Exploitdb Exploits
4,728 exploits tracked across all sources.
Kamailio 5.1.1 / 5.1.0 / 5.0.0 - Off-by-One Heap Overflow
by EnableSecurity
Intelbras Tip200 Firmware - Path Traversal
Intelbras TELEFONE IP TIP200/200 LITE 60.0.75.29 devices allow remote authenticated admins to read arbitrary files via the /cgi-bin/cgiServer.exx page parameter, aka absolute path traversal. In some cases, authentication can be achieved via the admin account with its default admin password.
by anhax0r
CVSS 7.2
Kaseya Unitrends Backup < 10.1 - Authentication Bypass
It was discovered that the Unitrends Backup (UB) before 10.1.0 user interface was exposed to an authentication bypass, which then could allow an unauthenticated user to inject arbitrary commands into its /api/hosts parameters using backquotes.
by Jared Arave
CVSS 9.8
Unitrends Backup < 10.1.10 - SQL Injection
It was discovered that the Unitrends Backup (UB) before 10.1.0 libbpext.so authentication could be bypassed with a SQL injection, allowing a remote attacker to place a privilege escalation exploit on the target system and subsequently execute arbitrary commands.
by Jared Arave
CVSS 9.8
Mikrotik Routeros < 6.41.3 - Memory Corruption
A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system. The overflow occurs before authentication takes place, so it is possible for an unauthenticated remote attacker to exploit it. All architectures and all devices running RouterOS before versions 6.41.3/6.42rc27 are vulnerable.
by CoreLabs
CVSS 9.8
SAP Customer Relationship Management - Path Traversal
SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.
by erp scan team
CVSS 6.6
SC 7.16 - Stack Buffer Overflow Local Code Execution
SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft malicious input strings exceeding 1052 bytes to overwrite the instruction pointer and execute shellcode in the application context.
by Juan Sacco
CVSS 8.4
WebAccess <8.3.2 - Path Traversal
A Path Traversal issue was discovered in WebAccess versions 8.3.2 and earlier. An attacker has access to files within the directory structure of the target device.
by Chris Lyne
CVSS 9.8
Allok QuickTime to AVI MPEG DVD Converter 3.6.1217 - Buffer Overflow
by Mohan Ravichandran
MikroTik RouterOS < 6.38.4 (x86) - 'Chimay Red' Stack Clash Remote Code Execution
by Lorenzo Santina
MikroTik RouterOS < 6.38.4 (MIPSBE) - 'Chimay Red' Stack Clash Remote Code Execution
by Lorenzo Santina
Weblogexpert Weblog Expert - Resource Allocation Without Limits
WebLog Expert Web Server Enterprise 9.4 allows Remote Denial Of Service (daemon crash) via a long HTTP Accept Header to TCP port 9991.
by hyp3rlinx
CVSS 7.5
Memcached <1.5.6 - DoS
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been reported by reliable sources). This attack appear to be exploitable via network connectivity to port 11211 UDP. This vulnerability appears to have been fixed in 1.5.6 due to the disabling of the UDP protocol by default.
by 649
CVSS 7.5
Dup Scout Enterprise 10.5.12 - 'Share Username' Local Buffer Overflow
by bzyo
Memcached 1.5.5 - 'Memcrashed' Insufficient Control Network Message Volume Denial of Service (2)
by Alex Conrey
iSumsoft ZIP Password Refixer 3.1.1 - Buffer Overflow
by ScrR1pTK1dd13
IrfanView 4.50 Email Plugin - Buffer Overflow (SEH Unicode)
by bzyo
Segger Embos/ip FTP Server - Improper Input Validation
SEGGER FTP Server for Windows before 3.22a allows remote attackers to cause a denial of service (daemon crash) via an invalid LIST, STOR, or RETR command.
by hyp3rlinx
CVSS 7.5
Microsoft Windows 8.1 - NULL Pointer Dereference
The Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) client in Windows 8.1 and RT 8.1 and Windows Server 2012 R2 allows a denial of service vulnerability due to how specially crafted requests are handled, aka "SMBv2/SMBv3 Null Dereference Denial of Service Vulnerability".
by Nabeel Ahmed
CVSS 5.3
Concrete5 <8.3.0 - Info Disclosure
An issue was discovered in tools/conversations/view_ajax.php in Concrete5 before 8.3.0. An unauthenticated user can enumerate comments from all blog posts by POSTing requests to /index.php/tools/required/conversations/view_ajax with incremental 'cnvID' integers.
by Chapman Schleiss
CVSS 5.3
Digium Asterisk < 13.19.1 - Memory Corruption
A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. When processing a SUBSCRIBE request, the res_pjsip_pubsub module stores the accepted formats present in the Accept headers of the request. This code did not limit the number of headers it processed, despite having a fixed limit of 32. If more than 32 Accept headers were present, the code would write outside of its memory and cause a crash.
by EnableSecurity
CVSS 7.5
By Source