Exploitdb Exploits
49,996 exploits tracked across all sources.
Zoom < 2.0.115900.1201 - OS Command Injection
The ZoomLauncher binary in the Zoom client for Linux before 2.0.115900.1201 does not properly sanitize user input when constructing a shell command, which allows remote attackers to execute arbitrary code by leveraging the zoommtg:// scheme handler.
by Conviso
CVSS 8.8
Outlook for Android - Attachment Download Directory Traversal
by Google Security Research
Innotube Itguard Manager - OS Command Injection
cgi-bin/drknow.cgi in Innotube ITGuard-Manager 0.0.0.1 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the username field, as demonstrated by a username beginning with "admin|" to use the '|' metacharacter.
by Nassim Asrir
CVSS 9.8
SyncBreeze <10.2.12 - DoS
The Enterprise version of SyncBreeze 10.2.12 and earlier is affected by a Remote Denial of Service vulnerability. The web server does not check bounds when reading server requests in the Host header on making a connection, resulting in a classic Buffer Overflow that causes a Denial of Service.
by Manuel García Cárdenas
CVSS 7.5
Linux Kernel < 3.2.92 - Use After Free
Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.
by anonymous
CVSS 7.0
Advantech WebAccess <V8.2_20170817 - Buffer Overflow
A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. The application lacks proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary code under the context of the process.
by Metasploit
CVSS 6.3
Microsoft Office - Dynamic Data Exchange 'DDE' Payload Delivery (Metasploit)
by Metasploit
Dup Scout Enterprise - 'Login' Buffer Overflow (Metasploit)
by Metasploit
Readymade Video Sharing Script - Code Injection
Readymade Video Sharing Script 3.2 has HTML Injection via the single-video-detail.php comment parameter.
by Ihsan Sencan
CVSS 6.1
Piwigo < 2.9.1 - SQL Injection
SQL injection vulnerability in the administrative backend in Piwigo through 2.9.1 allows remote users to execute arbitrary SQL commands via the cat_false or cat_true parameter in the comments or status page to cat_options.php.
by Akityo
CVSS 9.8
Paid TO Read Script - SQL Injection
Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/viewemcamp.php fnum parameter, or the admin/viewvisitcamp.php fn parameter.
by Ihsan Sencan
CVSS 9.8
Lynda Clone - SQL Injection
FS Lynda Clone 1.0 has SQL Injection via the keywords parameter to tutorial/.
by Ihsan Sencan
CVSS 9.8
Phpautoclassifiedscript Bus Booking Script - SQL Injection
Bus Booking Script 1.0 has SQL Injection via the txtname parameter to admin/index.php.
by Ihsan Sencan
CVSS 9.8
pfSense 2.4.1 - Cross-Site Request Forgery Error Page Clickjacking (Metasploit)
by Metasploit
Linksys WVBR0 - RCE
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management portal. The issue lies in the lack of proper validation of user data before executing a system call. An attacker could leverage this vulnerability to execute code with root privileges. Was ZDI-CAN-4892.
by nixawk
CVSS 9.8
Palo Alto Network PAN-OS - Remote Code Execution
Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface.
by Philip Pettersson
CVSS 9.8
glibc <2.1.1 - Memory Corruption
A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.
by Qualys Corporation
CVSS 7.8
Jextn Video Gallery - SQL Injection
The JEXTN Video Gallery extension 3.0.5 for Joomla! has SQL Injection via the id parameter in a view=category action.
by Ihsan Sencan
CVSS 9.8
Jextn Question And Answer - SQL Injection
The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter.
by Ihsan Sencan
CVSS 9.8
Vbulletin < 5.3.3 - Insecure Deserialization
In vBulletin through 5.3.x, there is an unauthenticated deserialization vulnerability that leads to arbitrary file deletion and, under certain circumstances, code execution, because of unsafe usage of PHP's unserialize() in vB_Library_Template's cacheTemplates() function, which is a publicly exposed API. This is exploited with the templateidlist parameter to ajax/api/template/cacheTemplates.
by SecuriTeam
CVSS 9.8
glibc <2.5 - Buffer Overflow
A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.
by Qualys Corporation
CVSS 7.0
Meinberg LANTIME <6.24.004 - Info Disclosure
The Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote attackers to read arbitrary files by leveraging failure to restrict URL access.
by Jakub Palaczynski
CVSS 6.5
By Source