Exploitdb Exploits
50,076 exploits tracked across all sources.
concrete5 8.1.0 - Cross-Site Scripting via Host Header Injection
concrete5 8.1.0 places incorrect trust in the HTTP Host header during caching, if the administrator did not define a "canonical" URL on installation of concrete5 using the "Advanced Options" settings. Remote attackers can make a GET request with any domain name in the Host header; this is stored and allows for arbitrary domains to be set for certain links displayed to subsequent visitors, potentially an XSS vector.
by hyp3rlinx
CVSS 6.1
Firefox < 52.0 - Address Bar Spoofing via Blob URL
An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by "blob:" as the protocol, leading to user confusion and further spoofing attacks. This vulnerability affects Firefox < 52.
by 649
CVSS 5.3
Adobe Creative Cloud <= 3.9.5.353 - Incorrect Permission Assignment for Critical Resource
Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related to the use of improper resource permissions during the installation of Creative Cloud desktop applications.
by hyp3rlinx
CVSS 8.8
Windows Kernel Memory Handling Information Disclosure
An information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system, a.k.a. "Windows Kernel Information Disclosure Vulnerability."
by Google Security Research
CVSS 5.5
Windows - Information Disclosure in Win32k Component
A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, aka "Win32k Information Disclosure Vulnerability."
by Google Security Research
CVSS 4.7
Alienvault OSSIM/USM 5.3.4/5.3.5 - Remote Command Execution (Metasploit)
by Peter Lapp
GNS3 Mac OS-X 1.5.2 - 'ubridge' Local Privilege Escalation
by Hacker Fantastic
agorum core Pro 7.8.1.4-251 - Persistent Cross-Site Scripting
by SySS GmbH
agorum core Pro 7.8.1.4-251 - Cross-Site Request Forgery
by SySS GmbH
Solaris 7 < 11 (SPARC/x86) - 'EXTREMEPARR' dtappgather Privilege Escalation
by Hacker Fantastic
Cisco - Remote Code Execution
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: (1) the failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device; and (2) the incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. This affects Catalyst switches, Embedded Service 2020 switches, Enhanced Layer 2 EtherSwitch Service Module, Enhanced Layer 2/3 EtherSwitch Service Module, Gigabit Ethernet Switch Module (CGESM) for HP, IE Industrial Ethernet switches, ME 4924-10GE switch, RF Gateway 10, and SM-X Layer 2/3 EtherSwitch Service Module. Cisco Bug IDs: CSCvd48893.
by Artem Kondratenko
CVSS 9.8
Cisco - Remote Code Execution
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: (1) the failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device; and (2) the incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. This affects Catalyst switches, Embedded Service 2020 switches, Enhanced Layer 2 EtherSwitch Service Module, Enhanced Layer 2/3 EtherSwitch Service Module, Gigabit Ethernet Switch Module (CGESM) for HP, IE Industrial Ethernet switches, ME 4924-10GE switch, RF Gateway 10, and SM-X Layer 2/3 EtherSwitch Service Module. Cisco Bug IDs: CSCvd48893.
by Artem Kondratenko
CVSS 9.8
WordPress Plugin Spider Event Calendar 1.5.51 - Blind SQL Injection
by Manuel García Cárdenas
MyBB smilie Module < 1.8.11 - 'pathfolder' Directory Traversal
by Zhiyang Zeng
MyBB < 1.8.11 - 'email' MyCode Cross-Site Scripting
by Zhiyang Zeng
Horde Groupware Webmail 3/4/5 - Multiple Remote Code Executions
by SecuriTeam
Safari < 10.1 - Same Origin Policy Bypass via WebKit
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
by Google Security Research
CVSS 6.5
iCloud < 6.2 - Exposure of Sensitive Information via WebKit Same Origin Policy Bypass
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. iCloud before 6.2 on Windows is affected. iTunes before 12.6 on Windows is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site.
by Google Security Research
CVSS 6.5
Xen 4.4.x-4.8.x - Improper Validation of Array Index in XENMEM_exchange
An issue (known as XSA-212) was discovered in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. The earlier XSA-29 fix introduced an insufficient check on XENMEM_exchange input, allowing the caller to drive hypervisor memory accesses outside of the guest provided input/output arrays.
by Google Security Research
CVSS 8.2
Safari < 10.1 - Remote Code Execution via WebKit Memory Corruption
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
by Google Security Research
CVSS 8.8
Safari < 10.1 - Remote Code Execution via WebKit Memory Corruption
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10.1 is affected. tvOS before 10.2 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
by Google Security Research
CVSS 8.8
By Source