Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2019-7439 EXPLOITDB MEDIUM text
JioFi 4G M2S 1.0.2 - Denial of Service via mask POST Parameter
cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices allows a DoS (Hang) via the mask POST parameter.
by Vikas Chaudhary
CVSS 6.5
CVE-2019-2721 EXPLOITDB HIGH text VERIFIED
Oracle VM VirtualBox <6.0.6 - Privilege Escalation
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
by Google Security Research
CVSS 8.8
EIP-2026-103912 EXPLOITDB text VERIFIED
Google Chrome 72.0.3626.121 / 74.0.3725.0 - 'NewFixedDoubleArray' Integer Overflow
by Google Security Research
CVE-2019-25245 EXPLOITDB HIGH text
Ross Video DashBoard 8.5.1 - Privilege Escalation
Ross Video DashBoard 8.5.1 contains an elevation of privileges vulnerability that allows authenticated users to modify executable files due to improper permission settings. Attackers can exploit the 'M' or 'C' flags for 'Authenticated Users' group to replace the DashBoard.exe binary with a malicious executable.
by LiquidWorm
CVSS 8.8
CVE-2019-3842 EXPLOITDB HIGH text VERIFIED
systemd < 242-rc4 - Improper Authorization via XDG_SEAT Environment Variable
In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. It is possible for an attacker, in some particular configurations, to set a XDG_SEAT environment variable which allows for commands to be checked against polkit policies using the "allow_active" element rather than "allow_any".
by Google Security Research
CVSS 7.0
EIP-2026-102638 EXPLOITDB c VERIFIED
Linux - Missing Locking in Siemens R3964 Line Discipline Race Condition
by Google Security Research
EIP-2026-102635 EXPLOITDB text VERIFIED
Linux - 'page->_refcount' Overflow via FUSE
by Google Security Research
CVE-2019-25736 EXPLOITDB HIGH python
LabF nfsAxe 3.7 Ping Client Buffer Overflow
LabF nfsAxe 3.7 Ping Client contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the Host IP field. Attackers can craft a specially formatted input file with shellcode and overwrite the return address to execute calc.exe or other arbitrary commands.
by Dino Covotsos
CVSS 8.4
CVE-2019-25617 EXPLOITDB MEDIUM python
Ease Audio Converter 5.30 Denial of Service via Audio Cutter
Ease Audio Converter 5.30 contains a denial of service vulnerability in the Audio Cutter function that allows local attackers to crash the application by processing malformed MP4 files. Attackers can create a crafted MP4 file containing an oversized buffer and load it through the Audio Cutter interface to trigger an application crash.
by Achilles
CVSS 6.2
EIP-2026-113643 EXPLOITDB text
WordPress Plugin Contact Form Builder 1.0.67 - Cross-Site Request Forgery / Local File Inclusion
by Panagiotis Vagenas
EIP-2026-113642 EXPLOITDB text
WordPress Plugin Contact Form Builder 1.0.67 - Cross-Site Request Forgery / Local File Inclusion
by Panagiotis Vagenas
CVE-2019-11398 EXPLOITDB MEDIUM text
UliCMS 2019.1-2019.2 - Cross-Site Scripting via Admin Index Parameters
Multiple cross-site scripting (XSS) vulnerabilities in UliCMS 2019.2 and 2019.1 allow remote attackers to inject arbitrary web script or HTML via the go parameter to admin/index.php, the go parameter to /admin/index.php?register=register, or the error parameter to admin/index.php?action=favicon.
by Kağan EĞLENCE
CVSS 6.1
CVE-2019-11375 EXPLOITDB MEDIUM html
Msvod v10 - Cross-Site Request Forgery via admin/member/edit.html
Msvod v10 has a CSRF vulnerability to change user information via the admin/member/edit.html URI.
by ax8
CVSS 6.5
CVE-2019-11374 EXPLOITDB HIGH html
74cms 5.0.1 - Cross-Site Request Forgery via Admin User Addition
74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI.
by ax8
CVSS 8.8
CVE-2019-11469 EXPLOITDB CRITICAL ruby
Zoho ManageEngine Apps Mgr <15 - SQL Injection
Zoho ManageEngine Applications Manager 12 through 14 allows FaultTemplateOptions.jsp resourceid SQL injection. Subsequently, an unauthenticated user can gain the authority of SYSTEM on the server by uploading a malicious file via the "Execute Program Action(s)" feature.
by AkkuS
CVSS 9.8
EIP-2026-103492 EXPLOITDB html
Google Chrome 73.0.3683.103 V8 JavaScript Engine - Out-of-Memory in Invalid Table Size Denial of Service (PoC)
by Bogdan Kurinnoy
CVE-2019-7181 EXPLOITDB HIGH python
myQNAPcloud Connect <1.3.3.0925 - Buffer Overflow
Buffer Overflow vulnerability in myQNAPcloud Connect 1.3.3.0925 and earlier could allow remote attackers to crash the program.
by Dino Covotsos
CVSS 7.5
CVE-2019-2588 EXPLOITDB MEDIUM text VERIFIED
Oracle Fusion Middleware - Unauthorized Access
Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise BI Publisher (formerly XML Publisher). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all BI Publisher (formerly XML Publisher) accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).
by Vahagn Vardanyan
CVSS 4.9
CVE-2019-2616 EXPLOITDB HIGH text VERIFIED
Oracle Fusion Middleware - Unauthenticated RCE
Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher (formerly XML Publisher). While the vulnerability is in BI Publisher (formerly XML Publisher), attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of BI Publisher (formerly XML Publisher) accessible data as well as unauthorized read access to a subset of BI Publisher (formerly XML Publisher) accessible data. CVSS 3.0 Base Score 7.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N).
by Vahagn Vardanyan
CVSS 7.2
CVE-2019-3396 EXPLOITDB CRITICAL ruby VERIFIED
Atlassian Confluence Widget Connector Macro Velocity Template Injection
The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection.
by Metasploit
CVSS 9.8
CVE-2010-4170 EXPLOITDB ruby VERIFIED
SystemTap 1.3 - Privilege Escalation via MODPROBE_OPTIONS Environment Variable
The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment variable to specify a malicious configuration file.
by Metasploit
CVE-2019-11448 EXPLOITDB CRITICAL ruby
Zoho ManageEngine Applications Manager <14.0 - Privilege Escalation
An issue was discovered in Zoho ManageEngine Applications Manager 11.0 through 14.0. An unauthenticated user can gain the authority of SYSTEM on the server due to a Popup_SLA.jsp sid SQL injection vulnerability. For example, the attacker can subsequently write arbitrary text to a .vbs file.
by AkkuS
CVSS 9.8
CVE-2018-16858 EXPLOITDB HIGH ruby VERIFIED
LibreOffice Macro Python Code Execution
It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice, would execute a Python method from a script in any arbitrary file system location, specified relative to the LibreOffice install location.
by Metasploit
CVSS 7.8
CVE-2018-16517 EXPLOITDB MEDIUM text
Netwide Assembler < 2.13.03 - Denial of Service via Crafted File
asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file.
by Fakhri Zulkifli
CVSS 5.5
CVE-2019-10038 EXPLOITDB HIGH text
Evernote 7.9 - Arbitrary Program Execution via Local Executable Reference
Evernote 7.9 on macOS allows attackers to execute arbitrary programs by embedding a reference to a local executable file such as the /Applications/Calculator.app/Contents/MacOS/Calculator file.
by Dhiraj Mishra
CVSS 7.8