Exploitdb Exploits

3,138 exploits tracked across all sources.

Sort: Activity Stars
CVE-2017-5972 EXPLOITDB HIGH c
Linux Kernel 3.0.0-3.19.8 - Denial of Service via TCP SYN Flood
The TCP stack in the Linux kernel 3.x does not properly implement a SYN cookie protection mechanism for the case of a fast network connection, which allows remote attackers to cause a denial of service (CPU consumption) by sending many TCP SYN packets, as demonstrated by an attack against the kernel-3.10.0 package in CentOS Linux 7. NOTE: third parties have been unable to discern any relationship between the GitHub Engineering finding and the Trigemini.c attack code.
by FarazPajohan
CVSS 7.5
CVE-2017-5329 EXPLOITDB HIGH c VERIFIED
Palo Alto Networks Terminal Services Agent < 7.0.6 - Out-of-bounds Write
Palo Alto Networks Terminal Services Agent before 7.0.7 allows local users to gain privileges via vectors that trigger an out-of-bounds write operation.
by Parvez Anwar
CVSS 7.8
CVE-2017-3730 EXPLOITDB HIGH c
OpenSSL 1.1.0 - Denial of Service via NULL Pointer Dereference in DHE/ECDHE Key Exchange
In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
by Guido Vranken
CVSS 7.5
CVE-2017-2353 EXPLOITDB HIGH c VERIFIED
macOS < 10.12.3 - Use-After-Free in Bluetooth Component
An issue was discovered in certain Apple products. macOS before 10.12.3 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app.
by Google Security Research
CVSS 7.8
CVE-2017-2360 EXPLOITDB HIGH c VERIFIED
Apple <10.2.1, <10.12.3, <10.1.1, <3.1.3 - RCE/DoS
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via a crafted app.
by Google Security Research
CVSS 7.8
CVE-2015-6565 EXPLOITDB c
OpenSSH 6.8-6.9 - Denial of Service via TTY Device Permission Issue
sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local users to cause a denial of service (terminal disruption) or possibly have unspecified other impact by writing to a device, as demonstrated by writing an escape sequence.
by Federico Bento
EIP-2026-114757 EXPLOITDB c
SunOS 5.11 ICMP - Denial of Service
by Todor Donev
CVE-2016-1827 EXPLOITDB HIGH c
Apple iOS <9.3.2 - Privilege Escalation
The kernel in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1828, CVE-2016-1829, and CVE-2016-1830.
by Brandon Azad
CVSS 7.8
CVE-2016-7255 EXPLOITDB HIGH c
Microsoft Windows - Privilege Escalation
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
by Rick Larabee
CVSS 7.8
EIP-2026-117373 EXPLOITDB c VERIFIED
Kaspersky 17.0.0 - Local CA Root Incorrectly Protected
by Google Security Research
CVE-2017-5180 EXPLOITDB HIGH c
Firejail <0.9.44.4 & 0.9.38.x LTS <0.9.38.8 - Sandbox-Escape
Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option.
by Sebastian Krahmer
CVSS 8.8
EIP-2026-119640 EXPLOITDB c VERIFIED
Microsoft Windows 8.1 (x64) - 'RGNOBJ' Integer Overflow (MS16-098)
by Saif
CVE-2016-7660 EXPLOITDB HIGH c VERIFIED
iPhone OS < 10.2, macOS < 10.12.2, watchOS < 3.1.3 - Local Privilege Escalation via Syslog Mach Port Name References
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "syslog" component. It allows local users to gain privileges via unspecified vectors related to Mach port name references.
by Google Security Research
CVSS 7.8
CVE-2016-7661 EXPLOITDB HIGH c VERIFIED
iPhone OS < 10.2 and macOS < 10.12.2 - Local Privilege Escalation via Power Management Mach Port Name References
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. The issue involves the "Power Management" component. It allows local users to gain privileges via unspecified vectors related to Mach port name references.
by Google Security Research
CVSS 7.8
CVE-2016-7637 EXPLOITDB HIGH c VERIFIED
iPhone OS < 10.2, macOS < 10.12.2, watchOS < 3.1.3 - Kernel Memory Corruption
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
by Google Security Research
CVSS 7.8
CVE-2016-7621 EXPLOITDB HIGH c VERIFIED
watchOS < 3.1.3 - Use-After-Free in Kernel
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows local users to execute arbitrary code in a privileged context or cause a denial of service (use-after-free) via unspecified vectors.
by Google Security Research
CVSS 7.8
CVE-2016-7617 EXPLOITDB HIGH c VERIFIED
macOS < 10.12.2 - Remote Code Execution or Denial of Service via Bluetooth Type Confusion
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Bluetooth" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (type confusion) via a crafted app.
by Google Security Research
CVSS 7.8
CVE-2016-7633 EXPLOITDB HIGH c VERIFIED
macOS < 10.12.2 - Use-After-Free in Directory Services
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue involves the "Directory Services" component. It allows local users to gain privileges or cause a denial of service (use-after-free) via unspecified vectors.
by Google Security Research
CVSS 7.8
CVE-2016-8655 EXPLOITDB HIGH c VERIFIED
AF_PACKET chocobo_root Privilege Escalation
Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.
by rebel
CVSS 7.8
CVE-2016-5195 EXPLOITDB HIGH c VERIFIED
Linux Kernel 2.x-4.x < 4.8.3 - Local Privilege Escalation via Dirty COW Race Condition
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
by FireFart
CVSS 7.0
EIP-2026-102653 EXPLOITDB c
Linux Kernel 2.6.32-642/3.16.0-4 - 'inode' Integer Overflow
by Todor Donev
EIP-2026-102660 EXPLOITDB c
Linux Kernel 4.8.0-22/3.10.0-327 (Ubuntu 16.10 / RedHat) - 'keyctl' Null Pointer Dereference
by OpenSource Security
CVE-2016-7255 EXPLOITDB HIGH c
Microsoft Windows - Privilege Escalation
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
by TinySec
CVSS 7.8
CVE-2016-6663 EXPLOITDB HIGH c
Oracle MySQL <5.5.52, 5.6.x <5.6.33, 5.7.x <5.7.15, and 8.x <8.0.1 - Privilege Escalation
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
by Dawid Golunski
CVSS 7.0
CVE-2016-1863 EXPLOITDB HIGH c VERIFIED
Apple iOS <9.3.3, OS X <10.11.6, tvOS <9.2.2, watchOS <2.2.2 - Pri...
The kernel in Apple iOS before 9.3.3, OS X before 10.11.6, tvOS before 9.2.2, and watchOS before 2.2.2 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4582 and CVE-2016-4653.
by Google Security Research
CVSS 7.8
By Source
All 3,138 Writeup 61,943 Exploitdb 50,073 Nomisec 22,304 Github 3,478 Metasploit 3,294 Vulncheck_xdb 926 Inthewild 514 Gitlab 470 Gitee 415 Patchapalooza 312
By Language
text 31,383 python 6,492 ruby 5,984 c 3,619 perl 2,849 html 2,071 php 1,331 bash 462 java 370 c++ 255 javascript 228 shell 127 go 72 postscript 25 typescript 25