Exploitdb Exploits
4,728 exploits tracked across all sources.
Imperva SecureSphere <13.0-11.5 - Privilege Escalation
Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privileged users to add SSH login keys to the admin user, resulting in privilege escalation.
by 0x09AL
CVSS 8.8
Datalust Seq <4.2.605 - Auth Bypass
Datalust Seq before 4.2.605 is vulnerable to Authentication Bypass (with the attacker obtaining admin access) via '"Name":"isauthenticationenabled","Value":false' in an api/settings/setting-isauthenticationenabled PUT request.
by Daniel Chactoura
CVSS 9.8
AgataSoft Auto PingMaster 1.5 - 'Host name' Denial of Service (PoC)
by Luis Martínez
CoSoSys Endpoint Protector 4.5.0.1 - (Authenticated) Remote Root Command Injection
by 0x09AL
Allok Fast AVI MPEG Splitter 1.2 - Buffer Overflow (PoC)
by Shubham Singh
Switch Port Mapping Tool 2.81 - 'SNMP Community Name' Denial of Service (PoC)
by Luis Martínez
ipPulse 1.92 - 'Licence Key' Denial of Service (PoC)
by Shubham Singh
Allok MOV Converter 4.6.1217 - Buffer Overflow (SEH)
by Shubham Singh
ipPulse 1.92 - 'IP Address/HostName-Comment' Denial of Service (PoC)
by Luis Martínez
H2 <1.4.197 - Info Disclosure
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.
by owodelta
CVSS 6.5
QNap QVR Client 5.1.1.30070 - 'Password' Denial of Service (PoC)
by Luis Martínez
NetScanTools Basic Edition 2.5 - 'Hostname' Denial of Service (PoC)
by Luis Martínez
Coreftp Core FTP - Improper Input Validation
The server in Core FTP 2.0 build 653 on 32-bit platforms allows remote attackers to cause a denial of service (daemon crash) via a crafted XRMD command.
by Erik David Martin
CVSS 7.5
10-Strike LANState 8.8 Local Buffer Overflow SEH
10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attackers can create a specially formatted LSM file with a payload in the ObjCaption parameter that overflows the buffer, overwrites the SEH chain, and executes shellcode when the file is opened in the application.
by absolomb
CVSS 8.4
10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow (SEH)
by absolomb
10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow (SEH)
by absolomb
Getgosoft Getgo Download Manager < 5.3.0.2712 - Memory Corruption
A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long response.
by Nathu Nandwani
CVSS 9.8
Splinterware System Scheduler Pro 5.12 - Buffer Overflow (SEH)
by bzyo
Mediabridge Medialink MWN-WAPR300N <5.07.50 - CSRF
Cross-site request forgery (CSRF) vulnerability on Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 allows remote attackers to hijack the authentication of arbitrary users.
by Nathu Nandwani
CVSS 8.8
Davolink DVW-3200N <1.00.06 - Info Disclosure
Davolink DVW-3200N all version prior to Version 1.00.06. The device generates a weak password hash that is easily cracked, allowing a remote attacker to obtain the password for the device.
by Ankit Anubhav
CVSS 9.8
Inteno IOPSYS - Privilege Escalation
read_tmp and write_tmp in Inteno IOPSYS allow attackers to gain privileges after writing to /tmp/etc/smb.conf because /var is a symlink to /tmp.
by neonsea
CVSS 7.8
By Source