Text Exploits
31,330 exploits tracked across all sources.
ImageMagick <6.9.3-10 & <7.0.1-1 - RCE
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "ImageTragick."
by Nikolay Ermishkin
CVSS 8.4
NetCommWireless HSPA 3G10WVE - Auth Bypass
ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote attackers to bypass intended access restrictions via a direct request. NOTE: this issue can be combined with CVE-2015-6024 to execute arbitrary commands.
by Bhadresh Patel
CVSS 7.3
Mcafee Livesafe - Improper Input Validation
Integer signedness error in the AV engine before DAT 8145, as used in McAfee LiveSafe 14.0, allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted packed executable.
by Google Security Research
CVSS 7.5
WordPress Plugin Acunetix WP Security Plugin 3.0.3 - Cross-Site Scripting
by Johto Robbie
Cmsmadesimple Cms Made Simple - XSS
CMS Made Simple 2.x before 2.1.3 and 1.x before 1.12.2, when Smarty Cache is activated, allow remote attackers to conduct cache poisoning attacks, modify links, and conduct cross-site scripting (XSS) attacks via a crafted HTTP Host header in a request.
by Mickaël Walter
CVSS 4.7
Alibaba Clone B2B Script - Admin Authentication Bypass
by Meisam Monsef
Redhat Enterprise Linux Desktop < 1.0.1s - Information Disclosure
The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC session. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-0169.
by Juraj Somorovsky
CVSS 5.9
ImageMagick <6.9.3-10, <7.0.1-1 - SSRF
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
by Nikolay Ermishkin
CVSS 5.5
Zabbix <2.0.18, <2.2.13, <3.0.3 - Code Injection
The mysql user parameter configuration script (userparameter_mysql.conf) in the agent in Zabbix before 2.0.18, 2.2.x before 2.2.13, and 3.0.x before 3.0.3, when used with a shell other than bash, allows context-dependent attackers to execute arbitrary code or SQL commands via the mysql.size parameter.
by Timo Lindfors
CVSS 8.1
Linux BPF doubleput UAF Privilege Escalation
The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly maintain an fd data structure, which allows local users to gain privileges or cause a denial of service (use-after-free) via crafted BPF instructions that reference an incorrect file descriptor.
by Google Security Research
CVSS 7.8
Linux Kernel (Ubuntu 14.04.3) - 'perf_event_open()' Can Race with execve() (Access /etc/shadow)
by Google Security Research
Linux Kernel < 4.4.11 - Denial of Service
The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted application on (1) a system with more than 32 Gb of memory, related to the program reference count or (2) a 1 Tb system, related to the map reference count.
by Google Security Research
CVSS 7.0
NetCommWireless HSPA 3G10WVE - Command Injection
ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the DIA_IPADDRESS parameter.
by Bhadresh Patel
CVSS 9.8
WordPress Plugin Ghost 0.5.5 - Unrestricted Export Download
by Josh Brody
Google Android - Access Control
The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24446875.
by laginimaineb
CVSS 7.8
Observium 0.16.7533 - (Authenticated) Arbitrary Command Execution
by Dolev Farhi
Wireshark - ett_zbee_zcl_pwr_prof_enphases Static Out-of-Bounds Read
by Google Security Research
Wireshark - dissect_2008_16_security_4 Stack Buffer Overflow
by Google Security Research
Wireshark - alloc_address_wmem Assertion Failure
by Google Security Research
Microsoft .net Framework - Memory Corruption
The font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold and 1511; Office 2007 SP3 and 2010 SP2; Word Viewer; .NET Framework 3.0 SP2, 3.5, and 3.5.1; Skype for Business 2016; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; and Live Meeting 2007 Console allows remote attackers to execute arbitrary code via a crafted embedded font, aka "Graphics Memory Corruption Vulnerability."
by Google Security Research
CVSS 8.8
Php < 7.0.6 - Integer Overflow
Multiple integer overflows in php_zip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted call to (1) getFromIndex or (2) getFromName in the ZipArchive class.
by Hans Jerry Illikainen
CVSS 9.8
Apple iOS <9.3 & OS X <10.11.4 - RCE
Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app.
by fG!
CVSS 7.0
By Source