Exploitdb Exploits
4,759 exploits tracked across all sources.
Endian Firewall < 2.5.1 - Remote Command Execution via Password Change Parameters
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi.
by Ben Lincoln
KMPlayer 3.9.1.136 - Capture Unicode Buffer Overflow (ASLR Bypass)
by Naser Farhadi
WinylPlayer 3.0.3 - Memory Corruption (PoC)
by Rajganesh Pandurangan
HansoPlayer 3.4.0 - Memory Corruption (PoC)
by Rajganesh Pandurangan
FileZilla 3.11.0.2 SFTP Module - Denial of Service
by 3unnym00n
libmimedir - Remote Code Execution via Malformed VCF File
libmimedir allows remote attackers to execute arbitrary code via a VCF file with two NULL bytes at the end of the file, related to "free" function calls in the "lexer's memory clean-up procedure."
by Jeremy Brown
GeoVision (GeoHttpServer) Webcams - Remote File Disclosure
by Viktor Minin
Jildi FTP Client 1.5.6 - Local Buffer Overflow (SEH)
by Zahid Adeel
Seagate Central 2014.0410.0026-F - Remote Facebook Access Token
by Jeremy Brown
Seagate Central 2014.0410.0026-F - Remote Command Execution
by Jeremy Brown
WebDrive 12.2 (Build #4172) - Remote Buffer Overflow
by metacom
IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution
by Naser Farhadi
Apache Jackrabbit XML External Entity Injection via WebDAV Request
XML external entity (XXE) vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request.
by Mikhail Egorov
FTP Media Server 3.0 - Authentication Bypass / Denial of Service
by Wh1t3Rh1n0 (Michael Allen)
Phoenix Contact ProConOs & MultiProg - RCE
Phoenix Contact ProConOs and MultiProg do not require authentication, which allows remote attackers to execute arbitrary commands via protocol-compliant traffic.
by Photubias
Microsoft Windows - Privilege Escalation
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, as exploited in the wild in October 2014, aka "Win32k.sys Elevation of Privilege Vulnerability."
by ryujin
CVSS 7.8
By Source