Text Exploits
31,386 exploits tracked across all sources.
LiteManager 4.5.0 - Info Disclosure
LiteManager 4.5.0 has weak permissions (Everyone: Full Control) in the "LiteManagerFree - Server" folder, as demonstrated by ROMFUSClient.exe.
by ZwX
CVSS 7.3
Internet Explorer - Remote Code Execution via Scripting Engine Memory Corruption
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1428.
by Google Security Research
CVSS 7.5
macOS 10.14.6 - root->kernel Privilege Escalation via update_dyld_shared_cache
by Google Security Research
TestLink 1.9.19 - Cross-Site Scripting via archiveData.php edit Parameter
TestLink 1.9.19 has XSS via the lib/testcases/archiveData.php edit parameter, the index.php reqURI parameter, or the URI in a lib/testcases/tcEdit.php?doAction=doDeleteStep request.
by Milad Khoshdel
CVSS 6.1
GNU Mailutils < 3.8 - Local Privilege Escalation via maidag URL Mode
maidag in GNU Mailutils before 3.8 is installed setuid and allows local privilege escalation in the url mode.
by Mike Gualtieri
CVSS 7.8
Network Management Card 6.2.0 - Host Header Injection
by Amal E Thamban
Linux Kernel - Use-After-Free in Overlayfs and Shiftfs mmap Handlers
Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.
by Google Security Research
CVSS 7.1
Linux kernel <5.3 - Privilege Escalation
In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the lower filesystem were translating them into init_user_ns, whereas they should have been translated into the s_user_ns for the lower filesystem. This resulted in using ids other than the intended ones in the lower fs, which likely did not map into the shifts s_user_ns. A local attacker could use this to possibly bypass discretionary access control permissions.
by Google Security Research
CVSS 6.5
iOS 12.4 - Sandbox Escape due to Integer Overflow in mediaserverd
by Google Security Research
Studio 5000 Logix Designer 30.01.00 - Privilege Escalation
Studio 5000 Logix Designer 30.01.00 contains an unquoted service path vulnerability in the FactoryTalk Activation Service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\ to inject malicious code that would execute with LocalSystem permissions.
by Luis Martínez
CVSS 7.8
BartVPN 1.2.2 - Unquoted Service Path Privilege Escalation via BartVPNService
BartVPN 1.2.2 contains an unquoted service path vulnerability in the BartVPNService that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path by placing malicious executables in specific file system locations to hijack the service's execution context.
by ZwX
CVSS 7.8
iSmartViewPro 1.3.34 - Denial of Service via Camera ID Input Buffer Overflow
iSmartViewPro 1.3.34 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the camera ID input field. Attackers can paste a 257-character buffer into the camera DID and password fields to trigger an application crash on iOS devices.
by Ivan Marmolejo
CVSS 7.5
Crystal Live HTTP Server 6.01 - Path Traversal
Crystal Live HTTP Server 6.01 contains a directory traversal vulnerability that allows remote attackers to access system files by manipulating URL path segments. Attackers can use multiple '../' sequences to navigate outside the web root and retrieve sensitive configuration files like Windows system files.
by numan türle
CVSS 7.5
Wondershare MobileGo 8.5.0 - Privilege Escalation
Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executable files in the application directory. Attackers can replace the original MobileGo.exe with a malicious executable to create a new user account and add it to the Administrators group with full system access.
by ZwX
CVSS 7.8
NCP Secure Entry Client 9.2 - Code Injection
NCP Secure Entry Client 9.2 contains an unquoted service path vulnerability in multiple Windows services that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted paths in services like ncprwsnt, rwsrsu, ncpclcfg, and NcpSec to inject malicious code that would execute with LocalSystem privileges during service startup.
by Akif Mohamed Ik
CVSS 7.8
Emerson PAC Machine Edition 9.70 Build 8595 - 'FxControlRuntime' Unquoted Service Path
by Luis Martínez
ASUS HM Com Service 1.00.31 - 'asHMComSvc' Unquoted Service Path
by Olimpia Saucedo
TemaTres 3.0 - Privilege Escalation
TemaTres 3.0 allows remote unprivileged users to create an administrator account
by Pablo Santiago
CVSS 9.8
TemaTres 3.0 - Stored Cross-Site Scripting via value Parameter
TemaTres 3.0 has stored XSS via the value parameter to the vocab/admin.php?vocabulario_id=list URI.
by Pablo Santiago
CVSS 5.4
Lexmark Services Monitor <2.27.4.0.39 - Path Traversal
In Lexmark Services Monitor 2.27.4.0.39 (running on TCP port 2070), a remote attacker can use a directory traversal technique using /../../../ or ..%2F..%2F..%2F to obtain local files on the host operating system.
by Kevin Randall
CVSS 7.5
Shrew Soft VPN Client 2.2.2 - Privilege Escalation
Shrew Soft VPN Client 2.2.2 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can place malicious executables in the unquoted service path to gain elevated access during service startup or system reboot.
by D.Goedecke
CVSS 7.8
oXygen XML Editor 21.1.1 - XML External Entity Injection
by Pablo Santiago
SibSoft Xfilesharing <2.5.1 - Path Traversal
SibSoft Xfilesharing through 2.5.1 allows op=page&tmpl=../ directory traversal to read arbitrary files.
by Noman Riffat
CVSS 7.5
gSOAP 2.8 - Unauthenticated Path Traversal via HTTP GET Request
gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal techniques. Attackers can retrieve sensitive files like /etc/passwd by sending crafted GET requests with multiple '../' directory traversal sequences.
by numan türle
CVSS 7.5
By Source