Exploitdb Exploits
50,076 exploits tracked across all sources.
Tcpreplay 3.4.4 - Heap-Based Buffer Overflow via Crafted PCAP File
tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160.
by FarazPajohan
CVSS 7.8
Beijing Hanbang Hanbanggaoke - Info Disclosure
On Beijing Hanbang Hanbanggaoke devices, because user-controlled input is not sufficiently sanitized, sending a PUT request to /ISAPI/Security/users/1 allows an admin password change.
by SecuriTeam
CVSS 7.5
Topsites Script 1.0 - Cross-Site Request Forgery / PHP Code Injection
by Ihsan Sencan
Apache Struts 2.0.0-2.3.33 and 2.5-2.5.10.1 - Remote Code Execution via Freemarker Tag Expression
In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.
by brianwrf
CVSS 9.8
Gh0st Client (C2 Server) - Remote Buffer Overflow (Metasploit)
by Metasploit
Gh0st Client (C2 Server) - Remote Buffer Overflow (Metasploit)
by Metasploit
Intelbras Wireless N 150Mbps router WRN 240 - XSS
XSS (persistent) on the Intelbras Wireless N 150Mbps router with firmware WRN 240 allows attackers to steal wireless credentials without being connected to the network, related to userRpm/popupSiteSurveyRpm.htm and userRpm/WlanSecurityRpm.htm. The attack vector is a crafted ESSID, as demonstrated by an "airbase-ng -e" command.
by Elber Tavares
CVSS 6.1
McAfee LiveSafe <16.0.3 - Privilege Escalation
A man-in-the-middle attack vulnerability in the non-certificate-based authentication mechanism in McAfee LiveSafe (MLS) versions prior to 16.0.3 allows network attackers to modify the Windows registry value associated with the McAfee update via the HTTP backend-response.
by SecuriTeam
CVSS 5.9
Jungos WinDriver <12.4.0 - Privilege Escalation
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x953824b7 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in a kernel pool overflow. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel.
by mr_me
CVSS 7.8
By Source