Exploitdb Exploits

4,728 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-118407 EXPLOITDB python VERIFIED
Disk Pulse Enterprise 10.0.12 - GET Buffer Overflow (SEH)
by sickness
CVE-2017-14627 EXPLOITDB HIGH python VERIFIED
CyberLink LabelPrint 2.5 - RCE
Stack-based buffer overflows in CyberLink LabelPrint 2.5 allow remote attackers to execute arbitrary code via the (1) author (inside the INFORMATION tag), (2) name (inside the INFORMATION tag), (3) artist (inside the TRACK tag), or (4) default (inside the TEXT tag) parameter in an lpp project file.
by f3ci
CVSS 7.8
CVE-2017-14702 EXPLOITDB CRITICAL python
ERS Data System <1.8.1.0 - Code Injection
ERS Data System 1.8.1.0 allows remote attackers to execute arbitrary code, related to "com.branaghgroup.ecers.update.UpdateRequest" object deserialization.
by West Shepherd
CVSS 9.8
CVE-2017-0785 EXPLOITDB MEDIUM python
Android <8.0 - Info Disclosure
A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146698.
by Kert Ojasoo
CVSS 6.5
CVE-2016-4372 EXPLOITDB CRITICAL python
HPE iMC PLAT <7.2 - RCE
HPE iMC PLAT before 7.2 E0403P04, iMC EAD before 7.2 E0405P05, iMC APM before 7.2 E0401P04, iMC NTA before 7.2 E0401P01, iMC BIMS before 7.2 E0402P02, and iMC UAM_TAM before 7.2 E0405P05 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
by Raphael Kuhn
CVSS 9.8
CVE-2017-9798 EXPLOITDB HIGH python
Apache httpd <2.4.28 - Use After Free
Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.
by Hanno Bock
CVSS 7.5
EIP-2026-100244 EXPLOITDB python
Digirez 3.4 - Cross-Site Request Forgery (Update Admin)
by Ihsan Sencan
EIP-2026-100243 EXPLOITDB python
Digileave 1.2 - Cross-Site Request Forgery (Update Admin)
by Ihsan Sencan
EIP-2026-100242 EXPLOITDB python
DigiAffiliate 1.4 - Cross-Site Request Forgery (Update Admin)
by Ihsan Sencan
CVE-2017-11435 EXPLOITDB CRITICAL python
Humaxdigital Hg100r Firmware - Information Disclosure
The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authentication bypass vulnerability via specially crafted requests to the management console. The bug is exploitable remotely when the router is configured to expose the management console. The router is not validating the session token while returning answers for some methods in url '/api'. An attacker can use this vulnerability to retrieve sensitive information such as private/public IP addresses, SSID names, and passwords.
by Kivson
CVSS 9.8
CVE-2017-6315 EXPLOITDB CRITICAL python
Sophos Astaro Security Gateway Firmware - Improper Input Validation
Astaro Security Gateway (aka ASG) 7 allows remote attackers to execute arbitrary code via a crafted request to index.plx.
by Jakub Palaczynski
CVSS 9.8
CVE-2017-14344 EXPLOITDB HIGH python VERIFIED
Jungos WinDriver <12.4.0 - Privilege Escalation
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x95382673 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in a kernel pool overflow. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel.
by mr_me
CVSS 7.8
EIP-2026-101636 EXPLOITDB python
D-Link DIR-8xx Routers - Root Remote Code Execution
by embedi
EIP-2026-101634 EXPLOITDB python
D-Link DIR-8xx Routers - Leak Credentials
by embedi
CVE-2017-12611 EXPLOITDB CRITICAL python VERIFIED
Apache Struts < 2.3.34 - Improper Input Validation
In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.
by brianwrf
CVSS 9.8
EIP-2026-101298 EXPLOITDB python
HiSilicon DVR Devices - Remote Code Execution
by Istvan Toth
CVE-2017-14153 EXPLOITDB HIGH python VERIFIED
Jungos WinDriver <12.4.0 - Privilege Escalation
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x953824b7 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in a kernel pool overflow. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel.
by mr_me
CVSS 7.8
CVE-2017-14075 EXPLOITDB HIGH python VERIFIED
Jungos WinDriver <12.4.0 - Privilege Escalation
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x953824a7 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in an out-of-bounds write condition. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel.
by mr_me
CVSS 7.8
CVE-2017-9805 EXPLOITDB HIGH python
Apache Struts 2 REST Plugin XStream RCE
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
by Warflop
CVSS 8.1
EIP-2026-117078 EXPLOITDB python
Dup Scout Enterprise 9.9.14 - 'Input Directory' Local Buffer Overflow
by Touhid M.Shaikh
EIP-2026-117112 EXPLOITDB python VERIFIED
Easy WMV/ASF/ASX to DVD Burner 2.3.11 - Local Buffer Overflow (SEH)
by Touhid M.Shaikh
EIP-2026-117108 EXPLOITDB python VERIFIED
Easy Vedio to PSP Converter 1.6.20 - Local Buffer Overflow (SEH)
by Kishan Sharma
EIP-2026-117101 EXPLOITDB python
Easy RM RMVB to DVD Burner 1.8.11 - Local Buffer Overflow (SEH)
by Touhid M.Shaikh
EIP-2026-117093 EXPLOITDB python VERIFIED
Easy DVD Creator 2.5.11 - Local Buffer Overflow (SEH)
by tr0ubl3m4k3r
CVE-2017-13696 EXPLOITDB CRITICAL python VERIFIED
Flexense Dupscout - Memory Corruption
A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server component. Successful exploitation of the software will allow an attacker to gain complete access to the system with NT AUTHORITY / SYSTEM level privileges. The vulnerability lies due to improper handling and sanitization of the incoming request.
by Nipun Jaswal
CVSS 9.8
By Source
All 4,728 Exploitdb 50,130 Writeup 46,953 Nomisec 21,249 Metasploit 3,221 Github 2,386 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,346 ruby 5,952 python 5,798 c 3,565 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 85 go 45 postscript 25 xml 24