multiple

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2020-02-10 iOS/macOS – Out-of-Bounds Timestamp Write in IOAccelCommandQueue2::processSegmentKernelCommand()
  • dos
    		•  Google Security Research
    2020-02-10 Forcepoint WebSecurity 8.5 – Reflective Cross-Site Scripting
  • webapps
    		•  Prasenjit Kanti Paul
    2020-02-07 Google Invisible RECAPTCHA 3 – Spoof Bypass
  • webapps
    		•  Matamorphosis
    2020-02-03 Cacti 1.2.8 – Unauthenticated Remote Code Execution
  • webapps
    		•  Askar
    2020-02-03 Cacti 1.2.8 – Authenticated Remote Code Execution
  • webapps
    		•  Askar
    2020-01-28 macOS/iOS ImageIO – Heap Corruption when Processing Malformed TIFF Image
  • dos
    		•  Google Security Research
    2020-01-22 KeePass 2.44 – Denial of Service (PoC)
  • dos
    		•  Mustafa Emre Gül
    2020-01-16 Citrix Application Delivery Controller (ADC) and Gateway 13.0 – Path Traversal
  • webapps
    		•  Dhiraj Mishra
    2020-01-16 Tautulli 2.1.9 – Denial of Service (Metasploit)
  • dos
    		•  Ismail Tasdelen
    2020-01-13 Citrix Application Delivery Controller and Gateway 10.5 – Remote Code Execution (Metasploit)
  • webapps
    		•  mekhalleh
    2020-01-11 Citrix Application Delivery Controller and Citrix Gateway – Remote Code Execution
  • webapps
    		•  TrustedSec
    2020-01-11 Citrix Application Delivery Controller and Citrix Gateway – Remote Code Execution (PoC)
  • webapps
    		•  Project Zero India
    2020-01-01 nostromo 1.9.6 – Remote Code Execution
  • remote
    		•  Kr0ff
    2019-12-12 ManageEngine Desktop Central – ‘FileStorage getChartImage’ Deserialization / Unauthenticated Remote Code Execution
  • webapps
    		•  mr_me
    2019-11-20 Pulse Secure VPN – Arbitrary Command Execution (Metasploit)
  • remote
    		•  Metasploit
    2019-11-20 FreeSWITCH – Event Socket Command Execution (Metasploit)
  • remote
    		•  Metasploit
    2019-11-20 FusionPBX – Operator Panel exec.php Command Execution (Metasploit)
  • remote
    		•  Metasploit
    2019-11-11 iMessage – Decoding NSSharedKeyDictionary can read ObjC Object at Attacker Controlled Address
  • dos
    		•  Google Security Research
    2019-11-05 WebKit – Universal XSS in JSObject::putInlineSlow and JSValue::putToPrimitive
  • dos
    		•  Google Security Research
    2019-11-05 JavaScriptCore – Type Confusion During Bailout when Reconstructing Arguments Objects
  • dos
    		•  Google Security Research
    2019-11-01 Nostromo – Directory Traversal Remote Command Execution (Metasploit)
  • remote
    		•  Metasploit
    2019-10-30 JavaScriptCore – GetterSetter Type Confusion During DFG Compilation
  • dos
    		•  Google Security Research
    2019-10-28 WebKit – Universal XSS in HTMLFrameElementBase::isURLAllowed
  • dos
    		•  Google Security Research
    2019-10-22 Total.js CMS 12 – Widget JavaScript Code Injection (Metasploit)
  • remote
    		•  Metasploit