Exploitdb Exploits

2,731 exploits tracked across all sources.

Sort: Activity Stars
CVE-2015-7243 EXPLOITDB ruby VERIFIED
Boxoft Wav TO Mp3 Converter - Memory Corruption
Buffer overflow in Boxoft WAV to MP3 Converter allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted WAV file.
by Metasploit
CVE-2018-8735 EXPLOITDB HIGH ruby VERIFIED
Nagios XI <5.4.13 - RCE
Remote command execution (RCE) vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary commands on the target system, aka OS command injection.
by Metasploit
CVSS 8.8
CVE-2018-8734 EXPLOITDB CRITICAL ruby VERIFIED
Nagios XI <5.4.13 - SQL Injection
SQL injection vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary SQL commands via the selInfoKey1 parameter.
by Metasploit
CVSS 9.8
CVE-2018-8733 EXPLOITDB CRITICAL ruby VERIFIED
Nagios XI <5.4.13 - Auth Bypass
Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an unauthenticated attacker to make configuration changes and leverage an authenticated SQL injection vulnerability.
by Metasploit
CVSS 9.8
CVE-2018-7573 EXPLOITDB CRITICAL ruby VERIFIED
Ftpshell Client - Memory Corruption
An issue was discovered in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with the FTP 220 response code to crash the application; after this overflow, one can run arbitrary code on the victim machine. This is similar to CVE-2009-3364 and CVE-2017-6465.
by Metasploit
CVSS 9.8
CVE-2018-8736 EXPLOITDB HIGH ruby VERIFIED
Nagios XI <5.4.13 - Privilege Escalation
A privilege escalation vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to leverage an RCE vulnerability escalating to root.
by Metasploit
CVSS 8.8
EIP-2026-101759 EXPLOITDB ruby
Geutebruck 5.02024 G-Cam/EFD-2250 - 'simple_loglistjs.cgi' Remote Command Execution (Metasploit)
by RandoriSec
CVE-2018-11138 EXPLOITDB CRITICAL ruby VERIFIED
Quest Kace System Management Appliance - OS Command Injection
The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by anonymous users and can be abused to execute arbitrary commands on the system.
by Metasploit
CVSS 9.8
CVE-2018-10956 EXPLOITDB HIGH ruby
Ipconfigure Orchid Core Vms - Path Traversal
IPConfigure Orchid Core VMS 2.0.5 allows Directory Traversal.
by Nettitude
CVSS 7.5
CVE-2018-1111 EXPLOITDB HIGH ruby VERIFIED
DHCP Client Command Injection (DynoRoot)
DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol.
by Metasploit
CVSS 7.5
CVE-2018-1000001 EXPLOITDB HIGH ruby VERIFIED
GNU Glibc < 2.26 - Out-of-Bounds Write
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading to a buffer underflow and potential code execution.
by Metasploit
CVSS 7.8
CVE-2018-11646 EXPLOITDB HIGH ruby
WebKitGTK+ <2.21.3 - Use After Free
webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash.
by Dhiraj Mishra
CVSS 7.5
CVE-2016-4656 EXPLOITDB HIGH ruby VERIFIED
Apple Iphone OS < 9.3.5 - Out-of-Bounds Write
The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
by Metasploit
CVSS 7.8
CVE-2016-4655 EXPLOITDB MEDIUM ruby VERIFIED
WebKit not_number defineProperties UAF
The kernel in Apple iOS before 9.3.5 allows attackers to obtain sensitive information from memory via a crafted app.
by Metasploit
CVSS 5.5
CVE-2016-4657 EXPLOITDB HIGH ruby VERIFIED
Apple Iphone OS < 9.3.5 - Out-of-Bounds Write
WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
by Metasploit
CVSS 8.8
EIP-2026-117538 EXPLOITDB ruby VERIFIED
Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (Metasploit)
by Metasploit
EIP-2026-117537 EXPLOITDB ruby VERIFIED
Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (Metasploit)
by Metasploit
CVE-2016-20017 EXPLOITDB CRITICAL ruby VERIFIED
D-Link DSL-2750B <1.05 - Command Injection
D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login.cgi cli parameter, as exploited in the wild in 2016 through 2022.
by Metasploit
CVSS 9.8
CVE-2016-8655 EXPLOITDB HIGH ruby VERIFIED
AF_PACKET chocobo_root Privilege Escalation
Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.
by Metasploit
CVSS 7.8
CVE-2010-3904 EXPLOITDB HIGH ruby VERIFIED
Reliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.
by Metasploit
CVSS 7.8
CVE-2017-12500 EXPLOITDB HIGH ruby
HP Intelligent Management Center - Improper Input Validation
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version PLAT 7.3 (E0504) was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 (E0506) or any subsequent version.
by TrendyTofu
CVSS 8.8
CVE-2017-8982 EXPLOITDB HIGH ruby
HPE iMC <7.3 - Auth Bypass
A Remote Authentication Restriction Bypass vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P4 was found.
by TrendyTofu
CVSS 7.5
CVE-2017-7308 EXPLOITDB HIGH ruby VERIFIED
AF_PACKET packet_set_ring Privilege Escalation
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.
by Metasploit
CVSS 7.8
CVE-2017-9791 EXPLOITDB CRITICAL ruby VERIFIED
Apache Struts 2.1.x-2.3.x - RCE
The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.
by Metasploit
CVSS 9.8
CVE-2016-9299 EXPLOITDB CRITICAL ruby VERIFIED
Jenkins <2.32-2.19.3 - RCE
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server.
by Metasploit
CVSS 9.8
By Source
All 2,731 Exploitdb 50,123 Writeup 46,610 Nomisec 21,121 Metasploit 3,189 Github 2,231 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,731 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 259 c++ 245 shell 68 go 41 postscript 25 xml 24