CVE & Exploit Intelligence Database

Updated 3h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

337,847 CVEs tracked 53,242 with exploits 4,725 exploited in wild 1,540 CISA KEV 3,918 Nuclei templates 37,802 vendors 42,493 researchers

110,638 results Clear all

CVE-2015-7252 6.1 MEDIUM 1 PoC Analysis EPSS 0.24

ZTE Zxhn H108n R1a Firmware - XSS

Cross-site scripting (XSS) vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to inject arbitrary web script or HTML via the errorpage parameter.

CWE-79 Dec 30, 2015

CVE-2015-7249 4.9 MEDIUM 1 PoC Analysis EPSS 0.11

ZTE Zxhn H108n R1a Firmware - Access Control

ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote authenticated users to bypass intended access restrictions via a modified request, as demonstrated by leveraging the support account to change a password via a cgi-bin/webproc accountpsd action.

CWE-264 Dec 30, 2015

CVE-2015-7791 6.3 MEDIUM EPSS 0.00

Collne Welcart <1.5.3 - SQL Injection

Multiple SQL injection vulnerabilities in admin.php in the Collne Welcart plugin before 1.5.3 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) search[column] or (2) switch parameter.

CWE-89 Dec 29, 2015

CVE-2015-5299 5.3 MEDIUM EPSS 0.08

Samba <4.1.22-4.3.3 - Info Disclosure

The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not verify that the DIRECTORY_LIST access right has been granted, which allows remote attackers to access snapshots by visiting a shadow copy directory.

CWE-200 Dec 29, 2015

CVE-2015-5296 5.4 MEDIUM EPSS 0.03

Samba <4.1.22-4.3.3 - Info Disclosure

Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-server data stream, related to clidfs.c, libsmb_server.c, and smbXcli_base.c.

CWE-20 Dec 29, 2015

CVE-2015-3223 5.3 MEDIUM EPSS 0.19

Samba <4.1.22-4.3.3 - DoS

The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.

CWE-399 Dec 29, 2015

CVE-2015-7786 6.1 MEDIUM EPSS 0.00

NTT DATA Smart Sourcing <2013-07-09 - XSS

Cross-site scripting (XSS) vulnerability in the NTT DATA Smart Sourcing JavaScript module 2003-11-26 through 2013-07-09 for Web Analytics Service allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Dec 29, 2015

CVE-2015-6852 4.3 MEDIUM EPSS 0.00

EMC Secure Remote Services - Information Disclosure

Directory traversal vulnerability in the API in EMC Secure Remote Services Virtual Edition 3.x before 3.10 allows remote authenticated users to read log files via a crafted parameter.

CWE-200 Dec 28, 2015

CVE-2015-8660 6.7 MEDIUM 7 PoCs Analysis EPSS 0.63

Overlayfs Privilege Escalation

The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.

CWE-264 Dec 28, 2015

CVE-2015-8374 4.0 MEDIUM EPSS 0.00

Linux kernel <4.3.3 - Info Disclosure

fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action.

CWE-200 Dec 28, 2015

CVE-2015-7990 5.8 MEDIUM EPSS 0.00

Linux kernel <4.3.3 - DoS

Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6937.

CWE-362 Dec 28, 2015

CVE-2015-7509 4.4 MEDIUM 1 Writeup EPSS 0.00

Linux kernel <3.7 - DoS

fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015.

CWE-20 Dec 28, 2015

CVE-2013-7446 5.3 MEDIUM EPSS 0.00

Linux kernel <4.3.3 - Use After Free

Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.

CVE-2015-7783 6.1 MEDIUM EPSS 0.00

Let's PHP! p++BBS <4.10 - XSS

Cross-site scripting (XSS) vulnerability in Let's PHP! p++BBS before 4.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CWE-79 Dec 27, 2015

CVE-2015-7665 5.3 MEDIUM EPSS 0.00

Tails <1.7 - Info Disclosure

Tails before 1.7 includes the wget program but does not prevent automatic fallback from passive FTP to active FTP, which allows remote FTP servers to discover the Tor client IP address by reading a (1) PORT or (2) EPRT command. NOTE: within wget itself, the automatic fallback is not considered a vulnerability by CVE.

CWE-200 Dec 27, 2015

CVE-2015-8262 6.8 MEDIUM EPSS 0.01

Buffalo WZR-600DHP2 - Info Disclosure

Buffalo WZR-600DHP2 devices with firmware 2.09, 2.13, and 2.16 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by predicting this value.

CVE-2015-8254 5.9 MEDIUM EPSS 0.00

Frontel <3 - Info Disclosure

The Frontel protocol before 3 on RSI Video Technologies Videofied devices does not use integrity protection, which makes it easier for man-in-the-middle attackers to (1) initiate a false alarm or (2) deactivate an alarm by modifying the client-server data stream.

CWE-345 Dec 27, 2015

CVE-2015-8252 5.9 MEDIUM EPSS 0.01

Frontel <3 - Info Disclosure

The Frontel protocol before 3 on RSI Video Technologies Videofied devices sends a cleartext serial number, which allows remote attackers to determine a hardcoded key by sniffing the network and performing a "jumbled up" calculation with this number.

CWE-200 Dec 27, 2015

CVE-2015-6005 6.9 MEDIUM EPSS 0.00

IPSwitch WhatsUp Gold <16.4 - XSS

Multiple cross-site scripting (XSS) vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to inject arbitrary web script or HTML via (1) an SNMP OID object, (2) an SNMP trap message, (3) the View Names field, (4) the Group Names field, (5) the Flow Monitor Credentials field, (6) the Flow Monitor Threshold Name field, (7) the Task Library Name field, (8) the Task Library Description field, (9) the Policy Library Name field, (10) the Policy Library Description field, (11) the Template Library Name field, (12) the Template Library Description field, (13) the System Script Library Name field, (14) the System Script Library Description field, or (15) the CLI Settings Library Description field.

CWE-79 Dec 27, 2015

CVE-2015-6004 6.5 MEDIUM EPSS 0.17

IPSwitch WhatsUp Gold <16.4 - SQL Injection

Multiple SQL injection vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to execute arbitrary SQL commands via (1) the UniqueID (aka sUniqueID) parameter to WrFreeFormText.asp in the Reports component or (2) the Find Device parameter.

CWE-89 Dec 27, 2015