Exploitdb Exploits

3,149 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-118061 EXPLOITDB c
VirIT Explorer Lite & Pro 8.1.68 - Local Privilege Escalation
by Paolo Stagno
CVE-2016-0801 EXPLOITDB CRITICAL c
Broadcom Wi-Fi driver - Memory Corruption
The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029.
by AbdSec
CVSS 9.8
EIP-2026-101132 EXPLOITDB c VERIFIED
Sony Playstation 4 (PS4) 1.76 - 'dlclose' Linux Kernel Loader
by Carlos Pizarro
EIP-2026-115408 EXPLOITDB c VERIFIED
Hyper-V - 'vmswitch.sys' VmsMpCommonPvtHandleMulticastOids Guest to Host Kernel-Pool Overflow
by Google Security Research
CVE-2016-1743 EXPLOITDB HIGH c
Apple OS X <10.11.4 - RCE
The Intel driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1744.
by Piotr Bania
CVSS 7.8
CVE-2016-1744 EXPLOITDB HIGH c VERIFIED
Apple OS X <10.11.4 - RCE
The Intel driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1743.
by Google Security Research
CVSS 7.8
CVE-2016-1741 EXPLOITDB CRITICAL c VERIFIED
Apple OS X <10.11.4 - RCE/DoS
The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
by Google Security Research
CVSS 9.8
CVE-2016-1749 EXPLOITDB HIGH c VERIFIED
Apple OS X <10.11.4 - RCE/DoS
IOUSBFamily in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
by Google Security Research
CVSS 7.8
CVE-2016-1755 EXPLOITDB HIGH c VERIFIED
Apple iOS <9.3 - Privilege Escalation
The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1754.
by Google Security Research
CVSS 7.8
CVE-2016-1885 EXPLOITDB MEDIUM c VERIFIED
FreeBSD <9.3p39, 10.1p31, 10.2p14 - DoS
Integer signedness error in the amd64_set_ldt function in sys/amd64/amd64/sys_machdep.c in FreeBSD 9.3 before p39, 10.1 before p31, and 10.2 before p14 allows local users to cause a denial of service (kernel panic) via an i386_set_ldt system call, which triggers a heap-based buffer overflow.
by Core Security
CVSS 6.2
CVE-2016-4534 EXPLOITDB LOW c
Mcafee Virusscan Enterprise - Access Control
The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles.
by Maurizio Agazzini
CVSS 3.0
CVE-2016-3984 EXPLOITDB MEDIUM c
McAfee - Multiple Vulns
The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys.
by Maurizio Agazzini
CVSS 5.1
EIP-2026-102644 EXPLOITDB c VERIFIED
Linux Kernel - io_submit L2TP sendmsg Integer Overflow
by Google Security Research
EIP-2026-100043 EXPLOITDB c VERIFIED
Qualcomm Adreno GPU MSM Driver - perfcounter Query Heap Overflow
by Google Security Research
EIP-2026-102705 EXPLOITDB c
NTPd ntp-4.2.6p5 - 'ctl_putdata()' Buffer Overflow (PoC)
by Marcin Kozlowski
CVE-2016-0051 EXPLOITDB HIGH c VERIFIED
Microsoft Windows 10 - Access Control
The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "WebDAV Elevation of Privilege Vulnerability."
by koczkatamas
CVSS 7.8
CVE-2015-7047 EXPLOITDB c VERIFIED
Apple Watchos < 2.0 - Improper Input Validation
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.
by Google Security Research
CVE-2015-7047 EXPLOITDB c VERIFIED
Apple Watchos < 2.0 - Improper Input Validation
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.
by Google Security Research
CVE-2015-7047 EXPLOITDB c VERIFIED
Apple Watchos < 2.0 - Improper Input Validation
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.
by Google Security Research
CVE-2015-7078 EXPLOITDB c VERIFIED
Apple Mac OS X < 10.11.1 - Use After Free
Use-after-free vulnerability in Hypervisor in Apple OS X before 10.11.2 allows local users to gain privileges via vectors involving VM objects.
by Google Security Research
CVE-2015-6996 EXPLOITDB c VERIFIED
Apple Iphone OS < 9.0.2 - Memory Corruption
IOAcceleratorFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
by Google Security Research
CVE-2016-1720 EXPLOITDB HIGH c VERIFIED
IOKit <9.2.1-10.11.3-9.1.1 - Privilege Escalation/DoS
IOKit in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
by Google Security Research
CVSS 7.8
CVE-2015-7068 EXPLOITDB HIGH c VERIFIED
Apple Iphone OS < 9.2 - NULL Pointer Dereference
IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an app that provides an unspecified userclient type.
by Google Security Research
CVSS 7.8
CVE-2015-7047 EXPLOITDB c VERIFIED
Apple Watchos < 2.0 - Improper Input Validation
The kernel in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows local users to gain privileges via a crafted mach message that is misparsed.
by Google Security Research
CVE-2015-6995 EXPLOITDB c VERIFIED
Apple Mac OS X < 10.11.0 - Memory Corruption
The Disk Images component in Apple iOS before 9.1 and OS X before 10.11.1 misparses images, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app.
by Google Security Research
By Source
All 3,149 Exploitdb 50,123 Writeup 46,591 Nomisec 21,116 Metasploit 3,189 Github 2,221 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,726 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 256 c++ 245 shell 67 go 41 postscript 25 xml 24