multiple

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2019-05-21 Apple macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - AIR Optimization Incorrectly Removes Assignment to Register
  • dos
    		•  Google Security Research
    2019-05-21 Apple macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - Loop-Invariant Code Motion (LICM) in DFG JIT Leaves Stack Variable Uninitialized
  • dos
    		•  Google Security Research
    2019-05-21 Apple macOS < 10.14.5 / iOS < 12.3 DFG JIT Compiler - 'HasIndexedProperty' Use-After-Free
  • dos
    		•  Google Security Research
    2019-05-21 Deluge 1.3.15 – ‘URL’ Denial of Service (PoC)
  • dos
    		•  Victor Mondragón
    2019-05-21 Apple macOS < 10.14.5 / iOS < 12.3 XNU - 'in6_pcbdetach' Stale Pointer Use-After-Free
  • dos
    		•  Google Security Research
    2019-05-21 Apple macOS < 10.14.5 / iOS < 12.3 XNU - Wild-read due to bad cast in stf_ioctl
  • dos
    		•  Google Security Research
    2019-05-13 Google Chrome V8 – Turbofan JSCallReducer::ReduceArrayIndexOfIncludes Out-of-Bounds Read/Write
  • dos
    		•  Google Security Research
    2019-05-10 CyberArk Enterprise Password Vault 10.7 – XML External Entity Injection
  • webapps
    		•  Marcelo Toran
    2019-05-10 Cortex Unshortenlink Analyzer < 1.1 - Server-Side Request Forgery
  • webapps
    		•  Alexandre Basquin
    2019-05-08 Oracle Weblogic Server – ‘AsyncResponseService’ Deserialization Remote Code Execution (Metasploit)
  • remote
    		•  Metasploit
    2019-05-08 PostgreSQL 9.3 – COPY FROM PROGRAM Command Execution (Metasploit)
  • remote
    		•  Metasploit
    2019-05-07 Prinect Archive System 2015 Release 2.6 – Cross-Site Scripting
  • webapps
    		•  alt3kx
    2019-05-06 ReadyAPI 2.5.0 / 2.6.0 – Remote Code Execution
  • webapps
    		•  Gilson Camelo
    2019-05-03 Zotonic < 0.47.0 mod_admin - Cross-Site Scripting
  • webapps
    		•  Ramòn Janssen
    2019-04-30 Domoticz 4.10577 – Unauthenticated Remote Command Execution
  • webapps
    		•  Fabio Carretto
    2019-04-24 Google Chrome 72.0.3626.121 / 74.0.3725.0 – ‘NewFixedDoubleArray’ Integer Overflow
  • remote
    		•  Google Security Research
    2019-04-22 ManageEngine Applications Manager 14.0 – Authentication Bypass / Remote Command Execution (Metasploit)
  • remote
    		•  AkkuS
    2019-04-22 Google Chrome 73.0.3683.103 V8 JavaScript Engine – Out-of-Memory in Invalid Table Size Denial of Service (PoC)
  • dos
    		•  Bogdan Kurinnoy
    2019-04-19 Atlassian Confluence Widget Connector Macro – Velocity Template Injection (Metasploit)
  • remote
    		•  Metasploit
    2019-04-18 LibreOffice < 6.0.7 / 6.1.3 - Macro Code Execution (Metasploit)
  • local
    		•  Metasploit
    2019-04-18 Netwide Assembler (NASM) 2.14rc15 – NULL Pointer Dereference (PoC)
  • dos
    		•  Fakhri Zulkifli
    2019-04-17 Oracle Java Runtime Environment – Heap Corruption During TTF font Rendering in GlyphIterator::setCurrGlyphID
  • dos
    		•  Google Security Research
    2019-04-17 Oracle Java Runtime Environment – Heap Corruption During TTF font Rendering in sc_FindExtrema4
  • dos
    		•  Google Security Research
    2019-04-09 Apache Axis 1.4 – Remote Code Execution
  • remote
    		•  David Yesland