Exploitdb Exploits
4,733 exploits tracked across all sources.
Apache Zookeeper < 3.4.10 - Missing Authentication
Two four letter word commands "wchp/wchc" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests. Apache ZooKeeper thru version 3.4.9 and 3.5.2 suffer from this issue, fixed in 3.4.10, 3.5.3, and later.
by Brandon Dennis
CVSS 7.5
Joomanager < 2.0.0 - Information Disclosure
The Joomanager component through 2.0.0 for Joomla! has an arbitrary file download issue, resulting in exposing the credentials of the database via an index.php?option=com_joomanager&controller=details&task=download&path=configuration.php request.
by Luth1er
CVSS 9.8
Flat Assembler 1.71.21 Stack-Based Buffer Overflow ROP
Flat Assembler 1.71.21 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input to the application. Attackers can craft malicious assembly input exceeding 5895 bytes to overwrite the instruction pointer and execute return-oriented programming chains for shell command execution.
by Juan Sacco
CVSS 8.4
Easy File Sharing Web Server 7.2 - Unrestricted File Upload
by Chako
Easy File Sharing Web Server 7.2 - Account Import Local Buffer Overflow (SEH)
by Chako
Easy File Sharing Web Server 7.2 - GET 'PassWD' Remote Buffer Overflow (SEH)
by clubjk
JAD 1.5.8e-1kali1 Stack-Based Buffer Overflow
JAD Java Decompiler 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying overly long input that exceeds buffer boundaries. Attackers can craft malicious input passed to the jad command to overflow the stack and execute a return-oriented programming chain that spawns a shell.
by Juan Sacco
CVSS 9.8
IBM Data Server Client - Memory Corruption
IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. IBM X-Force ID: 125159.
by defensecode
CVSS 7.3
PHPMailer <5.2.20 - RCE
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-10033.
by phackt_ul
CVSS 9.8
Zend Mail <2.7.2 - RCE
The setFrom function in the Sendmail adapter in the zend-mail component before 2.4.11, 2.5.x, 2.6.x, and 2.7.x before 2.7.2, and Zend Framework before 2.4.11 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted e-mail address.
by phackt_ul
CVSS 9.8
PHPMailer Sendmail Argument Injection
The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
by phackt_ul
CVSS 9.8
Swift Mailer <5.4.5 - RCE
The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer before 5.4.5 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted e-mail address in the (1) From, (2) ReturnPath, or (3) Sender header.
by phackt_ul
CVSS 9.8
IBM Informix Dynamic Server - Code Injection / Remote Code Execution
by IMgod
Easy File Sharing HTTP Server 7.2 - Buffer Overflow
A stack-based buffer overflow vulnerability exists in Easy File Sharing HTTP Server version 7.2. The flaw is triggered when a crafted POST request is sent to the /sendemail.ghp endpoint containing an overly long Email parameter. The application fails to properly validate the length of this field, resulting in a memory corruption condition. An unauthenticated remote attacker can exploit this to execute arbitrary code with the privileges of the server process.
by bl4ck h4ck3r
VX Search Enterprise 9.7.18 - Local Buffer Overflow
by ScrR1pTK1dd13
HP PageWide/OfficeJet Pro <1708D - RCE
A potential security vulnerability has been identified with HP PageWide Printers, HP OfficeJet Pro Printers, with firmware before 1708D. This vulnerability could potentially be exploited to execute arbitrary code.
by Jacob Baines
CVSS 9.8
Easy MOV Converter 1.4.24 - 'Enter User Name' Local Buffer Overflow (SEH)
by abatchy17
Easy File Sharing Web Server 7.2 - 'POST' Remote Buffer Overflow
by Touhid M.Shaikh
Disk Pulse 9.7.26 - 'Add Directory' Local Buffer Overflow
by abatchy17
Sync Breeze 9.7.26 - 'Add Exclude Directory' Local Buffer Overflow
by abatchy17
DiskBoss 8.0.16 - 'Input Directory' Local Buffer Overflow
by abatchy17
Disk Sorter 9.7.14 - 'Input Directory' Local Buffer Overflow
by abatchy17
By Source