Exploitdb Exploits
50,076 exploits tracked across all sources.
ManagEnegine ADManager Plus 6.5.40 - Multiple Vulnerabilities
by Mehmet Ince
Splunk 6.1.1 - Cross-Site Scripting via HTTP Referer Header
Cross-site scripting (XSS) vulnerability in Splunk 6.1.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer Header in a "404 Not Found" response. NOTE: this vulnerability might exist because of a CVE-2010-2429 regression.
by justpentest
Google Android max86902 Driver - 'sysfs' Interfaces Race Condition
by Google Security Research
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Type Confusion
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7200, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.
by Brian Pak
CVSS 8.8
Microsoft Edge - Remote Code Execution via Chakra JavaScript Engine Memory Corruption
The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruption Vulnerability," a different vulnerability than CVE-2016-7201, CVE-2016-7202, CVE-2016-7203, CVE-2016-7208, CVE-2016-7240, CVE-2016-7242, and CVE-2016-7243.
by Brian Pak
CVSS 8.8
Kaspersky 17.0.0 - Local CA Root Incorrectly Protected
by Google Security Research
Firejail <0.9.44.4 & 0.9.38.x LTS <0.9.38.8 - Sandbox-Escape
Firejail before 0.9.44.4 and 0.9.38.x LTS before 0.9.38.8 LTS does not consider the .Xauthority case during its attempt to prevent accessing user files with an euid of zero, which allows local users to conduct sandbox-escape attacks via vectors involving a symlink and the --private option.
by Sebastian Krahmer
CVSS 8.8
Atlassian Confluence < 5.10.5 - Cross-Site Scripting via newFileName Parameter
Cross-site scripting (XSS) vulnerability in Atlassian Confluence before 5.10.6 allows remote attackers to inject arbitrary web script or HTML via the newFileName parameter to pages/doeditattachment.action.
by Jodson Santos
CVSS 6.1
Microsoft Windows 8.1 (x64) - 'RGNOBJ' Integer Overflow (MS16-098)
by Saif
PHPMailer < 5.2.20 - Remote Code Execution via Sendmail Argument Injection
The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-10033.
by Dawid Golunski
CVSS 9.8
Zend Framework < 2.4.11 and zend-mail < 2.4.11 - Remote Code Execution via Sendmail Adapter setFrom Function
The setFrom function in the Sendmail adapter in the zend-mail component before 2.4.11, 2.5.x, 2.6.x, and 2.7.x before 2.7.2, and Zend Framework before 2.4.11 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted e-mail address.
by Dawid Golunski
CVSS 9.8
PHPMailer Sendmail Argument Injection
The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
by Dawid Golunski
CVSS 9.8
Internet Download Accelerator 6.10.1.1527 - FTP Buffer Overflow (SEH)
by Fady Mohammed Osman
SwiftMailer < 5.4.5 - Remote Code Execution via Mail Command Parameter Injection
The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer before 5.4.5 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted e-mail address in the (1) From, (2) ReturnPath, or (3) Sender header.
by Dawid Golunski
CVSS 9.8
Zend Framework < 2.4.11 and zend-mail < 2.4.11 - Remote Code Execution via Sendmail Adapter setFrom Function
The setFrom function in the Sendmail adapter in the zend-mail component before 2.4.11, 2.5.x, 2.6.x, and 2.7.x before 2.7.2, and Zend Framework before 2.4.11 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted e-mail address.
by Dawid Golunski
CVSS 9.8
WordPress Plugin Slider Templatic Tevolution < 2.3.6 - Arbitrary File Upload
by r3m1ck
PHPMailer Sendmail Argument Injection
The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
by anarc0der
CVSS 9.8
Dell SonicWALL Secure Mobile Access SMA 8.1 - Cross-Site Scripting / Cross-Site Request Forgery
by LiquidWorm
Dell SonicWALL Global Management System GMS 8.1 - Blind SQL Injection
by LiquidWorm
Android get_user/put_user Exploit
The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exploited in the wild against Android devices in October and November 2013.
by Metasploit
CVSS 8.8
Simply Poll 1.4.1 Plugin for WordPress SQL Injection
Simply Poll 1.4.1 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting SQL code through the 'pollid' POST parameter. Attackers can send requests to the admin-ajax.php endpoint with the 'spAjaxResults' action and malicious 'pollid' values to execute arbitrary SQL queries and read sensitive data from the WordPress database.
by TAD GROUP
CVSS 8.2
By Source