Exploitdb Exploits
31,394 exploits tracked across all sources.
Adobe Flash Player <=21.0.0.213 Object Placing - Out-of-Bounds Read
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
by Google Security Research
CVSS 7.5
Adobe Flash Player <=21.0.0.213 JXR Processing - Out-of-Bounds Read
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
by Google Security Research
CVSS 7.5
Adobe Flash Player <21.0.0.213 - Unspecified Vuln
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
by Google Security Research
CVSS 7.5
Adobe Flash Player <=21.0.0.213 addProperty - Use-After-Free
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
by Google Security Research
CVSS 7.5
Adobe Flash Player <=21.0.0.213 in IE/Edge - Impact Unknown
Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064.
by Google Security Research
CVSS 7.5
SAP NetWeaver xMII 15.0 - Directory Traversal via GetFileList Path Parameter
Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the Path parameter to /Catalog, aka SAP Security Note 2230978.
by ERPScan
CVSS 7.5
web2py < 2.14.5 - Reflected Cross-Site Scripting
Web2py versions 2.14.5 and below was affected by Reflected XSS vulnerability, which allows an attacker to perform an XSS attack on logged in user (admin).
by Narendra Bhati
CVSS 4.8
web2py < 2.14.5 - Local File Inclusion
Web2py versions 2.14.5 and below was affected by Local File Inclusion vulnerability, which allows a malicious intended user to read/access web server sensitive files.
by Narendra Bhati
CVSS 7.5
Multiples Nexon Games - Unquoted Path Privilege Escalation
by Cyril Vallicari
Hex : Shard of Fate 1.0.1.026 - Unquoted Path Privilege Escalation
by Cyril Vallicari
web2py < 2.14.5 - Cross-Site Request Forgery
Web2py versions 2.14.5 and below was affected by CSRF (Cross Site Request Forgery) vulnerability, which allows an attacker to trick a logged in user to perform some unwanted actions i.e An attacker can trick an victim to disable the installed application just by sending a URL to victim.
by Narendra Bhati
CVSS 8.8
CakePHP < 3.2.4 - IP Spoofing via CLIENT-IP HTTP Header
The clientIp function in CakePHP 3.2.4 and earlier allows remote attackers to spoof their IP via the CLIENT-IP HTTP header.
by Dawid Golunski
CVSS 7.5
Wireshark - 'AirPDcapDecryptWPABroadcastKey' Heap Out-of-Bounds Read (2)
by Google Security Research
Trend Micro - 'CoreServiceShell.exe' Multiple HTTP s
by Google Security Research
Microsoft Windows Media Center - Remote Code Execution via Crafted MCL File
Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted Media Center link (aka .mcl) file, aka "Windows Media Center Remote Code Execution Vulnerability."
by Eduardo Braun Prado
CVSS 7.8
WordPress Plugin Q and A (Focus Plus) FAQ 1.3.9.7 - Multiple Vulnerabilities
by Gwendal Le Coguic
WordPress Plugin Huge-IT Image Gallery 1.8.9 - Multiple Vulnerabilities
by Gwendal Le Coguic
FileZilla Client 3.17.0.0 - Unquoted Search Path
A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The manipulation leads to unquoted search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
by Cyril Vallicari
CVSS 6.3
Intuit QuickBooks Desktop 2007 < 2016 - Arbitrary Code Execution
by Maxim Tomashevich
Adobe Acrobat and Reader < 11.0.16 - Remote Code Execution via Memory Corruption
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1082, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105.
by Pier-Luc Maltais
CVSS 9.8
Nfdump Nfcapd 1.6.14 - Multiple Vulnerabilities
by Security-Assessment.com
JVC HDRs / Net (Multiple Cameras) - Multiple Vulnerabilities
by Orwelllabs
Microsoft Windows - Local Privilege Escalation via WebDAV Client
The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "WebDAV Elevation of Privilege Vulnerability."
by hex0r
CVSS 7.8
By Source