|
2019-06-25
|
|
SAPIDO RB-1732 - Remote Command Execution
|
2 |
REMOTE
|
k1nm3n.aotoi
|
|
2019-06-25
|
|
SuperDoctor5 - 'NRPE' Remote Code Execution
|
0 |
REMOTE
|
Simon Gurney
|
|
2019-06-21
|
|
EA Origin < 10.5.38 - Remote Code Execution
|
2 |
REMOTE
|
Dominik Penner
|
|
2019-06-20
|
|
Cisco Prime Infrastructure Health Monitor - TarArchive Directory Traversal (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-06-17
|
|
AROX School-ERP Pro - Unauthenticated Remote Command Execution (Metasploit)
|
1 |
REMOTE
|
AkkuS
|
|
2019-06-11
|
|
Webmin 1.910 - 'Package Updates' Remote Command Execution (Metasploit)
|
2 |
REMOTE
|
AkkuS
|
|
2019-06-05
|
|
Exim 4.87 < 4.91 - (Local / Remote) Command Execution
|
1 |
REMOTE
|
Qualys Corporation
|
|
2019-06-05
|
|
LibreNMS - addhost Command Injection (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-06-05
|
|
IBM Websphere Application Server - Network Deployment Untrusted Data Deserialization Remote Code Exe
|
2 |
REMOTE
|
Metasploit
|
|
2019-06-04
|
|
Cisco RV130W 1.0.3.44 - Remote Stack Overflow
|
2 |
REMOTE
|
@0x00string
|
|
2019-06-04
|
|
NUUO NVRMini 2 3.9.1 - 'sscanf' Stack Overflow
|
2 |
REMOTE
|
@0x00string
|
|
2019-05-29
|
|
Oracle Application Testing Suite - WebLogic Server Administration Console War Deployment (Metasploit
|
3 |
REMOTE
|
Metasploit
|
|
2019-05-28
|
|
Petraware pTransformer ADC < 2.1.7.22827 - Login Bypass
|
1 |
REMOTE
|
Faudhzan Rahman
|
|
2019-05-27
|
|
Typora 0.9.9.24.6 - Directory Traversal
|
2 |
REMOTE
|
Dhiraj Mishra
|
|
2019-05-24
|
|
Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption
|
1 |
REMOTE
|
Simon Zuckerbraun
|
|
2019-05-23
|
|
Shopware - createInstanceFromNamedArguments PHP Object Instantiation Remote Code Execution (Metasplo
|
2 |
REMOTE
|
Metasploit
|
|
2019-05-20
|
|
GetSimpleCMS - Unauthenticated Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-05-14
|
|
PHP-Fusion 9.03.00 - 'Edit Profile' Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
AkkuS
|
|
2019-05-08
|
|
Oracle Weblogic Server - 'AsyncResponseService' Deserialization Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-05-08
|
|
Oracle Weblogic Server - 'AsyncResponseService' Deserialization Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-05-08
|
|
PostgreSQL 9.3 - COPY FROM PROGRAM Command Execution (Metasploit)
|
1 |
REMOTE
|
Metasploit
|
|
2019-05-08
|
|
Google Chrome 72.0.3626.119 - 'FileReader' Use-After-Free (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-05-08
|
|
Google Chrome 72.0.3626.119 - 'FileReader' Use-After-Free (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-05-08
|
|
Lotus Domino 8.5.3 - 'EXAMINE' Stack Buffer Overflow DEP/ASLR Bypass (NSA's EMPHASISMINE)
|
1 |
REMOTE
|
Charles Truscott
|
|
2019-05-08
|
|
Lotus Domino 8.5.3 - 'EXAMINE' Stack Buffer Overflow DEP/ASLR Bypass (NSA's EMPHASISMINE)
|
2 |
REMOTE
|
Charles Truscott
|
|
2019-05-06
|
|
Xitami Web Server 2.5 - Remote Buffer Overflow (SEH + Egghunter)
|
1 |
REMOTE
|
ElSoufiane
|
|
2019-05-06
|
|
LG Supersign EZ CMS - Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Alejandro Fanjul
|
|
2019-05-03
|
|
Blue Angel Software Suite - Command Execution
|
1 |
REMOTE
|
Paolo Serracino_ Pietro Minniti_ Damiano Proietti
|
|
2019-05-03
|
|
Microsoft Windows PowerShell ISE - Remote Code Execution
|
1 |
REMOTE
|
hyp3rlinx
|
|
2019-05-02
|
|
Ruby On Rails - DoubleTap Development Mode secret_key_base Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-04-30
|
|
Pimcore < 5.71 - Unserialize Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-04-30
|
|
Pimcore < 5.71 - Unserialize Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-04-30
|
|
AIS logistics ESEL-Server - Unauthenticated SQL Injection Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-04-30
|
|
Moodle 3.6.3 - 'Install Plugin' Remote Command Execution (Metasploit)
|
2 |
REMOTE
|
AkkuS
|
|
2019-04-30
|
|
Freefloat FTP Server 1.0 - 'STOR' Remote Buffer Overflow
|
2 |
REMOTE
|
Kevin Randall
|
|
2019-04-30
|
|
Freefloat FTP Server 1.0 - 'STOR' Remote Buffer Overflow
|
2 |
REMOTE
|
Kevin Randall
|
|
2019-04-30
|
|
Freefloat FTP Server 1.0 - 'SIZE' Remote Buffer Overflow
|
2 |
REMOTE
|
Kevin Randall
|
|
2019-04-30
|
|
Freefloat FTP Server 1.0 - 'SIZE' Remote Buffer Overflow
|
2 |
REMOTE
|
Kevin Randall
|
|
2019-04-24
|
|
Google Chrome 72.0.3626.121 / 74.0.3725.0 - 'NewFixedDoubleArray' Integer Overflow
|
2 |
REMOTE
|
Google Security Research
|
|
2019-04-22
|
|
ManageEngine Applications Manager 14.0 - Authentication Bypass / Remote Command Execution (Metasploi
|
2 |
REMOTE
|
AkkuS
|
|
2019-04-19
|
|
Atlassian Confluence Widget Connector Macro - Velocity Template Injection (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-04-19
|
|
Atlassian Confluence Widget Connector Macro - Velocity Template Injection (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-04-18
|
|
ManageEngine Applications Manager 11.0 < 14.0 - SQL Injection / Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
AkkuS
|
|
2019-04-17
|
|
MailCarrier 2.51 - POP3 'RETR' SEH Buffer Overflow
|
1 |
REMOTE
|
Dino Covotsos
|
|
2019-04-17
|
|
MailCarrier 2.51 - POP3 'RETR' SEH Buffer Overflow
|
2 |
REMOTE
|
Dino Covotsos
|
|
2019-04-15
|
|
Cisco RV130W Routers - Management Interface Remote Command Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-04-15
|
|
Cisco RV130W Routers - Management Interface Remote Command Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-04-15
|
|
MailCarrier 2.51 - POP3 'TOP' SEH Buffer Overflow
|
1 |
REMOTE
|
Dino Covotsos
|
|
2019-04-15
|
|
MailCarrier 2.51 - POP3 'TOP' SEH Buffer Overflow
|
1 |
REMOTE
|
Dino Covotsos
|
|
2019-04-15
|
|
MailCarrier 2.51 - POP3 'LIST' SEH Buffer Overflow
|
1 |
REMOTE
|
Dino Covotsos
|
|
2019-04-15
|
|
MailCarrier 2.51 - POP3 'LIST' SEH Buffer Overflow
|
1 |
REMOTE
|
Dino Covotsos
|
|
2019-04-15
|
|
MailCarrier 2.51 - POP3 'USER' Buffer Overflow
|
1 |
REMOTE
|
Dino Covotsos
|
|
2019-04-15
|
|
MailCarrier 2.51 - POP3 'USER' Buffer Overflow
|
2 |
REMOTE
|
Dino Covotsos
|
|
2019-04-15
|
|
CuteNews 2.1.2 - 'avatar' Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
AkkuS
|
|
2019-04-15
|
|
RemoteMouse 3.008 - Arbitrary Remote Command Execution
|
1 |
REMOTE
|
0rphon
|
|
2019-04-15
|
|
MailCarrier 2.51 - 'RCPT TO' Buffer Overflow
|
1 |
REMOTE
|
Dino Covotsos
|
|
2019-04-15
|
|
MailCarrier 2.51 - 'RCPT TO' Buffer Overflow
|
2 |
REMOTE
|
Dino Covotsos
|
|
2019-04-12
|
|
Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)
|
1 |
REMOTE
|
Metasploit
|
|
2019-04-12
|
|
Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)
|
1 |
REMOTE
|
Metasploit
|
|
2019-04-12
|
|
Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-04-12
|
|
Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-04-09
|
|
Apache Axis 1.4 - Remote Code Execution
|
2 |
REMOTE
|
David Yesland
|
|
2019-04-09
|
|
TP-LINK TL-WR940N / TL-WR941ND - Buffer Overflow
|
1 |
REMOTE
|
Grzegorz Wypych
|
|
2019-02-27
|
|
PHP 7.2 - 'imagecolormatch()' Out of Band Heap Write
|
2 |
REMOTE
|
cfreal
|
|
2019-04-08
|
|
QNAP Netatalk < 3.1.12 - Authentication Bypass
|
2 |
REMOTE
|
muts
|
|
2019-04-05
|
|
WordPress Core 5.0.0 - Crop-image Shell Upload (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-04-03
|
|
Cisco RV320 and RV325 - Unauthenticated Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-04-03
|
|
Google Chrome 72.0.3626.96 / 74.0.3702.0 - 'JSPromise::TriggerPromiseReactions' Type Confusion
|
1 |
REMOTE
|
Google Security Research
|
|
2019-04-03
|
|
PhreeBooks ERP 5.2.3 - Remote Command Execution (1)
|
1 |
REMOTE
|
Metin Yunus Kandemir
|
|
2019-04-03
|
|
TeemIp IPAM < 2.4.0 - 'new_config' Command Injection (Metasploit)
|
2 |
REMOTE
|
AkkuS
|
|
2019-04-03
|
|
TeemIp IPAM < 2.4.0 - 'new_config' Command Injection (Metasploit)
|
2 |
REMOTE
|
AkkuS
|
|
2019-03-28
|
|
Oracle Weblogic Server Deserialization RCE - Raw Object (Metasploit)
|
1 |
REMOTE
|
Metasploit
|
|
2019-03-28
|
|
CMS Made Simple (CMSMS) Showtime2 - File Upload Remote Code Execution (Metasploit)
|
1 |
REMOTE
|
Metasploit
|
|
2019-03-19
|
|
Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming Remote Code Execution
|
2 |
REMOTE
|
Metasploit
|
|
2019-03-19
|
|
Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming Remote Code Execution
|
2 |
REMOTE
|
Metasploit
|
|
2019-03-18
|
|
BMC Patrol Agent - Privilege Escalation Code Execution Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-03-15
|
|
Mail Carrier 2.5.1 - 'MAIL FROM' Buffer Overflow
|
1 |
REMOTE
|
Joseph McDonagh
|
|
2019-03-15
|
|
Mail Carrier 2.5.1 - 'MAIL FROM' Buffer Overflow
|
1 |
REMOTE
|
Joseph McDonagh
|
|
2019-03-14
|
|
Apache UNO / LibreOffice Version: 6.1.2 / OpenOffice 4.1.6 API - Remote Code Execution
|
1 |
REMOTE
|
sud0woodo
|
|
2019-03-14
|
|
FTPGetter Standard 5.97.0.177 - Remote Code Execution
|
1 |
REMOTE
|
w4fz5uck5
|
|
2019-03-14
|
|
FTPGetter Standard 5.97.0.177 - Remote Code Execution
|
1 |
REMOTE
|
w4fz5uck5
|
|
2019-03-13
|
|
Apache Tika-server < 1.18 - Command Injection
|
2 |
REMOTE
|
Rhino Security Labs
|
|
2019-03-13
|
|
elFinder PHP Connector < 2.1.48 - 'exiftran' Command Injection (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-03-13
|
|
elFinder PHP Connector < 2.1.48 - 'exiftran' Command Injection (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-01-11
|
|
OpenSSH SCP Client - Write Arbitrary Files
|
2 |
REMOTE
|
Harry Sintonen
|
|
2018-03-28
|
|
TeamCity < 9.0.2 - Disabled Registration Bypass
|
1 |
REMOTE
|
allyshka
|
|
2018-10-25
|
|
Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass)
|
2 |
REMOTE
|
allyshka
|
|
2019-03-07
|
|
Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit
|
1 |
REMOTE
|
Metasploit
|
|
2019-03-07
|
|
Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit
|
1 |
REMOTE
|
Metasploit
|
|
2019-03-07
|
|
Imperva SecureSphere 13.x - 'PWS' Command Injection (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-03-07
|
|
Imperva SecureSphere 13.x - 'PWS' Command Injection (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-03-07
|
|
QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)
|
1 |
REMOTE
|
AkkuS
|
|
2016-12-20
|
|
Java Debug Wire Protocol (JDWP) - Remote Code Execution
|
1 |
REMOTE
|
IOactive
|
|
2019-02-28
|
|
Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow
|
1 |
REMOTE
|
Artem Metla
|
|
2019-02-22
|
|
Nuuo Central Management - (Authenticated) SQL Server SQL Injection (Metasploit)
|
1 |
REMOTE
|
Metasploit
|
|
2019-02-21
|
|
MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT Bypass
|
1 |
REMOTE
|
Jacob Baines
|
|
2019-02-20
|
|
Belkin Wemo UPnP - Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-02-20
|
|
Belkin Wemo UPnP - Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-02-18
|
|
mIRC < 7.55 - 'Custom URI Protocol Handlers' Remote Command Execution
|
1 |
REMOTE
|
ProofOfCalc
|
|
2019-02-11
|
|
Indusoft Web Studio 8.1 SP2 - Remote Code Execution
|
2 |
REMOTE
|
Jacob Baines
|
|
2019-02-11
|
|
NUUO NVRmini - upgrade_handle.php Remote Command Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-02-11
|
|
NUUO NVRmini - upgrade_handle.php Remote Command Execution (Metasploit)
|
1 |
REMOTE
|
Metasploit
|
|
2019-02-11
|
|
Adobe Flash Player - DeleteRangeTimelineOperation Type Confusion (Metasploit)
|
1 |
REMOTE
|
Metasploit
|
|
2018-10-20
|
|
LibSSH 0.7.6 / 0.8.4 - Unauthorized Access
|
2 |
REMOTE
|
jas502n
|
|
2019-01-28
|
|
CloudMe Sync 1.11.2 Buffer Overflow - WoW64 (DEP Bypass)
|
1 |
REMOTE
|
Matteo Malvica
|
|
2019-01-28
|
|
CloudMe Sync 1.11.2 Buffer Overflow - WoW64 (DEP Bypass)
|
2 |
REMOTE
|
Matteo Malvica
|
|
2019-01-24
|
|
Ghostscript 9.26 - Pseudo-Operator Remote Code Execution
|
1 |
REMOTE
|
Google Security Research
|
|
2019-01-22
|
|
Microsoft Windows VCF or Contact' File - URL Manipulation-Spoof Arbitrary Code Execution
|
2 |
REMOTE
|
Eduardo Braun Prado
|
|
2019-01-22
|
|
CloudMe Sync 1.11.2 - Buffer Overflow + Egghunt
|
2 |
REMOTE
|
T3jv1l
|
|
2019-01-22
|
|
CloudMe Sync 1.11.2 - Buffer Overflow + Egghunt
|
2 |
REMOTE
|
T3jv1l
|
|
2019-01-21
|
|
GattLib 0.2 - Stack Buffer Overflow
|
1 |
REMOTE
|
Dhiraj Mishra
|
|
2019-01-18
|
|
Webmin 1.900 - Remote Command Execution (Metasploit)
|
2 |
REMOTE
|
AkkuS
|
|
2019-01-18
|
|
SCP Client - Multiple Vulnerabilities (SSHtranger Things)
|
1 |
REMOTE
|
Mark E. Haase
|
|
2019-01-14
|
|
Hootoo HT-05 - Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Andrei Manole
|
|
2019-01-07
|
|
Mailcleaner - (Authenticated) Remote Code Execution (Metasploit)
|
1 |
REMOTE
|
Mehmet Ince
|
|
2019-01-02
|
|
Hashicorp Consul - Remote Command Execution via Services API (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-01-02
|
|
Hashicorp Consul - Remote Command Execution via Services API (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2019-01-02
|
|
Hashicorp Consul - Remote Command Execution via Rexec (Metasploit)
|
1 |
REMOTE
|
Metasploit
|
|
2019-01-02
|
|
Hashicorp Consul - Remote Command Execution via Rexec (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2018-12-10
|
|
Kubernetes - (Authenticated) Arbitrary Requests
|
1 |
REMOTE
|
evict
|
|
2018-12-10
|
|
Kubernetes - (Unauthenticated) Arbitrary Requests
|
2 |
REMOTE
|
evict
|
|
2018-12-21
|
|
Netatalk 3.1.12 - Authentication Bypass
|
1 |
REMOTE
|
Jacob Baines
|
|
2018-12-20
|
|
Erlang - Port Mapper Daemon Cookie Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2018-12-20
|
|
Erlang - Port Mapper Daemon Cookie Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2018-12-18
|
|
MiniShare 1.4.1 - 'HEAD/POST' Remote Buffer Overflow
|
1 |
REMOTE
|
Rafael Pedrero
|
