Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24745Exploits

日期	标题	类型	平台	作者
2017-07-24	Linux Kernel – ‘BadIRET’ Local Privilege Escalation	local	linux	Ren Kimura
2017-07-24	ManageEngine Desktop Central 10 Build 100087 – Remote Code Execution (Metasploit)	webapps	java	Kacper Szurek
2017-07-24	Nitro Pro PDF – Multiple Vulnerabilities	local	windows	SecuriTeam
2017-07-24	MAWK 1.3.3-17 – Local Buffer Overflow	local	linux	Juan Sacco
2017-07-24	REDDOXX Appliance Build 2032 / 2.0.625 – Arbitrary File Disclosure	webapps	json	RedTeam Pentesting
2017-07-24	CenturyLink ZyXEL PK5001Z Router – Root Remote Code Execution	remote	hardware	oxagast
2017-07-24	REDDOXX Appliance Build 2032 / 2.0.625 – Remote Command Execution	webapps	json	RedTeam Pentesting
2017-07-24	Microsoft Internet Explorer – ‘mshtml.dll’ Remote Code Execution (MS17-007)	remote	windows_x86-64	redr2e
2017-07-24	VICIdial 2.9 RC 1 < 2.13 RC1 - 'user_authorization' Command Execution (Metasploit)	remote	unix	Metasploit
2017-07-24	vBulletin 5.1.2 < 5.1.9 - Unserialize Code Execution (Metasploit)	webapps	php	Metasploit
2017-07-24	IPFire < 2.19 Update Core 110 - Remote Code Execution (Metasploit)	remote	cgi	Metasploit
2017-07-24	Razer Synapse 2.20.15.1104 – rzpnk.sys ZwOpenProcess (Metasploit)	local	windows_x86-64	Metasploit
2017-07-24	WebKit – ‘WebCore::getCachedWrapper’ Use-After-Free	dos	multiple	Google Security Research
2017-07-24	WebKit – ‘WebCore::Node::getFlag’ Use-After-Free	dos	multiple	Google Security Research
2017-07-24	WebKit – ‘WebCore::RenderObject’ with Accessibility Enabled Use-After-Free	dos	multiple	Google Security Research
2017-07-24	WebKit – ‘WebCore::InputType::element’ Use-After-Free (1)	dos	multiple	Google Security Research
2017-07-24	WebKit – ‘WebCore::RenderSearchField::addSearchResult’ Heap Buffer Overflow	dos	multiple	Google Security Research
2017-07-24	WebKit – ‘WebCore::Node::nextSibling’ Use-After-Free	dos	multiple	Google Security Research
2017-07-24	WebKit – ‘WebCore::AccessibilityRenderObject::handleAriaExpandedChanged’ Use-After-Free	dos	multiple	Google Security Research
2017-07-21	NEC UNIVERGE UM4730 < 11.8 - SQL Injection	webapps	php	b0x41s
2017-07-20	Joomla! Component JoomRecipe 1.0.4 – ‘search_author’ SQL Injection	webapps	php	Teng
2017-07-20	Docker Daemon – Unprotected TCP Socket	local	linux	Martin Pizala
2017-07-20	VACRON VIG-US731VE 1.0.18-09-B727 IP Camera – Authentication Bypass	webapps	hardware	Viktoras
2017-07-20	WordPress Plugin IBPS Online Exam 1.0 – SQL Injection / Cross-Site Scripting	webapps	php	8bitsec
2017-07-20	Virtual Postage (VPA) – Man In The Middle Remote Code Execution	remote	android	intern0t
2017-07-20	SKILLS.com.au Industry App – Man In The Middle Remote Code Execution	remote	android	intern0t
2017-07-20	Tilde CMS 1.01 – Multiple Vulnerabilities	webapps	php	Raffaele Forte
2017-07-19	Microsoft Windows 7 SP1 (x86) – GDI Palette Objects Local Privilege Escalation (MS17-017)	local	windows_x86	Saif
2017-07-19	Citrix CloudBridge – ‘CAKEPHP’ Cookie Command Injection	webapps	cgi	xort
2017-07-19	Netscaler SD-WAN 9.1.2.26.561201 – Command Injection (Metasploit)	webapps	cgi	xort
2017-07-19	Sonicwall < 8.1.0.2-14sv - 'sitecustomization.cgi' Command Injection (Metasploit)	webapps	cgi	xort
2017-07-19	Sonicwall < 8.1.0.6-21sv - 'gencsr.cgi' Command Injection (Metasploit)	webapps	cgi	xort
2017-07-19	Sonicwall Secure Remote Access 8.1.0.2-14sv – Command Injection	webapps	cgi	xort
2017-07-19	Oracle E-Business Suite 12.x – Server-Side Request Forgery	webapps	jsp	Sarath Nair
2017-07-18	Hashicorp vagrant-vmware-fusion < 4.0.20 - Local Privilege Escalation	local	macos	Mark Wadham
2017-07-18	Barracuda Load Balancer Firmware < 6.0.1.006 - Remote Command Injection (Metasploit)	webapps	hardware	xort
2017-07-18	Sophos Web Appliance 4.3.0.2 – ‘trafficType’ Remote Command Injection (Metasploit)	webapps	json	xort
2017-07-18	Microsoft Windows Kernel – ‘IOCTL 0x120007 NsiGetParameter’ nsiproxy/netio Pool Memory Disclosure	dos	windows	Google Security Research
2017-07-18	Microsoft Internet Explorer 11.1066.14393.0 – VBScript Arithmetic Functions Type Confusion	dos	windows	Google Security Research
2017-07-18	Microsoft Internet Explorer 11.0.9600.18617 – ‘CMarkup::DestroySplayTree’ Memory Corruption	dos	windows	Google Security Research
2017-07-18	PEGA Platform <= 7.2 ML0 - Missing Access Control / Cross-Site Scripting	webapps	multiple	Daniel Correa
2017-07-17	Belkin F7D7601 NetCam – Multiple Vulnerabilities	remote	hardware	Wadeek
2017-07-16	Geneko Routers – Path Traversal	webapps	hardware	SecuriTeam
2017-07-16	Orangescrum 1.6.1 – Multiple Vulnerabilities	webapps	php	tomplixsee
2017-07-15	Apple Mac OS X + Safari – Local Javascript Quarantine Bypass	local	osx	Filippo Cavallarin
2017-07-14	FTPGetter 5.89.0.85 – Remote Buffer Overflow (SEH)	remote	windows	Paul Purcell
2017-07-14	Firefox 50.0.1 – ASM.JS JIT-Spray Remote Code Execution	remote	windows	Rh0
2017-07-14	WDTV Live SMP 2.03.20 – Remote Password Reset	webapps	hardware	Sw1tCh
2017-07-13	Dasan Networks GPON ONT WiFi Router H64X Series – Configuration Download	webapps	hardware	LiquidWorm
2017-07-13	Dasan Networks GPON ONT WiFi Router H64X Series – Privilege Escalation	webapps	hardware	LiquidWorm