Exploitdb Exploits
50,091 exploits tracked across all sources.
TVMOBiLi <2.1.0.3974 - Buffer Overflow
Multiple stack-based buffer overflows in HttpUtils.dll in TVMOBiLi before 2.1.0.3974 allow remote attackers to cause a denial of service (tvMobiliService service crash) via a long string in a (1) GET or (2) HEAD request to TCP port 30888.
by High-Tech Bridge SA
SumatraPDF 2.1.1/MuPDF 1.0 - Memory Corruption
SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.
by beford
CVSS 7.8
ClipBucket < 2.6 - SQL Injection via Multiple Parameters
Multiple SQL injection vulnerabilities in ClipBucket 2.6 Revision 738 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) uid parameter in an add_friend action to ajax.php; id parameter in a (2) share_object, (3) add_to_fav, (4) rating, or (5) flag_object action to ajax.php; cid parameter in an (6) add_new_item, (7) remove_collection_item, (8) get_item, or (9) load_more_items action to ajax.php; (10) ci_id parameter in a get_item action to ajax.php; user parameter to (11) user_contacts.php or (12) view_channel.php; (13) pid parameter to view_page.php; (14) tid parameter to view_topic.php; or (15) v parameter to watch_video.php.
by High-Tech Bridge SA
Achievo 1.4.5 - Authenticated SQL Injection via Activity ID Parameter
SQL injection vulnerability in dispatch.php in Achievo 1.4.5 allows remote authenticated users to execute arbitrary SQL commands via the activityid parameter in a stats action.
by High-Tech Bridge SA
Splunk 5.0 - Custom App Remote Code Execution (Metasploit)
by Metasploit
Centrify Deployment Manager 2.1.0.283 - Local Privilege Escalation
by Larry W. Cashdollar
Linux Kernel < 3.3 - Buffer Overflow in VFAT Filesystem UTF-8 to UTF-16 Conversion
Buffer overflow in the VFAT filesystem implementation in the Linux kernel before 3.3 allows local users to gain privileges or cause a denial of service (system crash) via a VFAT write operation on a filesystem with the utf8 mount option, which is not properly handled during UTF-8 to UTF-16 conversion.
by G13
IBM Director < 5.20.3 - Remote Code Execution via CIM Server Path Traversal
Directory traversal vulnerability in the CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to load and execute arbitrary local DLL code via a .. (dot dot) in a /CIMListener/ URI in an M-POST request.
by Metasploit
VLC media player < 2.0.4 - Remote Code Execution via Freetype Renderer and HTML Subtitle Parser
Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to the (1) freetype renderer and (2) HTML subtitle parser.
by coolkaveh
Simple Gmail Login < 1.1.4 - Unauthenticated Sensitive Information Exposure via Missing Timezone Parameter
simple-gmail-login.php in the Simple Gmail Login plugin before 1.1.4 for WordPress allows remote attackers to obtain sensitive information via a request that lacks a timezone, leading to disclosure of the installation path in a stack trace.
by Aditya Balapure
m0n0wall 1.33 - Multiple Cross-Site Request Forgery Vulnerabilities
by Yann CAM
MySQL <5.5.19 & MariaDB <5.5.28a - Privilege Escalation
MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.
by Metasploit
Nvidia Install Application 2.1002.85.551 - 'NVI2.dll' Unicode Buffer Overflow (PoC)
by LiquidWorm
Adobe IndesignServer 5.5 - SOAP Server Arbitrary Script Execution (Metasploit)
by Metasploit
Oracle MySQL 5.5.0-5.5.28 & MariaDB 5.2.0-5.2.13 - Brute Force via Insufficient Salt Rotation
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.
by kingcope
Ektron Content Management System < 8.02 - Remote Code Execution via XSLT Script Execution
Ektron Content Management System (CMS) before 8.02 SP5 uses the XslCompiledTransform class with enablescript set to true, which allows remote attackers to execute arbitrary code with NETWORK SERVICE privileges via crafted XSL data.
by Metasploit
CVSS 9.8
SSH Tectia Server 6.0.4-6.3.2 - Authentication Bypass via Blank Password
The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 through 6.0.20, 6.1.0 through 6.1.12, 6.2.0 through 6.2.5, and 6.3.0 through 6.3.2 on UNIX and Linux, when old-style password authentication is enabled, allows remote attackers to bypass authentication via a crafted session involving entry of blank passwords, as demonstrated by a root login session from a modified OpenSSH client with an added input_userauth_passwd_changereq call in sshconnect2.c.
by Metasploit
Indusoft Web Studio & Advantech Studio <=7.0 - Unauthenticated Path Traversal via NTWebServer.exe
Absolute path traversal vulnerability in NTWebServer.exe in Indusoft Studio 7.0 and earlier and Advantech Studio 7.0 and earlier allows remote attackers to read arbitrary files via a full pathname in an argument to the sub_401A90 CreateFileW function.
by Nin3
WordPress Theme Nest - 'codigo' SQL Injection
by Ashiyane Digital Security Team
By Source