Exploitdb Exploits
4,759 exploits tracked across all sources.
Disk Sorter Enterprise <9.5.12 - RCE
A buffer overflow vulnerability in Disk Sorter Enterprise 9.5.12 and earlier allows remote attackers to execute arbitrary code via a GET request.
by Daniel Teixeira
CVSS 9.8
D-Link Websmart DGS-1510 Series Firmware < 1.31.b001 - Unauthenticated Information Disclosure
D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, DGS-1510-28P, DGS-1510-28, and DGS-1510-20 Websmart devices with firmware before 1.31.B003 allow attackers to conduct Unauthenticated Information Disclosure attacks via unspecified vectors.
by Varang Amin
CVSS 7.5
FTPShell Server 6.56 - 'ChangePassword' Buffer Overflow
by ScrR1pTK1dd13
FTPShell Client 6.53 - 'Session name' Local Buffer Overflow
by ScrR1pTK1dd13
Cisco IKE Information Disclosure
The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN.
by nixawk
CVSS 7.5
Commvault Edge < 11 SP7 or 11 SP6 < Hotfix 590 - Stack-Based Buffer Overflow
Commvault Edge Communication Service (cvd) prior to version 11 SP7 or version 11 SP6 with hotfix 590 is prone to a stack-based buffer overflow vulnerability that could lead to arbitrary code execution with administrative privileges.
by redr2e
CVSS 9.8
membership-simplified-for-oap-members-only < 1.58 - Unauthenticated Arbitrary File Upload via download.php
Vulnerability in wordpress plugin membership-simplified-for-oap-members-only v1.58, The file download code located membership-simplified-for-oap-members-only/download.php does not check whether a user is logged in and has download privileges.
by The Martian
CVSS 9.8
Cobbler 2.8.0 - (Authenticated) Remote Code Execution
by Dolev Farhi
Cerberus FTP Server 8.0.10.1 - Denial of Service via Long Host Header
In Cerberus FTP Server 8.0.10.1, a crafted HTTP request causes the Windows service to crash. The attack methodology involves a long Host header and an invalid Content-Length header.
by Peter Baris
CVSS 7.5
Ether Software Easy MOV Converter 1.4.24 - Buffer Overflow via Long Username
Buffer overflow in Ether Software Easy MOV Converter 1.4.24, Easy DVD Creator, Easy MPEG/AVI/DIVX/WMV/RM to DVD, Easy Avi/Divx/Xvid to DVD Burner, Easy MPEG to DVD Burner, Easy WMV/ASF/ASX to DVD Burner, Easy RM RMVB to DVD Burner, Easy CD DVD Copy, MP3/AVI/MPEG/WMV/RM to Audio CD Burner, MP3/WAV/OGG/WMA/AC3 to CD Burner, MP3 WAV to CD Burner, My Video Converter, Easy AVI DivX Converter, Easy Video to iPod Converter, Easy Video to PSP Converter, Easy Video to 3GP Converter, Easy Video to MP4 Converter, and Easy Video to iPod/MP4/PSP/3GP Converter allows local attackers to cause a denial of service (SEH overwrite) or possibly have unspecified other impact via a long username.
by Muhann4d
CVSS 7.8
Sagemcom Livebox 3 SG30_sip-fr-5.15.8.1 - Denial of Service via IPv6 Routing Table Exhaustion
Livebox 3 Sagemcom SG30_sip-fr-5.15.8.1 devices have an insufficiently large default value for the maximum IPv6 routing table size: it can be filled within minutes. An attacker can exploit this issue to render the affected system unresponsive, resulting in a denial-of-service condition for telephone, Internet, and TV services.
by Quentin Olagne
CVSS 7.5
EvoStream Media Server 1.7.1 - Buffer Overflow via Malicious HTTP Header
A Buffer Overflow was discovered in EvoStream Media Server 1.7.1. A crafted HTTP request with a malicious header will cause a crash. An example attack methodology may include a long message-body in a GET request.
by Peter Baris
CVSS 7.5
Azure Data Expert Ultimate 2.2.16 - Remote Code Execution via SMTP 220 String Buffer Overflow
In Azure Data Expert Ultimate 2.2.16, the SMTP verification function suffers from a buffer overflow vulnerability, leading to remote code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string.
by Peter Baris
CVSS 9.8
Apache Struts 2.3.x < 2.3.32 and 2.5.x < 2.5.10.1 - Remote Code Execution via Jakarta Multipart Parser
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
by Vex Woo
CVSS 9.8
FTPShell Client 6.53 - Remote Code Execution via PWD Response Buffer Overflow
Remote Code Execution was discovered in FTPShell Client 6.53. By default, the client sends a PWD command to the FTP server it is connecting to; however, it doesn't check the response's length, leading to a buffer overflow situation.
by Peter Baris
CVSS 9.8
Wordpress Plugin Mobile App Native 3.0 - Remote File Upload
Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0.
by The Martian
CVSS 7.5
WordPress Plugin Webapp-Builder v2.0 - Info Disclosure
Vulnerability in wordpress plugin webapp-builder v2.0, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com/
by The Martian
CVSS 9.8
WordPress Plugin Mobile-App-Build By Wappress <1.05 - Info Disclosure
Vulnerability in wordpress plugin mobile-app-builder-by-wappress v1.05, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
by The Martian
CVSS 9.8
mobile-friendly-app-builder-by-easytouch 3.0 - Unauthenticated Arbitrary File Upload via images.php
Vulnerability in wordpress plugin mobile-friendly-app-builder-by-easytouch v3.0, The code in file ./mobile-friendly-app-builder-by-easytouch/server/images.php doesn't require authentication or check that the user is allowed to upload content.
by The Martian
CVSS 9.8
wp2android-turn-wp-site-into-android-app 1.1.4 - Unrestricted Upload of File with Dangerous Type
Vulnerability in wordpress plugin wp2android-turn-wp-site-into-android-app v1.1.4, The plugin includes unlicensed vulnerable CMS software from http://www.invedion.com.
by The Martian
CVSS 9.8
Schneider Electric Conext ComBox 865-1058 Firmware < 3.03 - Denial of Service via Rapid Requests
An issue was discovered in Schneider Electric Conext ComBox, model 865-1058, all firmware versions prior to V3.03 BN 830. A series of rapid requests to the device may cause it to reboot.
by Mark Liapustin & Arik Kublanov
CVSS 7.5
SysGauge 1.5.18 - Buffer Overflow via SMTP Service Ready String
An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string.
by Peter Baris
CVSS 9.8
Synchronet BBS 3.16c - Denial of Service via HTTP Referer Header
Synchronet BBS 3.16c for Windows allows remote attackers to cause a denial of service (service crash) via a long string in the HTTP Referer header.
by Peter Baris
CVSS 7.5
By Source