Google Security Research

1,215 exploits Active since May 2013
EIP-2026-103737 EXPLOITDB text WORKING POC
Wireshark - dissect_nhdr_extopt Stack Buffer Overflow
CVE-2015-8730 EXPLOITDB MEDIUM text WORKING POC
Wireshark 1.12.x < 1.12.9 and 2.0.x < 2.0.1 - Denial of Service in NBAP Dissector
epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet.
CVSS 5.5
CVE-2015-8740 EXPLOITDB MEDIUM text WORKING POC
Wireshark 2.0.x < 2.0.1 - Denial of Service via TDS Dissector Column Count Overflow
The dissect_tds7_colmetadata_token function in epan/dissectors/packet-tds.c in the TDS dissector in Wireshark 2.0.x before 2.0.1 does not validate the number of columns, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
CVSS 5.3
EIP-2026-103736 EXPLOITDB text WORKING POC
Wireshark - dissect_ber_set Static Out-of-Bounds Read
EIP-2026-103735 EXPLOITDB text WORKING POC
Wireshark - dissect_ber_integer Static Out-of-Bounds Write
EIP-2026-103734 EXPLOITDB text WORKING POC
Wireshark - dissect_ber_constrained_bitstring Heap Out-of-Bounds Read
EIP-2026-103733 EXPLOITDB text WORKING POC
Wireshark - dissect_2008_16_security_4 Stack Buffer Overflow
CVE-2015-8731 EXPLOITDB MEDIUM text WORKING POC
Wireshark 1.12.x < 1.12.9 and 2.0.x < 2.0.1 - Denial of Service via RSL Dissector TLV Type Handling
The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
CVSS 5.5
CVE-2015-8729 EXPLOITDB MEDIUM text WORKING POC
Wireshark 1.12.x < 1.12.9 and 2.0.x < 2.0.1 - Denial of Service in Ascend File Parser
The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
CVSS 5.5
EIP-2026-103732 EXPLOITDB text WRITEUP
Wireshark - alloc_address_wmem Assertion Failure
CVE-2015-8723 EXPLOITDB MEDIUM text WORKING POC
Wireshark 1.12.x < 1.12.9 and 2.0.x < 2.0.1 - Denial of Service via AirPDcapPacketProcess Buffer Overflow
The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
CVSS 5.5
EIP-2026-103731 EXPLOITDB text WRITEUP
Wireshark - add_ff_vht_compressed_beamforming_report Static Out-of-Bounds Read
CVE-2018-4937 EXPLOITDB HIGH text WORKING POC
Adobe Flash Player < 29.0.0.113 - Out-of-bounds Write
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVSS 8.8
CVE-2016-1104 EXPLOITDB HIGH text WORKING POC
Adobe Flash Player <=21.0.0.213 Object Placing - Out-of-Bounds Read
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
CVSS 7.5
CVE-2017-3064 EXPLOITDB HIGH text WORKING POC
Adobe Flash Player <= 25.0.0.127 - Memory Corruption via Shape Outline Parsing
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability when parsing a shape outline. Successful exploitation could lead to arbitrary code execution.
CVSS 7.8
CVE-2017-11282 EXPLOITDB CRITICAL text WORKING POC
Adobe Flash Player < 26.0.0.151 - Memory Corruption in MP4 Atom Parser
Adobe Flash Player has an exploitable memory corruption vulnerability in the MP4 atom parser. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.
CVSS 9.8
CVE-2017-11281 EXPLOITDB CRITICAL text WORKING POC
Adobe Flash Player < 26.0.0.151 - Memory Corruption in Text Handling
Adobe Flash Player has an exploitable memory corruption vulnerability in the text handling function. Successful exploitation could lead to arbitrary code execution. This affects 26.0.0.151 and earlier.
CVSS 9.8
CVE-2016-0965 EXPLOITDB HIGH text WORKING POC
Adobe Flash Player <18.0.0.329, 19.x, 20.x - Memory Corruption
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981.
CVSS 8.8
CVE-2015-3107 EXPLOITDB text WORKING POC
Adobe Flash Player <13.0.0.292-18.x - RCE
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe AIR SDK & Compiler before 18.0.0.144 on Windows and before 18.0.0.143 on OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3103 and CVE-2015-3106.
CVE-2017-2992 EXPLOITDB HIGH text WORKING POC
Adobe Flash Player < 24.0.0.194 - Remote Code Execution via MP4 Header Parsing
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable heap overflow vulnerability when parsing an MP4 header. Successful exploitation could lead to arbitrary code execution.
CVSS 8.8
CVE-2016-4230 EXPLOITDB HIGH text WORKING POC
Adobe Flash Player <22.0.0.209 - Use After Free
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4231, and CVE-2016-4248.
CVSS 8.8
CVE-2017-2932 EXPLOITDB HIGH text WORKING POC
Adobe Flash Player < 24.0.0.186 - Use-After-Free in ActionScript MovieClip
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript MovieClip class. Successful exploitation could lead to arbitrary code execution.
CVSS 8.8
CVE-2016-4231 EXPLOITDB HIGH text WORKING POC
Adobe Flash Player <22.0.0.209 - Use After Free
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, and CVE-2016-4248.
CVSS 8.8
CVE-2017-2931 EXPLOITDB HIGH text WORKING POC
Adobe Flash Player < 24.0.0.186 - Memory Corruption via SWF Metadata Parsing
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to the parsing of SWF metadata. Successful exploitation could lead to arbitrary code execution.
CVSS 8.8
CVE-2017-3061 EXPLOITDB CRITICAL text WORKING POC
Adobe Flash Player <= 25.0.0.127 - Memory Corruption in SWF Parser
Adobe Flash Player versions 25.0.0.127 and earlier have an exploitable memory corruption vulnerability in the SWF parser. Successful exploitation could lead to arbitrary code execution.
CVSS 9.8