Exploitdb Exploits
50,076 exploits tracked across all sources.
KiTTY < 0.76.1.13 - Stack-Based Buffer Overflow via Username Input
KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the username, occurs due to insufficient bounds checking and input sanitization (at line 2600). This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution.
by DEFCESCO
CVSS 7.8
9bis/kitty < 0.76.1.13 - Stack-Based Buffer Overflow via Hostname
KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the hostname, occurs due to insufficient bounds checking and input sanitization. This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution.
by DEFCESCO
CVSS 7.8
JetBrains TeamCity < 2023.05.4 - Unauthenticated Remote Code Execution
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible
by ByteHunter
CVSS 9.8
GitLab Password Reset Account Takeover
An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.
by 0xB455
CVSS 10.0
Viessmann Vitogate 300 <2.1.3.0 - Direct Request
A vulnerability was found in Viessmann Vitogate 300 up to 2.1.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /cgi-bin/. The manipulation leads to direct request. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-243140. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
by ByteHunter
CVSS 4.3
SolarView Compact Firmware <= 6.00 - Remote Command Execution via downloader.php
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.
by ByteHunter
CVSS 9.8
Ruijie Switch PSG-5124 26293 - Remote Code Execution (RCE)
by ByteHunter
Honeywell PM43 Firmware < P10.19.050004 - Command Injection via Printer Web Page Modules
Improper Input Validation vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Command Injection.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. P10.19.050006).
by ByteHunter
CVSS 9.9
Eclipse Equinox OSGi 3.7.2 Remote Code Execution via Console
Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending payloads to the console interface. Attackers can connect to the OSGi console port and send base64-encoded bash commands wrapped in fork directives to achieve code execution and establish reverse shell connections.
by Andrzej Olchawa_ Milenko Starcik
CVSS 9.8
Eclipse Equinox OSGi 3.8-3.18 Console Remote Code Execution
Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code execution vulnerability in the console interface that allows unauthenticated attackers to execute arbitrary code by exploiting the fork command functionality. Attackers can establish a telnet connection to the OSGi console, perform a telnet handshake, and send fork commands to download and execute malicious Java code, establishing a reverse shell connection.
by Andrzej Olchawa_ Milenko Starcik
CVSS 9.8
Human Resource Management System 1.0 - 'employeeid' SQL Injection
by Srikar
VMware Cloud Director 10.5 - Bypass identity verification
by Abdualhadi khalifa
Cisco Firepower Management Center < 6.6.7.1 - Authenticated RCE
by Abdualhadi khalifa
Microsoft Windows Defender / Trojan.Win32/Powessere.G - Detection Mitigation Bypass
by hyp3rlinx
WordPress Plugin Duplicator < 1.5.7.1 - Unauthenticated Sensitive Data Exposure to Account Takeover
by Dmitrii Ignatyev
Adobe ColdFusion versions 2018_15 (and earlier) and 2021_5 and earlier - Arbitrary File Read
by Youssef Muhammad
Hitachi NAS (HNAS) System Management Unit (SMU) Backup & Restore < 14.8.7825.01 - IDOR
by Arslan Masood
Hide My WP < 6.2.9 - Unauthenticated SQL Injection via AJAX Action
The Hide My WP WordPress plugin before 6.2.9 does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.
by Xenofon Vassilakopoulos
CVSS 9.8
F-logic DataCube3 v1.0 - Authenticated Unrestricted File Upload via Filename Extension Manipulation
F-logic DataCube3 v1.0 is vulnerable to unrestricted file upload, which could allow an authenticated malicious actor to upload a file of dangerous type by manipulating the filename extension.
by Samy Younsi - NS Labs
CVSS 8.8
Akaunting <3.1.3 - Command Injection
An OS command injection vulnerability exists in Akaunting v3.1.3 and earlier. An attacker can manipulate the company locale when installing an app to execute system commands on the hosting server.
by u32i
CVSS 9.8
Numbas editor <7.3 - Info Disclosure
Numbas editor before 7.3 mishandles editing of themes and extensions.
by Matheus Alexandre
CVSS 6.2
By Source