Exploits Database

The Exploit Database – Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, Security Articles, Tutorials and more.

Nimble Streamer 3.0.2-2 < 3.5.4-9 – Directory Traversal
Pulse Secure 8.1R15.1/8.2/8.3/9.0 SSL VPN – Arbitrary File Disclosure (Metasploit)
LibreOffice < 6.2.6 Macro – Python Code Execution (Metasploit)
WordPress Add Mime Types Plugin 2.2.1 – Cross-Site Request Forgery
RAR Password Recovery 1.80 – ‘User Name and Registration Code’ Denial of Service
Kimai 2 – Persistent Cross-Site Scripting
FortiOS 5.6.3 – 5.6.7 / FortiOS 6.0.0 – 6.0.4 – Credentials Disclosure (Metasploit)
FortiOS 5.6.3 – 5.6.7 / FortiOS 6.0.0 – 6.0.4 – Credentials Disclosure
Neo Billing 3.5 – Persistent Cross-Site Scripting
Webmin 1.920 – Remote Code Execution
YouPHPTube 7.2 – ‘userCreate.json.php’ SQL Injection
Joomla! component com_jsjobs 1.2.6 – Arbitrary File Deletion
GetGo Download Manager 6.2.2.3300 – Denial of Service
Integria IMS 5.0.86 – Arbitrary File Upload
Web Wiz Forums 12.01 – ‘PF’ SQL Injection
EyesOfNetwork 5.1 – Authenticated Remote Command Execution
Microsoft Font Subsetting – DLL Heap Corruption in ReadAllocFormat12CharGlyphMapList
Microsoft Font Subsetting – DLL Heap Corruption in MakeFormat12MergedGlyphList
Microsoft Font Subsetting – DLL Heap-Based Out-of-Bounds read in WriteTableFromStructure
Microsoft Font Subsetting – DLL Heap Corruption in ReadTableIntoStructure
Microsoft Font Subsetting – DLL Heap-Based Out-of-Bounds read in FixSbitSubTableFormat1
Adobe Acrobat Reader DC for Windows – Heap-Based Buffer Overflow While Processing Malformed PDF
Adobe Acrobat Reader DC for Windows – Use-After-Free due to Malformed JP2 Stream
Adobe Acrobat Reader DC for Windows – Heap-Based Buffer Overflow due to Malformed Font Stream
Adobe Acrobat Reader DC for Windows – Static Buffer Overflow due to Malformed Font Stream
Adobe Acrobat Reader DC for Windows – Heap-Based Buffer Overflow in CoolType.dll
NSKeyedUnarchiver – Info Leak in Decoding SGBigUTF8String
Adobe Acrobat CoolType (AFDKO) – Memory Corruption in the Handling of Type 1 Font load/store Operators
Microsoft Font Subsetting – DLL Returning a Dangling Pointer via MergeFontPackage
Microsoft Font Subsetting – DLL Double Free in MergeFormat12Cmap / MakeFormat12MergedGlyphList
Microsoft Font Subsetting – DLL Heap Corruption in FixSbitSubTables
Adobe Acrobat Reader DC for Windows – Double Free due to Malformed JP2 Stream
Microsoft Font Subsetting – DLL Heap-Based Out-of-Bounds read in GetGlyphIdx
Adobe Acrobat Reader DC for Windows – free() of Uninitialized Pointer due to Malformed JBIG2Globals Stream
Adobe Acrobat CoolType (AFDKO) – Call from Uninitialized Memory due to Empty FDArray in Type 1 Fonts
Adobe Acrobat Reader DC for Windows – Heap-Based Buffer Overflow due to Malformed JP2 Stream
Microsoft Windows Text Services Framework MSCTF – Multiple Vulnerabilities
Adobe Acrobat Reader DC for Windows – Heap-Based Memory Corruption due to Malformed TTF Font
Adobe Acrobat Reader DC for Windows – Heap-Based Out-of-Bounds read due to Malformed JP2 Stream
SugarCRM Enterprise 9.0.0 – Cross-Site Scripting
Joomla! Component JS Jobs (com_jsjobs) 1.2.5 – ‘customfields.php’ SQL Injection
Windows PowerShell – Unsanitized Filename Command Execution
WordPress Plugin Download Manager 2.5 – Cross-Site Request Forgery
D-Link DIR-600M – Authentication Bypass (Metasploit)
TortoiseSVN 1.12.1 – Remote Code Execution
Microsoft Windows 10 AppXSvc Deployment Service – Arbitrary File Deletion
ABC2MTEX 1.6.1 – Command Line Stack Overflow
ManageEngine opManager 12.3.150 – Authenticated Code Execution
Agent Tesla Botnet – Arbitrary Code Execution (Metasploit)
AZORult Botnet – SQL Injection