Exploitdb Exploits

49,983 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-102640 EXPLOITDB c VERIFIED
Linux - Use-After-Free via race Between modify_ldt() and #BR Exception
by Google Security Research
EIP-2026-100645 EXPLOITDB python
BlogEngine.NET 3.3.6/3.3.7 - XML External Entity Injection
by Aaron Bishop
EIP-2026-100644 EXPLOITDB python
BlogEngine.NET 3.3.6/3.3.7 - 'theme Cookie' Directory Traversal / Remote Code Execution
by Aaron Bishop
EIP-2026-100642 EXPLOITDB python
BlogEngine.NET 3.3.6/3.3.7 - 'dirPath' Directory Traversal / Remote Code Execution
by Aaron Bishop
CVE-2018-20469 EXPLOITDB CRITICAL text
Sahipro Sahi Pro < 8.0.0 - SQL Injection
An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A parameter in the web reports module is vulnerable to h2 SQL injection. This can be exploited to inject SQL queries and run standard h2 system functions.
by Goutham Madhwaraj
CVSS 9.8
CVE-2018-20472 EXPLOITDB MEDIUM text
Sahipro Sahi Pro < 8.0.0 - XSS
An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. The logs web interface is vulnerable to stored XSS.
by Goutham Madhwaraj
CVSS 5.4
CVE-2018-20470 EXPLOITDB HIGH text
Sahipro Sahi Pro < 8.0.0 - Path Traversal
An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A directory traversal (arbitrary file access) vulnerability exists in the web reports module. This allows an outside attacker to view contents of sensitive files.
by Goutham Madhwaraj
CVSS 7.5
CVE-2019-12181 EXPLOITDB HIGH c VERIFIED
Serv-U FTP Server prepareinstallation Privilege Escalation
A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux.
by Guy Levin
CVSS 8.8
CVE-2019-12920 EXPLOITDB CRITICAL text
Cylan Clever Dog Smart Camera Panoram... - Hard-coded Credentials
On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the network can login remotely to the camera and gain root access. The device ships with a hardcoded 12345678 password for the root account, accessible from a TELNET login prompt.
by Alex Akinbi
CVSS 9.8
CVE-2019-12919 EXPLOITDB MEDIUM text
Cylan Clever Dog Smart Camera Panoram... - Missing Authentication
On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the local network has unauthenticated access to the internal SD card via the HTTP service on port 8000. The HTTP web server on the camera allows anyone to view or download the video archive recorded and saved on the external memory card attached to the device.
by Alex Akinbi
CVSS 5.5
CVE-2019-12890 EXPLOITDB CRITICAL python
Redwoodhq - Missing Authentication
RedwoodHQ 2.5.5 does not require any authentication for database operations, which allows remote attackers to create admin users via a con.automationframework users insert_one call.
by EthicalHCOP
CVSS 9.8
EIP-2026-117539 EXPLOITDB text
Microsoft Windows - UAC Protection Bypass (Via Slui File Handler Hijack) (PowerShell)
by Gushmazuko
CVE-2019-12323 EXPLOITDB HIGH text
Hosting Controller HC10 10.14 - DoS
The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS.
by hyp3rlinx
CVSS 7.5
CVE-2019-13294 EXPLOITDB CRITICAL ruby
Arox School-erp - Authentication Bypass
AROX School-ERP Pro has a command execution vulnerability. import_stud.php and upload_fille.php do not have session control. Therefore an unauthenticated user can execute a command on the system.
by AkkuS
CVSS 9.8
CVE-2019-11706 EXPLOITDB HIGH text
Thunderbird <60.7.1 - Use After Free
A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezone_get_vtimezone_properties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird < 60.7.1.
by X41 D-Sec GmbH
CVSS 7.5
CVE-2019-11703 EXPLOITDB CRITICAL text
Thunderbird <60.7.1 - Buffer Overflow
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in parser_get_next_char when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.
by X41 D-Sec GmbH
CVSS 9.8
CVE-2019-11705 EXPLOITDB CRITICAL text
Thunderbird <60.7.1 - Buffer Overflow
A flaw in Thunderbird's implementation of iCal causes a stack buffer overflow in icalrecur_add_bydayrules when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.
by X41 D-Sec GmbH
CVSS 9.8
CVE-2019-11704 EXPLOITDB CRITICAL text
Thunderbird <60.7.1 - Buffer Overflow
A flaw in Thunderbird's implementation of iCal causes a heap buffer overflow in icalmemory_strdup_and_dequote when processing certain email messages, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60.7.1.
by X41 D-Sec GmbH
CVSS 9.8
CVE-2019-10149 EXPLOITDB CRITICAL bash VERIFIED
Exim 4.87 - 4.91 Local Privilege Escalation
A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution.
by Marco Ivaldi
CVSS 9.8
EIP-2026-102700 EXPLOITDB python
Netperf 2.6.0 - Stack-Based Buffer Overflow
by Juan Sacco
EIP-2026-102699 EXPLOITDB python
Netperf 2.6.0 - Stack-Based Buffer Overflow
by Juan Sacco
CVE-2019-3778 EXPLOITDB MEDIUM text
Pivotal Software Spring Security Oauth < 2.0.17 - Open Redirect
Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2.2.4, and 2.1 prior to 2.1.4, and 2.0 prior to 2.0.17, and older unsupported versions could be susceptible to an open redirector attack that can leak an authorization code. A malicious user or attacker can craft a request to the authorization endpoint using the authorization code grant type, and specify a manipulated redirection URI via the "redirect_uri" parameter. This can cause the authorization server to redirect the resource owner user-agent to a URI under the control of the attacker with the leaked authorization code. This vulnerability exposes applications that meet all of the following requirements: Act in the role of an Authorization Server (e.g. @EnableAuthorizationServer) and uses the DefaultRedirectResolver in the AuthorizationEndpoint. This vulnerability does not expose applications that: Act in the role of an Authorization Server and uses a different RedirectResolver implementation other than DefaultRedirectResolver, act in the role of a Resource Server only (e.g. @EnableResourceServer), act in the role of a Client only (e.g. @EnableOAuthClient).
by Riemann
CVSS 6.5
CVE-2020-19513 EXPLOITDB HIGH python
Aida64 - Out-of-Bounds Write
Buffer overflow in FinalWire Ltd AIDA64 Engineer 6.00.5100 allows attackers to execute arbitrary code by creating a crafted input that will overwrite the SEH handler.
by Nipun Jaswal
CVSS 7.8
EIP-2026-102800 EXPLOITDB bash VERIFIED
CentOS 7.6 - 'ptrace_scope' Privilege Escalation
by s4vitar
CVE-2018-19113 EXPLOITDB HIGH text
Pronestor Health Monitoring - Incorrect Permission Assignment
The Pronestor PNHM (aka Health Monitoring or HealthMonitor) add-in before 8.1.13.0 for Outlook has "BUILTIN\Users:(I)(F)" permissions for the "%PROGRAMFILES(X86)%\proNestor\Outlook add-in for Pronestor\PronestorHealthMonitor.exe" file, which allows local users to gain privileges via a Trojan horse PronestorHealthMonitor.exe file.
by PovlTekstTV
CVSS 7.3
By Source
All 49,983 Writeup 59,698 Exploitdb 49,983 Nomisec 21,473 Metasploit 3,218 Github 2,525 Vulncheck_xdb 903 Inthewild 514 Gitlab 440 Gitee 415 Patchapalooza 312
By Language
text 31,329 python 5,912 ruby 5,907 c 3,563 perl 2,849 html 2,053 php 1,326 bash 459 java 362 c++ 250 javascript 215 shell 88 go 53 postscript 25 xml 24