Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2016-3135 EXPLOITDB HIGH
Linux Kernel < 4.4.21 - Local Privilege Escalation via xt_alloc_table_info Integer Overflow
Integer overflow in the xt_alloc_table_info function in net/netfilter/x_tables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.
CVSS 7.8
CVE-2015-3245 EXPLOITDB
libuser < 0.56.13-8 and 0.60 < 0.60-7 - Denial of Service via GECOS Field Newline Injection
Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newline character in the GECOS field.
CVE-2012-4512 EXPLOITDB HIGH
KDE Konqueror - Denial of Service and Memory Disclosure via CSS Font Face Source Type Confusion
The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."
CVSS 8.8
CVE-2012-4513 EXPLOITDB
Konqueror in KDE 4.7.3 - Heap-Based Buffer Over-Read via Large Canvas Dimensions
khtml/imload/scaledimageplane.h in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via large canvas dimensions, which leads to an unexpected sign extension and a heap-based buffer over-read.
CVE-2012-4514 EXPLOITDB
KDE < 4.9.3 - Denial of Service via Null Pointer Dereference in Rendering
rendering/render_replaced.cpp in Konqueror in KDE before 4.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted web page, related to "trying to reuse a frame with a null part."
CVE-2008-4514 EXPLOITDB
KDE Konqueror 3.5.9 - Denial of Service via Long Font Color Value
The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service (application crash) via a font tag with a long color value, which triggers an assertion error.
CVE-2011-3607 EXPLOITDB
Apache HTTP Server <2.0.64, 2.2.x - Privilege Escalation
Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow.
CVE-2011-3192 EXPLOITDB c
Apache HTTP Server 1.3.x 2.0.35-2.0.64 2.2.0-2.2.19 - Denial of Service via Range Header Overlap
The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086.
CVE-2014-3437 EXPLOITDB
Symantec Endpoint Protection Manager < 12.1 RU5 - XML External Entity Injection via Management Console
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote attackers to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CVE-2014-3438 EXPLOITDB
Symantec Endpoint Protection Manager < 12.1 RU5 - Cross-Site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in console interface scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-0285 EXPLOITDB
Stoneware webNetwork <6.0.8.0 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Stoneware webNetwork before 6.0.8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2022-43769 EXPLOITDB HIGH
Pentaho Business Server Auth Bypass and Server Side Template Injection RCE
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream.
CVSS 8.8
CVE-2012-2315 EXPLOITDB
OpenKM <5.1.8-2 - Privilege Escalation
admin/Auth in OpenKM 5.1.7 and other versions before 5.1.8-2 does not properly enforce privileges for changing user roles, which allows remote authenticated users to assign administrator privileges to arbitrary users via the userEdit action.
CVE-2014-5216 EXPLOITDB
NetIQ Access Manager 4.x - Cross-Site Scripting via Multiple Parameters
Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x before 4.0.1 HF3 allow remote attackers to inject arbitrary web script or HTML via (1) the location parameter in a dev.Empty action to nps/servlet/webacc, (2) the error parameter to nidp/jsp/x509err.jsp, (3) the lang parameter to sslvpn/applet_agent.jsp, or (4) the secureLoggingServersA parameter to roma/system/cntl, a different issue than CVE-2014-9412.
CVE-2008-6365 EXPLOITDB
Ad Server Solutions Ad Management Software Java - SQL Injection via logon.jsp uname or pass Parameter
SQL injection vulnerability in logon.jsp in Ad Server Solutions Ad Management Software Java allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password, related to the uname or pass parameters to logon.jsp or logon_processing.jsp. NOTE: some of these details are obtained from third party information.
CVE-2015-6493 EXPLOITDB
Mango Automation 2.5.x and 2.6.x through 2.6.0 build 430 - Authenticated Cross-Site Request Forgery
Cross-site request forgery (CSRF) vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.0 build 430 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
CVE-2015-6494 EXPLOITDB
Mango Automation 2.5.x and 2.6.x < 2.6.0 build 430 - Authenticated Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-7900 EXPLOITDB
Infinite Automation Mango Automation <2.6.0-430 - Info Disclosure
Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote attackers to obtain sensitive debugging information by entering a crafted URL to trigger an exception, and then visiting a certain status page.
CVE-2015-7901 EXPLOITDB
Infinite Automation Mango Automation <2.6.0-430 - Command Injection
Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.0 build 430 allows remote authenticated users to execute arbitrary OS commands via unspecified vectors.
CVE-2015-7902 EXPLOITDB
Mango Automation <2.6.0-430 - Info Disclosure
Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 provides different error messages for failed login attempts in unspecified circumstances, which allows remote attackers to obtain sensitive information via a series of requests.
CVE-2015-7903 EXPLOITDB
Infinite Automation Mango Automation <2.6.0 - SQL Injection
SQL injection vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVE-2011-2755 EXPLOITDB
ManageEngine ServiceDesk Plus 8.0 - Path Traversal via FileDownload.jsp
Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0 before Build 8012 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2011-2755 EXPLOITDB
ManageEngine ServiceDesk Plus 8.0 - Path Traversal via FileDownload.jsp
Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0 before Build 8012 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2011-2755 EXPLOITDB perl
ManageEngine ServiceDesk Plus 8.0 - Path Traversal via FileDownload.jsp
Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0 before Build 8012 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2014-7866 EXPLOITDB
ZOHO ManageEngine OpManager 8-11.4 Path Traversal & Arbitrary File Write via Servlets
Multiple directory traversal vulnerabilities in ZOHO ManageEngine OpManager 8 (build 88xx) through 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allow remote attackers or remote authenticated users to write and execute arbitrary files via a .. (dot dot) in the (1) fileName parameter to the MigrateLEEData servlet or (2) zipFileName parameter in a downloadFileFromProbe operation to the MigrateCentralData servlet.
By Source
All 50,076 Writeup 62,344 Exploitdb 50,076 Nomisec 22,425 Github 3,649 Metasploit 3,314 Vulncheck_xdb 929 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,585 ruby 6,005 c 3,628 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 229 shell 132 go 73 postscript 25 typescript 25