Exploit-Database.net

Exploits (Total: 98122)


Kamailio 5.1.1 / 5.1.0 / 5.0.0 - Off-by-One Heap Overflow Exploit				2018-03-29
Vehicle Sales Management System - Multiple Vulnerabilities				2018-03-29
Intelbras Telefone IP TIP200 LITE - Local File Disclosure Vulnerability				2018-03-29
Huawei Mate 7 - (/dev/hifi_misc) Privilege Escalation Exploit				2018-03-29
Linux Kernel - The Huge Dirty Cow Overwriting The Huge Zero Page (2) Exploit				2018-03-29
Linux Kernel - mincore() Heap Page Disclosure (PoC) Exploit				2018-03-29
Linux Kernel 4.13 (Debian 9) - Local Privilege Escalation Exploit				2018-03-29
Linux Kernel < 4.5.1 - Off-By-One (PoC) Exploit				2018-03-29
Linux Kernel < 3.16.39 (Debian 8 x64) - inotfiy Local Privilege Escalation Exploit				2018-03-29
Linux/x86 execve /bin/sh Shellcode (18 bytes)				2018-03-29
Linux/x86 exit(0) Shellcode (5 bytes)				2018-03-29
IBM Spectrum LSF Privilege Escalation Vulnerability				2018-03-29
Dell EMC NetWorker Buffer Overflow Vulnerability				2018-03-29
WordPress Site Editor 1.1.1 Local File Inclusion Vulnerability				2018-03-29
Grav CMS 1.2.4 Cross Site Scripting Vulnerability				2018-03-29
Easy Chat Server 3.1 Buffer Overflow Exploit				2018-03-29
Linux Kernel 4.4.0-21 (Ubuntu 16.04 x64) - netfilter target_offset Local Privilege Escalation Exploi				2018-03-29
Linux Kernel 3.5.0-23 (Ubuntu 12.04.2 x64) - SOCK_DIAG SMEP Bypass Local Privilege Escalation Exploi				2018-03-29
Linux Kernel 4.4.0-116 (Ubuntu 16.04.4) - Local Privilege Escalation Exploit				2018-03-29
Firefox 46.0.1 - ASM.JS JIT-Spray Remote Code Execution Exploit				2018-03-29
Firefox 44.0.2 - ASM.JS JIT-Spray Remote Code Execution Exploit				2018-03-29
Contec Smart Home 4.15 - Unauthorized Password Reset Vulnerability				2018-03-29
Joomla Component Fields - SQLi Remote Code Execution (Metasploit)				2018-03-29
Exodus Wallet (ElectronJS Framework) - Remote Code Execution (Metasploit)				2018-03-29
GitStack - Unsanitized Argument Remote Code Execution (Metasploit)				2018-03-29
Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Admin Session)				2018-03-29
Open-AuditIT Professional 2.1 - Cross-Site Scripting				2018-03-28
Tenda N11 Wireless Router 5.07.43_en_NEX01 - Remote DNS Change				2018-03-28
Microsoft Windows Remote Assistance - XML External Entity Injection				2018-03-28
TwonkyMedia Server 7.0.11-8.5 - Persistent Cross-Site Scripting				2018-03-28
TwonkyMedia Server 7.0.11-8.5 - Directory Traversal				2018-03-28
TestLink Open Source Test Management < 1.9.16 - Remote Code Execution (PoC)				2018-03-28
ClipBucket - beats_uploader Unauthenticated Arbitrary File Upload (Metasploit)				2018-03-27
LabF nfsAxe 3.7 - Privilege Escalation				2018-03-26
Acrolinx Server < 5.2.5 - Directory Traversal				2018-03-26
Laravel Log Viewer < 0.13.0 - Local File Download				2018-03-26
Fast AVI MPEG Splitter 1.2 - Stack-Based Buffer Overflow				2018-03-26
Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion				2018-03-23
MyBB Plugin Last User's Threads in Profile Plugin 1.2 - Persistent Cross-Site Scripting				2018-03-23
Easy Avi Divx Xvid to DVD Burner 2.9.11 - '.avi' Denial of Service				2018-03-23
Easy CD DVD Copy 1.3.24 - Local Buffer Overflow (SEH)				2018-03-23
XenForo 2 - CSS Loader Denial of Service				2018-03-23
TL-WR720N 150Mbps Wireless N Router - Cross-Site Request Forgery				2018-03-23
Linux/x86 - EggHunter Shellcode (11 Bytes)				2018-03-23
WM Recorder 16.8.1 - Denial of Service				2018-03-23
Dell EMC NetWorker - Denial of Service				2018-03-23
Crashmail 1.6 - Stack-Based Buffer Overflow ( ROP execve )				2018-03-23
Allok Quicktime to AVI MPEG DVD Converter 4.6.1217 - Stack-Based Buffer Overflow				2018-03-23
Hikvision IP Camera versions 5.2.0 - 5.3.9 (Builds 140721 - 170109) - Access Control Bypass				2018-03-23
Android Bluetooth - BNEP BNEP_SETUP_CONNECTION_REQUEST_MSG Out-of-Bounds Read				2018-03-23
Android Bluetooth - BNEP bnep_data_ind() Remote Heap Disclosure				2018-03-23
Linux Kernel < 4.15.4 - 'show_floppy' KASLR Address Leak				2018-03-23
Hack The Planet (HTP) Zine 4				2018-03-22
Phrack #69				2018-03-22
Phrack #68				2018-03-22
Phrack #67				2018-03-22
Phrack #66				2018-03-22
Phrack #65				2018-03-22
Phrack #64				2018-03-22
Phrack #63				2018-03-22
Phrack #62				2018-03-22
Phrack #61				2018-03-22
Phrack #59				2018-03-22
Phrack #47				2018-03-22
Phrack #46				2018-03-22
Phrack #45				2018-03-22
Phrack #44				2018-03-22
Phrack #43				2018-03-22
Contec Smart Home 4.15 - Unauthorized Password Reset				2018-03-16
Firefox 44.0.2 - ASM.JS JIT-Spray Remote Code Execution				2018-03-16
Firefox 46.0.1 - ASM.JS JIT-Spray Remote Code Execution				2018-03-16
Samba 4.x Password Change Vulnerability				2018-03-16
Android DRM Services - Buffer Overflow Exploit				2018-03-16
WOOF WooCommerce Products Filter 1.1.9 LFI / Code Execution Exploit				2018-03-16
Spring Data REST < 2.6.9 (Ingalls SR9) / 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution Ex				2018-03-16
MikroTik RouterOS < 6.41.3/6.42rc27 - #SMB Buffer Overflow Exploit				2018-03-16
SAP NetWeaver AS JAVA CRM - Log injection Remote Command Execution Exploit				2018-03-16
WordPress Duplicator 1.2.32 Plugin - Cross-Site Scripting Vulnerability				2018-03-16
SAP NetWeaver AS JAVA CRM - Log injection Remote Command Execution				2018-03-16
Android DRM Services - Buffer Overflow				2018-03-16
MikroTik RouterOS < 6.41.3/6.42rc27 - SMB Buffer Overflow				2018-03-16
Spring Data REST < 2.6.9 (Ingalls SR9), 3.0.1 (Kay SR1) - PATCH Request Remote Code Execution				2018-03-15
WordPress Plugin Duplicator 1.2.32 - Cross-Site Scripting				2018-03-15
Shopware 5.3.7 Cross Site Request Forgery Vulnerability				2018-03-13
SecurEnvoy SecurMail 9.1.501 - Multiple Vulnerabilities				2018-03-13
Tuleap 9.17.99.189 - Blind SQL Injection Vulnerability				2018-03-13
Tuleap 9.17.99.189 - Blind SQL Injection				2018-03-13
SecurEnvoy SecurMail 9.1.501 - Multiple Vulnerabilities				2018-03-13
Sony Playstation 4 (PS4) 4.55 < 5.50 - WebKit Code Execution (PoC) Exploit				2018-03-13
MikroTik RouterOS < 6.38.4 (x86) - Chimay Red Stack Clash Remote Code Execution Exploit				2018-03-13
MikroTik RouterOS < 6.38.4 (MIPSBE) - Chimay Red Stack Clash Remote Code Execution Exploit				2018-03-13
ACL Analytics 11.X - 13.0.0.579 - Arbitrary Code Execution Exploit				2018-03-13
MikroTik RouterOS < 6.38.4 (x86) - 'Chimay Red' Stack Clash Remote Code Execution				2018-03-13
MikroTik RouterOS < 6.38.4 (MIPSBE) - 'Chimay Red' Stack Clash Remote Code Execution				2018-03-13
Sony Playstation 4 (PS4) 4.55 < 5.50 - WebKit Code Execution (PoC)				2018-03-13
ACL Analytics 11.X - 13.0.0.579 - Arbitrary Code Execution				2018-03-12
Eclipse Equinoxe OSGi Console - Command Execution (Metasploit)				2018-03-12
SC 7.16 - Stack-Based Buffer Overflow				2018-03-12
ManageEngine Applications Manager 13.5 - Remote Code Execution Exploit				2018-03-12
Advantech WebAccess 8.3 - Directory Traversal / Remote Code Execution Exploit				2018-03-12
SC 7.16 - Stack-Based Buffer Overflow Exploit				2018-03-12
TextPattern 4.6.2 - qty SQL Injection Vulnerability				2018-03-12
Advantech WebAccess < 8.3 - Directory Traversal / Remote Code Execution				2018-03-12
TextPattern 4.6.2 - 'qty' SQL Injection				2018-03-12
Prisma Industriale Checkweigher PrismaWEB 1.21 - Hard-Coded Credentials				2018-03-12
DEWESoft X3 SP1 (64-bit) - Remote Command Execution				2018-03-12
DEWESoft X3 SP1 (64-bit) installer / Remote Internal Command Access Vulnerability				2018-03-12
Prisma Industriale Checkweigher PrismaWEB 1.21 Authentication Bypass Vulnerability				2018-03-12
Hola VPN 1.79.859 - Insecure service permissions Vulnerability				2018-03-12
WPS Office 10.2.0.5978 - NULL DACL grants full access Vulnerability				2018-03-12
Tuleap 9.17.99.189 SQL Injection Vulnerability				2018-03-12
ManageEngine Applications Manager 13.5 - Remote Code Execution (Metasploit)				2018-03-12
Bacula-Web < 8.0.0-rc2 - SQL Injection				2018-03-11
WebLog Expert Enterprise 9.4 - Denial of Service				2018-03-11
WebLog Expert Enterprise 9.4 - Authentication Bypass				2018-03-11
Chrome 35.0.1916.153 - Sandbox Escape / Command Execution				2018-03-11
Broadcom BCM43xx Wi-Fi - 'BroadPWN' Denial of Service				2018-03-11
Tor (Firefox 41 < 50) - Code Execution				2018-03-11
Mozilla Firefox - Address Bar Spoofing				2018-03-11
Memcached 1.5.5 - 'Memcrashed ' Insufficient Control of Network Message Volume Denial of Service With Shodan API				2018-03-11
Memcached 1.5.5 - 'Memcrashed' Insufficient Control Network Message Volume Denial of Service (1)				2018-03-11
Microsoft Office - 'Composite Moniker Remote Code Execution				2018-03-11
antMan 0.9.0c - Authentication Bypass				2018-03-11
Redaxo CMS Addon MyEvents 2.2.1 - SQL Injection				2018-03-11
Chrome V8 JIT - Empty BytecodeJumpTable Out-of-Bounds Read				2018-03-11
Chrome V8 JIT - 'GetSpecializationContext' Type Confusion				2018-03-11
Chrome V8 JIT - JSBuiltinReducer::ReduceObjectCreate Fails to Ensure that the Prototype is "null"				2018-03-11
Chrome V8 JIT - Simplified-lowererer IrOpcode::kStoreField, IrOpcode::kStoreElement Optimization Bug				2018-03-11
Bravo Tejari Web Portal - Cross-Site Request Forgery				2018-03-11
Softros Network Time System Server 2.3.4 - Denial of Service				2018-03-11
Memcached 1.5.5 - 'Memcrashed' Insufficient Control Network Message Volume Denial of Service (2)				2018-03-11
Tenda AC15 Router - Unauthenticated Remote Code Execution				2018-03-11
Joomla! Component Joomanager 2.0.0 - 'com_Joomanager' Arbitrary File Download				2018-03-11
ActivePDF Toolkit < 8.1.0.19023 - Multiple Memory Corruptions				2018-03-11
ClipBucket < 4.0.0 - Release 4902 - Command Injection / File Upload / SQL Injection				2018-03-11
Suricata < 4.0.4 - IDS Detection Bypass				2018-03-11
Sophos UTM 9.410 - 'loginuser' 'confd' Service Privilege Escalation				2018-03-11
NETGEAR - 'TelnetEnable' Magic Packet (Metasploit)				2018-03-11
Dup Scout Enterprise 10.5.12 - 'Share Username' Local Buffer Overflow				2018-03-11
Xion 1.0.125 - '.m3u' Local SEH-Based Unicode Venetian Exploit				2018-03-11
Papenmeier WiFi Baby Monitor Free & Lite < 2.02.2 - Remote Audio Record				2018-03-11
Parallels Remote Application Server 15.5 - Path Traversal				2018-03-11
iSumsoft ZIP Password Refixer 3.1.1 - Buffer Overflow				2018-03-11
antMan < 0.9.1a - Authentication Bypass				2018-03-11
Werkzeug - 'Debug Shell' Command Execution				2018-03-11
Telerik UI for ASP.NET AJAX 2012.3.1308 < 2017.1.118 - Arbitrary File Upload				2018-03-11
Telerik UI for ASP.NET AJAX 2012.3.1308 < 2017.1.118 - Encryption Keys Disclosure				2018-03-11
SAP BusinessObjects launch pad - Server-Side Request Forgery				2018-03-11
Oracle WebLogic Server 10.3.6.0.0 / 12.x - Remote Command Execution				2018-03-11
Intel Active Management Technology - System Privileges				2018-03-11
Apache Struts - REST Plugin With Dynamic Method Invocation Remote Code Execution				2018-03-11
Cells Blog 3.5 - 'bgid' / 'fmid' / 'fnid' SQL Injection				2018-03-11
Dup Scout Enterprise 10.0.18 - 'Input Directory' Local Buffer Overflow (SEH)				2018-03-11
Microsoft Internet Explorer 11 (Windows 7 x86) - 'mshtml.dll' Remote Code Execution (MS17-007)				2018-03-11
MyMagazine 1.0 - 'id' SQL Injection				2018-03-11
CmsLite 1.4 - 'S' SQL Injection				2018-03-11
Basic B2B Script - SQL Injection				2018-03-11
CPA Lead Reward Script - SQL Injection				2018-03-11
Fake Magazine Cover Script - SQL Injection				2018-03-11
Nice PHP FAQ Script - 'nice_theme' SQL Injection				2018-03-11
Squid Analysis Report Generator 2.3.10 - Remote Code Execution				2018-03-11
Trend Micro OfficeScan 11.0/XG (12.0) - Man In The Middle Remote Code Execution				2018-03-11
Trend Micro OfficeScan 11.0/XG (12.0) - Image File Execution Bypass				2018-03-11
Linux Kernel 3.10.0-514.21.2.el7.x86_64 / 3.10.0-514.26.1.el7.x86_64 (CentOS 7) - SUID Position Independent Executable 'PIE' Local Privilege Escalation				2018-03-11
Sync Breeze Enterprise 10.1.16 - 'POST' Remote Buffer Overflow				2018-03-11
Oracle WebLogic Server 10.3.6.0 - Java Deserialization				2018-03-11
Apple iOS 10.2 - Broadcom Out-of-Bounds Write when Handling 802.11k Neighbor Report Response				2018-03-11
Adobe Flash - Out-of-Bounds Read in applyToRange				2018-03-11
Adobe Flash - Out-of-Bounds Write in MP4 Edge Processing				2018-03-11
Adobe Flash - Out-of-Bounds Memory Read in MP4 Parsing				2018-03-11
Humax Wi-Fi Router HG100R 2.0.6 - Authentication Bypass				2018-03-11
PHP-SecureArea < 2.7 - Multiple Vulnerabilities				2018-03-11
CMS Web-Gooroo < 1.141 - Multiple Vulnerabilities				2018-03-11
PDF-XChange Viewer 2.5 Build 314.0 - Code Execution				2018-03-11
iTech Movie Script 7.51 - SQL Injection				2018-03-11
iTech Job Script 9.27 - SQL Injection				2018-03-11
iTech Dating Script 3.40 - SQL Injection				2018-03-11
iTech Multi Vendor Script 6.63 - SQL Injection				2018-03-11
iTech Travel Script 9.49 - SQL Injection				2018-03-11
iTech Freelancer Script 5.27 - SQL Injection				2018-03-11
iTech Image Sharing Script 4.13 - SQL Injection				2018-03-11
iTech Classifieds Script 7.41 - SQL Injection				2018-03-11
iTech Caregiver Script 2.71 - SQL Injection				2018-03-11
iTech Business Networking Script 8.26 - SQL Injection				2018-03-11
iTech B2B Script 4.42 - SQL Injection				2018-03-11
NoMachine 5.3.9 - Local Privilege Escalation				2018-03-11
RPi Cam Control < 6.3.14 - Remote Command Execution				2018-03-11
AirMaster 3000M - Multiple Vulnerabilities				2018-03-11
JoySale 2.2.1 - Arbitrary File Upload				2018-03-11
WordPress Plugin Ads Pro < 3.4 - Cross-Site Scripting / SQL Injection				2018-03-11
Docker Daemon - Unprotected TCP Socket				2018-03-11
CenturyLink ZyXEL PK5001Z Router - Root Remote Code Execution				2018-03-11
VACRON VIG-US731VE 1.0.18-09-B727 IP Camera - Authentication Bypass				2018-03-11
Virtual Postage (VPA) - Man In The Middle Remote Code Execution				2018-03-11
SKILLS.com.au Industry App - Man In The Middle Remote Code Execution				2018-03-11
Tilde CMS 1.01 - Multiple Vulnerabilities				2018-03-11
Oracle E-Business Suite 12.x - Server-Side Request Forgery				2018-03-11
CyberArk Viewfinity 5.5.10.95 - Local Privilege Escalation				2018-03-11
WordPress Plugin Sabai Discuss - Cross-Site Scripting				2018-03-11
Zookeeper 3.5.2 Client - Denial of Service				2018-03-11
WordPress Plugin WatuPRO 5.5.1 - SQL Injection				2018-03-11
Australian Education App - Remote Code Execution				2018-03-11
SpyCamLizard 1.230 - Remote Buffer Overflow				2018-03-11
IBM Informix Dynamic Server - Code Injection / Remote Code Execution				2018-03-11
Nuevomailer < 6.0 - SQL Injection				2018-03-11
Uniview NVR - Password Disclosure				2018-03-11
Sungard eTRAKiT3 <= 3.2.1.17 - SQL Injection				2018-03-11
Sophos Cyberoam - Cross-site scripting				2018-03-11
Dive Assistant Template Builder 8.0 - XML External Entity Injection				2018-03-11
Zyxel P-660HW-61 Firmware < 3.40(PE.11)C0 Router - Local File Inclusion				2018-03-11
Personify360 7.5.2/7.6.1 - Improper Database Schema Access Restrictions				2018-03-11
Personify360 7.5.2/7.6.1 - Improper Access Restrictions				2018-03-11
Dmitry 1.3a - Local Buffer Overflow (PoC)				2018-03-11
D-Link DI-524 - Cross-Site Request Forgery				2018-03-11
Microsoft Windows Server 2008/2012 - LDAP RootDSE Netlogon Denial of Service				2018-03-11
BuilderEngine 3.5.0 - Arbitrary File Upload				2018-03-11
Contrexx CMS egov Module 1.0.0 - SQL Injection				2018-03-11
WordPress Plugin CYSTEME Finder 1.3 - Arbitrary File Disclosure/Arbitrary File Upload				2018-03-11
Ocomon 2.0 - SQL Injection				2018-03-11
VMware Virtual Machine Communication Interface (VMCI) - 'vmci.sys'				2018-03-11
Drupal Module Coder < 7.x-1.3/7.x-2.6 - Remote Code Execution				2018-03-11
Core FTP LE 2.2 - Path Field Local Buffer Overflow (PoC)				2018-03-11
VUPlayer 2.49 (Windows 7) - '.m3u' Local Buffer Overflow (DEP Bypass)				2018-03-11
Mediacoder 0.8.43.5830 - '.m3u' Local Buffer Overflow (SEH)				2018-03-11
CodoForum 3.4 - Persistent Cross-Site Scripting				2018-03-11
BSD / Linux / Windows - execve("/bin//sh", {"//bin/sh", "-c", "cmd"}, NULL) Execute Command Shellcode (194 bytes)				2018-03-11
Linux/x86 - Bind TCP (4444/TCP) Shell (/bin/bash) Shellcode (656 bytes)				2018-03-11
Linux/x86 - Bind TCP (1234/TCP) Shell (/bin/sh) Shellcode (87 bytes) (Generator)				2018-03-11
WordPress Plugin Huge-IT Image Gallery 1.8.9 - Multiple Vulnerabilities				2018-03-11
WordPress Plugin Q and A (Focus Plus) FAQ 1.3.9.7 - Multiple Vulnerabilities				2018-03-11
Windows - Keylogger to File (./log.bin) + Null-Free Shellcode (431 bytes)				2018-03-11
Linux/x86 - Bind TCP (1472/TCP) Shell (/bin/sh) + IPv6 Shellcode (1250 bytes)				2018-03-11
Linux/x86 - Reverse TCP (::ffff:192.168.64.129:1472/TCP) Shell (/bin/sh) + IPv6 Shellcode (159 bytes)				2018-03-11
Linux/x64 - Reverse TCP (192.168.1.2:1234/TCP) Shell Shellcode (134 bytes)				2018-03-11
ASX to MP3 Converter 1.82.50 (Windows 2003 x86) - '.asx' Local Stack Overflow				2018-03-11
Microsoft Internet Explorer 7 - HTML Form Value Denial of Service				2018-03-10
Mozilla Firefox 2.0.0.3 - Href Denial of Service				2018-03-10
LibreOffice 3.5.2.2 - Memory Corruption				2018-03-10
[eZine] Owned and Exposed - ISSUE no 3				2018-03-10
BroadWin Webaccess SCADA/HMI Client - Remote Code Execution				2018-03-10
Microsoft Excel - 0x5D record Stack Overflow (MS10-038)				2018-03-10
Kingsoft Writer 2010 - Local Stack Buffer Overflow				2018-03-10
[eZine] h0no 3				2018-03-10
[eZine] h0no 1				2018-03-10
[eZine] Zero For 0wned (ZFO) 1				2018-03-10
[eZine] Zero For 0wned (ZFO) 3				2018-03-10
[eZine] Zero For 0wned (ZFO) 4				2018-03-10
[eZine] r3m #1				2018-03-10
Apple Safari 4.0.4 / Google Chrome 4.0.249 - CSS style Stack Overflow Denial of Service (PoC)				2018-03-10
UltraISO 9.3.6.2750 - Local Buffer Overflow				2018-03-10

Exploits/page:

Page: