Exploits - Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers - 体验盒子

共24443Exploits

日期	标题	类型	平台	作者
2019-07-10	Microsoft DirectWrite / AFDKO – Stack Corruption in OpenType Font Handling Due to Negative cubeStackDepth	dos	windows	Google Security Research
2019-07-10	Microsoft DirectWrite / AFDKO – Interpreter Stack Underflow in OpenType Font Handling Due to Missing CHKUFLOW	dos	windows	Google Security Research
2019-07-10	Microsoft DirectWrite / AFDKO – Stack Corruption in OpenType Font Handling Due to Negative nAxes	dos	windows	Google Security Research
2019-07-10	Microsoft DirectWrite / AFDKO – Heap-Based Buffer Overflow in OpenType Font Handling in readCharset	dos	windows	Google Security Research
2019-07-10	Microsoft DirectWrite / AFDKO – Stack-Based Buffer Overflow in do_set_weight_vector_cube for Large nAxes	dos	windows	Google Security Research
2019-07-10	Microsoft DirectWrite / AFDKO – Stack Corruption in OpenType Font Handling While Processing CFF Blend DICT Operator	dos	windows	Google Security Research
2019-07-10	Microsoft DirectWrite / AFDKO – Use of Uninitialized Memory While Freeing Resources in var_loadavar	dos	windows	Google Security Research
2019-07-10	Microsoft DirectWrite / AFDKO – Heap-Based Buffer Overflow in OpenType Font Handling in readStrings	dos	windows	Google Security Research
2019-07-10	FreeBSD 12.0 – ‘fd’ Local Privilege Escalation	local	freebsd	gr4yf0x
2019-07-10	Microsoft DirectWrite / AFDKO – Heap-Based Out-of-Bounds Read/Write in OpenType Font Handling Due to Unbounded iFD	dos	windows	Google Security Research
2019-07-10	Microsoft DirectWrite / AFDKO – Stack Corruption in OpenType Font Handling due to Out-of-Bounds cubeStackDepth	dos	windows	Google Security Research
2019-07-10	Microsoft DirectWrite / AFDKO – Heap-Based Buffer Overflow Due to Integer Overflow in readTTCDirectory	dos	windows	Google Security Research
2019-07-10	Mozilla Spidermonkey – Unboxed Objects Uninitialized Memory Access	dos	multiple	Google Security Research
2019-07-10	Microsoft Windows – Font Subsetting DLL Heap-Based Out-of-Bounds Read in MergeFonts	dos	windows	Google Security Research
2019-07-10	Microsoft DirectWrite / AFDKO – NULL Pointer Dereferences in OpenType Font Handling While Accessing Empty dynarrays	dos	windows	Google Security Research
2019-07-10	Siemens TIA Portal – Remote Command Execution	remote	hardware	Joseph Bingham
2019-07-10	Microsoft DirectWrite / AFDKO – Heap-Based Out-of-Bounds Read/Write in OpenType Font Handling Due to Empty ROS Strings	dos	windows	Google Security Research
2019-07-09	Firefox 67.0.4 – Denial of Service	dos	multiple	Tejas Ajay Naik
2019-07-08	Karenderia Multiple Restaurant System 5.3 – SQL Injection	webapps	php	Mehmet EMIROGLU
2019-07-08	WordPress Plugin Like Button 1.6.0 – Authentication Bypass	webapps	php	Benjamin Lim
2019-07-07	Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuckV2.c' Remote Buffer Overflow (2)	remote	unix	Brian Peters
2019-07-05	Karenderia Multiple Restaurant System 5.3 – Local File Inclusion	webapps	php	Mehmet EMIROGLU
2019-07-05	Microsoft Exchange 2003 – base64-MIME Remote Code Execution	remote	windows	Charles Truscott
2019-07-03	Apache Tomcat – CGIServlet enableCmdLineArguments Remote Code Execution (Metasploit)	remote	windows	Metasploit
2019-07-03	Serv-U FTP Server – prepareinstallation Privilege Escalation (Metasploit)	local	linux	Metasploit
2019-07-03	Symantec DLP 15.5 MP1 – Cross-Site Scripting	webapps	multiple	Chapman Schleiss
2019-07-02	Mac OS X TimeMachine – ‘tmdiagnose’ Command Injection Privilege Escalation (Metasploit)	local	macos	Metasploit
2019-07-02	Centreon 19.04 – Remote Code Execution	webapps	php	Askar
2019-07-01	Varient 1.6.1 – SQL Injection	webapps	multiple	Mehmet EMIROGLU
2019-07-01	WorkSuite PRM 2.4 – ‘password’ SQL Injection	webapps	php	Mehmet EMIROGLU
2019-07-01	FaceSentry Access Control System 6.4.8 – Remote SSH Root	remote	hardware	LiquidWorm
2019-07-01	CiuisCRM 1.6 – ‘eventType’ SQL Injection	webapps	php	Mehmet EMIROGLU
2019-07-01	ZoneMinder 1.32.3 – Cross-Site Scripting	webapps	php	Joey Lane
2019-07-01	CyberPanel 1.8.4 – Cross-Site Request Forgery	webapps	multiple	Bilgi Birikim Sistemleri
2019-07-01	Sahi pro 8.x – Directory Traversal	webapps	multiple	Operat0r
2019-07-01	FaceSentry Access Control System 6.4.8 – Remote Root Exploit	webapps	hardware	LiquidWorm
2019-07-01	SAP Crystal Reports – Information Disclosure	webapps	multiple	Mohamed M.Fouad
2019-07-01	Linux Mint 18.3-19.1 – ‘yelp’ Command Injection (Metasploit)	remote	linux	b1ack0wl
2019-07-01	FaceSentry Access Control System 6.4.8 – Cross-Site Request Forgery	webapps	hardware	LiquidWorm
2019-07-01	FaceSentry Access Control System 6.4.8 – Remote Command Injection	webapps	hardware	LiquidWorm
2019-07-01	PowerPanel Business Edition – Cross-Site Scripting	webapps	linux	Joey Lane
2019-06-28	LibreNMS 1.46 – ‘addhost’ Remote Code Execution	webapps	php	Askar
2019-06-26	Nagios XI 5.5.6 – Magpie_debug.php Root Remote Code Execution (Metasploit)	remote	linux	Metasploit
2019-06-26	Mozilla Spidermonkey – IonMonkey ‘Array.prototype.pop’ Type Confusion	dos	multiple	Google Security Research
2019-06-25	SAPIDO RB-1732 – Remote Command Execution	remote	hardware	k1nm3n.aotoi
2019-06-25	WordPress Plugin Live Chat Unlimited 2.8.3 – Cross-Site Scripting	webapps	php	m0ze
2019-06-25	WordPress Plugin iLive 1.0.4 – Cross-Site Scripting	webapps	php	m0ze
2019-06-25	BlogEngine.NET 3.3.6/3.3.7 – ‘path’ Directory Traversal	webapps	aspx	Aaron Bishop
2019-06-25	AZADMIN CMS 1.0 – SQL Injection	webapps	php	felipe andrian
2019-06-25	Fortinet FCM-MB40 – Cross-Site Request Forgery / Remote Command Execution	webapps	hardware	XORcat