Exploitdb Exploits
31,330 exploits tracked across all sources.
Electroweb Online Examination System 1.0 - SQL Injection
by Ali Ghanbari
Apache Continuum 1.4.2 - Multiple Vulnerabilities
by David Shanahan
GNU Bash <4.3 - RCE
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.
by lastc0de
CVSS 8.8
Notilus Travel Solution Software 2012 R3 - SQL Injection
by Alex Haynes
Relay Ajax Directory Manager relayb01-071706/1.5.1/1.5.3 - Arbitrary File Upload
by RedTeam Pentesting GmbH
Joomla! Component SecurityCheck 2.8.9 - Multiple Vulnerabilities
by ADEO Security
Websockify (C Implementation) 0.8.0 - Buffer Overflow (PoC)
by RedTeam Pentesting GmbH
Liferay <7.0.0 - XSS
Cross-site scripting (XSS) vulnerability in users.jsp in the Profile Search functionality in Liferay before 7.0.0 CE RC1 allows remote attackers to inject arbitrary web script or HTML via the FirstName field.
by Fernando Câmara
CVSS 6.1
Wireshark - erf_meta_read_tag SIGSEGV
by Google Security Research
AirOS NanoStation M2 5.6-beta - Multiple Vulnerabilities
by Pablo Rebolini
Open Source Real Estate Script 3.6.0 - SQL Injection
by Meisam Monsef
Debian Linux < 2.2.3 - Memory Corruption
Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file.
by Patrick Coleman
CVSS 9.8
Micro Focus Rumba <9.4 HF 13960 - Buffer Overflow
Multiple stack-based buffer overflows in COM objects in Micro Focus Rumba 9.4.x before 9.4 HF 13960 allow remote attackers to execute arbitrary code via (1) the NetworkName property value to ObjectXSNAConfig.ObjectXSNAConfig in iconfig.dll, (2) the CPName property value to ObjectXSNAConfig.ObjectXSNAConfig in iconfig.dll, (3) the PrinterName property value to ProfileEditor.PrintPasteControl in ProfEdit.dll, (4) the Data argument to the WriteRecords function in FTXBIFFLib.AS400FtxBIFF in FtxBIFF.dll, (5) the Serialized property value to NMSECCOMPARAMSLib.SSL3 in NMSecComParams.dll, (6) the UserName property value to NMSECCOMPARAMSLib.FirewallProxy in NMSecComParams.dll, (7) the LUName property value to ProfileEditor.MFSNAControl in ProfEdit.dll, (8) the newVal argument to the Load function in FTPSFTPLib.SFtpSession in FTPSFtp.dll, or (9) a long Host field in the FTP Client.
by LiquidWorm
CVSS 9.8
Real Estate Portal 4.1 - Multiple Vulnerabilities
by Bikramaditya Guha
Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap Overread
by Google Security Research
Graphite2 - TtfUtil::CheckCmapSubtable12 Heap Overread
by Google Security Research
Graphite2 - NameTable::getName Multiple Heap Out-of-Bounds Reads
by Google Security Research
Graphite2 - GlyphCache::Loader Heap Overreads
by Google Security Research
Graphite2 - GlyphCache::GlyphCache Heap Buffer Overflow
by Google Security Research
PowerFolder Server 10.4.321 - Remote Code Execution
by Hans-Martin Muench
AfterLogic WebMail Pro ASP.NET 6.2.6 - Administrator Account Disclosure via XML External Entity Injection
by Mehmet Ince
By Source