Exploitdb Exploits
50,076 exploits tracked across all sources.
Resin Application Server 4.0.36 - Source Code Disclosure
by LiquidWorm
MobileIron Virtual Smartphone Platform - Privilege Escalation
by prdelka
FreeBSD - Information Exposure via Ethernet NIC Frame Padding
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
by prdelka
WordPress Theme Ambience - 'src' Cross-Site Scripting
by Darksnipper
Novell ZENworks Mobile Management <2.7.0 - Path Traversal
Directory traversal vulnerability in MDM.php in Novell ZENworks Mobile Management (ZMM) 2.6.1 and 2.7.0 allows remote attackers to include and execute arbitrary local files via the language parameter.
by Metasploit
Microsoft Internet Explorer 8 - Use After Free
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."
by Scott Bell
TallSoft Quick TFTP Server Pro 2.1 - Buffer Overflow
Stack-based buffer overflow in TallSoft Quick TFTP Server Pro 2.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long mode field in a read or write request.
by npn
Ruubikcms 1.1.1 - Persistent Cross-Site Scripting
by expl0i13r
PHP Ticket System Beta 1 - Cross-Site Request Forgery
by Pablo Ribeiro
Caucho Resin - 'index.php?logout' Cross-Site Scripting
by Gjoko Krstic
Caucho Resin - '/resin-admin/' URI Cross-Site Scripting
by Gjoko Krstic
AfterLogic WebMail Lite PHP 7.0.1 - Cross-Site Request Forgery
by Pablo Ribeiro
Linux kernel <3.9.4 - Privilege Escalation
Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in the Linux kernel through 3.9.4 allows local users to gain privileges by leveraging root access and including format string specifiers in an fwpostfix modprobe parameter, leading to improper construction of an error message.
by Kees Cook
ASUS RT-AC68U and T-Mobile TM-AC1900 - Authenticated OS Command Injection via Network Analysis Target Field
The Network Analysis tab (Main_Analysis_Content.asp) in the ASUS RT-AC68U and other RT series routers with firmware before 3.0.0.4.374.5047 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the Target field (destIP parameter).
by drone
NETGEAR DGN1000 < 1.1.00.48 - Unauthenticated OS Command Injection via setup.cgi
NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can execute arbitrary operating system commands as root by sending crafted HTTP requests to the setup.cgi endpoint. This vulnerability has been observed to be exploited in the wild since at least 2017 and specifically by the Shadowserver Foundation on 2025-02-06 UTC.
by Roberto Paleari
CVSS 9.8
Oracle Fusion Middleware 10.1.3.5.1 and 11.1.1.6.0 - Authenticated Denial of Service in Content Server
Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1 and 11.1.1.6.0 allows remote authenticated users to affect availability via unknown vectors related to Content Server.
by Metasploit
Ruubikcms 1.1.1 - 'tinybrowser.php?folder' Directory Traversal
by expl0i13r
Cuppa CMS - '/alertConfigField.php' Local/Remote File Inclusion
by CWH Underground
Parallels Plesk Panel <9.0.x, 9.2.x - RCE
The default configuration of Parallels Plesk Panel 9.0.x and 9.2.x on UNIX, and Small Business Panel 10.x on UNIX, has an improper ScriptAlias directive for phppath, which makes it easier for remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2012-1823.
by kingcope
Mac OS X <= 10.6.8 - Remote Code Execution in Directory Service
Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted message.
by Core Security
Apache Struts 2.0.0-2.3.14.2 - Remote Code Execution via OGNL Expression in Action Name
Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vulnerability than CVE-2013-2135.
by Jon Passki
Apache Struts 2.0.0-2.3.14.1 - Remote Code Execution via OGNL Injection in URL/A Tag
Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. NOTE: this issue is due to an incomplete fix for CVE-2013-1966.
by Metasploit
CVSS 8.1
miniupnpd 1.0 - Remote Code Execution via Long Quoted Method in SOAPAction Handler
Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method.
by Metasploit
By Source