Writeup Exploits
62,891 exploits tracked across all sources.
FasterXML jackson-databind <2.9.7 - SSRF
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.
CVSS 10.0
Discuz! 1.5-2.5 - Remote Code Execution via Database Backup Feature
The database backup feature in upload/source/admincp/admincp_db.php in Discuz! 2.5 and 3.4 allows remote attackers to execute arbitrary PHP code.
CVSS 8.8
Odoo 8.x-11.x - Regular Expression Denial of Service in dbfilter_from_header Module
The Odoo Community Association (OCA) dbfilter_from_header module makes Odoo 8.x, 9.x, 10.x, and 11.x vulnerable to ReDoS (regular expression denial of service) under certain circumstances.
CVSS 7.5
Odoo 8.x-11.x - Regular Expression Denial of Service in dbfilter_from_header Module
The Odoo Community Association (OCA) dbfilter_from_header module makes Odoo 8.x, 9.x, 10.x, and 11.x vulnerable to ReDoS (regular expression denial of service) under certain circumstances.
CVSS 7.5
Odoo 8.x-11.x - Regular Expression Denial of Service in dbfilter_from_header Module
The Odoo Community Association (OCA) dbfilter_from_header module makes Odoo 8.x, 9.x, 10.x, and 11.x vulnerable to ReDoS (regular expression denial of service) under certain circumstances.
CVSS 7.5
Odoo 8.x-11.x - Regular Expression Denial of Service in dbfilter_from_header Module
The Odoo Community Association (OCA) dbfilter_from_header module makes Odoo 8.x, 9.x, 10.x, and 11.x vulnerable to ReDoS (regular expression denial of service) under certain circumstances.
CVSS 7.5
MikroTik RouterOS <6.42 - Path Traversal
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
CVSS 9.1
MikroTik RouterOS <6.42 - Path Traversal
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
CVSS 9.1
tcpdump <4.9.3 - Buffer Overflow
The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().
CVSS 7.0
tcpdump < 4.9.3 - Out-of-bounds Read in OSPFv3 Parser
The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().
CVSS 7.5
tcpdump < 4.9.3 - Out-of-bounds Read in BGP Parser
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).
CVSS 7.5
tcpdump < 4.9.3 - Out-of-bounds Read in ICMPv6 Parser
The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.
CVSS 7.5
Pango 1.40.8-1.42.3 - Denial of Service via Invalid Unicode Sequences
libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequences.
CVSS 6.5
OpenEMR < 5.0.1.4 - Authenticated Arbitrary PHP File Upload via Site Files Manager
Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory.
CVSS 8.8
OpenEMR < 5.0.1.4 - Unauthenticated Authentication Bypass via Patient Portal Registration
Authentication bypass vulnerability in portal/account/register.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker to access (1) portal/add_edit_event_user.php, (2) portal/find_appt_popup_user.php, (3) portal/get_allergies.php, (4) portal/get_amendments.php, (5) portal/get_lab_results.php, (6) portal/get_medications.php, (7) portal/get_patient_documents.php, (8) portal/get_problems.php, (9) portal/get_profile.php, (10) portal/portal_payment.php, (11) portal/messaging/messages.php, (12) portal/messaging/secure_chat.php, (13) portal/report/pat_ledger.php, (14) portal/report/portal_custom_report.php, or (15) portal/report/portal_patient_report.php without authenticating as a patient.
CVSS 9.1
Trend Micro Deep Discovery Inspector <3.85 - XSS
A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. An attacker must be an authenticated user in order to exploit the vulnerability.
CVSS 5.4
OpenSSH < 7.7 - User Enumeration via Authentication Request Timing
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
CVSS 5.3
gnuboard < 5.3.1.6 - Cross-Site Scripting in SMS Admin Number Book
Cross-Site Scripting (XSS) vulnerability in adm/sms_admin/num_book_write.php and adm/sms_admin/num_book_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML.
CVSS 6.1
GNUBOARD5 < 5.3.1.6 - Cross-Site Scripting via Popup Title Parameter
Cross-Site Scripting (XSS) vulnerability in point_list.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter.
CVSS 6.1
gnuboard < 5.3.1.6 - Cross-Site Scripting in Board Group Management
Cross-Site Scripting (XSS) vulnerability in adm/boardgroup_form_update.php and adm/boardgroup_list_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML.
CVSS 6.1
GNUBOARD5 < 5.3.1.6 - Cross-Site Scripting via Popup Title Parameter
Cross-Site Scripting (XSS) vulnerability in newwinform.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter.
CVSS 6.1
Enigmail < 2.0.6 - Cryptographic Signature Spoofing via Multipart HTML Email
Enigmail before 2.0.6 is prone to to OpenPGP signatures being spoofed for arbitrary messages using a PGP/INLINE signature wrapped within a specially crafted multipart HTML email.
CVSS 6.5
GNOME Evolution < 3.28.2 - OpenPGP Signature Spoofing via Crafted Email Attachment
GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment.
CVSS 6.5
MailMate < 1.11.3 - Authentication Bypass via Spoofed HTML/MIME Structure
MailMate before 1.11.3 mishandles a suspicious HTML/MIME structure in a signed/encrypted email.
CVSS 7.5
NUUO NVRMini2 3.9.1 - Authenticated Remote Command Injection via upgrade_handle.php
NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgrade_handle.php to execute OS commands as root.
CVSS 8.8
By Source