Exploitdb Exploits
49,996 exploits tracked across all sources.
Linux BPF Sign Extension Local Privilege Escalation
The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension.
by rlarabee
CVSS 7.8
Boxoft wav-wma Converter 1.0 Local Buffer Overflow SEH
Boxoft wav-wma Converter 1.0 contains a local buffer overflow vulnerability in structured exception handling that allows attackers to execute arbitrary code by crafting malicious WAV files. Attackers can create a specially crafted WAV file with excessive data and ROP gadgets to overwrite the SEH chain and achieve code execution on Windows systems.
by Achilles
CVSS 8.4
Activision Call OF Duty Modern Warfare 2 - Out-of-Bounds Write
Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 before 2018-04-26 allows remote attackers to execute arbitrary code via crafted packets.
by Maurice Heumann
CVSS 10.0
Umbraco CMS SeoChecker Plugin 1.9.2 - Cross-Site Scripting
by Ahmed Elhady Mohamed
GitList 0.6.0 - Argument Injection (Metasploit)
by Metasploit
GitList 0.6.0 - Argument Injection (Metasploit)
by Metasploit
HP VAN SDN Controller - Root Command Injection (Metasploit)
by Metasploit
HID discoveryd - 'command_blink_on' Remote Code Execution (Metasploit)
by Metasploit
HID discoveryd - 'command_blink_on' Remote Code Execution (Metasploit)
by Metasploit
Tor < 0.3.2.10 - Use After Free
A use-after-free issue was discovered in Tor 0.3.2.x before 0.3.2.10. It allows remote attackers to cause a denial of service (relay crash) because the KIST implementation allows a channel to be added more than once in the pending list.
by t4rkd3vilz
CVSS 7.5
Oracle WebLogic Server <12.2.1.1 - RCE
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.0 and 12.2.1.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS v3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).
by bobsecq
CVSS 9.8
Airties 5444 <1.0.0.18 - XSS
Airties 5444 1.0.0.18 and 5444TT 1.0.0.18 devices allow XSS.
by Raif Berkay Dincel
CVSS 6.1
Polaris Office 2017 8.1 - RCE
Polaris Office 2017 8.1 allows attackers to execute arbitrary code via a Trojan horse puiframeworkproresenu.dll file in the current working directory.
by hyp3rlinx
CVSS 7.8
Softexpert Excellence Suite - SQL Injection
A SQL injection vulnerability in the SoftExpert (SE) Excellence Suite 2.0 allows remote authenticated users to perform SQL heuristics by pulling information from the database with the "cddocument" parameter in the "Downloading Electronic Documents" section.
by Seren PORSUK
CVSS 8.8
VLC media player 2.2.8 - Arbitrary Code Execution (PoC)
by Eugene Ng
Adbglobal Dv2210 Firmware - Incorrect Authorization
All ADB broadband gateways / routers based on the Epicentro platform are affected by an authorization bypass vulnerability where attackers are able to access and manipulate settings within the web interface that are forbidden to end users (e.g., by the ISP). An attacker would be able to enable the TELNET server or other settings as well.
by SEC Consult
CVSS 7.5
Adbglobal Dv2210 Firmware - Incorrect Permission Assignment
All ADB broadband gateways / routers based on the Epicentro platform are affected by a privilege escalation vulnerability where attackers can gain access to the command line interface (CLI) if previously disabled by the ISP, escalate their privileges, and perform further attacks.
by SEC Consult
CVSS 7.5
Epicentro - Privilege Escalation
All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP (e.g., VoIP credentials) or attack the internal network of the ISP.
by SEC Consult
CVSS 7.8
ShopNx <2017-11-17 - RCE
An issue was discovered in ShopNx through 2017-11-17. The vulnerability allows a remote attacker to upload any malicious file to a Node.js application. An attacker can upload a malicious HTML file that contains a JavaScript payload to steal a user's credentials.
by L0RD
CVSS 8.8
Brynamics - Information Disclosure
Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote attackers to obtain sensitive information via a direct request for the /dashboard/deposit URI, as demonstrated by discovering database credentials.
by L0RD
CVSS 9.8
CMS Made Simple <2.2.5 - Authenticated RCE
CMS Made Simple version 2.2.5 contains a Remote Code Execution vulnerability in File Manager that can result in Allows an authenticated admin that has access to the file manager to execute code on the server. This attack appear to be exploitable via File upload -> copy to any extension.
by Mustafa Hasan
CVSS 7.2
ManageEngine Exchange Reporter Plus < Build 5311 - Remote Code Execution
by Kacper Szurek
Boxoft Wav TO Mp3 Converter - Memory Corruption
Buffer overflow in Boxoft WAV to MP3 Converter allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted WAV file.
by Metasploit
By Source