multiple

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2019-06-17 RedwoodHQ 2.5.5 – Authentication Bypass
  • webapps
    		•  EthicalHCOP
    2019-06-05 Google Chrome 73.0.3683.103 – ‘WasmMemoryObject::Grow’ Use-After-Free
  • dos
    		•  Google Security Research
    2019-05-29 Spidermonkey – IonMonkey Unexpected ObjectGroup in ObjectGroupDispatch Operation
  • dos
    		•  Google Security Research
    2019-05-29 Spidermonkey – IonMonkey Leaks JS_OPTIMIZED_OUT Magic Value to Script
  • dos
    		•  Google Security Research
    2019-05-28 Phraseanet < 4.0.7 - Cross-Site Scripting
  • webapps
    		•  Krzysztof Szulski
    2019-05-27 Deltek Maconomy 2.2.5 – Local File Inclusion
  • webapps
    		•  JameelNabbo
    2019-05-22 Zoho ManageEngine ServiceDesk Plus 9.3 – Cross-Site Scripting
  • webapps
    		•  Vingroup
    2019-05-22 Zoho ManageEngine ServiceDesk Plus < 10.5 - Improper Access Restrictions
  • webapps
    		•  Vingroup
    2019-05-21 Apple macOS < 10.14.5 / iOS < 12.3 XNU - 'in6_pcbdetach' Stale Pointer Use-After-Free
  • dos
    		•  Google Security Research
    2019-05-21 Apple macOS < 10.14.5 / iOS < 12.3 XNU - Wild-read due to bad cast in stf_ioctl
  • dos
    		•  Google Security Research
    2019-05-21 Apple macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - AIR Optimization Incorrectly Removes Assignment to Register
  • dos
    		•  Google Security Research
    2019-05-21 Apple macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - Loop-Invariant Code Motion (LICM) in DFG JIT Leaves Stack Variable Uninitialized
  • dos
    		•  Google Security Research
    2019-05-21 Apple macOS < 10.14.5 / iOS < 12.3 DFG JIT Compiler - 'HasIndexedProperty' Use-After-Free
  • dos
    		•  Google Security Research
    2019-05-21 Deluge 1.3.15 – ‘URL’ Denial of Service (PoC)
  • dos
    		•  Victor Mondragón
    2019-05-13 Google Chrome V8 – Turbofan JSCallReducer::ReduceArrayIndexOfIncludes Out-of-Bounds Read/Write
  • dos
    		•  Google Security Research
    2019-05-10 CyberArk Enterprise Password Vault 10.7 – XML External Entity Injection
  • webapps
    		•  Marcelo Toran
    2019-05-10 Cortex Unshortenlink Analyzer < 1.1 - Server-Side Request Forgery
  • webapps
    		•  Alexandre Basquin
    2019-05-08 Oracle Weblogic Server – ‘AsyncResponseService’ Deserialization Remote Code Execution (Metasploit)
  • remote
    		•  Metasploit
    2019-05-08 PostgreSQL 9.3 – COPY FROM PROGRAM Command Execution (Metasploit)
  • remote
    		•  Metasploit
    2019-05-07 Prinect Archive System 2015 Release 2.6 – Cross-Site Scripting
  • webapps
    		•  alt3kx
    2019-05-06 ReadyAPI 2.5.0 / 2.6.0 – Remote Code Execution
  • webapps
    		•  Gilson Camelo
    2019-05-03 Zotonic < 0.47.0 mod_admin - Cross-Site Scripting
  • webapps
    		•  Ramòn Janssen
    2019-04-30 Domoticz 4.10577 – Unauthenticated Remote Command Execution
  • webapps
    		•  Fabio Carretto
    2019-04-24 Google Chrome 72.0.3626.121 / 74.0.3725.0 – ‘NewFixedDoubleArray’ Integer Overflow
  • remote
    		•  Google Security Research