Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2013-0757 EXPLOITDB ruby
Firefox 17.0.1 Flash Privileged Code Injection
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges by referencing Object.prototype.__proto__ in a crafted HTML document.
CVE-2013-1710 EXPLOITDB ruby
Firefox toString console.time Privileged Javascript Injection
The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary JavaScript code or conduct cross-site scripting (XSS) attacks via vectors related to Certificate Request Message Format (CRMF) request generation.
CVE-2014-8146 EXPLOITDB
iTunes < 12.1.3 - Heap-Based Buffer Overflow in Unicode Bidirectional Algorithm
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execute arbitrary code via crafted text.
CVE-2015-5273 EXPLOITDB python
Automatic Bug Reporting Tool < 2.7.1 - Arbitrary File Write via Symlink Attack on unpacked.cpio
The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp.
CVE-2024-48839 EXPLOITDB CRITICAL
ABB ASPECT/Enterprise/NEXUS/MATRIX Firmware < 3.08.03 - Remote Code Execution
Improper Input Validation vulnerability allows Remote Code Execution.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
CVSS 10.0
CVE-2024-51550 EXPLOITDB CRITICAL
ABB ASPECT Enterprise, NEXUS Series, and MATRIX Series <3.08.02 <3 - Data Validation
Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized data to be injected in an Aspect device.  Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02
CVSS 10.0
CVE-2012-2392 EXPLOITDB
Wireshark 1.4.x < 1.4.13 and 1.6.x < 1.6.8 - Denial of Service via Dissector Infinite Loop
Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP dissectors.
CVE-2012-3825 EXPLOITDB
Wireshark 1.4.x < 1.4.13 and 1.6.x < 1.6.8 - Denial of Service via BACapp and Bluetooth HCI Dissector Integer Overflow
Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors, a different vulnerability than CVE-2012-2392.
CVE-2015-8725 EXPLOITDB MEDIUM
Wireshark 1.12.x-1.12.9 and 2.0.x-2.0.1 - Denial of Service via DIAMETER Dissector IPv6 Prefix Length Validation
The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
CVSS 5.5
CVE-2012-2511 EXPLOITDB python
SAP NetWeaver 7.0 EHP1 and EHP2 - Denial of Service via Crafted SAP Diag Packet
The DiagTraceAtoms function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
CVE-2012-2512 EXPLOITDB python
SAP NetWeaver 7.0 EHP1 and EHP2 - Denial of Service via Crafted SAP Diag Packet
The DiagTraceStreamI function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
CVE-2012-2513 EXPLOITDB python
SAP NetWeaver 7.0 EHP1 and EHP2 - Denial of Service via Crafted SAP Diag Packet
The Diaginput function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
CVE-2012-2514 EXPLOITDB python
SAP NetWeaver 7.0 EHP1 and EHP2 - Denial of Service via Crafted SAP Diag Packet
The DiagiEventSource function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
CVE-2012-2611 EXPLOITDB python
SAP NetWeaver 7.0 EHP1 and EHP2 - Remote Code Execution via DiagTraceR3Info Function
The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2, when a certain Developer Trace configuration is enabled, allows remote attackers to execute arbitrary code via a crafted SAP Diag packet.
CVE-2008-3656 EXPLOITDB ruby
Ruby < 1.8.5 - Denial of Service via WEBrick HTTP Header Parsing
Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted HTTP request that is processed by a backtracking regular expression.
CVE-2006-1998 EXPLOITDB
OpenTTD <= 0.4.7 - Denial of Service via Large Invalid Error Number
OpenTTD 0.4.7 and earlier allows local users to cause a denial of service (application exit) via a large invalid error number, which triggers an error.
CVE-2009-2753 EXPLOITDB
IBM Informix Dynamic Server <11.10.TC3 - Buffer Overflow
Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3, allow remote attackers to execute arbitrary code via a crafted parameter size.
CVE-2001-1489 EXPLOITDB
Microsoft Internet Explorer 6 - DoS
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.
CVE-2001-1490 EXPLOITDB
Mozilla 0.9.6 - Denial of Service via Large Number of Images
Mozilla 0.9.6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.
CVE-2019-8641 EXPLOITDB CRITICAL
iPhone OS < 12.4 - Out-of-bounds Read
An out-of-bounds read was addressed with improved input validation.
CVSS 9.8
CVE-2003-1325 EXPLOITDB perl
Valve Half-Life CSTRIKE Dedicated Server < 1.1.1.0 Authenticated DoS via SV_CheckForDuplicateNames
The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.1.1.0 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a certain connection string to UDP port 27015 that represents "absence of player informations," a related issue to CVE-2006-0734.
CVE-2016-1825 EXPLOITDB HIGH
macOS < 10.11.5 - Memory Corruption in IOHIDFamily
IOHIDFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVSS 7.8
CVE-2020-10882 EXPLOITDB HIGH ruby
TP-Link Archer A7 Firmware Ver: 190726 AC1750 - RCE
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tdpServer service, which listens on UDP port 20002 by default. When parsing the slave_mac parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the root user. Was ZDI-CAN-9650.
CVSS 8.8
CVE-2020-10883 EXPLOITDB HIGH ruby
TP-Link Archer A7 Firmware <190726 - Privilege Escalation
This vulnerability allows local attackers to escalate privileges on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the file system. The issue lies in the lack of proper permissions set on the file system. An attacker can leverage this vulnerability to escalate privileges. Was ZDI-CAN-9651.
CVSS 7.8
CVE-2012-0297 EXPLOITDB
Symantec Web Gateway < 5.0.3 - Remote Code Execution via Management GUI Script Access
The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) including crafted data.
By Source
All 50,076 Writeup 62,320 Exploitdb 50,076 Nomisec 22,421 Github 3,644 Metasploit 3,314 Vulncheck_xdb 929 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,581 ruby 6,005 c 3,628 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 229 shell 132 go 73 postscript 25 typescript 25