Text Exploits

31,392 exploits tracked across all sources.

Sort: Activity Stars
CVE-2015-1721 EXPLOITDB text VERIFIED
Windows Kernel-Mode Drivers - Local Privilege Escalation via NULL Pointer Dereference
The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via a crafted application, aka "Win32k Null Pointer Dereference Vulnerability."
by Nils Sommer
CVE-2015-1722 EXPLOITDB text VERIFIED
Microsoft Windows - Use-After-Free in Kernel-Mode Drivers
Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Microsoft Windows Kernel Bitmap Handling Use After Free Vulnerability."
by Nils Sommer
CVE-2015-1722 EXPLOITDB text VERIFIED
Microsoft Windows - Use-After-Free in Kernel-Mode Drivers
Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Microsoft Windows Kernel Bitmap Handling Use After Free Vulnerability."
by Nils Sommer
CVE-2015-1725 EXPLOITDB text VERIFIED
Microsoft Windows - Local Privilege Escalation via Kernel-Mode Driver Buffer Overflow
Buffer overflow in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Buffer Overflow Vulnerability."
by Nils Sommer
CVE-2015-2365 EXPLOITDB text VERIFIED
Windows win32k.sys - Local Privilege Escalation via Crafted Application
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
by Nils Sommer
CVE-2015-1725 EXPLOITDB text VERIFIED
Microsoft Windows - Local Privilege Escalation via Kernel-Mode Driver Buffer Overflow
Buffer overflow in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Buffer Overflow Vulnerability."
by Nils Sommer
CVE-2015-2512 EXPLOITDB text VERIFIED
Microsoft Windows - Local Privilege Escalation via Adobe Type Manager Library
The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Font Driver Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2507.
by Nils Sommer
CVE-2015-1726 EXPLOITDB text VERIFIED
Microsoft Windows - Use-After-Free in Kernel-Mode Drivers
Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Microsoft Windows Kernel Brush Object Use After Free Vulnerability."
by Nils Sommer
CVE-2015-2511 EXPLOITDB text VERIFIED
Microsoft Windows - Local Privilege Escalation via Win32k Memory Corruption
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2517, CVE-2015-2518, and CVE-2015-2546.
by Nils Sommer
CVE-2015-2366 EXPLOITDB text VERIFIED
Windows 7/8/8.1, Server 2008/2012, RT - Privilege Escalation via win32k.sys
win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."
by Nils Sommer
CVE-2015-2518 EXPLOITDB text VERIFIED
Microsoft Windows - Local Privilege Escalation via Win32k Memory Corruption
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2511, CVE-2015-2517, and CVE-2015-2546.
by Nils Sommer
EIP-2026-117374 EXPLOITDB text VERIFIED
Kaspersky AntiVirus - ThinApp Parser Stack Buffer Overflow
by Google Security Research
CVE-2015-6305 EXPLOITDB text VERIFIED
Cisco AnyConnect Secure Mobility Client 2.0-4.1 - Untrusted Search Path via vpndownloader.exe
Untrusted search path vulnerability in the CMainThread::launchDownloader function in vpndownloader.exe in Cisco AnyConnect Secure Mobility Client 2.0 through 4.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by dbghelp.dll, aka Bug ID CSCuv01279. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4211.
by Google Security Research
CVE-2015-1724 EXPLOITDB text VERIFIED
Microsoft Windows - Use-After-Free in Kernel-Mode Drivers
Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, aka "Microsoft Windows Kernel Object Use After Free Vulnerability."
by Google Security Research
EIP-2026-115511 EXPLOITDB text VERIFIED
Kaspersky AntiVirus - Yoda's Protector Unpacking Memory Corruption
by Google Security Research
EIP-2026-115510 EXPLOITDB text VERIFIED
Kaspersky AntiVirus - VB6 Parsing Integer Overflow
by Google Security Research
EIP-2026-115509 EXPLOITDB text VERIFIED
Kaspersky AntiVirus - UPX Parsing Memory Corruption
by Google Security Research
EIP-2026-115508 EXPLOITDB text VERIFIED
Kaspersky AntiVirus - PE Unpacking Integer Overflow
by Google Security Research
EIP-2026-115507 EXPLOITDB text VERIFIED
Kaspersky AntiVirus - ExeCryptor Parsing Memory Corruption
by Google Security Research
EIP-2026-115506 EXPLOITDB text VERIFIED
Kaspersky AntiVirus - CHM Parsing Stack Buffer Overflow
by Google Security Research
EIP-2026-115503 EXPLOITDB text VERIFIED
Kaspersky AntiVirus - '.DEX' File Format Parsing Memory Corruption
by Google Security Research
EIP-2026-109015 EXPLOITDB text
Kirby CMS 2.1.0 - Cross-Site Request Forgery / Content Upload / PHP Script Execution
by Dawid Golunski
EIP-2026-109014 EXPLOITDB text
Kirby CMS 2.1.0 - Authentication Bypass
by Dawid Golunski
CVE-2015-3783 EXPLOITDB text VERIFIED
macOS X < 10.10.5 - Remote Code Execution in SceneKit
SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.
by Google Security Research
CVE-2015-3796 EXPLOITDB text VERIFIED
Apple iOS <8.4.1 & OS X <10.10.5 - RCE
The TRE library in Libc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows context-dependent attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted regular expression, a different vulnerability than CVE-2015-3797 and CVE-2015-3798.
by Google Security Research