Exploitdb Exploits
50,076 exploits tracked across all sources.
McAfee Asset Manager 6.6 - Path Traversal
Directory traversal vulnerability in servlet/downloadReport in McAfee Asset Manager 6.6 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the reportFileName parameter.
by Brandon Perry
Array Networks vxAG 9.2.0.34 and vAPV 8.3.2.17 - Multiple Vulnerabilities
by xistence
Gold MP4 Player 3.3 - Universal (SEH) (Metasploit)
by Revin Hadi Saputra
Free Download Manager <3.9.3-3.0 - Buffer Overflow
Stack-based buffer overflow in the CDownloads_Deleted::UpdateDownload function in Downloads_Deleted.cpp in Free Download Manager 3.9.3 build 1360, 3.8 build 1173, 3.0 build 852, and earlier allows user-assisted remote attackers to execute arbitrary code via a long file name, which is then deleted from the download queue by the user.
by Julien Ahrens
OpenSupports 2.x - Authentication Bypass / Cross-Site Request Forgery
by TN CYB3R
Joomla! Component AJAX Shoutbox 1.6 - SQL Injection
by Ibrahim Raafat
Apple iOS < 7.1 and tvOS < 6.1 - Memory Corruption via USB Host
USB Host in Apple iOS before 7.1 and Apple TV before 6.1 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted USB messages.
by Andy Davis
Revive Adserver < 3.0.4 and OpenX < 2.8.11 - Cross-Site Request Forgery via Admin Endpoints
Multiple cross-site request forgery (CSRF) vulnerabilities in OpenX 2.8.11 and earlier allow remote attackers to hijack the authentication of administrators for requests that delete (1) users via admin/agency-user-unlink.php, (2) advertisers via admin/advertiser-delete.php, (3) banners via admin/banner-delete.php, (4) campaigns via admin/campaign-delete.php, (5) channels via admin/channel-delete.php, (6) affiliate websites via admin/affiliate-delete.php, or (7) zones via admin/zone-delete.php.
by Mahmoud Ghorbanzadeh
nginx 1.3.9-1.4.0 - Remote Code Execution via Chunked Transfer-Encoding
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
by sorbo
MicroP 0.1.1.1600 - Buffer Overflow
Stack-based buffer overflow in MicroP 0.1.1.1600 allows remote attackers to execute arbitrary code via a crafted .mppl file. NOTE: it has been reported that the overflow is in the lpFileName parameter of the CreateFileA function, but the overflow is probably caused by a separate, unnamed function.
by Necmettin COSKUN
Synology DSM 4.3-3827 - 'article.php' Blind SQL Injection
by Michael Wisniewski
Ubee EVW3200 - Multiple Persistent Cross-Site Scripting Vulnerabilities
by Jeroen - IT Nerdbox
Oracle VM VirtualBox < 4.3.8 - Authenticated Remote Code Execution via 3D Acceleration Network Pointer
VBox/GuestHost/OpenGL/util/net.c in Oracle VirtualBox before 3.2.22, 4.0.x before 4.0.24, 4.1.x before 4.1.32, 4.2.x before 4.2.24, and 4.3.x before 4.3.8, when using 3D Acceleration allows local guest OS users to execute arbitrary code on the Chromium server via crafted Chromium network pointer in a (1) CR_MESSAGE_READBACK or (2) CR_MESSAGE_WRITEBACK message to the VBoxSharedCrOpenGL service, which triggers an arbitrary pointer dereference and memory corruption. NOTE: this issue was MERGED with CVE-2014-0982 because it is the same type of vulnerability affecting the same set of versions. All CVE users should reference CVE-2014-0981 instead of CVE-2014-0982.
by Core Security
Yokogawa CENTUM CS 3000 < R3.09.50 - Remote Code Execution via Crafted TCP Packet
Stack-based buffer overflow in BKHOdeq.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via a crafted TCP packet.
by Metasploit
Yokogawa CENTUM CS 3000 < R3.09.50 - Remote Code Execution via Crafted TCP Packet
Stack-based buffer overflow in BKBCopyD.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via a crafted TCP packet.
by Metasploit
Huawei eSpace Meeting < V100R001C03SPC201 - Privilege Escalation
In Huawei eSpace Meeting with software V100R001C03SPC201 and the earlier versions, attackers that obtain the permissions assigned to common users can elevate privileges to access and set specific key resources.
by LiquidWorm
CVSS 7.0
vtiger CRM < 6.0.0 - Authenticated Path Traversal via KCFinder File Parameter
Directory traversal vulnerability in kcfinder/browse.php in Vtiger CRM before 6.0.0 Security patch 1 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter in a download action. NOTE: it is likely that this issue is actually in the KCFinder third-party component, and it affects additional products besides Vtiger CRM.
by Portcullis
LuxCal 3.2.2 - Cross-Site Request Forgery / Blind SQL Injection
by TUNISIAN CYBER
By Source