|
2018-01-26
|
|
BMC BladeLogic 8.3.00.64 - Remote Command Execution
|
4 |
REMOTE
|
Paul Taylor
|
|
2018-01-25
|
|
Exodus Wallet (ElectronJS Framework) - Remote Code Execution
|
3 |
REMOTE
|
Wflki
|
|
2018-01-22
|
|
AsusWRT Router < 3.0.0.4.380.7743 - LAN Remote Code Execution
|
5 |
REMOTE
|
Pedro Ribeiro
|
|
2018-01-24
|
|
GoAhead Web Server 2.5 < 3.6.5 - HTTPd 'LD_PRELOAD' Arbitrary Module Load (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2018-01-24
|
|
Kaltura - Remote PHP Code Execution over Cookie (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2018-01-24
|
|
RAVPower 2.000.056 - Root Remote Code Execution
|
4 |
REMOTE
|
Daniele Linguaglossa & Stefano Farletti
|
|
2018-01-17
|
|
Master IP CAM 01 - Multiple Vulnerabilities
|
6 |
REMOTE
|
Raffaele Sabato
|
|
2018-01-11
|
|
Transmission - RPC DNS Rebinding
|
4 |
REMOTE
|
Google Security Research
|
|
2018-01-11
|
|
Seagate Personal Cloud - Multiple Vulnerabilities
|
4 |
REMOTE
|
SecuriTeam
|
|
2018-01-15
|
|
Synology Photo Station 6.8.2-3461 - 'SYNOPHOTO_Flickr_MultiUpload' Race Condition File Write Remote
|
5 |
REMOTE
|
mr_me
|
|
2018-01-15
|
|
Disk Pulse Enterprise 10.1.18 - Remote Buffer Overflow
|
5 |
REMOTE
|
Ahmad Mahfouz
|
|
2018-01-15
|
|
SysGauge Server 3.6.18 - Remote Buffer Overflow
|
5 |
REMOTE
|
Ahmad Mahfouz
|
|
2018-01-11
|
|
ALLMediaServer 0.95 - Remote Buffer Overflow
|
5 |
REMOTE
|
Mario Kartone Ciccarelli
|
|
2018-01-11
|
|
phpCollab 2.5.1 - File Upload (Metasploit)
|
6 |
REMOTE
|
Metasploit
|
|
2018-01-11
|
|
LabF nfsAxe 3.7 FTP Client - Stack Buffer Overflow (Metasploit)
|
6 |
REMOTE
|
Metasploit
|
|
2018-01-10
|
|
HPE iMC - dbman 'RestartDB' Remote Command Execution (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2018-01-10
|
|
HPE iMC - dbman 'RestoreDBase' Remote Command Execution (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2018-01-10
|
|
DiskBoss Enterprise 8.8.16 - Remote Buffer Overflow
|
5 |
REMOTE
|
Arris Huijgen
|
|
2018-01-09
|
|
Commvault Communications Service (cvd) - Command Injection (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2018-01-03
|
|
Oracle WebLogic < 10.3.6 - 'wls-wsat' Component Deserialisation Remote Command Execution
|
5 |
REMOTE
|
Kevin Kirsche
|
|
2018-01-05
|
|
Cisco IOS - Remote Code Execution
|
6 |
REMOTE
|
Artem Kondratenko
|
|
2018-01-05
|
|
Ayukov NFTP FTP Client 2.0 - Remote Buffer Overflow (Metasploit)
|
6 |
REMOTE
|
Metasploit
|
|
2018-01-03
|
|
WDMyCloud < 2.30.165 - Multiple Vulnerabilities
|
5 |
REMOTE
|
GulfTech Security
|
|
2018-01-03
|
|
D-Link DNS-320 ShareCenter < 1.06 - Backdoor Access
|
6 |
REMOTE
|
GulfTech Security
|
|
2018-01-04
|
|
Xplico - Remote Code Execution (Metasploit)
|
6 |
REMOTE
|
Mehmet Ince
|
|
2018-01-04
|
|
Linksys WVBR0-25 - User-Agent Command Execution (Metasploit)
|
7 |
REMOTE
|
Metasploit
|
|
2017-12-23
|
|
Iopsys Router - 'dhcp' Remote Code Execution
|
7 |
REMOTE
|
neonsea
|
|
2018-01-01
|
|
Cambium ePMP1000 - 'get_chart' Shell via Command Injection (Metasploit)
|
6 |
REMOTE
|
Metasploit
|
|
2018-01-01
|
|
Cambium ePMP1000 - 'ping' Shell via Command Injection (Metasploit)
|
6 |
REMOTE
|
Metasploit
|
|
2018-01-01
|
|
HP Mercury LoadRunner Agent magentproc.exe - Remote Command Execution (Metasploit)
|
6 |
REMOTE
|
Metasploit
|
|
2017-12-29
|
|
NetTransport 2.96L - Remote Buffer Overflow (DEP Bypass)
|
8 |
REMOTE
|
Aloyce J. Makalanga
|
|
2017-12-28
|
|
ALLMediaServer 0.95 - Remote Buffer Overflow (Metasploit)
|
5 |
REMOTE
|
Anurag Srivastava
|
|
2017-12-26
|
|
Oracle WebLogic Server 10.3.6.0.0 / 12.x - Remote Command Execution
|
6 |
REMOTE
|
1337g
|
|
2017-12-19
|
|
Trend Micro Smart Protection Server - Session Hijacking / Log File Disclosure / Remote Command Execu
|
5 |
REMOTE
|
CoreLabs
|
|
2016-12-15
|
|
Netcore / Netis Routers - UDP Backdoor Access
|
4 |
REMOTE
|
nixawk
|
|
2016-01-09
|
|
Fortinet FortiGate 4.x < 5.0.7 - SSH Backdoor Access
|
6 |
REMOTE
|
operator8203
|
|
2017-05-10
|
|
Intel Active Management Technology - System Privileges
|
5 |
REMOTE
|
nixawk
|
|
2017-05-05
|
|
Technicolor DPC3928SL - SNMP Authentication Bypass
|
5 |
REMOTE
|
nixawk
|
|
2017-03-17
|
|
Cisco IOS 12.2 < 12.4 / 15.0 < 15.6 - Security Association Negotiation Request Device Memory
|
7 |
REMOTE
|
nixawk
|
|
2017-06-06
|
|
Apache Struts - REST Plugin With Dynamic Method Invocation Remote Code Execution
|
5 |
REMOTE
|
nixawk
|
|
2017-12-20
|
|
Samsung Internet Browser - SOP Bypass (Metasploit)
|
5 |
REMOTE
|
Dhiraj Mishra
|
|
2017-12-19
|
|
Jenkins - XStream Groovy classpath Deserialization (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2017-12-19
|
|
Tuleap 9.6 - Second-Order PHP Object Injection (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2017-12-19
|
|
Tuleap 9.6 - Second-Order PHP Object Injection (Metasploit)
|
6 |
REMOTE
|
Metasploit
|
|
2017-12-18
|
|
GoAhead Web Server 2.5 < 3.6.5 - HTTPd 'LD_PRELOAD' Remote Code Execution
|
5 |
REMOTE
|
Daniel Hodson
|
|
2017-12-18
|
|
Western Digital MyCloud - 'multi_uploadify' File Upload (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2017-12-18
|
|
Outlook for Android - Attachment Download Directory Traversal
|
5 |
REMOTE
|
Google Security Research
|
|
2017-12-14
|
|
Palo Alto Networks Firewalls - Root Remote Code Execution
|
5 |
REMOTE
|
Philip Pettersson
|
|
2017-12-14
|
|
pfSense 2.4.1 - Cross-Site Request Forgery Error Page Clickjacking (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2017-12-14
|
|
Dup Scout Enterprise - 'Login' Buffer Overflow (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2017-12-14
|
|
Microsoft Office - Dynamic Data Exchange 'DDE' Payload Delivery (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2017-12-08
|
|
LabF nfsAxe FTP Client 3.7 - Remote Buffer Overflow (DEP Bypass)
|
4 |
REMOTE
|
wetw0rk
|
|
2017-12-07
|
|
Claymore Dual ETH + DCR/SC/LBC/PASC GPU Miner - Stack Buffer Overflow / Path Traversal
|
4 |
REMOTE
|
tintinweb
|
|
2017-12-07
|
|
Polycom Shell HDX Series - Traceroute Command Execution (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2017-12-07
|
|
LaCie 5big Network 2.2.8 - Command Injection
|
5 |
REMOTE
|
Timo Sablowski
|
|
2017-12-05
|
|
VX Search 10.2.14 - 'command_name' Buffer Overflow
|
5 |
REMOTE
|
W01fier00t
|
|
2017-11-29
|
|
Dup Scout Enterprise 10.0.18 - 'Input Directory' Local Buffer Overflow (SEH)
|
5 |
REMOTE
|
Miguel Mendez Z
|
|
2017-11-29
|
|
HP iMC Plat 7.2 - Remote Code Execution (2)
|
6 |
REMOTE
|
Chris Lyne
|
|
2017-11-28
|
|
HP iMC Plat 7.2 - Remote Code Execution
|
6 |
REMOTE
|
Chris Lyne
|
|
2017-11-29
|
|
pfSense - (Authenticated) Group Member Remote Command Execution (Metasploit)
|
6 |
REMOTE
|
Metasploit
|
|
2017-11-20
|
|
Microsoft Office - OLE Remote Code Execution
|
6 |
REMOTE
|
embedi
|
|
2017-11-14
|
|
Dup Scout Enterprise 10.0.18 - 'Login' Remote Buffer Overflow
|
5 |
REMOTE
|
sickness
|
|
2017-11-14
|
|
D-Link DIR-850L - OS Command Execution (Metasploit)
|
6 |
REMOTE
|
Metasploit
|
|
2017-03-08
|
|
Wireless IP Camera (P2P) WIFICAM - Remote Code Execution
|
6 |
REMOTE
|
PierreKimSec
|
|
2017-11-13
|
|
Ulterius Server < 1.9.5.0 - Directory Traversal
|
4 |
REMOTE
|
Rick Osgood
|
|
2017-11-09
|
|
Mako Server 2.5 - OS Command Injection Remote Command Execution (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2017-10-17
|
|
Microsoft Internet Explorer 11 (Windows 7 x86) - 'mshtml.dll' Remote Code Execution (MS17-007)
|
5 |
REMOTE
|
mschenk
|
|
2017-11-05
|
|
Avaya IP Office (IPO) < 10.1 - 'SoftConsole' Remote Buffer Overflow (SEH)
|
4 |
REMOTE
|
hyp3rlinx
|
|
2017-11-04
|
|
Actiontec C1000A Modem - Backdoor Account
|
5 |
REMOTE
|
Joseph McDonagh
|
|
2017-11-03
|
|
tnftp - 'savefile' Arbitrary Command Execution (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2017-10-31
|
|
ZyXEL PK5001Z Modem - Backdoor Account
|
5 |
REMOTE
|
Matthew Sheimo
|
|
2017-10-28
|
|
MitraStar DSL-100HN-T1/GPT-2541GNAC - Privilege Escalation
|
6 |
REMOTE
|
j0lama
|
|
2016-04-03
|
|
DameWare Remote Controller < 12.0.0.520 - Remote Code Execution
|
5 |
REMOTE
|
Securifera
|
|
2017-10-25
|
|
Netgear DGN1000 1.1.00.48 - 'Setup.cgi' Remote Code Execution (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2017-10-23
|
|
Polycom - Command Shell Authorization Bypass (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2017-10-23
|
|
Unitrends UEB 9 - bpserverd Authentication Bypass Remote Command Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2017-10-23
|
|
Unitrends UEB 9 - http api/storage Remote Root (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2017-10-21
|
|
Ayukov NFTP FTP Client < 2.0 - Remote Buffer Overflow
|
6 |
REMOTE
|
Berk Cem Göksel
|
|
2017-10-17
|
|
Tomcat - Remote Code Execution via JSP Upload Bypass (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2017-10-17
|
|
Apple iOS 10.2 (14C92) - Remote Code Execution
|
5 |
REMOTE
|
Google Security Research
|
|
2017-10-13
|
|
Sync Breeze Enterprise 10.1.16 - Remote Buffer Overflow (SEH) (Metasploit)
|
5 |
REMOTE
|
wetw0rk
|
|
2017-10-09
|
|
VX Search Enterprise 10.1.12 - Remote Buffer Overflow
|
5 |
REMOTE
|
Revnic Vasile
|
|
2017-10-09
|
|
OrientDB 2.2.2 < 2.2.22 - Remote Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2017-10-09
|
|
Rancher Server - Docker Daemon Code Execution (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2017-08-08
|
|
Unitrends UEB 9.1 - Authentication Bypass / Remote Command Execution
|
5 |
REMOTE
|
Jared Arave
|
|
2017-08-08
|
|
Unitrends UEB 9.1 - 'Unitrends bpserverd' Remote Command Execution
|
4 |
REMOTE
|
Jared Arave
|
|
2017-09-21
|
|
ERS Data System 1.8.1 - Java Deserialization
|
4 |
REMOTE
|
West Shepherd
|
|
2017-10-02
|
|
UCOPIA Wireless Appliance < 5.1 (Captive Portal) - Root Remote Code Execution
|
6 |
REMOTE
|
agix
|
|
2017-10-02
|
|
Qmail SMTP - Bash Environment Variable Injection (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2017-09-30
|
|
Sync Breeze Enterprise 10.0.28 - Remote Buffer Overflow
|
5 |
REMOTE
|
Owais Mehtab
|
|
2017-09-28
|
|
Trend Micro OfficeScan 11.0/XG (12.0) - Man In The Middle Remote Code Execution
|
6 |
REMOTE
|
hyp3rlinx
|
|
2017-09-27
|
|
Cisco Prime Collaboration Provisioning < 12.1 - Authentication Bypass / Remote Code Execution
|
4 |
REMOTE
|
Adam Brown
|
|
2017-10-20
|
|
Sync Breeze Enterprise 10.1.16 - 'POST' Remote Buffer Overflow
|
5 |
REMOTE
|
mschenk
|
|
2017-09-27
|
|
LAquis SCADA 4.1.0.2385 - Directory Traversal (Metasploit)
|
2 |
REMOTE
|
James Fitts
|
|
2017-09-27
|
|
Oracle WebLogic Server 10.3.6.0 - Java Deserialization Remote Code Execution
|
4 |
REMOTE
|
SlidingWindow
|
|
2017-09-26
|
|
NodeJS Debugger - Command Injection (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2017-09-26
|
|
Tiny HTTPd 0.1.0 - Directory Traversal
|
5 |
REMOTE
|
Touhid M.Shaikh
|
|
2017-09-25
|
|
FLIR Thermal Camera F/FC/PT/D - SSH Backdoor Access
|
5 |
REMOTE
|
LiquidWorm
|
|
2017-09-25
|
|
Apple iOS 10.2 - Broadcom Out-of-Bounds Write when Handling 802.11k Neighbor Report Response
|
7 |
REMOTE
|
Google Security Research
|
|
2017-09-25
|
|
Oracle 9i XDB 9.2.0.1 - HTTP PASS Buffer Overflow
|
6 |
REMOTE
|
Charles Dardaman
|
|
2017-09-25
|
|
Supervisor 3.0a1 < 3.3.2 - XML-RPC (Authenticated) Remote Code Execution (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2017-09-25
|
|
Disk Pulse Enterprise 10.0.12 - GET Buffer Overflow (SEH)
|
6 |
REMOTE
|
sickness
|
|
2017-09-21
|
|
Disk Pulse Enterprise 9.9.16 - GET Buffer Overflow (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2017-09-19
|
|
HPE < 7.2 - Java Deserialization
|
5 |
REMOTE
|
Raphael Kuhn
|
|
2017-05-19
|
|
Tecnovision DLX Spot - SSH Backdoor Access
|
4 |
REMOTE
|
Simon Brannstrom
|
|
2017-09-13
|
|
Astaro Security Gateway 7 - Remote Code Execution
|
4 |
REMOTE
|
Jakub Palaczynski
|
|
2017-09-14
|
|
Cloudview NMS 2.00b - Writable Directory Traversal Execution (Metasploit)
|
4 |
REMOTE
|
James Fitts
|
|
2017-09-14
|
|
KingScada AlarmServer 3.1.2.13 - Remote Stack Buffer Overflow (Metasploit)
|
4 |
REMOTE
|
James Fitts
|
|
2017-09-14
|
|
haneWIN DNS Server 1.5.3 - Remote Buffer Overflow (Metasploit)
|
4 |
REMOTE
|
James Fitts
|
|
2010-10-19
|
|
Disk Pulse Server 2.2.34 - 'GetServerInfo' Remote Buffer Overflow (Metasploit)
|
5 |
REMOTE
|
James Fitts
|
|
2017-09-14
|
|
Lockstep Backup for Workgroups 4.0.3 - Remote Buffer Overflow (Metasploit)
|
6 |
REMOTE
|
James Fitts
|
|
2017-09-14
|
|
EMC AlphaStor Device Manager - Opcode 0x72 Buffer Overflow (Metasploit)
|
5 |
REMOTE
|
James Fitts
|
|
2017-09-14
|
|
EMC AlphaStor Library Manager < 4.0 build 910 - Opcode 0x4f Buffer Overflow (Metasploit)
|
5 |
REMOTE
|
James Fitts
|
|
2017-09-13
|
|
Microsoft Windows .NET Framework - Remote Code Execution
|
5 |
REMOTE
|
Voulnet
|
|
2017-09-13
|
|
Alienvault OSSIM av-centerd 4.7.0 - 'get_log_line' Command Injection (Metasploit)
|
4 |
REMOTE
|
James Fitts
|
|
2017-09-13
|
|
Alienvault OSSIM av-centerd - Util.pm sync_rserver Command Execution (Metasploit)
|
4 |
REMOTE
|
James Fitts
|
|
2017-09-13
|
|
Cloudview NMS < 2.00b - Arbitrary File Upload (Metasploit)
|
4 |
REMOTE
|
James Fitts
|
|
2017-09-13
|
|
Dameware Mini Remote Control 4.0 - Username Stack Buffer Overflow (Metasploit)
|
3 |
REMOTE
|
James Fitts
|
|
2017-09-13
|
|
EMC CMCNE 11.2.1 - FileUploadController Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
James Fitts
|
|
2017-09-13
|
|
EMC CMCNE Inmservlets.war FileUploadController 11.2.1 - Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
James Fitts
|
|
2017-09-13
|
|
Fatek Automation PLC WinProladder 3.11 Build 14701 - Stack Buffer Overflow (Metasploit)
|
4 |
REMOTE
|
James Fitts
|
|
2017-09-13
|
|
Infinite Automation Mango Automation - Command Injection (Metasploit)
|
4 |
REMOTE
|
James Fitts
|
|
2014-08-14
|
|
Alienvault Open Source SIEM (OSSIM) < 4.7.0 - 'get_license' Remote Command Execution (Metasploit)
|
4 |
REMOTE
|
James Fitts
|
|
2017-09-13
|
|
Motorola Netopia Netoctopus SDCS - Remote Stack Buffer Overflow (Metasploit)
|
4 |
REMOTE
|
James Fitts
|
|
2014-06-13
|
|
Alienvault Open Source SIEM (OSSIM) < 4.8.0 - 'get_file' Information Disclosure (Metasploit)
|
5 |
REMOTE
|
James Fitts
|
