Exploitdb Exploits
50,076 exploits tracked across all sources.
Intel Security VSEL <2.0.3 - Info Disclosure
SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter.
by Andrew Fasano
CVSS 6.2
Google Chrome (Fedora 25 / Ubuntu 16.04) - 'tracker-extract' / 'gnome-video-thumbnailer' + 'totem' Drive-By Download
by Chris Evans
Samsung Devices KNOX Extensions - OTP TrustZone Trustlet Stack Buffer Overflow
by Google Security Research
Samsung Devices KNOX Extensions - OTP Service Heap Overflow
by Google Security Research
Microsoft Internet Explorer <11 - Code Injection
Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3123.
by Skylined
WordPress Plugin Multisite Post Duplicator 0.9.5.1 - Cross-Site Request Forgery
by dxw
Sophos Web Appliance 4.2.1.3 - Authenticated Remote Command Injection via MgrReport.php
The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. These vulnerabilities occur in the MgrReport.php (/controllers/MgrReport.php) component responsible for blocking and unblocking IP addresses from accessing the device. The device doesn't properly escape the information passed in the variables 'unblockip' and 'blockip' before calling the shell_exec() function which allows for system commands to be injected into the device. The code erroneously suggests that the information handled is protected by utilizing the variable name 'escapedips' - however this was not the case. The Sophos ID is NSWA-1258.
by xort
CVSS 7.2
Sophos Web Appliance 4.2.1.3 - Remote Command Injection via MgrDiagnosticTools.php URL Parameter
The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. These vulnerabilities occur in MgrDiagnosticTools.php (/controllers/MgrDiagnosticTools.php), in the component responsible for performing diagnostic tests with the UNIX wget utility. The application doesn't properly escape the information passed in the 'url' variable before calling the executeCommand class function ($this->dtObj->executeCommand). This function calls exec() with unsanitized user input allowing for remote command injection. The page that contains the vulnerabilities, /controllers/MgrDiagnosticTools.php, is accessed by a built-in command answered by the administrative interface. The command that calls to that vulnerable page (passed in the 'section' parameter) is: 'configuration'. Exploitation of this vulnerability yields shell access to the remote machine under the 'spiderman' user account.
by xort
CVSS 7.2
Apache HTTP Server 2.4.17-2.4.23 - DoS
The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service (memory consumption) via crafted CONTINUATION frames in an HTTP/2 request.
by Jungun Baek
CVSS 7.5
Apple Iphone OS < 10.2 - Memory Corruption
An issue was discovered in certain Apple products. iOS before 10.2 is affected. tvOS before 10.1 is affected. watchOS before 3.1.1 is affected. The issue involves the "Profiles" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted certificate profile.
by Maksymilian Arciemowicz
CVSS 8.8
EasyPHP Devserver 16.1.1 - Insecure File Permissions Privilege Escalation
by Ashiyane Digital Security Team
OpenSSL 1.1.0-1.1.0b - Denial of Service via CHACHA20-POLY1305 Cipher Payload Corruption
In OpenSSL 1.1.0 before 1.1.0c, TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS attack by corrupting larger payloads. This can result in an OpenSSL crash. This issue is not considered to be exploitable beyond a DoS.
by Silverfox
CVSS 7.5
10-Strike Network File Search Pro 2.3 - Local Buffer Overflow (SEH)
by malwrforensics
Microsoft Internet Explorer 9 - MSHTML CElement::HasFlag Memory Corruption
by Skylined
Microsoft Internet Explorer 9 - RCE
Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1313.
by Skylined
Microsoft Internet Explorer <11 - Use After Free
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerability than CVE-2013-1308 and CVE-2013-2551.
by Skylined
Splunk Enterprise 6.4.3 - Server-Side Request Forgery
by Security-Assessment.com
D-Link DI-524 Firmware 9.01 - Cross-Site Request Forgery via CGI Programs
Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI programs.
by Felipe Soares de Souza
CVSS 8.0
By Source