Text Exploits

31,330 exploits tracked across all sources.

Sort: Activity Stars
CVE-2016-1769 EXPLOITDB HIGH text VERIFIED
Apple OS X <10.11.4 - Memory Corruption
QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop file.
by Francis Provencher
CVSS 7.8
CVE-2016-1768 EXPLOITDB HIGH text VERIFIED
Apple OS X <10.11.4 - Memory Corruption
QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1767.
by Francis Provencher
CVSS 7.8
CVE-2016-1767 EXPLOITDB HIGH text VERIFIED
QuickTime <10.11.4 - Memory Corruption
QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than CVE-2016-1768.
by Francis Provencher
CVSS 7.8
CVE-2016-2385 EXPLOITDB CRITICAL text
Debian Linux < 4.3.4 - Memory Corruption
Heap-based buffer overflow in the encode_msg function in encode_msg.c in the SEAS module in Kamailio (formerly OpenSER and SER) before 4.3.5 allows remote attackers to cause a denial of service (memory corruption and process crash) or possibly execute arbitrary code via a large SIP packet.
by Stelios Tsampas
CVSS 9.8
CVE-2015-3864 EXPLOITDB text
Android <5.1.1 - RCE
Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android before 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted MPEG-4 data, aka internal bug 23034759. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3824.
by NorthBit
CVE-2016-0998 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player <18.0.0.333 & 19.x-21.x - Use After Free
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000.
by Google Security Research
CVSS 8.8
EIP-2026-104306 EXPLOITDB text
Liferay Portal 5.1.2 - Persistent Cross-Site Scripting
by Sarim Kiani
EIP-2026-102837 EXPLOITDB text VERIFIED
FireEye - Malware Input Processor Privilege Escalation
by Google Security Research
EIP-2026-100022 EXPLOITDB text VERIFIED
Android One - mt_wifi IOCTL_GET_STRUCT Privilege Escalation
by Google Security Research
EIP-2026-113952 EXPLOITDB text VERIFIED
WordPress Plugin Photocart Link 1.6 - Local File Inclusion
by CrashBandicot
EIP-2026-113826 EXPLOITDB text VERIFIED
WordPress Plugin IMDb Profile Widget 1.0.8 - Local File Inclusion
by CrashBandicot
EIP-2026-102080 EXPLOITDB text
Trend Micro Deep Discovery Inspector 3.8/3.7 - Cross-Site Request Forgery
by hyp3rlinx
EIP-2026-118380 EXPLOITDB text VERIFIED
Comodo AntiVirus - Forwards Emulated API Calls to the Real API During Scans
by Google Security Research
EIP-2026-115070 EXPLOITDB text VERIFIED
Comodo AntiVirus - Heap Overflow in LZX Decompression
by Google Security Research
EIP-2026-115069 EXPLOITDB text VERIFIED
Comodo - PackMan Unpacker Insufficient Parameter Validation
by Google Security Research
EIP-2026-115068 EXPLOITDB text VERIFIED
Comodo - LZMA Decoder Heap Overflow via Insufficient Parameter Checks
by Google Security Research
EIP-2026-115067 EXPLOITDB text VERIFIED
Comodo - Integer Overlow Leading to Heap Overflow Parsing Composite Documents
by Google Security Research
EIP-2026-115066 EXPLOITDB text VERIFIED
Comodo - Integer Overflow Leading to Heap Overflow in Win32 Emulation
by Google Security Research
EIP-2026-114962 EXPLOITDB text VERIFIED
Avira - Heap Underflow Parsing PE Section Headers
by Google Security Research
CVE-2016-1001 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player < 20.0.0.306 - Out-of-Bounds Write
Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors.
by Google Security Research
CVSS 8.8
CVE-2016-0998 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player <18.0.0.333 & 19.x-21.x - Use After Free
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0999, and CVE-2016-1000.
by Google Security Research
CVSS 8.8
CVE-2016-0997 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player <18.0.0.333,19.x-21.x - RCE
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0998, CVE-2016-0999, and CVE-2016-1000.
by Google Security Research
CVSS 8.8
CVE-2016-0999 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player <18.0.0.333,19.x-21.x - RCE
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-1000.
by Google Security Research
CVSS 8.8
CVE-2016-1000 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player < 20.0.0.306 - Use After Free
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0987, CVE-2016-0988, CVE-2016-0990, CVE-2016-0991, CVE-2016-0994, CVE-2016-0995, CVE-2016-0996, CVE-2016-0997, CVE-2016-0998, and CVE-2016-0999.
by Google Security Research
CVSS 8.8
CVE-2016-1002 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player < 20.0.0.306 - Memory Corruption
Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, and CVE-2016-1005.
by Google Security Research
CVSS 8.8
By Source
All 31,330 Writeup 59,917 Exploitdb 49,989 Nomisec 21,538 Metasploit 3,218 Github 2,548 Vulncheck_xdb 904 Inthewild 514 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,330 python 5,930 ruby 5,907 c 3,565 perl 2,849 html 2,053 php 1,326 bash 459 java 362 c++ 250 javascript 215 shell 90 go 53 postscript 25 xml 24