Text Exploits

31,329 exploits tracked across all sources.

Sort: Activity Stars
CVE-2017-6880 EXPLOITDB CRITICAL text
Cerberus FTP Server <8.0.10.3 - Buffer Overflow
Buffer overflow in Cerberus FTP Server 8.0.10.3 allows remote attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long MLST command.
by Nassim Asrir
CVSS 9.8
EIP-2026-119646 EXPLOITDB text
PCAUSA Rawether (ASUS PCE-AC56 WLAN Card Utilities Windows 10 x64) - Local Privilege Escalation
by ReWolf
CVE-2016-7274 EXPLOITDB HIGH text
Microsoft Windows 10 - Remote Code Execution
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Uniscribe Remote Code Execution Vulnerability."
by Hossein Lotfi
CVSS 8.8
EIP-2026-108892 EXPLOITDB text
Joomla! Component Vik Rent Items 1.3 - SQL Injection
by Ihsan Sencan
EIP-2026-108891 EXPLOITDB text
Joomla! Component Vik Rent Car 1.11 - SQL Injection
by Ihsan Sencan
EIP-2026-108889 EXPLOITDB text
Joomla! Component Vik Appointments 1.5 - SQL Injection
by Ihsan Sencan
CVE-2017-2932 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player < 24.0.0.186 - Use After Free
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript MovieClip class. Successful exploitation could lead to arbitrary code execution.
by Google Security Research
CVSS 8.8
CVE-2017-2931 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player < 24.0.0.186 - Out-of-Bounds Write
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to the parsing of SWF metadata. Successful exploitation could lead to arbitrary code execution.
by Google Security Research
CVSS 8.8
CVE-2017-2935 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player < 24.0.0.186 - Out-of-Bounds Write
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing the Flash Video container file format. Successful exploitation could lead to arbitrary code execution.
by Google Security Research
CVSS 8.8
CVE-2017-2933 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player < 24.0.0.186 - Out-of-Bounds Write
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability related to texture compression. Successful exploitation could lead to arbitrary code execution.
by Google Security Research
CVSS 8.8
CVE-2017-2934 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player < 24.0.0.186 - Out-of-Bounds Write
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when parsing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution.
by Google Security Research
CVSS 8.8
CVE-2016-8855 EXPLOITDB MEDIUM text
Sitecore Experience Platform 8.1 - XSS
Cross-Site Scripting (XSS) in "/sitecore/client/Applications/List Manager/Taskpages/Contact list" in Sitecore Experience Platform 8.1 rev. 160519 (8.1 Update-3) allows remote attacks via the Name or Description parameter. This is fixed in 8.2 Update-2.
by Pralhad Chaskar
CVSS 6.1
CVE-2017-6193 EXPLOITDB MEDIUM text
Apng Disassembler < 2.8 - Memory Corruption
Buffer overflow in APNGDis 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted image containing a malformed image size descriptor in the IHDR chunk.
by Alwin Peppels
CVSS 5.5
CVE-2017-6192 EXPLOITDB MEDIUM text
Apng Disassembler < 2.8 - Memory Corruption
Buffer overflow in APNGDis 2.8 and earlier allows a remote attackers to cause denial of service and possibly execute arbitrary code via a crafted image containing a malformed chunk size descriptor.
by Alwin Peppels
CVSS 5.5
EIP-2026-108855 EXPLOITDB text
Joomla! Component Simple Membership 3.3.3 - 'userId' SQL Injection
by Ihsan Sencan
EIP-2026-108194 EXPLOITDB text
Joomla! Component Advertisement Board 3.0.4 - 'id' SQL Injection
by Ihsan Sencan
CVE-2017-6193 EXPLOITDB MEDIUM text
Apng Disassembler < 2.8 - Memory Corruption
Buffer overflow in APNGDis 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted image containing a malformed image size descriptor in the IHDR chunk.
by Alwin Peppels
CVSS 5.5
CVE-2017-6191 EXPLOITDB HIGH text
Apng Disassembler < 2.8 - Memory Corruption
Buffer overflow in APNGDis 2.8 and below allows a remote attacker to execute arbitrary code via a crafted filename.
by Alwin Peppels
CVSS 7.8
CVE-2017-6192 EXPLOITDB MEDIUM text
Apng Disassembler < 2.8 - Memory Corruption
Buffer overflow in APNGDis 2.8 and earlier allows a remote attackers to cause denial of service and possibly execute arbitrary code via a crafted image containing a malformed chunk size descriptor.
by Alwin Peppels
CVSS 5.5
EIP-2026-112429 EXPLOITDB text
Steam Profile Integration 2.0.11 - SQL injection
by DrWhat
EIP-2026-105721 EXPLOITDB text
Car Workshop System - SQL Injection
by Ihsan Sencan
EIP-2026-102943 EXPLOITDB text VERIFIED
Oracle VM VirtualBox - Cooperating VMs can Escape from Shared Folder
by Google Security Research
CVE-2017-6805 EXPLOITDB MEDIUM text VERIFIED
MobaXterm Personal Edition 9.4 - Path Traversal
Directory traversal vulnerability in the TFTP server in MobaXterm Personal Edition 9.4 allows remote attackers to read arbitrary files via a .. (dot dot) in a GET command.
by hyp3rlinx
CVSS 5.3
EIP-2026-114520 EXPLOITDB text
Yellow Pages Script 3.2 - 'category_id' SQL Injection
by Ihsan Sencan
EIP-2026-114499 EXPLOITDB text
Yacht Listing Script 2.0 - SQL Injection
by Ihsan Sencan
By Source
All 31,329 Writeup 59,016 Exploitdb 49,983 Nomisec 21,452 Metasploit 3,217 Github 2,523 Vulncheck_xdb 901 Inthewild 514 Gitlab 440 Gitee 415 Patchapalooza 312
By Language
text 31,329 python 5,912 ruby 5,906 c 3,561 perl 2,849 html 2,053 php 1,326 bash 459 java 362 c++ 250 javascript 215 shell 88 go 53 postscript 25 xml 24