| 2024-10-09 |
PHP-Nuke Top Module SQL Injection |
Emiliano Febbi |
|
| 2024-10-08 |
Acronis Cyber Infrastructure Default Password Remote Code Execution |
h00die-gr3y |
|
| 2024-10-08 |
Online Complete - Blind Sql Injection Vulnerability |
behrouz mansoori |
|
| 2024-10-08 |
MSI RTCore64.sys Privilege escalation |
NSA |
|
| 2024-10-08 |
SCRMS 2024-10-07 Multiple-SQLi |
nu11secur1ty |
|
| 2024-10-08 |
Book Recording App 2024-09-24 Cross Site Scripting |
Arif Ari |
|
| 2024-10-08 |
ManageEngine ADManager Plus Privilege Escalation |
Metin Yunus Kandemir |
|
| 2024-10-05 |
dizqueTV 1.5.3 Remote Code Execution |
Ahmed Said Saud Al-Busaidi |
|
| 2024-10-05 |
LMS2024-1.0 XSS-Reflected Information Disclosure |
nu11secur1ty |
|
| 2024-10-05 |
ABB Cylon Aspect 3.07.02 Authenticated File Disclosure |
LiquidWorm |
|
| 2024-10-05 |
MD-Pro 1.0.76 Shell Upload / SQL Injection |
Emiliano Febbi |
|
| 2024-10-05 |
fastrpc_mmap_find Information Leak |
Google Security Research |
|
| 2024-10-05 |
Android qrtr_bpf_filter_detach Double-Free / Use-After-Free |
Google Security Research |
|
| 2024-10-03 |
Nitro PDF Pro Local Privilege Escalation |
Sandro Einfeldt |
|
| 2024-10-03 |
SeedDMS 6.0.28 Cross Site Scripting |
Marco Nappi |
|
| 2024-10-03 |
MIDIA Unrestricted File Upload / Arbitrary File Upload |
Khunerable |
|
| 2024-10-03 |
reNgine 2.2.0 Command Injection (Authenticated) |
Caner Tercan |
|
| 2024-10-03 |
Microsoft Office NTLMv2 Disclosure |
Metin Yunus Kandemir |
|
| 2024-10-01 |
VegaBird Yaazhini 2.0.2 DLL Hijacking |
Iulian Florea |
|
| 2024-10-01 |
VegaBird Vooki 5.2.9 DLL Hijacking |
Iulian Florea |
|
| 2024-10-01 |
krishna Tech - Sql Injection |
behrouz mansoori |
|
| 2024-10-01 |
BlackBerry CylanceOPTICS Uninstall Password Bypass |
P. Espernberger |
|
| 2024-09-30 |
Backdoor.Win32.Amatu.a Remote / Arbitrary File Write (RCE) |
malvuln |
|
| 2024-09-30 |
Backdoor.Win32.Prorat.jz / Remote Stack Buffer Overflow (SEH) |
malvuln |
|
| 2024-09-30 |
Era infotech - Sql Injection |
behrouz mansoori |
|
| 2024-09-30 |
Era infotech - Blind Sql Injection Vulnerability |
behrouz mansoori |
|
| 2024-09-30 |
Backdoor.Win32.Boiling / Unauthenticated Remote Command Execution |
malvuln |
|
| 2024-09-30 |
Backdoor.Win32.Agent.pw / Remote Stack Buffer Overflow (SEH) |
malvuln |
|
| 2024-09-30 |
Backdoor.Win32.Benju.a / Unauthenticated Remote Command Execution |
malvuln |
|
| 2024-09-27 |
Elaine's Realtime CRM Automation 6.18.17 Cross Site Scripting |
Haythem Arfaoui |
|
| 2024-09-27 |
ABB Cylon Aspect 3.07.00 Remote Code Execution |
LiquidWorm |
|
| 2024-09-27 |
ABB Cylon Aspect 3.07.01 Hard-Coded Credentials |
LiquidWorm |
|
| 2024-09-25 |
Linux i915 PTE Use-After-Free |
Jann Horn |
|
| 2024-09-25 |
Apple iOS 17.2.1 Screen Time Passcode Retrieval / Mitigation Bypass |
SivertPL |
|
| 2024-09-25 |
Elaine's Realtime CRM Automation 6.18.17 Cross Site Scripting |
Haythem Arfaoui |
|
| 2024-09-23 |
BlackNET - Multiple Vulnerabilities |
bRpsd |
|
| 2024-09-19 |
Microsoft Windows TOCTOU Local Privilege Escalation |
jheysel-r7 |
|
| 2024-09-19 |
OVAS - PHP (by: oretnom23 ) v1.0 Multiple-SQLi |
nu11secur1ty |
|
| 2024-09-19 |
Microsoft SQL Server Masked Data Exposure |
Emad Al-Mousa |
|
| 2024-09-19 |
Cab Management System-1.0 Multiple-SQLi |
nu11secur1ty |
|
| 2024-09-19 |
Backdoor.Win32.CCInvader.10 / Authentication Bypass |
malvuln |
|
| 2024-09-19 |
Backdoor.Win32.BlackAngel.13 / Unauthenticated Remote Command Execution |
malvuln |
|
| 2024-09-19 |
Backdoor.Win32.Delf.yj / Information Disclosure |
malvuln |
|
| 2024-09-17 |
MPlayer Lite r33064 Buffer Overflow |
h1ch4m |
|
| 2024-09-17 |
SPIP BigUp 4.3.1 / 4.2.15 / 4.1.17 Unauthenticated Remote Code Execution |
Valentin Lobstein |
|
| 2024-09-17 |
SFTRS - PHP (by: oretnom23 ) v1.0 Multiple-SQLi |
nu11secur1ty |
|
| 2024-09-13 |
TENANT-LIMITED-1.0-©-2024-Tenant-Management-System-Software Multiple-SQLi |
nu11secur1ty |
|
| 2024-09-11 |
C-MOR Video Surveillance 5.2401 Path Traversal |
Matthias Deeg |
|
| 2024-09-11 |
C-MOR Video Surveillance 5.2401 / 6.00PL01 SQL Injection |
Matthias Deeg |
|
| 2024-09-11 |
SerComm Network Device Backdoor Detection |
Eloi Vanderbeken |
|
| 2024-09-09 |
Backdoor.Win32.PoisonIvy.ymw / Insecure Credential Storage |
malvuln |
|
| 2024-09-09 |
Backdoor.Win32.JustJoke.21 (BackDoor Pro) / Unauthenticated Remote Command Execution |
malvuln |
|
| 2024-09-09 |
Backdoor.Win32.Optix.02.b / Weak Hardcoded Credentials |
malvuln |
|
| 2024-09-09 |
HackTool.Win32.Freezer.br (WinSpy) / Insecure Credential Storage |
malvuln |
|
| 2024-09-09 |
FortiSiem 7.1.3 Stored XSS |
Ersin Sarisoy |
|
| 2024-09-09 |
Backdoor.Win32.Symmi.qua / Remote Stack Buffer Overflow (SEH) |
malvuln |
|
| 2024-09-09 |
OKI Printer Default Login Credential Scanner |
antr6X |
|
| 2024-09-09 |
Texas Instruments Fusion Digital Power Designer 7.10.1 Credential Disclosure |
Gionathan Armando Reale |
|
| 2024-09-09 |
Multiple DVR Manufacturers Configuration Disclosure |
Alejandro Ramos |
|
| 2024-09-04 |
VICIdial Multiple Authenticated SQL Injection |
h00die |
|
| 2024-09-04 |
TVT NVMS-1000 Directory Traversal |
Dhiraj Mishra |
|
| 2024-09-04 |
IntelliNet 2.0 Remote Root |
Jean Pereira |
|
| 2024-09-04 |
Vivavis HIGH-LEIT 4 / 5 Privilege Escalation |
Lukas Krieg |
|
| 2024-09-04 |
Microsoft Exchange Privilege Escalation |
_dirkjan |
|
| 2024-09-03 |
Apache Karaf Default Credentials Command Execution |
Nicholas Starke |
|
| 2024-09-02 |
Cisco ASA Directory Traversal |
Shelby Pace |
|
| 2024-09-02 |
D-Link User-Agent Backdoor Scanner |
Craig Heffner |
|
| 2024-09-02 |
A10 Networks AX Loadbalancer Directory Traversal |
xistence |
|
| 2024-09-02 |
WordPress NextGEN Gallery Directory Read |
Roberto S. Soares |
|
| 2024-09-02 |
SAP BusinessObjects Web User Bruteforcer |
Jay Turla |
|
| 2024-08-28 |
Puma Peru - Reflected Cross-Site Scripting (XSS) |
kerem24 |
|
| 2024-08-28 |
WBCE CMS v1.6.2 Remote Code Execution (RCE) |
Ahmet Ümit BAYRAM |
|
| 2024-08-28 |
Backdrop CMS 1.27.1 Authenticated Remote Command Execution (RCE) |
Ahmet Ümit BAYRAM |
|
| 2024-08-28 |
Helpdeskz 2.0.2 Cross Site Scripting |
Md. Sadikul Islam |
|
| 2024-08-27 |
OX App Suite Frontend 7.10.6-rev44 Cross Site Scripting |
Martin Heiland |
|
| 2024-08-27 |
NDTaskmatic-1.0-2024-by Mayuri.K Multiple-SQLi |
nu11secur1ty |
|
| 2024-08-27 |
Invesalius 3.1 Remote Code Execution |
Riccardo Degli Esposti |
|
| 2024-08-27 |
HughesNet HT2000W Satellite Modem Password Reset |
Simon Greenblatt |
|
| 2024-08-27 |
Calibre Web 0.6.21 Cross Site Scripting |
Catalin Iovita |
|
| 2024-08-27 |
Aruba 501 CN12G5W0XX Remote Command Execution |
Hosein Vita |
|
| 2024-08-22 |
SourceCodester Computer Laboratory Management System 1.0 (manage_item.php) - SQL Injection |
0xm3m |
|
| 2024-08-22 |
used_car_showroom-1.0-2024 Multiple-SQLi |
nu11secur1ty |
|
| 2024-08-19 |
SeTracker2 Excessive Permissions |
Jasper Nota |
|
| 2024-08-19 |
Journyx 11.5.4 XML Injection |
Jaggar Henry |
|
| 2024-08-19 |
OpenMetadata 1.2.3 Authentication Bypass / SpEL Injection |
Alvaro Munoz |
|
| 2024-08-19 |
Build Your Own Botnet 2.0.0 Remote Code Execution |
chebuya |
|
| 2024-08-15 |
WordPress Profilepro 1.3 Cross Site Scripting |
Vuln Seeker Cybersecurity Team |
|
| 2024-08-15 |
Microsoft PlayReady Design Issue |
Adam Gowdiak |
|
| 2024-08-15 |
WordPress MapFig Studio 0.2.1 Cross Site Request Forgery / Cross Site Scripting |
Vuln Seeker Cybersecurity Team |
|
| 2024-08-13 |
Open WebUI 0.1.105 File Upload / Path Traversal |
Jaggar Henry |
|
| 2024-08-13 |
courier-management-system-2020-1.0 Multiple-SQLi |
nu11secur1ty |
|
| 2024-08-13 |
Backdoor.Win32.Nightmare.25 / Unauthenticated Remote Command Execution |
malvuln |
|
| 2024-08-08 |
Dolphin 7.4.2 Blind SQL Injection |
Andrey Stoykov |
|
| 2024-08-08 |
OpenMediaVault rpc.php Authenticated Cron Remote Code Execution |
Brandon Perry |
|
| 2024-08-08 |
WP-UserOnline 2.88.0 Stored Cross Site Scripting (XSS) (Authenticated) |
Onur Göğebakan |
|
| 2024-08-08 |
WordPress PayPlus Payment Gateway SQL Injection |
j3r1ch0123 |
|
| 2024-08-07 |
Genexus Protection Server 9.7.2.10 Unquoted Service Path |
SamAlucard |
|
| 2024-08-07 |
Linux DRM drm_file_update_pid() Race Condition / Use-After-Free |
Jann Horn |
|
| 2024-08-07 |
Ivanti ADC 9.9 Authentication Bypass |
ohnoisploited |
|
| 2024-08-07 |
Korenix JetPort Series 1.2 Command Injection / Insufficient Authentication |
S. Dietz |
|
