Text Exploits

31,330 exploits tracked across all sources.

Sort: Activity Stars
CVE-2015-6305 EXPLOITDB text VERIFIED
Cisco Anyconnect Secure Mobility Client - Untrusted Search Path
Untrusted search path vulnerability in the CMainThread::launchDownloader function in vpndownloader.exe in Cisco AnyConnect Secure Mobility Client 2.0 through 4.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by dbghelp.dll, aka Bug ID CSCuv01279. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4211.
by Google Security Research
CVE-2015-1724 EXPLOITDB text VERIFIED
Microsoft Windows 7 - Use After Free
Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Microsoft Windows Kernel Object Use After Free Vulnerability."
by Google Security Research
EIP-2026-115511 EXPLOITDB text VERIFIED
Kaspersky AntiVirus - Yoda's Protector Unpacking Memory Corruption
by Google Security Research
EIP-2026-115510 EXPLOITDB text VERIFIED
Kaspersky AntiVirus - VB6 Parsing Integer Overflow
by Google Security Research
EIP-2026-115509 EXPLOITDB text VERIFIED
Kaspersky AntiVirus - UPX Parsing Memory Corruption
by Google Security Research
EIP-2026-115508 EXPLOITDB text VERIFIED
Kaspersky AntiVirus - PE Unpacking Integer Overflow
by Google Security Research
EIP-2026-115507 EXPLOITDB text VERIFIED
Kaspersky AntiVirus - ExeCryptor Parsing Memory Corruption
by Google Security Research
EIP-2026-115506 EXPLOITDB text VERIFIED
Kaspersky AntiVirus - CHM Parsing Stack Buffer Overflow
by Google Security Research
EIP-2026-115503 EXPLOITDB text VERIFIED
Kaspersky AntiVirus - '.DEX' File Format Parsing Memory Corruption
by Google Security Research
EIP-2026-109015 EXPLOITDB text
Kirby CMS 2.1.0 - Cross-Site Request Forgery / Content Upload / PHP Script Execution
by Dawid Golunski
EIP-2026-109014 EXPLOITDB text
Kirby CMS 2.1.0 - Authentication Bypass
by Dawid Golunski
CVE-2015-3783 EXPLOITDB text VERIFIED
Apple OS X <10.10.5 - RCE/DoS
SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
by Google Security Research
CVE-2015-3796 EXPLOITDB text VERIFIED
Apple iOS <8.4.1 & OS X <10.10.5 - RCE
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3797 and CVE-2015-3798.
by Google Security Research
CVE-2015-3798 EXPLOITDB text VERIFIED
Apple iOS <8.4.1 & OS X <10.10.5 - RCE
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3796 and CVE-2015-3797.
by Google Security Research
EIP-2026-102212 EXPLOITDB text
Air Drive Plus 2.4 - Arbitrary File Upload
by Vulnerability-Lab
EIP-2026-101513 EXPLOITDB text
ADH-Web Server IP-Cameras - Multiple Vulnerabilities
by Orwelllabs
EIP-2026-101472 EXPLOITDB text
Thomson CableHome Gateway (DWG849) Cable Modem Gateway - Information Exposure
by Matthew Dunlap
EIP-2026-111338 EXPLOITDB text
Pligg CMS 2.0.2 - 'load_data_for_search.php' SQL Injection
by jsass
CVE-2015-6923 EXPLOITDB text
VBox Communications Satellite Express Protocol <2.3.17.3 - Privileg...
The ndvbs module in VBox Communications Satellite Express Protocol 2.3.17.3 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x00000ffd ioctl call.
by KoreLogic
EIP-2026-114625 EXPLOITDB text
ZeusCart 4.0 - SQL Injection
by Curesec Research Team
EIP-2026-114623 EXPLOITDB text
ZeusCart 4.0 - Cross-Site Request Forgery
by Curesec Research Team
CVE-2015-2521 EXPLOITDB text VERIFIED
Microsoft Excel - Memory Corruption
Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
by Google Security Research
CVE-2015-2520 EXPLOITDB text VERIFIED
Microsoft Excel - Memory Corruption
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
by Google Security Research
CVE-2015-2510 EXPLOITDB text VERIFIED
Microsoft Live Meeting Console - Memory Corruption
Buffer overflow in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2, Office 2007 SP3, Office 2010 SP2, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, and Live Meeting 2007 Console allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "Graphics Component Buffer Overflow Vulnerability."
by Google Security Research
CVE-2015-2523 EXPLOITDB text VERIFIED
Microsoft Excel - Memory Corruption
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
by Google Security Research
By Source
All 31,330 Writeup 59,953 Exploitdb 49,989 Nomisec 21,567 Metasploit 3,218 Github 2,551 Vulncheck_xdb 904 Inthewild 514 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,330 python 5,933 ruby 5,907 c 3,565 perl 2,849 html 2,053 php 1,326 bash 459 java 362 c++ 250 javascript 215 shell 90 go 53 postscript 25 xml 24