Writeup Exploits

60,754 exploits tracked across all sources.

Sort: Activity Stars
CVE-2023-0664 WRITEUP HIGH
QEMU Guest Agent - Privilege Escalation
A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system.
CVSS 7.8
CVE-2023-0756 WRITEUP MEDIUM
GitLab <15.9.6, <15.10.5, <15.11.1 - RCE
An issue has been discovered in GitLab affecting all versions before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. The main branch of a repository with a specially crafted name allows an attacker to create repositories with malicious code, victims who clone or download these repositories will execute arbitrary code on their systems.
CVSS 4.8
CVE-2023-0795 WRITEUP MEDIUM
libtiff < 4.4.0 - Out-of-bounds Read in tiffcrop
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
CVSS 6.8
CVE-2023-0795 WRITEUP MEDIUM
libtiff < 4.4.0 - Out-of-bounds Read in tiffcrop
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
CVSS 6.8
CVE-2023-0796 WRITEUP MEDIUM
libtiff < 4.4.0 - Out-of-bounds Read in tiffcrop
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
CVSS 6.8
CVE-2023-0796 WRITEUP MEDIUM
libtiff < 4.4.0 - Out-of-bounds Read in tiffcrop
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
CVSS 6.8
CVE-2023-0797 WRITEUP MEDIUM
libtiff < 4.4.0 - Out-of-bounds Read in tiffcrop via Crafted TIFF File
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
CVSS 6.8
CVE-2023-0797 WRITEUP MEDIUM
libtiff < 4.4.0 - Out-of-bounds Read in tiffcrop via Crafted TIFF File
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
CVSS 6.8
CVE-2023-0798 WRITEUP MEDIUM
libtiff < 4.4.0 - Out-of-bounds Read in tiffcrop
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
CVSS 6.8
CVE-2023-0798 WRITEUP MEDIUM
libtiff < 4.4.0 - Out-of-bounds Read in tiffcrop
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
CVSS 6.8
CVE-2023-0799 WRITEUP MEDIUM
libtiff < 4.4.0 - Use-After-Free in tiffcrop
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
CVSS 6.8
CVE-2023-0799 WRITEUP MEDIUM
libtiff < 4.4.0 - Use-After-Free in tiffcrop
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
CVSS 6.8
CVE-2023-0800 WRITEUP MEDIUM
libtiff < 4.4.0 - Out-of-bounds Write in tiffcrop
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVSS 6.8
CVE-2023-0800 WRITEUP MEDIUM
libtiff < 4.4.0 - Out-of-bounds Write in tiffcrop
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVSS 6.8
CVE-2023-0801 WRITEUP MEDIUM
libtiff < 4.4.0 - Out-of-bounds Write in tiffcrop
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVSS 6.8
CVE-2023-0801 WRITEUP MEDIUM
libtiff < 4.4.0 - Out-of-bounds Write in tiffcrop
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVSS 6.8
CVE-2023-0802 WRITEUP MEDIUM
libtiff < 4.4.0 - Out-of-bounds Write in tiffcrop
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVSS 6.8
CVE-2023-0802 WRITEUP MEDIUM
libtiff < 4.4.0 - Out-of-bounds Write in tiffcrop
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVSS 6.8
CVE-2023-0803 WRITEUP MEDIUM
libtiff < 4.4.0 - Out-of-bounds Write in tiffcrop
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVSS 6.8
CVE-2023-0803 WRITEUP MEDIUM
libtiff < 4.4.0 - Out-of-bounds Write in tiffcrop
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVSS 6.8
CVE-2023-0804 WRITEUP MEDIUM
LibTIFF < 4.4.0 - Out-of-bounds Write in tiffcrop
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVSS 6.8
CVE-2023-0804 WRITEUP MEDIUM
LibTIFF < 4.4.0 - Out-of-bounds Write in tiffcrop
LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.
CVSS 6.8
CVE-2023-0805 WRITEUP MEDIUM
GitLab 15.2-15.9.5, 15.10-15.10.4, 15.11 - Missing Authorization for Banned Group Members
An issue has been discovered in GitLab EE affecting all versions starting from 15.2 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. A malicious group member may continue to have access to the public projects of a public group even after being banned from the public group by the owner.
CVSS 4.9
CVE-2023-1001 WRITEUP LOW
vxe-table < 3.7.10 - Cross-Site Scripting via inputValue Argument in vxe-textarea
A vulnerability, which was classified as problematic, has been found in xuliangzhan vxe-table up to 3.7.9. This issue affects the function export of the file packages/textarea/src/textarea.js of the component vxe-textarea. The manipulation of the argument inputValue leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 3.7.10 is able to address this issue. The patch is named d70b0e089740b65a22c89c106ebc4627ac48a22d. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-266123.
CVSS 3.5
CVE-2023-1161 WRITEUP MEDIUM
Wireshark 3.6.0-3.6.11 and 4.0.0-4.0.3 - Denial of Service via ISO 15765 and ISO 10681 Dissector
ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file
CVSS 6.3
By Source
All 60,754 Writeup 60,754 Exploitdb 50,023 Nomisec 22,022 Metasploit 3,243 Github 3,046 Vulncheck_xdb 909 Inthewild 514 Gitlab 461 Gitee 415 Patchapalooza 312
By Language
text 31,351 python 6,261 ruby 5,933 c 3,601 perl 2,849 html 2,057 php 1,327 bash 460 java 364 c++ 253 javascript 221 shell 107 go 65 postscript 25 xml 24