Exploitdb Exploits
2,689 exploits tracked across all sources.
Hadoop YARN ResourceManager - Command Execution (Metasploit)
by Metasploit
Hadoop YARN ResourceManager - Command Execution (Metasploit)
by Metasploit
Apache CouchDB < 1.7.0 and 2.x < 2.1.1 - Authenticated OS Command Injection via Configuration Options
CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitrary shell commands as the CouchDB user, including downloading and executing scripts from the public internet.
by Metasploit
CVSS 7.2
Manage Engine Exchange Reporter Plus - Remote Code Execution (Metasploit)
by Metasploit
Manage Engine Exchange Reporter Plus - Remote Code Execution (Metasploit)
by Metasploit
IBM Security QRadar SIEM <7.4 - Auth Bypass
IBM Security QRadar SIEM 7.2 and 7.3 could allow a user to bypass authentication which could lead to code execution. IBM X-Force ID: 138824.
by Metasploit
CVSS 8.8
IBM QRadar 7.2-7.3 - Improper Access Control
IBM QRadar 7.2 and 7.3 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 119737.
by Metasploit
CVSS 4.2
IBM QRadar SIEM 7.2-7.3 - Unauthenticated Exposure of Sensitive Information
IBM QRadar Incident Forensics (IBM QRadar SIEM 7.2, and 7.3) could allow a remote attacker to bypass authentication and obtain sensitive information. IBM X-Force ID: 144164.
by Metasploit
CVSS 5.8
GitList 0.6.0 - Argument Injection (Metasploit)
by Metasploit
GitList 0.6.0 - Argument Injection (Metasploit)
by Metasploit
HP VAN SDN Controller - Root Command Injection (Metasploit)
by Metasploit
HID discoveryd - 'command_blink_on' Remote Code Execution (Metasploit)
by Metasploit
HID discoveryd - 'command_blink_on' Remote Code Execution (Metasploit)
by Metasploit
Boxoft WAV to MP3 Converter - Buffer Overflow via Crafted WAV File
Buffer overflow in Boxoft WAV to MP3 Converter allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted WAV file.
by Metasploit
Nagios XI 5.2.0-5.4.12 - Remote Code Execution via OS Command Injection
Remote command execution (RCE) vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary commands on the target system, aka OS command injection.
by Metasploit
CVSS 8.8
Nagios XI 5.2.0-5.4.12 - SQL Injection via selInfoKey1 Parameter
SQL injection vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary SQL commands via the selInfoKey1 parameter.
by Metasploit
CVSS 9.8
Nagios XI 5.2.0-5.4.12 - Unauthenticated SQL Injection via Core Config Manager
Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an unauthenticated attacker to make configuration changes and leverage an authenticated SQL injection vulnerability.
by Metasploit
CVSS 9.8
FTPShell Client 6.7 - Remote Code Execution via FTP 220 Response Buffer Overflow
An issue was discovered in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with the FTP 220 response code to crash the application; after this overflow, one can run arbitrary code on the victim machine. This is similar to CVE-2009-3364 and CVE-2017-6465.
by Metasploit
CVSS 9.8
Nagios XI <5.4.13 - Privilege Escalation
A privilege escalation vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to leverage an RCE vulnerability escalating to root.
by Metasploit
CVSS 8.8
Geutebruck 5.02024 G-Cam/EFD-2250 - 'simple_loglistjs.cgi' Remote Command Execution (Metasploit)
by RandoriSec
Quest KACE System Management Appliance 8.0.318 - Unauthenticated OS Command Injection via download_agent_installer.php
The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by anonymous users and can be abused to execute arbitrary commands on the system.
by Metasploit
CVSS 9.8
IPConfigure Orchid Core VMS 2.0.5 - Path Traversal
IPConfigure Orchid Core VMS 2.0.5 allows Directory Traversal.
by Nettitude
CVSS 7.5
DHCP Client Command Injection (DynoRoot)
DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.
by Metasploit
CVSS 7.5
glibc < 2.26 - Buffer Underflow and Potential Code Execution via realpath()
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
by Metasploit
CVSS 7.8
WebKitGTK+ <2.21.3 - Use After Free
webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash.
by Dhiraj Mishra
CVSS 7.5
By Source