Exploitdb Exploits
50,076 exploits tracked across all sources.
Contrexx CMS egov Module 1.0.0 - SQL Injection
by hamidreza borghei
Cherry Music <0.36.0 - Path Traversal
Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download."
by feedersec
CVSS 4.3
Open-Xchange OX Guard < 2.4.2 - Stored Cross-Site Scripting via PGP Signature Verification
An issue was discovered in Open-Xchange OX Guard before 2.4.2-rev5. Script code which got injected to a mail with inline PGP signature gets executed when verifying the signature. Malicious script code can be executed within a user's context. This can lead to session hijacking or triggering unwanted actions via the web interface (sending mail, deleting data etc.).
by Benjamin Daniel Mussler
CVSS 6.1
Open-Xchange OX App Suite <7.8.2-rev5 - RCE
An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev5. JavaScript code can be used as part of ical attachments within scheduling E-Mails. This content, for example an appointment's location, will be presented to the user at the E-Mail App, depending on the invitation workflow. This code gets executed within the context of the user's current session. Malicious script code can be executed within a user's context. This can lead to session hijacking or triggering unwanted actions via the web interface (sending mail, deleting data etc.).
by Jakub A>>oczek
CVSS 6.1
COMTREND ADSL Router CT-5367 C01_R12 / CT-5624 C01_R03 - DNS Change
by Todor Donev
Oracle MySQL, MariaDB, Percona Server - Privilege Escalation via my.cnf
Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to create arbitrary configurations and bypass certain protection mechanisms by setting general_log_file to a my.cnf configuration. NOTE: this can be leveraged to execute arbitrary code with root privileges by setting malloc_lib. NOTE: the affected MySQL version information is from Oracle's October 2016 CPU. Oracle has not commented on third-party claims that the issue was silently patched in MySQL 5.5.52, 5.6.33, and 5.7.15.
by Dawid Golunski
CVSS 9.8
Vodafone Mobile Wifi - Reset Admin Password
by Daniele Linguaglossa
LogMeIn Client 1.3.2462 (x64) - Local Credentials Disclosure
by Yakir Wizman
Dropbox Desktop Client 9.4.49 (x64) - Local Credentials Disclosure
by Yakir Wizman
Apple iCloud Desktop Client 5.2.1.0 - Local Credentials Disclosure
by Yakir Wizman
Adobe Flash Player <18.0.0.366,19.x-22.x - Info Disclosure
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory via unspecified vectors.
by Google Security Research
CVSS 7.5
Adobe Flash Player <22.0.0.209 - Use After Free
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, and CVE-2016-4248.
by Google Security Research
CVSS 8.8
Android <4.4.4, <5.0.2, <5.1.1, <2016-09-01 - RCE
LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles conversions between Unicode character encodings with different encoding widths, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted file, aka internal bug 29250543.
by Google Security Research
CVSS 7.8
SugarCRM - Unauthenticated Remote Code Execution via PHP Object Injection
A PHP object injection vulnerability exists in SugarCRM versions prior to 6.5.24, 6.7.13, 7.5.2.5, 7.6.2.2, and 7.7.1.0 due to improper validation of PHP serialized input in the SugarRestSerialize.php script. The vulnerable code fails to sanitize the rest_data parameter before passing it to the unserialize() function. This allows an unauthenticated attacker to submit crafted serialized data containing malicious object declarations, resulting in arbitrary code execution within the application context. Although SugarCRM released a prior fix in advisory sugarcrm-sa-2016-001, the patch was incomplete and failed to address some vectors. Exploitation evidence was observed by the Shadowserver Foundation on 2024-09-13 UTC.
by Egidio Romano
By Source