Exploitdb Exploits
50,076 exploits tracked across all sources.
membership-simplified-for-oap-members-only < 1.58 - Unauthenticated Arbitrary File Upload via download.php
Vulnerability in wordpress plugin membership-simplified-for-oap-members-only v1.58, The file download code located membership-simplified-for-oap-members-only/download.php does not check whether a user is logged in and has download privileges.
by The Martian
CVSS 9.8
Cobbler 2.8.0 - (Authenticated) Remote Code Execution
by Dolev Farhi
PCAUSA Rawether (ASUS PCE-AC56 WLAN Card Utilities Windows 10 x64) - Local Privilege Escalation
by ReWolf
IBM Sterling B2B Integrator - Remote Code Execution via Apache Commons Collections Deserialization
Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the InvokerTransformer class in the Apache Commons Collections library.
by Metasploit
CVSS 9.8
Windows HelpPane - Privilege Escalation via DCOM Object
A DCOM object in Helppane.exe in Microsoft Windows 7 SP1; Windows Server 2008 R2; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Windows HelpPane Elevation of Privilege Vulnerability."
by Google Security Research
CVSS 7.8
Microsoft Windows Uniscribe - Remote Code Execution via Crafted Website
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Uniscribe Remote Code Execution Vulnerability."
by Hossein Lotfi
CVSS 8.8
GitHub Enterprise 2.8.0 < 2.8.6 - Remote Code Execution
by iblue
Joomla! Component Vik Appointments 1.5 - SQL Injection
by Ihsan Sencan
Apache Struts 2.3.x < 2.3.32 and 2.5.x < 2.5.10.1 - Remote Code Execution via Jakarta Multipart Parser
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
by Metasploit
CVSS 9.8
Adobe Flash Player < 24.0.0.186 - Use-After-Free in ActionScript MovieClip
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable use after free vulnerability in the ActionScript MovieClip class. Successful exploitation could lead to arbitrary code execution.
by Google Security Research
CVSS 8.8
Adobe Flash Player < 24.0.0.186 - Memory Corruption via SWF Metadata Parsing
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to the parsing of SWF metadata. Successful exploitation could lead to arbitrary code execution.
by Google Security Research
CVSS 8.8
Adobe Flash Player < 24.0.0.186 - Remote Code Execution via Flash Video Container Processing
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when processing the Flash Video container file format. Successful exploitation could lead to arbitrary code execution.
by Google Security Research
CVSS 8.8
Adobe Flash Player < 24.0.0.186 - Remote Code Execution via Texture Compression
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability related to texture compression. Successful exploitation could lead to arbitrary code execution.
by Google Security Research
CVSS 8.8
Adobe Flash Player <= 24.0.0.186 - Remote Code Execution via Adobe Texture Format Parsing
Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable heap overflow vulnerability when parsing Adobe Texture Format files. Successful exploitation could lead to arbitrary code execution.
by Google Security Research
CVSS 8.8
Sitecore Experience Platform 8.1 - XSS
Cross-Site Scripting (XSS) in "/sitecore/client/Applications/List Manager/Taskpages/Contact list" in Sitecore Experience Platform 8.1 rev. 160519 (8.1 Update-3) allows remote attacks via the Name or Description parameter. This is fixed in 8.2 Update-2.
by Pralhad Chaskar
CVSS 6.1
apng_disassembler < 2.8 - Buffer Overflow via Malformed IHDR Chunk
Buffer overflow in APNGDis 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted image containing a malformed image size descriptor in the IHDR chunk.
by Alwin Peppels
CVSS 5.5
apng_disassembler < 2.8 - Buffer Overflow via Chunk Size Descriptor
Buffer overflow in APNGDis 2.8 and earlier allows a remote attackers to cause denial of service and possibly execute arbitrary code via a crafted image containing a malformed chunk size descriptor.
by Alwin Peppels
CVSS 5.5
Joomla! Component Simple Membership 3.3.3 - 'userId' SQL Injection
by Ihsan Sencan
Joomla! Component Advertisement Board 3.0.4 - 'id' SQL Injection
by Ihsan Sencan
apng_disassembler < 2.8 - Buffer Overflow via Malformed IHDR Chunk
Buffer overflow in APNGDis 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted image containing a malformed image size descriptor in the IHDR chunk.
by Alwin Peppels
CVSS 5.5
apng_disassembler < 2.8 - Remote Code Execution via Crafted Filename
Buffer overflow in APNGDis 2.8 and below allows a remote attacker to execute arbitrary code via a crafted filename.
by Alwin Peppels
CVSS 7.8
apng_disassembler < 2.8 - Buffer Overflow via Chunk Size Descriptor
Buffer overflow in APNGDis 2.8 and earlier allows a remote attackers to cause denial of service and possibly execute arbitrary code via a crafted image containing a malformed chunk size descriptor.
by Alwin Peppels
CVSS 5.5
By Source