C Exploits
3,550 exploits tracked across all sources.
Tenda FH451 1.0.0.9 - Buffer Overflow
A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
by Byte Reaper
CVSS 8.8
TightVNC <2.8.84 - RCE
TightVNC (Server for Windows) before 2.8.84 allows attackers to connect to the control pipe via a network connection.
by Ionut Zevedei
CVSS 9.1
Win32k - Privilege Escalation
Win32k Elevation of Privilege Vulnerability
by Milad karimi
CVSS 7.8
Tp-link Vn020-f3v(t) Firmware - Out-of-Bounds Write
A vulnerability, which was classified as critical, has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected by this issue is some unknown functionality of the component DHCP DISCOVER Packet Parser. The manipulation of the argument hostname leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
by Mohamed Maatallah
CVSS 7.5
Microsoft Windows 10 1507 < 10.0.10240.20857 - Heap Buffer Overflow
Windows Common Log File System Driver Elevation of Privilege Vulnerability
by Milad karimi
CVSS 7.8
Windows Kernel - Privilege Escalation
Windows Kernel Elevation of Privilege Vulnerability
by Milad karimi
CVSS 7.8
OpenSSH - DoS
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
by Milad karimi
CVSS 8.1
Tp-link Vn020 F3v Firmware - Out-of-Bounds Write
A vulnerability, which was classified as critical, was found in TP-Link VN020 F3v(T) TT_V6.2.1021. This affects an unknown part of the component FTP USER Command Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
by Mohamed Maatallah
CVSS 6.3
WinRAR version 6.22 - Remote Code Execution via ZIP archive
by E1 Coders
TPC-110W - Missing Authentication for Critical Function
by Amirhossein Bahramizadeh
Dormakaba Saflok System 6000 - Info Disclosure
Dormakaba Saflok System 6000 contains a predictable key generation algorithm that allows attackers to derive card access keys from a 32-bit unique identifier. Attackers can exploit the deterministic key generation process by calculating valid access keys using a simple mathematical transformation of the card's unique identifier.
by planthopper3301
CVSS 9.8
(shellcode) Linux-x64 - create a shell with execve() sending argument using XOR (/bin//sh) [55 bytes]
by Alexys (0x177git)
Microsoft Windows 10 - TOCTOU Race Condition
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application.
The update addresses the vulnerability by correcting how the Windows Print Spooler Component writes to the file system.
by DarkFunct
WinRAR CVE-2023-38831 Exploit
RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023.
by DarkFunct
Vmware Cloud Foundation < 5.0 - Path Traversal
The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file.
by DarkFunct
Vmware Cloud Foundation - SSRF
Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrative credentials.
by DarkFunct
Windows Error Reporting Service - Privilege Escalation
Windows Error Reporting Service Elevation of Privilege Vulnerability
by DarkFunct
SysInternals Sysmon - Privilege Escalation
SysInternals Sysmon for Windows Elevation of Privilege Vulnerability
by DarkFunct
Windows Backup Service - Privilege Escalation
Windows Backup Service Elevation of Privilege Vulnerability
by DarkFunct
Microsoft Outlook - DoS
Microsoft Outlook Denial of Service Vulnerability
by DarkFunct
Blink1control2 < 2.2.7 - Broken Cryptographic Algorithm
The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of storage.
by DarkFunct
Microsoft Windows 10 - Remote Code Execution
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
by DarkFunct
Ultimate Member <2.5.0 - Authenticated RCE
The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.5.0 via the get_option_value_from_callback function that accepts user supplied input and passes it through call_user_func(). This makes it possible for authenticated attackers, with administrative capabilities, to execute code on the server.
by DarkFunct
By Source