Exploit Database

145,445 exploits tracked across all sources.

Sort: Activity Stars
CVE-2016-4999 WRITEUP CRITICAL
Dashbuilder < 0.6.0.Beta1 - SQL Injection via Data Set Lookup Filter
SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java in Dashbuilder before 0.6.0.Beta1 allows remote attackers to execute arbitrary SQL commands via a data set lookup filter in the (1) Data Set Authoring or (2) Displayer editor UI.
CVSS 9.8
CVE-2016-5097 WRITEUP MEDIUM
Opensuse < 4.6.1 - Information Disclosure
phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by reading (1) HTTP requests or (2) server logs.
CVSS 5.3
CVE-2016-5195 WRITEUP HIGH
Linux Kernel 2.x-4.x < 4.8.3 - Local Privilege Escalation via Dirty COW Race Condition
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
CVSS 7.0
CVE-2016-5303 WRITEUP MEDIUM
Horde Groupware - Cross-Site Scripting via Text Filter API
Cross-site scripting (XSS) vulnerability in the Horde Text Filter API in Horde Groupware and Horde Groupware Webmail Edition before 5.2.16 allows remote attackers to inject arbitrary web script or HTML via crafted data:text/html content in a form (1) action or (2) xlink attribute.
CVSS 6.1
CVE-2016-5355 WRITEUP MEDIUM
Wireshark 1.12.x < 1.12.12 and 2.x < 2.0.4 - Denial of Service in Toshiba File Parser
wiretap/toshiba.c in the Toshiba file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVSS 5.9
CVE-2016-5356 WRITEUP MEDIUM
Wireshark 1.12.x < 1.12.12 and 2.x < 2.0.4 - Denial of Service in CoSine File Parser
wiretap/cosine.c in the CoSine file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVSS 5.9
CVE-2016-5357 WRITEUP MEDIUM
Wireshark 1.12.x < 1.12.12 and 2.x < 2.0.4 - Denial of Service in NetScreen File Parser
wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
CVSS 5.9
CVE-2016-5364 WRITEUP MEDIUM
MantisBT < 1.2.19 - Cross-Site Scripting via manage_custom_field_edit_page.php Return Parameter
Cross-site scripting (XSS) vulnerability in manage_custom_field_edit_page.php in MantisBT 1.2.19 and earlier allows remote attackers to inject arbitrary web script or HTML via the return parameter.
CVSS 6.1
CVE-2016-5412 WRITEUP MEDIUM
Linux Kernel < 4.7 - Denial of Service via H_CEDE Hypercall
arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended transaction.
CVSS 6.5
CVE-2016-5418 WRITEUP HIGH
libarchive <3.2.0 - Code Injection
The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file.
CVSS 7.5
CVE-2016-5429 WRITEUP LOW
jose-php < 2.2.0 - Timing Attack via HMAC Comparison
jose-php before 2.2.1 does not use constant-time operations for HMAC comparison, which makes it easier for remote attackers to obtain sensitive information via a timing attack, related to JWE.php and JWS.php.
CVSS 3.7
CVE-2016-5639 WRITEUP HIGH
Crestron AirMedia <1.4.0.13 - Path Traversal
Directory traversal vulnerability in cgi-bin/login.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to read arbitrary files via a .. (dot dot) in the src parameter.
CVSS 7.5
CVE-2016-5640 WRITEUP CRITICAL
Crestron AirMedia AM-100 <1.4.0.13 - Path Traversal
Directory traversal vulnerability in cgi-bin/rftest.cgi on Crestron AirMedia AM-100 devices with firmware before 1.4.0.13 allows remote attackers to execute arbitrary commands via a .. (dot dot) in the ATE_COMMAND parameter.
CVSS 9.8
CVE-2026-40312 WRITEUP MEDIUM
ImageMagick: Off-by-One in MSL decoder could result in crash
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, an off by one error in the MSL decoder could result in a crash when a malicous MSL file is read. This issue has been fixed in version 7.1.2-19.
CVSS 6.2
CVE-2026-40312 WRITEUP MEDIUM
ImageMagick: Off-by-One in MSL decoder could result in crash
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, an off by one error in the MSL decoder could result in a crash when a malicous MSL file is read. This issue has been fixed in version 7.1.2-19.
CVSS 6.2
CVE-2026-40311 WRITEUP MEDIUM
ImageMagick: Heap-use-after-free via XMP profile could result in a crash when printing values
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below 7.1.2-19 and 6.9.13-44 contain a heap use-after-free vulnerability that can cause a crash when reading and printing values from an invalid XMP profile. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19.
CVSS 5.5
CVE-2026-40311 WRITEUP MEDIUM
ImageMagick: Heap-use-after-free via XMP profile could result in a crash when printing values
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below 7.1.2-19 and 6.9.13-44 contain a heap use-after-free vulnerability that can cause a crash when reading and printing values from an invalid XMP profile. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19.
CVSS 5.5
CVE-2026-40310 WRITEUP MEDIUM
ImageMagick: Heap out-of-bounds write in JP2 encoder
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below both 7.1.2-19 and 6.9.13-44, contain a heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19.
CVSS 5.5
CVE-2026-40310 WRITEUP MEDIUM
ImageMagick: Heap out-of-bounds write in JP2 encoder
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below both 7.1.2-19 and 6.9.13-44, contain a heap out-of-bounds write in the JP2 encoder with when a user specifies an invalid sampling index. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19.
CVSS 5.5
CVE-2026-40183 WRITEUP MEDIUM
ImageMagick: Heap buffer overflow when encoding JXL image with a 16-bit float
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, the JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats. This issue has been fixed in version 7.1.2-19.
CVSS 5.5
CVE-2026-40183 WRITEUP MEDIUM
ImageMagick: Heap buffer overflow when encoding JXL image with a 16-bit float
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, the JXL encoder has an heap write overflow when a user specifies that the image should be encoded as 16 bit floats. This issue has been fixed in version 7.1.2-19.
CVSS 5.5
CVE-2026-40169 WRITEUP MEDIUM
ImageMagick: Heap buffer overflow (WRITE) in the YAML and JSON encoders
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, a crafted image could result in an out of bounds heap write when writing a yaml or json output, resulting in a crash. This issue has been fixed in version 7.1.2-19.
CVSS 6.2
CVE-2026-40169 WRITEUP MEDIUM
ImageMagick: Heap buffer overflow (WRITE) in the YAML and JSON encoders
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, a crafted image could result in an out of bounds heap write when writing a yaml or json output, resulting in a crash. This issue has been fixed in version 7.1.2-19.
CVSS 6.2
CVE-2026-34238 WRITEUP MEDIUM
ImageMagick: Integer overflow in despeckle operation causes heap buffer overflow on 32-bit builds
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, an integer overflow in the despeckle operation causes a heap buffer overflow on 32-bit builds that will result in an out of bounds write. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19.
CVSS 5.1
CVE-2026-34238 WRITEUP MEDIUM
ImageMagick: Integer overflow in despeckle operation causes heap buffer overflow on 32-bit builds
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, an integer overflow in the despeckle operation causes a heap buffer overflow on 32-bit builds that will result in an out of bounds write. This issue has been fixed in versions 6.9.13-44 and 7.1.2-19.
CVSS 5.1