Exploitdb Exploits
4,724 exploits tracked across all sources.
Podman Varlink 1.5.1 - Remote Privilege Escalation
A vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. This affects an unknown part of the component API. The manipulation leads to Remote Privilege Escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-143949 was assigned to this vulnerability.
by Jeremy Brown
CVSS 6.3
Sudo <1.8.28 - Privilege Escalation
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.
by Mohin Paramasivam
CVSS 8.8
SpotAuditor 5.3.1.0 - DoS
SpotAuditor 5.3.1.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting excessive data in the registration name field. Attackers can enter a large string of characters (5000 bytes or more) in the name field during registration to trigger an unhandled exception that crashes the application.
by Sanjana shetty
CVSS 7.5
ajenti <2.1.31 - Privilege Escalation
A vulnerability has been found in ajenti 2.1.31 and classified as critical. This vulnerability affects unknown code of the component API. The manipulation leads to privilege escalation. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.1.32 is able to address this issue. The name of the patch is 7aa146b724e0e20cfee2c71ca78fafbf53a8767c. It is recommended to upgrade the affected component.
by Jeremy Brown
CVSS 6.3
ActiveFax Server 6.92 Build 0316 - 'POP3 Server' Denial of Service
by stresser
TP-Link TL-WR1043ND V2 - Auth Bypass
An issue was discovered on TP-Link TL-WR1043ND V2 devices. An attacker can send a cookie in an HTTP authentication packet to the router management web interface, and fully control the router without knowledge of the credentials.
by Uriel Kosayev
CVSS 9.8
Foscam VMS 1.1.6.6 - Buffer Overflow
Foscam Video Management System 1.1.6.6 contains a buffer overflow vulnerability in the UID field that allows local attackers to crash the application by supplying an excessively long string. Attackers can input a 5000-character buffer into the UID parameter during device addition to trigger an application crash when the Login Check function is invoked.
by Alessandro Magnosi
CVSS 6.2
Sricam DeviceViewer 3.12.0.1 - Auth Bypass
Sricam DeviceViewer 3.12.0.1 contains a password change security bypass vulnerability that allows authenticated users to change passwords without proper validation of the old password field. Attackers can inject a large payload into the old password parameter during the change password process to bypass validation and set an arbitrary new password.
by Alessandro Magnosi
CVSS 6.5
Sricam DeviceViewer 3.12.0.1 - Buffer Overflow
Sricam DeviceViewer 3.12.0.1 contains a local buffer overflow vulnerability in the user management add user function that allows authenticated attackers to execute arbitrary code by bypassing data execution prevention. Attackers can inject a malicious payload through the Username field in User Management to trigger a stack-based buffer overflow and execute commands via ROP chain gadgets.
by Alessandro Magnosi
CVSS 7.8
Sricam IP CCTV Camera - Memory Corruption
A vulnerability was found in Sricam IP CCTV Camera and classified as critical. This issue affects some unknown processing of the component Device Viewer. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
by Alessandro Magnosi
CVSS 5.3
ASX to MP3 converter 3.1.3.7 - '.asx' Local Stack Overflow (DEP)
by max7253
freeFTP 1.0.8 - 'PASS' Remote Buffer Overflow
by Chet Manly
Joomla! 3.4.6 - 'configuration.php' Remote Code Execution
by Alessandro Groppo
Anchor < 0.12.7 - Information Disclosure
An issue was discovered in config/error.php in Anchor 0.12.3. The error log is exposed at an errors.log URI, and contains MySQL credentials if a MySQL error (such as "Too many connections") has occurred.
by Tijme Gommers
CVSS 9.8
Linuxmint Mintinstall - Insecure Deserialization
mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code execution if a REVIEWS_CACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports.
by İbrahim Hakan Şeker
CVSS 7.8
DameWare Remote Support 12.1.0.34 - Buffer Overflow (SEH)
by Xavi Beltran
DameWare Remote Support 12.1.0.34 - Buffer Overflow (SEH)
by Xavi Beltran
Dnnsoftware Dotnetnuke < 9.4.0 - XSS
Stored Cross-Site Scripting in DotNetNuke (DNN) Version before 9.4.0 allows remote attackers to store and embed the malicious script into the admin notification page. The exploit could be used to perfom any action with admin privileges such as managing content, adding users, uploading backdoors to the server, etc. Successful exploitation occurs when an admin user visits a notification page with stored cross-site scripting.
by MaYaSeVeN
CVSS 6.1
phpIPAM 1.4 - SQL Injection
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used.
by Kevin Kirsche
CVSS 9.8
Cisco Sf-220-24 Firmware < 1.1.4.4 - Improper Input Validation
A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious request to certain parts of the web management interface. To send the malicious request, the attacker needs a valid login session in the web management interface as a privilege level 15 user. Depending on the configuration of the affected switch, the malicious request must be sent via HTTP or HTTPS. A successful exploit could allow the attacker to execute arbitrary shell commands with the privileges of the root user.
by bashis
CVSS 7.2
Easy File Sharing Web Server 7.2 - Buffer Overflow
Easy File Sharing Web Server 7.2 contains a local structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by creating a malicious username. Attackers can craft a username with a payload containing 4059 bytes of padding followed by a nseh value and seh pointer to trigger the overflow when adding a new user account.
by x00pwn
CVSS 8.4
File Sharing Wizard 1.5.0 - Buffer Overflow
File Sharing Wizard 1.5.0 allows a remote attacker to obtain arbitrary code execution by exploiting a Structured Exception Handler (SEH) based buffer overflow in an HTTP POST parameter, a similar issue to CVE-2010-2330 and CVE-2010-2331.
by x00pwn
CVSS 9.8
DeviceViewer 3.12.0.1 - 'creating user' Denial of Service
by x00pwn
By Source