Text Exploits
31,392 exploits tracked across all sources.
Wireshark - getRate Stack Out-of-Bounds Read
by Google Security Research
Wireshark 1.12.x < 1.12.9 and 2.0.x < 2.0.1 - Denial of Service via VeriWave File Parser
wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
by Google Security Research
CVSS 5.5
Wireshark 2.0.x - Denial of Service via MP2T File Parser Stack-Based Buffer Overflow
The mp2t_find_next_pcr function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before 2.0.1 does not reserve memory for a trailer, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted file.
by Google Security Research
CVSS 5.5
Wireshark 1.12.x < 1.12.9 and 2.0.x < 2.0.1 - Denial of Service via ZigBee ZCL Dissector
The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
by Google Security Research
CVSS 5.5
Wireshark - dissect_tds7_colmetadata_token Stack Buffer Overflow
by Google Security Research
Wireshark 1.12.x < 1.12.9 and 2.0.x < 2.0.1 - Denial of Service in NBAP Dissector
epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet.
by Google Security Research
CVSS 5.5
Wireshark 2.0.x < 2.0.1 - Denial of Service via TDS Dissector Column Count Overflow
The dissect_tds7_colmetadata_token function in epan/dissectors/packet-tds.c in the TDS dissector in Wireshark 2.0.x before 2.0.1 does not validate the number of columns, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
by Google Security Research
CVSS 5.3
Wireshark 1.12.x < 1.12.9 and 2.0.x < 2.0.1 - Denial of Service via RSL Dissector TLV Type Handling
The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
by Google Security Research
CVSS 5.5
Wireshark 1.12.x < 1.12.9 and 2.0.x < 2.0.1 - Denial of Service in Ascend File Parser
The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
by Google Security Research
CVSS 5.5
Wireshark 1.12.x < 1.12.9 and 2.0.x < 2.0.1 - Denial of Service via AirPDcapPacketProcess Buffer Overflow
The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
by Google Security Research
CVSS 5.5
Wireshark 1.12.x < 1.12.9 and 2.0.x < 2.0.1 - Denial of Service via RSVP Dissector Use-After-Free
The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.
by Google Security Research
CVSS 5.5
FireEye - Wormable Remote Code Execution in MIP JAR Analysis
by Tavis Ormandy & Natalie Silvanovich
Tequila File Hosting 1.5 - Multiple Vulnerabilities
by Ashiyane Digital Security Team
Ovidentia bulletindoc Module 2.9 - Multiple Remote File Inclusions
by bd0rk
ArticleSetup Article Script 1.00 - SQL Injection
by Linux Zone Research Team
Microsoft Windows - Local Privilege Escalation via Library Loading
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."
by Google Security Research
WordPress Plugin Admin Management Xtended 2.4.0 - Privilege escalation
by Kacper Szurek
ECommerceMajor - 'productdtl.php?prodid' SQL Injection
by Rahul Pratap Singh
bitrix.xscan < 1.0.3 - Authenticated Path Traversal via File Parameter
Directory traversal vulnerability in the bitrix.xscan module before 1.0.4 for Bitrix allows remote authenticated users to rename arbitrary files, and consequently obtain sensitive information or cause a denial of service, via a .. (dot dot) in the file parameter to admin/bitrix.xscan_worker.php.
by High-Tech Bridge SA
bitrix.mpbuilder < 1.0.11 - Authenticated Path Traversal via Work Array Parameter
Directory traversal vulnerability in the bitrix.mpbuilder module before 1.0.12 for Bitrix allows remote administrators to include and execute arbitrary local files via a .. (dot dot) in the element name of the "work" array parameter to admin/bitrix.mpbuilder_step2.php.
by High-Tech Bridge SA
Adobe Flash Player <18.0.0.255,19.x<19.0.0.226 - RCE
Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7647.
by Google Security Research
Adobe Flash Player <18.0.0.255,19.x<19.0.0.226 - RCE
Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-7648.
by Google Security Research
Polycom VVX-Series Business Media Phones - Directory Traversal
by Jake Reynolds
GoAutoDial CE 3.3 - Multiple SQL Injections / Command Injection
by R-73eN
By Source