Text Exploits
31,364 exploits tracked across all sources.
Wireshark <2.4.3 & <2.2.11 - DoS
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length.
by Wireshark
CVSS 7.5
Resolver Perspective - Improper Privilege Management
Perspective ICM Investigation & Case 5.1.1.16 allows remote authenticated users to modify access level permissions and consequently gain privileges by leveraging insufficient validation methods and missing cross server side checking mechanisms.
by Konstantinos Alexiou
CVSS 8.8
Techno Portfolio Management Panel 1.0 - SQL Injection
Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL commands via a single.php?id= request.
by Ihsan Sencan
CVSS 9.8
Posty Readymade Classifieds Script 1.0 - SQL Injection
Posty Readymade Classifieds Script 1.0 allows an attacker to inject SQL commands via a listings.php?catid= or ads-details.php?ID= request.
by Ihsan Sencan
CVSS 9.8
Abyss Web Server < 2.11.6 - Heap Memory Corruption
by hyp3rlinx
Artica Web Proxy <3.06.112911 - XSS
Artica Web Proxy before 3.06.112911 allows remote attackers to execute arbitrary code as root by conducting a cross-site scripting (XSS) attack involving the username-form-id parameter to freeradius.users.php.
by hyp3rlinx
CVSS 9.0
MistServer <2.13 - XSS
Cross-site scripting (XSS) vulnerability in MistServer before 2.13 allows remote attackers to inject arbitrary web script or HTML via vectors related to failed authentication requests alerts.
by hyp3rlinx
CVSS 6.1
Axis Communications MPQT/PACS - Heap Overflow / Information Leakage
by bashis
Qemu < 2.11 - Out-of-Bounds Write
A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. If NBD server requires TLS, the attacker cannot trigger the buffer overflow without first successfully negotiating TLS.
by Eric Blake
CVSS 8.3
WooCommerce <3.x - Path Traversal
The WooCommerce plugin through 3.x for WordPress has a Directory Traversal Vulnerability via a /wp-content/plugins/woocommerce/templates/emails/plain/ URI, which accesses a parent directory. NOTE: a software maintainer indicates that Directory Traversal is not possible because all of the template files have "if (!defined('ABSPATH')) {exit;}" code
by Fu2x2000
CVSS 7.5
Diving Log 6.0 - Info Disclosure
XXE in Diving Log 6.0 allows attackers to remotely view local files through a crafted dive.xml file that is mishandled during a Subsurface import.
by Trent Gordon
CVSS 5.5
Exim 4.88-4.89 - DoS
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service (infinite loop and stack exhaustion) via vectors involving BDAT commands and an improper check for a '.' character signifying the end of the content, related to the bdat_getc function.
by meh
CVSS 7.5
ZTE ZXDSL 831CII - RCE
connoppp.cgi on ZTE ZXDSL 831CII devices does not require HTTP Basic Authentication, which allows remote attackers to modify the PPPoE configuration or set up a malicious configuration via a GET request.
by Ibad Shah
CVSS 7.5
Microsoft Office CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
by embedi
CVSS 7.8
Windows - Privilege Escalation
Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to make an unsigned file appear to be signed, due to a security feature bypass, aka "Device Guard Security Feature Bypass Vulnerability".
by Google Security Research
CVSS 5.3
Icon Time Systems RTC-1000 v2.5.7458 - XSS
A stored cross-site scripting vulnerability in the Icon Time Systems RTC-1000 v2.5.7458 and earlier time clock allows remote attackers to inject arbitrary JavaScript in the nameFirst (aka First Name) field for the employee details page (/employee.html) that is then reflected in multiple pages where that field data is utilized, resulting in session hijacking and possible elevation of privileges.
by Keith Thome
CVSS 5.4
Zetacomponents Mail < 1.8.2 - Code Injection
The send function in the ezcMailMtaTransport class in Zeta Components Mail before 1.8.2 does not properly restrict the set of characters used in the ezcMail returnPath property, which might allow remote attackers to execute arbitrary code via a crafted email address, as demonstrated by one containing "-X/path/to/wwwroot/file.php."
by MalwareBenchmark
CVSS 8.1
LanSweeper 6.0.100.75 - XSS
LanSweeper 6.0.100.75 has XSS via the description parameter to /Calendar/CalendarActions.aspx.
by Miguel Mendez Z
CVSS 6.1
CommuniGate Pro <6.2.1 - XSS
The WebMail components (Crystal, pronto, and pronto4) in CommuniGate Pro before 6.2.1 have stored XSS vulnerabilities via (1) the location or details field of a Google Calendar invitation, (2) a crafted Outlook.com calendar (aka Hotmail Calendar) invitation, (3) e-mail granting access to a directory that has JavaScript in its name, (4) JavaScript in a note name, (5) JavaScript in a task name, or (6) HTML e-mail that is mishandled in the Inbox component.
by Boumediene KADDOUR
CVSS 6.1
By Source