Exploitdb Exploits
49,989 exploits tracked across all sources.
Linux Kernel < 3.2.92 - Use After Free
The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.
by Lexfo
CVSS 7.8
ADD Clicking MLM Software <1.0 - SQL Injection
SQL injection exists in ADD Clicking MLM Software 1.0, Binary MLM Software 1.0, Level MLM Software 1.0, Singleleg MLM Software 1.0, Autopool MLM Software 1.0, Investment MLM Software 1.0, Bidding MLM Software 1.0, Moneyorder MLM Software 1.0, Repurchase MLM Software 1.0, and Gift MLM Software 1.0 via the member/readmsg.php msg_id parameter, the member/tree.php pid parameter, or the member/downline.php m_id parameter.
by Ihsan Sencan
CVSS 9.8
Scriptzee Hotel Booking Engine 1.0 - SQL Injection
SQL injection exists in Scriptzee Hotel Booking Engine 1.0 via the hotels h_room_type parameter.
by Ihsan Sencan
CVSS 9.8
Scriptzee Education Website 1.0 - SQL Injection
SQL injection exists in Scriptzee Education Website 1.0 via the college_list.html subject, city, or country parameter.
by Ihsan Sencan
CVSS 9.8
Zahir Accounting Enterprise Plus <6 - RCE
Stack-based buffer overflows in Zahir Accounting Enterprise Plus 6 through build 10b allow remote attackers to execute arbitrary code via a crafted CSV file that is accessed through the Import CSV File menu.
by SPARC
CVSS 7.8
WUZHI CMS 2.0 - XSS
XSS exists in WUZHI CMS 2.0 via the index.php v or f parameter.
by Renzi
CVSS 6.1
Flippa Marketplace Clone 1.0 - 'date_started' SQL Injection
by Ihsan Sencan
ManageEngine AssetExplorer 6.2.0 - Cross-Site Scripting
by Ismail Tasdelen
Billion ADSL Router 400G 20151105641 - Cross-Site Scripting
by cakes
PCProtect Anti-Virus <4.8.35 - Privilege Escalation
PCProtect Anti-Virus v4.8.35 has "Everyone: (F)" permission for %PROGRAMFILES(X86)%\PCProtect, which allows local users to gain privileges by replacing an executable file with a Trojan horse.
by Hashim Jawad
CVSS 7.8
Microsoft Edge - Privilege Escalation
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8469.
by Google Security Research
CVSS 7.4
Windows - Privilege Escalation
An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
by Google Security Research
CVSS 4.7
Rausoft ID.prove <2.95 - SQL Injection
An issue was discovered in Rausoft ID.prove 2.95. The login page allows SQL injection via Microsoft SQL Server stacked queries in the Username POST parameter. Hypothetically, an attacker can utilize master..xp_cmdshell for the further privilege elevation.
by Ilya Timchenko
CVSS 9.8
iWay Data Quality Suite Web Console 10.6.1.ga - XML External Entity Injection
by Sureshbabu Narvaneni
Microsoft Edge - Privilege Escalation
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8463.
by Google Security Research
CVSS 7.4
Alcatel OSPREY3_MINI - Privilege Escalation
The installer for the Alcatel OSPREY3_MINI Modem component on EE EE40VB 4G mobile broadband modems with firmware before EE40_00_02.00_45 sets weak permissions (Everyone:Full Control) for the "Web Connecton\EE40" and "Web Connecton\EE40\BackgroundService" directories, which allows local users to gain privileges, as demonstrated by inserting a Trojan horse ServiceManager.exe file into the "Web Connecton\EE40\BackgroundService" directory.
by Osanda Malith Jayathissa
CVSS 7.8
ManageEngine Desktop Central 10.0.271 - Cross-Site Scripting
by Ismail Tasdelen
CrossFont 7.5 Denial of Service via License Key Field
CrossFont 7.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by submitting an oversized payload in the License Key field. Attackers can generate a malicious file containing 4000 bytes of data, paste it into the License Key input field, and trigger an application crash when processing the input.
by Gionathan Reale
CVSS 6.2
TransMac 12.2 Denial of Service via License Key Field
TransMac 12.2 contains a buffer overflow vulnerability in the license key input field that allows local attackers to crash the application by submitting an oversized string. Attackers can generate a payload file containing 4000 bytes of data, paste it into the License Key field, and trigger a denial of service condition.
by Gionathan Reale
CVSS 6.2
Linux kernel <4.14 - Privilege Escalation
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.
by Qualys Corporation
CVSS 7.8
Linux kernel <4.18.8 - Use After Free
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.
by Google Security Research
CVSS 7.8
By Source