Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2018-6129 EXPLOITDB MEDIUM text VERIFIED
Google Chrome <67.0.3396.62 - Memory Corruption
Out of bounds array access in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
by Google Security Research
CVSS 6.5
CVE-2018-6130 EXPLOITDB MEDIUM text VERIFIED
Google Chrome <67.0.3396.62 - Memory Corruption
Incorrect handling of object lifetimes in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
by Google Security Research
CVSS 6.5
CVE-2018-4222 EXPLOITDB HIGH html VERIFIED
Safari < 11.1.1 - Remote Code Execution via WebAssembly getWasmBufferFromValue Out-of-Bounds Read
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages a getWasmBufferFromValue out-of-bounds read during WebAssembly compilation.
by Google Security Research
CVSS 8.8
CVE-2018-4218 EXPLOITDB HIGH html VERIFIED
Safari < 11.1.1 - Remote Code Execution via WebKit @generatorState Use-After-Free
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers an @generatorState use-after-free.
by Google Security Research
CVSS 8.8
CVE-2018-6092 EXPLOITDB HIGH javascript VERIFIED
Google Chrome < 66.0.3359.117 - Remote Code Execution via WebAssembly Integer Overflow
An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
by Google Security Research
CVSS 8.8
CVE-2018-11409 EXPLOITDB MEDIUM text
Splunk < 7.0.1 - Unauthenticated Information Disclosure via Server Info Endpoint
Splunk through 7.0.1 allows information disclosure by appending __raw/services/server/info/server-info?output_mode=json to a query, as demonstrated by discovering a license key.
by KoF2002
CVSS 5.3
EIP-2026-102610 EXPLOITDB html
Gnome Web (Epiphany) < 3.28.2.1 - Denial of Service
by rop
CVE-2018-10088 EXPLOITDB CRITICAL python
XiongMai uc-httpd 1.0.0 - Buffer Overflow
Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vectors, a different vulnerability than CVE-2017-16725.
by Andrew Watson
CVSS 9.8
CVE-2018-25347 EXPLOITDB HIGH text
WordPress Contact Form Maker Plugin 1.12.20 SQL Injection
WordPress Contact Form Maker Plugin 1.12.20 contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries through the FormMakerSQLMapping and generete_csv_fmc AJAX actions. Attackers can inject malicious SQL code via the 'name' and 'search_labels' parameters to extract sensitive database information or escalate privileges.
by defensecode
CVSS 7.1
CVE-2018-25346 EXPLOITDB HIGH text
WordPress Form Maker Plugin 1.12.24 SQL Injection via admin-ajax.php
WordPress Form Maker Plugin 1.12.24 and below contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through the FormMakerSQLMapping and generete_csv actions. Attackers can submit POST requests with malicious SQL payloads in the name and search_labels parameters to extract, modify, or escalate privileges within the WordPress database.
by defensecode
CVSS 7.1
CVE-2018-11544 EXPLOITDB CRITICAL text
The Olive Tree Ftp Server 1.32 - Insufficiently Protected Credentials in Shared Preferences
The Olive Tree Ftp Server application 1.32 for Android has Insecure Data Storage because a username and password are stored in the /data/data/com.theolivetree.ftpserver/shared_prefs/com.theolivetree.ftpserver_preferences.xml file as the prefUsername and prefUserpass strings.
by ManhNho
CVSS 9.8
EIP-2026-113178 EXPLOITDB text
WampServer 3.0.6 - Cross-Site Request Forgery
by L0RD
CVE-2018-10118 EXPLOITDB MEDIUM python
Monstra CMS 3.0.4 - Stored Cross-Site Scripting via Name Field on Create New Page
Monstra CMS 3.0.4 has Stored XSS via the Name field on the Create New Page screen under the admin/index.php?id=pages URI, related to plugins/box/pages/pages.admin.php.
by DEEPIN2
CVSS 4.8
CVE-2018-7584 EXPLOITDB CRITICAL text VERIFIED
PHP < 5.6.33, 7.0.x < 7.0.28, 7.1.x <= 7.1.14, 7.2.x <= 7.2.2 - Stack-Based Buffer Under-Read in HTTP Response Parsing
In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string.
by Wei Lei and Liu Yang
CVSS 9.8
CVE-2018-4241 EXPLOITDB HIGH text VERIFIED
Apple tvOS < 11.4 - Kernel Buffer Overflow in mptcp_usr_connectx
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in mptcp_usr_connectx allows attackers to execute arbitrary code in a privileged context via a crafted app.
by Google Security Research
CVSS 7.8
CVE-2018-4243 EXPLOITDB HIGH c VERIFIED
iPhone OS < 11.4 - Remote Code Execution via getvolattrlist Buffer Overflow
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in getvolattrlist allows attackers to execute arbitrary code in a privileged context via a crafted app.
by Google Security Research
CVSS 7.8
CVE-2018-4230 EXPLOITDB HIGH c VERIFIED
macOS < 10.13.5 - Use-After-Free in NVIDIA Graphics Drivers via SetAppSupportBits Race Condition
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that triggers a SetAppSupportBits use-after-free because of a race condition.
by Google Security Research
CVSS 7.0
CVE-2018-25345 EXPLOITDB HIGH python
10-Strike Network Scanner 3.0 Local Buffer Overflow SEH
10-Strike Network Scanner 3.0 contains a local buffer overflow vulnerability in the host name field that allows attackers to bypass SafeSEH protections and execute arbitrary code. Attackers can craft a malicious payload in the host name or address field and trigger the vulnerability through the Trace route or System information functions to achieve code execution.
by Hashim Jawad
CVSS 8.4
CVE-2018-25344 EXPLOITDB HIGH python
10-Strike Network Inventory Explorer 8.54 Buffer Overflow SEH
10-Strike Network Inventory Explorer 8.54 contains a stack-based buffer overflow vulnerability in the registration key input field that allows local attackers to execute arbitrary code by triggering a structured exception handler overwrite. Attackers can craft a malicious registration key string with 4188 bytes of padding followed by SEH chain values and shellcode, then paste it into the registration dialog to achieve code execution with application privileges.
by Hashim Jawad
CVSS 8.4
CVE-2016-4656 EXPLOITDB HIGH ruby VERIFIED
iPhone OS < 9.3.5 - Remote Code Execution via Memory Corruption
The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
by Metasploit
CVSS 7.8
CVE-2016-4655 EXPLOITDB MEDIUM ruby VERIFIED
WebKit not_number defineProperties UAF
The kernel in Apple iOS before 9.3.5 allows attackers to obtain sensitive information from memory via a crafted app.
by Metasploit
CVSS 5.5
EIP-2026-119507 EXPLOITDB python
10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow (SEH)
by Hashim Jawad
EIP-2026-116963 EXPLOITDB python
Clone2GO Video converter 2.8.2 - Buffer Overflow
by Gokul Babu
CVE-2018-11564 EXPLOITDB MEDIUM python
Pagekit < 1.0.13 - Stored Cross-Site Scripting via SVG Upload
Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malicious code via the picture upload feature. A user with elevated privileges could upload a photo to the system in an SVG format. This file will be uploaded to the system and it will not be stripped or filtered. The user can create a link on the website pointing to "/storage/poc.svg" that will point to http://localhost/pagekit/storage/poc.svg. When a user comes along to click that link, it will trigger a XSS attack.
by DEEPIN2
CVSS 4.8
CVE-2018-11715 EXPLOITDB MEDIUM text VERIFIED
Recent Threads < 1.1 - Cross-Site Scripting via Thread Subject
The Recent Threads plugin before 1.1 for MyBB allows XSS via a thread subject.
by 0xB9
CVSS 5.4