Exploitdb Exploits
50,083 exploits tracked across all sources.
UltraISO 9.7.1.3519 - 'Output FileName' Local Buffer Overflow (SEH)
by Dino Covotsos
FlexHEX 2.46 - Buffer Overflow (PoC) (SEH Overwrite)
by Rafael Pedrero
FlexHEX 2.46 - Buffer Overflow (PoC) (SEH Overwrite)
by Rafael Pedrero
Advanced Host Monitor 11.90 Beta - 'Registration number' Denial of Service (PoC)
by Luis Martínez
Advanced Host Monitor 11.90 Beta - 'Registration number' Denial of Service (PoC)
by Luis Martínez
iPhone OS < 12.1.3, macOS < 10.14.3, tvOS < 12.1.2 - Out-of-bounds Write
A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes.
by Google Security Research
CVSS 7.8
iPhone OS < 12.1.3, macOS < 10.14.3, tvOS < 12.1.2, watchOS < 5.1.3 - Sandbox Escape via Type Confusion
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to break out of its sandbox.
by Google Security Research
CVSS 8.6
iPhone OS < 12.1.3 - Remote Code Execution via Buffer Overflow
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. An application may be able to execute arbitrary code with kernel privileges.
by Google Security Research
CVSS 7.8
iPhone OS < 12.1.3, macOS < 10.14.3, tvOS < 12.1.2 - Out-of-bounds Write
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to execute arbitrary code with kernel privileges.
by Google Security Research
CVSS 7.8
iPhone OS < 12.1.3, macOS < 10.14.3, tvOS < 12.1.2 - Memory Corruption via Improper Initialization
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes.
by Google Security Research
CVSS 5.5
IP TOOLS 2.50 Local Buffer Overflow Denial of Service
IP TOOLS 2.50 contains a local buffer overflow vulnerability in the SNMP Scanner component that allows local attackers to crash the application by supplying oversized input. Attackers can paste malicious data into the 'From Addr' and 'To Addr' fields and trigger the crash by clicking the Start button, causing denial of service and SEH overwrite.
by Rafael Pedrero
CVSS 5.5
10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow (SEH) (DEP Bypass)
by bzyo
10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow (SEH) (DEP Bypass)
by bzyo
Necrosoft DIG 0.4 - Buffer Overflow (PoC) (SEH Overwrite)
by Rafael Pedrero
Necrosoft DIG 0.4 - Buffer Overflow (PoC) (SEH Overwrite)
by Rafael Pedrero
Advanced File Manager 3.4.1 - Denial of Service (PoC)
by Rafael Pedrero
Rukovoditel Project Management CRM 2.4.1 - 'lists_id' SQL Injection
by Mehmet EMIROGLU
iPhone OS < 12.1.3, macOS < 10.14.3, tvOS < 12.1.2, watchOS < 5.1.3 - Out-of-bounds Read
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to determine kernel memory layout.
by Google Security Research
CVSS 5.5
PDF Signer 3.0 Server-Side Template Injection RCE via CSRF Cookie
PDF Signer 3.0 contains a server-side template injection vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP commands through the CSRF-TOKEN cookie parameter. Attackers can craft malicious cookie values containing template injection payloads like shell_exec() to execute system commands and retrieve sensitive information from the server.
by dd_
CVSS 9.8
HTML5 Video Player 1.2.5 Local Buffer Overflow Non-SEH
HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register dialog to trigger code execution and spawn a calculator process.
by Dino Covotsos
CVSS 8.4
Care2x 2.7 Hospital Information System SQL Injection via ck_config
Care2x 2.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by manipulating the ck_config cookie parameter. Attackers can inject malicious SQL through the ck_config cookie in multiple endpoints including login.php, indexframe.php, and various module files to extract sensitive database information without authentication.
by Carlos Avila
CVSS 8.2
WordPress Plugin ad manager wd 1.0.11 Arbitrary File Download
WordPress Plugin ad manager wd 1.0.11 contains an arbitrary file download vulnerability that allows unauthenticated attackers to download sensitive files by manipulating the path parameter. Attackers can send GET requests to the edit.php endpoint with export=export_csv and a malicious path parameter to read arbitrary files like wp-config.php accessible to the web server.
by 41!kh4224rDz
CVSS 9.8
ResourceSpace 8.6 SQL Injection via collection_edit.php
ResourceSpace 8.6 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the keywords parameter in collection_edit.php. Attackers can submit POST requests with crafted SQL payloads in the keywords field to extract sensitive database information including schema names, user credentials, and other confidential data.
by dd_
CVSS 7.1
Faleemi Desktop Software 1.8 Local Buffer Overflow SEH DEP Bypass
Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can inject a crafted payload into the Save Path for Snapshot and Record file field to trigger a buffer overflow and execute arbitrary code via ROP chain gadgets.
by bzyo
CVSS 8.4
By Source