps	php	Sing
2018-03-20	Kamailio 5.1.1 / 5.1.0 / 5.0.0 – Off-by-One Heap Overflow	dos	linux	EnableSecurity
2018-03-20	Cisco node-jos < 0.11.0 - Re-sign Tokens	webapps	multiple	zioBlack
2018-03-20	Google Software Updater macOS – Unsafe use of Distributed Objects Privilege Escalation	local	macos	Google Security Research
2018-03-20	Microsoft Windows Kernel – ‘NtQueryVirtualMemory(MemoryMappedFilenameInformation)’ 64-bit Pool Memory Disclosure	dos	windows_x86-64	Google Security Research
2018-03-20	Coship RT3052 Wireless Router – Persistent Cross-Site Scripting	webapps	hardware	Sayan Chatterjee
2018-03-16	Firefox 46.0.1 – ASM.JS JIT-Spray Remote Code Execution	remote	windows	Rh0
2018-03-16	Firefox 44.0.2 – ASM.JS JIT-Spray Remote Code Execution	remote	windows	Rh0
2018-03-16	Contec Smart Home 4.15 – Unauthorized Password Reset	webapps	hardware	Z3ro0ne
2018-03-16	Linux Kernel < 4.4.0-116 (Ubuntu 16.04.4) - Local Privilege Escalation	local	linux	Bruce Leidl
2018-03-16	Unitrends UEB 10.0 – Root Remote Code Execution	remote	linux	Jared Arave
2018-03-15	Microsoft Windows Kernel (7 x86) – Local Privilege Escalation (MS17-017)	local	windows_x86	xiaodaozhi
2018-03-15	WordPress Plugin Duplicator 1.2.32 – Cross-Site Scripting	webapps	php	Stefan Broeder
2018-03-15	Android DRM Services – Buffer Overflow	dos	android	Tamir Zahavi-Brunner
2018-03-15	Spring Data REST < 2.6.9 (Ingalls SR9) / 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution	webapps	java	Antonio Francesco Sardella
2018-03-15	MikroTik RouterOS < 6.41.3/6.42rc27 - SMB Buffer Overflow	remote	hardware	CoreLabs
2018-03-14	SAP NetWeaver AS JAVA CRM – Log injection Remote Command Execution	remote	windows	erp scan team
2018-03-13	SecurEnvoy SecurMail 9.1.501 – Multiple Vulnerabilities	webapps	aspx	SEC Consult
2018-03-13	Tuleap 9.17.99.189 – Blind SQL Injection	webapps	php	Cristiano Maruti
2018-03-12	DEWESoft X3 SP1 (x64) – Remote Command Execution	remote	windows_x86-64	hyp3rlinx
2018-03-12	ManageEngine Applications Manager 13.5 – Remote Code Execution (Metasploit)	webapps	java	Mehmet Ince
2018-03-12	Allok QuickTime to AVI MPEG DVD Converter 3.6.1217 – Buffer Overflow	dos	windows	Mohan Ravichandran
2018-03-12	Advantech WebAccess < 8.3 - Directory Traversal / Remote Code Execution	webapps	windows	Chris Lyne
2018-03-12	Eclipse Equinoxe OSGi Console – Command Execution (Metasploit)	remote	multiple	Metasploit
2018-03-12	ACL Analytics 11.X – 13.0.0.579 – Arbitrary Code Execution	webapps	windows	Clutchisback1
2018-03-12	MikroTik RouterOS < 6.38.4 (MIPSBE) - 'Chimay Red' Stack Clash Remote Code Execution	remote	hardware	Lorenzo Santina
2018-03-12	SC 7.16 – Stack-Based Buffer Overflow	local	linux	Juan Sacco
2018-03-12	MikroTik RouterOS < 6.38.4 (x86) - 'Chimay Red' Stack Clash Remote Code Execution	remote	hardware	Lorenzo Santina
2018-03-12	Prisma Industriale Checkweigher PrismaWEB 1.21 – Hard-Coded Credentials	webapps	multiple	LiquidWorm
2018-03-12	TextPattern 4.6.2 – ‘qty’ SQL Injection	webapps	php	Manuel García Cárdenas
2018-03-10	Sony Playstation 4 (PS4) 4.55 < 5.50 - WebKit Code Execution (PoC)	local	hardware	qwertyoruiop
2018-03-09	WebLog Expert Enterprise 9.4 – Authentication Bypass	local	windows	hyp3rlinx
2018-03-09	WebLog Expert Enterprise 9.4 – Denial of Service	dos	windows	hyp3rlinx
2018-03-09	Bacula-Web < 8.0.0-rc2 - SQL Injection	webapps	php	Gustavo Sorondo
2018-03-08	Memcached 1.5.5 – ‘Memcrashed ‘ Insufficient Control of Network Message Volume Denial of Service With Shodan API	dos	linux	649
2018-03-07	Redaxo CMS Addon MyEvents 2.2.1 – SQL Injection	webapps	php	h0n1gsp3cht
2018-03-07	antMan 0.9.0c – Authentication Bypass	webapps	java	Joshua Bowser
2018-03-06	Chrome V8 JIT – JSBuiltinReducer::ReduceObjectCreate Fails to Ensure that the Prototype is “null”	dos	multiple	Google Security Research
2018-03-06	Chrome V8 JIT – Empty BytecodeJumpTable Out-of-Bounds Read	dos	multiple	Google Security Research
2018-03-06	Bravo Tejari Web Portal – Cross-Site Request Forgery	webapps	multiple	Arvind V
2018-03-06	Softros Network Time System Server 2.3.4 – Denial of Service	dos	windows	hyp3rlinx
2018-03-06	Chrome V8 JIT – ‘GetSpecializationContext’ Type Confusion	dos	multiple	Google Security Research
2018-03-06	Chrome V8 JIT – Simplified-lowererer IrOpcode::kStoreField, IrOpcode::kStoreElement Optimization Bug	dos	multiple	Google Security Research
2018-03-05	Memcached 1.5.5 – ‘Memcrashed’ Insufficient Control Network Message Volume Denial of Service (1)	dos	linux	anonymous
2018-03-05	ActivePDF Toolkit < 8.1.0.19023 - Multiple Memory Corruptions	dos	windows	François Goichon