Exploitdb Exploits
50,076 exploits tracked across all sources.
Rancher Server - Docker Daemon Code Execution (Metasploit)
by Metasploit
Apache Tomcat 7.0.0-7.0.81, 8.0.0.RC1-8.0.46, 8.5.0-8.5.22, 9.0.0.M1-9.0.0 - Remote Code Execution via JSP Upload
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
by intx0x80
CVSS 8.1
EmTec PyroBatchFTP < 3.17 - Denial of Service via Buffer Overflow
EmTec PyroBatchFTP before 3.18 allows remote servers to cause a denial of service (application crash).
by Kevin McGuigan
CVSS 7.5
Microsoft Windows - Privilege Escalation
The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3308, CVE-2016-3310, and CVE-2016-3311.
by siberas
CVSS 7.8
Easy MPEG/AVI/DIVX/WMV/RM to DVD - 'Enter User Name' Local Buffer Overflow (SEH)
by Venkat Rajgor
Safari < 10.1.2 - Remote Code Execution via WebKit Memory Corruption
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
by Google Security Research
CVSS 8.8
EPESI < 1.8.2 - Stored Cross-Site Scripting in Tasks Phonecall Notes Title
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Phonecall Notes Title parameter.
by Zeeshan Shaikh
CVSS 5.4
EPESI < 1.8.2.4 - Stored Cross-Site Scripting in Tasks Description Parameter
In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Description parameter.
by Zeeshan Shaikh
CVSS 5.4
Safari < 10.1.2 - Universal Cross-Site Scripting via Parent-Tab Processing
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. The issue involves the "WebKit" component. It allows remote attackers to conduct Universal XSS (UXSS) attacks via a crafted web site that is mishandled during parent-tab processing.
by Anton Lopanitsyn
CVSS 6.1
Google Chrome < 62.0.3202.62 - Universal Cross-Site Scripting via MHTML Page
Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page.
by Anton Lopanitsyn
CVSS 6.1
phpcollab < 2.5.1 - Unauthenticated SQL Injection via project or id Parameters
SQL injection vulnerability in PhpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) project or id parameters to topics/deletetopics.php; the (2) id parameter to bookmarks/deletebookmarks.php; or the (3) id parameter to calendar/deletecalendar.php.
by Sysdream
CVSS 9.8
PhpCollab < 2.5.1 - Authenticated Arbitrary File Upload via Client Logo Upload
Unrestricted file upload vulnerability in clients/editclient.php in PhpCollab 2.5.1 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in logos_clients/.
by Sysdream
CVSS 8.8
dnsmasq <2.78 - Buffer Overflow
Stack-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DHCPv6 request.
by Google Security Research
CVSS 9.8
dnsmasq <2.78 - DoS
Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.
by Google Security Research
CVSS 7.5
dnsmasq <2.78 - DoS
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.
by Google Security Research
CVSS 7.5
dnsmasq <2.78 - Info Disclosure
dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.
by Google Security Research
CVSS 5.9
dnsmasq <2.78 - Buffer Overflow
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request.
by Google Security Research
CVSS 9.8
dnsmasq < 2.78 - Remote Code Execution via Crafted DNS Response
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
by Google Security Research
CVSS 9.8
UCOPIA Wireless Appliance < 5.1 (Captive Portal) - Root Remote Code Execution
by agix
Apache mod_cgi Bash Environment Variable Code Injection (Shellshock)
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
by Metasploit
CVSS 9.8
UCOPIA Wireless Appliance < 5.1.8 - Authenticated Privilege Escalation via Less Command Shell Metacharacter Injection
The restricted shell interface in UCOPIA Wireless Appliance before 5.1.8 allows remote authenticated users to gain 'admin' privileges via shell metacharacters in the less command.
by Sysdream
CVSS 7.2
UCOPIA Wireless Appliance < 5.1.7 - OS Command Injection via chroothole_client Argument
The chroothole_client executable in UCOPIA Wireless Appliance before 5.1.8 allows remote attackers to gain root privileges via a dollar sign ($) metacharacter in the argument to chroothole_client.
by Sysdream
CVSS 8.2
By Source