Exploitdb Exploits
50,095 exploits tracked across all sources.
Linux Kernel < 4.10.15 - Use-After-Free via Timerfd Race Condition
Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.
by anonymous
CVSS 7.0
Advantech WebAccess <V8.2_20170817 - Buffer Overflow
A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. The application lacks proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an attacker to execute arbitrary code under the context of the process.
by Metasploit
CVSS 6.3
Microsoft Office - Dynamic Data Exchange 'DDE' Payload Delivery (Metasploit)
by Metasploit
Dup Scout Enterprise - 'Login' Buffer Overflow (Metasploit)
by Metasploit
Readymade Video Sharing Script 3.2 - HTML Injection via Comment Parameter
Readymade Video Sharing Script 3.2 has HTML Injection via the single-video-detail.php comment parameter.
by Ihsan Sencan
CVSS 6.1
Piwigo < 2.9.1 - SQL Injection via cat_false or cat_true Parameter
SQL injection vulnerability in the administrative backend in Piwigo through 2.9.1 allows remote users to execute arbitrary SQL commands via the cat_false or cat_true parameter in the comments or status page to cat_options.php.
by Akityo
CVSS 9.8
Paid To Read Script 2.0.5 - SQL Injection via Admin Panel Parameters
Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/viewemcamp.php fnum parameter, or the admin/viewvisitcamp.php fn parameter.
by Ihsan Sencan
CVSS 9.8
FS Lynda Clone 1.0 - SQL Injection via Keywords Parameter
FS Lynda Clone 1.0 has SQL Injection via the keywords parameter to tutorial/.
by Ihsan Sencan
CVSS 9.8
Bus Booking Script 1.0 - SQL Injection via txtname Parameter
Bus Booking Script 1.0 has SQL Injection via the txtname parameter to admin/index.php.
by Ihsan Sencan
CVSS 9.8
pfSense 2.4.1 - Cross-Site Request Forgery Error Page Clickjacking (Metasploit)
by Metasploit
Linksys WVBR0 < 1.0.41 - Unauthenticated Remote Code Execution via Web Management Portal
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management portal. The issue lies in the lack of proper validation of user data before executing a system call. An attacker could leverage this vulnerability to execute code with root privileges. Was ZDI-CAN-4892.
by nixawk
CVSS 9.8
Palo Alto Network PAN-OS - Remote Code Execution
Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface.
by Philip Pettersson
CVSS 9.8
glibc 2.1.1 - Memory Leak via LD_HWCAP_MASK Environment Variable
A memory leak in glibc 2.1.1 (released on May 24, 1999) can be reached and amplified through the LD_HWCAP_MASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.
by Qualys Corporation
CVSS 7.8
JEXTN Video Gallery 3.0.5 - SQL Injection via id Parameter
The JEXTN Video Gallery extension 3.0.5 for Joomla! has SQL Injection via the id parameter in a view=category action.
by Ihsan Sencan
CVSS 9.8
JEXTN Question And Answer 3.1.0 - SQL Injection via an or ques-srch Parameter
The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter.
by Ihsan Sencan
CVSS 9.8
vBulletin < 5.3.3 - Unauthenticated Deserialization via Template Cache API
In vBulletin through 5.3.x, there is an unauthenticated deserialization vulnerability that leads to arbitrary file deletion and, under certain circumstances, code execution, because of unsafe usage of PHP's unserialize() in vB_Library_Template's cacheTemplates() function, which is a publicly exposed API. This is exploited with the templateidlist parameter to ajax/api/template/cacheTemplates.
by SecuriTeam
CVSS 9.8
glibc 2.5 - Buffer Overflow via LD_LIBRARY_PATH Environment Variable
A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.
by Qualys Corporation
CVSS 7.0
Meinberg LANTIME <6.24.004 - Info Disclosure
The Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote attackers to read arbitrary files by leveraging failure to restrict URL access.
by Jakub Palaczynski
CVSS 6.5
JBuildozer 1.4.1 - SQL Injection via appid Parameter
The JBuildozer extension 1.4.1 for Joomla! has SQL Injection via the appid parameter in an entriessearch action.
by Ihsan Sencan
CVSS 9.8
AccessKeys AccessPress Anonymous Post Pro <3.1.9 - Code Injection
An issue was discovered in the AccessKeys AccessPress Anonymous Post Pro plugin through 3.1.9 for WordPress. Improper input sanitization allows the attacker to override the settings for allowed file extensions and upload file size, related to inc/cores/file-uploader.php and file-uploader/file-uploader-class.php. This allows the attacker to upload anything they want to the server, as demonstrated by an action=ap_file_upload_action&allowedExtensions[]=php request to /wp-admin/admin-ajax.php that results in a .php file upload and resultant PHP code execution.
by Colette Chamberland
CVSS 9.8
Apple <11.2, <10.13.2, <4.2, <11.2 - RCE/DoS
An issue was discovered in certain Apple products. iOS before 11.2 is affected. macOS before 10.13.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
by Google Security Research
CVSS 7.8
By Source