Remote Exploits
Datum | A | V | Name/Beschreibung | Platform | Author | |
---|---|---|---|---|---|---|
11.03.2017 |
MobaXterm Personal Edition 9.4 - Directory Traversal
|
937 | Windows | Javier Perez | ||
07.03.2017 |
Azure Data Expert Ultimate 2.2.16 - Buffer Overflow
|
886 | Windows | Javier Perez | ||
04.03.2017 |
FTPShell Client 6.53 - Buffer Overflow
|
885 | Windows | Javier Perez | ||
28.02.2017 |
SysGauge 1.5.18 - Buffer Overflow
|
798 | Windows | Javier Perez | ||
27.02.2017 |
MVPower DVR TV-7104HE 1.8.4 115215B9 - Shell Unauthenticated Command Execution (Metasploit)
|
801 | ARM | |||
27.02.2017 |
WePresent WiPG-1500 - Backdoor Account
|
861 | Hardware | Quentin Olagne | ||
23.02.2017 |
macOS HelpViewer 10.12.1 - XSS Leads to Arbitrary File Execution and Arbitrary File Read
|
746 | macOS | |||
22.02.2017 |
Disk Savvy Enterprise 9.4.18 - Buffer Overflow (SEH)
|
872 | Windows | Javier Perez | ||
15.02.2017 |
OpenText Documentum D2 - Remote Code Execution
|
838 | Java | Andrey B. Panfilov | ||
14.02.2017 |
Piwik 2.14.0 / 2.16.0 / 2.17.1 / 3.0.1 - Superuser Plugin Upload (Metasploit)
|
817 | PHP | myst |
Denial of Service Exploits
Datum | A | V | Name/Beschreibung | Platform | Author | |
---|---|---|---|---|---|---|
09.03.2017 |
Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 - Denial of Service
|
869 | Hardware | Rootshell | ||
07.03.2017 |
Evostream Media Server 1.7.1 (x64) - Denial of Service
|
812 | Windows | Blake | ||
02.03.2017 |
Conext ComBox 865-1058 - Denial of Service
|
838 | Hardware | Mark Liapustin and Arik Kublanov | ||
28.02.2017 |
Synchronet BBS 3.16c - Denial of Service
|
829 | Windows | Blake | ||
28.02.2017 |
BlueIris 4.5.1.4 - Denial of Service
|
819 | Windows | Blake | ||
26.02.2017 |
Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free (PoC)
|
886 | Linux | Andrey Konovalov | ||
24.02.2017 |
Microsoft Edge and Internet Explorer - 'HandleColumnBreakOnColumnSpanningElement' Type Confusion
|
804 | Windows | Blake | ||
22.02.2017 |
EasyCom For PHP 4.0.0 - Denial of Service
|
872 | Windows | Blake | ||
22.02.2017 |
EasyCom For PHP 4.0.0 - Buffer Overflow (PoC)
|
2467 | Windows | Blake | ||
22.02.2017 |
Google Chrome - 'layout' Out-of-Bounds Read
|
879 | Multiple | st3n |
Exploit Shellcode
Datum | A | V | Name/Beschreibung | Platform | Author | |
---|---|---|---|---|---|---|
11.03.2017 |
Windows x86 - Hide Console Window Shellcode (182 bytes)
|
878 | Win_x86 | Albert Nubdy | ||
04.03.2017 |
Linux/x86-64 - Polymorphic NetCat Reverse Shell Shellcode (106 bytes)
|
797 | Lin_x86-64 | ROTShB | ||
04.03.2017 |
Linux/x86-64 - NetCat Reverse Shell Shellcode (72 bytes)
|
859 | Lin_x86-64 | ROTShB | ||
03.03.2017 |
Linux/x86-64 - Polymorphic Setuid(0) & Execve(/bin/sh) Shellcode (31 bytes)
|
780 | Lin_x86-64 | ROTShB | ||
03.03.2017 |
Linux/x86-64 - Polymorphic Flush IPTables Shellcode (47 bytes)
|
801 | Lin_x86-64 | ROTShB | ||
01.03.2017 |
Windows x86 - Reverse TCP Staged Alphanumeric Shellcode (332 Bytes)
|
809 | Win_x86 | Albert Nubdy | ||
28.02.2017 |
Linux/x86-64 - Reverse Shell Shellcode (84 bytes)
|
824 | Linux | Gregory Duchemin | ||
26.02.2017 |
Linux/x86-64 - Random Listener Shellcode (54 bytes)
|
816 | Lin_x86-64 | ROTShB | ||
26.02.2017 |
Windows x86 - Executable Directory Search Shellcode (130 bytes)
|
760 | Win_x86 | Albert Nubdy | ||
23.02.2017 |
Linux/x86-64 - Egghunter Shellcode (38 bytes)
|
783 | Linux | Gregory Duchemin |
Web Application Exploits
Datum | A | V | Name/Beschreibung | Platform | Author | |
---|---|---|---|---|---|---|
11.03.2017 |
Yacht Listing Script 2.0 - SQL Injection
|
811 | PHP | Gerardo Vazquez, Eduardo Arriols | ||
11.03.2017 |
Property Listing Script 3.1 - SQL Injection
|
797 | PHP | Gerardo Vazquez, Eduardo Arriols | ||
11.03.2017 |
Yellow Pages Script 3.2 - 'category_id' Parameter SQL Injection
|
828 | PHP | Gerardo Vazquez, Eduardo Arriols | ||
11.03.2017 |
Pet Listing Script 3.0 - SQL Injection
|
824 | PHP | Gerardo Vazquez, Eduardo Arriols | ||
11.03.2017 |
Domain Marketplace Script - SQL Injection
|
820 | PHP | Gerardo Vazquez, Eduardo Arriols | ||
11.03.2017 |
Vanelo - SQL Injection
|
838 | PHP | Gerardo Vazquez, Eduardo Arriols | ||
11.03.2017 |
Mirage - SQL Injection
|
610 | PHP | Gerardo Vazquez, Eduardo Arriols | ||
11.03.2017 |
Travel Tours Script 2.0 - SQL Injection
|
1020 | PHP | Gerardo Vazquez, Eduardo Arriols | ||
11.03.2017 |
PHP Forum Script 3.0 - SQL Injection
|
788 | PHP | Gerardo Vazquez, Eduardo Arriols | ||
11.03.2017 |
Global In - SQL Injection
|
862 | PHP | Gerardo Vazquez, Eduardo Arriols |
Local Exploits
Datum | A | V | Name/Beschreibung | Platform | Author | |
---|---|---|---|---|---|---|
07.03.2017 |
USBPcap - Privilege Escalation
|
855 | Windows | Ruben Garrote Garca | ||
06.03.2017 |
CyberGhost 6.0.4.2205 - Privilege Escalation
|
824 | Windows | Ruben Garrote Garca | ||
28.02.2017 |
Cisco AnyConnect Secure Mobility Client 4.3.04027 - Privilege Escalation
|
837 | Windows | Pcchillin | ||
26.02.2017 |
Linux Kernel 4.4.0 (Ubuntu) - DCCP Double-Free Privilege Escalation
|
825 | Linux | metasploit | ||
14.02.2017 |
ShadeYouVPN Client 2.0.1.11 - Privilege Escalation
|
698 | Windows | Ruben Garrote Garca | ||
14.02.2017 |
ntfs-3g - Unsanitized modprobe Environment Privilege Escalation
|
717 | Linux | metasploit | ||
12.02.2017 |
Cimetrics BACstac 6.2f - Privilege Escalation
|
792 | Windows | Ruben Garrote Garca | ||
12.02.2017 |
Cimetrics BACnet Explorer 4.0 - XML External Entity Injection
|
726 | Windows | Ruben Garrote Garca | ||
06.02.2017 |
IVPN Client 2.6.1 - Privilege Escalation
|
716 | Windows | Ruben Garrote Garca | ||
03.02.2017 |
ntfs-3g (Debian 9) - Privilege Escalation
|
777 | Linux | metasploit |
Security Papers and Articles
Datum | A | V | Name/Beschreibung | Platform | Author |
---|