Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2015-1328 EXPLOITDB HIGH ruby VERIFIED
Linux kernel <3.19.0-21.21 - Privilege Escalation
The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.
by Metasploit
CVSS 7.8
EIP-2026-101832 EXPLOITDB text
LifeSize Room 5.0.9 - Multiple Vulnerabilities
by Xiphos Research Ltd
EIP-2026-101086 EXPLOITDB text
SunellSecurity NVR / Camera - Denial of Service
by qwsj
CVE-2006-0441 EXPLOITDB python VERIFIED
Sami FTP Server 2.0.1 - Stack-Based Buffer Overflow via Long USER Command
Stack-based buffer overflow in Sami FTP Server 2.0.1 allows remote attackers to execute arbitrary code via a long USER command, which triggers the overflow when the log is viewed.
by n30m1nd
EIP-2026-118576 EXPLOITDB python VERIFIED
Freefloat FTP Server 1.0 - 'RMD' Remote Buffer Overflow
by Karri93
EIP-2026-118574 EXPLOITDB python VERIFIED
Freefloat FTP Server 1.0 - 'RENAME' Remote Buffer Overflow
by Eagleblack
EIP-2026-118571 EXPLOITDB python VERIFIED
Freefloat FTP Server 1.0 - 'HOST' Remote Buffer Overflow
by Cybernetic
EIP-2026-118568 EXPLOITDB python VERIFIED
Freefloat FTP Server 1.0 - 'ABOR' Remote Buffer Overflow
by Ger
EIP-2026-111933 EXPLOITDB text VERIFIED
School Registration and Fee System - Authentication Bypass
by opt1lc
EIP-2026-109670 EXPLOITDB text VERIFIED
My Little Forum 2.3.7 - Multiple Vulnerabilities
by Ashiyane Digital Security Team
CVE-2016-6664 EXPLOITDB HIGH bash
Oracle MySQL, MariaDB, Percona Server, Percona XtraDB Cluster - Privilege Escalation via Symlink Attack
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.
by Dawid Golunski
CVSS 7.0
CVE-2016-6663 EXPLOITDB HIGH c
Oracle MySQL <5.5.52, 5.6.x <5.6.33, 5.7.x <5.7.15, and 8.x <8.0.1 - Privilege Escalation
Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17 allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
by Dawid Golunski
CVSS 7.0
EIP-2026-102674 EXPLOITDB python
Memcached 1.4.33 - 'sasl' (PoC)
by p0wd3r / dawu
EIP-2026-102673 EXPLOITDB python
Memcached 1.4.33 - 'Crash' (PoC)
by p0wd3r / dawu
EIP-2026-102672 EXPLOITDB python
Memcached 1.4.33 - 'Add' (PoC)
by p0wd3r / dawu
CVE-2016-9176 EXPLOITDB CRITICAL text VERIFIED
Micro Focus Rumba <9.4 - Buffer Overflow
Stack buffer overflow in the send.exe and receive.exe components of Micro Focus Rumba 9.4 and earlier could be used by local attackers or attackers able to inject arguments to these binaries to execute code.
by Umit Aksu
CVSS 9.8
CVE-2016-10737 EXPLOITDB MEDIUM text VERIFIED
Serendipity 2.0.4 - Cross-Site Scripting via serendipity[body] Parameter
Serendipity 2.0.4 has XSS via the serendipity_admin.php serendipity[body] parameter.
by Besim
CVSS 5.4
CVE-2016-5764 EXPLOITDB HIGH python
Micro Focus Rumba FTP <4.5 - Buffer Overflow
Micro Focus Rumba FTP 4.X client buffer overflow makes it possible to corrupt the stack and allow arbitrary code execution. Fixed in: Rumba FTP 4.5 (HF 14668). This can only occur if a client connects to a malicious server.
by Umit Aksu
CVSS 8.8
EIP-2026-119023 EXPLOITDB python VERIFIED
PCMan FTP Server 2.0.7 - 'DELETE' Remote Buffer Overflow
by ScrR1pTK1dd13
CVE-2016-7384 EXPLOITDB HIGH text VERIFIED
NVIDIA GPU Driver R340 < 342.00 & R375 < 375.63 - DoS or Privilege Escalation via UVMLiteController IOCTL
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) where unchecked input/output lengths in UVMLiteController Device IO Control handling may lead to denial of service or potential escalation of privileges.
by Google Security Research
CVSS 7.8
CVE-2016-8812 EXPLOITDB HIGH text VERIFIED
NVIDIA GeForce Experience <GFE 2.11.4.125-3.1.0.52 - Buffer Overflow
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA GeForce Experience R340 before GFE 2.11.4.125 and R375 before GFE 3.1.0.52 contains a vulnerability in the kernel mode layer (nvstreamkms.sys) allowing a user to cause a stack buffer overflow with specially crafted executable paths, leading to a denial of service or escalation of privileges.
by Google Security Research
CVSS 8.8
CVE-2016-7385 EXPLOITDB HIGH text VERIFIED
NVIDIA GPU Driver R340 < 342.00 & R375 < 375.63 - DoS or Privilege Escalation via Unvalidated Array Index
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x700010d where a value passed from a user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges.
by Google Security Research
CVSS 7.8
CVE-2016-7387 EXPLOITDB HIGH text VERIFIED
NVIDIA GPU Driver R340 < 342.00 and R375 < 375.63 - Denial of Service or Privilege Escalation via DxgDdiEscape Handler
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x600000D where a value passed from a user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges.
by Google Security Research
CVSS 7.8
CVE-2016-8806 EXPLOITDB HIGH text VERIFIED
NVIDIA Windows GPU Display Driver and R375 before 375.63 <342.00-375.63 - Privilege Escalation
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x5000027 where a pointer passed from an user to the driver is used without validation, leading to denial of service or potential escalation of privileges.
by Google Security Research
CVSS 7.8
CVE-2016-8805 EXPLOITDB HIGH text VERIFIED
NVIDIA Windows GPU Display Driver - Privilege Escalation
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgDdiEscape ID 0x7000014 where a value passed from an user to the driver is used without validation as the index to an internal array, leading to denial of service or potential escalation of privileges.
by Google Security Research
CVSS 7.8
By Source
All 50,076 Writeup 62,509 Exploitdb 50,076 Nomisec 22,473 Github 3,698 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 480 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,607 ruby 6,006 c 3,632 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 135 go 73 postscript 25 typescript 25