Exploitdb Exploits
49,996 exploits tracked across all sources.
Microsoft Browsers - Memory Corruption
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8291, CVE-2018-8296, CVE-2018-8298.
by Google Security Research
CVSS 7.5
Microsoft Edge Chakra JIT - 'InlineArrayPush' Type Confusion
by Google Security Research
Microsoft Browsers - Memory Corruption
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-8242, CVE-2018-8283, CVE-2018-8287, CVE-2018-8288, CVE-2018-8296, CVE-2018-8298.
by Google Security Research
CVSS 7.5
Mikrotik WinBox 6.42 - Credential Disclosure (golang)
by Maxim Yefimenko
Asustor Adm < 3.1.2.rhg1 - OS Command Injection
The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecate_js.cgi file by embedding OS commands in the 'script' parameter.
by Matthew Fulton
CVSS 9.8
P10 Central Management Software 1.4.13 Denial of Service
P10 Central Management Software 1.4.13 contains a buffer overflow vulnerability in the login password field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 2000-byte payload into the password field and click login to trigger an application crash and denial of service.
by Gionathan Reale
CVSS 5.5
ObserverIP Scan Tool 1.4.0.1 Denial of Service via IP Field
ObserverIP Scan Tool 1.4.0.1 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the IP input field. Attackers can paste a 2000-byte buffer of repeated characters into the IP field and trigger a search operation to cause an application crash.
by Gionathan Reale
CVSS 6.2
WordPress <1.1.1 - Code Injection
The Export Users to CSV plugin through 1.1.1 for WordPress allows CSV injection.
by Javier Olmedo
CVSS 8.6
Pimcore <5.3.0 - SQL Injection
Pimcore before 5.3.0 allows SQL Injection via the REST web service API.
by SEC Consult
CVSS 6.5
Pimcore <5.3.0 - CSRF
Pimcore before 5.3.0 allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging validation of the X-pimcore-csrf-token anti-CSRF token only in the "Settings > Users / Roles" function.
by SEC Consult
CVSS 8.8
OpenEMR <5.0.1.4 - Path Traversal
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to delete arbitrary files via the "docid" parameter when the mode is set to delete.
by Joshua Fam
CVSS 6.5
OpenEMR <5.0.1.4 - Path Traversal
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to read arbitrary files via the "docid" parameter when the mode is set to get.
by Joshua Fam
CVSS 6.5
Pimcore - XSS
Pimcore allows XSS via Users, Assets, Data Objects, Video Thumbnails, Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Metadata, Quantity Value, and Static Routes functions.
by SEC Consult
CVSS 5.4
OpenEMR <5.0.1.4 - RCE
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to execute arbitrary PHP code by writing a file with a PHP extension via the "docid" and "content" parameters and accessing it in the traversed directory.
by Joshua Fam
CVSS 8.8
Openbsd Openssh < 7.7 - Race Condition
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
by Matthew Daley
CVSS 5.3
WebKit <2.20.3-2.20.1 - Buffer Overflow
The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to version 2.20.1, is vulnerable to a heap-based buffer overflow triggered by an integer overflow, which could be abused by crafted HTML content.
by PeregrineX
CVSS 8.8
TP-Link WR840N - Buffer Overflow
TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header.
by Aniket Dinda
CVSS 7.5
Asustor Adm < 3.1.2.rhg1 - OS Command Injection
The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecate_js.cgi file by embedding OS commands in the 'script' parameter.
by Kyle Lovett
CVSS 9.8
Asustor Data Master - Hard-coded Credentials
ASUSTOR ADM 3.1.0.RFQ3 uses the same default root:admin username and password as it does for the NAS itself for applications that are installed from the online repository. This may allow an attacker to login and upload a webshell.
by Kyle Lovett
CVSS 9.8
JioFi 4G Hotspot M2S - XSS
JioFi 4G Hotspot M2S devices allow attackers to cause a denial of service (secure configuration outage) via an XSS payload in the SSID name and Security Key fields.
by Vikas Chaudhary
CVSS 6.5
Asustor Data Master - SQL Injection
The tree list functionality in the photo gallery application in ASUSTOR ADM 3.1.0.RFQ3 has a SQL injection vulnerability that affects the 'album_id' or 'scope' parameter via a photo-gallery/api/album/tree_lists/ URI.
by Kyle Lovett
CVSS 9.8
Wansview 1.0.2 Denial of Service via Buffer Overflow
Wansview 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input strings. Attackers can inject 2000-byte payloads into the Camera name and DID number fields during camera addition to trigger application crashes.
by Gionathan Reale
CVSS 6.2
Cloudme Sync < 1.10.9 - Memory Corruption
An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the program's execution flow and allowing arbitrary code execution.
by Raymond Wellnitz
CVSS 9.8
Oracle GlassFish Server Open Source Edition 4.1 - Path Traversal
Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request.
by Metasploit
CVSS 7.5
By Source