Exploitdb Exploits
50,076 exploits tracked across all sources.
Microsoft Windows Media Center 6.1.7600 - 'ehshell.exe' XML External Entity Injection
by hyp3rlinx
Microsoft Excel Starter 2010 - XML External Entity Injection
by hyp3rlinx
Microsoft Authorization Manager 6.1.7601 - 'azman' XML External Entity Injection
by hyp3rlinx
BlackStratus LOGStorm 4.5.1.35/4.5.1.96 - Remote Code Execution
by Jeremy Brown
Disk Savvy Enterprise 9.1.14 - 'GET' Remote Buffer Overflow
by vportal
Broadcom BCM43xx Wi-Fi Firmware Broadpwn - Remote Code Execution
Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute arbitrary code via unspecified vectors, aka the "Broadpwn" issue.
by 649
CVSS 9.8
WP Vault 0.8.6.6 Local File Inclusion via wpv-image Parameter
WP Vault 0.8.6.6 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting an unescaped parameter in the include functionality. Attackers can supply directory traversal sequences through the wpv-image GET parameter to access sensitive files like system configuration and credentials.
by Lenon Leite
CVSS 6.2
WinPower 4.9.0.4 - Local Privilege Escalation
by Kacper Szurek
VX Search Enterprise 9.1.12 - 'Login' Remote Buffer Overflow
by Tulpa
Sync Breeze Enterprise 9.1.16 - 'Login' Remote Buffer Overflow
by Tulpa
Dup Scout Enterprise 9.1.14 - 'Login' Remote Buffer Overflow
by Tulpa
Disk Sorter Enterprise 9.1.12 - 'Login' Remote Buffer Overflow
by Tulpa
Disk Savvy Enterprise 9.1.14 - 'Login' Remote Buffer Overflow
by Tulpa
Disk Pulse Enterprise 9.1.16 - 'Login' Remote Buffer Overflow
by Tulpa
Microsoft Internet Explorer 9-11 - Remote Code Execution via Memory Corruption
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2016-0060, CVE-2016-0061, CVE-2016-0067, and CVE-2016-0072.
by Skylined
CVSS 8.8
Microsoft Internet Explorer 8 and 9 - Remote Code Execution or Denial of Service via Memory Corruption
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-8967 and CVE-2015-0044.
by Skylined
Microsoft Internet Explorer 11 - MSHTML 'CGeneratedContent::HasGeneratedSVGMarker' Type Confusion
by Skylined
Microsoft Internet Explorer 10 - Memory Corruption
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3118 and CVE-2013-3125.
by Skylined
Linux Kernel 2.x-4.x < 4.8.3 - Local Privilege Escalation via Dirty COW Race Condition
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
by FireFart
CVSS 7.0
ntp 4.2.0-4.2.8 - Denial of Service via Long Data Value in Mode 6 or 7 Packet
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
by Magnus Klaaborg Stubman
CVSS 6.5
By Source