|
2019-09-02
|
|
Cisco Email Security Appliance (IronPort) C160 - 'Host' Header Injection
|
5 |
REMOTE
|
Todor Donev
|
|
2019-08-21
|
|
Cisco UCS Director_ Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express
|
6 |
REMOTE
|
Pedro Ribeiro
|
|
2019-08-21
|
|
LibreOffice < 6.2.6 Macro - Python Code Execution (Metasploit)
|
5 |
REMOTE
|
LoadLow
|
|
2019-08-14
|
|
Agent Tesla Botnet - Arbitrary Code Execution (Metasploit)
|
6 |
REMOTE
|
Ege Balci
|
|
2019-08-13
|
|
AZORult Botnet - SQL Injection
|
5 |
REMOTE
|
prsecurity
|
|
2019-08-13
|
|
Agent Tesla Botnet - Arbitrary Code Execution
|
5 |
REMOTE
|
prsecurity
|
|
2019-08-12
|
|
Webmin 1.920 - Unauthenticated Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
AkkuS
|
|
2019-08-12
|
|
ManageEngine OpManager 12.4x - Unauthenticated Remote Command Execution (Metasploit)
|
5 |
REMOTE
|
AkkuS
|
|
2019-08-12
|
|
ManageEngine Application Manager 14.2 - Privilege Escalation / Remote Command Execution (Metasploit)
|
5 |
REMOTE
|
AkkuS
|
|
2019-08-12
|
|
ManageEngine OpManager 12.4x - Privilege Escalation / Remote Command Execution (Metasploit)
|
4 |
REMOTE
|
AkkuS
|
|
2019-08-08
|
|
Baldr Botnet Panel - Arbitrary Code Execution (Metasploit)
|
6 |
REMOTE
|
Ege Balci
|
|
2019-08-05
|
|
ARMBot Botnet - Arbitrary Code Execution
|
6 |
REMOTE
|
prsecurity
|
|
2019-08-05
|
|
Apache Tika 1.15 - 1.17 - Header Command Injection (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2019-07-30
|
|
Redis 4.x / 5.x - Unauthenticated Code Execution (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2019-07-29
|
|
WordPress Plugin Database Backup < 5.2 - Remote Code Execution (Metasploit)
|
6 |
REMOTE
|
Metasploit
|
|
2019-07-29
|
|
Schneider Electric Pelco Endura NET55XX Encoder - Authentication Bypass (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2019-07-29
|
|
Schneider Electric Pelco Endura NET55XX Encoder - Authentication Bypass (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2019-07-24
|
|
Android 7 < 9 - Remote Code Execution
|
4 |
REMOTE
|
Marcin Kozlowski
|
|
2019-07-24
|
|
Trend Micro Deep Discovery Inspector IDS - Security Bypass
|
4 |
REMOTE
|
hyp3rlinx
|
|
2019-07-19
|
|
MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow (EggHunter)
|
6 |
REMOTE
|
sasaga92
|
|
2019-07-17
|
|
MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow
|
5 |
REMOTE
|
hyp3rlinx
|
|
2019-07-17
|
|
MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow
|
6 |
REMOTE
|
hyp3rlinx
|
|
2019-07-16
|
|
PHP Laravel Framework 5.5.40 / 5.6.x < 5.6.30 - token Unserialize Remote Command Execution (Metasplo
|
4 |
REMOTE
|
Metasploit
|
|
2019-07-12
|
|
Xymon 4.3.25 - useradm Command Execution (Metasploit)
|
6 |
REMOTE
|
Metasploit
|
|
2019-07-10
|
|
Siemens TIA Portal - Remote Command Execution
|
5 |
REMOTE
|
Joseph Bingham
|
|
2019-07-07
|
|
Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuckV2.c' Remote Buffer Overflow (2)
|
5 |
REMOTE
|
Brian Peters
|
|
2019-07-05
|
|
Microsoft Exchange 2003 - base64-MIME Remote Code Execution
|
5 |
REMOTE
|
Charles Truscott
|
|
2019-07-03
|
|
Apache Tomcat - CGIServlet enableCmdLineArguments Remote Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2019-07-01
|
|
FaceSentry Access Control System 6.4.8 - Remote SSH Root
|
3 |
REMOTE
|
LiquidWorm
|
|
2019-07-01
|
|
Linux Mint 18.3-19.1 - 'yelp' Command Injection (Metasploit)
|
5 |
REMOTE
|
b1ack0wl
|
|
2019-06-26
|
|
Nagios XI 5.5.6 - Magpie_debug.php Root Remote Code Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2019-06-25
|
|
SAPIDO RB-1732 - Remote Command Execution
|
6 |
REMOTE
|
k1nm3n.aotoi
|
|
2019-06-25
|
|
SuperDoctor5 - 'NRPE' Remote Code Execution
|
3 |
REMOTE
|
Simon Gurney
|
|
2019-06-21
|
|
EA Origin < 10.5.38 - Remote Code Execution
|
6 |
REMOTE
|
Dominik Penner
|
|
2019-06-20
|
|
Cisco Prime Infrastructure Health Monitor - TarArchive Directory Traversal (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2019-06-17
|
|
AROX School-ERP Pro - Unauthenticated Remote Command Execution (Metasploit)
|
6 |
REMOTE
|
AkkuS
|
|
2019-06-11
|
|
Webmin 1.910 - 'Package Updates' Remote Command Execution (Metasploit)
|
5 |
REMOTE
|
AkkuS
|
|
2019-06-05
|
|
Exim 4.87 < 4.91 - (Local / Remote) Command Execution
|
3 |
REMOTE
|
Qualys Corporation
|
|
2019-06-05
|
|
LibreNMS - addhost Command Injection (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2019-06-05
|
|
IBM Websphere Application Server - Network Deployment Untrusted Data Deserialization Remote Code Exe
|
6 |
REMOTE
|
Metasploit
|
|
2019-06-04
|
|
Cisco RV130W 1.0.3.44 - Remote Stack Overflow
|
5 |
REMOTE
|
@0x00string
|
|
2019-06-04
|
|
NUUO NVRMini 2 3.9.1 - 'sscanf' Stack Overflow
|
5 |
REMOTE
|
@0x00string
|
|
2019-05-29
|
|
Oracle Application Testing Suite - WebLogic Server Administration Console War Deployment (Metasploit
|
5 |
REMOTE
|
Metasploit
|
|
2019-05-28
|
|
Petraware pTransformer ADC < 2.1.7.22827 - Login Bypass
|
5 |
REMOTE
|
Faudhzan Rahman
|
|
2019-05-27
|
|
Typora 0.9.9.24.6 - Directory Traversal
|
4 |
REMOTE
|
Dhiraj Mishra
|
|
2019-05-24
|
|
Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption
|
6 |
REMOTE
|
Simon Zuckerbraun
|
|
2019-05-23
|
|
Shopware - createInstanceFromNamedArguments PHP Object Instantiation Remote Code Execution (Metasplo
|
6 |
REMOTE
|
Metasploit
|
|
2019-05-20
|
|
GetSimpleCMS - Unauthenticated Remote Code Execution (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2019-05-14
|
|
PHP-Fusion 9.03.00 - 'Edit Profile' Remote Code Execution (Metasploit)
|
6 |
REMOTE
|
AkkuS
|
|
2019-05-08
|
|
Oracle Weblogic Server - 'AsyncResponseService' Deserialization Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2019-05-08
|
|
Oracle Weblogic Server - 'AsyncResponseService' Deserialization Remote Code Execution (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2019-05-08
|
|
PostgreSQL 9.3 - COPY FROM PROGRAM Command Execution (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2019-05-08
|
|
Google Chrome 72.0.3626.119 - 'FileReader' Use-After-Free (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2019-05-08
|
|
Google Chrome 72.0.3626.119 - 'FileReader' Use-After-Free (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2019-05-08
|
|
Lotus Domino 8.5.3 - 'EXAMINE' Stack Buffer Overflow DEP/ASLR Bypass (NSA's EMPHASISMINE)
|
4 |
REMOTE
|
Charles Truscott
|
|
2019-05-08
|
|
Lotus Domino 8.5.3 - 'EXAMINE' Stack Buffer Overflow DEP/ASLR Bypass (NSA's EMPHASISMINE)
|
4 |
REMOTE
|
Charles Truscott
|
|
2019-05-06
|
|
Xitami Web Server 2.5 - Remote Buffer Overflow (SEH + Egghunter)
|
5 |
REMOTE
|
ElSoufiane
|
|
2019-05-06
|
|
LG Supersign EZ CMS - Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
Alejandro Fanjul
|
|
2019-05-03
|
|
Blue Angel Software Suite - Command Execution
|
4 |
REMOTE
|
Paolo Serracino_ Pietro Minniti_ Damiano Proietti
|
|
2019-05-03
|
|
Microsoft Windows PowerShell ISE - Remote Code Execution
|
3 |
REMOTE
|
hyp3rlinx
|
|
2019-05-02
|
|
Ruby On Rails - DoubleTap Development Mode secret_key_base Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2019-04-30
|
|
Pimcore < 5.71 - Unserialize Remote Code Execution (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2019-04-30
|
|
Pimcore < 5.71 - Unserialize Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2019-04-30
|
|
AIS logistics ESEL-Server - Unauthenticated SQL Injection Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2019-04-30
|
|
Moodle 3.6.3 - 'Install Plugin' Remote Command Execution (Metasploit)
|
5 |
REMOTE
|
AkkuS
|
|
2019-04-30
|
|
Freefloat FTP Server 1.0 - 'STOR' Remote Buffer Overflow
|
4 |
REMOTE
|
Kevin Randall
|
|
2019-04-30
|
|
Freefloat FTP Server 1.0 - 'STOR' Remote Buffer Overflow
|
6 |
REMOTE
|
Kevin Randall
|
|
2019-04-30
|
|
Freefloat FTP Server 1.0 - 'SIZE' Remote Buffer Overflow
|
6 |
REMOTE
|
Kevin Randall
|
|
2019-04-30
|
|
Freefloat FTP Server 1.0 - 'SIZE' Remote Buffer Overflow
|
6 |
REMOTE
|
Kevin Randall
|
|
2019-04-24
|
|
Google Chrome 72.0.3626.121 / 74.0.3725.0 - 'NewFixedDoubleArray' Integer Overflow
|
5 |
REMOTE
|
Google Security Research
|
|
2019-04-22
|
|
ManageEngine Applications Manager 14.0 - Authentication Bypass / Remote Command Execution (Metasploi
|
5 |
REMOTE
|
AkkuS
|
|
2019-04-19
|
|
Atlassian Confluence Widget Connector Macro - Velocity Template Injection (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2019-04-19
|
|
Atlassian Confluence Widget Connector Macro - Velocity Template Injection (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2019-04-18
|
|
ManageEngine Applications Manager 11.0 < 14.0 - SQL Injection / Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
AkkuS
|
|
2019-04-17
|
|
MailCarrier 2.51 - POP3 'RETR' SEH Buffer Overflow
|
3 |
REMOTE
|
Dino Covotsos
|
|
2019-04-17
|
|
MailCarrier 2.51 - POP3 'RETR' SEH Buffer Overflow
|
5 |
REMOTE
|
Dino Covotsos
|
|
2019-04-15
|
|
Cisco RV130W Routers - Management Interface Remote Command Execution (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2019-04-15
|
|
Cisco RV130W Routers - Management Interface Remote Command Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2019-04-15
|
|
MailCarrier 2.51 - POP3 'TOP' SEH Buffer Overflow
|
6 |
REMOTE
|
Dino Covotsos
|
|
2019-04-15
|
|
MailCarrier 2.51 - POP3 'TOP' SEH Buffer Overflow
|
6 |
REMOTE
|
Dino Covotsos
|
|
2019-04-15
|
|
MailCarrier 2.51 - POP3 'LIST' SEH Buffer Overflow
|
4 |
REMOTE
|
Dino Covotsos
|
|
2019-04-15
|
|
MailCarrier 2.51 - POP3 'LIST' SEH Buffer Overflow
|
5 |
REMOTE
|
Dino Covotsos
|
|
2019-04-15
|
|
MailCarrier 2.51 - POP3 'USER' Buffer Overflow
|
5 |
REMOTE
|
Dino Covotsos
|
|
2019-04-15
|
|
MailCarrier 2.51 - POP3 'USER' Buffer Overflow
|
5 |
REMOTE
|
Dino Covotsos
|
|
2019-04-15
|
|
CuteNews 2.1.2 - 'avatar' Remote Code Execution (Metasploit)
|
6 |
REMOTE
|
AkkuS
|
|
2019-04-15
|
|
RemoteMouse 3.008 - Arbitrary Remote Command Execution
|
5 |
REMOTE
|
0rphon
|
|
2019-04-15
|
|
MailCarrier 2.51 - 'RCPT TO' Buffer Overflow
|
5 |
REMOTE
|
Dino Covotsos
|
|
2019-04-15
|
|
MailCarrier 2.51 - 'RCPT TO' Buffer Overflow
|
5 |
REMOTE
|
Dino Covotsos
|
|
2019-04-12
|
|
Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2019-04-12
|
|
Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)
|
3 |
REMOTE
|
Metasploit
|
|
2019-04-12
|
|
Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)
|
6 |
REMOTE
|
Metasploit
|
|
2019-04-12
|
|
Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)
|
6 |
REMOTE
|
Metasploit
|
|
2019-04-09
|
|
Apache Axis 1.4 - Remote Code Execution
|
5 |
REMOTE
|
David Yesland
|
|
2019-04-09
|
|
TP-LINK TL-WR940N / TL-WR941ND - Buffer Overflow
|
4 |
REMOTE
|
Grzegorz Wypych
|
|
2019-02-27
|
|
PHP 7.2 - 'imagecolormatch()' Out of Band Heap Write
|
6 |
REMOTE
|
cfreal
|
|
2019-04-08
|
|
QNAP Netatalk < 3.1.12 - Authentication Bypass
|
6 |
REMOTE
|
muts
|
|
2019-04-05
|
|
WordPress Core 5.0.0 - Crop-image Shell Upload (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2019-04-03
|
|
Cisco RV320 and RV325 - Unauthenticated Remote Code Execution (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2019-04-03
|
|
Google Chrome 72.0.3626.96 / 74.0.3702.0 - 'JSPromise::TriggerPromiseReactions' Type Confusion
|
3 |
REMOTE
|
Google Security Research
|
|
2019-04-03
|
|
PhreeBooks ERP 5.2.3 - Remote Command Execution (1)
|
5 |
REMOTE
|
Metin Yunus Kandemir
|
|
2019-04-03
|
|
TeemIp IPAM < 2.4.0 - 'new_config' Command Injection (Metasploit)
|
5 |
REMOTE
|
AkkuS
|
|
2019-04-03
|
|
TeemIp IPAM < 2.4.0 - 'new_config' Command Injection (Metasploit)
|
5 |
REMOTE
|
AkkuS
|
|
2019-03-28
|
|
Oracle Weblogic Server Deserialization RCE - Raw Object (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2019-03-28
|
|
CMS Made Simple (CMSMS) Showtime2 - File Upload Remote Code Execution (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2019-03-19
|
|
Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming Remote Code Execution
|
5 |
REMOTE
|
Metasploit
|
|
2019-03-19
|
|
Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming Remote Code Execution
|
5 |
REMOTE
|
Metasploit
|
|
2019-03-18
|
|
BMC Patrol Agent - Privilege Escalation Code Execution Execution (Metasploit)
|
5 |
REMOTE
|
Metasploit
|
|
2019-03-15
|
|
Mail Carrier 2.5.1 - 'MAIL FROM' Buffer Overflow
|
4 |
REMOTE
|
Joseph McDonagh
|
|
2019-03-15
|
|
Mail Carrier 2.5.1 - 'MAIL FROM' Buffer Overflow
|
5 |
REMOTE
|
Joseph McDonagh
|
|
2019-03-14
|
|
Apache UNO / LibreOffice Version: 6.1.2 / OpenOffice 4.1.6 API - Remote Code Execution
|
7 |
REMOTE
|
sud0woodo
|
|
2019-03-14
|
|
FTPGetter Standard 5.97.0.177 - Remote Code Execution
|
5 |
REMOTE
|
w4fz5uck5
|
|
2019-03-14
|
|
FTPGetter Standard 5.97.0.177 - Remote Code Execution
|
8 |
REMOTE
|
w4fz5uck5
|
|
2019-03-13
|
|
Apache Tika-server < 1.18 - Command Injection
|
4 |
REMOTE
|
Rhino Security Labs
|
|
2019-03-13
|
|
elFinder PHP Connector < 2.1.48 - 'exiftran' Command Injection (Metasploit)
|
6 |
REMOTE
|
Metasploit
|
|
2019-03-13
|
|
elFinder PHP Connector < 2.1.48 - 'exiftran' Command Injection (Metasploit)
|
6 |
REMOTE
|
Metasploit
|
|
2019-01-11
|
|
OpenSSH SCP Client - Write Arbitrary Files
|
5 |
REMOTE
|
Harry Sintonen
|
|
2018-03-28
|
|
TeamCity < 9.0.2 - Disabled Registration Bypass
|
5 |
REMOTE
|
allyshka
|
|
2018-10-25
|
|
Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass)
|
6 |
REMOTE
|
allyshka
|
|
2019-03-07
|
|
Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit
|
3 |
REMOTE
|
Metasploit
|
|
2019-03-07
|
|
Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() Remote Command Execution (Metasploit
|
5 |
REMOTE
|
Metasploit
|
|
2019-03-07
|
|
Imperva SecureSphere 13.x - 'PWS' Command Injection (Metasploit)
|
4 |
REMOTE
|
Metasploit
|
|
2019-03-07
|
|
Imperva SecureSphere 13.x - 'PWS' Command Injection (Metasploit)
|
6 |
REMOTE
|
Metasploit
|
|
2019-03-07
|
|
QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)
|
3 |
REMOTE
|
AkkuS
|
|
2016-12-20
|
|
Java Debug Wire Protocol (JDWP) - Remote Code Execution
|
5 |
REMOTE
|
IOactive
|
|
2019-02-28
|
|
Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow
|
7 |
REMOTE
|
Artem Metla
|
