Exploitdb Exploits
4,759 exploits tracked across all sources.
RAVPower FileHub 2.000.056 - Info Disclosure
RAVPower FileHub 2.000.056 allows remote users to steal sensitive information via a crafted HTTP request.
by Daniele Linguaglossa
CVSS 7.5
Herospeed - 'TelnetSwitch' Remote Stack Overflow / Overwrite Password / Enable TelnetD
by bashis
Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump 1.1, 1.5, 1.6 - Remote Code Execution via Buffer Overflow
A Classic Buffer Overflow issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump does not verify input buffer size prior to copying, leading to a buffer overflow, allowing remote code execution on the target device. The pump receives the potentially malicious input infrequently and under certain conditions, increasing the difficulty of exploitation.
by Scott Gayou
CVSS 8.1
Flexense SysGauge <3.6.18 - Buffer Overflow
The server in Flexense SysGauge 3.6.18 operating on port 9221 can be exploited remotely with the attacker gaining system-level access because of a Buffer Overflow.
by Ahmad Mahfouz
CVSS 8.1
Flexense Disk Pulse Enterprise 10.1.18 - Denial of Service via Crafted SERVER_GET_INFO Packet
In Flexense Disk Pulse Enterprise v10.1.18, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9120.
by Ahmad Mahfouz
CVSS 7.5
pfSense < 2.1.4 - Authenticated Remote Code Execution
pfSense before 2.1.4 allows remote authenticated users to execute arbitrary commands via (1) the hostname value to diag_dns.php in a Create Alias action, (2) the smartmonemail value to diag_smart.php, or (3) the database value to status_rrd_graph_img.php.
by absolomb
Synology Photo Station 6.8.2-3461 - 'SYNOPHOTO_Flickr_MultiUpload' Race Condition File Write Remote Code Execution
by mr_me
ALLPlayer ALLMediaServer <= 0.95 - Remote Code Execution via TCP Port 888 Buffer Overflow
A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and earlier that could allow remote attackers to execute arbitrary code and/or cause denial of service on the victim machine/computer via a long string to TCP port 888.
by Mario Kartone Ciccarelli
CVSS 9.8
D-Link DIR Series service.cgi - Unauthenticated Command Injection
Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR-645, and DIR-815 firmware version 1.03, contain a vulnerability in the service.cgi endpoint that allows remote attackers to execute arbitrary system commands without authentication. The flaw stems from improper input handling in the EVENT=CHECKFW parameter, which is passed directly to the system shell without sanitization. A crafted HTTP POST request can inject commands that are executed with root privileges, resulting in full device compromise. These router models are no longer supported at the time of assignment and affected version ranges may vary. Exploitation evidence was first observed by the Shadowserver Foundation on 2025-08-21 UTC.
by Cr0n1c
CVSS 9.8
SAP NetWeaver 7.4 - Info Disclosure
The User Management Engine (UME) in SAP NetWeaver 7.4 allows attackers to decrypt unspecified data via unknown vectors, aka SAP Security Note 2191290.
by Vahagn Vardanyan
CVSS 5.3
SAP NetWeaver Application Server Java 7.40 - SQL Injection
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079.
by Vahagn Vardanyan
CVSS 9.8
Flexense DiskBoss <8.8.16 - Buffer Overflow
A stack-based buffer overflow in Flexense DiskBoss 8.8.16 and earlier allows unauthenticated remote attackers to execute arbitrary code in the context of a highly privileged account.
by Arris Huijgen
CVSS 9.8
SAP NetWeaver AS JAVA 7.10-7.50 - Exposure of Sensitive Information via Universal Worklist Configuration
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846.
by Vahagn Vardanyan
CVSS 5.3
FiberHome Mobile WIFI Device - CSRF
The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. Unauthorized Access to Web Services via CSRF can result in an unauthorized change of username or password of the administrator of the portal.
by Ibad Shah
CVSS 8.8
FiberHome LM53Q1 VH519R05C01S38 - Info Disclosure
Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended for obtaining information about Internet Usage, Changing Passwords, etc.) allows remote attackers to look for the information without authenticating. The information includes Version of device, Firmware ID, Connected users to device along their MAC Addresses, etc.
by Ibad Shah
CVSS 9.8
Flexense VX Search Enterprise 10.1.12 - Denial of Service via Crafted SERVER_GET_INFO Packet
In Flexense VX Search Enterprise v10.1.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9123.
by Ahmad Mahfouz
CVSS 7.5
Flexense Syncbreeze - Denial of Service
In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9121.
by Ahmad Mahfouz
CVSS 7.5
Flexense DiskBoss Enterprise 8.5.12 - Denial of Service via Crafted SERVER_GET_INFO Packet
In Flexense DiskBoss Enterprise 8.5.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 8094.
by Ahmad Mahfouz
CVSS 7.5
Flexense Disk Pulse Enterprise 10.1.18 - Denial of Service via Crafted SERVER_GET_INFO Packet
In Flexense Disk Pulse Enterprise v10.1.18, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET_INFO packet sent to control port 9120.
by Ahmad Mahfouz
CVSS 7.5
FiberHome Mobile WIFI Device - Info Disclosure
The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. Unauthorized Access to Web Services can result in disclosure of the WLAN key/password.
by Ibad Shah
CVSS 9.8
GetGo Download Manager 5.3.0.2712 - 'Proxy' Buffer Overflow
by devcoinfet
Cisco IOS and IOS XE - Authenticated Remote Code Execution via SNMP Buffer Overflow
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities.
The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP - Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload.
Customers are advised to apply the workaround as contained in the Workarounds section below. Fixed software information is available via the Cisco IOS Software Checker. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable.
There are workarounds that address these vulnerabilities.
by Artem Kondratenko
CVSS 8.8
By Source