Exploitdb Exploits
50,076 exploits tracked across all sources.
Microsoft Windows - Authenticated Denial of Service via LSASS Crafted Request
Local Security Authority Subsystem Service (LSASS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote authenticated users to cause a denial of service (system hang) via a crafted request, aka "Local Security Authority Subsystem Service Denial of Service Vulnerability."
by laurent gaffie
CVSS 6.5
D-Link DSL-2730U/2750U/2750E - Path Traversal
A path traversal vulnerability exists in the web management interface of D-Link DSL-2730U, DSL-2750U, and DSL-2750E ADSL routers with firmware versions IN_1.02, SEA_1.04, and SEA_1.07. The vulnerability is due to insufficient input validation on the getpage parameter within the /cgi-bin/webproc CGI script. This flaw allows an unauthenticated remote attacker to perform path traversal attacks by supplying crafted requests, enabling arbitrary file read on the affected device. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-04 UTC.
by Todor Donev
Avira Antivirus 15.0.21.86 - '.zip' Directory Traversal / Command Execution
by R-73eN
Microsoft Windows Server 2008/2012 - LDAP RootDSE Netlogon Denial of Service
by Todor Donev
WordPress Plugin WassUp Real Time Analytics 1.9 - Persistent Cross-Site Scripting
by Burak Kelebek
WordPress Plugin 404 to 301 2.2.8 - Persistent Cross-Site Scripting
by Alyssa Milburn
Eir D1000 Wireless Router - WAN Side Remote Command Injection (Metasploit)
by Kenzo
Netgear WNR500/WNR612v3/JNR1010/JNR2010 ADSL Router - (Authenticated) Remote File Disclosure
by Todor Donev
Netgear JNR1010 ADSL Router - (Authenticated) Remote File Disclosure
by Todor Donev
Microsoft VBScript 5.6-5.8 - Remote Code Execution via Memory Corruption
vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "VBScript Memory Corruption Vulnerability."
by Skylined
Microsoft Internet Explorer 9 - MSHTML CPtsTextParaclient::CountApes Out-of-Bounds Read
by Skylined
Sophos Web Appliance 4.2.1.3 - Remote Code Execution
by KoreLogic
Schoolhos CMS 2.29 - 'kelas' SQL Injection
by Vulnerability-Lab
NodCMS - PHP Code Execution
by Ashiyane Digital Security Team
Acoem 01dB CUBE/DUO Smart Noise Monitor - Password Change
by Todor Donev
SweetRice 1.5.1 - Backup Disclosure
by Ashiyane Digital Security Team
SweetRice 1.5.1 - Arbitrary File Upload
by Ashiyane Digital Security Team
PCMan FTP Server 2.0.7 - 'SITE CHMOD' Remote Buffer Overflow
by Luis Noriega
PCMan FTP Server 2.0.7 - 'PORT' Remote Buffer Overflow
by Pablo González
PCMan FTP Server 2.0.7 - 'NLST' Remote Buffer Overflow
by Karri93
Freefloat FTP Server 1.0 - 'SITE ZONE' Remote Buffer Overflow
by Luis Noriega
By Source