|
2018-06-13
|
|
DHCP Client - Command Injection 'DynoRoot' (Metasploit)
|
6 |
REMOTE
|
Metasploit
|
|
2018-06-13
|
|
DHCP Client - Command Injection 'DynoRoot' (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2018-06-05
|
|
WebKit - not_number defineProperties UAF (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-06-04
|
|
CyberArk < 10 - Memory Disclosure
|
5 |
REMOTE
|
Thomas Zuk
|
|
2018-05-28
|
|
CloudMe Sync < 1.11.0 - Buffer Overflow (SEH) (DEP Bypass)
|
5 |
REMOTE
|
Juan Prescotto
|
|
2018-05-27
|
|
Bitmain Antminer D3/L3+/S9 - Remote Command Execution
|
5 |
REMOTE
|
CorryL
|
|
2018-05-25
|
|
D-Link DSL-2750B - OS Command Injection (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-05-25
|
|
D-Link DSL-2750B - OS Command Injection (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-05-18
|
|
HPE iMC 7.3 - Remote Code Execution (Metasploit)
|
3 |
REMOTE
|
TrendyTofu
|
|
2018-05-17
|
|
Apache Struts 2 - Struts 1 Plugin Showcase OGNL Code Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-05-17
|
|
Apache Struts 2 - Struts 1 Plugin Showcase OGNL Code Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-05-17
|
|
Jenkins CLI - HTTP Java Deserialization (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2018-05-17
|
|
Jenkins CLI - HTTP Java Deserialization (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-05-17
|
|
Nanopool Claymore Dual Miner 7.3 - Remote Code Execution
|
3 |
REMOTE
|
ReverseBrain
|
|
2018-05-16
|
|
Inteno IOPSYS 2.0 < 4.2.0 - 'p910nd' Remote Command Execution
|
2 |
REMOTE
|
neonsea
|
|
2018-05-13
|
|
Microsoft Windows 2003 SP2 - 'RRAS' SMB Remote Code Execution
|
4 |
REMOTE
|
vportal
|
|
2018-05-10
|
|
Mantis Bug Tracker 1.1.3 - 'manage_proj_page' PHP Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-05-08
|
|
PlaySMS 1.4 - 'sendfromfile.php?Filename' (Authenticated) 'Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-05-08
|
|
PlaySMS - 'import.php' (Authenticated) CSV File Upload Code Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-05-08
|
|
Palo Alto Networks - 'readSessionVarsFromFile()' Session Corruption (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-05-08
|
|
FTPShell Client 6.7 - Buffer Overflow
|
4 |
REMOTE
|
r4wd3r
|
|
2018-05-04
|
|
Google Chrome V8 - Object Allocation Size Integer Overflow
|
2 |
REMOTE
|
Google Security Research
|
|
2018-05-02
|
|
Call of Duty Modern Warefare 2 - Buffer Overflow
|
2 |
REMOTE
|
momo5502
|
|
2018-05-02
|
|
TBK DVR4104 / DVR4216 - Credentials Leak
|
4 |
REMOTE
|
ezelf
|
|
2018-05-03
|
|
GPON Routers - Authentication Bypass / Command Injection
|
3 |
REMOTE
|
vpnmentor
|
|
2018-05-02
|
|
Norton Core Secure WiFi Router - 'BLE' Command Injection (PoC)
|
3 |
REMOTE
|
embedi
|
|
2018-05-02
|
|
Exim < 4.90.1 - 'base64d' Remote Code Execution
|
3 |
REMOTE
|
straight_blast
|
|
2018-05-02
|
|
Metasploit Framework - 'msfd' Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-05-02
|
|
Metasploit Framework - 'msfd' Remote Code Execution (via Browser) (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-05-02
|
|
xdebug < 2.5.5 - OS Command Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2017-09-08
|
|
Apache Struts 2.0.1 < 2.3.33 / 2.5 < 2.5.10 - Arbitrary Code Execution
|
3 |
REMOTE
|
brianwrf
|
|
2017-09-20
|
|
Android Bluetooth - 'Blueborne' Information Leak (2)
|
3 |
REMOTE
|
Kert Ojasoo
|
|
2017-08-09
|
|
Android Bluetooth - 'Blueborne' Information Leak (1)
|
3 |
REMOTE
|
Kert Ojasoo
|
|
2018-04-22
|
|
Oracle Weblogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.2 / 12.2.1.3 - Deserialization Remote Command Ex
|
3 |
REMOTE
|
brianwrf
|
|
2016-07-20
|
|
Websphere/JBoss/OpenNMS/Symantec Endpoint Protection Manager - Java Deserialization Remote Code Exec
|
3 |
REMOTE
|
Nikhil Sreekumar
|
|
2018-04-24
|
|
ASUS infosvr - Authentication Bypass Command Execution (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2018-04-24
|
|
Easy File Sharing Web Server 7.2 - 'UserID' Remote Buffer Overflow (DEP Bypass)
|
4 |
REMOTE
|
Hashim Jawad
|
|
2018-04-18
|
|
Easy File Sharing Web Server 7.2 - Stack Buffer Overflow
|
3 |
REMOTE
|
rebeyond
|
|
2018-04-17
|
|
Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (Metasploit)
|
3 |
REMOTE
|
José Ignacio Rojo
|
|
2018-04-17
|
|
Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (Metasploit)
|
3 |
REMOTE
|
José Ignacio Rojo
|
|
2018-04-17
|
|
D-Link DIR-615 Wireless Router - Persistent Cross Site Scripting
|
4 |
REMOTE
|
Sayan Chatterjee
|
|
2018-04-13
|
|
Microsoft Credential Security Support Provider - Remote Code Execution
|
5 |
REMOTE
|
Preempt
|
|
2017-02-14
|
|
F5 BIG-IP 11.6 SSL Virtual Server - 'Ticketbleed' Memory Disclosure
|
4 |
REMOTE
|
@0x00string
|
|
2018-04-06
|
|
LineageOS 14.1 Blueborne - Remote Code Execution
|
3 |
REMOTE
|
Marcin Kozlowski
|
|
2018-04-06
|
|
Adobe Flash < 28.0.0.161 - Use-After-Free
|
4 |
REMOTE
|
SyFi
|
|
2017-04-03
|
|
Moxa AWK-3131A 1.4 < 1.7 - 'Username' OS Command Injection
|
3 |
REMOTE
|
Talos
|
|
2018-03-30
|
|
Advantech WebAccess < 8.1 - webvrpcs DrawSrv.dll Path BwBuildPath Stack-Based Buffer Overflow
|
2 |
REMOTE
|
Chris Lyne
|
|
2018-03-29
|
|
Exodus Wallet (ElectronJS Framework) - Remote Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-03-29
|
|
GitStack - Unsanitized Argument Remote Code Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2018-03-26
|
|
Acrolinx Server < 5.2.5 - Directory Traversal
|
3 |
REMOTE
|
Berk Dusunur
|
|
2018-03-16
|
|
Unitrends UEB 10.0 - Root Remote Code Execution
|
4 |
REMOTE
|
Jared Arave
|
|
2018-03-16
|
|
Firefox 44.0.2 - ASM.JS JIT-Spray Remote Code Execution
|
2 |
REMOTE
|
Rh0
|
|
2018-03-16
|
|
Firefox 46.0.1 - ASM.JS JIT-Spray Remote Code Execution
|
3 |
REMOTE
|
Rh0
|
|
2018-03-14
|
|
SAP NetWeaver AS JAVA CRM - Log injection Remote Command Execution
|
3 |
REMOTE
|
erp scan team
|
|
2018-03-15
|
|
MikroTik RouterOS < 6.41.3/6.42rc27 - SMB Buffer Overflow
|
3 |
REMOTE
|
CoreLabs
|
|
2018-03-12
|
|
MikroTik RouterOS < 6.38.4 (x86) - 'Chimay Red' Stack Clash Remote Code Execution
|
4 |
REMOTE
|
Lorenzo Santina
|
|
2018-03-12
|
|
MikroTik RouterOS < 6.38.4 (MIPSBE) - 'Chimay Red' Stack Clash Remote Code Execution
|
3 |
REMOTE
|
Lorenzo Santina
|
|
2018-03-12
|
|
Eclipse Equinoxe OSGi Console - Command Execution (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2018-03-12
|
|
DEWESoft X3 SP1 (x64) - Remote Command Execution
|
3 |
REMOTE
|
hyp3rlinx
|
|
2018-02-14
|
|
Tenda AC15 Router - Remote Code Execution
|
4 |
REMOTE
|
Tim Carrington
|
|
2018-03-05
|
|
Netgear - 'TelnetEnable' Magic Packet (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-02-25
|
|
Papenmeier WiFi Baby Monitor Free & Lite < 2.02.2 - Remote Audio Record
|
2 |
REMOTE
|
iamrastating
|
|
2017-10-22
|
|
WordPress Plugin Polls 1.2.4 - SQL Injection (PoC)
|
4 |
REMOTE
|
Manish Tanwar
|
|
2017-02-03
|
|
Posnic Stock Management System - SQL Injection
|
3 |
REMOTE
|
Manish Tanwar
|
|
2017-07-04
|
|
Joomla! 3.7 - SQL Injection
|
3 |
REMOTE
|
Manish Tanwar
|
|
2018-03-02
|
|
TestLink Open Source Test Management < 1.9.16 - Remote Code Execution
|
3 |
REMOTE
|
Manish Tanwar
|
|
2018-02-27
|
|
Sony Playstation 4 (PS4) 4.55 - 'Jailbreak' 'setAttributeNodeNS' WebKit 5.02 / 'bpf' Kernel Loader 4
|
3 |
REMOTE
|
Specter
|
|
2018-02-27
|
|
GetGo Download Manager 5.3.0.2712 - Buffer Overflow (SEH)
|
3 |
REMOTE
|
bzyo
|
|
2018-02-26
|
|
AsusWRT LAN - Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-02-26
|
|
AsusWRT LAN - Remote Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-02-26
|
|
CloudMe Sync 1.10.9 - Stack-Based Buffer Overflow (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-02-26
|
|
CloudMe Sync 1.10.9 - Stack-Based Buffer Overflow (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-02-26
|
|
Disk Savvy Enterprise 10.4.18 - Stack-Based Buffer Overflow (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-02-26
|
|
Disk Savvy Enterprise 10.4.18 - Stack-Based Buffer Overflow (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2018-02-21
|
|
Disk Pulse Enterprise 10.4.18 - 'Import Command' Buffer Overflow (SEH)
|
4 |
REMOTE
|
Daniel Teixeira
|
|
2018-02-21
|
|
Disk Savvy Enterprise 10.4.18 - Buffer Overflow (SEH)
|
2 |
REMOTE
|
Daniel Teixeira
|
|
2018-02-21
|
|
EChat Server 3.1 - 'CHAT.ghp' Buffer Overflow
|
3 |
REMOTE
|
Juan Sacco
|
|
2018-02-20
|
|
μTorrent (uTorrent) Classic/Web - JSON-RPC Remote Code Execution / Information Disclosure
|
5 |
REMOTE
|
Google Security Research
|
|
2017-06-02
|
|
HPE Intelligent Management Center (iMC) 7.2 (E0403P10) - Code Execution
|
3 |
REMOTE
|
SecuriTeam
|
|
2017-07-12
|
|
360 Total Security - Local Privilege Escalation
|
3 |
REMOTE
|
SecuriTeam
|
|
2017-07-13
|
|
OrientDB - Code Execution
|
3 |
REMOTE
|
SecuriTeam
|
|
2017-07-30
|
|
McAfee Security Scan Plus - Remote Command Execution
|
4 |
REMOTE
|
SecuriTeam
|
|
2017-10-16
|
|
Ikraus Anti Virus 2.16.7 - Remote Code Execution
|
3 |
REMOTE
|
SecuriTeam
|
|
2017-11-01
|
|
Cisco UCS Platform Emulator 3.1(2ePE1) - Remote Code Execution
|
4 |
REMOTE
|
SecuriTeam
|
|
2017-12-19
|
|
Ichano AtHome IP Cameras - Multiple Vulnerabilities
|
5 |
REMOTE
|
SecuriTeam
|
|
2017-12-26
|
|
Trustwave SWG 11.8.0.27 - SSH Unauthorized Access
|
4 |
REMOTE
|
SecuriTeam
|
|
2018-02-13
|
|
Advantech WebAccess 8.3.0 - Remote Code Execution
|
4 |
REMOTE
|
Nassim Asrir
|
|
2018-02-13
|
|
CloudMe Sync < 1.11.0 - Buffer Overflow
|
5 |
REMOTE
|
hyp3rlinx
|
|
2018-02-10
|
|
LibreOffice < 6.0.1 - '=WEBSERVICE' Remote Arbitrary File Disclosure
|
5 |
REMOTE
|
Mikhail Klementev
|
|
2018-02-05
|
|
HPE iLO 4 < 2.53 - Add New Administrator User
|
3 |
REMOTE
|
skelsec
|
|
2017-09-07
|
|
HiSilicon DVR Devices - Remote Code Execution
|
3 |
REMOTE
|
Istvan Toth
|
|
2017-05-02
|
|
Dahua Generation 2/3 - Backdoor Access
|
3 |
REMOTE
|
bashis
|
|
2017-12-12
|
|
Vivotek IP Cameras - Remote Stack Overflow (PoC)
|
3 |
REMOTE
|
bashis
|
|
2017-12-22
|
|
Vitek - Remote Command Execution / Information Disclosure (PoC)
|
3 |
REMOTE
|
bashis
|
|
2017-10-28
|
|
Uniview - Remote Command Execution / Export Config (PoC)
|
3 |
REMOTE
|
bashis
|
|
2018-01-22
|
|
Herospeed - 'TelnetSwitch' Remote Stack Overflow / Overwrite Password / Enable TelnetD
|
2 |
REMOTE
|
bashis
|
|
2018-02-07
|
|
Adobe Coldfusion 11.0.03.292866 - BlazeDS Java Object Deserialization Remote Code Execution
|
4 |
REMOTE
|
Faisal Tameesh
|
|
2017-11-30
|
|
Axis Communications MPQT/PACS - Heap Overflow / Information Leakage
|
4 |
REMOTE
|
bashis
|
|
2017-10-20
|
|
Axis SSI - Remote Command Execution / Read Files
|
4 |
REMOTE
|
bashis
|
|
2018-02-01
|
|
Geovision Inc. IP Camera & Video - Remote Command Execution
|
4 |
REMOTE
|
bashis
|
|
2018-02-01
|
|
Geovision Inc. IP Camera/Video/Access Control - Multiple Remote Command Execution / Stack Overflow /
|
4 |
REMOTE
|
bashis
|
|
2018-02-05
|
|
Microsoft Windows - 'EternalRomance'/'EternalSynergy'/'EternalChampion' SMB Remote Code Execution (M
|
4 |
REMOTE
|
Metasploit
|
|
2018-02-01
|
|
BMC Server Automation RSCD Agent - NSH Remote Command Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-02-01
|
|
Sync Breeze Enterprise 10.4.18 - Remote Buffer Overflow (SEH)
|
4 |
REMOTE
|
Daniel Teixeira
|
|
2018-01-30
|
|
HPE iMC 7.3 - RMI Java Deserialization
|
3 |
REMOTE
|
Chris Lyne
|
|
2018-01-29
|
|
Oracle WebLogic - wls-wsat Component Deserialization Remote Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-01-29
|
|
Oracle WebLogic - wls-wsat Component Deserialization Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-01-28
|
|
Trend Micro Threat Discovery Appliance 2.6.1062r1 - 'dlp_policy_upload.cgi' Remote Code Execution
|
3 |
REMOTE
|
mr_me
|
|
2018-01-28
|
|
Werkzeug - 'Debug Shell' Command Execution
|
4 |
REMOTE
|
Ali BawazeEer
|
|
2018-01-26
|
|
BMC BladeLogic 8.3.00.64 - Remote Command Execution
|
3 |
REMOTE
|
Paul Taylor
|
|
2018-01-25
|
|
Exodus Wallet (ElectronJS Framework) - Remote Code Execution
|
2 |
REMOTE
|
Wflki
|
|
2018-01-22
|
|
AsusWRT Router < 3.0.0.4.380.7743 - LAN Remote Code Execution
|
3 |
REMOTE
|
Pedro Ribeiro
|
|
2018-01-24
|
|
GoAhead Web Server 2.5 < 3.6.5 - HTTPd 'LD_PRELOAD' Arbitrary Module Load (Metasploit)
|
2 |
REMOTE
|
Metasploit
|
|
2018-01-24
|
|
Kaltura - Remote PHP Code Execution over Cookie (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2018-01-24
|
|
RAVPower 2.000.056 - Root Remote Code Execution
|
3 |
REMOTE
|
Daniele Linguaglossa & Stefano Farletti
|
|
2018-01-17
|
|
Master IP CAM 01 - Multiple Vulnerabilities
|
5 |
REMOTE
|
Raffaele Sabato
|
|
2018-01-11
|
|
Transmission - RPC DNS Rebinding
|
2 |
REMOTE
|
Google Security Research
|
|
2018-01-11
|
|
Seagate Personal Cloud - Multiple Vulnerabilities
|
2 |
REMOTE
|
SecuriTeam
|
|
2018-01-15
|
|
Synology Photo Station 6.8.2-3461 - 'SYNOPHOTO_Flickr_MultiUpload' Race Condition File Write Remote
|
4 |
REMOTE
|
mr_me
|
|
2018-01-15
|
|
Disk Pulse Enterprise 10.1.18 - Remote Buffer Overflow
|
3 |
REMOTE
|
Ahmad Mahfouz
|
|
2018-01-15
|
|
SysGauge Server 3.6.18 - Remote Buffer Overflow
|
3 |
REMOTE
|
Ahmad Mahfouz
|
|
2018-01-11
|
|
ALLMediaServer 0.95 - Remote Buffer Overflow
|
3 |
REMOTE
|
Mario Kartone Ciccarelli
|
|
2018-01-11
|
|
phpCollab 2.5.1 - File Upload (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-01-11
|
|
LabF nfsAxe 3.7 FTP Client - Stack Buffer Overflow (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2018-01-10
|
|
HPE iMC - dbman 'RestartDB' Remote Command Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
