Exploitdb Exploits
49,996 exploits tracked across all sources.
IBM Security Identity Governance And Intelligence - SQL Injection
IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, information in the back-end database. IBM X-Force ID: 148599.
by Mohamed Sayed
CVSS 7.5
Apple Iphone OS < 11.4 - Improper Input Validation
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service via a crafted message.
by Sriram
CVSS 6.5
Rubedo <3.4.0 - Path Traversal
Rubedo through 3.4.0 contains a Directory Traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI.
by Marouene Boubakri
CVSS 9.8
LG LNB*-LNV* - Info Disclosure
LG LNB*, LND*, LNU*, and LNV* smart network camera devices have broken access control. Attackers are able to download /updownload/t.report (aka Log & Report) files and download backup files (via download.php) without authenticating. These backup files contain user credentials and configuration information for the camera device. An attacker is able to discover the backup filename via reading the system logs or report data, or just by brute-forcing the backup filename pattern. It may be possible to authenticate to the admin account with the admin password.
by Ege Balci
CVSS 7.5
CirCarLife Scada <4.3 - Info Disclosure
CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI.
by SadFud
CVSS 9.8
InTouch Machine Edition 8.1 SP1 - 'Nombre del Tag' Buffer Overflow (SEH)
by Luis Martínez
Bayanno Hospital Management System 4.0 - Cross-Site Scripting
by Gokhan Sagoglu
Google Android - Incorrect Authorization
In the SELinux permissions of crash_dump.te, there is a permissions bypass due to a missing restriction. This could lead to a local escalation of privilege, with System privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android-9.0 Android ID: A-110107376.
by Google Security Research
CVSS 7.8
Nmap 7.70 Denial of Service via XML Entity Expansion
Nmap 7.70 contains a denial of service vulnerability that allows local attackers to crash the application by processing malicious XML files with exponential entity expansion. Attackers can create a crafted XML file with nested entity definitions and open it through ZenMap's scan import functionality to cause the program to consume excessive system resources and crash.
by Gionathan Reale
CVSS 6.2
LINK-NET LW-N605R - RCE
LINK-NET LW-N605R devices with firmware 12.20.2.1486 allow Remote Code Execution via shell metacharacters in the HOST field of the ping feature at adm/systools.asp. Authentication is needed but the default password of admin for the admin account may be used in some cases.
by Nassim Asrir
CVSS 8.8
SocuSoft iPod Photo Slideshow 8.05 - Buffer Overflow (SEH)
by Shubham Singh
Socusoft 3GP Photo Slideshow 8.05 - Buffer Overflow (SEH)
by Shubham Singh
Photo To Video Converter Professional 8.07 - Buffer Overflow (SEH)
by Shubham Singh
Flash Slideshow Maker Professional 5.20 - Buffer Overflow (SEH)
by Shubham Singh
Microsoft Baseline Security Analyzer 2.3 - XML External Entity Injection
by hyp3rlinx
Apache Struts 2 Namespace Redirect OGNL Injection
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.
by Metasploit
CVSS 8.1
Artifex Ghostscript <9.24 - Privilege Escalation
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction.
by Metasploit
CVSS 7.8
iSmartViewPro 1.5 Buffer Overflow via SavePath Parameter
iSmartViewPro 1.5 contains a structured exception handling (SEH) buffer overflow vulnerability in the 'Save Path for Snapshot and Record file' field that allows local attackers to execute arbitrary code. Attackers can input a crafted payload exceeding 260 bytes through the System Setup interface to overwrite SEH records and execute shellcode with application privileges.
by Gionathan Reale
CVSS 8.4
DVD Photo Slideshow Professional 8.07 - Buffer Overflow (SEH)
by T3jv1l
Softneta MedDream PACS Server Premium 6.7.1.1 - Directory Traversal
by Carlos Avila
MedDream PACS Server Premium 6.7.1.1 - 'email' SQL Injection
by Carlos Avila
Tenable WAS-Scanner 7.4.1708 - Remote Command Execution
by Sameer Goyal
Qnap Photo Station < 5.7.0 - XSS
Cross-site scripting vulnerability in QNAP Photo Station versions 5.7.0 and earlier could allow remote attackers to inject Javascript code in the compromised application.
by Mitsuaki Shiraishi
CVSS 6.1
By Source