Exploitdb Exploits

4,724 exploits tracked across all sources.

Sort: Activity Stars
CVE-2019-25686 EXPLOITDB HIGH python
Core FTP 2.0 build 653 PBSZ Unauthenticated Denial of Service
Core FTP 2.0 build 653 contains a denial of service vulnerability in the PBSZ command that allows unauthenticated attackers to crash the service by sending a malformed command with an oversized buffer. Attackers can send a PBSZ command with a payload exceeding 211 bytes to trigger an access violation and crash the FTP server process.
by Hodorsec
CVSS 7.5
EIP-2026-117686 EXPLOITDB python
NetSetMan 4.7.1 - Local Buffer Overflow (SEH Unicode)
by Devin Casadey
CVE-2018-11686 EXPLOITDB CRITICAL python
Flowpaper Flexpaper < 2.3.6 - Improper Input Validation
The Publish Service in FlexPaper (later renamed FlowPaper) 2.3.6 allows remote code execution via setup.php and change_config.php.
by redtimmysec
CVSS 9.8
EIP-2026-119512 EXPLOITDB python
Anyburn 4.3 x86 - 'Copy disc to image file' Buffer Overflow (Unicode) (SEH)
by Hodorsec
EIP-2026-119438 EXPLOITDB python
Splunk Enterprise 7.2.4 - Custom App Remote Command Execution (Persistent Backdoor / Custom Binary)
by Matteo Malvica
CVE-2019-7751 EXPLOITDB HIGH python
Ricoh MarcomCentral - Path Traversal
A directory traversal and local file inclusion vulnerability in FPProducerInternetServer.exe in Ricoh MarcomCentral, formerly PTI Marketing, FusionPro VDP before 10.0 allows a remote attacker to list or enumerate sensitive contents of files. Furthermore, this could allow for privilege escalation by dumping the local machine's SAM and SYSTEM database files, and possibly remote code execution.
by 0v3rride
CVSS 7.5
CVE-2019-9194 EXPLOITDB CRITICAL python VERIFIED
Std42 Elfinder < 2.1.48 - OS Command Injection
elFinder before 2.1.48 has a command injection vulnerability in the PHP connector.
by q3rv0
CVSS 9.8
CVE-2019-25566 EXPLOITDB MEDIUM python
TransMac 12.3 Denial of Service via Volume Name Field
TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during disk image creation, and trigger an application crash.
by Alejandra Sánchez
CVSS 6.2
CVE-2019-3921 EXPLOITDB HIGH python
Nokia I-240w-q Gpon Ont Firmware - Out-of-Bounds Write
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated attacker to /GponForm/usb_Form?script/. An attacker can leverage this vulnerability to potentially execute arbitrary code.
by Artem Metla
CVSS 8.8
CVE-2019-9600 EXPLOITDB HIGH python
Olive Tree FTP Server <1.32 - DoS
The Olive Tree FTP Server (aka com.theolivetree.ftpserver) application through 1.32 for Android allows remote attackers to cause a denial of service via a client that makes many connection attempts and drops certain packets.
by s4vitar
CVSS 7.5
CVE-2019-25681 EXPLOITDB HIGH python
Xlight FTP Server 3.9.1 SEH Overwrite Buffer Overflow
Xlight FTP Server 3.9.1 contains a structured exception handler (SEH) overwrite vulnerability that allows local attackers to crash the application and overwrite SEH pointers by supplying a crafted buffer string. Attackers can inject a 428-byte payload through the program execution field in virtual server configuration to trigger a buffer overflow that corrupts the SEH chain and enables potential code execution.
by Logan Whitmire
CVSS 8.4
CVE-2018-1999002 EXPLOITDB HIGH python
Jenkins <2.132, <2.121.1 - Info Disclosure
A arbitrary file read vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework's org/kohsuke/stapler/Stapler.java that allows attackers to send crafted HTTP requests returning the contents of any file on the Jenkins master file system that the Jenkins master has access to.
by wetw0rk
CVSS 7.5
CVE-2019-6340 EXPLOITDB HIGH python
Drupal < 8.5.11 - Insecure Deserialization
Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.)
by leonjza
CVSS 8.1
CVE-2019-1003000 EXPLOITDB HIGH python
Script Security Plugin <1.49 - RCE
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM.
by wetw0rk
CVSS 8.8
CVE-2018-20250 EXPLOITDB HIGH python VERIFIED
WinRAR <5.61 - Path Traversal
In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.
by WyAtu
CVSS 7.8
CVE-2019-25679 EXPLOITDB HIGH python
RealTerm Serial Terminal 2.0.0.70 Buffer Overflow SEH
RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling (SEH) buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain and shellcode that triggers code execution when pasted into the Port field and the Change button is clicked.
by Matteo Malvica
CVSS 7.8
CVE-2019-25567 EXPLOITDB MEDIUM python
Valentina Studio 9.0.5 Linux Buffer Overflow via Host Field
Valentina Studio 9.0.5 Linux contains a buffer overflow vulnerability in the Host field of the connection dialog that allows local attackers to crash the application by supplying an oversized input string. Attackers can trigger the vulnerability by pasting a crafted buffer exceeding 264 bytes into the Host field during server connection attempts, causing a denial of service.
by Alejandra Sánchez
CVSS 6.2
EIP-2026-116495 EXPLOITDB python
Virtual VCR Max .0a - '.vcr' Buffer Overflow (PoC)
by Wade Guest
CVE-2019-9833 EXPLOITDB HIGH python
Screen Stream <3.0.15 - DoS
The Screen Stream application through 3.0.15 for Android allows remote attackers to cause a denial of service via many simultaneous /start-stop requests.
by s4vitar
CVSS 7.5
CVE-2018-25226 EXPLOITDB MEDIUM python
FTPShell Server 6.83 Denial of Service via Account Name
FTPShell Server 6.83 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the account name field. Attackers can trigger a denial of service by pasting a 417-byte payload into the 'Account name to ban' parameter within the Manage FTP Accounts interface.
by Victor Mondragón
CVSS 6.2
CVE-2018-25229 EXPLOITDB MEDIUM python
BulletProof FTP Server 2019.0.0.50 Denial of Service via SMTP
BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the SMTP configuration interface that allows local attackers to crash the application by supplying an oversized string. Attackers can input a buffer of 257 'A' characters in the SMTP Server field and trigger a crash by clicking the Test button.
by Victor Mondragón
CVSS 5.5
CVE-2018-25228 EXPLOITDB MEDIUM python
NetSetMan 4.7.1 Workgroup Buffer Overflow Denial of Service
NetSetMan 4.7.1 contains a buffer overflow vulnerability in the Workgroup feature that allows local attackers to crash the application by supplying oversized input. Attackers can create a malicious configuration file with excessive data and paste it into the Workgroup field to trigger a denial of service condition.
by Victor Mondragón
CVSS 6.2
CVE-2018-25227 EXPLOITDB MEDIUM python
Valentina Studio 9.0.4 Denial of Service via Host Parameter
Valentina Studio 9.0.4 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Host field. Attackers can trigger the crash by pasting a 256-byte buffer of repeated characters into the Host parameter during server connection attempts.
by Victor Mondragón
CVSS 6.2
CVE-2019-25570 EXPLOITDB MEDIUM python
RealTerm Serial Terminal 2.0.0.70 Denial of Service via Port Field
RealTerm Serial Terminal 2.0.0.70 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Port field. Attackers can paste a buffer of 1000 characters into the Port input field and click the open button to trigger a crash.
by Alejandra Sánchez
CVSS 5.5
CVE-2019-25569 EXPLOITDB MEDIUM python
RealTerm Serial Terminal 2.0.0.70 SEH Overflow Crash
RealTerm Serial Terminal 2.0.0.70 contains a stack-based buffer overflow vulnerability in the Echo Port field that allows local attackers to crash the application by triggering a structured exception handler (SEH) chain corruption. Attackers can craft a malicious input string with 268 bytes of padding followed by SEH overwrite values and paste it into the Port field to cause denial of service.
by Alejandra Sánchez
CVSS 6.2
By Source
All 4,724 Exploitdb 50,121 Writeup 46,839 Nomisec 21,209 Metasploit 3,189 Github 2,279 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,750 c 3,551 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 73 go 41 postscript 25 xml 24