Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-108026 EXPLOITDB text VERIFIED
iy10 Dizin Scripti - Multiple Vulnerabilities
by KnocKout
EIP-2026-107452 EXPLOITDB text
Gökhan Balbal Script 2.0 - Cross-Site Request Forgery
by KnocKout
EIP-2026-103644 EXPLOITDB text VERIFIED
Rar - CmdExtract::UnstoreFile Integer Truncation Memory Corruption
by Google Security Research
EIP-2026-103420 EXPLOITDB text VERIFIED
Avast! - Out-of-Bounds Write Decrypting PEncrypt Packed executables
by Google Security Research
EIP-2026-103419 EXPLOITDB text VERIFIED
Avast! - JetDb::Ised4x Performs Unbounded Search on Input
by Google Security Research
EIP-2026-103418 EXPLOITDB text VERIFIED
Avast! - Heap Overflow Unpacking MoleBox Archives
by Google Security Research
EIP-2026-102008 EXPLOITDB text
Skybox Platform < 7.0.611 - Multiple Vulnerabilities
by SEC Consult
CVE-2015-6131 EXPLOITDB text
Windows Media Center - Remote Code Execution via Crafted .mcl File
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted .mcl file, aka "Media Center Library Parsing RCE Vulnerability."
by Eduardo Braun Prado
CVE-2015-6127 EXPLOITDB text VERIFIED
Windows Media Center - Arbitrary File Read via Crafted .mcl File
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows remote attackers to read arbitrary files via a crafted .mcl file, aka "Windows Media Center Information Disclosure Vulnerability."
by Core Security
CVE-2015-6128 EXPLOITDB text VERIFIED
Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, Windows 7 SP1 - Privilege Escalation via Library Loading
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."
by Google Security Research
EIP-2026-115683 EXPLOITDB html
Microsoft Internet Explorer 11.0.9600.18097 - COmWindowProxy::SwitchMarkup NULL PTR
by Marcin Ressel
EIP-2026-114213 EXPLOITDB text
WordPress Plugin WP Easy Poll 1.1.3 - Cross-Site Scripting / Cross-Site Request Forgery
by Mysticism
CVE-2015-7039 EXPLOITDB text
tvOS < 9.1 - Remote Code Execution via Crafted Package
Buffer overflow in libc in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows remote attackers to execute arbitrary code via a crafted package, a different vulnerability than CVE-2015-7038.
by Maksymilian Arciemowicz
EIP-2026-102120 EXPLOITDB text
WIMAX MT711x - Multiple Vulnerabilities
by alimp5
EIP-2026-102119 EXPLOITDB text
WIMAX LX350P(WIXFMR-108) - Multiple Vulnerabilities
by alimp5
CVE-2025-46001 EXPLOITDB CRITICAL text VERIFIED
simogeo Filemanager 2.3.0 - Arbitrary File Upload via is_allowed_file_type() Function
An arbitrary file upload vulnerability in the is_allowed_file_type() function of Filemanager v2.3.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.
by HaHwul
CVSS 9.8
EIP-2026-119682 EXPLOITDB python
OpenMRS 2.3 (1.11.4) - XML External Entity Processing
by LiquidWorm
EIP-2026-119681 EXPLOITDB text
OpenMRS 2.3 (1.11.4) - Multiple Cross-Site Scripting Vulnerabilities
by LiquidWorm
EIP-2026-119680 EXPLOITDB text
OpenMRS 2.3 (1.11.4) - Local File Disclosure
by LiquidWorm
EIP-2026-119679 EXPLOITDB text
OpenMRS 2.3 (1.11.4) - Expression Language Injection
by LiquidWorm
CVE-2016-3235 EXPLOITDB HIGH ruby VERIFIED
Microsoft Visio <2016 - Privilege Escalation
Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability."
by Metasploit
CVSS 7.8
EIP-2026-117319 EXPLOITDB text
iniNet SpiderControl SCADA Web Server Service 2.02 - Insecure File Permissions
by LiquidWorm
EIP-2026-117318 EXPLOITDB text
iniNet SpiderControl PLC Editor Simatic 6.30.04 - Insecure File Permissions
by LiquidWorm
EIP-2026-113971 EXPLOITDB text
WordPress Plugin Polls Widget 1.0.7 - SQL Injection
by WICS
EIP-2026-110781 EXPLOITDB text VERIFIED
PHP Utility Belt - Remote Code Execution
by WICS
By Source
All 50,076 Writeup 62,633 Exploitdb 50,076 Nomisec 22,505 Github 3,761 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 483 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,641 ruby 6,006 c 3,635 perl 2,849 html 2,076 php 1,335 bash 462 java 371 c++ 261 javascript 231 shell 140 go 75 postscript 25 typescript 25