Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2017-05-01	HideMyAss Pro VPN Client for OS X 2.2.7.0 – Local Privilege Escalation	local	osx	Han Sahin
2017-05-01	Alerton Webtalk 2.5/3.3 – Multiple Vulnerabilities	webapps	linux	David Tomaschik
2017-04-30	Emby MediaServer 3.2.5 – Directory Traversal	webapps	multiple	LiquidWorm
2017-04-30	Emby MediaServer 3.2.5 – Password Reset	webapps	multiple	LiquidWorm
2017-04-30	Emby MediaServer 3.2.5 – SQL Injection	webapps	multiple	LiquidWorm
2017-04-29	IrfanView 4.44 – Denial of Service	dos	windows	Dreivan Orprecio
2017-04-29	Panda Free Antivirus – ‘PSKMAD.sys’ Denial of Service	dos	windows	Peter Baris
2017-04-28	Admidio 3.2.8 – Cross-Site Request Forgery	webapps	php	Faiz Ahmed Zaidi
2017-04-27	Microsoft Internet Explorer 11.576.14393.0 – ‘CStyleSheetArray::BuildListOfMatchedRules’ Memory Corruption	dos	windows	Google Security Research
2017-04-27	TYPO3 Extension News – SQL Injection	webapps	php	Charles Fol
2017-04-27	Easy File Uploader – Arbitrary File Upload	webapps	php	Daniel Godoy
2017-04-27	Simple File Uploader – Arbitrary File Download	webapps	php	Daniel Godoy
2017-04-27	Mercurial – Custom hg-ssh Wrapper Remote Code Exec (Metasploit)	remote	Python	Metasploit
2017-04-26	Revive Ad Server 4.0.1 – Cross-Site Scripting / Cross-Site Request Forgery	webapps	php	Cyril Vallicari
2017-04-25	WordPress Plugin Wow Viral Signups 2.1 – SQL Injection	webapps	php	TAD GROUP
2017-04-25	WordPress Plugin Car Rental System 2.5 – SQL Injection	webapps	php	TAD GROUP
2017-04-25	WordPress Plugin KittyCatfish 2.2 – SQL Injection	webapps	php	TAD GROUP
2017-04-25	October CMS 1.0.412 – Multiple Vulnerabilities	webapps	php	Anti Räis
2017-04-25	FlySpray 1.0-rc4 – Cross-Site Scripting / Cross-Site Request Forgery	webapps	php	Cyril Vallicari
2017-04-25	WePresent WiPG-1000 – Command Injection (Metasploit)	remote	hardware	Metasploit
2017-04-25	Dell Customer Connect 1.3.28.0 – Local Privilege Escalation	local	windows	Kacper Szurek
2017-04-25	Microsoft Office Word – ‘.RTF’ Malicious HTA Execution (Metasploit)	remote	windows	Metasploit
2017-04-25	PrivateTunnel Client 2.8 – Local Buffer Overflow (SEH)	dos	windows	Muhann4d
2017-04-25	Realtek Audio Driver 6.0.1.7898 (Windows 10) – Dolby Audio X2 Service Privilege Escalation	local	windows	Google Security Research
2017-04-25	Oracle VirtualBox Guest Additions 5.1.18 – Unprivileged Windows User-Mode Guest Code Double-Free	dos	multiple	Google Security Research
2017-04-25	Apple Safari – Array concat Memory Corruption	dos	multiple	Google Security Research
2017-04-25	Microsoft Windows 2003 SP2 – ‘ERRATICGOPHER’ SMB Remote Code Execution	remote	windows	vportal
2017-04-25	OpenText Documentum Content Server – dm_bp_transition.ebs docbase Method Arbitrary Code Execution	webapps	multiple	Andrey B. Panfilov
2017-04-25	HPE OpenCall Media Platform (OCMP) 4.3.2 – Cross-Site Scripting / Remote File Inclusion	webapps	multiple	Paolo Stagno
2017-04-25	Oracle E-Business Suite 12.2.3 – ‘IESFOOTPRINT’ SQL Injection	webapps	jsp	ERPScan
2017-04-25	Oracle PeopleSoft – ‘PeopleSoftServiceListeningConnector’ XML External Entity via DOCTYPE	webapps	xml	ERPScan
2017-04-25	LightDM (Ubuntu 16.04/16.10) – ‘Guest Account’ Local Privilege Escalation	local	linux	G. Geshev
2017-04-25	WordPress Plugin Wow Forms 2.1 – SQL Injection	webapps	php	TAD GROUP
2017-04-24	LogRhythm Network Monitor – Authentication Bypass / Command Injection	webapps	linux	Francesco Oddo
2017-04-24	Joomla! Component Myportfolio 3.0.2 – ‘pid’ SQL Injection	webapps	php	Persian Hack Team
2017-04-23	SquirrelMail < 1.4.22 - Remote Code Execution	remote	linux	Dawid Golunski
2017-04-20	Apple WebKit / Safari 10.0.2(12602.3.12.0.1) – ‘operationSpreadGeneric’ Universal Cross-Site Scripting	webapps	multiple	Google Security Research
2017-04-20	Apple WebKit / Safari 10.0.2(12602.3.12.0.1) – ‘PrototypeMap::createEmptyStructure’ Universal Cross-Site Scripting	webapps	multiple	Google Security Research
2017-04-20	Oracle VM VirtualBox 5.0.32 r112930 (x64) – Windows Process COM Injection Privilege Escalation	local	windows_x86-64	Google Security Research
2017-04-20	Oracle VM VirtualBox 5.1.14 r112924 – Unprivileged Host User to Host Kernel Privilege Escalation via ALSA config	local	linux	Google Security Research
2017-04-20	Oracle VM VirtualBox – ‘virtio-net’ Guest-to-Host Out-of-Bounds Write	dos	multiple	Google Security Research
2017-04-20	Oracle VM VirtualBox – Environment and ioctl Unprivileged Host User to Host Kernel Privilege Escalation	dos	multiple	Google Security Research
2017-04-20	Oracle VM VirtualBox – Guest-to-Host Privilege Escalation via Broken Length Handling in slirp Copy	local	multiple	Google Security Research
2017-04-20	Microsoft Windows – ManagementObject Arbitrary .NET Serialization Remote Code Execution	remote	windows	Google Security Research
2017-04-20	Microsoft Windows 10 – Runtime Broker ClipboardBroker Privilege Escalation	local	windows	Google Security Research
2017-04-20	Microsoft Windows 10 (Build 10586) – ‘IEETWCollector’ Arbitrary Directory/File Deletion Privilege Escalation	local	windows	Google Security Research
2017-04-19	Dmitry 1.3a – Local Buffer Overflow (PoC)	dos	linux	FarazPajohan
2017-04-19	Huawei HG532n – Command Injection (Metasploit)	remote	hardware	Metasploit
2017-04-18	Microsoft Word – ‘.RTF’ Remote Code Execution	remote	windows	Bhadresh Patel
2017-04-18	pinfo 0.6.9 – Local Buffer Overflow (PoC)	dos	linux	Nassim Asrir