Exploitdb Exploits
4,733 exploits tracked across all sources.
FileZilla 3.11.0.2 SFTP Module - Denial of Service
by 3unnym00n
libmimedir - RCE
libmimedir allows remote attackers to execute arbitrary code via a VCF file with two NULL bytes at the end of the file, related to "free" function calls in the "lexer's memory clean-up procedure."
by Jeremy Brown
GeoVision (GeoHttpServer) Webcams - Remote File Disclosure
by Viktor Minin
Jildi FTP Client 1.5.6 - Local Buffer Overflow (SEH)
by Zahid Adeel
Seagate Central 2014.0410.0026-F - Remote Facebook Access Token
by Jeremy Brown
Seagate Central 2014.0410.0026-F - Remote Command Execution
by Jeremy Brown
WebDrive 12.2 (Build #4172) - Remote Buffer Overflow
by metacom
IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution
by Naser Farhadi
Apache Jackrabbit < 2.0.5 - Improper Input Validation
XML external entity (XXE) vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request.
by Mikhail Egorov
FTP Media Server 3.0 - Authentication Bypass / Denial of Service
by Wh1t3Rh1n0 (Michael Allen)
Phoenix Contact ProConOs & MultiProg - RCE
Phoenix Contact ProConOs and MultiProg do not require authentication, which allows remote attackers to execute arbitrary commands via protocol-compliant traffic.
by Photubias
Microsoft Windows - Privilege Escalation
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, as exploited in the wild in October 2014, aka "Win32k.sys Elevation of Privilege Vulnerability."
by ryujin
CVSS 7.8
BulletProof FTP Client <2.63 - Buffer Overflow
Stack-based buffer overflow in BulletProof FTP Client 2.63 and 2010 allows user-assisted attackers to execute arbitrary code via a bookmark file entry with a long host name, which appears as a host parameter within the quick-connect bar.
by Gabor Seljan
Elasticsearch <1.4.5, <1.5.2 - Path Traversal
Directory traversal vulnerability in Elasticsearch before 1.4.5 and 1.5.x before 1.5.2, when a site plugin is enabled, allows remote attackers to read arbitrary files via unspecified vectors.
by pandujar
VideoCharge Vanilla 3.16.4.06 - Local Buffer Overflow
by evil_comrade
VideoCharge Professional + Express Vanilla 3.18.4.04 - Local Buffer Overflow
by evil_comrade
By Source