Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2016-09-26	NetDrive 2.6.12 – Unquoted Service Path Privilege Escalation	local	windows	Tulpa
2016-09-23	Adobe Flash – Crash When Freeing Memory After AVC decoding	dos	multiple	Google Security Research
2016-09-23	Adobe Flash – Video Decompression Memory Corruption	dos	multiple	Google Security Research
2016-09-23	Linux SELinux – W+X Protection Bypass via AIO	dos	linux	Google Security Research
2016-09-23	Zortam Mp3 Media Studio 21.15 – Insecure File Permissions Privilege Escalation	local	windows	Tulpa
2016-09-23	Wise Care 365 4.27 / Wise Disk Cleaner 9.29 – Unquoted Service Path Privilege Escalation	local	windows	Tulpa
2016-09-22	Matrimonial Website Script 1.0.2 – SQL Injection	webapps	php	N4TuraL
2016-09-22	Metasploit Web UI – Diagnostic Console Command Execution (Metasploit)	remote	multiple	Metasploit
2016-09-22	Kerio Control Unified Threat Management 9.1.0 build 1087/9.1.1 build 1324 – Multiple Vulnerabilities	webapps	php	SEC Consult
2016-09-22	Joomla! Component com_videogallerylite 1.0.9 – SQL Injection	webapps	php	Larry W. Cashdollar
2016-09-22	Exponent CMS 2.3.9 – Blind SQL Injection	webapps	php	Manuel García Cárdenas
2016-09-22	JCraft/JSch Java Secure Channel 0.1.53 – Recursive sftp-get Directory Traversal	dos	windows	tintinweb
2016-09-22	AnyDesk 2.5.0 – Unquoted Service Path Privilege Escalation	local	windows	Tulpa
2016-09-22	Microsoft Windows Kerberos – Security Feature Bypass (MS16-101)	local	windows	Nabeel Ahmed
2016-09-22	Microix Timesheet Module – SQL Injection	webapps	aspx	Anthony Cole
2016-09-21	Kaltura 11.1.0-2 – Remote Code Execution (Metasploit)	remote	php	Mehmet Ince
2016-09-21	Microsoft Office PowerPoint 2010 – Invalid Pointer Reference	dos	windows	Google Security Research
2016-09-21	Symantec RAR Decomposer Engine (Multiple Products) – Out-of-Bounds Read / Out-of-Bounds Write	dos	multiple	Google Security Research
2016-09-20	Dolphin 7.3.0 – Error-Based SQL Injection	webapps	php	Kacper Szurek
2016-09-20	VegaDNS 0.13.2 – Remote Command Injection	webapps	php	Wireghoul
2016-09-19	ZineBasic 1.1 – Arbitrary File Disclosure	webapps	php	bd0rk
2016-09-19	SolarWinds Kiwi CatTools 3.11.0 – Unquoted Service Path Privilege Escalation	local	windows	Halil Dalabasmaz
2016-09-19	VMware Workstation – ‘vprintproxy.exe’ JPEG2000 Images Multiple Memory Corruptions	dos	windows	Google Security Research
2016-09-19	VMware Workstation – ‘vprintproxy.exe’ TrueType NAME Tables Heap Buffer Overflow (PoC)	dos	windows	Google Security Research
2016-09-19	MuM MapEdit 3.2.6.0 – Multiple Vulnerabilities	webapps	aspx	Paul Baade & Sven Krewitt
2016-09-19	MyBB 1.8.6 – SQL Injection	webapps	php	Curesec Research Team
2016-09-19	Kajona 4.7 – Cross-Site Scripting / Directory Traversal	webapps	php	Curesec Research Team
2016-09-19	Docker Daemon – Local Privilege Escalation (Metasploit)	local	linux	Metasploit
2016-09-19	ShoreTel Connect ONSITE – Blind SQL Injection	webapps	php	Iraklis Mathiopoulos
2016-09-19	SolarWinds Kiwi Syslog Server 9.5.1 – Unquoted Service Path Privilege Escalation	local	windows	Halil Dalabasmaz
2016-09-19	EKG Gadu 1.9~pre+r2855-3+b1 – Local Buffer Overflow	local	linux	Juan Sacco
2016-09-19	WordPress Plugin Order Export Import for WooCommerce – Order Information Disclosure	webapps	php	david-peltier
2016-09-19	BuilderEngine 3.5.0 – Arbitrary File Upload	webapps	php	metanubix
2016-09-19	PHP 5.0.0 – ‘tidy_parse_file()’ Local Buffer Overflow	local	windows	Yakir Wizman
2016-09-16	AnoBBS 1.0.1 – Remote File Inclusion	webapps	php	bd0rk
2016-09-16	Cisco ASA 9.2(3) – ‘EXTRABACON’ Authentication Bypass	remote	hardware	Sean Dillon
2016-09-16	Joomla! Component Portfolio Gallery 1.0.6 – SQL Injection	webapps	php	Larry W. Cashdollar
2016-09-16	Joomla! Component Catalog 1.0.7 – SQL Injection	webapps	php	Larry W. Cashdollar
2016-09-15	NetBSD – ‘mail.local(8)’ Local Privilege Escalation (Metasploit)	local	netbsd_x86	Metasploit
2016-09-15	Cisco EPC 3925 – Multiple Vulnerabilities	webapps	asp	Patryk Bogdan
2016-09-14	Apache Mina 2.0.13 – Remote Command Execution	remote	multiple	Gregory Draperi
2016-09-14	Google Android – getpidcon Usage binder Service Replacement Race Condition	dos	android	Google Security Research
2016-09-14	PrivateTunnel Client 2.7.0 (x64) – Local Credentials Disclosure	local	windows_x86-64	Yakir Wizman
2016-09-13	PIKATEL 96338WS, 96338L-2M-8M – DNS Change	webapps	cgi	Todor Donev
2016-09-13	Inteno EG101R1 VoIP Router – DNS Change	webapps	cgi	Todor Donev
2016-09-13	Exper EWM-01 ADSL/MODEM – DNS Change	webapps	cgi	Todor Donev
2016-09-13	Contrexx CMS egov Module 1.0.0 – SQL Injection	webapps	php	hamidreza borghei
2016-09-13	Zapya Desktop 1.803 – ‘ZapyaService.exe’ Local Privilege Escalation	local	windows	Arash Khazaei
2016-09-13	wdCalendar 2 – SQL Injection	webapps	php	Alfonso Castillo Angel
2016-09-13	Battle.Net 1.5.0.7963 – Insecure File Permissions Privilege Escalation	local	windows	Tulpa