Exploits

日期	标题	类型	平台	作者
2016-03-07	Wireshark – wtap_optionblock_free Use-After-Free	dos	multiple	Google Security Research
2016-03-07	Cerberus Helpdesk (Cerb5) 5 < 6.7 - Password Hash Disclosure	webapps	php	asdizzle_
2016-03-07	Microsoft Windows 7 (x64) – ‘afd.sys’ Dangling Pointer Privilege Escalation (MS14-040)	local	windows_x86-64	Rick Larabee
2016-03-07	ATutor LMS – ‘/install_modules.php’ Cross-Site Request Forgery / Remote Code Execution	webapps	php	mr_me
2016-03-05	PHPLib < 7.4 - SQL Injection	webapps	php	GulfTech Security
2016-03-03	DropBearSSHD 2015.71 – Command Injection	remote	linux	tintinweb
2016-03-03	AppLocker – Execution Prevention Bypass (Metasploit)	local	windows	Metasploit
2016-03-03	Schneider Electric SBO / AS – Multiple Vulnerabilities	remote	hardware	Karn Ganeshen
2016-03-03	WordPress Plugin Bulk Delete 5.5.3 – Privilege Escalation	webapps	php	Panagiotis Vagenas
2016-03-02	Secret Net 7 and Secret Net Studio 8 – Local Privilege Escalation	local	windows_x86-64	Cr4sh
2016-03-02	PictureTrails Photo Editor GE.exe 2.0.0 – ‘.bmp’ Crash (PoC)	dos	windows	redknight99
2016-03-02	FreeProxy Internet Suite 4.10 – Denial of Service	dos	windows	Guillaume Kaddouch
2016-03-02	Gallery 2 < 2.0.2 - Multiple Vulnerabilities	webapps	php	GulfTech Security
2016-03-02	Quick Tftp Server Pro 2.3 – Read Mode Denial of Service	dos	windows	Guillaume Kaddouch
2016-03-01	Netgear NMS300 ProSafe Network Management System – Arbitrary File Upload (Metasploit)	remote	windows	Metasploit
2016-03-01	ATutor 2.2.1 – SQL Injection / Remote Code Execution (Metasploit)	remote	php	Metasploit
2016-03-01	WordPress Plugin CP Polls 1.0.8 – Multiple Vulnerabilities	webapps	php	i0akiN SEC-LABORATORY
2016-03-01	Viscomsoft Calendar Active-X 2.0 – Multiple Crashes (PoC)	dos	windows	Shantanu Khandelwal
2016-03-01	Crouzet em4 soft 1.1.04 / M3 soft 3.1.2.0 – Insecure File Permissions	local	windows	LiquidWorm
2016-03-01	Crouzet em4 soft 1.1.04 – ‘.pm4’ Integer Division By Zero	dos	windows	LiquidWorm
2016-02-29	Comodo Anti-Virus – ‘SHFolder.dll’ Local Privilege Escalation	local	windows	Laughing_Mantis
2016-02-29	WordPress Plugin More Fields 2.1 – Cross-Site Request Forgery	webapps	php	Aatif Shahdad
2016-02-26	WordPress Plugin Ocim MP3 – SQL Injection	webapps	php	xevil & Blankon33
2016-02-26	Infor CRM 8.2.0.1136 – Multiple HTML Script Injection Vulnerabilities	webapps	ashx	LiquidWorm
2016-02-26	Microsoft Windows – ‘srv2.sys’ SMB Code Execution (Python) (MS09-050)	remote	windows	ohnozzy
2016-02-26	Microsoft Windows – ‘NetAPI32.dll’ Code Execution (Python) (MS08-067)	remote	windows	ohnozzy
2016-02-26	Joomla! Component com_poweradmin 2.3.0 – Multiple Vulnerabilities	webapps	php	RatioSec Research
2016-02-26	Linux Kernel – io_submit L2TP sendmsg Integer Overflow	dos	linux	Google Security Research
2016-02-26	Qualcomm Adreno GPU MSM Driver – perfcounter Query Heap Overflow	dos	android	Google Security Research
2016-02-26	Wireshark – print_hex_data_buffer / print_packet Use-After-Free	dos	multiple	Google Security Research
2016-02-26	GpicView 0.2.5 – Crash (PoC)	dos	linux	David Silveiro
2016-02-26	Centreon 2.5.3 – Remote Command Execution	webapps	php	Sysdream
2016-02-26	Zimbra 8.0.9 GA – Cross-Site Request Forgery	webapps	linux	Sysdream
2016-02-26	Proxmox VE 3/4 – Insecure Hostname Checking Remote Command Execution	remote	linux	Sysdream
2016-02-26	phpRPC < 0.7 - Remote Code Execution	webapps	php	GulfTech Security
2016-02-25	IBM Lotus Domino R8 – Password Hash Extraction	webapps	windows	Jonathan Broche
2016-02-24	Mambo < 4.5.3h - Multiple Vulnerabilities	webapps	php	GulfTech Security
2016-02-24	libxml2 – htmlCurrentChar Heap Buffer Overread	dos	linux	Google Security Research
2016-02-24	libxml2 – xmlParserPrintFileContextInternal Heap Buffer Overread	dos	linux	Google Security Research
2016-02-24	libxml2 – xmlParseEndTag2 Heap Buffer Overread	dos	linux	Google Security Research
2016-02-24	libxml2 – xmlDictAddString Heap Buffer Overread	dos	linux	Google Security Research
2016-02-24	Wireshark – vwr_read_s2_s3_W_rec Heap Buffer Overflow	dos	multiple	Google Security Research
2016-02-24	WordPress Plugin Extra User Details 0.4.2 – Privilege Escalation	webapps	php	Panagiotis Vagenas
2016-02-23	Ubiquiti Networks UniFi 3.2.10 – Cross-Site Request Forgery	webapps	json	Julien Ahrens
2016-02-23	libquicktime 1.2.4 – Integer Overflow	dos	multiple	Marco Romano
2016-02-23	Dell OpenManage Server Administrator 8.2 – (Authenticated) Directory Traversal	webapps	windows	hantwister
2016-02-22	BlackBerry Enterprise Service < 12.4 (BES12) Self-Service - Multiple Vulnerabilities	webapps	java	Security-Assessment.com
2016-02-22	Core FTP Server 1.2 – Local Buffer Overflow	local	windows	INSECT.B
2016-02-22	InstantCoder 1.0 iOS – Multiple Vulnerabilities	webapps	ios	Vulnerability-Lab
2016-02-22	Linux Kernel 3.x (Ubuntu 14.04 / Mint 17.3 / Fedora 22) – Double-free usb-midi SMEP Privilege Escalation	local	linux	Andrey Konovalov