Exploitdb Exploits

4,733 exploits tracked across all sources.

Sort: Activity Stars
CVE-2012-2619 EXPLOITDB python
BCM4325/9 - DoS
The Broadcom BCM4325 and BCM4329 Wi-Fi chips, as used in certain Acer, Apple, Asus, Ford, HTC, Kyocera, LG, Malata, Motorola, Nokia, Pantech, Samsung, and Sony products, allow remote attackers to cause a denial of service (out-of-bounds read and Wi-Fi outage) via an RSN 802.11i information element.
by CoreLabs
CVE-2012-4960 EXPLOITDB python VERIFIED
Huawei Various - Path Traversal
The Huawei NE5000E, MA5200G, NE40E, NE80E, ATN, NE40, NE80, NE20E-X6, NE20, ME60, CX600, CX200, CX300, ACU, WLAN AC 6605, S9300, S7700, S2300, S3300, S5300, S3300HI, S5300HI, S5306, S6300, S2700, S3700, S5700, S6700, AR G3, H3C AR(OEM IN), AR 19, AR 29, AR 49, Eudemon100E, Eudemon200, Eudemon300, Eudemon500, Eudemon1000, Eudemon1000E-U/USG5300, Eudemon1000E-X/USG5500, Eudemon8080E/USG9300, Eudemon8160E/USG9300, Eudemon8000E-X/USG9500, E200E-C/USG2200, E200E-X3/USG2200, E200E-X5/USG2200, E200E-X7/USG2200, E200E-C/USG5100, E200E-X3/USG5100, E200E-X5/USG5100, E200E-X7/USG5100, E200E-B/USG2100, E200E-X1/USG2100, E200E-X2/USG2100, SVN5300, SVN2000, SVN5000, SVN3000, NIP100, NIP200, NIP1000, NIP2100, NIP2200, and NIP5100 use the DES algorithm for stored passwords, which makes it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack.
by Roberto Paleari
EIP-2026-118208 EXPLOITDB python VERIFIED
Zoner Photo Studio 15 Build 3 - 'Zps.exe' Registry Value Parsing
by Julien Ahrens
EIP-2026-116245 EXPLOITDB python VERIFIED
Smadav Anti Virus 9.1 - Crash (PoC)
by Mada R Perdhana
EIP-2026-113024 EXPLOITDB python VERIFIED
vBulletin vBay 1.1.9 - Error-Based SQL Injection
by Dan UK
EIP-2026-118319 EXPLOITDB python
BigAnt Server 2.52 SP5 - Remote Stack Overflow ROP-Based (SEH) (ASLR + DEP Bypass)
by Lorenzo Cantoni
CVE-2012-5106 EXPLOITDB python VERIFIED
FreeFloat FTP Server 1.0 - Buffer Overflow
Stack-based buffer overflow in FreeFloat FTP Server 1.0 allows remote authenticated users to execute arbitrary code via a long string in a PUT command.
by Jacob Holcomb
EIP-2026-104327 EXPLOITDB python VERIFIED
ManageEngine Security Manager Plus 5.5 build 5505 - Directory Traversal
by xistence
EIP-2026-103978 EXPLOITDB python VERIFIED
ManageEngine Security Manager Plus 5.5 build 5505 - Remote Root/SYSTEM SQL Injection
by xistence
CVE-2012-4751 EXPLOITDB python VERIFIED
OTRS Help Desk <2.4.15, <3.0.17, <3.1.11 - XSS
Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) Help Desk 2.4.x before 2.4.15, 3.0.x before 3.0.17, and 3.1.x before 3.1.11 allows remote attackers to inject arbitrary web script or HTML via an e-mail message body with whitespace before a javascript: URL in the SRC attribute of an element, as demonstrated by an IFRAME element.
by Mike Eduard
CVE-2012-3137 EXPLOITDB python
Oracle Database Server - Info Disclosure
The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and makes it easier to conduct brute force password guessing attacks, aka "stealth password cracking vulnerability."
by Esteban Martinez Fayo
EIP-2026-116121 EXPLOITDB python VERIFIED
QQPlayer 3.7.892 - m2p 'quartz.dll' Heap Pointer Overwrite (PoC)
by James Ritchey
EIP-2026-115343 EXPLOITDB python VERIFIED
Gom Player 2.1.44.5123 - 'UNICODE' Null Pointer Dereference
by wh1ant
EIP-2026-117670 EXPLOITDB python
NCMedia Sound Editor Pro 7.5.1 - Local Overflow (SEH + DEP Bypass)
by b33f
EIP-2026-114306 EXPLOITDB python
WordPress Theme Archin 3.2 - Configuration Access
by bwall
EIP-2026-102969 EXPLOITDB python VERIFIED
Reaver Pro - Local Privilege Escalation
by infodox
CVE-2012-2998 EXPLOITDB python VERIFIED
Trend Micro Control Manager <5.5.0.1823, <6.0.0.1449 - SQL Injection
SQL injection vulnerability in the ad hoc query module in Trend Micro Control Manager (TMCM) before 5.5.0.1823 and 6.0 before 6.0.0.1449 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
by otoy
EIP-2026-103208 EXPLOITDB python VERIFIED
QNX 6.5.0 / QCONN 1.4.207944 - Remote Command Execution
by Mor!p3r
EIP-2026-116203 EXPLOITDB python VERIFIED
SafeNet Sentinel Keys Server - Crash (PoC)
by retset
EIP-2026-103214 EXPLOITDB python VERIFIED
Samba 3.5.11/3.6.3 - Remote Code Execution
by kb
EIP-2026-102047 EXPLOITDB python
Thomson Wireless VoIP Cable Modem - Authentication Bypass
by Glafkos Charalambous
EIP-2026-117669 EXPLOITDB python VERIFIED
NCMedia Sound Editor Pro 7.5.1 - 'MRUList201202.dat' File Handling Buffer Overflow
by Julien Ahrens
EIP-2026-101455 EXPLOITDB python
Sitecom MD-25x - Multiple Vulnerabilities
by Mattijs van Ommeren
CVE-2012-4415 EXPLOITDB python VERIFIED
Fedora < 0.6.2 - Memory Corruption
Stack-based buffer overflow in the guac_client_plugin_open function in libguac in Guacamole before 0.6.3 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long protocol name.
by Michael Jumper
CVE-2012-4751 EXPLOITDB python
OTRS Help Desk <2.4.15, <3.0.17, <3.1.11 - XSS
Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) Help Desk 2.4.x before 2.4.15, 3.0.x before 3.0.17, and 3.1.x before 3.1.11 allows remote attackers to inject arbitrary web script or HTML via an e-mail message body with whitespace before a javascript: URL in the SRC attribute of an element, as demonstrated by an IFRAME element.
by Mike Eduard
By Source
All 4,733 Writeup 50,618 Exploitdb 50,135 Nomisec 21,376 Metasploit 3,228 Github 2,576 Vulncheck_xdb 901 Inthewild 518 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,346 ruby 5,959 python 5,914 c 3,576 perl 2,854 html 2,056 php 1,334 bash 459 java 362 javascript 260 c++ 250 shell 95 go 52 postscript 25 xml 24