Text Exploits
31,392 exploits tracked across all sources.
Avast! - Integer Overflow Verifying numFonts in TTC Header
by Google Security Research
Rar - CmdExtract::UnstoreFile Integer Truncation Memory Corruption
by Google Security Research
Avast! - Out-of-Bounds Write Decrypting PEncrypt Packed executables
by Google Security Research
Avast! - JetDb::Ised4x Performs Unbounded Search on Input
by Google Security Research
Avast! - Heap Overflow Unpacking MoleBox Archives
by Google Security Research
Windows Media Center - Remote Code Execution via Crafted .mcl File
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted .mcl file, aka "Media Center Library Parsing RCE Vulnerability."
by Eduardo Braun Prado
Windows Media Center - Arbitrary File Read via Crafted .mcl File
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to read arbitrary files via a crafted .mcl file, aka "Windows Media Center Information Disclosure Vulnerability."
by Core Security
Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, Windows 7 SP1 - Privilege Escalation via Library Loading
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."
by Google Security Research
WordPress Plugin WP Easy Poll 1.1.3 - Cross-Site Scripting / Cross-Site Request Forgery
by Mysticism
tvOS < 9.1 - Remote Code Execution via Crafted Package
Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7038.
by Maksymilian Arciemowicz
simogeo Filemanager 2.3.0 - Arbitrary File Upload via is_allowed_file_type() Function
An arbitrary file upload vulnerability in the is_allowed_file_type() function of Filemanager v2.3.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.
by HaHwul
CVSS 9.8
OpenMRS 2.3 (1.11.4) - Multiple Cross-Site Scripting Vulnerabilities
by LiquidWorm
iniNet SpiderControl SCADA Web Server Service 2.02 - Insecure File Permissions
by LiquidWorm
iniNet SpiderControl PLC Editor Simatic 6.30.04 - Insecure File Permissions
by LiquidWorm
Cyclope Employee Surveillance 8.6.1 - Insecure File Permissions
by loneferret
By Source