Achilles

37 exploits Active since Jan 2026
CVE-2021-47785 EXPLOITDB CRITICAL python WORKING POC
Ether MP3 CD Burner 1.3.8 - Remote Code Execution via Registration Name Field Buffer Overflow
Ether MP3 CD Burner 1.3.8 contains a buffer overflow vulnerability in the registration name field that allows remote code execution. Attackers can craft a malicious payload to overwrite SEH handlers and execute a bind shell on port 3110 by exploiting improper input validation.
CVSS 9.8
CVE-2021-47775 EXPLOITDB HIGH python WORKING POC
YouTube Downloader 1.9.9.1 - Buffer Overflow
YouTube Video Grabber, now referred to as YouTube Downloader, 1.9.9.1 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting the Structured Exception Handler. Attackers can craft a malicious payload of 712 bytes with SEH manipulation to trigger a bind shell connection on a specified local port.
CVSS 8.4
CVE-2021-47774 EXPLOITDB CRITICAL python WORKING POC
Kingdia CD Extractor 3.0.2 - Remote Code Execution via Registration Name Field Overflow
Kingdia CD Extractor 3.0.2 contains a buffer overflow vulnerability in the registration name field that allows attackers to execute arbitrary code. Attackers can craft a malicious payload exceeding 256 bytes to overwrite Structured Exception Handler and gain remote code execution through a bind shell.
CVSS 9.8
CVE-2020-36940 EXPLOITDB CRITICAL python WORKING POC
Easy CD & DVD Cover Creator 4.13 - Buffer Overflow
Easy CD & DVD Cover Creator 4.13 contains a buffer overflow vulnerability in the serial number input field that allows attackers to crash the application. Attackers can generate a 6000-byte payload and paste it into the serial number field to trigger an application crash.
CVSS 9.8
CVE-2019-25327 EXPLOITDB CRITICAL python WORKING POC
Prime95 29.8 build 6 - Remote Code Execution via User ID Input Field
Prime95 version 29.8 build 6 contains a buffer overflow vulnerability in the user ID input field that allows remote attackers to execute arbitrary code. Attackers can craft a malicious payload and paste it into the PrimeNet user ID and proxy host fields to trigger a bind shell on port 3110.
CVSS 9.8
EIP-2026-119587 EXPLOITDB python WORKING POC
EZ CD Audio Converter 8.0.7 - Denial of Service (PoC)
EIP-2026-119586 EXPLOITDB python WORKING POC
EZ CD Audio Converter 8.0.7 - Denial of Service (PoC)
EIP-2026-118098 EXPLOITDB python WORKING POC
Wedding Slideshow Studio 1.36 - Buffer Overflow
EIP-2026-116919 EXPLOITDB python WORKING POC
Boxoft Convert Master 1.3.0 - 'wav' SEH Local Exploit
EIP-2026-115318 EXPLOITDB python WORKING POC
FutureDj Pro 1.7.2.0 - Denial of Service
EIP-2026-115319 EXPLOITDB python WORKING POC
FutureDj Pro 1.7.2.0 - Denial of Service
EIP-2026-114850 EXPLOITDB python WORKING POC
ActiveFax Server 6.92 Build 0316 - 'POP3 Server' Denial of Service