|
2022-06-14
|
|
Marval MSM v14.19.0.12476 - Cross-Site Request Forgery (CSRF)
|
4 |
REMOTE
|
Momen Eldawakhly
|
|
2022-06-14
|
|
Marval MSM v14.19.0.12476 - Remote Code Execution (RCE) (Authenticated)
|
5 |
REMOTE
|
Momen Eldawakhly
|
|
2022-06-03
|
|
SolarView Compact 6.00 - Directory Traversal
|
5 |
REMOTE
|
Ahmed Alroky
|
|
2022-06-03
|
|
Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10 - Remote Code Execution (RCE)
|
3 |
REMOTE
|
LiquidWorm
|
|
2022-06-03
|
|
Telesquare SDT-CW3B1 1.1.0 - OS Command Injection
|
5 |
REMOTE
|
Bryan Leong
|
|
2022-06-03
|
|
Zyxel USG FLEX 5.21 - OS Command Injection
|
3 |
REMOTE
|
Valentin Lobstein
|
|
2022-05-17
|
|
SolarView Compact 6.0 - OS Command Injection
|
5 |
REMOTE
|
Ahmed Alroky
|
|
2022-05-17
|
|
SDT-CW3B1 1.1.0 - OS Command Injection
|
4 |
REMOTE
|
Ahmed Alroky
|
|
2022-05-12
|
|
F5 BIG-IP 16.0.x - Remote Code Execution (RCE)
|
3 |
REMOTE
|
Yesith Alvarez
|
|
2022-05-11
|
|
Ruijie Reyee Mesh Router - Remote Code Execution (RCE) (Authenticated)
|
5 |
REMOTE
|
Minh Khoa
|
|
2022-05-11
|
|
DLINK DAP-1620 A1 v1.01 - Directory Traversal
|
3 |
REMOTE
|
Momen Eldawakhly
|
|
2022-05-11
|
|
PyScript - Read Remote Python Source Code
|
3 |
REMOTE
|
Momen Eldawakhly
|
|
2022-05-11
|
|
Google Chrome 78.0.3904.70 - Remote Code Execution
|
3 |
REMOTE
|
Forrest Orr
|
|
2022-05-11
|
|
Tenda HG6 v3.3.0 - Remote Command Injection
|
4 |
REMOTE
|
LiquidWorm
|
|
2022-05-11
|
|
Apache CouchDB 3.2.1 - Remote Code Execution (RCE)
|
4 |
REMOTE
|
Konstantin Burov
|
|
2022-05-11
|
|
Wondershare Dr.Fone 12.0.7 - Remote Code Execution (RCE)
|
3 |
REMOTE
|
Netanel Cohen
|
|
2022-05-11
|
|
DLINK DIR850 - Open Redirect
|
3 |
REMOTE
|
Ahmed Alroky
|
|
2022-05-11
|
|
DLINK DIR850 - Insecure Access Control
|
4 |
REMOTE
|
Ahmed Alroky
|
|
2022-05-11
|
|
Prime95 Version 30.7 build 9 - Remote Code Execution (RCE)
|
5 |
REMOTE
|
Yehia Elghaly
|
|
2022-05-11
|
|
ManageEngine ADSelfService Plus Build 6118 - NTLMv2 Hash Exposure
|
2 |
REMOTE
|
Metin Yunus Kandemir
|
|
2022-05-11
|
|
SAP BusinessObjects Intelligence 4.3 - XML External Entity (XXE)
|
4 |
REMOTE
|
West Shepherd
|
|
2022-05-11
|
|
Bookeen Notea - Directory Traversal
|
3 |
REMOTE
|
Clement MAILLIOUX
|
|
2022-05-11
|
|
USR IOT 4G LTE Industrial Cellular VPN Router 1.0.36 - Remote Root Backdoor
|
3 |
REMOTE
|
LiquidWorm
|
|
2022-05-11
|
|
Akka HTTP 10.1.14 - Denial of Service
|
3 |
REMOTE
|
cxosmo
|
|
2022-04-19
|
|
Delta Controls enteliTOUCH 3.40.3935 - Cookie User Password Disclosure
|
4 |
REMOTE
|
LiquidWorm
|
|
2022-04-19
|
|
Delta Controls enteliTOUCH 3.40.3935 - Cross-Site Scripting (XSS)
|
4 |
REMOTE
|
LiquidWorm
|
|
2022-04-19
|
|
Delta Controls enteliTOUCH 3.40.3935 - Cross-Site Request Forgery (CSRF)
|
4 |
REMOTE
|
LiquidWorm
|
|
2022-04-19
|
|
Verizon 4G LTE Network Extender - Weak Credentials Algorithm
|
4 |
REMOTE
|
LiquidWorm
|
|
2022-04-19
|
|
ManageEngine ADSelfService Plus 6.1 - User Enumeration
|
4 |
REMOTE
|
Metin Yunus Kandemir
|
|
2022-04-19
|
|
Zyxel NWA-1100-NH - Command Injection
|
4 |
REMOTE
|
Ahmed Alroky
|
|
2022-04-11
|
|
Franklin Fueling Systems Colibri Controller Module 1.8.19.8580 - Local File Inclusion (LFI)
|
5 |
REMOTE
|
Momen Eldawakhly
|
|
2022-04-07
|
|
Opmon 9.11 - Cross-site Scripting
|
4 |
REMOTE
|
Marlon Petry
|
|
2022-04-07
|
|
Kramer VIAware - Remote Code Execution (RCE) (Root)
|
3 |
REMOTE
|
sharkmoos
|
|
2022-03-30
|
|
Kramer VIAware 2.5.0719.1034 - Remote Code Execution (RCE)
|
4 |
REMOTE
|
sharkmoos
|
|
2022-03-30
|
|
PostgreSQL 9.3-11.7 - Remote Code Execution (RCE) (Authenticated)
|
5 |
REMOTE
|
b4keSn4ke
|
|
2022-03-22
|
|
ICT Protege GX/WX 2.08 - Client-Side SHA1 Password Hash Disclosure
|
3 |
REMOTE
|
LiquidWorm
|
|
2022-03-22
|
|
ICT Protege GX/WX 2.08 - Stored Cross-Site Scripting (XSS)
|
5 |
REMOTE
|
LiquidWorm
|
|
2022-03-22
|
|
Ivanti Endpoint Manager 4.6 - Remote Code Execution (RCE)
|
4 |
REMOTE
|
d7x
|
|
2022-03-22
|
|
iRZ Mobile Router - CSRF to RCE
|
4 |
REMOTE
|
John Jackson
|
|
2022-03-16
|
|
Apache APISIX 2.12.1 - Remote Code Execution (RCE)
|
7 |
REMOTE
|
Ven3xy
|
|
2022-03-11
|
|
Tdarr 2.00.15 - Command Injection
|
5 |
REMOTE
|
Sam Smith
|
|
2022-03-11
|
|
Seowon SLR-120 Router - Remote Code Execution (Unauthenticated)
|
4 |
REMOTE
|
Aryan Chehreghani
|
|
2022-03-02
|
|
Printix Client 1.3.1106.0 - Remote Code Execution (RCE)
|
5 |
REMOTE
|
Logan Latvala
|
|
2022-03-02
|
|
Prowise Reflect v1.0.9 - Remote Keystroke Injection
|
4 |
REMOTE
|
Rik Lutz
|
|
2022-02-28
|
|
WAGO 750-8212 PFC200 G2 2ETH RS - Privilege Escalation
|
5 |
REMOTE
|
Momen Eldawakhly
|
|
2022-02-23
|
|
ICL ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 - Remote File CRUD
|
7 |
REMOTE
|
LiquidWorm
|
|
2022-02-23
|
|
Adobe ColdFusion 11 - LDAP Java Object Deserialization Remode Code Execution (RCE)
|
6 |
REMOTE
|
Amel BOUZIANE-LEBLOND
|
|
2022-02-16
|
|
H3C SSL VPN - Username Enumeration
|
3 |
REMOTE
|
LiquidWorm
|
|
2022-02-08
|
|
Wing FTP Server 4.3.8 - Remote Code Execution (RCE) (Authenticated)
|
5 |
REMOTE
|
notcos
|
|
2022-01-27
|
|
Oracle WebLogic Server 14.1.1.0.0 - Local File Inclusion
|
3 |
REMOTE
|
Jonah Tan
|
|
2022-01-18
|
|
Archeevo 5.0 - Local File Inclusion
|
3 |
REMOTE
|
Miguel Santareno
|
|
2022-01-10
|
|
CoreFTP Server build 725 - Directory Traversal (Authenticated)
|
2 |
REMOTE
|
LiamInfosec
|
|
2022-01-05
|
|
Gerapy 0.9.7 - Remote Code Execution (RCE) (Authenticated)
|
4 |
REMOTE
|
Jeremiasz Pluta
|
|
2022-01-05
|
|
Dixell XWEB 500 - Arbitrary File Write
|
4 |
REMOTE
|
Roberto Palamaro
|
|
2022-01-05
|
|
TermTalk Server 3.24.0.2 - Arbitrary File Read (Unauthenticated)
|
2 |
REMOTE
|
Fabiano Golluscio
|
|
2022-01-05
|
|
AWebServer GhostBuilding 18 - Denial of Service (DoS)
|
5 |
REMOTE
|
Andres Ramos
|
|
2022-01-05
|
|
Accu-Time Systems MAXIMUS 1.0 - Telnet Remote Buffer Overflow (DoS)
|
3 |
REMOTE
|
Yehia Elghaly
|
|
2022-01-05
|
|
ConnectWise Control 19.2.24707 - Username Enumeration
|
3 |
REMOTE
|
Luca Cuzzolin
|
|
2021-12-15
|
|
Oliver Library Server v5 - Arbitrary File Download
|
3 |
REMOTE
|
Mandeep Singh
|
|
2021-12-14
|
|
Apache Log4j 2 - Remote Code Execution (RCE)
|
3 |
REMOTE
|
kozmer
|
|
2021-12-14
|
|
Apache Log4j2 2.14.1 - Information Disclosure
|
2 |
REMOTE
|
leonjza
|
|
2021-12-13
|
|
HD-Network Real-time Monitoring System 2.0 - Local File Inclusion (LFI)
|
4 |
REMOTE
|
Momen Eldawakhly
|
|
2021-12-09
|
|
Raspberry Pi 5.10 - Default Credentials
|
3 |
REMOTE
|
netspooky
|
|
2021-12-06
|
|
Auerswald COMpact 8.0B - Multiple Backdoors
|
5 |
REMOTE
|
RedTeam Pentesting GmbH
|
|
2021-12-06
|
|
Auerswald COMpact 8.0B - Arbitrary File Disclosure
|
4 |
REMOTE
|
RedTeam Pentesting GmbH
|
|
2021-12-06
|
|
Auerswald COMpact 8.0B - Privilege Escalation
|
2 |
REMOTE
|
RedTeam Pentesting GmbH
|
|
2021-12-06
|
|
Auerswald COMfortel 2.8F - Authentication Bypass
|
3 |
REMOTE
|
RedTeam Pentesting GmbH
|
|
2021-11-23
|
|
GNU gdbserver 9.2 - Remote Command Execution (RCE)
|
5 |
REMOTE
|
Roberto Gesteira Miñarro
|
|
2021-10-13
|
|
Cypress Solutions CTM-200 2.7.1 - Root Remote OS Command Injection
|
4 |
REMOTE
|
LiquidWorm
|
|
2021-10-13
|
|
Cypress Solutions CTM-200/CTM-ONE - Hard-coded Credentials Remote Root (Telnet/SSH)
|
4 |
REMOTE
|
LiquidWorm
|
|
2021-09-29
|
|
Mitrastar GPT-2541GNAC-N1 - Privilege escalation
|
3 |
REMOTE
|
Leonardo Nicolas Servalli
|
|
2021-09-28
|
|
Apache James Server 2.3.2 - Remote Command Execution (RCE) (Authenticated) (2)
|
4 |
REMOTE
|
shinris3n
|
|
2021-09-27
|
|
Cisco small business RV130W 1.0.3.44 - Inject Counterfeit Routers
|
3 |
REMOTE
|
Michael Alamoot
|
|
2017-01-14
|
|
Adobe Flash Player - Integer Overflow
|
2 |
REMOTE
|
ryujin
|
|
2021-09-13
|
|
ECOA Building Automation System - Hard-coded Credentials SSH Access
|
3 |
REMOTE
|
Neurogenesia
|
|
2021-08-18
|
|
crossfire-server 1.9.0 - 'SetUp()' Remote Buffer Overflow
|
6 |
REMOTE
|
Khaled Salem
|
|
2021-08-02
|
|
Neo4j 3.4.18 - RMI based Remote Code Execution (RCE)
|
4 |
REMOTE
|
Christopher Ellis
|
|
2021-07-28
|
|
Denver Smart Wifi Camera SHC-150 - 'Telnet' Remote Code Execution (RCE)
|
4 |
REMOTE
|
Ivan Nikolsky
|
|
2021-07-21
|
|
KevinLAB BEMS 1.0 - Undocumented Backdoor Account
|
4 |
REMOTE
|
LiquidWorm
|
|
2021-07-15
|
|
Aruba Instant (IAP) - Remote Code Execution
|
4 |
REMOTE
|
Aleph Security
|
|
2021-07-16
|
|
Aruba Instant 8.7.1.0 - Arbitrary File Modification
|
2 |
REMOTE
|
Gr33nh4t
|
|
2021-06-29
|
|
ES File Explorer 4.1.9.7.4 - Arbitrary File Read
|
4 |
REMOTE
|
Nehal Zaman
|
|
2021-06-21
|
|
Solaris SunSSH 11.0 x86 - libpam Remote Root (3)
|
4 |
REMOTE
|
Nathaniel Singer
|
|
2021-06-18
|
|
Dlink DSL2750U - 'Reboot' Command Injection
|
4 |
REMOTE
|
Mohammed Hadi
|
|
2021-06-03
|
|
CHIYU IoT Devices - 'Telnet' Authentication Bypass
|
3 |
REMOTE
|
sirpedrotavares
|
|
2021-05-26
|
|
ProFTPd 1.3.5 - 'mod_copy' Remote Command Execution (2)
|
4 |
REMOTE
|
Shellbr3ak
|
|
2021-05-21
|
|
Solaris SunSSH 11.0 x86 - libpam Remote Root (2)
|
4 |
REMOTE
|
legend
|
|
2021-04-30
|
|
GNU Wget < 1.18 - Arbitrary File Upload (2)
|
5 |
REMOTE
|
liewehacksie
|
|
2021-04-21
|
|
Tenda D151 & D301 - Configuration Download (Unauthenticated)
|
4 |
REMOTE
|
BenChaliah
|
|
2021-04-12
|
|
vsftpd 2.3.4 - Backdoor Command Execution
|
3 |
REMOTE
|
HerculesRD
|
|
2021-04-08
|
|
Linux Kernel 5.4 - 'BleedingTooth' Bluetooth Zero-Click Remote Code Execution
|
4 |
REMOTE
|
Google Security Research
|
|
2021-04-06
|
|
Google Chrome 81.0.4044 V8 - Remote Code Execution
|
6 |
REMOTE
|
r4j0x00
|
|
2021-04-06
|
|
Google Chrome 86.0.4240 V8 - Remote Code Execution
|
4 |
REMOTE
|
r4j0x00
|
|
2021-03-29
|
|
vsftpd 3.0.3 - Remote Denial of Service
|
4 |
REMOTE
|
xynmaps
|
|
2021-03-22
|
|
KZTech T3500V 4G LTE CPE 2.0.1 - Weak Default WiFi Password Algorithm
|
4 |
REMOTE
|
LiquidWorm
|
|
2021-03-19
|
|
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 - Hard coded Credentials Shell Access
|
5 |
REMOTE
|
LiquidWorm
|
|
2021-03-14
|
|
Microsoft Exchange 2019 - Server-Side Request Forgery
|
4 |
REMOTE
|
F5
|
|
2021-03-09
|
|
Golden FTP Server 4.70 - 'PASS' Buffer Overflow (2)
|
4 |
REMOTE
|
1F98D
|
|
2021-03-05
|
|
CatDV 9.2 - RMI Authentication Bypass
|
4 |
REMOTE
|
Christopher Ellis
|
|
2021-03-03
|
|
AnyDesk 5.5.2 - Remote Code Execution
|
3 |
REMOTE
|
scryh
|
|
2021-03-01
|
|
WiFi Mouse 1.7.8.5 - Remote Code Execution
|
3 |
REMOTE
|
H4rk3nz0
|
|
2021-02-26
|
|
Remote Desktop Web Access - Authentication Timing Attack (Metasploit Module)
|
5 |
REMOTE
|
Matthew Dunn
|
|
2021-02-25
|
|
ASUS Remote Link 1.1.2.13 - Remote Code Execution
|
4 |
REMOTE
|
H4rk3nz0
|
|
2021-02-24
|
|
Unified Remote 3.9.0.2463 - Remote Code Execution
|
2 |
REMOTE
|
H4rk3nz0
|
|
2021-02-24
|
|
python jsonpickle 2.0.0 - Remote Code Execution
|
3 |
REMOTE
|
Adi Malyanker
|
|
2021-02-23
|
|
HFS (HTTP File Server) 2.3.x - Remote Command Execution (3)
|
4 |
REMOTE
|
Pergyz
|
|
2021-01-13
|
|
Erlang Cookie - Remote Code Execution
|
4 |
REMOTE
|
1F98D
|
|
2020-12-18
|
|
FRITZ!Box 7.20 - DNS Rebinding Protection Bypass
|
5 |
REMOTE
|
RedTeam Pentesting GmbH
|
|
2020-12-15
|
|
Solaris SunSSH 11.0 x86 - libpam Remote Root
|
4 |
REMOTE
|
Hacker Fantastic
|
|
2020-12-09
|
|
Huawei HedEx Lite 200R006C00SPC005 - Path Traversal
|
4 |
REMOTE
|
Vulnerability-Lab
|
|
2020-12-09
|
|
Dup Scout Enterprise 10.0.18 - 'sid' Remote Buffer Overflow (SEH)
|
3 |
REMOTE
|
Andrés Roldán
|
|
2020-12-09
|
|
SmarterMail Build 6985 - Remote Code Execution
|
7 |
REMOTE
|
1F98D
|
|
2020-12-07
|
|
Dup Scout Enterprise 10.0.18 - 'online_registration' Remote Buffer Overflow
|
3 |
REMOTE
|
0rbz_
|
|
2020-12-02
|
|
Mitel mitel-cs018 - Call Data Information Disclosure
|
4 |
REMOTE
|
Andrea Intilangelo
|
|
2020-12-02
|
|
Ksix Zigbee Devices - Playback Protection Bypass (PoC)
|
5 |
REMOTE
|
Alejandro Vazquez Vazquez
|
|
2020-11-30
|
|
YATinyWinFTP - Denial of Service (PoC)
|
7 |
REMOTE
|
strider
|
|
2020-11-26
|
|
Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution
|
5 |
REMOTE
|
Loke Hui Yi
|
|
2020-11-19
|
|
Genexis Platinum 4410 Router 2.1 - UPnP Credential Exposure
|
5 |
REMOTE
|
Nitesh Surana
|
|
2020-11-18
|
|
ZeroLogon - Netlogon Elevation of Privilege
|
5 |
REMOTE
|
West Shepherd
|
|
2020-11-17
|
|
Apache Struts 2.5.20 - Double OGNL evaluation
|
5 |
REMOTE
|
West Shepherd
|
|
2020-11-17
|
|
Aerospike Database 5.1.0.3 - OS Command Execution
|
4 |
REMOTE
|
Matt S
|
|
2020-11-16
|
|
Cisco 7937G - DoS/Privilege Escalation
|
6 |
REMOTE
|
Cody Martin
|
|
2020-11-05
|
|
TP-Link WDR4300 - Remote Code Execution (Authenticated)
|
4 |
REMOTE
|
Patrik Lantz
|
|
2020-10-27
|
|
GoAhead Web Server 5.1.1 - Digest Authentication Capture Replay Nonce Reuse
|
4 |
REMOTE
|
LiquidWorm
|
|
2020-10-27
|
|
Adtec Digital Multiple Products - Default Hardcoded Credentials Remote Root
|
2 |
REMOTE
|
LiquidWorm
|
