Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2014-9643 EXPLOITDB c
K7 Computing Ultimate Security - Memory Corruption
K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8 IOCTL call.
by Parvez Anwar
CVE-2014-9642 EXPLOITDB c
BullGuard Antivirus <15.0.288 - Privilege Escalation
bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call.
by Parvez Anwar
CVE-2014-9632 EXPLOITDB c
AVG Internet Security <2013.3495-2015.5315 - Privilege Escalation
The TDI driver (avgtdix.sys) in AVG Internet Security before 2013.3495 Hot Fix 18 and 2015.x before 2015.5315 and Protection before 2015.5315 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x830020f8 IOCTL call.
by Parvez Anwar
CVE-2015-1471 EXPLOITDB text
Pragyan CMS 3.0 - SQL Injection via User Parameter
SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to the default URI.
by Steffen Rösemann
CVE-2014-7883 EXPLOITDB text VERIFIED
HP Universal CMDB Probe 9.05, 10.01, 10.11 - Exposure of Sensitive Information via HTTP TRACE Method
HP Universal CMDB (UCMDB) Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response.
by Hans-Martin Muench
CVE-2015-0016 EXPLOITDB HIGH ruby VERIFIED
Windows TS WebProxy - Directory Traversal Elevation of Privilege via Crafted Executable Pathname
Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted pathname in an executable file, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Directory Traversal Elevation of Privilege Vulnerability."
by Metasploit
CVSS 7.8
CVE-2014-9331 EXPLOITDB html
ZOHO ManageEngine Desktop Central <9 - CSRF
Cross-site request forgery (CSRF) vulnerability in ZOHO ManageEngine Desktop Central before 9 build 90130 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via an addUser action to STATE_ID/1417736606982/roleMgmt.do.
by Mohamed Idris
CVE-2015-1428 EXPLOITDB text
Sefrengo < 1.6.1 - SQL Injection via sefrengo Cookie or value_id Parameter
Multiple SQL injection vulnerabilities in Sefrengo before 1.6.2 allow (1) remote attackers to execute arbitrary SQL commands via the sefrengo cookie in a login to backend/main.php or (2) remote authenticated users to execute arbitrary SQL commands via the value_id parameter in a save_value action to backend/main.php.
by ITAS Team
CVE-2014-7286 EXPLOITDB c
Symantec Deployment Solution <6.9 - Buffer Overflow
Buffer overflow in AClient in Symantec Deployment Solution 6.9 and earlier on Windows XP and Server 2003 allows local users to gain privileges via unspecified vectors.
by Parvez Anwar
CVE-2014-9641 EXPLOITDB c
Trend Micro Antivirus <2.0.0.1015 - Privilege Escalation
The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call.
by Parvez Anwar
CVE-2025-34128 EXPLOITDB HIGH html
X360 VideoPlayer <2.6 - Buffer Overflow
A buffer overflow vulnerability exists in the X360 VideoPlayer ActiveX control (VideoPlayer.ocx) version 2.6 when handling overly long arguments to the ConvertFile() method. An attacker can exploit this vulnerability by supplying crafted input to cause memory corruption and execute arbitrary code within the context of the current process.
by Rh0
CVE-2014-7288 EXPLOITDB text VERIFIED
Symantec PGP Universal Server & Encryption Management Server <3.3.2...
Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action.
by Paul Craig
CVE-2015-1305 EXPLOITDB c
McAfee Data Loss Prevention Endpoint - Privilege Escalation
McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted (1) 0x00224014 or (2) 0x0022c018 IOCTL call.
by Parvez Anwar
CVE-2014-2623 EXPLOITDB python VERIFIED
HP Storage Data Protector 8.x - Remote Code Execution
Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown vectors.
by Juttikhun Khamchaiyaphum
CVE-2014-4076 EXPLOITDB python
Microsoft Windows Server 2003 SP2 - Privilege Escalation
Microsoft Windows Server 2003 SP2 allows local users to gain privileges via a crafted IOCTL call to (1) tcpip.sys or (2) tcpip6.sys, aka "TCP/IP Elevation of Privilege Vulnerability."
by KoreLogic
EIP-2026-116458 EXPLOITDB python
UniPDF 1.1 - Crash (PoC) (SEH)
by bonze
CVE-2014-8826 EXPLOITDB text
Apple OS X <10.10.2 - Info Disclosure
LaunchServices in Apple OS X before 10.10.2 does not properly handle file-type metadata, which allows attackers to bypass the Gatekeeper protection mechanism via a crafted JAR archive.
by Amplia Security Research
CVE-2015-0235 EXPLOITDB python
Exim GHOST (glibc gethostbyname) Buffer Overflow
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
by 1n3
CVE-2012-4891 EXPLOITDB text
ManageEngine Firewall Analyzer 7.2 - XSS
Cross-site scripting (XSS) vulnerability in fw/index2.do in ManageEngine Firewall Analyzer 7.2 allows remote attackers to inject arbitrary web script or HTML via the url parameter, a different vector than CVE-2012-4889. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by Ertebat Gostar Co
CVE-2014-8612 EXPLOITDB text VERIFIED
FreeBSD - Local Privilege Escalation and Arbitrary Kernel Memory Read via SCTP Stream ID
Multiple array index errors in the Stream Control Transmission Protocol (SCTP) module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to (1) gain privileges via the stream id to the setsockopt function, when setting the SCTIP_SS_VALUE option, or (2) read arbitrary kernel memory via the stream id to the getsockopt function, when getting the SCTP_SS_PRIORITY option.
by Core Security
EIP-2026-118368 EXPLOITDB python
ClearSCADA - Remote Authentication Bypass
by Jeremy Brown
EIP-2026-101243 EXPLOITDB bash
D-Link DSL-2740R - Remote DNS Change
by Todor Donev
CVE-2015-1477 EXPLOITDB text
CMSJunkie J-ClassifiedsManager - SQL Injection
SQL injection vulnerability in the CMSJunkie J-ClassifiedsManager component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewad task to classifieds/offerring-ads.
by Sarath Nair
CVE-2014-9598 EXPLOITDB text
VideoLAN VLC media player <2.1.5 - RCE
The picture_Release function in misc/picture.c in VideoLAN VLC media player 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service (write access violation) via a crafted M2V file.
by Veysel HATAS
CVE-2014-9597 EXPLOITDB text
VideoLAN VLC media player <2.1.5 - RCE
The picture_pool_Delete function in misc/picture_pool.c in VideoLAN VLC media player 2.1.5 allows remote attackers to execute arbitrary code or cause a denial of service (DEP violation and application crash) via a crafted FLV file.
by Veysel HATAS