Exploit Database
146,737 exploits tracked across all sources.
phpMyAdmin 4.9.0.1 - Cross-Site Request Forgery in Setup Page
A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.
CVSS 6.5
ToaruOS < 1.10.9 - Local Privilege Escalation via gsudo DISPLAY Environment Variable
apps/gsudo.c in gsudo in ToaruOS through 1.10.9 has a buffer overflow allowing local privilege escalation to the root user via the DISPLAY environment variable.
CVSS 7.8
Doomseeker 1.1-1.2 - Denial of Service via SRB2 Plugin IP Packet Length Handling
A vulnerability was found in the Sonic Robo Blast 2 (SRB2) plugin (EP_Versions 9 to 11 inclusive) distributed with Doomseeker 1.1 and 1.2. Affected plugin versions did not discard IP packets with an unnaturally long response length from a Sonic Robo Blast 2 master server, allowing a remote attacker to cause a potential crash / denial of service in Doomseeker. The issue has been remediated in the Doomseeker 1.3 release with source code patches to the SRB2 plugin.
CVSS 5.3
Lightning Network Daemon <0.17.0 - DoS
The Lightning Network Daemon (lnd) - is a complete implementation of a Lightning Network node. A parsing vulnerability in lnd's onion processing logic and lead to a DoS vector due to excessive memory allocation. The issue was patched in lnd v0.17.0. Users should update to a version > v0.17.0 to be protected. Users unable to upgrade may set the `--rejecthtlc` CLI flag and also disable forwarding on channels via the `UpdateChanPolicyCommand`, or disable listening on a public network interface via the `--nolisten` flag as a mitigation.
CVSS 6.5
Lightning Network Daemon <0.17.0 - DoS
The Lightning Network Daemon (lnd) - is a complete implementation of a Lightning Network node. A parsing vulnerability in lnd's onion processing logic and lead to a DoS vector due to excessive memory allocation. The issue was patched in lnd v0.17.0. Users should update to a version > v0.17.0 to be protected. Users unable to upgrade may set the `--rejecthtlc` CLI flag and also disable forwarding on channels via the `UpdateChanPolicyCommand`, or disable listening on a public network interface via the `--nolisten` flag as a mitigation.
CVSS 6.5
btcd < 0.23.2 - Denial of Service via Witness Size Check Mishandling
btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking.
CVSS 9.8
btcd < 0.23.2 - Denial of Service via Witness Size Check Mishandling
btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking.
CVSS 9.8
Btcd < 0.23.3 - Improper Input Validation
Lightning Network Daemon (lnd) is an implementation of a lightning bitcoin overlay network node. All lnd nodes before version `v0.15.4` are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments and forward HTLCs, and close out channels. Opening channels is prohibited, and also on chain transaction events will be undetected. This can cause loss of funds if a CSV expiry is researched during a breach attempt or a CLTV delta expires forgetting the funds in the HTLC. A patch is available in `lnd` version 0.15.4. Users are advised to upgrade. Users unable to upgrade may use the `lncli updatechanpolicy` RPC call to increase their CLTV value to a very high amount or increase their fee policies. This will prevent nodes from routing through your node, meaning that no pending HTLCs can be present.
CVSS 8.2
Btcd < 0.23.3 - Improper Input Validation
Lightning Network Daemon (lnd) is an implementation of a lightning bitcoin overlay network node. All lnd nodes before version `v0.15.4` are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments and forward HTLCs, and close out channels. Opening channels is prohibited, and also on chain transaction events will be undetected. This can cause loss of funds if a CSV expiry is researched during a breach attempt or a CLTV delta expires forgetting the funds in the HTLC. A patch is available in `lnd` version 0.15.4. Users are advised to upgrade. Users unable to upgrade may use the `lncli updatechanpolicy` RPC call to increase their CLTV value to a very high amount or increase their fee policies. This will prevent nodes from routing through your node, meaning that no pending HTLCs can be present.
CVSS 8.2
Btcd < 0.23.3 - Improper Input Validation
Lightning Network Daemon (lnd) is an implementation of a lightning bitcoin overlay network node. All lnd nodes before version `v0.15.4` are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments and forward HTLCs, and close out channels. Opening channels is prohibited, and also on chain transaction events will be undetected. This can cause loss of funds if a CSV expiry is researched during a breach attempt or a CLTV delta expires forgetting the funds in the HTLC. A patch is available in `lnd` version 0.15.4. Users are advised to upgrade. Users unable to upgrade may use the `lncli updatechanpolicy` RPC call to increase their CLTV value to a very high amount or increase their fee policies. This will prevent nodes from routing through your node, meaning that no pending HTLCs can be present.
CVSS 8.2
Btcd < 0.23.3 - Improper Input Validation
Lightning Network Daemon (lnd) is an implementation of a lightning bitcoin overlay network node. All lnd nodes before version `v0.15.4` are vulnerable to a block parsing bug that can cause a node to enter a degraded state once encountered. In this degraded state, nodes can continue to make payments and forward HTLCs, and close out channels. Opening channels is prohibited, and also on chain transaction events will be undetected. This can cause loss of funds if a CSV expiry is researched during a breach attempt or a CLTV delta expires forgetting the funds in the HTLC. A patch is available in `lnd` version 0.15.4. Users are advised to upgrade. Users unable to upgrade may use the `lncli updatechanpolicy` RPC call to increase their CLTV value to a very high amount or increase their fee policies. This will prevent nodes from routing through your node, meaning that no pending HTLCs can be present.
CVSS 8.2
Lightning Labs lnd < 0.13.3-beta - Loss of Funds via Dust HTLC Exposure
Lightning Labs lnd before 0.13.3-beta allows loss of funds because of dust HTLC exposure.
CVSS 8.6
Lightning Network Daemon <0.7 - Privilege Escalation
Lightning Network Daemon (lnd) before 0.7 allows attackers to trigger loss of funds because of Incorrect Access Control.
CVSS 7.5
Lightning Network Daemon <0.7 - Privilege Escalation
Lightning Network Daemon (lnd) before 0.7 allows attackers to trigger loss of funds because of Incorrect Access Control.
CVSS 7.5
acinq eclair < 0.6.3 - Denial of Service via Dust HTLC Exposure
ACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC exposure.
CVSS 9.4
Eclair < 0.3 - Incorrect Access Control
Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "it is beta-quality software and don't put too much money in it."
CVSS 7.5
Eclair < 0.3 - Incorrect Access Control
Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "it is beta-quality software and don't put too much money in it."
CVSS 7.5
Centreon 18.x < 18.10.6, 19.x < 19.04.3 - Authenticated Remote Code Execution via Monitoring Engine Binary Configuration
Centreon 18.x before 18.10.6, 19.x before 19.04.3, and Centreon web before 2.8.29 allows the attacker to execute arbitrary system commands by using the value "init_script"-"Monitoring Engine Binary" in main.get.php to insert a arbitrary command into the database, and execute it by calling the vulnerable page www/include/configuration/configGenerate/xml/generateFiles.php (which passes the inserted value to the database to shell_exec without sanitizing it, allowing one to execute system arbitrary commands).
CVSS 8.8
Concerto Critical Chain Planner 5.10.8071 SQLi via taskupdt/taskdetails.aspx
Realization Concerto Critical Chain Planner (aka CCPM) 5.10.8071 has SQL Injection in at least in the taskupdt/taskdetails.aspx webpage via the projectname parameter.
CVSS 9.8
REDCap 8.0-8.10.2 - Stored Cross-Site Scripting in Admin Panel and Survey System
Multiple stored Cross-site scripting (XSS) issues in the admin panel and survey system in REDCap 8 before 8.10.20 and 9 before 9.1.2 allow an attacker to inject arbitrary malicious HTML or JavaScript code into a user's web browser.
CVSS 4.8
Pi-hole 4.3 - OS Command Injection
Pi-Hole 4.3 allows Command Injection.
CVSS 8.8
D-Link DIR-600M Firmware 3.02-3.06 - Unauthenticated Information Disclosure and Data Modification via wan.htm
An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be accessed directly without authentication, which can lead to disclosure of information about the WAN, and can also be leveraged by an attacker to modify the data fields of the page.
CVSS 9.8
denx/u-boot < 2019.04 - Denial of Service via Crafted DOS Partition Table
A crafted self-referential DOS partition table will cause all Das U-Boot versions through 2019.07-rc4 to infinitely recurse, causing the stack to grow infinitely and eventually either crash or overwrite other data.
CVSS 7.1
Das U-Boot 2016.11-rc1-2019.07-rc4 - Integer Underflow via Crafted ext4 Filesystem
In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow can cause memcpy() to overwrite a very large amount of data (including the whole stack) while reading a crafted ext4 filesystem.
CVSS 7.8
Das U-Boot 2019.07-rc1-2019.07-rc4 - Use-After-Free in ext4 Filesystem Listing
Das U-Boot versions 2019.07-rc1 through 2019.07-rc4 can double-free a cached block of data when listing files in a crafted ext4 filesystem.
CVSS 7.8
By Source