Exploitdb Exploits
50,076 exploits tracked across all sources.
WHMCompleteSolution (WHMCS) Addon VMPanel 2.7.4 - SQL Injection
by ZwX
Horos 2.1.0 DICOM Medical Image Viewer - Denial of Service
by LiquidWorm
iPhone OS < 10.2 and macOS < 10.12.2 - Local Privilege Escalation via Power Management Mach Port Name References
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. The issue involves the "Power Management" component. It allows local users to gain privileges via unspecified vectors related to Mach port name references.
by Google Security Research
CVSS 7.8
Netcore and Netis Router Firmware - Unauthenticated Remote Code Execution via UDP Port 53413 Backdoor
A remote code execution vulnerability exists in multiple Netcore and Netis routers models with firmware released prior to August 2014 due to the presence of an undocumented backdoor listener on UDP port 53413. Exact version boundaries remain undocumented. An unauthenticated remote attacker can send specially crafted UDP packets to execute arbitrary commands on the affected device. This backdoor uses a hardcoded authentication mechanism and accepts shell commands post-authentication. Some device models include a non-standard implementation of the `echo` command, which may affect exploitability.
by nixawk
Nidesoft MP3 Converter 2.6.18 - Local Buffer Overflow (SEH)
by malwrforensics
Microsoft Internet Explorer 9 - MSHTML CMarkup::ReloadInCompatView Use-After-Free
by Skylined
Microsoft Internet Explorer <10 - Code Injection
Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3161.
by Skylined
Nagios < 4.2.1 - Arbitrary File Read and Write via Spoofed RSS Feed Response
MagpieRSS, as used in the front-end component in Nagios Core before 4.2.2 might allow remote attackers to read or write to arbitrary files by spoofing a crafted response from the Nagios RSS feed server. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4796.
by Dawid Golunski
CVSS 9.8
Nagios < 4.2.3 - Privilege Escalation via Symlink Attack on Log File
base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. NOTE: this can be leveraged by remote attackers using CVE-2016-9565.
by Dawid Golunski
CVSS 7.8
Apport < 2.20.4 - Path Traversal via Package Hook Fields
An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-hooks/ directory. An attacker can exploit this path traversal to execute arbitrary Python files from the local system.
by Donncha OCearbhaill
CVSS 7.8
Apport < 2.20.4 - Remote Code Execution via CrashDB Field Evaluation
An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code.
by Donncha OCearbhaill
CVSS 7.8
Adobe Animate <= 15.2.1.95 - Memory Corruption
Adobe Animate versions 15.2.1.95 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
by hyp3rlinx
CVSS 9.8
Debian jessie <1.0.9.8.4, Debian unstable <1.4~beta2, Ubuntu 14.04 ...
The apt package in Debian jessie before 1.0.9.8.4, in Debian unstable before 1.4~beta2, in Ubuntu 14.04 LTS before 1.0.1ubuntu2.17, in Ubuntu 16.04 LTS before 1.2.15ubuntu0.2, and in Ubuntu 16.10 before 1.3.2ubuntu0.1 allows man-in-the-middle attackers to bypass a repository-signing protection mechanism by leveraging improper error handling when validating InRelease file signatures.
by Google Security Research
CVSS 5.9
Apport < 2.20.3 - Unauthenticated Command Execution via Malicious Crash File
An issue was discovered in Apport before 2.20.4. A malicious Apport crash file can contain a restart command in `RespawnCommand` or `ProcCmdline` fields. This command will be executed if a user clicks the Relaunch button on the Apport prompt from the malicious crash file. The fix is to only show the Relaunch button on Apport crash files generated by local systems. The Relaunch button will be hidden when crash files are opened directly in Apport-GTK.
by Donncha OCearbhaill
CVSS 6.5
Intel Security VSEL <2.0.3 - Info Disclosure
Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing.
by Andrew Fasano
CVSS 8.1
Intel Security VSEL <2.0.3 - Auth Bypass
Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie.
by Andrew Fasano
CVSS 8.1
McAfee VirusScan Enterprise Linux < 2.0.3 - Authentication Bypass via Crafted Cookie
Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie.
by Andrew Fasano
CVSS 7.5
Intel Security VirusScan Enterprise Linux <2.0.3 - RCE
Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file.
by Andrew Fasano
CVSS 5.0
Intel Security VirusScan Enterprise Linux <2.0.3 - Code Injection
Improper control of generation of code vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to execute arbitrary code via a crafted HTTP request parameter.
by Andrew Fasano
CVSS 8.0
McAfee VirusScan Enterprise Linux < 2.0.3 - Unauthenticated Cross-Site Scripting via Crafted User Input
Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input.
by Andrew Fasano
CVSS 6.1
McAfee VirusScan Enterprise Linux < 2.0.3 - Authenticated Cross-Site Request Forgery
Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input.
by Andrew Fasano
CVSS 4.3
Intel Security VSEL <2.0.3 - Code Injection
Special element injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to read files on the webserver via a crafted user input.
by Andrew Fasano
CVSS 4.1
Intel Security VirusScan Enterprise Linux <2.0.3 - Info Disclosure
Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter.
by Andrew Fasano
CVSS 3.4
By Source