Exploitdb Exploits

4,759 exploits tracked across all sources.

Sort: Activity Stars
CVE-2018-25383 EXPLOITDB HIGH python
Free MP3 CD Ripper 2.8 Buffer Overflow SEH DEP Bypass
Free MP3 CD Ripper 2.8 contains a stack-based buffer overflow vulnerability in WMA file processing that allows local attackers to bypass DEP protection via structured exception handling manipulation. Attackers can craft a malicious WMA file that triggers the overflow when loaded through the Convert function, enabling execution of arbitrary code through ROP chain gadgets and shellcode injection.
by Matteo Malvica
CVSS 8.4
CVE-2018-19646 EXPLOITDB CRITICAL python VERIFIED
Imperva SecureSphere <13.2.10 - Command Injection
The Python CGI scripts in PWS in Imperva SecureSphere 13.0.10, 13.1.10, and 13.2.10 allow remote attackers to execute arbitrary OS commands because command-line arguments are mishandled.
by rsp3ar
CVSS 9.8
CVE-2018-5403 EXPLOITDB HIGH python VERIFIED
Imperva SecureSphere v13 - Remote Code Execution via Web Access Management Interface
Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface.
by rsp3ar
CVSS 8.1
CVE-2018-25140 EXPLOITDB HIGH python
FLIR thermal traffic cameras - SSRF
FLIR thermal traffic cameras contain an unauthenticated device manipulation vulnerability in their WebSocket implementation that allows attackers to bypass authentication and authorization controls. Attackers can directly modify device configurations, access system information, and potentially initiate denial of service by sending crafted WebSocket messages without authentication.
by LiquidWorm
CVSS 7.5
CVE-2018-16660 EXPLOITDB HIGH python VERIFIED
Imperva SecureSphere <13.1.0.10 - Command Injection
A command injection vulnerability in PWS in Imperva SecureSphere 13.0.0.10 and 13.1.0.10 Gateway allows an attacker with authenticated access to execute arbitrary OS commands on a vulnerable installation.
by rsp3ar
CVSS 8.8
EIP-2026-107972 EXPLOITDB python
ISPConfig < 3.1.13 - Remote Command Execution
by 0x09AL
EIP-2026-119548 EXPLOITDB python
NICO-FTP 3.0.1.19 - Buffer Overflow (SEH) (ASLR Bypass)
by Miguel Mendez Z
EIP-2026-119547 EXPLOITDB python
NICO-FTP 3.0.1.19 - Buffer Overflow (SEH) (ASLR Bypass)
by Miguel Mendez Z
CVE-2018-25252 EXPLOITDB MEDIUM python VERIFIED
FTP Voyager 16.2.0 Denial of Service via Malformed Site Profile
FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting oversized buffer data into the site profile IP field. Attackers can create a malicious site profile containing 500 bytes of repeated characters and paste it into the IP field to trigger a buffer overflow that crashes the FTP Voyager process.
by Abdullah Alıç
CVSS 6.2
CVE-2018-17408 EXPLOITDB HIGH python
Zahir Accounting Enterprise Plus <6 - RCE
Stack-based buffer overflows in Zahir Accounting Enterprise Plus 6 through build 10b allow remote attackers to execute arbitrary code via a crafted CSV file that is accessed through the Import CSV File menu.
by SPARC
CVSS 7.8
EIP-2026-119492 EXPLOITDB python VERIFIED
Snes9K 0.0.9z - Denial of Service (PoC)
by crash_manucoot
EIP-2026-102374 EXPLOITDB python
H2 Database 1.4.196 - Remote Code Execution
by h4ckNinja
CVE-2018-25273 EXPLOITDB MEDIUM python
CrossFont 7.5 Denial of Service via License Key Field
CrossFont 7.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by submitting an oversized payload in the License Key field. Attackers can generate a malicious file containing 4000 bytes of data, paste it into the License Key input field, and trigger an application crash when processing the input.
by Gionathan Reale
CVSS 6.2
CVE-2018-25264 EXPLOITDB MEDIUM python VERIFIED
TransMac 12.2 Denial of Service via License Key Field
TransMac 12.2 contains a buffer overflow vulnerability in the license key input field that allows local attackers to crash the application by submitting an oversized string. Attackers can generate a payload file containing 4000 bytes of data, paste it into the License Key field, and trigger a denial of service condition.
by Gionathan Reale
CVSS 6.2
CVE-2018-25263 EXPLOITDB HIGH python
Faleemi Desktop Software 1.8.2 Local Buffer Overflow SEH
Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attackers can craft a malicious payload and paste it into the Device alias field within the Managing Log interface to execute arbitrary code with calculator proof-of-concept execution.
by Gionathan Reale
CVSS 8.4
EIP-2026-119522 EXPLOITDB python VERIFIED
Easy PhoroResQ 1.0 - Buffer Overflow
by Cemal Cihad ÇİFTÇİ
CVE-2018-25253 EXPLOITDB MEDIUM python VERIFIED
Termite 3.4 Denial of Service via Settings Buffer Overflow
Termite 3.4 contains a buffer overflow vulnerability in the User interface language settings field that allows local attackers to cause a denial of service by supplying an excessively long string. Attackers can paste a 2000-byte payload into the Settings User interface language field to crash the application.
by Abdullah Alıç
CVSS 6.2
EIP-2026-119494 EXPLOITDB python VERIFIED
SoftX FTP Client 3.3 - Denial of Service (PoC)
by Cemal Cihad ÇİFTÇİ
EIP-2026-119461 EXPLOITDB python VERIFIED
Beyond Remote 2.2.5.3 - Denial of Service (PoC)
by Erenay Gencay
CVE-2018-17173 EXPLOITDB CRITICAL python
LG SuperSign CMS - Remote Code Execution via sourceUri Parameter
LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail.
by Alejandro Fanjul
CVSS 9.8
CVE-2018-25254 EXPLOITDB CRITICAL python VERIFIED
NICO-FTP 3.0.1.19 Buffer Overflow SEH
NICO-FTP 3.0.1.19 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending crafted FTP commands. Attackers can connect to the FTP service and send oversized data in response handlers to overwrite SEH pointers and redirect execution to injected shellcode.
by Abdullah Alıç
CVSS 9.8
CVE-2018-16288 EXPLOITDB HIGH python
LG SuperSign CMS - Unauthenticated Arbitrary File Read via signEzUI Playlist Upload Path Traversal
LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs.
by Alejandro Fanjul
CVSS 8.6
EIP-2026-101392 EXPLOITDB python
NUUO NVRMini2 3.8 - 'cgi_system' Buffer Overflow (Enable Telnet)
by Jacob Baines
CVE-2018-25378 EXPLOITDB MEDIUM python
Notebook Pro 2.0 Denial of Service via Notebook Name Field
Notebook Pro 2.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the notebook name field. Attackers can create a malicious text file containing 500 or more characters, paste the content into the New Notebook Name field, and trigger an application crash when attempting to create and save the notebook.
by Ali Alipour
CVSS 6.2
CVE-2018-25125 EXPLOITDB HIGH python VERIFIED
Netis ADSL Router DL4322D RTK 2.1.1 - DoS
Netis ADSL Router DL4322D firmware RTK 2.1.1 contains a buffer overflow vulnerability in the embedded FTP service that allows an authenticated remote user to trigger a denial of service. After logging in to the FTP service, sending an FTP command such as ABOR with an excessively long argument causes the service, and in practice the router, to crash or become unresponsive, resulting in a loss of availability for the device and connected users.
by cakes
By Source
All 4,759 Writeup 62,507 Exploitdb 50,076 Nomisec 22,465 Github 3,690 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,604 ruby 6,006 c 3,632 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 133 go 73 postscript 25 typescript 25