Exploitdb Exploits
31,330 exploits tracked across all sources.
Adobe Flash Player < 24.0.0.186 - Out-of-Bounds Write
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability due to a concurrency error when manipulating a display list. Successful exploitation could lead to arbitrary code execution.
by COSIG
CVSS 8.8
Adobe Flash Player < 24.0.0.186 - Out-of-Bounds Write
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability due to a concurrency error when manipulating a display list. Successful exploitation could lead to arbitrary code execution.
by COSIG
CVSS 8.8
WordPress Plugin WP Support Plus Responsive Ticket System 7.1.3 - Privilege Escalation
by Kacper Szurek
Huawei Flybox B660 - Cross-Site Request Forgery (1)
by Vulnerability-Lab
D-Link DIR-615 - Multiple Vulnerabilities
by Osanda Malith Jayathissa
Friends in War Make or Break 1.7 - 'imgid' SQL Injection
by v3n0m
Redhat Ansible < 2.1.4 - Improper Input Validation
Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.
by Computest
CVSS 8.1
Advanced Desktop Locker 6.0.0 - Lock Screen Bypass
by Squnity
ManagEnegine ADManager Plus 6.5.40 - Multiple Vulnerabilities
by Mehmet Ince
Splunk - XSS
Cross-site scripting (XSS) vulnerability in Splunk 6.1.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer Header in a "404 Not Found" response. NOTE: this vulnerability might exist because of a CVE-2010-2429 regression.
by justpentest
Google Android max86902 Driver - 'sysfs' Interfaces Race Condition
by Google Security Research
Microsoft Edge < 1.2.2 - Type Confusion
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.
by Brian Pak
CVSS 8.8
Microsoft Edge < 1.2.2 - Out-of-Bounds Write
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.
by Brian Pak
CVSS 8.8
Atlassian Confluence <5.10.6 - XSS
Cross-site scripting (XSS) vulnerability in Atlassian Confluence before 5.10.6 allows remote attackers to inject arbitrary web script or HTML via the newFileName parameter to pages/doeditattachment.action.
by Jodson Santos
CVSS 6.1
WordPress Plugin Slider Templatic Tevolution < 2.3.6 - Arbitrary File Upload
by r3m1ck
By Source