Exploitdb Exploits
4,733 exploits tracked across all sources.
Intel Security VSEL <2.0.3 - Info Disclosure
SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter.
by Andrew Fasano
CVSS 6.2
Apache HTTP Server 2.4.17-2.4.23 - DoS
The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service (memory consumption) via crafted CONTINUATION frames in an HTTP/2 request.
by Jungun Baek
CVSS 7.5
Openssl - Improper Access Control
In OpenSSL 1.1.0 before 1.1.0c, TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS attack by corrupting larger payloads. This can result in an OpenSSL crash. This issue is not considered to be exploitable beyond a DoS.
by Silverfox
CVSS 7.5
10-Strike Network File Search Pro 2.3 - Local Buffer Overflow (SEH)
by malwrforensics
Splunk Enterprise 6.4.3 - Server-Side Request Forgery
by Security-Assessment.com
OpenSSH <7.3 - DoS
The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.
by SecPod Research
CVSS 7.5
Microsoft Windows 10 (x86/x64) - WLAN AutoConfig Denial of Service (PoC)
by Jeremy Brown
DiskBoss Enterprise <8.2.14 - Buffer Overflow
A stack-based buffer overflow vulnerability exists in the built-in web interface of DiskBoss Enterprise versions 7.4.28, 7.5.12, and 8.2.14. The vulnerability arises from improper bounds checking on the path component of HTTP GET requests. By sending a specially crafted long URI, a remote unauthenticated attacker can trigger a buffer overflow, potentially leading to arbitrary code execution with SYSTEM privileges on vulnerable Windows hosts.
by vportal
Dup Scout Enterprise 9.1.14 - Remote Buffer Overflow (SEH)
by vportal
Alcatel-lucent Omnivista 8770 Network... - Authentication Bypass
Alcatel-Lucent OmniVista 8770 2.0 through 3.0 exposes different ORBs interfaces, which can be queried using the GIOP protocol on TCP port 30024. An attacker can bypass authentication, and OmniVista invokes methods (AddJobSet, AddJob, and ExecuteNow) that can be used to run arbitrary commands on the server, with the privilege of NT AUTHORITY\SYSTEM on the server. NOTE: The discoverer states "The vendor position is to refer to the technical guidelines of the product security deployment to mitigate this issue, which means applying proper firewall rules to prevent unauthorised clients to connect to the OmniVista server."
by malerisch
CVSS 9.8
BlackStratus LOGStorm 4.5.1.35/4.5.1.96 - Remote Code Execution
by Jeremy Brown
Disk Savvy Enterprise 9.1.14 - 'GET' Remote Buffer Overflow
by vportal
VX Search Enterprise 9.1.12 - 'Login' Remote Buffer Overflow
by Tulpa
Sync Breeze Enterprise 9.1.16 - 'Login' Remote Buffer Overflow
by Tulpa
Dup Scout Enterprise 9.1.14 - 'Login' Remote Buffer Overflow
by Tulpa
Disk Sorter Enterprise 9.1.12 - 'Login' Remote Buffer Overflow
by Tulpa
Disk Savvy Enterprise 9.1.14 - 'Login' Remote Buffer Overflow
by Tulpa
Disk Pulse Enterprise 9.1.16 - 'Login' Remote Buffer Overflow
by Tulpa
NTP <4.2.8p4-4.3.77 - DoS
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
by Magnus Klaaborg Stubman
CVSS 6.5
Core FTP LE 2.2 - 'SSH/SFTP' Remote Buffer Overflow (PoC)
by hyp3rlinx
By Source