Exploitdb Exploits
31,392 exploits tracked across all sources.
Apache Tomcat on Ubuntu Log Init Privilege Escalation
The Tomcat init script in the tomcat7 package before 7.0.56-3+deb8u4 and tomcat8 package before 8.0.14-1+deb8u3 on Debian jessie and the tomcat6 and libtomcat6-java packages before 6.0.35-1ubuntu3.8 on Ubuntu 12.04 LTS, the tomcat7 and libtomcat7-java packages before 7.0.52-1ubuntu0.7 on Ubuntu 14.04 LTS, and tomcat8 and libtomcat8-java packages before 8.0.32-1ubuntu1.2 on Ubuntu 16.04 LTS allows local users with access to the tomcat account to gain root privileges via a symlink attack on the Catalina log file, as demonstrated by /var/log/tomcat7/catalina.out.
by Dawid Golunski
CVSS 7.8
Google Android - Insufficient Binder Message Verification Pointer Leak
by Google Security Research
Netgear Genie 2.4.32 - Unquoted Service Path Privilege Escalation
by Tulpa
Glassfish Server - Unquoted Service Path Privilege Escalation
by s0nk3y
Symantec Messaging Gateway < 10.6.2 - Authenticated Path Traversal via ChartStream sn Parameter
Directory traversal vulnerability in the charting component in Symantec Messaging Gateway before 10.6.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the sn parameter to brightmail/servlet/com.ve.kavachart.servlet.ChartStream.
by R-73eN
CVSS 6.5
NetDrive 2.6.12 Unquoted Service Path Elevation of Privilege
NetDrive 2.6.12 contains an unquoted service path vulnerability in the Netdrive2_Service_Netdrive2 service that allows local users to execute arbitrary code with SYSTEM privileges. Attackers can insert malicious executables in the system root path that will be executed during service startup or system reboot, resulting in privilege escalation.
by Tulpa
CVSS 7.8
Iperius Remote 1.7.0 Unquoted Service Path Elevation of Privilege
Iperius Remote 1.7.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation path. When installed from directories containing spaces, attackers can place malicious executables in the path to be executed with elevated privileges during service startup or system reboot.
by Tulpa
CVSS 7.8
MSI - 'NTIOLib.sys' / 'WinIO.sys' Local Privilege Escalation
by ReWolf
Elantech-Smart Pad 11.9.0.0 - Unquoted Service Path Privilege Escalation
by zaeek
Joomla! Component Event Booking 2.10.1 - SQL Injection
by Persian Hack Team
Wise Care 365 4.27 and Wise Disk Cleaner 9.29 Unquoted Service Path Privilege Escalation
Wise Care 365 4.27 and Wise Disk Cleaner 9.29 contain unquoted service path vulnerabilities in the WiseBootAssistant and SpyHunter 4 Service respectively, allowing local users to execute arbitrary code with SYSTEM privileges. Attackers can insert malicious executables in the system root path that execute during service startup or system reboot with elevated privileges.
by Tulpa
CVSS 7.8
Zortam Mp3 Media Studio 21.15 - Insecure File Permissions Privilege Escalation
by Tulpa
Adobe Flash - Video Decompression Memory Corruption
by Google Security Research
Adobe Flash Player <18.0.0.375,19.x-23.x - Memory Corruption
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4274, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924.
by Google Security Research
CVSS 8.8
AnyDesk 2.5.0 Unquoted Service Path Elevation of Privilege
AnyDesk 2.5.0 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with SYSTEM privileges by exploiting the service installation. Attackers can insert malicious executables in the system root path that execute with elevated privileges during application startup or system reboot.
by Tulpa
CVSS 7.8
Microsoft Windows Kerberos - Authentication Bypass via NTLM Fallback
Kerberos in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows man-in-the-middle attackers to bypass authentication via vectors related to a fallback to NTLM authentication during a domain account password change, aka "Kerberos Security Feature Bypass Vulnerability."
by Nabeel Ahmed
CVSS 7.5
JCraft JSch <0.1.54 - Path Traversal
Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ (dot dot backslash) in a response to a recursive GET command.
by tintinweb
CVSS 5.9
Kerio Control Unified Threat Management 9.1.0 build 1087/9.1.1 build 1324 - Multiple Vulnerabilities
by SEC Consult
Joomla! Component com_videogallerylite 1.0.9 - SQL Injection
by Larry W. Cashdollar
Exponent CMS < 2.3.9 - SQL Injection via id, title, or content_id Parameter
Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an activate_address address controller action, (2) title parameter in a show blog controller action, or (3) content_id parameter in a showComments expComment controller action.
by Manuel García Cárdenas
CVSS 9.8
By Source