Exploitdb Exploits
50,121 exploits tracked across all sources.
Totolink N300rb Firmware - Missing Authentication
A hidden remote support feature protected by a static secret in TOTOLINK N300RB firmware version 8.54 allows an authenticated attacker to execute arbitrary OS commands with root privileges.
by Skander BELABED - Magellan Sécurité
CVSS 8.8
Microsoft 365 Apps - Use After Free
Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.
by Mohammed Idrees Banyamer
CVSS 7.8
Microsoft Office - Improper Input Validation
Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally.
by nu11secur1ty
CVSS 6.7
Stacksmarket Stacks Mobile App Builder - Missing Authentication
Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile App Builder stacks-mobile-app-builder allows Authentication Bypass.This issue affects Stacks Mobile App Builder: from n/a through <= 5.2.3.
by stealthcopter
CVSS 9.8
Discourse - XSS
Discourse is an open source platform for community discussion. An attacker can make several XHR requests until the cache is poisoned with a response without any preloaded data. This issue only affects anonymous visitors of the site. This problem has been patched in the latest version of Discourse. Users are advised to upgrade. Users unable to upgrade should disable anonymous cache by setting the `DISCOURSE_DISABLE_ANON_CACHE` environment variable to a non-empty value.
by İbrahimsql
CVSS 8.2
Netmake ScriptCase <9.12.006 - Command Injection
In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), shell injection in the SSH connection settings allows authenticated attackers to execute system commands via crafted HTTP requests.
by Alexandre ZANNI
CVSS 6.7
Microsoft Defender For Endpoint - Improper Access Control
Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.
by Rich Mirch
CVSS 7.8
Sudo <1.9.17p1 - Privilege Escalation
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
by Stratascale
CVSS 9.3
Sudo < 1.9.17 - Incorrect Authorization
Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.
by Rich Mirch
CVSS 2.8
Microsoft Sharepoint Enterprise Server - Insecure Deserialization
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
by nu11secur1ty
CVSS 8.8
Moodle Remote Code Execution (CVE-2024-43425)
A flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk in calculated question types. Note: This requires the capability to add/update questions.
by Likhith Appalaneni
CVSS 8.1
Wing FTP Server NULL-byte Authentication Bypass (CVE-2025-47812)
In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service (root or SYSTEM by default). This is thus a remote code execution vulnerability that guarantees a total server compromise. This is also exploitable via anonymous FTP accounts.
by 4m3rr0r
CVSS 10.0
Gogs < 0.13.0 - Remote Code Execution
The built-in SSH server of Gogs through 0.13.0 allows argument injection in internal/ssh/ssh.go, leading to remote code execution. Authenticated attackers can exploit this by opening an SSH connection and sending a malicious --split-string env request if the built-in SSH server is activated. Windows installations are unaffected.
by cybersploit
CVSS 9.9
Microsoft 365 Apps < 16.0.10417.20018 - Use After Free
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
by nu11secur1ty
CVSS 7.8
freeSSHd 1.0.9 - DoS
A vulnerability was found in freeSSHd 1.0.9 on Windows. It has been classified as problematic. This affects an unknown part. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251547.
by Fernando Mengali
CVSS 5.3
Social Warfare <3.5.3 - Stored XSS
The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro.
by Huseyin Mardinli
CVSS 6.1
Sitecore Experience Manager (XM)/Experience Platform (XP) 10.4 - Insecure Deserialization
Sitecore Experience Manager (XM) and Experience Platform (XP) 10.4 before KB1002844 allow remote code execution through insecure deserialization.
by Yesith Alvarez
CVSS 5.3
Pterodactyl Panel < 1.11.11 - Code Injection
Pterodactyl is a free, open-source game server management panel. Prior to version 1.11.11, using the /locales/locale.json with the locale and namespace query parameters, a malicious actor is able to execute arbitrary code without being authenticated. With the ability to execute arbitrary code it could be used to gain access to the Panel's server, read credentials from the Panel's config, extract sensitive information from the database, access files of servers managed by the panel, etc. This issue has been patched in version 1.11.11. There are no software workarounds for this vulnerability, but use of an external Web Application Firewall (WAF) could help mitigate this attack.
by Zen-kun04
CVSS 10.0
PX4-Autopilot 1.12.3 - Buffer Overflow
A vulnerability was found in PX4-Autopilot 1.12.3. It has been classified as problematic. This affects the function MavlinkReceiver::handle_message_trajectory_representation_waypoints of the file mavlink_receiver.cpp of the component TRAJECTORY_REPRESENTATION_WAYPOINTS Message Handler. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
by Mohammed Idrees Banyamer
CVSS 3.3
MA <5.7.6 - Info Disclosure
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files.
by Keenan Scott
CVSS 6.1
OneTrust SDK <6.33.0 - DoS
An issue in OneTrust SDK v.6.33.0 allows a local attacker to cause a denial of service via the Object.setPrototypeOf, __proto__, and Object.assign components. NOTE: this is disputed by the Supplier who does not agree it is a prototype pollution vulnerability.
by Alameen Karim Merali
CVSS 5.7
Microsoft 365 Apps - Use After Free
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
by nu11secur1ty
CVSS 8.4
Kubernetes - RCE
A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
by Likhith Appalaneni
CVSS 9.8
Fortinet Fortisase < 7.2.11 - Insufficient Session Expiration
An Insufficient Session Expiration vulnerability [CWE-613] in FortiOS SSL-VPN version 7.6.0, version 7.4.6 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions may allow an attacker in possession of a cookie used to log in the SSL-VPN portal to log in again, although the session has expired or was logged out.
by Shahid Hakim
CVSS 4.8
AirKeyboard iOS App 1.0.5 - RCE
AirKeyboard iOS App 1.0.5 contains a missing authentication vulnerability that allows unauthenticated attackers to type arbitrary keystrokes directly into the victim's iOS device in real-time without user interaction, resulting in full remote input control.
by Chokri Hammedi
By Source