Exploitdb Exploits
50,076 exploits tracked across all sources.
Oracle VM VirtualBox < 5.1.24 - Authenticated Remote Code Execution
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
by Google Security Research
CVSS 8.8
Oracle VM VirtualBox < 5.1.24 - Authenticated Remote Code Execution
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.1.24. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
by Google Security Research
CVSS 8.8
Dashlane - Untrusted Search Path Privilege Escalation via WINHTTP.dll
Dashlane might allow local users to gain privileges by placing a Trojan horse WINHTTP.dll in the %APPDATA%\Dashlane directory.
by SecuriTeam
CVSS 7.3
Horde Groupware <5.2.21 - Auth Bypass
The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact filename.
by SecuriTeam
CVSS 7.5
dnstracer < 1.9 - Stack-based Buffer Overflow via Long Command Line Argument
Stack-based buffer overflow in dnstracer through 1.9 allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv[0]. An example threat model is a web application that launches dnstracer with an untrusted name string.
by j0lama
CVSS 9.8
Tiandy IP Camera Firmware 5.56.17.120 - Unauthenticated Sensitive Information Exposure via TCP Port 3001
Tiandy IP cameras 5.56.17.120 do not properly restrict a certain proprietary protocol, which allows remote attackers to read settings via a crafted request to TCP port 3001, as demonstrated by config* files and extendword.txt.
by SecuriTeam
CVSS 7.5
Technicolor TC7337 Firmware 08.89.17.20.00 - Persistent Cross-Site Scripting via Wi-Fi SSID
Persistent XSS through the SSID of nearby Wi-Fi devices on Technicolor TC7337 routers 08.89.17.20.00 allows an attacker to cause DNS Poisoning and steal credentials from the router.
by Geolado giolado
CVSS 6.1
Joomla! Component SIMGenealogy 2.1.5 SQL Injection
Joomla! Component SIMGenealogy 2.1.5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the type parameter. Attackers can send GET requests to index.php with the option=com_simgenealogy, view=latest parameters and inject malicious SQL in the type parameter to extract sensitive database information.
by Ihsan Sencan
CVSS 8.2
Joomla! Component PHP-Bridge 1.2.3 SQL Injection via id Parameter
Joomla! Component PHP-Bridge 1.2.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to index.php with option=com_phpbridge&view=phpview parameters and inject SQL code in the id parameter to extract database information including table and column names.
by Ihsan Sencan
CVSS 8.2
Joomla LMS King Professional 3.2.4.0 SQL Injection via learningpath
Joomla LMS King Professional 3.2.4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cp_id parameter. Attackers can send GET requests to index.php with the option=com_lmsking, view=lmsking, layout=learningpath, and task=learningPath parameters to extract sensitive database information.
by Ihsan Sencan
CVSS 8.2
Joomla Event Registration Pro Calendar 4.1.3 SQL Injection
Joomla Event Registration Pro Calendar 4.1.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to index.php with option=com_registrationpro&view=category&id parameter containing SQL injection payloads to extract sensitive database information.
by Ihsan Sencan
CVSS 8.2
Joomla Ultimate Property Listing 1.0.2 SQL Injection via sf_selectuser_id
Joomla Ultimate Property Listing 1.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the sf_selectuser_id parameter. Attackers can send GET requests to index.php with the option=com_upl and view=propertylisting parameters to extract sensitive database information including table names and column structures.
by Ihsan Sencan
CVSS 8.2
Nitro Pro 11.0.3.173 - Remote Code Execution via Directory Traversal in saveAs and launchURL
Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences.
by Metasploit
CVSS 8.8
Advantech SUISAccess Server <3.0 - Info Disclosure
An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. An attacker could traverse the file system and extract files that can result in information disclosure.
by James Fitts
CVSS 7.5
Solarwinds Kiwi Syslog 9.6.1.6 - Denial of Service
by Guillaume Kaddouch
Apple <10.3.3, <10.12.6, <10.2.2, <3.2.3 - RCE/DoS
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. macOS before 10.12.6 is affected. tvOS before 10.2.2 is affected. watchOS before 3.2.3 is affected. The issue involves the "libxpc" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
by Google Security Research
CVSS 8.8
mpg321 <0.3.2-1 - Memory Corruption
mpg321.c in mpg321 0.3.2-1 does not properly manage memory for use with libmad 0.15.1b, which allows remote attackers to cause a denial of service (memory corruption seen in a crash in the mad_decoder_run function in decoder.c in libmad) via a crafted MP3 file.
by qflb.wu
CVSS 6.5
Advantech SUISAccess Server <3.0 - Info Disclosure
An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. An attacker could traverse the file system and extract files that can result in information disclosure.
by James Fitts
CVSS 7.5
By Source