Exploitdb Exploits

4,724 exploits tracked across all sources.

Sort: Activity Stars
CVE-2019-1663 EXPLOITDB CRITICAL python
Cisco Rv110w Firmware < 1.2.2.1 - Out-of-Bounds Write
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected.
by @0x00string
CVSS 9.8
CVE-2019-0708 EXPLOITDB CRITICAL python
CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
by n1xbyte
CVSS 9.8
EIP-2026-115296 EXPLOITDB python
Free SMTP Server 2.5 - Denial of Service (PoC)
by Metin Yunus Kandemir
CVE-2019-25544 EXPLOITDB MEDIUM python
Pidgin 2.13.0 Denial of Service via Malformed Username
Pidgin 2.13.0 contains a denial of service vulnerability that allows local attackers to crash the application by providing an excessively long username string during account creation. Attackers can input a buffer of 1000 characters in the username field and trigger a crash when joining a chat, causing the application to become unavailable.
by Alejandra Sánchez
CVSS 6.2
CVE-2019-25607 EXPLOITDB HIGH python
Axessh 4.2 Local Stack-based Buffer Overflow via Log File Name
Axessh 4.2 contains a stack-based buffer overflow vulnerability in the log file name field that allows local attackers to execute arbitrary code by supplying an excessively long filename. Attackers can overflow the buffer at offset 214 bytes to overwrite the instruction pointer and execute shellcode with system privileges.
by Uday Mittal
CVSS 8.4
CVE-2019-25606 EXPLOITDB MEDIUM python
Fast AVI MPEG Joiner 1.2.0812 Buffer Overflow Denial of Service
Fast AVI MPEG Joiner 1.2.0812 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload in the License Name field. Attackers can create a malicious text file containing 6000 bytes of data and paste it into the License Name input field to trigger a denial of service condition when the Register button is clicked.
by Achilles
CVSS 5.5
EIP-2026-115124 EXPLOITDB python
Cyberoam Transparent Authentication Suite 2.1.2.5 - 'NetBIOS Name' Denial of Service (PoC)
by Victor Mondragón
EIP-2026-115123 EXPLOITDB python
Cyberoam Transparent Authentication Suite 2.1.2.5 - 'NetBIOS Name' Denial of Service (PoC)
by Victor Mondragón
EIP-2026-115122 EXPLOITDB python
Cyberoam Transparent Authentication Suite 2.1.2.5 - 'Fully Qualified Domain Name' Denial of Service (PoC)
by Victor Mondragón
EIP-2026-115121 EXPLOITDB python
Cyberoam Transparent Authentication Suite 2.1.2.5 - 'Fully Qualified Domain Name' Denial of Service (PoC)
by Victor Mondragón
EIP-2026-115120 EXPLOITDB python
Cyberoam SSLVPN Client 1.3.1.30 - 'HTTP Proxy' Denial of Service (PoC)
by Victor Mondragón
EIP-2026-115119 EXPLOITDB python
Cyberoam SSLVPN Client 1.3.1.30 - 'HTTP Proxy' Denial of Service (PoC)
by Victor Mondragón
EIP-2026-115118 EXPLOITDB python
Cyberoam SSLVPN Client 1.3.1.30 - 'Connect To Server' Denial of Service (PoC)
by Victor Mondragón
EIP-2026-115117 EXPLOITDB python
Cyberoam SSLVPN Client 1.3.1.30 - 'Connect To Server' Denial of Service (PoC)
by Victor Mondragón
EIP-2026-115116 EXPLOITDB python
Cyberoam General Authentication Client 2.1.2.7 - 'Server Address' Denial of Service (PoC)
by Victor Mondragón
EIP-2026-115115 EXPLOITDB python
Cyberoam General Authentication Client 2.1.2.7 - 'Server Address' Denial of Service (PoC)
by Victor Mondragón
CVE-2019-25547 EXPLOITDB MEDIUM python
NetAware 1.20 Denial of Service via Add Block Buffer Overflow
NetAware 1.20 contains a buffer overflow vulnerability in the User Blocking feature that allows local attackers to crash the application by supplying oversized input. Attackers can paste a malicious buffer of 512 bytes into the 'Add a website or keyword to be filtered' field and trigger a crash when removing the created block.
by Alejandra Sánchez
CVSS 6.2
CVE-2019-25546 EXPLOITDB MEDIUM python
NetAware 1.20 Share Name Denial of Service
NetAware 1.20 contains a buffer overflow vulnerability in the Share Name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a denial of service by pasting a 1000-byte buffer into the Share Name parameter when adding a new share through the Manage Shares interface.
by Alejandra Sánchez
CVSS 6.2
CVE-2019-25545 EXPLOITDB MEDIUM python
Terminal Services Manager 3.2.1 Local Buffer Overflow Denial of Service
Terminal Services Manager 3.2.1 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string in the computer name field. Attackers can input a 5000-byte buffer of data into the 'Computer name or IP address' field during computer addition, causing a denial of service when the server entry is accessed.
by Alejandra Sánchez
CVSS 6.2
CVE-2019-25548 EXPLOITDB MEDIUM python
BlueStacks 4.80.0.1060 Denial of Service via Search Field
BlueStacks 4.80.0.1060 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to the search field. Attackers can paste a buffer of 100,000 'A' characters into the search field and trigger a search operation to cause the application to crash.
by Alejandra Sánchez
CVSS 6.2
EIP-2026-116381 EXPLOITDB python
TapinRadio 2.11.6 - 'Uername' Denial of Service (PoC)
by Victor Mondragón
EIP-2026-116380 EXPLOITDB python
TapinRadio 2.11.6 - 'Address' Denial of Service (PoC)
by Victor Mondragón
CVE-2019-25586 EXPLOITDB MEDIUM python
Deluge 1.3.15 Denial of Service via URL Field
Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the URL field. Attackers can paste a buffer of 5000 characters into the 'From URL' field during torrent addition to trigger an application crash.
by Victor Mondragón
CVSS 6.2
CVE-2019-25585 EXPLOITDB MEDIUM python
Deluge 1.3.15 Denial of Service via Webseeds Field
Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Webseeds field. Attackers can paste a buffer of 5000 bytes into the Webseeds field during torrent creation to trigger an application crash.
by Victor Mondragón
CVSS 6.2
CVE-2019-9881 EXPLOITDB MEDIUM python
WPGraphQL 0.2.3 - XSS
The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress allows unauthenticated users to post comments on any article, even when 'allow comment' is disabled.
by Simone Quatrini
CVSS 5.3
By Source
All 4,724 Exploitdb 50,121 Writeup 46,832 Nomisec 21,205 Metasploit 3,189 Github 2,268 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,746 c 3,550 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 73 go 41 postscript 25 xml 24