Text Exploits
31,386 exploits tracked across all sources.
PHP < 7.0.6 - Integer Overflow in ZipArchive getFromIndex and getFromName
Multiple integer overflows in php_zip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted call to (1) getFromIndex or (2) getFromName in the ZipArchive class.
by Hans Jerry Illikainen
CVSS 9.8
Apple iOS <9.3 & OS X <10.11.4 - RCE
Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app.
by fG!
CVSS 7.0
libgd 2.1.1 - Denial of Service and Potential Remote Code Execution via Crafted Compressed GD2 Data
Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow.
by Hans Jerry Illikainen
CVSS 9.8
CompuSource Systems Real Time Home Banking - Local Privilege Escalation
by Information Paradox
NationBuilder - Multiple Persistent Cross-Site Scripting Vulnerabilities
by LiquidWorm
Totemomail 4.x/5.x - Persistent Cross-Site Scripting
by Vulnerability-Lab
C/C++ Offline Compiler and C For OS - Persistent Cross-Site Scripting
by Vulnerability-Lab
Microsoft Windows - Local Privilege Escalation via Kernel-Mode Driver
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0165 and CVE-2016-0167.
by Nils Sommer
CVSS 7.8
modified eCommerce Shopsoftware 2.0.0.0 - SQL Injection
Multiple SQL injection vulnerabilities in modified eCommerce Shopsoftware 2.0.0.0 revision 9678, when the easybill-module is not installed, allow remote attackers to execute arbitrary SQL commands via the (1) orders_status or (2) customers_status parameter to api/easybill/easybillcsv.php.
by Felix Maduakor
CVSS 9.8
pfSense < 2.2.6 - Authenticated OS Command Injection via Graph Parameter
pfSense before 2.3 allows remote authenticated users to execute arbitrary OS commands via a '|' character in the status_rrd_graph_img.php graph parameter, related to _rrd_graph_img.php.
by Security-Assessment.com
CVSS 8.8
WordPress Plugin leenk.me 2.5.0 - Cross-Site Request Forgery / Cross-Site Scripting
by cor3sm4sh3r
WordPress Plugin Kento Post View Counter 2.8 - Cross-Site Request Forgery / Cross-Site Scripting
by cor3sm4sh3r
TH692 Outdoor P2P HD Waterproof IP Camera - Hard-Coded Credentials
by DLY
Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP - Unauthenticated Path Traversal and Arbitrary File Write
The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques. An attacker can exploit this vulnerability to gain root privileges. This vulnerability is fixed in the following product versions (fixes released in July 2015, all prior versions are affected): airMAX AC 7.1.3; airMAX M (and airRouter) 5.6.2 XM/XW/TI, 5.5.11 XM/TI, and 5.5.10u2 XW; airGateway 1.1.5; airFiber AF24/AF24HD 2.2.1, AF5x 3.0.2.1, and AF5 2.2.1; airOS 4 XS2/XS5 4.0.4; and EdgeSwitch XP (formerly TOUGHSwitch) 1.3.2.
by 93c08539
CVSS 9.8
Microsoft Excel/Word 2007-2016 & Office Compatibility Pack - Remote Code Execution via Crafted Document
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Word 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
by Sébastien Morin
CVSS 7.8
pfSense Firewall 2.2.6 - Services Cross-Site Request Forgery
by Aatif Shahdad
Brickcom Corporation Network Cameras - Multiple Vulnerabilities
by Orwelllabs
Micro Focus Novell Service Desk <7.2 - SQL Injection
LiveTime/WebObjects/LiveTime.woa/wa/DownloadAction/downloadFile in Micro Focus Novell Service Desk before 7.2 allows remote authenticated users to conduct Hibernate Query Language (HQL) injection attacks and obtain sensitive information via the entityName parameter.
by Pedro Ribeiro
CVSS 6.5
Micro Focus Novell Service Desk <7.2 - Info Disclosure
Micro Focus Novell Service Desk before 7.2 allows remote authenticated users to read arbitrary attachments via a request to a LiveTime.woa URL, as demonstrated by obtaining sensitive information via a (1) downloadLogFiles or (2) downloadFile action.
by Pedro Ribeiro
CVSS 6.5
Micro Focus Novell Service Desk <7.2 - Path Traversal
Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a .. (dot dot) in a filename within a multipart/form-data POST request to a LiveTime.woa URL.
by Pedro Ribeiro
CVSS 7.2
By Source