The Exploit Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, Security Articles, Tutorials and more.
[webapps] Nimble Streamer 3.0.2-2 < 3.5.4-9 – Directory Traversal
23 August 2019, 12:00 amNimble Streamer 3.0.2-2 < 3.5.4-9 – Directory Traversal
[webapps] Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN – Arbitrary File Disclosure (Metasploit)
21 August 2019, 12:00 amPulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN – Arbitrary File Disclosure (Metasploit)
[remote] LibreOffice < 6.2.6 Macro – Python Code Execution (Metasploit)
21 August 2019, 12:00 amLibreOffice < 6.2.6 Macro – Python Code Execution (Metasploit)
[webapps] WordPress Add Mime Types Plugin 2.2.1 – Cross-Site Request Forgery
20 August 2019, 12:00 amWordPress Add Mime Types Plugin 2.2.1 – Cross-Site Request Forgery
[dos] RAR Password Recovery 1.80 – 'User Name and Registration Code' Denial of Service
19 August 2019, 12:00 amRAR Password Recovery 1.80 – ‘User Name and Registration Code’ Denial of Service
[webapps] Kimai 2 – Persistent Cross-Site Scripting
19 August 2019, 12:00 amKimai 2 – Persistent Cross-Site Scripting
[webapps] FortiOS 5.6.3 – 5.6.7 / FortiOS 6.0.0 – 6.0.4 – Credentials Disclosure (Metasploit)
19 August 2019, 12:00 amFortiOS 5.6.3 – 5.6.7 / FortiOS 6.0.0 – 6.0.4 – Credentials Disclosure (Metasploit)
[webapps] FortiOS 5.6.3 – 5.6.7 / FortiOS 6.0.0 – 6.0.4 – Credentials Disclosure
19 August 2019, 12:00 amFortiOS 5.6.3 – 5.6.7 / FortiOS 6.0.0 – 6.0.4 – Credentials Disclosure
[webapps] Neo Billing 3.5 – Persistent Cross-Site Scripting
19 August 2019, 12:00 amNeo Billing 3.5 – Persistent Cross-Site Scripting
[webapps] Webmin 1.920 – Remote Code Execution
19 August 2019, 12:00 amWebmin 1.920 – Remote Code Execution
[webapps] YouPHPTube 7.2 – 'userCreate.json.php' SQL Injection
19 August 2019, 12:00 amYouPHPTube 7.2 – ‘userCreate.json.php’ SQL Injection
[webapps] Joomla! component com_jsjobs 1.2.6 – Arbitrary File Deletion
16 August 2019, 12:00 amJoomla! component com_jsjobs 1.2.6 – Arbitrary File Deletion
[dos] GetGo Download Manager 6.2.2.3300 – Denial of Service
16 August 2019, 12:00 amGetGo Download Manager 6.2.2.3300 – Denial of Service
[webapps] Integria IMS 5.0.86 – Arbitrary File Upload
16 August 2019, 12:00 amIntegria IMS 5.0.86 – Arbitrary File Upload
[webapps] Web Wiz Forums 12.01 – 'PF' SQL Injection
16 August 2019, 12:00 amWeb Wiz Forums 12.01 – ‘PF’ SQL Injection
[webapps] EyesOfNetwork 5.1 – Authenticated Remote Command Execution
16 August 2019, 12:00 amEyesOfNetwork 5.1 – Authenticated Remote Command Execution
[dos] Microsoft Font Subsetting – DLL Heap Corruption in ReadAllocFormat12CharGlyphMapList
15 August 2019, 12:00 amMicrosoft Font Subsetting – DLL Heap Corruption in ReadAllocFormat12CharGlyphMapList
[dos] Microsoft Font Subsetting – DLL Heap Corruption in MakeFormat12MergedGlyphList
15 August 2019, 12:00 amMicrosoft Font Subsetting – DLL Heap Corruption in MakeFormat12MergedGlyphList
[dos] Microsoft Font Subsetting – DLL Heap-Based Out-of-Bounds read in WriteTableFromStructure
15 August 2019, 12:00 amMicrosoft Font Subsetting – DLL Heap-Based Out-of-Bounds read in WriteTableFromStructure
[dos] Microsoft Font Subsetting – DLL Heap Corruption in ReadTableIntoStructure
15 August 2019, 12:00 amMicrosoft Font Subsetting – DLL Heap Corruption in ReadTableIntoStructure
[dos] Microsoft Font Subsetting – DLL Heap-Based Out-of-Bounds read in FixSbitSubTableFormat1
15 August 2019, 12:00 amMicrosoft Font Subsetting – DLL Heap-Based Out-of-Bounds read in FixSbitSubTableFormat1
[dos] Adobe Acrobat Reader DC for Windows – Heap-Based Buffer Overflow While Processing Malformed PDF
15 August 2019, 12:00 amAdobe Acrobat Reader DC for Windows – Heap-Based Buffer Overflow While Processing Malformed PDF
[dos] Adobe Acrobat Reader DC for Windows – Use-After-Free due to Malformed JP2 Stream
15 August 2019, 12:00 amAdobe Acrobat Reader DC for Windows – Use-After-Free due to Malformed JP2 Stream
[dos] Adobe Acrobat Reader DC for Windows – Heap-Based Buffer Overflow due to Malformed Font Stream
15 August 2019, 12:00 amAdobe Acrobat Reader DC for Windows – Heap-Based Buffer Overflow due to Malformed Font Stream
[dos] Adobe Acrobat Reader DC for Windows – Static Buffer Overflow due to Malformed Font Stream
15 August 2019, 12:00 amAdobe Acrobat Reader DC for Windows – Static Buffer Overflow due to Malformed Font Stream
[dos] Adobe Acrobat Reader DC for Windows – Heap-Based Buffer Overflow in CoolType.dll
15 August 2019, 12:00 amAdobe Acrobat Reader DC for Windows – Heap-Based Buffer Overflow in CoolType.dll
[dos] NSKeyedUnarchiver – Info Leak in Decoding SGBigUTF8String
15 August 2019, 12:00 amNSKeyedUnarchiver – Info Leak in Decoding SGBigUTF8String
[dos] Adobe Acrobat CoolType (AFDKO) – Memory Corruption in the Handling of Type 1 Font load/store Operators
15 August 2019, 12:00 amAdobe Acrobat CoolType (AFDKO) – Memory Corruption in the Handling of Type 1 Font load/store Operators
[dos] Microsoft Font Subsetting – DLL Returning a Dangling Pointer via MergeFontPackage
15 August 2019, 12:00 amMicrosoft Font Subsetting – DLL Returning a Dangling Pointer via MergeFontPackage
[dos] Microsoft Font Subsetting – DLL Double Free in MergeFormat12Cmap / MakeFormat12MergedGlyphList
15 August 2019, 12:00 amMicrosoft Font Subsetting – DLL Double Free in MergeFormat12Cmap / MakeFormat12MergedGlyphList
[dos] Microsoft Font Subsetting – DLL Heap Corruption in FixSbitSubTables
15 August 2019, 12:00 amMicrosoft Font Subsetting – DLL Heap Corruption in FixSbitSubTables
[dos] Adobe Acrobat Reader DC for Windows – Double Free due to Malformed JP2 Stream
15 August 2019, 12:00 amAdobe Acrobat Reader DC for Windows – Double Free due to Malformed JP2 Stream
[dos] Microsoft Font Subsetting – DLL Heap-Based Out-of-Bounds read in GetGlyphIdx
15 August 2019, 12:00 amMicrosoft Font Subsetting – DLL Heap-Based Out-of-Bounds read in GetGlyphIdx
[dos] Adobe Acrobat Reader DC for Windows – free() of Uninitialized Pointer due to Malformed JBIG2Globals Stream
15 August 2019, 12:00 amAdobe Acrobat Reader DC for Windows – free() of Uninitialized Pointer due to Malformed JBIG2Globals Stream
[dos] Adobe Acrobat CoolType (AFDKO) – Call from Uninitialized Memory due to Empty FDArray in Type 1 Fonts
15 August 2019, 12:00 amAdobe Acrobat CoolType (AFDKO) – Call from Uninitialized Memory due to Empty FDArray in Type 1 Fonts
[dos] Adobe Acrobat Reader DC for Windows – Heap-Based Buffer Overflow due to Malformed JP2 Stream
15 August 2019, 12:00 amAdobe Acrobat Reader DC for Windows – Heap-Based Buffer Overflow due to Malformed JP2 Stream
[local] Microsoft Windows Text Services Framework MSCTF – Multiple Vulnerabilities
15 August 2019, 12:00 amMicrosoft Windows Text Services Framework MSCTF – Multiple Vulnerabilities
[dos] Adobe Acrobat Reader DC for Windows – Heap-Based Memory Corruption due to Malformed TTF Font
15 August 2019, 12:00 amAdobe Acrobat Reader DC for Windows – Heap-Based Memory Corruption due to Malformed TTF Font
[dos] Adobe Acrobat Reader DC for Windows – Heap-Based Out-of-Bounds read due to Malformed JP2 Stream
15 August 2019, 12:00 amAdobe Acrobat Reader DC for Windows – Heap-Based Out-of-Bounds read due to Malformed JP2 Stream
[webapps] SugarCRM Enterprise 9.0.0 – Cross-Site Scripting
14 August 2019, 12:00 amSugarCRM Enterprise 9.0.0 – Cross-Site Scripting
[webapps] Joomla! Component JS Jobs (com_jsjobs) 1.2.5 – 'customfields.php' SQL Injection
14 August 2019, 12:00 amJoomla! Component JS Jobs (com_jsjobs) 1.2.5 – ‘customfields.php’ SQL Injection
[dos] Windows PowerShell – Unsanitized Filename Command Execution
14 August 2019, 12:00 amWindows PowerShell – Unsanitized Filename Command Execution
[webapps] WordPress Plugin Download Manager 2.5 – Cross-Site Request Forgery
14 August 2019, 12:00 amWordPress Plugin Download Manager 2.5 – Cross-Site Request Forgery
[webapps] D-Link DIR-600M – Authentication Bypass (Metasploit)
14 August 2019, 12:00 amD-Link DIR-600M – Authentication Bypass (Metasploit)
[webapps] TortoiseSVN 1.12.1 – Remote Code Execution
14 August 2019, 12:00 amTortoiseSVN 1.12.1 – Remote Code Execution
[local] Microsoft Windows 10 AppXSvc Deployment Service – Arbitrary File Deletion
14 August 2019, 12:00 amMicrosoft Windows 10 AppXSvc Deployment Service – Arbitrary File Deletion
[dos] ABC2MTEX 1.6.1 – Command Line Stack Overflow
14 August 2019, 12:00 amABC2MTEX 1.6.1 – Command Line Stack Overflow
[webapps] ManageEngine opManager 12.3.150 – Authenticated Code Execution
14 August 2019, 12:00 amManageEngine opManager 12.3.150 – Authenticated Code Execution
[remote] Agent Tesla Botnet – Arbitrary Code Execution (Metasploit)
14 August 2019, 12:00 amAgent Tesla Botnet – Arbitrary Code Execution (Metasploit)
[remote] AZORult Botnet – SQL Injection
13 August 2019, 12:00 amAZORult Botnet – SQL Injection