misc

Namemisc
Registration10/25/2016
Community Points4409
Submits51
Commits1525
Posts21
Votes0
Community RankMaster
Activity Badges
👴 Long-time User (8x)
💻 Digital Nomad (4x)
🔬 Researcher (5x)
🚨 Staying Alert
🖖 Community Member (88x)
👋 Regular Visitor (11x)
📤 Submitter (9x)
📝 Editor (151x)
💬 Commentator (4x)

Submits (51)

Timeline

The analysis of the timeline helps to identify the required approach and handling of single items and item collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Prioritizing items becomes possible.

IDTitleSubmissionModerationEntryPStatus
41689Xxxxxxxxx Xxxxxxxxxx Xxxxxx Xxxxxxxxxxxxxxxxxxxxxxxx Xxxxxxxxxxxxxxx Xx Xxxxxxxx07/19/202207/26/2022
 
0Rejected
36527Web3Signer - pgjdbc injection / Log4j05/10/202205/10/20221921180Duplicate
29334Local Privilege Escalation in polkit's pkexec01/26/202201/26/202219160319Accepted
25543Remote Code Execution in Java logging library Apache Log4j 212/10/202112/10/20211879250Duplicate
22950PHP-FPM Local root privilege escalation10/25/202110/26/202118542520Accepted
22410Kernel: use-after-free in route4_change() in net/sched/cls_route.c10/18/202110/18/202118452420Accepted
19987PostgreSQL Memory disclosure in partitioned-table UPDATE ... RETURNING09/08/202109/08/202118216220Accepted
19986PostgreSQL Memory disclosure in INSERT ... ON CONFLICT ... DO UPDATE09/08/202109/08/202118216120Accepted
19985PostgreSQL Memory disclosure in certain queries09/08/202109/08/202118216320Accepted
18902SteelSeries Apex Mechanical Gaming Keyboard Local Privilege Escalation08/24/202108/24/202118136920Accepted
18901Cross-site Scripting (XSS) in Angular versions <11.0.5 || >=11.1.0-next.0 <11.1.0-next.308/24/202108/24/202118135620Accepted
17584Versions 4.2 and 4.3 of Cobalt Strike’s server contain multiple Denial of Service vulnerabilities (CVE-2021-36798)08/04/202108/04/202118007320Accepted
17223Jira Data Center & Jira Service Management Data Center - Missing Authentication for Ehcache RMI07/27/202107/27/202117970420Accepted
15848Regular expression Denial of Service in mootools07/07/202107/07/202117800820Accepted
8339Unauthorized RCE in VMware vCenter02/24/202102/25/20211703780Duplicate
4438HP Support Assistant Potential Escalation of Privilege and Arbitrary File Deletion12/21/202012/21/202016662219Accepted
182GRUB2: crafted grub.cfg file can lead to arbitrary code execution during boot process07/30/202007/30/202015914320Accepted
156Unauthenticated persistent cross-site scripting injection into the administrative console of CISCO ISE web application via DHCP request02/19/202008/10/202015036319Accepted
154LPE and RCE in OpenSMTPD01/29/202008/10/202014954719Accepted
142Local Privilege Escalation in many Ricoh Printer Drivers for Windows01/22/202008/10/202014931518Accepted
138IceWarp: Cross-Site Scripting in Notes01/02/202008/10/202014828516Accepted
136Linux 5.3 - Privilege Escalation via io_uring Offload of sendmsg() onto Kernel Thread with Kernel Creds12/16/201912/18/201914733014Accepted
128Xinet Elegant 6 Asset Library Web Interface v6.1.655 Pre-Auth SQL Injection12/01/201912/08/201914649520Accepted
127Microsoft Excel 2016 v1901 Error Import Based XML External Entity Injection12/01/201912/08/201914680019Accepted
123Denial-of-Service vulnerability in axTLS library11/29/201912/08/201914660320Accepted
122Denial-of-Service vulnerability in axTLS library11/29/201912/08/201914665420Accepted
121rConfig v3.9.2 authenticated and unauthenticated RCE11/26/201912/08/201914425814Accepted
120Multiple attack vectors in rConfig v3.9.211/26/201912/08/201914679915Accepted
119OpenNetAdmin 18.1.1 - Remote Code Execution Exploit 11/21/201912/08/201914679814Accepted
118Local Privilege Escalation in Symantec Endpoint Protection11/16/201912/08/201914583014Accepted
114WebKit - Universal XSS in JSObject::putInlineSlow and JSValue::putToPrimitive Exploit11/07/201911/07/201914517513Accepted
112AUO SunVeillance Monitoring System 1.1.9e - 'MailAdd' SQL Injection 10/26/201910/26/201914423315Accepted
111Joomla! 3.4.6 - Remote Code Execution10/26/201910/26/201914423217Accepted
110PHP-FPM env_path_info underflow in fpm_main.c can lead to RCE10/26/201910/26/201914423113Accepted
108Microsoft Windows NTFS Master File Table Integer Overflow leads to BSOD10/23/201910/25/201914416918Accepted
103Ajenti 2.1.31 - Remote Code Execution10/16/201910/18/201914395013Accepted
102Podman & Varlink 1.5.1 - Remote Code Execution10/16/201910/18/201914394913Accepted
101Solaris xscreensaver 11.4 - Privilege Escalation10/16/201910/18/201914374514Accepted
100sudo: Potential bypass of Runas user restrictions10/15/201910/15/201914346820Accepted
99Icewarp Webclient 10.1.3/10.2.0 Https Post Request Cross Site Scripting10/11/201910/11/201914337817Accepted
98Icewarp Webclient 10.1.3/10.2.0 Https Post Request Cross Site Scripting10/11/201910/11/201914337717Accepted
97Icewarp Webclient 10.1.3/10.2.0 Https Post Request Cross Site Scripting10/11/201910/11/201914337617Accepted
96Icewarp Webclient 10.1.3/10.2.0 Https Post Request Cross Site Scripting10/11/201910/11/201914337517Accepted
95Icewarp Mail Server 10.1.3/10.2.0 Directory Traversal10/11/201910/11/201914337417Accepted
94XNU - Remote Double-Free via Data Race in IPComp Input Path10/10/201910/11/201914337313Accepted
91Multiple directory-traversal vulnerabilities in IceWarp Webclient10/07/201910/08/201914299416Accepted
90Multiple XSS vulnerabilities in IceWarp Webclient10/07/201910/08/201914299315Accepted
89SEH based local Buffer Overflow – DameWare Remote Support10/07/201910/08/201914299216Accepted
88Android: Use-After-Free in Binder driver10/07/201910/08/201914299120Accepted
73Mozilla Firefox Type confusion in Array.pop06/19/201906/19/201913664120Accepted
35Microsoft Windows - Advanced Local Procedure Call (ALPC) Local Privilege Escalation08/29/201808/29/201812335020Accepted

Commits (1525)

Timeline

The analysis of the timeline helps to identify the required approach and handling of single items and item collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Prioritizing items becomes possible.

IDEntryUpdatedModerationCP
17932507-13Grafana SQL Expressions Experimental Feature code injection10/21/202410/21/2024717
17738941-6Microsoft SysInternals Sysmon Local Privilege Escalation10/04/202410/04/2024614
17355885-8Netgear WN604/WN802Tv2/WNAP210/WNAP320/WNDAP350/WNDAP360 boardDataWW.php command injection08/25/202408/25/202449
17355883-4Apple macOS libxpc access control08/25/202408/25/202424
17355858-65Blueman Network.py EnableNetwork access control08/25/202408/25/2024820
17355854-7NUOO CMS Web Server sql injection08/25/202408/25/202449
17355845-53Imperva SecureSphere PWS os command injection08/25/202408/25/2024921
17355826-7elFinder PHP Connector command injection08/25/202408/25/202425
17355817-24Pipeline Declarative Plugin Sandbox Converter.groovy 7pk security08/25/202408/25/2024820
17355798-9CMS Made Simple Watermark class.showtime2_image.php unrestricted upload08/25/202408/25/202425
17355792-5LibreOffice Macro path traversal08/25/202408/25/202449
17354611-8AIS ESEL-Server 67 Backend sql injection08/25/202408/25/2024820
17354603-10Ruby on Rails Development Mode input validation08/25/202408/25/2024820
17354595-602GetSimple CMS theme-edit.php credentials management08/25/202408/25/2024820
17354587-94Shopware loadPreviewAction external reference08/25/202408/25/2024820
17354583-6Apple macOS Feedback Assistant race condition08/25/202408/25/202449
17354558-65LibreNMS addhost.inc.php os command injection08/25/202408/25/2024820
17354550-7IBM WebSphere Application Server deserialization08/25/202408/25/2024820
17354542-9Webmin Package Updates Module update.cgi command injection08/25/202408/25/2024820
17354538-41Cisco Prime Infrastructure/Evolved Programmable Network Web-based Management Interface input validation08/25/202408/25/202449
17354530-7Apple macOS Time Machine os command injection08/25/202408/25/2024820
17354526-9Xymon xymond useradm.c command injection08/25/202408/25/202449
17354518-25Laravel Framework Permission .env writeNewEnvironmentFileWith Password information disclosure08/25/202408/25/2024820
17354494-500Laravel Framework Token Encrypter.php decrypt deserialization08/25/202408/25/2024717
17354490-3Microsoft Windows AppX Deployment Service access control08/25/202408/25/202449
17354469-72Microsoft Windows Win32k access control08/25/202408/25/202449
17354460-8Schneider Electric Pelco Endura NET55XX Encoder Access Control access control08/25/202408/25/2024922
15315837-44Apache OFBiz code injection01/04/202401/04/2024818
14791408-16Microsoft SharePoint Server code injection09/27/202309/27/2023919
14266344-50Microsoft Windows Win32k use after free06/09/202306/09/2023716
13719620-8Fortinet FortiNAC HTTP Request external reference02/21/202302/21/2023919
13210626-35OpenSSL X.509 Certificate buffer overflow11/02/202211/02/20221020
12503423-30Microsoft Windows Active Directory Domain Services certificate validation05/12/202205/12/2022818
12484608-16F5 BIG-IP LTM HTTP null pointer dereference05/09/202205/10/2022919
12294874-8Adobe Photoshop memory corruption03/18/202203/18/202259
12243279-84Linux Kernel Pipe Dirty Pipe Privilege Escalation03/08/202203/08/2022612
12157863-71Microsoft Windows Print Spooler Privilege Escalation02/09/202202/09/2022919
12119247-53Microsoft Windows Win32k out-of-bounds write01/28/202201/28/2022717
12112234-41polkit pkexec access control01/26/202201/26/2022812
11969890-6Microsoft Windows Common Log File System Driver information disclosure12/21/202112/21/2021717
11843160-8Microsoft Windows Win32k use after free11/11/202111/11/2021919
11590624-7Jetty URI access control09/08/202109/08/2021412
11571698-709Atlassian Confluence Server/Confluence Data Center Webwork OGNL injection09/01/202109/01/20211224
11551826prototypejs Prototype JavaScript framework Remote Code Execution08/24/202108/24/202111
11473118-24Apple iOS/iPadOS IOMobileFrameBuffer memory corruption07/27/202107/27/2021715
11437240-5Microsoft Windows Volume Shadow Copy SAM SeriousSAM/HiveNightmare permission07/20/202107/20/2021611
11375563-6549Microsoft Windows Print Spooler Local Privilege Escalation06/29/202106/29/2021919
11322551-7Microsoft Windows Graphics privileges management06/09/202106/09/2021717
11322544-50Microsoft Windows DWM Core Library Privilege Escalation06/09/202106/09/2021717
11311931-8VMware vCenter Server Virtual SAN Health Check Plug-In improper authentication06/05/202106/05/2021818
11297528-36Microsoft Windows Hyper-V VmsIfrInfoParams_OID_SWITCH_NIC_REQUEST Privilege Escalation06/01/202106/01/2021919
11254142-9Microsoft Windows HTTP Protocol Stack use after free05/16/202105/16/2021818
11253726-33Pega Infinity Password Recovery improper authentication05/16/202105/16/2021818
11250853-60Exim tls-openssl.c use after free05/15/202105/15/2021818
11244220-7Dell DBUtil BIOS Driver dbutil_2_3.sys improper authorization05/14/202105/14/2021818
11240569-76Microsoft Exchange Server Privilege Escalation05/12/202105/12/2021818
11200059-64Microsoft Windows splwow64 privileges management04/28/202104/28/2021615
11156500-7Microsoft Windows Installer Local Privilege Escalation04/22/202104/22/2021817
11129612-20Linux Kernel VSOCK af_vsock.c race condition04/13/202104/13/2021920
11120405-13Intel BlueZ information disclosure04/08/202104/08/2021920
11120396-404Intel BlueZ input validation04/08/202104/08/2021920
11116595-602Microsoft Windows TCP/IP denial of service04/08/202104/08/2021818
11081007-13Microsoft Windows modem.sys information disclosure03/31/202103/31/2021717
11025221-9Microsoft Exchange Server path traversal03/12/202103/12/2021921
11025212-20Microsoft Exchange Server ProxyLogon server-side request forgery03/12/202103/12/2021921
11009945-51Microsoft Windows Win32k out-of-bounds write03/09/202103/09/2021717
10971130-40VMware vCenter Server/Cloud Foundation vSphere Client Privilege Escalation02/25/202102/25/20211121
10933022-30Microsoft Exchange Server Privilege Escalation02/15/202102/15/2021919
10873065-73sudo sudoers_policy_main heap-based overflow01/31/202101/31/2021918
10868090-6Google Chrome v8 input validation01/28/202101/29/2021717
10868083-9Google Chrome Javascript use after free01/28/202101/29/2021717
10865117-23sudo sudoedit selinux_edit_copy_tfiles temp file01/27/202101/27/2021716
10831687-95Microsoft Windows Lockscreen privileges management01/17/202101/17/2021918
10793957-63Microsoft .NET Framework input validation01/04/202101/04/2021716
10729234-40Microsoft Exchange Server code injection12/11/202012/11/2020717
10729115-21Microsoft Exchange Server information disclosure12/11/202012/11/2020717
10708502-11Microsoft Windows Kerberos privileges management12/09/202012/09/20201020
10610266-75Microsoft Exchange Server cross site scripting11/12/202011/12/20201020
10600386-92Oracle WebLogic Server Remote Code Execution11/09/202011/09/2020716
10589163-7Oracle Solaris Pluggable authentication module parse_user_name stack-based overflow11/04/202011/04/2020511
10508994-9000MobileIron Core/Connector privileges management09/14/202009/14/2020614
10481571-6Microsoft Windows Netlogon Zerologon privileges management09/12/202009/13/2020511
10507040-6Microsoft Internet Explorer Scripting Engine memory corruption09/12/202009/13/2020614
10509729-36Microsoft Exchange Server Email code injection09/12/202009/12/2020715
10509455-62Microsoft Windows Setup default permission08/17/202008/17/2020715
10509227-39Microsoft .NET Framework XML File code injection08/17/202008/17/2020717
10509379-85Microsoft Windows Print Spooler privileges management08/12/202008/12/2020614
10509075-83SAP NetWeaver AS JAVA LM Configuration Wizard RECON improper authentication07/24/202007/25/2020816
10509303-9Microsoft Windows WalletService privileges management07/17/202007/18/2020614
10509158-64Microsoft Windows DNS Server SigRed memory corruption07/16/202007/17/2020614
10508257-63Fortinet FortiMail/FortiVoiceEntreprise Password Change improper authentication07/06/202007/06/2020614
10508819-31F5 BIG-IP Traffic Management User Interface code injection07/06/202007/06/20201127
10508675-81Microsoft Windows OLE input validation06/10/202006/12/2020614
10508749-55Microsoft Windows SMBv1 privileges management06/10/202006/12/2020614
10508426-39VMware Cloud Director injection06/04/202006/07/2020717
10508486-92Apache Tomcat deserialization06/04/202006/07/2020614
10505638-45Google Chrome WebRTC use after free04/17/202004/17/2020715
10508084-91VMware vCenter Server vmdir authorization04/17/202004/17/2020715
10508031-4Sonatype Nexus Repository Manager Access Control default permission04/09/202004/11/2020410
10507966-70Microsoft Windows SMBv3 SMBGhost input validation03/30/202004/05/202049
10507252-65Microsoft Exchange Server deserialization03/02/202003/27/2020818
10507829-42OpenSMTPD mta_session.c out-of-bounds02/27/202003/02/2020717
10507769-82OpenSMTPD makemap.c untrusted search path02/26/202003/02/2020717
10507406-12Microsoft Windows Error Reporting privileges management02/23/202003/02/2020614
10507329-35Microsoft Windows Error Reporting privileges management02/23/202003/02/2020614
10507710-6Cacti Cooikie graph_realtime.php os command injection02/22/202003/02/2020614
10507109-17Microsoft SQL Server Reporting Services deserialization02/22/202003/02/2020816
10507185-92Microsoft Windows Windows Installer privileges management02/15/202002/20/2020715
10501800-11CPU Kernel information disclosure02/15/202002/20/2020718
10507466-80HP System Event Utility input validation02/15/202002/20/2020817
10484762-75Microsoft SharePoint Server Application Package input validation02/15/202002/20/2020818
10506903-14sudo pwfeedback tgetpass.c getln out-of-bounds write02/15/202002/20/2020717
10506967-78OpenSMTPD SMTP Session smtp_session.c return value01/31/202002/20/2020717
10506178-93Citrix Application Delivery Controller/Gateway path traversal01/11/202001/13/20201129
10561465-71Apache Tomcat Utility Method 7pk security01/08/202001/13/202070
10502610-23JetBrains TeamCity input validation01/08/202001/13/2020717
10502149-55Microsoft Windows Winsock ws2ifsl.sys privileges management01/07/202001/13/2020614
10482998-3014Apache Tika tika-server command injection01/05/202001/05/2020717
10500125-39Exim input validation01/04/202001/05/2020717
10501741-52Tableau Server XML Data xml external entity reference01/04/202001/05/2020717
10500896-908Apple Safari WebKit memory corruption01/04/202001/05/2020717
10505498-513ktsuss Privileges dropped privileges01/04/202001/05/2020717
10501681Cisco Integrated Management Controller CLI hard-coded credentials01/04/202001/05/2020919
10500443Cisco Data Center Network Manager Web-based Management Interface access control01/04/202001/05/2020919
10484830Cisco RV110W Wireless-N VPN Firewall Web-based Management Interface input validation01/04/202001/05/2020922
10483471Crestron AirMedia AM-100/AirMedia AM-101 access control01/04/202001/05/2020919
10502074-85LibreNMS collectd.inc.php passthru injection01/04/202001/05/2020717
10482528-40October CMS File Upload unrestricted upload01/04/202001/05/2020717
10501305-13Microsoft Windows Core Shell COM Server Registrar access control01/03/202001/05/2020816
10501534-42Adobe Acrobat Reader use after free01/02/202001/03/2020816
10501464-72Adobe Acrobat Reader use after free01/02/202001/03/2020816
10501027-40FreeBSD File Descriptors Underflow access control12/30/201901/01/2020818
10484693-706FreeBSD Unix Domain Socket access control12/30/201901/01/2020818
10484047-62Microsoft Windows TCP/IP information disclosure12/23/201912/25/2019819
10506015-26OpenBSD setuid Program ld.so _dl_setup_env privileges management12/16/201912/17/2019717
10505948-60Adobe Acrobat Reader out-of-bounds write12/15/201912/15/2019615
10505823-36Lenovo Power Management Driver memory corruption12/15/201912/15/2019717
10505886-92Progress Telerik UI for ASP.NET AJAX .NET Deserialization RadAsyncUpload deserialization12/15/201912/15/2019614
10501109-25Symantec Endpoint Protection access control12/14/201912/14/2019615
10499910-7Mozilla Firefox/Firefox ESR/Thunderbird IonMonkey JIT Compiler Array.prototype.slice memory corruption12/08/201912/08/2019715
10500377-83Mozilla Firefox Sandbox input validation12/08/201912/08/2019612
10505702-15verot.net class.upload class.upload.php unrestricted upload12/08/201912/08/2019717
10483325CA Privileged Access Manager Configuration File access control12/08/201912/08/2019919
10483260CA Privileged Access Manager access control12/08/201912/08/2019919
10502315-26Integard Pro LoginAdmin buffer overflow12/08/201912/08/2019717
10504120Trend Micro Deep Security Agent input validation12/08/201912/08/20191329
10505575-86Fotinet FortiOS URL/SPAM/AV hard-coded credentials11/27/201912/04/20191024
10505119Patriot Viper RGB Driver MsIo64.sys ZwMapViewOfSection privileges management11/27/201912/04/2019817
10482269-87VMware ESXi/Workstation Pro/Player/Fusion Pro/Fusion information disclosure11/26/201911/27/2019717
10482354-72VMware Workstation/Fusion Drag/Drop memory corruption11/26/201911/27/2019717
10482662-5FasterXML jackson-databind Incomplete Fix CVE-2017-7525 readValue code injection11/25/201911/27/2019412
10500188-99FreePBX Operator Panel Module exec.php cross site scripting11/21/201911/25/2019717
10502014-25Bludit upload-images.php code injection11/21/201911/25/2019717
10499782-95Pulse Secure Pulse Connect Secure Admin Web Interface command injection11/21/201911/25/2019717
10500062-7FreeRADIUS Logrotate access control11/16/201911/16/2019512
10502894-906Microsoft Windows Authentication Request improper authentication11/16/201911/16/2019717
10505257-69Microsoft Windows UPnP Service privileges management11/16/201911/16/2019717
10505440-50SibSoft Xfilesharing up.cgi unrestricted upload11/16/201911/16/2019615
10505320Technicolor TC7300 wlanAccess.asp cross site scripting11/16/201911/16/2019818
10505006-16Technicolor TD5130v2 Web Interface mnt_ping.cgi os command injection11/16/201911/16/2019615
10505381-92FUDForum Stored cross site scripting11/16/201911/16/2019717
10505183-95FUDForum admsession.php Stored cross site scripting11/16/201911/16/2019820
10500563-75Nortek Linear eMerge E3 command injection11/16/201911/16/2019818
10499654-67Atlassian Confluence Server/Data Center downloadallattachments path traversal11/12/201911/13/2019717
10500503-15Prima Systems FlexAir command injection11/12/201911/13/2019818
10504322-34Adobe Acrobat Reader null pointer dereference11/12/201911/13/2019615
10504256-68Adobe Acrobat Reader null pointer dereference11/12/201911/13/2019615
10502442-54Apple iOS Foundation out-of-bounds11/12/201911/13/2019615
10500965-77Apple iOS Quick Look use after free11/12/201911/13/2019615
10504807-13Apple iOS/iPadOS Audio memory corruption11/11/201911/12/2019614
10504874-80Apple iOS/iPadOS AVEVideoEncoder memory corruption11/11/201911/12/2019614
10504943-9Apple iOS/iPadOS Kernel Memory input validation11/11/201911/12/2019614
10500710-8Microsoft Windows Kernel information disclosure11/11/201911/11/2019816
10503732Nostromo nhttpd SSL_accept path traversal11/09/201911/10/2019816
10502256-67Micro Focus Data Protector privileges management11/09/201911/10/2019717
10503351-64Microsoft Edge information disclosure11/09/201911/10/2019818
10482591-606Google Android art access control11/08/201911/09/2019717
10504739-51rConfig ajaxServerSettingsChk.php exec os command injection11/08/201911/09/2019818
10504676build-metrics Plugin Reflected cross site scripting11/08/201911/09/2019917
10484498-503BMC Patrol Agent PatrolCli Lateral access control11/08/201911/08/2019512
10561440-4Microsoft Windows Group Policy 7pk security10/29/201910/30/2019512
10561435-9Microsoft Windows Group Policy data authenticity10/29/201910/30/2019512
10504383-95Rocket.Chat cross site scripting10/26/201910/26/2019615
10503492-502Moxa EDR 810 Log File log file10/26/201910/26/2019615
10503551-62Moxa EDR 810 Ping input validation10/26/201910/26/2019717
10504441-55Trend Micro Anti-Threat Toolkit input validation10/22/201910/23/20191022
10504190-202Adobe Acrobat Reader memory corruption10/22/201910/23/2019615
10503798Ubisoft Uplay Permission permission assignment10/16/201910/18/201911
10503671-81Kirona Dynamic Resource Scheduling report Reflected cross site scripting10/16/201910/18/2019615
10503610-20Kirona Dynamic Resource Scheduling REGISTER.cmd information disclosure10/16/201910/18/2019615
10503851-62X.org X Server ct.c_char XQueryKeymap out-of-bounds write10/16/201910/18/2019716
10502744-55Icewarp Webclient cross site scripting10/11/201910/11/201935
10502769-828Icewarp Mail Server Webmail Interface index.html path traversal10/11/201910/11/2019716
10500311-22TP-LINK WR1043ND V2 Management Web Interface improper authentication10/10/201910/10/2019615
10503429-41Microsoft Windows Win32k memory corruption10/10/201910/10/2019615
10502970-82Microsoft Windows memory corruption10/10/201910/10/2019615
10503047-59Microsoft Windows Code Integrity Module information disclosure10/10/201910/10/2019615
10503124-35Microsoft Windows Kernel information disclosure10/10/201910/10/2019513
10503200-11Microsoft Windows memory corruption10/10/201910/10/2019513
10503276-88Microsoft Windows memory corruption10/10/201910/10/2019615
10502632libpl_droidsonroids_gif decoding.c DDGifSlurp double free10/07/201910/08/20191022
10499993Microsoft Windows Remote Desktop Service BlueKeep use after free10/07/201910/08/2019817
10502334-87vBulletin widget_php input validation10/07/201910/08/2019617
10499721-33Check Point ZoneAlarm/Endpoint Security Client Log File Archive permission10/07/201910/08/2019717
10500638Microsoft Windows Win32k access control07/26/201907/26/20191019
10500209SolarWinds Serv-U access control07/26/201907/26/2019818
10482158S-nail root Helper path traversal07/26/201907/26/2019614
10482439Linux Kernel __ip_append_data race condition07/26/201907/26/2019613
10500733Linux Kernel ptrace.c access control07/26/201907/26/2019716
10485021-31PostgreSQL os command injection05/22/201905/22/2019615
10499847Oracle Fusion Middleware WebLogic Server access control05/22/201905/22/2019817
10484892-6Sonatype Nexus Repository Manager Access Control access control05/22/201905/22/201949
10484955-69Atlassian Confluence Server Widget Connector Macro path traversal05/22/201905/22/2019821
10483849-71Linux Kernel create_elf_tables integer overflow10/02/201810/02/2018718
6377712-6Citrix NetScaler ADC/NetScaler Gateway GCM Nonce Generator information disclosure05/04/201705/04/201724
6182205Fortinet FortiOS Password information disclosure05/04/201705/04/201713
10482116Microsoft Windows Kernel information disclosure11/22/201611/22/2016918
10482028Microsoft Windows Kernel API information disclosure11/22/201611/22/2016918

Posts (21)

Timeline

The analysis of the timeline helps to identify the required approach and handling of single items and item collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Prioritizing items becomes possible.

DateEntryCommentVStatus
10/11/2023231296Python script to check if a service is vulnerable: https://github.com/BishopFox/CVE-2023-27997-check0
Accepted
06/30/2021176473There is another proof of concept based on impacked: https://github.com/cube0x0/CVE-2021-16752
Accepted
03/12/2021170592There are 2 different exploits at the moment, one written in python and another in go. The exploit code of Jang was removed by GitHub, and was later made available on Web Archive and GitLab. Here are two links to the exploit code: https://git.blackmarble.s…0
Accepted
03/09/2021170592Nmap script from Microsoft to detect if an Exchange Server is vulnerable: https://github.com/microsoft/CSS-Exchange/blob/main/Security/http-vuln-cve2021-26855.nse1
Accepted
01/31/2021168695The exploit in the previous comment is also available on GitHub: https://github.com/blasty/CVE-2021-31561
Accepted
01/31/2021168695There is another exploit available under the URL https://haxx.in/CVE-2021-3156.tar.gz.1
Accepted
09/14/2020159502And here is another exploit from dirkjanm: https://github.com/dirkjanm/CVE-2020-1472/blob/master/cve-2020-1472-exploit.py0
Accepted
09/14/2020159502After SecuraBV had published a testing script, there is now a proof of concept exploit from BlackArrow: https://github.com/blackarrowsec/redteam-research/blob/master/CVE-2020-1472/CVE-2020-1472.py0
Accepted
08/12/2020159525There is another exploit for this vulnerability: https://github.com/sailay1996/cve-2020-1337-poc1
Accepted
01/12/2020147804Additional exploit and scanner from TrustedSec: https://github.com/trustedsec/cve-2019-197811
Accepted
01/05/2020133407The exploit is available in Metasploit as well: "https://www.rapid7.com/db/modules/exploit/windows/http/tomcat_cgi_cmdlineargs"0
Accepted
01/05/2020136570The exploit is available in Metasploit as well: "https://www.rapid7.com/db/modules/exploit/linux/local/servu_ftp_server_prepareinstallation_priv_esc"0
Accepted
12/30/2019143087There is now a Metasploit module for this vulnerability (https://www.rapid7.com/db/modules/exploit/windows/local/comahawk).0
Accepted
12/30/2019145369There is now a Metasploit module for this vulnerability (https://www.rapid7.com/db/modules/exploit/windows/local/comahawk).0
Accepted
12/30/2019147035There is now a Metasploit module for this vulnerability (https://www.rapid7.com/db/modules/exploit/openbsd/local/dynamic_loader_chpass_privesc) 0
Accepted
12/17/201994127There is another exploit for this vulnerability: https://www.exploit-db.com/exploits/477820
Accepted
12/15/2019146798The exploit is available in Metasploit as well: https://www.exploit-db.com/exploits/477720
Accepted
11/21/2019125954There is now an exploit available in Metasploit called "Xorg X11 Server Local Privilege Escalation", see https://www.exploit-db.com/exploits/477011
Accepted
11/08/2019144257The exploit was ported to Metasploit Framework as "rConfig install Command Execution" on 2019-11-08.0
Accepted
10/29/2019142917Additional exploit on GitHub available: https://github.com/dorkerdevil/CVE-2019-11932. This exploit is based on the work of awakened1712.0
Accepted
10/26/2019138210The exploit is also now part of the Metasploit Framework.0
Accepted

Do you need the next level of professionalism?

Upgrade your account now!