Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-104974 EXPLOITDB text
Advanced Electron Forum 1.0.9 - Cross-Site Request Forgery
by hyp3rlinx
CVE-2016-20050 EXPLOITDB MEDIUM python VERIFIED
NetSchedScan 1.0 Buffer Overflow Denial of Service
NetSchedScan 1.0 contains a buffer overflow vulnerability in the scan Hostname/IP field that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a crafted payload containing 388 bytes of data followed by 4 bytes of EIP overwrite into the Hostname/IP field to trigger a denial of service condition.
by Abraham Espinosa
CVSS 6.2
CVE-2016-10730 EXPLOITDB HIGH text
Amanda 3.3.1 - Privilege Escalation via Amstar --star-path Argument
An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API script. It should not be run by users directly. It uses star to backup and restore data. It runs binaries with root permissions when parsing the command line argument --star-path.
by Hacker Fantastic
CVSS 7.8
CVE-2015-8770 EXPLOITDB HIGH text
Roundcube Webmail < 1.0.8 and 1.1.x < 1.1.4 - Authenticated Path Traversal via _skin Parameter
Directory traversal vulnerability in the set_skin function in program/include/rcmail_output_html.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain permissions to read arbitrary files or possibly execute arbitrary code via a .. (dot dot) in the _skin parameter to index.php.
by High-Tech Bridge SA
CVSS 7.5
EIP-2026-111035 EXPLOITDB
phpDolphin 2.0.5 - Multiple Vulnerabilities
by WhiteCollarGroup
CVE-2015-8356 EXPLOITDB HIGH text
Bitrix mcart.xls <6.5.2 - SQL Injection
Multiple SQL injection vulnerabilities in the mcart.xls module 6.5.2 and earlier for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) xls_profile parameter to admin/mcart_xls_import.php or the (2) xls_iblock_id, (3) xls_iblock_section_id, (4) firstRow, (5) titleRow, (6) firstColumn, (7) highestColumn, (8) sku_iblock_id, or (9) xls_iblock_section_id_new parameter to admin/mcart_xls_import_step_2.php.
by High-Tech Bridge SA
CVSS 8.0
EIP-2026-102370 EXPLOITDB python VERIFIED
GlassFish Server - Arbitrary File Read
by bingbing
EIP-2026-112006 EXPLOITDB python
SevOne NMS 5.3.6.0 - Remote Command Execution
by @iamsecurity
EIP-2026-104318 EXPLOITDB text
Manage Engine Applications Manager 12 - Multiple Vulnerabilities
by Bikramaditya Guha
EIP-2026-104317 EXPLOITDB python
Manage Engine Application Manager 12.5 - Arbitrary Command Execution
by Bikramaditya Guha
CVE-2016-0015 EXPLOITDB HIGH text VERIFIED
Microsoft Windows - Remote Code Execution via Crafted File in DirectShow
DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka "DirectShow Heap Corruption Remote Code Execution Vulnerability."
by Google Security Research
CVSS 7.8
CVE-2016-0016 EXPLOITDB HIGH text VERIFIED
Microsoft Windows - Untrusted Search Path DLL Loading Privilege Escalation
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability."
by Google Security Research
CVSS 7.8
CVE-2015-8261 EXPLOITDB CRITICAL python
Ipswitch WhatsUp Gold <16.4 - SQL Injection
The DroneDeleteOldMeasurements implementation in Ipswitch WhatsUp Gold before 16.4 does not properly validate serialized XML objects, which allows remote attackers to conduct SQL injection attacks via a crafted SOAP request.
by Matt Buzanowski
CVSS 9.8
EIP-2026-116259 EXPLOITDB python VERIFIED
SNScan 1.05 - Scan Hostname/IP Field Buffer Overflow Crash (PoC)
by Daniel Velazquez
CVE-2015-8660 EXPLOITDB MEDIUM c
Overlayfs Privilege Escalation
The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.
by halfdog
CVSS 6.7
CVE-2015-8396 EXPLOITDB CRITICAL c++
Grassroots DICOM < 2.6.2 - Remote Code Execution via Crafted DICOM Header Dimensions
Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows attackers to execute arbitrary code via crafted header dimensions in a DICOM image file, which triggers a buffer overflow.
by Stelios Tsampas
CVSS 10.0
EIP-2026-101274 EXPLOITDB text
FingerTec Fingerprint Reader - Remote Access and Remote Enrolment
by Daniel Lawson
EIP-2026-100987 EXPLOITDB text
Apple watchOS 2 - Crash (PoC)
by Mohammad Reza Espargham
CVE-2016-10729 EXPLOITDB HIGH c
Amanda 3.3.1 - Authenticated Command Injection via runtar Binary Argument Manipulation
An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied after --create, allowing users to manipulate commands and perform command injection as root.
by Hacker Fantastic
CVSS 7.8
CVE-2015-8634 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player < 18.0.0.268 - Use-After-Free
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650.
by Google Security Research
CVSS 8.8
CVE-2016-3987 EXPLOITDB CRITICAL html VERIFIED
Trend Micro Password Manager - Command Injection
The HTTP server in Trend Micro Password Manager allows remote web servers to execute arbitrary commands via the url parameter to (1) api/openUrlInDefaultBrowser or (2) api/showSB.
by Google Security Research
CVSS 9.8
CVE-2015-7768 EXPLOITDB python VERIFIED
Konica Minolta FTP Utility 1.0 - RCE
Buffer overflow in Konica Minolta FTP Utility 1.0 allows remote attackers to execute arbitrary code via a long CWD command.
by TOMIWA
EIP-2026-115515 EXPLOITDB python
KeePass Password Safe Classic 1.29 - Crash (PoC)
by Mohammad Reza Espargham
CVE-2015-8635 EXPLOITDB HIGH text VERIFIED
Adobe Flash Player < 18.0.0.324, 19.x-20.x < 20.0.0.267, AIR < 20.0.0.233 - Use-After-Free
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8634, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, and CVE-2015-8650.
by Google Security Research
CVSS 8.8
EIP-2026-104425 EXPLOITDB text
SedSystems D3 Decimator - Multiple Vulnerabilities
by prdelka
By Source
All 50,076 Writeup 62,600 Exploitdb 50,076 Nomisec 22,502 Github 3,754 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 483 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,637 ruby 6,006 c 3,635 perl 2,849 html 2,076 php 1,334 bash 462 java 371 c++ 261 javascript 231 shell 140 go 74 postscript 25 typescript 25