Inthewild Exploits
514 exploits tracked across all sources.
Dahua IPC-HUM7XXX IPC-HX3XXX IPC-HX5XXX SD1A1 SD22 SD49 SD50 SD52C SD6AL TPC-BF1241 Firmware Authentication Bypass
The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
CVSS 9.8
gerapy < 0.9.9 - Authenticated OS Command Injection
Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds.
CVSS 8.8
Windows 10 1809-21H1 and Windows Server 2019-20H2 - Kernel Information Disclosure
Windows Kernel Information Disclosure Vulnerability
CVSS 5.5
Windows 10 1809-21H1 and Windows Server 2019-20H2 - Kernel Information Disclosure
Windows Kernel Information Disclosure Vulnerability
CVSS 5.5
Google Chrome <93.0.4577.82 - Heap Corruption
Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS 8.8
Google Chrome <93.0.4577.82 - Heap Corruption
Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS 8.8
Apache OFBiz <17.12.07 - Deserialization
Apache OFBiz has unsafe deserialization prior to 17.12.07 version
CVSS 9.8
Nacos < 1.4.1 - Unauthenticated Database Manipulation via Derby Endpoint
Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos before version 1.4.1, the ConfigOpsController lets the user perform management operations like querying the database or even wiping it out. While the /data/remove endpoint is properly protected with the @Secured annotation, the /derby endpoint is not protected and can be openly accessed by unauthenticated users. These endpoints are only valid when using embedded storage (derby DB) so this issue should not affect those installations using external storage (e.g. mysql)
CVSS 8.6
Apache OFBiz < 17.12.07 - Unauthenticated Remote Code Execution via Unsafe Deserialization
Apache OFBiz has unsafe deserialization prior to 17.12.07 version An unauthenticated user can perform an RCE attack
CVSS 9.8
Windows Hyper-V - Remote Code Execution
Windows Hyper-V Remote Code Execution Vulnerability
CVSS 9.9
MariaDB <10.2.37, 10.3.28, 10.4.18, 10.5.9 - RCE
A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in which a database SUPER user can execute OS commands after modifying wsrep_provider and wsrep_notify_cmd. NOTE: this does not affect an Oracle product.
CVSS 7.2
Microsoft Windows Remote Access API - Elevation of Privilege
Remote Access API Elevation of Privilege Vulnerability
CVSS 7.8
AfterLogic Aurora and WebMail Pro < 7.7.9 - Unauthenticated Path Traversal via CalDAV Server Endpoint
An issue was discovered in AfterLogic Aurora through 7.7.9 and WebMail Pro through 7.7.9. They allow directory traversal to read files (such as a data/settings/settings.xml file containing admin panel credentials), as demonstrated by dav/server.php/files/personal/%2e%2e when using the caldav_public_user account (with caldav_public_user as its password).
CVSS 7.5
Smarty < 3.1.39 - Sandbox Escape via $smarty.template_object Access
Smarty before 3.1.39 allows a Sandbox Escape because $smarty.template_object can be accessed in sandbox mode.
CVSS 7.5
SaltStack Salt < 3002.5 - Unauthenticated Remote Command Execution via wheel_async Client
An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheel_async client. Thus, an attacker can remotely run any wheel modules on the master.
CVSS 9.8
Windows 10 and Windows Server 2016/2019 - Information Disclosure via Improper Link Resolution
Windows Mobile Device Management Information Disclosure Vulnerability
CVSS 5.5
Pulse Connect Secure >=9.0R3/9.1R1 - Auth Bypass
Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code execution on the Pulse Connect Secure gateway. This vulnerability has been exploited in the wild.
CVSS 10.0
GitLab 10.5-13.10.4 - Unauthenticated Server-Side Request Forgery via Webhook Internal Network Requests
When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab CE/EE affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is limited
CVSS 6.8
Dell NetWorker 18.1.0.1-19.4.0.3 - Path Traversal
Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain access to unauthorized information.
CVSS 6.8
Jellyfin < 10.7.1 - Unauthenticated Arbitrary File Read via Path Traversal
Jellyfin is a Free Software Media System. In Jellyfin before version 10.7.1, with certain endpoints, well crafted requests will allow arbitrary file read from a Jellyfin server's file system. This issue is more prevalent when Windows is used as the host OS. Servers that are exposed to the public Internet are potentially at risk. This is fixed in version 10.7.1. As a workaround, users may be able to restrict some access by enforcing strict security permissions on their filesystem, however, it is recommended to update as soon as possible.
CVSS 7.7
Google Chrome < 90.0.4430.85 - Remote Code Execution via V8 Type Confusion
Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVSS 8.8
Google Chrome <89.0.4389.128 - Heap Corruption
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS 8.8
SonicWall SMA 100 Series Firmware <= 10.2.1.2-24sv - Unauthenticated Stack-based Buffer Overflow
A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions.
CVSS 9.8
SonicWall SRA and SMA Firmware 8.x-9.0.0.9-26sv - SQL Injection
Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products, specifically the SRA appliances running all 8.x firmware and 9.0.0.9-26sv or earlier
CVSS 9.8
Qualcomm Firmware - Buffer Overflow via MBSSID Scan IE Parse
Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CVSS 9.8
By Source