[remote] FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse

— June 20^th 2025 at 00:00

FortiOS SSL-VPN 7.4.4 - Insufficient Session Expiration & Cookie Reuse

Exploit-DB Updates

[local] Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)

— June 20^th 2025 at 00:00

Microsoft Excel LTSC 2024 - Remote Code Execution (RCE)

Exploit-DB Updates

[remote] Ingress-NGINX 4.11.0 - Remote Code Execution (RCE)

— June 20^th 2025 at 00:00

Ingress-NGINX 4.11.0 - Remote Code Execution (RCE)

Exploit-DB Updates

[remote] WebDAV Windows 10 - Remote Code Execution (RCE)

— June 15^th 2025 at 00:00

WebDAV Windows 10 - Remote Code Execution (RCE)

Exploit-DB Updates

[webapps] Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation

— June 15^th 2025 at 00:00

Litespeed Cache WordPress Plugin 6.3.0.1 - Privilege Escalation

Exploit-DB Updates

[remote] Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)

— June 15^th 2025 at 00:00

Windows 11 SMB Client - Privilege Escalation & Remote Code Execution (RCE)

Exploit-DB Updates

[local] Parrot and DJI variants Drone OSes - Kernel Panic Exploit

— June 15^th 2025 at 00:00

Parrot and DJI variants Drone OSes - Kernel Panic Exploit

Exploit-DB Updates

[webapps] PHP CGI Module 8.3.4 - Remote Code Execution (RCE)

— June 15^th 2025 at 00:00

PHP CGI Module 8.3.4 - Remote Code Execution (RCE)

Exploit-DB Updates

[local] Microsoft Excel Use After Free - Local Code Execution

— June 15^th 2025 at 00:00

Microsoft Excel Use After Free - Local Code Execution

Exploit-DB Updates

[remote] AirKeyboard iOS App 1.0.5 - Remote Input Injection

— June 15^th 2025 at 00:00

AirKeyboard iOS App 1.0.5 - Remote Input Injection

Exploit-DB Updates

[webapps] Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI

— June 15^th 2025 at 00:00

Skyvern 0.1.85 - Remote Code Execution (RCE) via SSTI

Exploit-DB Updates

[remote] PCMan FTP Server 2.0.7 - Buffer Overflow

— June 15^th 2025 at 00:00

PCMan FTP Server 2.0.7 - Buffer Overflow

Exploit-DB Updates

[webapps] Anchor CMS 0.12.7 - Stored Cross Site Scripting (XSS)

— June 15^th 2025 at 00:00

Anchor CMS 0.12.7 - Stored Cross Site Scripting (XSS)

Exploit-DB Updates

[webapps] Roundcube 1.6.10 - Remote Code Execution (RCE)

— June 13^th 2025 at 00:00

Roundcube 1.6.10 - Remote Code Execution (RCE)

Exploit-DB Updates

[remote] Windows File Explorer Windows 10 Pro x64 - TAR Extraction

— June 13^th 2025 at 00:00

Windows File Explorer Windows 10 Pro x64 - TAR Extraction

Exploit-DB Updates

[remote] Freefloat FTP Server 1.0 - Remote Buffer Overflow

— June 13^th 2025 at 00:00

Freefloat FTP Server 1.0 - Remote Buffer Overflow

Exploit-DB Updates

[webapps] Laravel Pulse 1.3.1 - Arbitrary Code Injection

— June 9^th 2025 at 00:00

Laravel Pulse 1.3.1 - Arbitrary Code Injection

Exploit-DB Updates

[local] Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege

— June 9^th 2025 at 00:00

Microsoft Windows 11 Version 24H2 Cross Device Service - Elevation of Privilege

Exploit-DB Updates

[remote] ProSSHD 1.2 20090726 - Denial of Service (DoS)

— June 9^th 2025 at 00:00

ProSSHD 1.2 20090726 - Denial of Service (DoS)

Exploit-DB Updates

[local] TightVNC 2.8.83 - Control Pipe Manipulation

— June 9^th 2025 at 00:00

TightVNC 2.8.83 - Control Pipe Manipulation

Exploit-DB Updates

[webapps] CloudClassroom PHP Project 1.0 - SQL Injection

— June 5^th 2025 at 00:00

CloudClassroom PHP Project 1.0 - SQL Injection

Exploit-DB Updates

[remote] Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)

— June 5^th 2025 at 00:00

Microsoft Windows Server 2025 JScript Engine - Remote Code Execution (RCE)

Exploit-DB Updates

[remote] Grandstream GSD3710 1.0.11.13 - Stack Overflow

— June 5^th 2025 at 00:00

Grandstream GSD3710 1.0.11.13 - Stack Overflow

Exploit-DB Updates

[local] macOS LaunchDaemon iOS 17.2 - Privilege Escalation

— June 5^th 2025 at 00:00

macOS LaunchDaemon iOS 17.2 - Privilege Escalation

Exploit-DB Updates

[remote] ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)

— June 5^th 2025 at 00:00

ABB Cylon Aspect 3.08.04 DeploySource - Remote Code Execution (RCE)

Exploit-DB Updates

[remote] Apache Tomcat 10.1.39 - Denial of Service (DoS)

— June 5^th 2025 at 00:00

Apache Tomcat 10.1.39 - Denial of Service (DoS)

Exploit-DB Updates

[webapps] WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing

— May 29^th 2025 at 00:00

WordPress Digits Plugin 8.4.6.1 - Authentication Bypass via OTP Bruteforcing

Exploit-DB Updates

[remote] Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass

— May 29^th 2025 at 00:00

Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass

Exploit-DB Updates

[remote] Automic Agent 24.3.0 HF4 - Privilege Escalation

— May 29^th 2025 at 00:00

Automic Agent 24.3.0 HF4 - Privilege Escalation

Exploit-DB Updates

[remote] Windows File Explorer Windows 11 (23H2) - NTLM Hash Disclosure

— May 29^th 2025 at 00:00

Windows File Explorer Windows 11 (23H2) - NTLM Hash Disclosure

Exploit-DB Updates

[remote] SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal

— May 29^th 2025 at 00:00

SolarWinds Serv-U 15.4.2 HF1 - Directory Traversal

Exploit-DB Updates

[webapps] Campcodes Online Hospital Management System 1.0 - SQL Injection

— May 29^th 2025 at 00:00

Campcodes Online Hospital Management System 1.0 - SQL Injection

Exploit-DB Updates

[remote] ABB Cylon Aspect 3.08.03 - Guest2Root Privilege Escalation

— May 25^th 2025 at 00:00

ABB Cylon Aspect 3.08.03 - Guest2Root Privilege Escalation

Exploit-DB Updates

[local] ABB Cylon Aspect Studio 3.08.03 - Binary Planting

— May 25^th 2025 at 00:00

ABB Cylon Aspect Studio 3.08.03 - Binary Planting

Exploit-DB Updates

[remote] Windows 2024.15 - Unauthenticated Desktop Screenshot Capture

— May 25^th 2025 at 00:00

Windows 2024.15 - Unauthenticated Desktop Screenshot Capture

Exploit-DB Updates

[local] Microsoft Windows Server 2016 - Win32k Elevation of Privilege

— May 25^th 2025 at 00:00

Microsoft Windows Server 2016 - Win32k Elevation of Privilege

Exploit-DB Updates

[webapps] WordPress User Registration & Membership Plugin 4.1.2 - Authentication Bypass

— May 25^th 2025 at 00:00

WordPress User Registration & Membership Plugin 4.1.2 - Authentication Bypass

Exploit-DB Updates

[remote] Grandstream GSD3710 1.0.11.13 - Stack Buffer Overflow

— May 25^th 2025 at 00:00

Grandstream GSD3710 1.0.11.13 - Stack Buffer Overflow

Exploit-DB Updates

[webapps] Java-springboot-codebase 1.1 - Arbitrary File Read

— May 25^th 2025 at 00:00

Java-springboot-codebase 1.1 - Arbitrary File Read

Exploit-DB Updates

[remote] Remote Keyboard Desktop 1.0.1 - Remote Code Execution (RCE)

— May 21^st 2025 at 00:00

Remote Keyboard Desktop 1.0.1 - Remote Code Execution (RCE)

Exploit-DB Updates

[remote] Invision Community 5.0.6 - Remote Code Execution (RCE)

— May 18^th 2025 at 00:00

Invision Community 5.0.6 - Remote Code Execution (RCE)

Exploit-DB Updates

[local] Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation

— May 18^th 2025 at 00:00

Zyxel USG FLEX H series uOS 1.31 - Privilege Escalation

Exploit-DB Updates

[remote] CrushFTP 11.3.1 - Authentication Bypass

— May 18^th 2025 at 00:00

CrushFTP 11.3.1 - Authentication Bypass

Exploit-DB Updates

[local] RDPGuard 9.9.9 - Privilege Escalation

— May 13^th 2025 at 00:00

RDPGuard 9.9.9 - Privilege Escalation

Exploit-DB Updates

[webapps] Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)

— May 13^th 2025 at 00:00

Kentico Xperience 13.0.178 - Cross Site Scripting (XSS)

Exploit-DB Updates

[webapps] WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation

— May 13^th 2025 at 00:00

WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation

Exploit-DB Updates

[local] TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow

— May 13^th 2025 at 00:00

TP-Link VN020 F3v(T) TT_V6.2.1021) - DHCP Stack Buffer Overflow

Exploit-DB Updates

[local] Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation

— May 9^th 2025 at 00:00

Microsoft Windows 11 Pro 23H2 - Ancillary Function Driver for WinSock Privilege Escalation

Exploit-DB Updates

[local] VirtualBox 7.0.16 - Privilege Escalation

— May 9^th 2025 at 00:00

VirtualBox 7.0.16 - Privilege Escalation

Exploit-DB Updates

[webapps] WordPress Depicter Plugin 3.6.1 - SQL Injection

— May 9^th 2025 at 00:00

WordPress Depicter Plugin 3.6.1 - SQL Injection

Exploit-DB Updates

[webapps] SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation

— May 9^th 2025 at 00:00

SureTriggers OttoKit Plugin 1.0.82 - Privilege Escalation

Exploit-DB Updates

[remote] Apache ActiveMQ 6.1.6 - Denial of Service (DOS)

— May 9^th 2025 at 00:00

Apache ActiveMQ 6.1.6 - Denial of Service (DOS)

Exploit-DB Updates

[webapps] Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)

— May 6^th 2025 at 00:00

Casdoor 1.901.0 - Cross-Site Request Forgery (CSRF)

Exploit-DB Updates

[webapps] Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)

— May 6^th 2025 at 00:00

Grokability Snipe-IT 8.0.4 - Insecure Direct Object Reference (IDOR)

Exploit-DB Updates

[webapps] ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)

— May 6^th 2025 at 00:00

ERPNext 14.82.1 - Account Takeover via Cross-Site Request Forgery (CSRF)

Exploit-DB Updates

[local] Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing

— May 1^st 2025 at 00:00

Microsoft Windows - XRM-MS File NTLM Information Disclosure Spoofing

Exploit-DB Updates

[local] ZTE ZXV10 H201L - RCE via authentication bypass

— May 1^st 2025 at 00:00

ZTE ZXV10 H201L - RCE via authentication bypass

Exploit-DB Updates

[local] Daikin Security Gateway 14 - Remote Password Reset

— May 1^st 2025 at 00:00

Daikin Security Gateway 14 - Remote Password Reset

Exploit-DB Updates

[local] Microsoft - NTLM Hash Disclosure Spoofing (library-ms)

— May 1^st 2025 at 00:00

Microsoft - NTLM Hash Disclosure Spoofing (library-ms)

Exploit-DB Updates

[local] unzip-stream 0.3.1 - Arbitrary File Write

— April 30^th 2025 at 00:00

unzip-stream 0.3.1 - Arbitrary File Write