combined exploit-db.com and osvdb.org unofficial mirror
A glimpse into one of the most elite zero-day trading networks of the world.

< private/oday – new – authors – aix – android – arm – asp – atheos – beos – bsd – bsdi_x86 – bsd_ppc – bsd_x86 – cfm – cgi – freebsd – freebsd_x86 – freebsd_x86-64 – generator >
< hardware – hp-ux – immunix – ios – irix – java – jsp – linux – linux_mips – linux_ppc – linux_sparc – lin_amd64 – lin_x86 – lin_x86-64 – minix – mips >
< multiple – netbsd_x86 – netware – novell – openbsd – openbsd_x86 – osx – osx_ppc – palm_os – php – plan9 – qnx – sco – sco_x86 – sh4 – solaris >
< solaris_sparc – solaris_x86 – tru64 – ultrix – unix – unixware – win32 – win64 – windows – tools – compiled books >




Remote Exploits

VSAT Sailor 900 - Remote Exploit 
Nicholas Lemonias. 2015-01-29 hardware
ClearSCADA - Remote Authentication Bypass Exploit 
Jeremy Brown 2015-01-28 windows
D-Link DSL-2740R - Unauthenticated Remote DNS Change Exploit 
Todor Donev 2015-01-27 hardware
Cisco Ironport Appliances - Privilege Escalation Vulnerability 
Glafkos Charalambous  2015-01-22 hardware
Bsplayer 2.68 - HTTP Response Buffer Overflow 
Fady Mohammed Osman 2015-01-20 windows
ManageEngine Multiple Products Authenticated File Upload 
metasploit 2015-01-20 java
Samsung SmartViewer BackupToAvi 3.0 - Remote Code Execution 
Praveen Darshanam 2015-01-19 windows
Lexmark MarkVision Enterprise Arbitrary File Upload 
metasploit 2015-01-13 java
Oracle MySQL for Microsoft Windows FILE Privilege Abuse 
metasploit 2015-01-13 windows
WordPress WP Symposium 14.11 Shell Upload 
metasploit 2015-01-13 php

Local Exploits

OS X < 10.10.x - Gatekeeper bypass Vulnerability 
Amplia Security Research 2015-01-29 osx
UniPDF 1.1 - Crash PoC (SEH overwritten) 
bonze 2015-01-29 windows
Microsoft Windows Server 2003 SP2 - Privilege Escalation 
KoreLogic 2015-01-29 windows
VLC Player 2.1.5 - DEP Access Violation Vulnerability 
Veysel HATAS 2015-01-26 windows
VLC Player 2.1.5 - Write Access Violation Vulnerability 
Veysel HATAS 2015-01-26 windows
Comodo Backup 4.4.0.0 - NULL Pointer Dereference EOP 
ParvezGHH 2015-01-26 windows
OS X networkd "effective_audit_token" XPC Type Confusion Sandbox Escape 
Google Security Research 2015-01-20 osx
OS X 10.9.5 IOKit IntelAccelerator NULL Pointer Dereference 
Google Security Research 2015-01-20 osx
Windows < 8.1 (32/64 bit) - Privilege Escalation (User Profile Service) (MS15-003) 
Google Security Research 2015-01-18 windows
Sim Editor 6.6 - Stack Based Buffer Overflow 
Osanda Malith 2015-01-16 windows

Webapp Exploits

ManageEngine Firewall Analyzer 8.0 - Directory Traversal/XSS Vulnerabilities 
Sepahan TelCom IT Group 2015-01-29 hardware
Mangallam CMS - SQL Injection Web Vulnerability 
Vulnerability-Lab 2015-01-26 php
Barracuda Networks Cloud Series - Filter Bypass Vulnerability 
Vulnerability-Lab 2015-01-26 php
ManageEngine ServiceDesk Plus 9.0 (< Build 9031) - User Privileges Management Vulnerability 
Rewterz - Research Group 2015-01-26 jsp
PHP Webquest 2.6 - SQL Injection 
jordan root 2015-01-26 php
ecommerceMajor - SQL Injection And Authentication bypass 
Manish Tanwar 2015-01-22 php
ManageEngine ServiceDesk Plus 9.0 - User Enumeration Vulnerability 
Muhammad Ahmed Siddiqui 2015-01-22 jsp
ArticleFR CMS 3.0.5 - Arbitrary File Upload  
TranDinhTien 2015-01-21 php
RedaxScript 2.1.0 - Privilege Escalation 
shyamkumar somana 2015-01-20 php
WordPress Pixarbay Images Plugin 2.3 - Multiple Vulnerabilities 
Hans-Martin Muench 2015-01-20 php

DoS/PoC Exploits

FreeBSD Kernel Multiple Vulnerabilities 
Core Security 2015-01-29 freebsd
Android WiFi-Direct Denial of Service 
Core Security 2015-01-26 android
Exif Pilot 4.7.2 - SEH Based Buffer Overflow 
Osanda M. Jayathissa 2015-01-22 windows
Crystal Player 1.99 - Memory Corruption Vulnerability 
Kapil Soni 2015-01-21 windows
Zhone GPON 2520 R4.0.2.566b - Crash PoC 
Kaczinski Ramirez 2015-01-21 hardware
MalwareBytes Anti-Exploit 1.03.1.1220, 1.04.1.1012 Out-of-bounds Read DoS 
Parvez Anwar 2015-01-20 windows
OS X 10.10 IOKit IntelAccelerator NULL Pointer Dereference 
Google Security Research 2015-01-20 osx
OS X 10.10 Bluetooth DispatchHCICreateConnection - Crash PoC 
rpaleari and joystick 2015-01-13 osx
OS X 10.10 Bluetooth BluetoothHCIChangeLocalName - Crash PoC 
rpaleari and joystick 2015-01-13 osx
OS X 10.10 Bluetooth TransferACLPacketToHW - Crash PoC 
rpaleari and joystick 2015-01-13 osx

Shellcode

Obfuscated Shellcode Windows x86 - [1218 Bytes] Add Administrator User/Pass ALI/ALI & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service 
Ali Razmjoo 2015-01-13 win32
Obfuscated Shellcode Windows x64 - [1218 Bytes] Add Administrator User/Pass ALI/ALI & Add ALI To RDP Group & Enable RDP From Registry & STOP Firewall & Auto Start Terminal Service 
Ali Razmjoo 2015-01-13 win64
x64 Linux bind TCP port shellcode (81 bytes, 96 with password) 
Sean Dillon 2014-12-22 lin_x86-64
x64 Linux reverse TCP connect shellcode (77 to 85 bytes, 90 to 98 with password) 
Sean Dillon 2014-12-22 lin_x86-64
Linux x86 rmdir - 37 bytes Stack shellcode 
kw4 2014-12-11 linux
Position independent & Alphanumeric 64-bit execve("/bin/sh\0",NULL,NULL); (87 bytes) 
Breaking.Technology 2014-11-10 linux
Linux/x86 Add map in /etc/hosts file 
Javier Tejedor 2014-09-25 lin_x86
Connect Back Shellcode - 139 bytes 
MadMouse 2014-09-15 linux
Obfuscated Shellcode Linux x86 - chmod 777 (/etc/passwd + /etc/shadow) & Add New Root User & Execute /bin/bash 
Ali Razmjoo 2014-09-09 linux
Shellcode Linux x86 - chmod (777 /etc/passwd & /etc/shadow), Add New Root User (ALI/ALI) & Execute /bin/sh 
Ali Razmjoo 2014-08-04 linux