|
2024-02-26
|
|
Wyrestorm Apollo VX20 < 1.3.58 - Account Enumeration
|
14 |
REMOTE
|
hyp3rlinx
|
|
2024-02-26
|
|
FAQ Management System v1.0 - 'faq' SQL Injection
|
8 |
REMOTE
|
SoSPiro
|
|
2024-02-26
|
|
Flashcard Quiz App v1.0 - 'card' SQL Injection
|
8 |
REMOTE
|
SoSPiro
|
|
2024-02-26
|
|
Simple Inventory Management System v1.0 - 'email' SQL Injection
|
7 |
REMOTE
|
SoSPiro
|
|
2024-02-09
|
|
Zyxel zysh - Format string
|
13 |
REMOTE
|
Marco Ivaldi
|
|
2024-02-05
|
|
Milesight Routers UR5X_ UR32L_ UR32_ UR35_ UR41 - Credential Leakage Through Unprotected System Logs
|
9 |
REMOTE
|
Bipin Jitiya
|
|
2024-02-02
|
|
PCMan FTP Server 2.0 - 'pwd' Remote Buffer Overflow
|
6 |
REMOTE
|
Waqas Ahmed Faroouqi
|
|
2024-02-02
|
|
WebCatalog 48.4 - Arbitrary Protocol Execution
|
5 |
REMOTE
|
ItsSixtyN3in
|
|
2024-01-31
|
|
RoyalTSX 6.0.1 - RTSZ File Handling Heap Memory Corruption PoC
|
7 |
REMOTE
|
LiquidWorm
|
|
2024-01-31
|
|
Proxmox VE - TOTP Brute Force
|
8 |
REMOTE
|
Cory Cline_ Gabe Rust
|
|
2024-01-29
|
|
Ricoh Printer - Directory and File Exposure
|
10 |
REMOTE
|
Thomas Heverin
|
|
2024-01-29
|
|
Blood Bank & Donor Management System using v2.2 - Stored XSS
|
6 |
REMOTE
|
SoSPiro
|
|
2024-01-29
|
|
Equipment Rental Script-1.0 - SQLi
|
10 |
REMOTE
|
nu11secur1ty
|
|
2023-10-09
|
|
Atcom 2.7.x.x - Authenticated Command Injection
|
5 |
REMOTE
|
Mohammed Adel
|
|
2023-10-09
|
|
Tinycontrol LAN Controller v3 (LK3) 1.58a - Remote Admin Password Change
|
8 |
REMOTE
|
LiquidWorm
|
|
2023-10-09
|
|
Tinycontrol LAN Controller v3 (LK3) 1.58a - Remote Credentials Extraction
|
19 |
REMOTE
|
LiquidWorm
|
|
2023-10-09
|
|
Ruijie Reyee Mesh Router - MITM Remote Code Execution (RCE)
|
9 |
REMOTE
|
Riyan Firmansyah of Seclab
|
|
2023-09-08
|
|
Techview LA-5570 Wireless Gateway Home Automation Controller - Multiple Vulnerabilities
|
17 |
REMOTE
|
The Security Team [exploitsecurity.io]
|
|
2023-09-08
|
|
GOM Player 2.3.90.5360 - Remote Code Execution (RCE)
|
9 |
REMOTE
|
M. Akil Gündoğan
|
|
2023-09-04
|
|
Ivanti Avalanche
|
7 |
REMOTE
|
Robel Campbell
|
|
2023-08-21
|
|
EuroTel ETL3100 - Transmitter Unauthenticated Config/Log Download
|
10 |
REMOTE
|
LiquidWorm
|
|
2023-08-21
|
|
EuroTel ETL3100 - Transmitter Authorization Bypass (IDOR)
|
4 |
REMOTE
|
LiquidWorm
|
|
2023-08-21
|
|
EuroTel ETL3100 - Transmitter Default Credentials
|
4 |
REMOTE
|
LiquidWorm
|
|
2023-08-21
|
|
TSPlus 16.0.0.0 - Remote Work Insecure Credential storage
|
6 |
REMOTE
|
shinnai
|
|
2023-08-21
|
|
TSplus 16.0.0.0 - Remote Work Insecure Files and Folders
|
4 |
REMOTE
|
shinnai
|
|
2023-08-21
|
|
TSplus 16.0.2.14 - Remote Access Insecure Files and Folders Permissions
|
5 |
REMOTE
|
shinnai
|
|
2023-08-10
|
|
TP-Link Archer AX21 - Unauthenticated Command Injection
|
5 |
REMOTE
|
Voyag3r
|
|
2023-08-04
|
|
Shelly PRO 4PM v0.11.0 - Authentication Bypass
|
4 |
REMOTE
|
The Security Team [exploitsecurity.io]
|
|
2023-08-04
|
|
ReyeeOS 1.204.1614 - MITM Remote Code Execution (RCE)
|
6 |
REMOTE
|
Riyan Firmansyah of Seclab
|
|
2023-07-20
|
|
Microsoft Office 365 Version 18.2305.1222.0 - Elevation of Privilege + RCE.
|
5 |
REMOTE
|
nu11secur1ty
|
|
2023-07-19
|
|
Hikvision Hybrid SAN Ds-a71024 Firmware - Multiple Remote Code Execution
|
4 |
REMOTE
|
Thurein Soe
|
|
2023-07-07
|
|
Windows 10 v21H1 - HTTP Protocol Stack Remote Code Execution
|
3 |
REMOTE
|
nu11secur1ty
|
|
2023-07-07
|
|
Microsoft Outlook Microsoft 365 MSO (Version 2306 Build 16.0.16529.20100) 32-bit - Remote Code Execu
|
4 |
REMOTE
|
nu11secur1ty
|
|
2023-07-03
|
|
Microsoft 365 MSO (Version 2305 Build 16.0.16501.20074) 32-bit - Remote Code Execution (RCE)
|
4 |
REMOTE
|
nu11secur1ty
|
|
2023-07-03
|
|
Microsoft 365 MSO (Version 2305 Build 16.0.16501.20074) 64-bit - Remote Code Execution (RCE)
|
4 |
REMOTE
|
nu11secur1ty
|
|
2023-06-26
|
|
Azure Apache Ambari 2302250400 - Spoofing
|
4 |
REMOTE
|
Amirhossein Bahramizadeh
|
|
2023-06-22
|
|
Microsoft OneNote (Version 2305 Build 16.0.16501.20074) 64-bit - Spoofing
|
6 |
REMOTE
|
nu11secur1ty
|
|
2023-06-20
|
|
Nokia ASIKA 7.13.52 - Hard-coded private key disclosure
|
5 |
REMOTE
|
Amirhossein Bahramizadeh
|
|
2023-06-14
|
|
Anevia Flamingo XL 3.2.9 - Remote Root Jailbreak
|
3 |
REMOTE
|
LiquidWorm
|
|
2023-06-14
|
|
Anevia Flamingo XL 3.6.20 - Authenticated Root Remote Code Execution
|
5 |
REMOTE
|
LiquidWorm
|
|
2023-06-14
|
|
Anevia Flamingo XS 3.6.5 - Authenticated Root Remote Code Execution
|
2 |
REMOTE
|
LiquidWorm
|
|
2023-05-31
|
|
Flexense HTTP Server 10.6.24 - Buffer Overflow (DoS) (Metasploit)
|
4 |
REMOTE
|
Ege Balci
|
|
2023-05-25
|
|
Seagate Central Storage 2015.0916 - Unauthenticated Remote Command Execution (Metasploit)
|
4 |
REMOTE
|
Ege Balci
|
|
2023-05-23
|
|
Screen SFT DAB 600/C - Unauthenticated Information Disclosure (userManager.cgx)
|
5 |
REMOTE
|
LiquidWorm
|
|
2023-05-23
|
|
Screen SFT DAB 600/C - Authentication Bypass Reset Board Config
|
3 |
REMOTE
|
LiquidWorm
|
|
2023-05-23
|
|
Screen SFT DAB 600/C - Authentication Bypass Admin Password Change
|
4 |
REMOTE
|
LiquidWorm
|
|
2023-05-23
|
|
Screen SFT DAB 600/C - Authentication Bypass Erase Account
|
3 |
REMOTE
|
LiquidWorm
|
|
2023-05-23
|
|
Screen SFT DAB 600/C - Authentication Bypass Password Change
|
4 |
REMOTE
|
LiquidWorm
|
|
2023-05-23
|
|
Screen SFT DAB 600/C - Authentication Bypass Account Creation
|
4 |
REMOTE
|
LiquidWorm
|
|
2023-05-23
|
|
Optoma 1080PSTX Firmware C02 - Authentication Bypass
|
4 |
REMOTE
|
Anthony Cole
|
|
2023-05-13
|
|
Epson Stylus SX510W Printer Remote Power Off - Denial of Service
|
3 |
REMOTE
|
Rafael Pedrero
|
|
2023-04-20
|
|
Franklin Fueling Systems TS-550 - Default Password
|
5 |
REMOTE
|
Parsa Rezaie Khiabanloo
|
|
2023-04-20
|
|
Microsoft Word 16.72.23040900 - Remote Code Execution (RCE)
|
5 |
REMOTE
|
nu11secur1ty
|
|
2023-04-14
|
|
Sielco Analog FM Transmitter 2.12 - Remote Privilege Escalation
|
4 |
REMOTE
|
LiquidWorm
|
|
2023-04-08
|
|
pfsenseCE v2.6.0 - Anti-brute force protection bypass
|
4 |
REMOTE
|
FabDotNET
|
|
2023-04-08
|
|
Microsoft Excel 365 MSO (Version 2302 Build 16.0.16130.20186) 64-bit - Remote Code Execution (RCE)
|
5 |
REMOTE
|
nu11secur1ty
|
|
2023-04-07
|
|
Franklin Fueling Systems TS-550 - Exploit and Default Password
|
3 |
REMOTE
|
Parsa Rezaie Khiabanloo
|
|
2023-04-07
|
|
Schneider Electric v1.0 - Directory traversal & Broken Authentication
|
3 |
REMOTE
|
Parsa Rezaie Khiabanloo
|
|
2023-04-07
|
|
Tenda N300 F3 12.01.01.48 - Malformed HTTP Request Header Processing
|
4 |
REMOTE
|
@h454nsec
|
|
2023-04-07
|
|
IBM Aspera Faspex 4.4.1 - YAML deserialization (RCE)
|
4 |
REMOTE
|
Maurice Lambert
|
|
2023-04-07
|
|
Docker based datastores for IBM Instana 241-2 243-0 - No Authentication
|
5 |
REMOTE
|
Shahid Parvez (zippon)
|
|
2023-04-06
|
|
WIMAX SWC-5100W Firmware V(1.11.0.1 :1.9.9.4) - Authenticated RCE
|
5 |
REMOTE
|
Momen Eldawakhly
|
|
2023-04-06
|
|
Unified Remote 3.13.0 - Remote Code Execution (RCE)
|
5 |
REMOTE
|
H4rk3nz0
|
|
2023-04-06
|
|
Osprey Pump Controller 1.0.1 - (eventFileSelected) Command Injection
|
4 |
REMOTE
|
LiquidWorm
|
|
2023-04-06
|
|
Osprey Pump Controller 1.0.1 - Unauthenticated Remote Code Execution Exploit
|
5 |
REMOTE
|
LiquidWorm
|
|
2023-04-06
|
|
Osprey Pump Controller 1.0.1 - Cross-Site Request Forgery
|
4 |
REMOTE
|
LiquidWorm
|
|
2023-04-06
|
|
Osprey Pump Controller 1.0.1 - Authentication Bypass Credentials Modification
|
4 |
REMOTE
|
LiquidWorm
|
|
2023-04-06
|
|
Osprey Pump Controller v1.0.1 - Unauthenticated Reflected XSS
|
3 |
REMOTE
|
LiquidWorm
|
|
2023-04-06
|
|
Osprey Pump Controller 1.0.1 - (userName) Blind Command Injection
|
3 |
REMOTE
|
LiquidWorm
|
|
2023-04-06
|
|
Osprey Pump Controller 1.0.1 - (pseudonym) Semi-blind Command Injection
|
3 |
REMOTE
|
LiquidWorm
|
|
2023-04-06
|
|
Osprey Pump Controller 1.0.1 - Administrator Backdoor Access
|
4 |
REMOTE
|
LiquidWorm
|
|
2023-04-06
|
|
Osprey Pump Controller 1.0.1 - Unauthenticated File Disclosure
|
3 |
REMOTE
|
LiquidWorm
|
|
2023-04-06
|
|
Osprey Pump Controller 1.0.1 - Predictable Session Token / Session Hijack
|
5 |
REMOTE
|
LiquidWorm
|
|
2023-04-06
|
|
ABUS Security Camera TVIP 20000-21150 - LFI_ RCE and SSH Root Access
|
4 |
REMOTE
|
d1g@segfault.net
|
|
2023-04-06
|
|
Arris Router Firmware 9.1.103 - Remote Code Execution (RCE) (Authenticated)
|
4 |
REMOTE
|
Yerodin Richards
|
|
2023-04-06
|
|
TitanFTP 2.0.1.2102 - Path traversal to Remote Code Execution (RCE)
|
4 |
REMOTE
|
Andreas Finstad
|
|
2023-04-06
|
|
EasyNas 1.1.0 - OS Command Injection
|
5 |
REMOTE
|
Ivan Spiridonov
|
|
2023-04-05
|
|
SOUND4 LinkAndShare Transmitter 1.1.2 - Format String Stack Buffer Overflow
|
12 |
REMOTE
|
LiquidWorm
|
|
2023-04-05
|
|
Binwalk v2.3.2 - Remote Command Execution (RCE)
|
6 |
REMOTE
|
Etienne Lacoche
|
|
2023-04-05
|
|
Dell EMC Networking PC5500 firmware versions 4.1.0.22 and Cisco Sx / SMB - Information Disclosure
|
3 |
REMOTE
|
Ken Pyle
|
|
2023-04-05
|
|
PostgreSQL 9.6.1 - Remote Code Execution (RCE) (Authenticated)
|
5 |
REMOTE
|
Paulo Trindade
|
|
2023-04-05
|
|
D-Link DIR-846 - Remote Command Execution (RCE) vulnerability
|
5 |
REMOTE
|
Françoa Taffarel
|
|
2023-04-05
|
|
Kardex Mlog MCC 5.7.12 - RCE (Remote Code Execution)
|
5 |
REMOTE
|
Patrick Hener
|
|
2023-04-01
|
|
Nexxt Router Firmware 42.103.1.5095 - Remote Code Execution (RCE) (Authenticated)
|
6 |
REMOTE
|
Yerodin Richards
|
|
2023-04-01
|
|
TP-Link TL-WR902AC firmware 210730 (V3) - Remote Code Execution (RCE) (Authenticated)
|
10 |
REMOTE
|
Tobias Müller
|
|
2023-04-01
|
|
Hughes Satellite Router HX200 v8.3.1.14 - Remote File Inclusion
|
14 |
REMOTE
|
LiquidWorm
|
|
2023-04-01
|
|
AD Manager Plus 7122 - Remote Code Execution (RCE)
|
5 |
REMOTE
|
Chan Nyein Wai
|
|
2023-03-31
|
|
ProLink PRS1841 PLDT Home fiber - Default Password
|
6 |
REMOTE
|
Lawrence Amer
|
|
2023-03-31
|
|
ASKEY RTF3505VW-N1 - Privilege Escalation
|
6 |
REMOTE
|
Leonardo Nicolas Servalli
|
|
2023-03-30
|
|
Router ZTE-H108NS - Authentication Bypass
|
5 |
REMOTE
|
George Tsimpidas
|
|
2023-03-29
|
|
Internet Download Manager v6.41 Build 3 - Remote Code Execution (RCE)
|
4 |
REMOTE
|
M. Akil Gündoğan
|
|
2023-03-29
|
|
DSL-124 Wireless N300 ADSL2+ - Backup File Disclosure
|
2 |
REMOTE
|
Aryan Chehreghani
|
|
2023-03-29
|
|
Inbit Messenger v4.9.0 - Unauthenticated Remote Command Execution (RCE)
|
4 |
REMOTE
|
a-rey
|
|
2023-03-29
|
|
Inbit Messenger v4.9.0 - Unauthenticated Remote SEH Overflow
|
3 |
REMOTE
|
a-rey
|
|
2023-03-28
|
|
Hashicorp Consul v1.0 - Remote Command Execution (RCE)
|
5 |
REMOTE
|
GatoGamer1155
|
|
2023-03-28
|
|
X-Skipper-Proxy v0.13.237 - Server Side Request Forgery (SSRF)
|
3 |
REMOTE
|
Hosein Vita
|
|
2023-03-28
|
|
Tapo C310 RTSP server v1.3.0 - Unauthorised Video Stream Access
|
2 |
REMOTE
|
dsclee1
|
|
2023-03-27
|
|
MiniDVBLinux 5.4 - Arbitrary File Read
|
2 |
REMOTE
|
LiquidWorm
|
|
2023-03-27
|
|
MiniDVBLinux 5.4 - Remote Root Command Injection
|
5 |
REMOTE
|
LiquidWorm
|
|
2023-03-27
|
|
MiniDVBLinux 5.4 - Unauthenticated Stream Disclosure
|
5 |
REMOTE
|
LiquidWorm
|
|
2023-03-27
|
|
MiniDVBLinux 5.4 - Change Root Password
|
4 |
REMOTE
|
LiquidWorm
|
|
2023-03-27
|
|
MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol SVDRP - Remote Code Execution (RCE)
|
4 |
REMOTE
|
LiquidWorm
|
|
2023-03-27
|
|
MiniDVBLinux <=5.4 - Config Download Exploit
|
4 |
REMOTE
|
LiquidWorm
|
|
2023-03-27
|
|
WiFi Mouse 1.8.3.2 - Remote Code Execution (RCE)
|
4 |
REMOTE
|
Payal
|
|
2023-03-25
|
|
NVFLARE < 2.1.4 - Unsafe Deserialization due to Pickle
|
4 |
REMOTE
|
Elias Hohl
|
|
2023-03-25
|
|
D-Link DNR-322L <=2.60B15 - Authenticated Remote Code Execution
|
4 |
REMOTE
|
luka
|
|
2022-11-11
|
|
SmartRG Router SR510n 2.6.13 - Remote Code Execution
|
5 |
REMOTE
|
Yerodin Richards
|
|
2022-11-11
|
|
AVEVA InTouch Access Anywhere Secure Gateway 2020 R2 - Path Traversal
|
3 |
REMOTE
|
Jens Regel
|
|
2022-11-11
|
|
MSNSwitch Firmware MNT.2408 - Remote Code Execution
|
4 |
REMOTE
|
Eli Fulkerson
|
|
2022-09-23
|
|
Teleport v10.1.1 - Remote Code Execution (RCE)
|
4 |
REMOTE
|
Brandon Roach
|
|
2022-09-21
|
|
WiFiMouse 1.8.3.4 - Remote Code Execution (RCE)
|
4 |
REMOTE
|
FEBIN MON SAJI
|
|
2022-09-21
|
|
Wifi HD Wireless Disk Drive 11 - Local File Inclusion
|
4 |
REMOTE
|
Chokri Hammedi
|
|
2022-09-20
|
|
Airspan AirSpot 5410 version 0.3.4.1 - Remote Code Execution (RCE)
|
4 |
REMOTE
|
Samy Younsi
|
|
2022-09-20
|
|
Mobile Mouse 3.6.0.4 - Remote Code Execution (RCE)
|
4 |
REMOTE
|
Chokri Hammedi
|
|
2022-08-09
|
|
PAN-OS 10.0 - Remote Code Execution (RCE) (Authenticated)
|
6 |
REMOTE
|
UnD3sc0n0c1d0
|
|
2022-08-02
|
|
uftpd 2.10 - Directory Traversal (Authenticated)
|
6 |
REMOTE
|
Aaron Esau
|
|
2022-08-01
|
|
Easy Chat Server 3.1 - Remote Stack Buffer Overflow (SEH)
|
4 |
REMOTE
|
r00tpgp
|
|
2022-08-01
|
|
Omnia MPX 1.5.0+r1 - Path Traversal
|
4 |
REMOTE
|
Momen Eldawakhly
|
|
2022-07-29
|
|
Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) - Remote Code Execution
|
5 |
REMOTE
|
LiquidWorm
|
|
2022-07-29
|
|
rpc.py 0.6.0 - Remote Code Execution (RCE)
|
4 |
REMOTE
|
Elias Hohl
|
|
2022-07-21
|
|
IOTransfer 4.0 - Remote Code Execution (RCE)
|
4 |
REMOTE
|
Tomer Peled
|
|
2022-07-11
|
|
Nginx 1.20.0 - Denial of Service (DOS)
|
6 |
REMOTE
|
Mohammed Alshehri
|
|
2022-07-01
|
|
WiFi Mouse 1.7.8.5 - Remote Code Execution(v2)
|
4 |
REMOTE
|
RedHatAugust
|
|
2022-06-14
|
|
Sourcegraph Gitserver 3.36.3 - Remote Code Execution (RCE)
|
3 |
REMOTE
|
Altelus
|
|
2022-06-14
|
|
TP-Link Router AX50 firmware 210730 - Remote Code Execution (RCE) (Authenticated)
|
5 |
REMOTE
|
Tomas Melicher
|
