Exploitdb Exploits
50,095 exploits tracked across all sources.
Windows Desktop Bridge - Privilege Escalation
An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8208.
by Google Security Research
CVSS 7.0
Windows 10 and Windows Server 2016 - Elevation of Privilege via Desktop Bridge Virtual Registry
An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8214.
by Google Security Research
CVSS 7.0
IPConfigure Orchid Core VMS 2.0.5 - Path Traversal
IPConfigure Orchid Core VMS 2.0.5 allows Directory Traversal.
by Nettitude
CVSS 7.5
Apache CouchDB < 1.7.0 and 2.x < 2.1.1 - Authenticated OS Command Injection via Configuration Options
CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitrary shell commands as the CouchDB user, including downloading and executing scripts from the public internet.
by Cody Zacharias
CVSS 7.2
Redis < 5.0 - Denial of Service via XGROUP Command Type Confusion
Type confusion in the xgroupCommand function in t_stream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream.
by Fakhri Zulkifli
CVSS 7.5
NTP 4.2.8p11 - Stack-based Buffer Overflow via IPv4/IPv6 Command-line Parameter
Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which ntpq or ntpdc is used with a command line from an untrusted source.
by Fakhri Zulkifli
CVSS 9.8
perfSONAR MaDDash <2.0.2 - Info Disclosure
An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /images/ provides a directory listing.
by ManhNho
CVSS 5.3
Audiograbber 1.83 Local Buffer Overflow via SEH
Audiograbber 1.83 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious input in the Interpret or Album fields that triggers a buffer overflow, overwriting SEH pointers and executing injected shellcode with application privileges.
by Dennis 'dhn' Herrmann
CVSS 8.4
Joomla Component jomres 9.11.2 Cross-Site Request Forgery
Joomla Component jomres 9.11.2 contains a cross-site request forgery vulnerability that allows attackers to modify user account information by tricking authenticated users into visiting malicious pages. Attackers can craft HTML forms targeting the account/index endpoint with hidden fields to change passwords, email addresses, and profile details without user consent.
by L0RD
CVSS 4.3
Redatam < 7 - Information Disclosure via Invalid LFN Parameter
Redatam7 (formerly Redatam WebServer) allows remote attackers to discover the installation path via an invalid LFN parameter to the /redbin/rpwebutilities.exe/text URI.
by Berk Dusunur
CVSS 5.3
Redatam < 7 - Unauthenticated Path Traversal via LFN Parameter
Redatam7 (formerly Redatam WebServer) allows remote attackers to read arbitrary files via /redbin/rpwebutilities.exe/text?LFN=../ directory traversal.
by Berk Dusunur
CVSS 7.5
Pale Moon < 27.9.3 - Use-After-Free in DOMProxyHandler
A use-after-free vulnerability exists in DOMProxyHandler::EnsureExpandoObject in Pale Moon before 27.9.3.
by Berk Cem Göksel
CVSS 9.8
Microsoft Windows - Remote Code Execution via Untrusted Object Deserialization
A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
by Code White
CVSS 8.8
RabbitMQ Web Management < 3.7.6 - Cross-Site Request Forgery (Add Admin)
by Dolev Farhi
Redis <4.0.10 & 5.x <5.0 RC3 - Buffer Overflow
Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and escalate to higher privileges via a crafted command line. NOTE: It is unclear whether there are any common situations in which redis-cli is used with, for example, a -h (aka hostname) argument from an untrusted source.
by Fakhri Zulkifli
CVSS 8.4
Nikto < 2.1.6 - CSV Injection via Server Field in HTTP Response Header
CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers to inject arbitrary OS commands via the Server field in an HTTP response header, which is directly injected into a CSV report.
by Adam Greenhill
CVSS 9.8
EIP-2026-117937
EXPLOITDB
Soroush IM Desktop App 0.15 (beta) - Authentication Bypass
by VortexNeoX64
OEcms v3.1 - Reflected Cross-Site Scripting via info.php mod Parameter
A Reflected Cross-Site Scripting web vulnerability has been discovered in the OEcms v3.1 web-application. The vulnerability is located in the mod parameter of info.php.
by Renzi
CVSS 5.4
Dimofinf CMS 3.0.0 - Cross-Site Scripting via News.php ID Parameter
Cross-site scripting (XSS) vulnerability in news.php in Dimofinf CMS Version 3.0.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
by Renzi
CVSS 5.4
Harmis Ek Rishta <2.10 - SQL Injection
router.php in the Harmis Ek rishta (aka ek-rishta) 2.10 component for Joomla! allows SQL Injection via the PATH_INFO to a home/requested_user/Sent%20interest/ URI.
by Guilherme Assmann
CVSS 8.8
Redaxo CMS Mediapool Addon 5.5.1 Arbitrary File Upload
Redaxo CMS Mediapool Addon 5.5.1 and older contains an arbitrary file upload vulnerability that allows authenticated users to bypass file extension blacklist restrictions. Attackers with editor accounts can upload executable files by using obfuscated extensions like php71 or php53 to evade the blacklist filter and execute arbitrary code.
by h0n1gsp3cht
CVSS 8.8
RSLinx Classic <3.90.01 - Privilege Escalation
An unquoted search path or element in RSLinx Classic Versions 3.90.01 and prior and FactoryTalk Linx Gateway Versions 3.90.00 and prior may allow an authorized, but non-privileged local user to execute arbitrary code and allow a threat actor to escalate user privileges on the affected workstation.
by LiquidWorm
CVSS 7.8
Windows 10 and Windows Server 2016 - Elevation of Privilege via Kernel API Permission Enforcement
An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
by Google Security Research
CVSS 7.0
Maccms 10 - Cross-Site Request Forgery via Admin Account Creation
Maccms 10 allows CSRF via admin.php/admin/admin/info.html to add user accounts.
by bay0net
CVSS 8.8
By Source