Inthewild Exploits
518 exploits tracked across all sources.
Windows GDI - Privilege Escalation
Windows GDI Elevation of Privilege Vulnerability
CVSS 7.8
Windows GDI - Privilege Escalation
Windows GDI Elevation of Privilege Vulnerability
CVSS 7.8
Apache Commons Configuration <2.8 - RCE
Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.configuration2.interpol.Lookup that performs the interpolation. Starting with version 2.4 and continuing through 2.7, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Configuration 2.8.0, which disables the problematic interpolators by default.
CVSS 9.8
HIWIN Robot System Software <3.3.21.9869 - DoS
HIWIN Robot System Software version 3.3.21.9869 does not properly address the terminated command source. As a result, an attacker could craft code to disconnect HRSS and the controller and cause a denial-of-service condition.
CVSS 7.5
Draytek Vigor3910 Firmware < 4.3.1.1 - Buffer Overflow
An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field.
CVSS 10.0
Apache Shiro < 1.9.1 - Incorrect Authorization
Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured to be bypassed on some servlet containers. Applications using RegExPatternMatcher with `.` in the regular expression are possibly vulnerable to an authorization bypass.
CVSS 9.8
Sophos Firewall <19.0 MR1 - Code Injection
A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.
CVSS 9.8
Sophos Firewall <19.0 MR1 - Code Injection
A code injection vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v19.0 MR1 and older.
CVSS 9.8
GLPI - SQL Injection
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions there is a SQL injection vulnerability which is possible on login page. No user credentials are required to exploit this vulnerability. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.
CVSS 9.8
Mini-Tmall v1.0 - Privilege Escalation
Mini-Tmall v1.0 is vulnerable to Insecure Permissions via tomcat-embed-jasper.
CVSS 8.8
Microsoft Windows Server 2012 - Remote Code Execution
Windows Network File System Remote Code Execution Vulnerability
CVSS 9.8
Microsoft Windows Server 2012 - Remote Code Execution
Windows Network File System Remote Code Execution Vulnerability
CVSS 9.8
Apache Tomcat < 8.5.78 - Denial of Service
The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to run over an untrusted network. This was not correct. While the EncryptInterceptor does provide confidentiality and integrity protection, it does not protect against all risks associated with running over any untrusted network, particularly DoS risks.
CVSS 7.5
Linux Kernel < 4.14.278 - Privilege Escalation
Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.
CVSS 7.8
Django <4.0.4 - SQL Injection
An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.
CVSS 9.8
Mozilla Firefox < 99.0 - Use After Free
By using a link with <code>rel="localization"</code> a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.
CVSS 6.5
Mozilla Firefox < 99.0 - Use After Free
By using a link with <code>rel="localization"</code> a use-after-free could have been triggered by destroying an object during JavaScript execution and then referencing the object through a freed pointer, leading to a potential exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8.
CVSS 6.5
Adobe Acrobat DC < 22.001.20085 - Out-of-Bounds Read
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS 5.5
SoroushPlus+ Messenger <1.0.30 - Auth Bypass
An Access Control vulnerability exists in SoroushPlus+ Messenger 1.0.30 in the Lock Screen Security Feature function due to insufficient permissions and privileges, which allows a malicious attacker bypass the lock screen function.
CVSS 9.1
wger-project/wger <2.2 - Info Disclosure
Improper Restriction of Excessive Authentication Attempts in GitHub repository wger-project/wger prior to 2.2.
CVSS 9.8
wger-project/wger <2.2 - Info Disclosure
Improper Restriction of Excessive Authentication Attempts in GitHub repository wger-project/wger prior to 2.2.
CVSS 9.8
Openvswitch kernel module - Memory Corruption
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVSS 7.8
WatchGuard XTM Firebox Unauthenticated Remote Command Execution
On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.
CVSS 9.8
Atlassian Bitbucket Data Center <7.17.6 - Code Injection
SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated attacker to execute arbitrary code via Java deserialization.
CVSS 9.8
Wps Office < 11.2.0.10382 - Remote Code Execution
wpsupdater.exe in Kingsoft WPS Office through 11.2.0.10382 allows remote code execution by modifying HKEY_CURRENT_USER in the registry.
CVSS 9.8
By Source