Exploitdb Exploits
4,724 exploits tracked across all sources.
Munsoft Easy Archive Recovery - Improper Resource Release
A vulnerability classified as problematic was found in Munsoft Easy Archive Recovery 2.0. This vulnerability affects unknown code of the component Registration Key Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252676. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
by Ihsan Sencan
CVSS 3.3
AMPPS 2.7 - DoS
AMPPS 2.7 contains a denial of service vulnerability that allows remote attackers to crash the service by sending malformed data to the default HTTP port. Attackers can establish multiple socket connections and transmit invalid payloads to exhaust server resources and cause service unavailability.
by Ihsan Sencan
CVSS 7.5
Dell Openmanage Network Manager < 6.5.3 - Incorrect Authorization
The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file.
by KoreLogic
CVSS 8.8
Bosch Video Management System 8.0 - Configuration Client Denial of Service (PoC)
by Daniel
Dell Openmanage Network Manager - Incorrect Permission Assignment
Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file system for MySQL users due to insecure default configuration setting for the embedded MySQL database.
by KoreLogic
CVSS 6.5
Ntp - Out-of-Bounds Read
The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10.
by Magnus Klaaborg Stubman
CVSS 7.5
XAMPP Control Panel 3.2.2 - Buffer Overflow (SEH) (Unicode)
by Semen Alexandrovich Lyhin
CuteFTP Mac 3.1 - Denial of Service (PoC)
by Yair Rodríguez Aparicio
xorg-x11-server <1.20.3 - Privilege Escalation
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.
by bolonobolo
CVSS 6.6
HeidiSQL 9.5.0.5196 Denial of Service via Preferences
HeidiSQL 9.5.0.5196 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long file path in the logging preferences. Attackers can input a buffer-overflow payload through the SQL log file path field in Preferences > Logging to trigger an application crash.
by Victor Mondragón
CVSS 6.2
Mongoose Web Server 6.9 - DoS
Mongoose Web Server 6.9 contains a denial of service vulnerability that allows remote attackers to crash the service by establishing multiple socket connections. Attackers can repeatedly create connections to the default port and send malformed data to exhaust server resources and cause service unavailability.
by Ihsan Sencan
CVSS 7.5
eToolz 3.4.8.0 - Buffer Overflow
eToolz 3.4.8.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying oversized input buffers. Attackers can create a payload file containing 255 bytes of data that triggers a buffer overflow condition when processed by the application.
by Ihsan Sencan
CVSS 6.2
Arm Whois 3.11 - Buffer Overflow (SEH)
by Semen Alexandrovich Lyhin
Arm Whois 3.11 - Buffer Overflow (SEH)
by Semen Alexandrovich Lyhin
VSAXESS V2.6.2.70 build20171226_053 - 'organization' Denial of Service (PoC)
by Diego Santamaria
CMSMS <2.2.7 - RCE
In CMS Made Simple (CMSMS) through 2.2.7, the "module import" operation in the admin dashboard contains a remote code execution vulnerability, exploitable by an admin user, because an XML Package can contain base64-encoded PHP code in a data element.
by Lucian Ioan Nitescu
CVSS 7.2
Softros LAN Messenger 9.2 Denial of Service via Log Files Location
Softros LAN Messenger 9.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the custom log files location field. Attackers can input a buffer of 2000 characters in the Log Files Location custom path parameter to trigger a crash when the OK button is clicked.
by Victor Mondragón
CVSS 5.5
Advantech Webaccess - Path Traversal
WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to write or overwrite any file on the filesystem due to a directory traversal vulnerability in the writeFile API. An attacker can use this vulnerability to remotely execute arbitrary code.
by Chris Lyne
CVSS 6.5
Virginmedia Hub 3.0 Firmware - Denial of Service
On Virgin Media wireless router 3.0 hub devices, the web interface is vulnerable to denial of service. When POST requests are sent and keep the connection open, the router lags and becomes unusable to anyone currently using the web interface.
by Ross Inman
CVSS 7.5
PHP Proxy 3.0.3 - Info Disclosure
In PHP Proxy 3.0.3, any user can read files from the server without authentication due to an index.php?q=file:/// LFI URI, a different vulnerability than CVE-2018-19246.
by AkkuS
CVSS 7.5
Advantech Webaccess - XSS
Advantech WebAccess 8.3.1 and 8.3.2 are vulnerable to cross-site scripting in the Bwmainleft.asp page. An attacker could leverage this vulnerability to disclose credentials amongst other things.
by Chris Lyne
CVSS 5.4
Zint Barcode Generator 2.6 - Denial of Service (PoC)
by Ihsan Sencan
By Source