Exploitdb Exploits
50,076 exploits tracked across all sources.
Centreon 19.10.5 - 'centreontrapd' Remote Command Execution
by Fabien AUNAY
Intellian Aptus Web 1.24 - OS Command Injection via Q Field in JSON Data
Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed.
by Xh4H
CVSS 9.8
Fifthplay S.A.M.I 2019.2_HP - Persistent Cross-Site Scripting
by LiquidWorm
Octeth Oempro 4.7-4.8 - SQL Injection via CampaignID Parameter
Octeth Oempro 4.7 and 4.8 allow SQL injection. The parameter CampaignID in Campaign.Get is vulnerable.
by Bruno de Barros Bulle
CVSS 9.8
Adive Framework 2.0.8 - Cross-Site Request Forgery in Admin Config
Adive Framework 2.0.8 has admin/config CSRF to change the Administrator password.
by Sarthak Saini
CVSS 8.8
macOS/iOS ImageIO - Heap Corruption when Processing Malformed TIFF Image
by Google Security Research
Torrent 3GP Converter 1.51 - Stack-based Buffer Overflow via Registration Dialog
Torrent 3GP Converter 1.51 contains a stack overflow vulnerability that allows attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload targeting the application's registration dialog to trigger code execution and open the calculator through carefully constructed buffer overflow techniques.
by boku
CVSS 9.8
CPU Speculative Access - Info Disclosure
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries.
To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to elevate user rights directly, but it could be used to obtain information that could be used to try to compromise the affected system further.
On January 3, 2018, Microsoft released an advisory and security updates related to a newly-discovered class of hardware vulnerabilities (known as Spectre) involving speculative execution side channels that affect AMD, ARM, and Intel CPUs to varying degrees. This vulnerability, released on August 6, 2019, is a variant of the Spectre Variant 1 speculative execution side channel vulnerability and has been assigned CVE-2019-1125.
Microsoft released a security update on July 9, 2019 that addresses the vulnerability through a software change that mitigates how the CPU speculatively accesses memory. Note that this vulnerability does not require a microcode update from your device OEM.
by Bitdefender
CVSS 5.6
TopManage OLK 2020 - DOM-Based Cross-Site Scripting via Session Cookie
An issue was discovered in TopManage OLK 2020. As there is no ReadOnly on the Session cookie, the user and admin accounts can be taken over in a DOM-Based XSS attack.
by Joel Aviad Ossi
CVSS 6.1
TopManage OLK 2020 - Cross-Site Request Forgery in Login
In TopManage OLK 2020, login CSRF can be chained with another vulnerability in order to takeover admin and user accounts.
by Joel Aviad Ossi
CVSS 8.8
TP-Link TP-SG105E V4 1.0.0 Build 20181120 - Unauthenticated Device Reboot via reboot.cgi
The Web Management of TP-Link TP-SG105E V4 1.0.0 Build 20181120 devices allows an unauthenticated attacker to reboot the device via a reboot.cgi request.
by PCEumel
CVSS 7.5
Genexis Platinum-4410 <2.1 - Auth Bypass
An authentication bypass vulnerability on Genexis Platinum-4410 v2.1 P4410-V2 1.28 devices allows attackers to obtain cleartext credentials from the HTML source code of the cgi-bin/index2.asp URI.
by Husinul Sanub
CVSS 9.8
BOOTP Turbo 2.0 - Denial of Service via SEH Overwrite
BOOTP Turbo 2.0 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Structured Exception Handler (SEH). Attackers can generate a malicious payload of 2196 bytes with specific byte patterns to trigger an application crash and corrupt the SEH chain.
by boku
CVSS 7.5
Windows Server 2012, 2016, 2019 - Unauthenticated Remote Code Execution via RD Gateway
A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0609.
by ollypwn
CVSS 9.8
Windows Server 2012, 2016, 2019 - Unauthenticated Remote Code Execution via RD Gateway
A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0609.
by ollypwn
CVSS 9.8
qdPM < 9.1 - Authenticated Remote Code Execution via Profile Photo Path Traversal
A remote code execution (RCE) vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal vulnerability in the users['photop_preview'] delete photo feature, allowing bypass of .htaccess protection. NOTE: this issue exists because of an incomplete fix for CVE-2015-3884.
by Rishal Dwivedi
CVSS 8.8
Reliable Datagram Sockets (RDS) rds_atomic_free_op NULL pointer dereference Privilege Escalation
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.
by Metasploit
CVSS 5.5
KeePass Password Safe < 2.44 - Denial of Service via Malicious HTML File in Help System
KeePass Password Safe versions before 2.44 contain a denial of service vulnerability in the help system's HTML handling. Attackers can trigger the vulnerability by dragging and dropping malicious HTML files into the help area, potentially causing application instability or crash.
by Mustafa Emre Gül
CVSS 7.5
Citrix XenMobile Server <10.8 - XSS
There is an XML External Entity (XXE) Processing Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
by Jonas Lejon
CVSS 9.8
By Source