84 bytes small Linux/ARM TCP bindshell shellcode that binds to port 4321.
6675c4fdce11ca644750bc1ad1b0f09cb68100fc6b8fa9a65cf89532da05f2c0
58 bytes small Linux/x86 read /etc/passwd shellcode.
075f10569d00f66af6a0529e3d650b0e1f373f2b2b3ec572044eed21b422eb92
29 bytes small Linux/x86 execve(/bin/sh) + RShift-1 encoded shellcode.
509a7b73748516eb1e0fa3477a3f424f87f30464e13f64f0d3cb817ecff4ecd8
Nessus version 8.2.1 suffers from a persistent cross site scripting vulnerability.
870c026477c2c7e4f6eeb5fd5ac66be8cb2a5d20c5665183930084532b94c6ea
Ubuntu Security Notice 3872-1 - It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information. Cfir Cohen discovered that a use-after-free vulnerability existed in the KVM implementation of the Linux kernel, when handling interrupts in environments where nested virtualization is in use. A local attacker in a guest VM could possibly use this to gain administrative privileges in a host machine. Various other issues were also addressed.
4db2756d9eb8ba255e08ce015e2fad82f619501758cfcb7947e8a9d0b67adbce
Ubuntu Security Notice 3871-1 - Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service or possibly execute arbitrary code. Wen Xu discovered that a buffer overflow existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
610a75c7ac7a32b12e02eece3933f2d902097e03a13e3d1b9fd535c83c4f3455
HTML Video Player version 1.2.5 suffers from a local buffer overflow vulnerability.
5da13ce830ebd2299eb1a2322857e6fef1523e8861bf45742d5a162d465b4d06
64 bytes small Linux/ARM reverse TCP (192.168.1.124:4321) shell (/bin/sh) shellcode.
73c3d7113860971adf57a6d814ed49aa6aaa51053acefa7ce2c6063b4e50e509
OPNsense version 18.7 suffers from a cross site scripting vulnerability.
a44846135186b09169adec2a92c9bda73a4e408921351467bd043fb1372c246f
Ubuntu Security Notice 3870-1 - Christophe Fergeau discovered that Spice incorrectly handled memory. A remote attacker could use this to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code.
75b3b84236b60b3458a63a5f717cbd80617cbb119d28df06110534f0ab7a42d0
CMSsite version 1.0 suffers from a search functionality-related remote SQL injection vulnerability.
d63bf97dc4889758596cc313f29341919e5ac73cdfef163ee35eabb622775b76
Easy Video to iPod Converter version 1.6.20 SEH buffer overflow exploit.
bad439b9588ff44e61f05342f15c5336ad7111ba886aba47b73485a13ce0c09f
Sricam gSOAP version 2.8 suffers from a denial of service vulnerability.
88977b9cf91572dd8c34d407e04440baa41b34f0cb08737f22c863b37cc2292c
53 bytes small Linux/x86 execve() shellcode that runs bc (terminal calculator).
a52a21780a286e00252a03c928310b2f2177bd2819099427c7f1d5e55e46f4a1
pfSense version 2.4.4-p1 suffers from a cross site scripting vulnerability.
e840dc0c5f419e9412d643710140fb69fd328344354d76357ec9c8805ba23e10
Cisco RV300 and RV320 suffer from an information disclosure vulnerability.
f64b5564266a9a3f68710710054b391969d788fb5b5f9320aaa4b6b9e833b265
LongBox Limited Access Manager suffers from an insecure direct object reference vulnerability. This issue affects Access Manager versions 1.2 through 1.4-RG3. It has been addressed in versions greater than or equal to 1.4-RG4.
5d4160f17880fe8ed8dc9c4f0a63266be032c672ef9780e2d0e3eb0f05bea932
AirTies Air5341 modem version 1.0.0.12 suffers from a cross site request forgery vulnerability.
b59211195d7804892b8f4fc4fe9b3e554cd0b165e36d37a8d7bb78fec2997bbc
WordPress Ad Manager WD plugin version 1.0.11 suffers from a file download vulnerability.
b96c96e6e2b5c3986bec339a20bb7db432758ee081f7bcc3421e2fae3a6c8a9f
CloudMe Sync version 1.11.2 buffer overflow exploit with DEP bypass for WoW64.
3343c0221cb885f3c36ac1405e8f04a31e4489b88140a1e1b13a5b4a5358cb82
MySQL User-Defined (Linux) x32 / x86_64 sys_exec function local privilege escalation exploit.
84eacee611d9f2e6ea453e965b21ff87f7108be2012a03c08d64b8c9bced5a57
CMSsite version 1.0 suffers from a remote SQL Injection vulnerability.
4eb46816afcbf3149756dcc3057f3c6d599450514d1407711a11c4dade242d69
Rundeck Community Edition versions prior to 3.0.13 suffer from a cross site scripting vulnerability.
8d0895c050b56233024f55727c40c181c2ea937bfbcca7ce1ddd1ceb15a12d5f
Cisco Firepower Management Center versions 6.2.2.2 and 6.2.3 suffer from a cross site scripting vulnerability.
66f4691193670e30d7f843903cb33c35ab8cf3dbdf88444a730a07043135adda
Newsbull Haber Script version 1.0.0 suffers from a remote SQL injection vulnerability.
c40c705641f24cdf547b22f33238205a8fddb8052187d9f95314a741f3835b73