Exploitdb Exploits

49,996 exploits tracked across all sources.

Sort: Activity Stars
CVE-2018-10906 EXPLOITDB MEDIUM c VERIFIED
Debian Linux < 2.9.8 - Improper Authorization
In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, accessible by other users, and trick them into accessing files on that file system, possibly causing Denial of Service or other unspecified effects.
by Google Security Research
CVSS 5.3
CVE-2018-10661 EXPLOITDB CRITICAL ruby VERIFIED
Axis IP Cameras - Auth Bypass
An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control.
by Metasploit
CVSS 9.8
CVE-2018-10660 EXPLOITDB CRITICAL ruby VERIFIED
Axis A1001 Firmware < 1.65.1 - OS Command Injection
An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection.
by Metasploit
CVSS 9.8
EIP-2026-116117 EXPLOITDB python
QNap QVR Client 5.1.1.30070 - 'Password' Denial of Service (PoC)
by Luis Martínez
EIP-2026-115921 EXPLOITDB python
NetScanTools Basic Edition 2.5 - 'Hostname' Denial of Service (PoC)
by Luis Martínez
CVE-2018-14417 EXPLOITDB CRITICAL text VERIFIED
SoftNAS Cloud <4.0.3 - Command Injection
A command injection vulnerability was found in the web administration console in SoftNAS Cloud before 4.0.3. In particular, the snserv script did not sanitize the 'recentVersion' parameter from the snserv endpoint, allowing an unauthenticated attacker to execute arbitrary commands with root permissions.
by Core Security
CVSS 9.8
EIP-2026-104792 EXPLOITDB ruby VERIFIED
WordPress Plugin Responsive Thumbnail Slider - Arbitrary File Upload (Metasploit)
by Metasploit
CVE-2018-6126 EXPLOITDB HIGH text VERIFIED
Google Chrome <67.0.3396.62 - Memory Corruption
A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
by Google Security Research
CVSS 8.8
CVE-2018-14328 EXPLOITDB CRITICAL text
Brynamics Online Trade - Info Disclosure
Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote attackers to obtain sensitive information via a direct request for /dashboard/addplan, /dashboard/paywithcard/charge, /dashboard/withdrawal, or /privacy&terms, as demonstrated by reading database username, database password, database_name, and IP address fields, related to CVE-2018-12908.
by Dhamotharan
CVSS 9.8
CVE-2018-10662 EXPLOITDB CRITICAL ruby VERIFIED
Axis IP Cameras - Info Disclosure
An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface.
by Metasploit
CVSS 9.8
CVE-2018-14519 EXPLOITDB MEDIUM text
Kirby 2.5.12 - CSRF
An issue was discovered in Kirby 2.5.12. The delete page functionality suffers from a CSRF flaw. A remote attacker can craft a malicious CSRF page and force the user to delete a page.
by Zaran Shaikh
CVSS 4.3
CVE-2018-20658 EXPLOITDB HIGH python
Coreftp Core FTP - Improper Input Validation
The server in Core FTP 2.0 build 653 on 32-bit platforms allows remote attackers to cause a denial of service (daemon crash) via a crafted XRMD command.
by Erik David Martin
CVSS 7.5
CVE-2018-13859 EXPLOITDB CRITICAL text
MusicCenter / Trivum Multiroom Setup Tool V8.76-9.34 - Auth Bypass
MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 Professional before V9.34 build 13381 - 12.07.18, allow unauthorized remote attackers to reset the authentication via the "/xml/system/setAttribute.xml" URL, using the GET request "?id=0&attr=protectAccess&newValue=0" (a successful attack will allow attackers to login without authorization).
by vulnc0d3
CVSS 9.8
CVE-2018-25255 EXPLOITDB HIGH python
10-Strike LANState 8.8 Local Buffer Overflow SEH
10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attackers can create a specially formatted LSM file with a payload in the ObjCaption parameter that overflows the buffer, overwrites the SEH chain, and executes shellcode when the file is opened in the application.
by absolomb
CVSS 8.4
EIP-2026-116675 EXPLOITDB python
10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow (SEH)
by absolomb
EIP-2026-116674 EXPLOITDB python
10-Strike Bandwidth Monitor 3.7 - Local Buffer Overflow (SEH)
by absolomb
CVE-2017-17849 EXPLOITDB CRITICAL python
Getgosoft Getgo Download Manager < 5.3.0.2712 - Memory Corruption
A buffer overflow vulnerability in GetGo Download Manager 5.3.0.2712 and earlier could allow remote HTTP servers to execute arbitrary code on NAS devices via a long response.
by Nathu Nandwani
CVSS 9.8
CVE-2018-12464 EXPLOITDB CRITICAL ruby
Micro Focus Secure Messaging Gateway <471 - SQL Injection
A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows an unauthenticated remote attacker to execute arbitrary SQL statements against the database. This can be exploited to create an administrative account and used in conjunction with CVE-2018-12465 to achieve unauthenticated remote code execution. Affects Micro Focus Secure Messaging Gateway versions prior to 471. It does not affect previous versions of the product that use the GWAVA product name (i.e. GWAVA 6.5).
by Mehmet Ince
CVSS 10.0
CVE-2018-13457 EXPLOITDB MEDIUM text
Nagios Core < 4.4.1 - NULL Pointer Dereference
qh_echo in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
by Fakhri Zulkifli
CVSS 5.5
CVE-2018-13441 EXPLOITDB MEDIUM text
Nagios < 4.4.1 - NULL Pointer Dereference
qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
by Fakhri Zulkifli
CVSS 5.5
CVE-2018-12465 EXPLOITDB CRITICAL ruby
Micro Focus SMG <471 - Command Injection
An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway (SMG) allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-2018-12464 to achieve unauthenticated remote code execution. Affects Micro Focus Secure Messaging Gateway versions prior to 471. It does not affect previous versions of the product that used GWAVA product name (i.e. GWAVA 6.5).
by Mehmet Ince
CVSS 9.1
CVE-2018-13458 EXPLOITDB MEDIUM text
Nagios Core < 4.4.1 - NULL Pointer Dereference
qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
by Fakhri Zulkifli
CVSS 5.5
EIP-2026-101619 EXPLOITDB text
D-link DAP-1360 - Path Traversal / Cross-Site Scripting
by r3m0t3nu11
EIP-2026-101618 EXPLOITDB text
D-link DAP-1360 - Path Traversal / Cross-Site Scripting
by r3m0t3nu11
CVE-2018-14933 EXPLOITDB CRITICAL text VERIFIED
NUUO NVRmini - RCE
upgrade_handle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command.
by Berk Dusunur
CVSS 9.8
By Source
All 49,996 Writeup 59,977 Exploitdb 49,996 Nomisec 21,600 Metasploit 3,218 Github 2,556 Vulncheck_xdb 904 Inthewild 514 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,337 python 5,936 ruby 5,907 c 3,565 perl 2,849 html 2,053 php 1,326 bash 459 java 362 c++ 250 javascript 215 shell 90 go 53 postscript 25 xml 24