Exploitdb Exploits
49,989 exploits tracked across all sources.
Microfocus Filr - Improper Privilege Management
A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. This vulnerability affects all versions of Filr 3.x prior to Security Update 6.
by SecureAuth
CVSS 7.8
Teracue ENC-400 <2.56 - Info Disclosure
An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. While the web interface requires authentication before it can be interacted with, a large portion of the HTTP endpoints are missing authentication. An attacker is able to view these pages before being authenticated, and some of these pages may disclose sensitive information.
by Stephen Shkardoon
CVSS 7.5
RealTerm Serial Terminal 2.0.0.70 Buffer Overflow SEH
RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling (SEH) buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain and shellcode that triggers code execution when pasted into the Port field and the Change button is clicked.
by Matteo Malvica
CVSS 7.8
C4G BLIS 3.4 SQL Injection via users_select.php
C4G Basic Laboratory Information System 3.4 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through the site parameter. Attackers can send GET requests to the users_select.php endpoint with crafted SQL payloads to extract sensitive database information including patient records and system credentials.
by Carlos Avila
CVSS 8.2
Memu Play 6.0.7 Privilege Escalation via Insecure File Permissions
Memu Play 6.0.7 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by replacing the MemuService.exe executable. Attackers can rename and overwrite MemuService.exe in the installation directory with a malicious executable, which executes with system-level privileges when the service restarts after a computer reboot.
by Alejandra Sánchez
CVSS 9.8
Valentina Studio 9.0.5 Linux Buffer Overflow via Host Field
Valentina Studio 9.0.5 Linux contains a buffer overflow vulnerability in the Host field of the connection dialog that allows local attackers to crash the application by supplying an oversized input string. Attackers can trigger the vulnerability by pasting a crafted buffer exceeding 264 bytes into the Host field during server connection attempts, causing a denial of service.
by Alejandra Sánchez
CVSS 6.2
MikroTik RouterOS <6.43.12-6.42.12 - RCE
MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this vulnerability to bypass the router's firewall or for general network scanning activities.
by Jacob Baines
CVSS 7.5
Screen Stream <3.0.15 - DoS
The Screen Stream application through 3.0.15 for Android allows remote attackers to cause a denial of service via many simultaneous /start-stop requests.
by s4vitar
CVSS 7.5
AirDrop <2.0 - DoS
The AirDrop application through 2.0 for Android allows remote attackers to cause a denial of service via a client that makes many socket connections through a configured port.
by s4vitar
CVSS 7.5
WinRAR 5.61 Denial of Service via Malformed Language File
WinRAR 5.61 contains a denial of service vulnerability that allows local attackers to crash the application by placing a malformed winrar.lng language file in the installation directory. Attackers can trigger the crash by opening an archive and pressing the test button, causing an access violation at memory address 004F1DB8 when the application attempts to read invalid data.
by Kağan Çapar
CVSS 6.2
FTPShell Server 6.83 Denial of Service via Account Name
FTPShell Server 6.83 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the account name field. Attackers can trigger a denial of service by pasting a 417-byte payload into the 'Account name to ban' parameter within the Manage FTP Accounts interface.
by Victor Mondragón
CVSS 6.2
Belkin Crock-pot Smart Slow Cooker Wi... - OS Command Injection
The Belkin Wemo Enabled Crock-Pot allows command injection in the Wemo UPnP API via the SmartDevURL argument to the SetSmartDevInfo action. A simple POST request to /upnp/control/basicevent1 can allow an attacker to execute commands without authentication.
by Metasploit
CVSS 9.8
Digitaldruid Hoteldruid - XSS
HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mese_fine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizza_tabelle.php.
by Mehmet EMIROGLU
CVSS 6.1
Apple Iphone OS < 12.1.3 - Memory Corruption
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A remote attacker may be able to initiate a FaceTime call causing arbitrary code execution.
by Google Security Research
CVSS 8.8
MatrixSSL < 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates
by Google Security Research
MatrixSSL < 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates
by Google Security Research
Android Kernel < 4.8 - ptrace seccomp Filter Bypass
by Google Security Research
Ask Expert Script 3.0.5 Cross Site Scripting SQL Injection
Ask Expert Script 3.0.5 contains cross-site scripting and SQL injection vulnerabilities that allow unauthenticated attackers to inject malicious code by manipulating URL parameters. Attackers can inject script tags through the cateid parameter in categorysearch.php or SQL code through the view parameter in list-details.php to execute arbitrary code or extract database information.
by Mr Winst0n
CVSS 8.2
eDirectory All Versions SQL Injection Authentication Bypass
eDirectory contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to bypass administrator authentication and disclose sensitive files by injecting SQL code into parameters. Attackers can exploit the key parameter in the login endpoint with union-based SQL injection to authenticate as administrator, then leverage authenticated file disclosure vulnerabilities in language_file.php to read arbitrary PHP files from the server.
by Efrén Díaz
CVSS 8.2
BulletProof FTP Server 2019.0.0.50 Denial of Service via SMTP
BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the SMTP configuration interface that allows local attackers to crash the application by supplying an oversized string. Attackers can input a buffer of 257 'A' characters in the SMTP Server field and trigger a crash by clicking the Test button.
by Victor Mondragón
CVSS 5.5
NetSetMan 4.7.1 Workgroup Buffer Overflow Denial of Service
NetSetMan 4.7.1 contains a buffer overflow vulnerability in the Workgroup feature that allows local attackers to crash the application by supplying oversized input. Attackers can create a malicious configuration file with excessive data and paste it into the Workgroup field to trigger a denial of service condition.
by Victor Mondragón
CVSS 6.2
Valentina Studio 9.0.4 Denial of Service via Host Parameter
Valentina Studio 9.0.4 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Host field. Attackers can trigger the crash by pasting a 256-byte buffer of repeated characters into the Host parameter during server connection attempts.
by Victor Mondragón
CVSS 6.2
Zohocorp Manageengine Netflow Analyzer - XSS
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in /netflow/jspui/userManagementForm.jsp via these GET parameters: authMeth, passWord, pwd1, and userName.
by Rafael Pedrero
CVSS 6.1
By Source