|
2019-02-22
|
|
Nuuo Central Management - (Authenticated) SQL Server SQL Injection (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2019-02-21
|
|
MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT Bypass
|
3 |
REMOTE
|
Jacob Baines
|
|
2019-02-20
|
|
Belkin Wemo UPnP - Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2019-02-20
|
|
Belkin Wemo UPnP - Remote Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2019-02-18
|
|
mIRC < 7.55 - 'Custom URI Protocol Handlers' Remote Command Execution
|
5 |
REMOTE
|
ProofOfCalc
|
|
2019-02-11
|
|
Indusoft Web Studio 8.1 SP2 - Remote Code Execution
|
5 |
REMOTE
|
Jacob Baines
|
|
2019-02-11
|
|
NUUO NVRmini - upgrade_handle.php Remote Command Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2019-02-11
|
|
NUUO NVRmini - upgrade_handle.php Remote Command Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2019-02-11
|
|
Adobe Flash Player - DeleteRangeTimelineOperation Type Confusion (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2018-10-20
|
|
LibSSH 0.7.6 / 0.8.4 - Unauthorized Access
|
5 |
REMOTE
|
jas502n
|
|
2019-01-28
|
|
CloudMe Sync 1.11.2 Buffer Overflow - WoW64 (DEP Bypass)
|
4 |
REMOTE
|
Matteo Malvica
|
|
2019-01-28
|
|
CloudMe Sync 1.11.2 Buffer Overflow - WoW64 (DEP Bypass)
|
6 |
REMOTE
|
Matteo Malvica
|
|
2019-01-24
|
|
Ghostscript 9.26 - Pseudo-Operator Remote Code Execution
|
3 |
REMOTE
|
Google Security Research
|
|
2019-01-22
|
|
Microsoft Windows VCF or Contact' File - URL Manipulation-Spoof Arbitrary Code Execution
|
5 |
REMOTE
|
Eduardo Braun Prado
|
|
2019-01-22
|
|
CloudMe Sync 1.11.2 - Buffer Overflow + Egghunt
|
4 |
REMOTE
|
T3jv1l
|
|
2019-01-22
|
|
CloudMe Sync 1.11.2 - Buffer Overflow + Egghunt
|
3 |
REMOTE
|
T3jv1l
|
|
2019-01-21
|
|
GattLib 0.2 - Stack Buffer Overflow
|
5 |
REMOTE
|
Dhiraj Mishra
|
|
2019-01-18
|
|
Webmin 1.900 - Remote Command Execution (Metasploit)
|
3 |
REMOTE
|
AkkuS
|
|
2019-01-18
|
|
SCP Client - Multiple Vulnerabilities (SSHtranger Things)
|
4 |
REMOTE
|
Mark E. Haase
|
|
2019-01-14
|
|
Hootoo HT-05 - Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
Andrei Manole
|
|
2019-01-07
|
|
Mailcleaner - (Authenticated) Remote Code Execution (Metasploit)
|
3 |
REMOTE
|
Mehmet Ince
|
|
2019-01-02
|
|
Hashicorp Consul - Remote Command Execution via Services API (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2019-01-02
|
|
Hashicorp Consul - Remote Command Execution via Services API (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2019-01-02
|
|
Hashicorp Consul - Remote Command Execution via Rexec (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2019-01-02
|
|
Hashicorp Consul - Remote Command Execution via Rexec (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-12-10
|
|
Kubernetes - (Authenticated) Arbitrary Requests
|
5 |
REMOTE
|
evict
|
|
2018-12-10
|
|
Kubernetes - (Unauthenticated) Arbitrary Requests
|
3 |
REMOTE
|
evict
|
|
2018-12-21
|
|
Netatalk 3.1.12 - Authentication Bypass
|
4 |
REMOTE
|
Jacob Baines
|
|
2018-12-20
|
|
Erlang - Port Mapper Daemon Cookie Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-12-20
|
|
Erlang - Port Mapper Daemon Cookie Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-12-18
|
|
MiniShare 1.4.1 - 'HEAD/POST' Remote Buffer Overflow
|
3 |
REMOTE
|
Rafael Pedrero
|
|
2018-12-14
|
|
Safari - Proxy Object Type Confusion (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-12-14
|
|
Cisco RV110W - Password Disclosure / Command Execution
|
4 |
REMOTE
|
RySh
|
|
2018-12-04
|
|
HP Intelligent Management - Java Deserialization Remote Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-12-04
|
|
HP Intelligent Management - Java Deserialization Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2018-12-04
|
|
OpenSSH < 7.7 - User Enumeration (2)
|
4 |
REMOTE
|
Leap Security
|
|
2018-12-03
|
|
CyberArk 9.7 - Memory Disclosure
|
3 |
REMOTE
|
Thomas Zuk
|
|
2018-11-30
|
|
Apache Spark - (Unauthenticated) Command Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-11-30
|
|
Apache Spark - (Unauthenticated) Command Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-11-29
|
|
TeamCity Agent - XML-RPC Command Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-11-29
|
|
TeamCity Agent - XML-RPC Command Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-11-29
|
|
PHP imap_open - Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2018-11-29
|
|
PHP imap_open - Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2018-11-27
|
|
Netgear Devices - (Unauthenticated) Remote Command Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-11-27
|
|
Netgear Devices - (Unauthenticated) Remote Command Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-11-26
|
|
ELBA5 5.8.0 - Remote Code Execution
|
3 |
REMOTE
|
Florian Bogner
|
|
2018-11-14
|
|
Atlassian Jira - (Authenticated) Upload Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-11-14
|
|
Atlassian Jira - (Authenticated) Upload Code Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2018-11-06
|
|
Morris Worm - fingerd Stack Buffer Overflow (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-11-06
|
|
Morris Worm - fingerd Stack Buffer Overflow (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-11-06
|
|
blueimp's jQuery 9.22.0 - (Arbitrary) File Upload (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-11-06
|
|
blueimp's jQuery 9.22.0 - (Arbitrary) File Upload (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-11-06
|
|
Morris Worm - sendmail Debug Mode Shell Escape (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-11-06
|
|
Morris Worm - sendmail Debug Mode Shell Escape (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-10-30
|
|
Nutanix AOS & Prism < 5.5.5 (LTS) / < 5.8.1 (STS) - SFTP Authentication Bypass
|
4 |
REMOTE
|
Adam Brown
|
|
2018-10-29
|
|
Paramiko 2.4.1 - Authentication Bypass
|
4 |
REMOTE
|
Adam Brown
|
|
2018-10-25
|
|
WebExec - (Authenticated) User Code Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-10-25
|
|
WebExec - (Authenticated) User Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-10-24
|
|
exim 4.90 - Remote Code Execution
|
4 |
REMOTE
|
hackk.gr
|
|
2018-10-23
|
|
ServersCheck Monitoring Software 14.3.3 - Arbitrary File Write
|
2 |
REMOTE
|
hyp3rlinx
|
|
2018-10-18
|
|
libSSH - Authentication Bypass
|
4 |
REMOTE
|
Dayanç Soyadlı
|
|
2018-10-17
|
|
FLIR AX8 Thermal Camera 1.32.16 - Hard-Coded Credentials
|
3 |
REMOTE
|
LiquidWorm
|
|
2018-10-15
|
|
NoMachine < 5.3.27 - Remote Code Execution
|
3 |
REMOTE
|
hyp3rlinx
|
|
2018-10-10
|
|
MicroTik RouterOS < 6.43rc3 - Remote Root
|
5 |
REMOTE
|
Jacob Baines
|
|
2018-10-09
|
|
Delta Electronics Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-10-09
|
|
Delta Electronics Delta Industrial Automation COMMGR 1.08 - Stack Buffer Overflow (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-10-08
|
|
Navigate CMS - (Unauthenticated) Remote Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-10-08
|
|
Unitrends UEB - HTTP API Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2018-10-08
|
|
Unitrends UEB - HTTP API Remote Code Execution (Metasploit)
|
1 |
REMOTE
|
Metasploit
|
|
2018-10-04
|
|
Cisco Prime Infrastructure - (Unauthenticated) Remote Code Execution
|
3 |
REMOTE
|
SecuriTeam
|
|
2018-09-27
|
|
Microsoft Edge - Sandbox Escape
|
3 |
REMOTE
|
Google Security Research
|
|
2018-09-18
|
|
Ubisoft Uplay Desktop Client 63.0.5699.0 - Remote Code Execution
|
2 |
REMOTE
|
Che-Chun Kuo
|
|
2018-09-18
|
|
NUUO NVRMini2 3.8 - 'cgi_system' Buffer Overflow (Enable Telnet)
|
3 |
REMOTE
|
Jacob Baines
|
|
2018-09-17
|
|
CA Release Automation NiMi 6.5 - Remote Command Execution
|
4 |
REMOTE
|
Jakub Palaczynski
|
|
2018-09-10
|
|
Apache Struts 2 - Namespace Redirect OGNL Injection (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-09-10
|
|
Apache Struts 2 - Namespace Redirect OGNL Injection (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-09-07
|
|
Tenable WAS-Scanner 7.4.1708 - Remote Command Execution
|
3 |
REMOTE
|
Sameer Goyal
|
|
2018-09-05
|
|
FUJI XEROX DocuCentre-V 3065 Printer - Remote Command Execution
|
3 |
REMOTE
|
vr_system
|
|
2018-08-29
|
|
Eaton Xpert Meter 13.4.0.10 - SSH Private Key Disclosure
|
5 |
REMOTE
|
BrianWGray
|
|
2018-08-27
|
|
HP Jetdirect - Path Traversal Arbitrary Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-08-27
|
|
HP Jetdirect - Path Traversal Arbitrary Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-08-27
|
|
Electron WebPreferences - Remote Code Execution
|
2 |
REMOTE
|
Matt Austin
|
|
2017-02-08
|
|
Node.JS - 'node-serialize' Remote Code Execution
|
4 |
REMOTE
|
OpSecX
|
|
2018-08-25
|
|
Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (2)
|
4 |
REMOTE
|
hook-s3c
|
|
2018-08-26
|
|
Apache Struts 2.3 < 2.3.34 / 2.5 < 2.5.16 - Remote Code Execution (1)
|
5 |
REMOTE
|
Mazin Ahmed
|
|
2018-08-21
|
|
OpenSSH 2.3 < 7.7 - Username Enumeration
|
3 |
REMOTE
|
Justin Gardner
|
|
2018-08-20
|
|
Easylogin Pro 1.3.0 - 'Encryptor.php' Unserialize Remote Code Execution
|
3 |
REMOTE
|
mr_me
|
|
2018-08-20
|
|
SEIG Modbus 3.4 - Remote Code Execution
|
3 |
REMOTE
|
Alejandro Parodi
|
|
2018-08-19
|
|
SEIG SCADA System 9 - Remote Code Execution
|
3 |
REMOTE
|
Alejandro Parodi
|
|
2018-08-16
|
|
OpenSSH 2.3 < 7.7 - Username Enumeration (PoC)
|
4 |
REMOTE
|
Matthew Daley
|
|
2018-08-14
|
|
Cloudme 1.9 - Buffer Overflow (DEP) (Metasploit)
|
3 |
REMOTE
|
Raymond Wellnitz
|
|
2018-08-13
|
|
Oracle Weblogic Server - Deserialization Remote Code Execution (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2018-08-13
|
|
Oracle Weblogic Server - Deserialization Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-08-13
|
|
Microsoft DirectX SDK - 'Xact.exe' Remote Code Execution
|
4 |
REMOTE
|
hyp3rlinx
|
|
2018-08-09
|
|
Mikrotik WinBox 6.42 - Credential Disclosure (Metasploit)
|
4 |
REMOTE
|
Omid Shojaei
|
|
2018-08-01
|
|
SonicWall Global Management System - XMLRPC set_time_zone Command Injection (Metasploit)
|
6 |
REMOTE
|
Metasploit
|
|
2018-07-27
|
|
Axis Network Camera - .srv to parhand Remote Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-07-27
|
|
Axis Network Camera - .srv to parhand Remote Code Execution (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2018-07-27
|
|
WordPress Plugin Responsive Thumbnail Slider - Arbitrary File Upload (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-07-23
|
|
Microsoft Windows - 'dnslint.exe' Drive-By Download
|
6 |
REMOTE
|
hyp3rlinx
|
|
2018-07-18
|
|
HomeMatic Zentrale CCU2 - Remote Code Execution
|
4 |
REMOTE
|
Kacper Szurek
|
|
2018-07-17
|
|
Nanopool Claymore Dual Miner - APIs Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2018-07-17
|
|
Nanopool Claymore Dual Miner - APIs Remote Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-07-17
|
|
QNAP Q'Center - 'change_passwd' Command Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-07-17
|
|
QNAP Q'Center - 'change_passwd' Command Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-07-17
|
|
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Default Credentials
|
5 |
REMOTE
|
LiquidWorm
|
|
2018-07-13
|
|
Hadoop YARN ResourceManager - Command Execution (Metasploit)
|
6 |
REMOTE
|
Metasploit
|
|
2018-07-13
|
|
Hadoop YARN ResourceManager - Command Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-07-13
|
|
phpMyAdmin - (Authenticated) Remote Code Execution (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2018-07-13
|
|
phpMyAdmin - (Authenticated) Remote Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-07-13
|
|
Apache CouchDB - Arbitrary Command Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-07-13
|
|
Apache CouchDB - Arbitrary Command Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-07-13
|
|
Manage Engine Exchange Reporter Plus - Remote Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-07-13
|
|
Manage Engine Exchange Reporter Plus - Remote Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-07-11
|
|
IBM QRadar SIEM - Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-07-11
|
|
IBM QRadar SIEM - Remote Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-03-20
|
|
OpenSSH < 6.6 SFTP - Command Execution
|
4 |
REMOTE
|
SECFORCE
|
|
2014-10-08
|
|
OpenSSH < 6.6 SFTP (x64) - Command Execution
|
3 |
REMOTE
|
Jann Horn
|
|
2018-07-09
|
|
GitList 0.6.0 - Argument Injection (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-07-09
|
|
GitList 0.6.0 - Argument Injection (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2018-07-09
|
|
HID discoveryd - 'command_blink_on' Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-07-09
|
|
HID discoveryd - 'command_blink_on' Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-07-09
|
|
HP VAN SDN Controller - Root Command Injection (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-07-09
|
|
Activision Infinity Ward Call of Duty Modern Warfare 2 - Buffer Overflow
|
3 |
REMOTE
|
Maurice Heumann
|
|
2018-07-09
|
|
Activision Infinity Ward Call of Duty Modern Warfare 2 - Buffer Overflow
|
5 |
REMOTE
|
Maurice Heumann
|
