Exploitdb Exploits
31,392 exploits tracked across all sources.
Zenbership v107 - Cross-Site Request Forgery via Event Add Function
Zenbership v107 has CSRF via admin/cp-functions/event-add.php.
by Besim
CVSS 8.8
RealNetworks RealPlayer <18.1.5.705 - Memory Corruption
Improper handling of a repeating VRAT chunk in qcpfformat.dll allows attackers to cause a Null pointer dereference and crash in RealNetworks RealPlayer 18.1.5.705 through a crafted .QCP media file.
by Alwin Peppels
CVSS 5.5
Oracle NetBeans 8.1 - Directory Traversal and Arbitrary File Write via ZIP Project Import
Unspecified vulnerability in the NetBeans component in Oracle Fusion Middleware 8.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information is from the October 2016 CPU. Oracle has not commented on third-party claims that this issue is a directory traversal vulnerability which allows local users with certain permissions to write to arbitrary files and consequently gain privileges via a .. (dot dot) in a archive entry in a ZIP file imported as a project.
by hyp3rlinx
CVSS 5.7
Oracle BI Publisher - Info Disclosure
Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality via unknown vectors.
by Jakub Palaczynski
CVSS 7.7
Windows Kernel-Mode Drivers - Privilege Escalation via Crafted Application
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." a different vulnerability than CVE-2016-3266, CVE-2016-7185, and CVE-2016-7211.
by Google Security Research
CVSS 7.8
Microsoft Windows - Unauthorized Registry Information Disclosure via Kernel API
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call to access sensitive information in the registry, aka "Windows Kernel Local Elevation of Privilege Vulnerability."
by Google Security Research
CVSS 5.5
Microsoft Windows Vista - Remote Code Execution via Crafted True Type Font
The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Console allows attackers to execute arbitrary code via a crafted True Type font, aka "True Type Font Parsing Elevation of Privilege Vulnerability."
by Google Security Research
CVSS 9.8
Microsoft Windows and Office - ASLR Bypass via TrueType Font Parsing
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; Live Meeting 2007 Console; .NET Framework 3.0 SP2, 3.5, 3.5.1, 4.5.2, and 4.6; and Silverlight 5 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka "True Type Font Parsing Information Disclosure Vulnerability."
by Google Security Research
CVSS 5.5
SPIP < 3.1.2 - Authenticated Remote Code Execution via Crafted INCLUDE/INCLURE Tag
The SPIP template composer/compiler in SPIP 3.1.2 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading an HTML file with a crafted (1) INCLUDE or (2) INCLURE tag and then accessing it with a valider_xml action.
by Sysdream
CVSS 8.8
SPIP < 3.1.2 - Cross-Site Request Forgery via XML Validator
Cross-site request forgery (CSRF) vulnerability in ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that execute the XML validator on a local file via a crafted valider_xml request. NOTE: this issue can be combined with CVE-2016-7998 to execute arbitrary PHP code.
by Sysdream
CVSS 8.8
SPIP < 3.1.2 - Path Traversal via var_url Parameter
Directory traversal vulnerability in ecrire/exec/valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to enumerate the files on the system via the var_url parameter in a valider_xml action.
by Sysdream
CVSS 7.5
Vembu StoreGrid 4.0 Unquoted Service Path Privilege Escalation
Vembu StoreGrid 4.0 contains an unquoted service path vulnerability in the RemoteBackup and RemoteBackup_webServer services that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted path and restart the service to execute code with LocalSystem privileges.
by Joey Lane
CVSS 7.8
Realtek High Definition Audio Driver 6.0.1.6730 Privilege Escalation
Realtek High Definition Audio Driver 6.0.1.6730 contains an unquoted service path vulnerability that allows local attackers to escalate privileges by placing a malicious executable in the service path. Attackers can insert an executable file in the unquoted path and restart the service to execute code with LocalSystem privileges.
by Joey Lane
CVSS 7.8
IObit Advanced SystemCare 10.0.2 Unquoted Service Path Privilege Escalation
IObit Advanced SystemCare 10.0.2 contains an unquoted service path vulnerability in the AdvancedSystemCareService10 service that allows local attackers to escalate privileges. Attackers can place a malicious executable in the service path and trigger privilege escalation when the service restarts or the system reboots, executing code with LocalSystem privileges.
by Amir.ght
CVSS 7.8
PDF Complete 4.1.12 Corporate Edition - Unquoted Service Path Privilege Escalation
by Joey Lane
Lenovo ThinkVantage Communications Utility 3.0.42.0 - Unquoted Service Path Privilege Escalation
by Joey Lane
Lenovo Slim USB Keyboard 1.09 - Unquoted Service Path Privilege Escalation
by Joey Lane
Lenovo RapidBoot HDD Accelerator 1.00.0802 - Unquoted Service Path Privilege Escalation
by Joey Lane
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed 15.1.0.0096 - Unquoted Service Path Privilege Escalation
by Joey Lane
Intel(R) Management Engine Components 8.0.1.1399 - Unquoted Service Path Privilege Escalation
by Joey Lane
Intel(R) PROSet/Wireless WiFi Software 15.01.1000.0927 - Unquoted Service Path Privilege Escalation
by Joey Lane
ManageEngine ServiceDesk Plus 9.2 Build 9207 - Unauthorized Information Disclosure
by p0z
By Source