Exploitdb Exploits

49,989 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-117515 EXPLOITDB text
Microsoft Windows - 'MsiAdvertiseProduct' Arbitrary File Read
by evil_polar_bear
EIP-2026-116788 EXPLOITDB python
AnyBurn 4.3 - Local Buffer Overflow (SEH)
by Matteo Malvica
EIP-2026-116787 EXPLOITDB python
AnyBurn 4.3 - Local Buffer Overflow (SEH)
by Matteo Malvica
EIP-2026-116330 EXPLOITDB python
SQLScan 1.0 - Denial of Service (PoC)
by Rafael Pedrero
EIP-2026-116329 EXPLOITDB python
SQLScan 1.0 - Denial of Service (PoC)
by Rafael Pedrero
EIP-2026-115644 EXPLOITDB html
Microsoft Edge 42.17134.1.0 - 'Tree::ANode::DocumentLayout' Denial of Service
by Bogdan Kurinnoy
EIP-2026-114624 EXPLOITDB html
ZeusCart 4.0 - Cross-Site Request Forgery (Deactivate Customer Accounts)
by mqt
CVE-2018-1160 EXPLOITDB CRITICAL python VERIFIED
Netatalk <3.1.12 - RCE
Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.
by Jacob Baines
CVSS 9.8
CVE-2018-1160 EXPLOITDB CRITICAL python VERIFIED
Netatalk <3.1.12 - RCE
Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code execution.
by Tenable NS
CVSS 9.8
CVE-2018-25265 EXPLOITDB HIGH python
LanSpy 2.0.1.159 Local Buffer Overflow
LanSpy 2.0.1.159 contains a local buffer overflow vulnerability in the scan section that allows local attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious payloads using egghunter techniques to locate and execute shellcode, triggering code execution through SEH chain manipulation and controlled jumps.
by bzyo
CVSS 8.4
CVE-2018-19357 EXPLOITDB HIGH python
XMPlay 3.8.3 - Buffer Overflow
XMPlay 3.8.3 allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted http:// URL in a .m3u file.
by s7acktrac3
CVSS 7.8
EIP-2026-117514 EXPLOITDB text
Microsoft Windows - 'MsiAdvertiseProduct' Arbitrary File Copy/Read
by SandboxEscaper
EIP-2026-116882 EXPLOITDB python
Base64 Decoder 1.1.2 - Local Buffer Overflow (SEH)
by bzyo
EIP-2026-116881 EXPLOITDB python
Base64 Decoder 1.1.2 - Local Buffer Overflow (SEH)
by bzyo
CVE-2018-8625 EXPLOITDB HIGH text VERIFIED
Internet Explorer <11 - RCE
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.
by Google Security Research
CVSS 7.5
CVE-2018-8619 EXPLOITDB HIGH text VERIFIED
Internet Explorer < - RCE
A remote code execution vulnerability exists when the Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, aka "Internet Explorer Remote Code Execution Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.
by Google Security Research
CVSS 7.5
EIP-2026-103899 EXPLOITDB ruby VERIFIED
Erlang - Port Mapper Daemon Cookie Remote Code Execution (Metasploit)
by Metasploit
EIP-2026-103898 EXPLOITDB ruby VERIFIED
Erlang - Port Mapper Daemon Cookie Remote Code Execution (Metasploit)
by Metasploit
CVE-2018-25218 EXPLOITDB HIGH python
PassFab RAR Password Recovery 9.3.2 SEH Buffer Overflow
PassFab RAR Password Recovery 9.3.2 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a payload with a buffer overflow, NSEH jump, and shellcode, then paste it into the 'Licensed E-mail and Registration Code' field during registration to trigger code execution.
by Achilles
CVSS 8.4
CVE-2018-25217 EXPLOITDB HIGH python
PDF Explorer 1.5.66.2 Structured Exception Handler Local Code Execution
PDF Explorer 1.5.66.2 contains a structured exception handler (SEH) overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH records with malicious data. Attackers can craft a payload with buffer overflow, NSEH jump, and ROP gadget chains that execute when the Custom fields settings dialog processes the malicious input in the Label field.
by Achilles
CVSS 8.4
EIP-2026-117400 EXPLOITDB python
LanSpy 2.0.1.159 - Local Buffer Overflow
by Juan Prescotto
EIP-2026-117399 EXPLOITDB python
LanSpy 2.0.1.159 - Local Buffer Overflow
by Juan Prescotto
CVE-2018-13045 EXPLOITDB CRITICAL text
Yeswiki Cercopitheque < 2018-06-19-1 - SQL Injection
SQL injection vulnerability in the "Bazar" page in Yeswiki Cercopitheque 2018-06-19-1 and earlier allows attackers to execute arbitrary SQL commands via the "id" parameter.
by Mickael BROUTY
CVSS 9.8
CVE-2018-20166 EXPLOITDB HIGH ruby
Rukovoditel 2.3.1 - Code Injection
A file-upload vulnerability exists in Rukovoditel 2.3.1. index.php?module=configuration/save allows the user to upload a background image, and mishandles extension checking. It accepts uploads of PHP content if the first few characters match GIF data, and the filename ends in ".php" with mixed case, such as the .pHp extension.
by AkkuS
CVSS 8.8
CVE-2018-19829 EXPLOITDB MEDIUM html
Artica Integria IMS 5.0.83 - CSRF
Artica Integria IMS 5.0.83 has CSRF in godmode/usuarios/lista_usuarios, resulting in the ability to delete an arbitrary user when the ID number is known.
by Javier Olmedo
CVSS 6.5
By Source
All 49,989 Writeup 59,917 Exploitdb 49,989 Nomisec 21,543 Metasploit 3,218 Github 2,549 Vulncheck_xdb 904 Inthewild 514 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,330 python 5,931 ruby 5,907 c 3,565 perl 2,849 html 2,053 php 1,326 bash 459 java 362 c++ 250 javascript 215 shell 90 go 53 postscript 25 xml 24