Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2018-01-15	ImgHosting 1.5 – Cross-Site Scripting	webapps	php	Dennis Veninga
2018-01-12	PyroBatchFTP < 3.19 - Buffer Overflow	dos	windows	Manuel García Cárdenas
2018-01-12	Kentico CMS 11.0 – Buffer Overflow	dos	windows	Vulnerability-Lab
2018-01-12	Taxi Booking Script 1.0 – Cross-site Scripting	webapps	php	Tauco
2018-01-12	Xnami 1.0 – Cross-Site Scripting	webapps	php	Dennis Veninga
2018-01-11	Transmission – RPC DNS Rebinding	remote	multiple	Google Security Research
2018-01-11	Seagate Personal Cloud – Multiple Vulnerabilities	remote	hardware	SecuriTeam
2018-01-11	ALLMediaServer 0.95 – Remote Buffer Overflow	remote	windows	Mario Kartone Ciccarelli
2018-01-11	Microsoft Edge Chakra – ‘AppendLeftOverItemsFromEndSegment’ Out-of-Bounds Read	dos	windows	Google Security Research
2018-01-11	macOS – ‘process_policy’ Stack Leak Through Uninitialized Field	dos	macos	Google Security Research
2018-01-11	phpCollab 2.5.1 – File Upload (Metasploit)	remote	php	Metasploit
2018-01-11	LabF nfsAxe 3.7 FTP Client – Stack Buffer Overflow (Metasploit)	remote	windows	Metasploit
2018-01-11	Microsoft Windows SMB Server (v1/v2) – Mount Point Arbitrary Device Open Privilege Escalation	dos	windows	Google Security Research
2018-01-11	Microsoft Windows – NtImpersonateAnonymousToken LPAC to Non-LPAC Privilege Escalation	dos	windows	Google Security Research
2018-01-11	Microsoft Windows – NtImpersonateAnonymousToken AC to Non-AC Privilege Escalation	dos	windows	Google Security Research
2018-01-11	Microsoft Windows – NTFS Owner/Mandatory Label Privilege Bypass	dos	windows	Google Security Research
2018-01-11	Android – Hardware Service Manager Arbitrary Service Replacement due to getpidcon	dos	android	Google Security Research
2018-01-10	Muviko 1.1 – SQL Injection	webapps	php	Ahmad Mahfouz
2018-01-10	Parity Browser < 1.6.10 - Bypass Same Origin Policy	local	multiple	tintinweb
2018-01-10	WordPress Plugin Service Finder Booking < 3.2 - Local File Disclosure	webapps	php	telahdihapus
2018-01-10	D-Link Routers 110/412/615/815 < 1.03 - 'service.cgi' Arbitrary Code Execution	webapps	hardware	Cr0n1c
2018-01-10	Synology Photostation 6.7.2-3429 – Remote Code Execution (Metasploit)	webapps	php	James Bercegay
2018-01-10	SAP NetWeaver J2EE Engine 7.40 – SQL Injection	webapps	multiple	Vahagn Vardanyan
2018-01-10	Jungo Windriver 12.5.1 – Local Privilege Escalation	local	windows	Fidus InfoSecurity
2018-01-10	HPE iMC – dbman ‘RestartDB’ Remote Command Execution (Metasploit)	remote	windows	Metasploit
2018-01-10	HPE iMC – dbman ‘RestoreDBase’ Remote Command Execution (Metasploit)	remote	windows	Metasploit
2018-01-10	Microsoft Edge Chakra JIT – ‘Lowerer::LowerSetConcatStrMultiItem’ Missing Integer Overflow Check	dos	windows	Google Security Research
2018-01-10	Multiple CPUs – Information Leak Using Speculative Execution	dos	hardware	Google Security Research
2018-01-10	Joomla! Component Easydiscuss < 4.0.21 - Cross-Site Scripting	webapps	php	Mattia Furlani
2018-01-10	WordPress Plugin WordPress Download Manager 2.9.60 – Cross-Site Request Forgery	webapps	php	Panagiotis Vagenas
2018-01-10	WordPress Plugin Admin Menu Tree Page View 2.6.9 – Cross-Site Request Forgery / Privilege Escalation	webapps	php	Panagiotis Vagenas
2018-01-10	WordPress Plugin CMS Tree Page View 1.4 – Cross-Site Request Forgery / Privilege Escalation	webapps	php	Panagiotis Vagenas
2018-01-10	WordPress Plugin Social Media Widget by Acurax 3.2.5 – Cross-Site Request Forgery	webapps	php	Panagiotis Vagenas
2018-01-10	WordPress Plugin Events Calendar – ‘event_id’ SQL Injection	webapps	php	Dennis Veninga
2018-01-10	DiskBoss Enterprise 8.8.16 – Remote Buffer Overflow	remote	windows	Arris Huijgen
2018-01-09	Microsoft Office – ‘Composite Moniker Remote Code Execution	local	windows	Rich Warren
2018-01-09	Commvault Communications Service (cvd) – Command Injection (Metasploit)	remote	windows	Metasploit
2018-01-09	Microsoft Windows – ‘nt!NtQuerySystemInformation (information class 138, QueryMemoryTopologyInformation)’ Kernel Pool Memory Disclosure	dos	windows	Google Security Research
2018-01-09	Microsoft Windows – ‘nt!NtQueryInformationProcess (information class 76, QueryProcessEnergyValues)’ Kernel Stack Memory Disclosure	dos	windows	Google Security Research
2018-01-09	Microsoft Edge Chakra JIT – Escape Analysis Bug	dos	windows	Google Security Research
2018-01-09	Microsoft Edge Chakra – ‘asm.js’ Out-of-Bounds Read	dos	windows	Google Security Research
2018-01-09	Microsoft Edge Chakra JIT – BackwardPass::RemoveEmptyLoopAfterMemOp Does not Insert Branches	dos	windows	Google Security Research
2018-01-09	Microsoft Edge Chakra JIT – Op_MaxInAnArray and Op_MinInAnArray can Explicitly call User-Defined JavaScript Functions	dos	windows	Google Security Research
2018-01-08	Synology Photostation < 6.7.2-3429 - Multiple Vulnerabilities	webapps	php	GulfTech Security
2018-01-08	Photos in Wifi 1.0.1 – Path Traversal	webapps	ios	Vulnerability-Lab
2018-01-08	BarcodeWiz ActiveX Control < 6.7 - Buffer Overflow (PoC)	dos	windows	hyp3rlinx
2018-01-08	Synology DiskStation Manager (DSM) < 6.1.3-15152 - 'forget_passwd.cgi' User Enumeration	webapps	cgi	Steve Kaun
2018-01-08	DiskBoss Enterprise 8.5.12 – Denial of Service	dos	windows	Ahmad Mahfouz
2018-01-08	Sync Breeze Enterprise 10.1.16 – Denial of Service	dos	windows	Ahmad Mahfouz
2018-01-08	Disk Pulse Enterprise 10.1.18 – Denial of Service	dos	windows	Ahmad Mahfouz