combined exploit-db.com and osvdb.org unofficial mirror
A glimpse into one of the most elite zero-day trading networks of the world.




Remote Exploits
Acunetix WVS 10 - Remote Command Execution (System) Daniele Linguaglossa 2016-05-02 windows
Apache Struts Dynamic Method Invocation Remote Code Execution metasploit 2016-05-02 linux
PHP 7.0.5 - ZipArchive::getFrom* Integer Overflow Hans Jerry Illikainen 2016-04-28 php
Advantech WebAccess Dashboard Viewer Arbitrary File Upload metasploit 2016-04-26 windows
libgd 2.1.1 - Signedness Heap Overflow Hans Jerry Illikainen 2016-04-26 linux
PCMan FTP Server 2.0.7 - RENAME Command Buffer Overflow (MSF) Jonathan Smith 2016-04-25 win32
Novell ServiceDesk Authenticated File Upload metasploit 2016-04-18 multiple
Internet Explorer 9_ 10_ 11 - CDOMStringDataList::InitFromString Out-of-Bounds Read (MS15-112) Ashfaq Ansari 2016-04-14 windows
Dell KACE K1000 File Upload metasploit 2016-04-13 unix
Easy File Sharing HTTP Server 7.2 SEH Overflow metasploit 2016-04-05 windows

Local Exploits
TRN Threaded USENET News Reader 3.6-23 - Local Stack-Based Overflow Juan Sacco 2016-05-04 linux
Zabbix Agent 3.0.1 - mysql.size Shell Command Injection Timo Lindfors 2016-05-04 linux
Linux Kernel 4.4.x (Ubuntu 16.04) - Use-After-Free via double-fdput() in bpf(BPF_PROG_LOAD) Error Path Local Root Exploit Google Security Research 2016-05-04 linux
QSEE - PRDiag* Commands Privilege Escalation Exploit laginimaineb 2016-05-02 android
Mach Race OS X Local Privilege Escalation Exploit fG! 2016-04-27 osx
Yasr Screen Reader 0.6.9 - Local Buffer Overflow Juan Sacco 2016-04-26 linux
CompuSource Systems - Real Time Home Banking - Local Privilege Escalation Information Paradox 2016-04-25 windows
Microsoft Windows 7-10 & Server 2008-2012 - Local Privilege Escalation (x32/x64) (MS16-032) (Powershell) b33f 2016-04-21 windows
Exim _perl_startup_ Privilege Escalation metasploit 2016-04-15 linux
Texas Instrument Emulator 3.03 - Local Buffer Overflow Juan Sacco 2016-04-13 linux

Web Application Exploits
Alibaba Clone B2B Script - Admin Authentication Bypass Meisam Monsef 2016-05-04 php
CMS Made Simple < 2.1.3 & < 1.12.1 - Web Server Cache Poisoning Mickaël Walter 2016-05-04 php
Acunetix WP Security Plugin 3.0.3 - XSS Johto Robbie 2016-05-04 php
NetCommWireless HSPA 3G10WVE Wireless Router – Multiple Vulnerabilities Bhadresh Patel 2016-05-04 cgi
IPFire < 2.19 Core Update 101 - Remote Command Execution Yann CAM 2016-05-04 cgi
PHP Imagick 3.3.0 - disable_functions Bypass RicterZ 2016-05-04 php
WordPress Ghost Plugin 0.5.5 - Unrestricted Export Download Josh Brody 2016-05-02 php
Observium 0.16.7533 - Cross Site Request Forgery Dolev Farhi 2016-04-29 php
Observium 0.16.7533 - Authenticated Arbitrary Command Execution Dolev Farhi 2016-04-29 php
Merit Lilin IP Cameras - Multiple Vulnerabilities Orwelllabs 2016-04-29 cgi

DoS/PoC Exploits
ImageMagick < 6.9.3-9 - Multiple Vulnerabilities Nikolay Ermishkin 2016-05-04 multiple
OpenSSL Padding Oracle in AES-NI CBC MAC Check Juraj Somorovsky 2016-05-04 multiple
McAfee LiveSafe 14.0 - Relocations Processing Memory Corruption Google Security Research 2016-05-04 windows
Linux (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow) Google Security Research 2016-05-04 linux
Linux (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps Google Security Research 2016-05-04 linux
Rough Auditing Tool for Security (RATS) 2.3 - Array Out of Block Crash David Silveiro 2016-04-29 linux
Wireshark - dissect_2008_16_security_4 Stack-Based Buffer Overflow Google Security Research 2016-04-29 multiple
Wireshark - alloc_address_wmem Assertion Failure Google Security Research 2016-04-29 multiple
Wireshark - ett_zbee_zcl_pwr_prof_enphases Static Out-of-Bounds Read Google Security Research 2016-04-29 multiple
Windows Kernel - win32k.sys TTF Processing EBLC / EBSC Tables Pool Corruption (MS16-039) Google Security Research 2016-04-28 windows

Shellcode
.Net Framework Execute Native x86 Shellcode Jacky5112 2016-05-02 win32
Linux x64 - Bind Shell Shellcode Generator Ajith Kp 2016-04-25 lin_x86-64
Linux x86 Reverse TCP Shellcode (ipv6) Roziul Hasan Khan Shifat 2016-04-25 lin_x86
Linux/x86_64 - bindshell (Port 5600) - 86 bytes Ajith Kp 2016-04-21 lin_x86-64
Linux/x86_64 - Read /etc/passwd - 65 bytes Ajith Kp 2016-04-15 lin_x86-64
Linux/x86_64 - bindshell (PORT: 5600) - 81 bytes Ajith Kp 2016-04-11 lin_x86-64
Linux/x86_x64 - execve(/bin/sh) - 25 bytes Ajith Kp 2016-03-28 lin_x86-64
Linux/x86_x64 - execve(/bin/bash) - 33 bytes Ajith Kp 2016-03-28 lin_x86-64
Linux/x86_x64 - execve(/bin/sh) - 26 bytes Ajith Kp 2016-03-24 lin_x86-64
x86 Windows Null-Free Download & Run via WebDAV Shellcode (96 bytes) Sean Dillon 2016-03-02 win32