Exploitdb Exploits
50,095 exploits tracked across all sources.
Microsoft DirectX SDK - 'Xact.exe' Remote Code Execution
by hyp3rlinx
Acunetix WVS 10.0 Build 20150623 - Denial of Service (PoC)
by Javier Enrique Rodriguez Gutierrez
IBM Sterling B2B Integrator 5.2.0.1-5.2.6.2 and Sterling File Gateway 2.2.0-2.2.5 - Cross-Site Scripting
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142967.
by Vikas Khanna
CVSS 5.4
PostgreSQL - Privilege Escalation via Race Condition in Init Script
A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root.
by Johannes Segitz
CVSS 7.3
Android 6.0-8.1 - Path Traversal in Utils.cpp readMetadata
In readMetadata of Utils.cpp, there is a possible path traversal bug due to a confused deputy. This could lead to local escalation of privilege when mounting a USB device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-80436257.
by Google Security Research
CVSS 6.8
MyBB Like Plugin 3.0.0 Cross-Site Scripting via User Profiles
MyBB Like Plugin 3.0.0 contains a stored cross-site scripting vulnerability. Authenticated attackers can inject script payloads into post or thread subjects; when other users view a profile that displays the attacker's liked posts, the unsanitized subject is rendered, executing the script in the viewer's browser.
by 0xB9
CVSS 6.1
iSmartViewPro 1.5 - 'Password' Buffer Overflow
by Javier Enrique Rodriguez Gutierrez
Zimbra Collaboration Suite < 8.6.0 - Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bug 103609.
by Dino Barlattani
CVSS 6.1
Eldenroot Thank You/Like <3.1.0 - XSS
inc/plugins/thankyoulike.php in the Eldenroot Thank You/Like plugin before 3.1.0 for MyBB allows XSS via a post or thread subject.
by 0xB9
CVSS 6.1
Soroush IM Desktop App 0.17.0 Authentication Bypass via Database Injection
Soroush IM Desktop App 0.17.0 contains an authentication bypass vulnerability that allows local attackers to remove passcodes by injecting pre-encrypted database entries using a constant encryption key. Attackers can inject malicious database records into the application's database files to unlock the client and access all stored data, chats, images, and files without knowing the original passcode.
by VortexNeoX64
CVSS 6.8
Mikrotik WinBox 6.42 - Credential Disclosure (Metasploit)
by Omid Shojaei
reSIProcate <1.10.2 - Buffer Overflow
The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of service (buffer overflow) or possibly execute arbitrary code when TLS communication is enabled.
by Joachim De Zutter
CVSS 9.8
Linux Kernel < 4.14.8 - Out-of-bounds Read via timer_create sigev_notify Field
The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE).
by Andrey Konovalov
CVSS 5.5
TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery (Remote Reboot)
by Wadeek
TP-Link C50 Wireless Router 3 - Cross-Site Request Forgery (Information Disclosure)
by Wadeek
Ericsson-LG iPECS NMS 30M - Path Traversal
Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs.
by Safak Aslan
CVSS 7.5
iSmartViewPro 1.5 - 'Device Alias' Buffer Overflow
by Rodrigo Eduardo Rodriguez
iSmartViewPro 1.5 - 'Account' Buffer Overflow
by Alan Joaquín Baeza Meza
osTicket 1.10.1 - Unrestricted Upload of File with Dangerous Type via tickets.php
osTicket 1.10.1 provides a functionality to upload 'html' files with associated formats. However, it does not properly validate the uploaded file's contents and thus accepts any type of file, such as with a tickets.php request that is modified with a .html extension changed to a .exe extension. An attacker can leverage this vulnerability to upload arbitrary files on the web application having malicious content.
by Rajwinder Singh
CVSS 9.8
TP-Link Wireless N Router WR840N - Denial of Service (PoC)
by Aniket Dinda
OpenEMR <5.0.1.4 - Command Injection
OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/main/daemon_frame.php after modifying the "hylafax_server" global variable in interface/super/edit_globals.php.
by Cody Zacharias
CVSS 8.8
QNap QVR Client 5.0.3.23100 - Denial of Service (PoC)
by Rodrigo Eduardo Rodriguez
Foxit Reader 9.0.1.1049 - Buffer Overflow (ASLR & DEP Bypass)
by Manoj Ahuje
Monstra-Dev 3.0.4 - Cross-Site Request Forgery (Account Hijacking)
by Nainsi Gupta
AgataSoft Auto PingMaster 1.5 Buffer Overflow SEH
AgataSoft Auto PingMaster 1.5 contains a stack-based buffer overflow vulnerability in the Trace Route host name field that allows local attackers to execute arbitrary code by triggering structured exception handling. Attackers can craft a malicious ping.txt file with shellcode and jump instructions that overwrite the SEH handler pointer to achieve code execution when the file contents are pasted into the application.
by bzyo
CVSS 8.4
By Source