Text Exploits
31,330 exploits tracked across all sources.
Dream Gallery 2.0 - Admin Panel Authentication Bypass
by Ali BawazeEer
Foxit PDF Reader 1.0.1.0925 - kdu_core::kdu_codestream::get_subsampling Memory Corruption
by Google Security Research
Foxit PDF Reader 1.0.1.0925 - CPDF_StreamContentParser::~CPDF_StreamContentParser Heap Memory Corruption
by Google Security Research
Foxit PDF Reader 1.0.1.0925 - CPDF_DIBSource::TranslateScanline24bpp Out-of-Bounds Read
by Google Security Research
Foxit PDF Reader 1.0.1.0925 - CFX_WideString::operator= Invalid Read
by Google Security Research
Foxit PDF Reader 1.0.1.0925 - CFX_BaseSegmentedArray::IterateIndex Memory Corruption
by Google Security Research
Riot Games League of Legends - Insecure File Permissions Privilege Escalation
by Cyril Vallicari
Matrix42 Remote Control Host 3.20.0031 - Unquoted Path Privilege Escalation
by Roland C. Redl
Google Android - Access Control
Off-by-one error in sdcard/sdcard.c in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 28085658.
by Google Security Research
CVSS 7.8
Cisco EPC3928 - DoS
goform/Docsis_system on Cisco EPC3928 devices allows remote attackers to cause a denial of service (device crash) via a long LanguageSelect parameter, related to a "Gateway HTTP Corruption Denial of Service" issue, aka Bug ID CSCuy28100.
by Patryk Bogdan
CVSS 7.5
Cisco EPC3928 - DoS
goform/WClientMACList on Cisco EPC3928 devices allows remote attackers to cause a denial of service (device crash) via a long h_sortWireless parameter, related to a "Gateway Client List Denial of Service" issue, aka Bug ID CSCux24948.
by Patryk Bogdan
CVSS 7.5
Cisco Epc3928 Docsis 3.0 8x4 Wireless... - XSS
Cross-site scripting (XSS) vulnerability in the management interface on Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCux24935.
by Patryk Bogdan
Cisco Epc3928 Docsis 3.0 8x4 Wireless... - Authentication Bypass
Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote attackers to bypass an intended authentication requirement and execute unspecified administrative functions via a crafted HTTP request, aka Bug ID CSCux24941.
by Patryk Bogdan
League of Legends Screensaver - Unquoted Service Path Privilege Escalation
by Vincent Yiu
League of Legends Screensaver - Insecure File Permissions Privilege Escalation
by Vincent Yiu
Cisco EPC3928 - Info Disclosure
Cisco EPC3928 devices allow remote attackers to obtain sensitive configuration and credential information by making requests during the early part of the boot process, related to a "Boot Information Disclosure" issue, aka Bug ID CSCux17178.
by Patryk Bogdan
CVSS 8.1
Valvesoftware Steamos < 3.42.16.13 - Access Control
Valve Steam 3.42.16.13 uses weak permissions for the files in the Steam program directory, which allows local users to modify the files and possibly gain privileges as demonstrated by a Trojan horse Steam.exe file.
by Gregory Smiley
CVSS 4.8
WordPress Plugin WP Mobile Detector 3.5 - Arbitrary File Upload
by Aaditya Purani
WordPress Plugin Simple Backup 2.7.11 - Multiple Vulnerabilities
by PizzaHatHacker
WordPress Plugin Double Opt-In for Download 2.0.9 - SQL Injection
by Kacper Szurek
Nagios XI 5.2.7 - Multiple Vulnerabilities
by Security-Assessment.com
By Source