Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-110236 EXPLOITDB text VERIFIED
Open Source Real Estate Script 3.6.0 - SQL Injection
by Meisam Monsef
CVE-2015-4870 EXPLOITDB python
Oracle MySQL Server <5.5.45-5.6.26 - DoS
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.
by Osanda Malith Jayathissa
CVE-2016-1887 EXPLOITDB HIGH c
FreeBSD <10.1p34, <10.2p17, <10.3p3 - DoS
Integer signedness error in the sockargs function in sys/kern/uipc_syscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service (memory overwrite and kernel panic) or gain privileges via a negative buflen argument, which triggers a heap-based buffer overflow.
by CTurt
CVSS 7.8
CVE-2016-1886 EXPLOITDB HIGH c
FreeBSD <9.3 p42, 10.1 p34, 10.2 p17, 10.3 p3 - Memory Corruption via SETFKEY ioctl
Integer signedness error in the genkbd_commonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory overwrite and kernel crash), or gain privileges via a negative value in the flen structure member in the arg argument in a SETFKEY ioctl call, which triggers a "two way heap and stack overflow."
by CTurt
CVSS 7.8
CVE-2016-5108 EXPLOITDB CRITICAL text VERIFIED
Debian Linux < 2.2.3 - Memory Corruption
Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted QuickTime IMA file.
by Patrick Coleman
CVSS 9.8
EIP-2026-110749 EXPLOITDB text
PHP Realestate Script Script 4.9.0 - SQL Injection
by Meisam Monsef
CVE-2016-2004 EXPLOITDB CRITICAL python VERIFIED
HPE Data Protector <7.03_108,8.x<8.15,9.x<9.06 - RCE
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2623.
by Ian Lovering
CVSS 9.8
CVE-2016-1606 EXPLOITDB CRITICAL text
Micro Focus Rumba <9.4 HF 13960 - Buffer Overflow
Multiple stack-based buffer overflows in COM objects in Micro Focus Rumba 9.4.x before 9.4 HF 13960 allow remote attackers to execute arbitrary code via (1) the NetworkName property value to ObjectXSNAConfig.ObjectXSNAConfig in iconfig.dll, (2) the CPName property value to ObjectXSNAConfig.ObjectXSNAConfig in iconfig.dll, (3) the PrinterName property value to ProfileEditor.PrintPasteControl in ProfEdit.dll, (4) the Data argument to the WriteRecords function in FTXBIFFLib.AS400FtxBIFF in FtxBIFF.dll, (5) the Serialized property value to NMSECCOMPARAMSLib.SSL3 in NMSecComParams.dll, (6) the UserName property value to NMSECCOMPARAMSLib.FirewallProxy in NMSecComParams.dll, (7) the LUName property value to ProfileEditor.MFSNAControl in ProfEdit.dll, (8) the newVal argument to the Load function in FTPSFTPLib.SFtpSession in FTPSFtp.dll, or (9) a long Host field in the FTP Client.
by LiquidWorm
CVSS 9.8
EIP-2026-111707 EXPLOITDB text
Real Estate Portal 4.1 - Multiple Vulnerabilities
by Bikramaditya Guha
EIP-2026-106777 EXPLOITDB text
EduSec 4.2.5 - SQL Injection
by Bikramaditya Guha
EIP-2026-103510 EXPLOITDB text VERIFIED
Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap Overread
by Google Security Research
EIP-2026-103509 EXPLOITDB text VERIFIED
Graphite2 - TtfUtil::CheckCmapSubtable12 Heap Overread
by Google Security Research
EIP-2026-103508 EXPLOITDB text VERIFIED
Graphite2 - NameTable::getName Multiple Heap Out-of-Bounds Reads
by Google Security Research
EIP-2026-103507 EXPLOITDB text VERIFIED
Graphite2 - GlyphCache::Loader Heap Overreads
by Google Security Research
EIP-2026-103506 EXPLOITDB text VERIFIED
Graphite2 - GlyphCache::GlyphCache Heap Buffer Overflow
by Google Security Research
CVE-2015-9266 EXPLOITDB CRITICAL ruby VERIFIED
Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP - Unauthenticated Path Traversal and Arbitrary File Write
The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques. An attacker can exploit this vulnerability to gain root privileges. This vulnerability is fixed in the following product versions (fixes released in July 2015, all prior versions are affected): airMAX AC 7.1.3; airMAX M (and airRouter) 5.6.2 XM/XW/TI, 5.5.11 XM/TI, and 5.5.10u2 XW; airGateway 1.1.5; airFiber AF24/AF24HD 2.2.1, AF5x 3.0.2.1, and AF5 2.2.1; airOS 4 XS2/XS5 4.0.4; and EdgeSwitch XP (formerly TOUGHSwitch) 1.3.2.
by Metasploit
CVSS 9.8
CVE-2016-0491 EXPLOITDB ruby VERIFIED
Oracle Application Testing Suite - Unspecified Vuln
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect integrity and availability via unknown vectors related to Load Testing for Web Apps. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that the UploadFileAction servlet allows remote authenticated users to upload and execute arbitrary files via an * (asterisk) character in the fileType parameter.
by Metasploit
EIP-2026-102348 EXPLOITDB text VERIFIED
PowerFolder Server 10.4.321 - Remote Code Execution
by Hans-Martin Muench
CVE-2016-0492 EXPLOITDB ruby VERIFIED
Oracle Application Testing Suite - Info Disclosure
Unspecified vulnerability in the Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Load Testing for Web Apps, a different vulnerability than CVE-2016-0488. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a directory traversal vulnerability in the isAllowedUrl function, which allows remote attackers to bypass authentication via directory traversal sequences following a URI entry that does not require authentication, as demonstrated by olt/Login.do/../../olt/UploadFileUpload.do.
by Metasploit
EIP-2026-100102 EXPLOITDB text
AfterLogic WebMail Pro ASP.NET 6.2.6 - Administrator Account Disclosure via XML External Entity Injection
by Mehmet Ince
EIP-2026-117725 EXPLOITDB text
Operation Technology ETAP 14.1.0 - Local Privilege Escalation
by LiquidWorm
EIP-2026-116011 EXPLOITDB text
Operation Technology ETAP 14.1.0 - Multiple Stack Buffer Overrun Vulnerabilities
by LiquidWorm
EIP-2026-114419 EXPLOITDB text VERIFIED
XenAPI 1.4.1 for XenForo - Multiple SQL Injections
by Julien Ahrens
EIP-2026-113847 EXPLOITDB python
WordPress Plugin Job Script by Scubez - Remote Code Execution
by Bikramaditya Guha
CVE-2016-2386 EXPLOITDB CRITICAL text
SAP NetWeaver Application Server Java 7.40 - SQL Injection
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079.
by ERPScan
CVSS 9.8
By Source
All 50,076 Writeup 62,541 Exploitdb 50,076 Nomisec 22,494 Github 3,729 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 480 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,625 ruby 6,006 c 3,635 perl 2,849 html 2,076 php 1,334 bash 462 java 371 c++ 261 javascript 231 shell 137 go 73 postscript 25 typescript 25