multiple

Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers/漏洞数据库

日期 标题 类别 作者
2018-02-05 Claymore Dual GPU Miner 10.5 – Format String
  • dos
    		•  res1n
    2018-02-05 HPE iLO 4 < 2.53 - Add New Administrator User
  • remote
    		•  skelsec
    2018-02-02 Oracle Hospitality Simphony (MICROS) 2.7 < 2.9 - Directory Traversal
  • webapps
    		•  Dmitry Chastuhin
    2018-02-01 BMC Server Automation RSCD Agent – NSH Remote Command Execution (Metasploit)
  • remote
    		•  Metasploit
    2018-02-01 WebKit – ‘WebCore::FrameView::clientToLayoutViewportPoint’ Use-After-Free
  • dos
    		•  Google Security Research
    2018-02-01 WebKit – ‘detachWrapper’ Use-After-Free
  • dos
    		•  Google Security Research
    2018-01-29 Oracle WebLogic – wls-wsat Component Deserialization Remote Code Execution (Metasploit)
  • remote
    		•  Metasploit
    2018-01-28 Artifex MuJS 1.0.2 – Denial of Service
  • dos
    		•  Andrea Sindoni
    2018-01-28 Nexpose < 6.4.66 - Cross-Site Request Forgery
  • webapps
    		•  Shwetabh Vishnoi
    2018-01-28 Werkzeug – ‘Debug Shell’ Command Execution
  • remote
    		•  Ali BawazeEer
    2018-01-28 Artifex MuJS 1.0.2 – Integer Overflow
  • dos
    		•  Andrea Sindoni
    2018-01-26 BMC BladeLogic 8.3.00.64 – Remote Command Execution
  • remote
    		•  Paul Taylor
    2018-01-24 Oracle VirtualBox < 5.1.30 / < 5.2-rc1 - Guest to Host Escape
  • local
    		•  SecuriTeam
    2018-01-24 GoAhead Web Server 2.5 < 3.6.5 - HTTPd 'LD_PRELOAD' Arbitrary Module Load (Metasploit)
  • remote
    		•  Metasploit
    2018-01-23 NEC Univerge SV9100/SV8100 WebPro 10.0 – Configuration Download
  • webapps
    		•  LiquidWorm
    2018-01-15 DarkComet (C2 Server) – File Upload
  • webapps
    		•  Pseudo Laboratories
    2018-01-11 Transmission – RPC DNS Rebinding
  • remote
    		•  Google Security Research
    2018-01-10 SAP NetWeaver J2EE Engine 7.40 – SQL Injection
  • webapps
    		•  Vahagn Vardanyan
    2018-01-10 Parity Browser < 1.6.10 - Bypass Same Origin Policy
  • local
    		•  tintinweb
    2018-01-03 Oracle WebLogic < 10.3.6 - 'wls-wsat' Component Deserialisation Remote Command Execution
  • remote
    		•  Kevin Kirsche
    2018-01-03 Multiple CPUs – ‘Spectre’ Information Disclosure
  • local
    		•  Multiple
    2018-01-03 EMC xPression 4.5SP1 Patch 13 – ‘model.jobHistoryId’ SQL Injection
  • webapps
    		•  Pawel Gocyla
    2017-12-27 SAP BusinessObjects launch pad – Server-Side Request Forgery
  • webapps
    		•  Ahmad Mahfouz
    2017-12-26 Oracle WebLogic Server 10.3.6.0.0 / 12.x – Remote Command Execution
  • remote
    		•  1337g