Exploitdb Exploits
31,329 exploits tracked across all sources.
Joomla! Component StreetGuessr Game 1.1.8 - SQL Injection
by Ihsan Sencan
Joomla! Component Ultimate Property Listing 1.0.2 - SQL Injection
by Ihsan Sencan
Joomla! Component LMS King Professional 3.2.4.0 - SQL Injection
by Ihsan Sencan
Joomla! Component Event Registration Pro Calendar 4.1.3 - SQL Injection
by Ihsan Sencan
Apple <10.3.3, <10.12.6, <10.2.2, <3.2.3 - RCE/DoS
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libxpc" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
by Google Security Research
CVSS 8.8
mpg321 <0.3.2-1 - Memory Corruption
mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote attackers to cause a denial of service (memory corruption seen in a crash in the mad_decoder_run function in decoder.c in libmad) via a crafted MP3 file.
by qflb.wu
CVSS 6.5
SOL.Connect ISET-mpp meter <1.2.4.2 - SQL Injection
SQL injection vulnerability in SOL.Connect ISET-mpp meter 1.2.4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a login action.
by Andy Tan
CVSS 9.8
Sound Exchange - Out-of-Bounds Read
The read_samples function in hcom.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted hcom file.
by qflb.wu
CVSS 5.5
Xiph.org Libvorbis - NULL Pointer Dereference
The vorbis_analysis_wrote function in lib/block.c in Xiph.Org libvorbis 1.3.5 allows remote attackers to cause a denial of service (OOM) via a crafted wav file.
by qflb.wu
CVSS 5.5
Sound Exchange - Divide By Zero
The startread function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted wav file.
by qflb.wu
CVSS 5.5
Libmp3splt - Improper Input Validation
plugins/ogg.c in Libmp3splt 0.9.2 calls the libvorbis vorbis_block_clear function with uninitialized data upon detection of invalid input, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
by qflb.wu
CVSS 5.0
Xiph Vorbis-tools - Memory Corruption
The wav_open function in oggenc/audio.c in Xiph.Org vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (memory allocation error) via a crafted wav file.
by qflb.wu
CVSS 5.5
Sound Exchange - Divide By Zero
The wavwritehdr function in wav.c in Sound eXchange (SoX) 14.4.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted snd file, during conversion to a wav file.
by qflb.wu
CVSS 5.5
Xiph.Org libao 1.2.0 - Memory Corruption
The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service (memory corruption) via a crafted MP3 file.
by qflb.wu
CVSS 5.5
Divfix++ - Out-of-Bounds Write
The DivFixppCore::avi_header_fix function in DivFix++Core.cpp in DivFix++ v0.34 allows remote attackers to cause a denial of service (invalid memory write and application crash) via a crafted avi file.
by qflb.wu
CVSS 5.5
SoundTouch 1.9.2 - DoS
The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (memory allocation error and application crash) via a crafted wav file.
by qflb.wu
CVSS 5.5
By Source