Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-102803 EXPLOITDB text VERIFIED
Chrome OS 10820.0.0 dev-channel - app->VM via garcon TCP Command Socket
by Google Security Research
EIP-2026-102641 EXPLOITDB text VERIFIED
Linux 4.18 - Arbitrary Kernel Read into dmesg via Missing Address Check in segfault Handler
by Google Security Research
CVE-2018-25281 EXPLOITDB MEDIUM python VERIFIED
iCash 7.6.5 Denial of Service via Connect to Server
iCash 7.6.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload through the Connect to Server dialog. Attackers can paste a 7000-byte string into the Host field and click Connect to trigger an application crash.
by Gionathan Reale
CVSS 5.5
CVE-2018-25280 EXPLOITDB MEDIUM python VERIFIED
Infiltrator Network Security Scanner 4.6 Denial of Service
Infiltrator Network Security Scanner 4.6 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a 6000-byte payload into the Scan Target field and trigger a denial of service condition when the Scan button is clicked.
by Gionathan Reale
CVSS 5.5
CVE-2018-25279 EXPLOITDB MEDIUM python
jiNa OCR Image to Text 1.0 Denial of Service via PNG
jiNa OCR Image to Text 1.0 contains a denial of service vulnerability that allows local attackers to crash the application by processing a malformed PNG file. Attackers can create a specially crafted PNG file with an oversized buffer and trigger the crash when the application attempts to convert the file to PDF.
by Gionathan Reale
CVSS 6.2
CVE-2018-25278 EXPLOITDB MEDIUM python VERIFIED
PicaJet FX 2.6.5 Denial of Service via Registration Fields
PicaJet FX 2.6.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-byte buffer into the Registration Name and Registration Key fields via the Help menu's Register PicaJet dialog to trigger an application crash.
by Gionathan Reale
CVSS 6.2
CVE-2018-25277 EXPLOITDB MEDIUM python VERIFIED
PixGPS 1.1.8 Buffer Overflow Denial of Service
PixGPS 1.1.8 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string to the folder path input field. Attackers can craft a payload exceeding 6000 bytes and paste it into the 'Folder with picture files' field to trigger a denial of service condition.
by Gionathan Reale
CVSS 6.2
CVE-2018-25276 EXPLOITDB MEDIUM python VERIFIED
RoboImport 1.2.0.72 Denial of Service via Registration Fields
RoboImport 1.2.0.72 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-byte buffer into the Registration Name and Registration Key fields and click Register to trigger an application crash.
by Gionathan Reale
CVSS 5.5
CVE-2018-16672 EXPLOITDB MEDIUM python
CIRCONTROL CirCarLife <4.3 - Info Disclosure
An issue was discovered in CIRCONTROL CirCarLife before 4.3. Due to the storage of multiple sensitive information elements in a JSON format at /services/system/setup.json, an authenticated but unprivileged user can exfiltrate critical setup information.
by SadFud
CVSS 6.5
CVE-2018-16671 EXPLOITDB MEDIUM python
CIRCONTROL CirCarLife <4.3 - Info Disclosure
An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is system software information disclosure due to lack of authentication for /html/device-id.
by SadFud
CVSS 5.3
CVE-2018-16670 EXPLOITDB MEDIUM python
CIRCONTROL CirCarLife <4.3 - Info Disclosure
An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is PLC status disclosure due to lack of authentication for /html/devstat.html.
by SadFud
CVSS 5.3
CVE-2018-16669 EXPLOITDB CRITICAL python
CIRCONTROL OCPP <1.5.0 - Info Disclosure
An issue was discovered in CIRCONTROL Open Charge Point Protocol (OCPP) before 1.5.0, as used in CirCarLife, PowerStudio, and other products. Due to storage of credentials in XML files, an unprivileged user can look at /services/config/config.xml for the admin credentials of the ocpp and circarlife panels.
by SadFud
CVSS 9.8
CVE-2018-16668 EXPLOITDB MEDIUM python
CIRCONTROL CirCarLife <4.3 - Info Disclosure
An issue was discovered in CIRCONTROL CirCarLife before 4.3. There is internal installation path disclosure due to the lack of authentication for /html/repository.
by SadFud
CVSS 5.3
CVE-2018-10814 EXPLOITDB HIGH text
Synametrics SynaMan 4.0 build 1488 - Insufficiently Protected SMTP Credentials
Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for SMTP credentials.
by bzyo
CVSS 7.8
CVE-2018-10763 EXPLOITDB MEDIUM text
SynaMan 4.0 build 1488 - Stored Cross-Site Scripting via Partial Branding Configuration
Multiple cross-site scripting (XSS) vulnerabilities in Synametrics SynaMan 4.0 build 1488 via the (1) Main heading or (2) Sub heading fields in the Partial Branding configuration page.
by bzyo
CVSS 4.8
EIP-2026-116048 EXPLOITDB python VERIFIED
PDF Explorer 1.5.66.2 - Denial of Service (PoC)
by Gionathan Reale
CVE-2018-15596 EXPLOITDB MEDIUM text
MyBB 1.8.17 - Cross-Site Scripting in RSS Syndication Feed
An issue was discovered in inc/class_feedgeneration.php in MyBB 1.8.17. On the forum RSS Syndication page, one can generate a URL such as http://localhost/syndication.php?fid=&type=atom1.0&limit=15. The thread titles (within title elements of the generated XML documents) aren't sanitized, leading to XSS.
by 0xB9
CVSS 6.1
CVE-2018-1756 EXPLOITDB HIGH text VERIFIED
IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 - SQL Injection
IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, information in the back-end database. IBM X-Force ID: 148599.
by Mohamed Sayed
CVSS 7.5
CVE-2018-4240 EXPLOITDB MEDIUM python
iPhone OS < 11.4, macOS < 10.13.5, tvOS < 11.4, watchOS < 4.3.1 - Denial of Service via Crafted Message
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service via a crafted message.
by Sriram
CVSS 6.5
CVE-2018-16836 EXPLOITDB CRITICAL text
Rubedo < 3.4.0 - Unauthenticated Path Traversal via Theme Component
Rubedo through 3.4.0 contains a Directory Traversal vulnerability in the theme component, allowing unauthenticated attackers to read and execute arbitrary files outside of the service root path, as demonstrated by a /theme/default/img/%2e%2e/..//etc/passwd URI.
by Marouene Boubakri
CVSS 9.8
CVE-2018-16946 EXPLOITDB HIGH python
LG Smart Network Camera Firmware 1310250-1508190 - Unauthenticated Sensitive Information Exposure
LG LNB*, LND*, LNU*, and LNV* smart network camera devices have broken access control. Attackers are able to download /updownload/t.report (aka Log & Report) files and download backup files (via download.php) without authenticating. These backup files contain user credentials and configuration information for the camera device. An attacker is able to discover the backup filename via reading the system logs or report data, or just by brute-forcing the backup filename pattern. It may be possible to authenticate to the admin account with the admin password.
by Ege Balci
CVSS 7.5
CVE-2018-12634 EXPLOITDB CRITICAL python
CirCarLife Scada <4.3 - Info Disclosure
CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI.
by SadFud
CVSS 9.8
EIP-2026-119635 EXPLOITDB python
InTouch Machine Edition 8.1 SP1 - 'Nombre del Tag' Buffer Overflow (SEH)
by Luis Martínez
EIP-2026-119473 EXPLOITDB python
HTML5 Video Player 1.2.5 - Denial of Service (PoC)
by T3jv1l
EIP-2026-105416 EXPLOITDB text
Bayanno Hospital Management System 4.0 - Cross-Site Scripting
by Gokhan Sagoglu