Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-103729 EXPLOITDB text VERIFIED
Wireshark - 'iseries_check_file_type' Stack Out-of-Bounds Read
by Google Security Research
EIP-2026-103623 EXPLOITDB text VERIFIED
pdfium - opj_jp2_apply_pclr 'libopenjpeg' Heap Out-of-Bounds Read
by Google Security Research
EIP-2026-103622 EXPLOITDB text VERIFIED
pdfium - opj_j2k_read_mcc 'libopenjpeg' Heap Out-of-Bounds Read
by Google Security Research
EIP-2026-100066 EXPLOITDB ruby VERIFIED
Google Android ADB Debug Server - Remote Payload Execution (Metasploit)
by Metasploit
CVE-2016-0006 EXPLOITDB HIGH text VERIFIED
Microsoft Windows - Local Privilege Escalation via Reparse Point Mishandling
The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles reparse points, which allows local users to gain privileges via a crafted application, aka "Windows Mount Point Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0007.
by Google Security Research
CVSS 7.3
CVE-2016-0007 EXPLOITDB HIGH text VERIFIED
Microsoft Windows - Local Privilege Escalation via Reparse Point Mishandling
The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles reparse points, which allows local users to gain privileges via a crafted application, aka "Windows Mount Point Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0006.
by Google Security Research
CVSS 7.8
CVE-2016-0007 EXPLOITDB HIGH text VERIFIED
Microsoft Windows - Local Privilege Escalation via Reparse Point Mishandling
The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles reparse points, which allows local users to gain privileges via a crafted application, aka "Windows Mount Point Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0006.
by Google Security Research
CVSS 7.8
EIP-2026-113602 EXPLOITDB text
WordPress Plugin Booking Calendar Contact Form 1.1.23 - SQL Injection
by i0akiN SEC-LABORATORY
EIP-2026-110565 EXPLOITDB html
pfSense Firewall 2.2.5 - Config File Cross-Site Request Forgery
by Aatif Shahdad
CVE-2015-0569 EXPLOITDB HIGH c
Linux Kernel 3.0.0-3.19.8 - Heap-Based Buffer Overflow in WLAN Driver via Packet Filter
Heap-based buffer overflow in the private wireless extensions IOCTL implementation in wlan_hdd_wext.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that establishes a packet filter.
by Shawn the R0ck
CVSS 7.8
CVE-2016-1879 EXPLOITDB HIGH python
FreeBSD <9.3p33, 10.1p26, 10.2p9 - DoS
The Stream Control Transmission Protocol (SCTP) module in FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9, when the kernel is configured for IPv6, allows remote attackers to cause a denial of service (assertion failure or NULL pointer dereference and kernel panic) via a crafted ICMPv6 packet.
by ptsecurity
CVSS 7.5
CVE-2015-8088 EXPLOITDB HIGH c
Huawei P8 and Mate 7 Firmware - Heap-Based Buffer Overflow in HIFI Driver
Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 before MT7-CL00C92B354 and P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, and GRA-UL10 before GRA-UL10C00B220 allows attackers to cause a denial of service (reboot) or execute arbitrary code via a crafted application.
by pray3r
CVSS 7.8
CVE-2016-20037 EXPLOITDB HIGH python
xwpe 1.5.30a-2.1 Stack-based Buffer Overflow
xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying overly long input strings that exceed buffer boundaries. Attackers can craft malicious command-line arguments with 262 bytes of junk data followed by shellcode to overwrite the instruction pointer and achieve code execution or denial of service.
by Juan Sacco
CVSS 8.4
EIP-2026-117727 EXPLOITDB text
Oracle - 'HtmlConverter.exe' Local Buffer Overflow
by hyp3rlinx
CVE-2016-0727 EXPLOITDB HIGH text
NTP Package <4.2.6.p3 - Privilege Escalation via Crontab Script
The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users with access to the ntp account to write to arbitrary files and consequently gain privileges via vectors involving statistics directory cleanup.
by halfdog
CVSS 7.8
EIP-2026-116050 EXPLOITDB text
PDF-XChange Viewer 2.5.315.0 - Shading Type 7 Heap Memory Corruption
by Sébastien Morin
CVE-2006-2961 EXPLOITDB python VERIFIED
CesarFTP <= 0.99g - Stack-Based Buffer Overflow via MKD Command
Stack-based buffer overflow in CesarFTP 0.99g and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MKD command. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
by Irving Aguilar
CVE-2016-0728 EXPLOITDB HIGH c
Linux kernel <4.4.1 - Privilege Escalation/DoS
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.
by Federico Bento
CVSS 7.8
CVE-2016-0728 EXPLOITDB HIGH c
Linux kernel <4.4.1 - Privilege Escalation/DoS
The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands.
by Perception Point Team
CVSS 7.8
CVE-2015-8283 EXPLOITDB MEDIUM text
SeaWell Networks Spectrum SDC <2.05.00 - Path Traversal
Directory traversal vulnerability in configure_manage.php in SeaWell Networks Spectrum SDC 02.05.00.
by Karn Ganeshen
CVSS 6.5
CVE-2015-8282 EXPLOITDB CRITICAL text
SeaWell Networks Spectrum SDC <2.05.00 - Info Disclosure
SeaWell Networks Spectrum SDC 02.05.00 has a default password of "admin" for the "admin" account.
by Karn Ganeshen
CVSS 9.8
EIP-2026-118099 EXPLOITDB text
WEG SuperDrive G2 12.0.0 - Insecure File Permissions
by LiquidWorm
CVE-2015-8284 EXPLOITDB HIGH text
SeaWell Networks Spectrum SDC <2.05.00 - Privilege Escalation
SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative functions.
by Karn Ganeshen
CVSS 8.8
EIP-2026-104976 EXPLOITDB text
Advanced Electron Forum 1.0.9 - Remote File Inclusion / Cross-Site Request Forgery
by hyp3rlinx
EIP-2026-104975 EXPLOITDB text
Advanced Electron Forum 1.0.9 - Persistent Cross-Site Scripting
by hyp3rlinx
By Source
All 50,076 Writeup 62,600 Exploitdb 50,076 Nomisec 22,502 Github 3,754 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 483 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,637 ruby 6,006 c 3,635 perl 2,849 html 2,076 php 1,334 bash 462 java 371 c++ 261 javascript 231 shell 140 go 74 postscript 25 typescript 25