Text Exploits
31,386 exploits tracked across all sources.
iPhone OS < 12.4 - Use-After-Free via Untrusted NSDictionary Deserialization
This issue was addressed with improved checks. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary.
by Google Security Research
CVSS 9.8
iCloud < 7.13 - Memory Corruption via Malicious Web Content
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
by Google Security Research
CVSS 8.8
iCloud < 7.13 - Memory Corruption via Malicious Web Content
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to arbitrary code execution.
by Google Security Research
CVSS 8.8
iPhone OS < 12.4 - Out-of-bounds Read
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to leak memory.
by Google Security Research
CVSS 7.5
iPhone OS < 12.4 - Remote Code Execution via Use-After-Free
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.4, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause arbitrary code execution.
by Google Security Research
CVSS 9.8
iPhone OS < 12.4 - Remote Code Execution via Memory Corruption
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
by Google Security Research
CVSS 9.8
GigToDo Freelance Marketplace Script 1.3 Persistent XSS
GigToDo 1.3 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript and HTML code through the proposal description field. Attackers can craft XSS payloads in the create_proposal endpoint that execute when administrators or other users view the stored proposal, enabling cookie theft and malicious redirects.
by m0ze
CVSS 5.4
Moodle < 3.1.9 and 3.4-3.4.1 - Server-Side Request Forgery via Filepicker
Moodle 3.x has Server Side Request Forgery in the filepicker.
by Fabian Mosch_ Nick Theisinger
CVSS 6.5
PDFResurrect 0.15 - Buffer Overflow
PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxref and %%EOF is mishandled.
by j0lama
CVSS 7.8
Ahsay Cloud Backup Suite 7.7.0.0-8.1.1.50 - Unauthenticated XML External Entity Injection
An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When sending an out-of-bounds XML document to a URL, it is possible to read the file structure and even the content of files without authentication.
by Wietse Boonstra
CVSS 7.5
Ovidentia 8.4.3 - Cross-Site Scripting via Multiple Parameters
index.php in Ovidentia 8.4.3 has XSS via tg=groups, tg=maildoms&idx=create&userid=0&bgrp=y, tg=delegat, tg=site&idx=create, tg=site&item=4, tg=admdir&idx=mdb&id=1, tg=notes&idx=Create, tg=admfaqs&idx=Add, or tg=admoc&idx=addoc&item=.
by n3k00n3
CVSS 5.4
iCloud < 7.13 - Universal Cross-Site Scripting via Synchronous Page Load Handling
A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to universal cross site scripting.
by Google Security Research
CVSS 6.1
NoviSmart CMS - SQL Injection via Referer HTTP Header
NoviSmart CMS contains an SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through the Referer HTTP header field. Attackers can craft requests with time-based SQL injection payloads in the Referer header to extract sensitive database information or cause denial of service.
by n1x_
CVSS 8.2
watchOS < 5.3 - Out-of-bounds Read
An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 5.3. A remote attacker may be able to leak memory.
by Google Security Research
CVSS 7.5
Trend Micro Deep Discovery Inspector IDS - Security Bypass
by hyp3rlinx
Cisco IOS XE 3.0.xe-3.11.xe - Cross-Site Request Forgery in Web-Based Management Interface
A vulnerability in the web-based management interface of Cisco IOS XE New Generation Wireless Controller (NGWC) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on an affected device by using a web browser and with the privileges of the user.
by Mehmet Onder
CVSS 8.8
Android 7.0-9 - Out-of-bounds Write in ihevcd_parse_pps
In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-130024844.
by Marcin Kozlowski
CVSS 8.8
Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k - Command Injection
Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k contains a restricted shell escape vulnerability that allows local users to bypass command restrictions by using the command substitution operator $( ). Attackers can inject arbitrary commands through the $( ) syntax when passed as arguments to allowed commands like ping to execute unrestricted shell access.
by AMRI Amine
CVSS 8.4
Axway SecureTransport <5.3-5.5 - Unauthenticated XXE
Axway SecureTransport 5.x through 5.3 (or 5.x through 5.5 with certain API configuration) is vulnerable to unauthenticated blind XML injection (and XXE) in the resetPassword functionality via the REST API. This vulnerability can lead to local file disclosure, DoS, or URI invocation attacks (i.e., SSRF with resultant remote code execution). NOTE: The vendor disputes this issues as not being a vulnerability because “All attacks that use external entities are blocked (no external DTD or file inclusions, no SSRF). The impact on confidentiality, integrity and availability is not proved on any version.
by Dominik Penner
CVSS 9.8
Web Ofisi Rent a Car v3 - SQL Injection
Web Ofisi Rent a Car v3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'klima' parameter. Attackers can send GET requests to with malicious 'klima' values to extract sensitive database information or cause denial of service.
by Ahmet Ümit BAYRAM
CVSS 8.2
Web Ofisi Platinum E-Ticaret v5 - SQL Injection
Web Ofisi Platinum E-Ticaret v5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' parameter. Attackers can send POST requests to the ajax/productsFilterSearch endpoint with malicious 'q' values using time-based blind SQL injection techniques to extract sensitive database information.
by Ahmet Ümit BAYRAM
CVSS 7.5
Web Ofisi Platinum E-Ticaret v5 - SQL Injection
Web Ofisi Platinum E-Ticaret v5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'q' GET parameter. Attackers can send requests to the arama endpoint with malicious 'q' values using time-based SQL injection techniques to extract sensitive database information.
by Ahmet Ümit BAYRAM
CVSS 7.5
Web-ofisi Emlak V2 - Unauthenticated SQL Injection via GET Parameters
Web Ofisi Emlak V2 contains multiple SQL injection vulnerabilities in the endpoint that allow unauthenticated attackers to manipulate database queries through GET parameters. Attackers can inject SQL code into parameters like emlak_durumu, emlak_tipi, il, ilce, kelime, and semt to extract sensitive database information or perform time-based blind SQL injection attacks.
by Ahmet Ümit BAYRAM
CVSS 9.8
By Source