Exploitdb Exploits

31,392 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-118449 EXPLOITDB text
DWebPro 8.4.2 - Multiple Vulnerabilities
by Tulpa
CVE-2016-1240 EXPLOITDB HIGH text VERIFIED
Apache Tomcat on Ubuntu Log Init Privilege Escalation
The Tomcat init script in the tomcat7 package before 7.0.56-3+deb8u4 and tomcat8 package before 8.0.14-1+deb8u3 on Debian jessie and the tomcat6 and libtomcat6-java packages before 6.0.35-1ubuntu3.8 on Ubuntu 12.04 LTS, the tomcat7 and libtomcat7-java packages before 7.0.52-1ubuntu0.7 on Ubuntu 14.04 LTS, and tomcat8 and libtomcat8-java packages before 8.0.32-1ubuntu1.2 on Ubuntu 16.04 LTS allows local users with access to the tomcat account to gain root privileges via a symlink attack on the Catalina log file, as demonstrated by /var/log/tomcat7/catalina.out.
by Dawid Golunski
CVSS 7.8
EIP-2026-100029 EXPLOITDB text VERIFIED
Google Android - Insufficient Binder Message Verification Pointer Leak
by Google Security Research
EIP-2026-117681 EXPLOITDB text
Netgear Genie 2.4.32 - Unquoted Service Path Privilege Escalation
by Tulpa
EIP-2026-117240 EXPLOITDB text VERIFIED
Glassfish Server - Unquoted Service Path Privilege Escalation
by s0nk3y
CVE-2016-5312 EXPLOITDB MEDIUM text
Symantec Messaging Gateway < 10.6.2 - Authenticated Path Traversal via ChartStream sn Parameter
Directory traversal vulnerability in the charting component in Symantec Messaging Gateway before 10.6.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the sn parameter to brightmail/servlet/com.ve.kavachart.servlet.ChartStream.
by R-73eN
CVSS 6.5
EIP-2026-102055 EXPLOITDB text
TP-Link Archer CR-700 - Cross-Site Scripting
by Ayushman Dutta
EIP-2026-101385 EXPLOITDB text
NetMan 204 - Backdoor Account
by Saeed reza Zamanian
CVE-2016-20092 EXPLOITDB HIGH text
NetDrive 2.6.12 Unquoted Service Path Elevation of Privilege
NetDrive 2.6.12 contains an unquoted service path vulnerability in the Netdrive2_Service_Netdrive2 service that allows local users to execute arbitrary code with SYSTEM privileges. Attackers can insert malicious executables in the system root path that will be executed during service startup or system reboot, resulting in privilege escalation.
by Tulpa
CVSS 7.8
CVE-2016-20089 EXPLOITDB HIGH text
Iperius Remote 1.7.0 Unquoted Service Path Elevation of Privilege
Iperius Remote 1.7.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation path. When installed from directories containing spaces, attackers can place malicious executables in the path to be executed with elevated privileges during service startup or system reboot.
by Tulpa
CVSS 7.8
EIP-2026-117649 EXPLOITDB text
MSI - 'NTIOLib.sys' / 'WinIO.sys' Local Privilege Escalation
by ReWolf
EIP-2026-117429 EXPLOITDB text
Macro Expert 4.0 - Multiple Privilege Escalations
by Tulpa
EIP-2026-117122 EXPLOITDB text
Elantech-Smart Pad 11.9.0.0 - Unquoted Service Path Privilege Escalation
by zaeek
EIP-2026-108640 EXPLOITDB text
Joomla! Component Event Booking 2.10.1 - SQL Injection
by Persian Hack Team
CVE-2016-20093 EXPLOITDB HIGH text
Wise Care 365 4.27 and Wise Disk Cleaner 9.29 Unquoted Service Path Privilege Escalation
Wise Care 365 4.27 and Wise Disk Cleaner 9.29 contain unquoted service path vulnerabilities in the WiseBootAssistant and SpyHunter 4 Service respectively, allowing local users to execute arbitrary code with SYSTEM privileges. Attackers can insert malicious executables in the system root path that execute during service startup or system reboot with elevated privileges.
by Tulpa
CVSS 7.8
EIP-2026-118210 EXPLOITDB text
Zortam Mp3 Media Studio 21.15 - Insecure File Permissions Privilege Escalation
by Tulpa
EIP-2026-103393 EXPLOITDB text VERIFIED
Adobe Flash - Video Decompression Memory Corruption
by Google Security Research
CVE-2016-4275 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player <18.0.0.375,19.x-23.x - Memory Corruption
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
by Google Security Research
CVSS 8.8
CVE-2016-20094 EXPLOITDB HIGH text
AnyDesk 2.5.0 Unquoted Service Path Elevation of Privilege
AnyDesk 2.5.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation. Attackers can insert malicious executables in the system root path that execute with elevated privileges during application startup or system reboot.
by Tulpa
CVSS 7.8
CVE-2016-3237 EXPLOITDB HIGH text VERIFIED
Microsoft Windows Kerberos - Authentication Bypass via NTLM Fallback
Kerberos in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows man-in-the-middle attackers to bypass authentication via vectors related to a fallback to NTLM authentication during a domain account password change, aka "Kerberos Security Feature Bypass Vulnerability."
by Nabeel Ahmed
CVSS 7.5
CVE-2016-5725 EXPLOITDB MEDIUM text VERIFIED
JCraft JSch <0.1.54 - Path Traversal
Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ (dot dot backslash) in a response to a recursive GET command.
by tintinweb
CVSS 5.9
EIP-2026-109341 EXPLOITDB text VERIFIED
Matrimonial Website Script 1.0.2 - SQL Injection
by N4TuraL
EIP-2026-108993 EXPLOITDB text
Kerio Control Unified Threat Management 9.1.0 build 1087/9.1.1 build 1324 - Multiple Vulnerabilities
by SEC Consult
EIP-2026-108578 EXPLOITDB text
Joomla! Component com_videogallerylite 1.0.9 - SQL Injection
by Larry W. Cashdollar
CVE-2016-7400 EXPLOITDB CRITICAL text
Exponent CMS < 2.3.9 - SQL Injection via id, title, or content_id Parameter
Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an activate_address address controller action, (2) title parameter in a show blog controller action, or (3) content_id parameter in a showComments expComment controller action.
by Manuel García Cárdenas
CVSS 9.8