Luigi Auriemma

568 exploits Active since Feb 2002
CVE-2011-3499 EXPLOITDB text WRITEUP
Progea Movicon / PowerHMI <11.2.1085 - DoS/Code Injection
Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an EIDP packet with a large size field, which writes a zero byte to an arbitrary memory location.
EIP-2026-116118 EXPLOITDB text WORKING POC
QNX phrelay/phindows/phditto - Multiple Vulnerabilities
EIP-2026-116122 EXPLOITDB text WRITEUP
Qt 4.6.3 - Remote Denial of Service
CVE-2005-0430 EXPLOITDB c WORKING POC
ID Software Quake 3 Engine - Buffer Overflow
The Quake 3 engine, as used in multiple game packages, allows remote attackers to cause a denial of service (shutdown game server) and possibly crash the server via a long infostring, possibly triggering a buffer overflow.
EIP-2026-116136 EXPLOITDB text SUSPICIOUS
Quicksilver Master of Orion III 1.2.5 - Multiple Remote Denial of Service Vulnerabilities
CVE-2008-0234 EXPLOITDB text WORKING POC
Apple Quicktime - Memory Corruption
Buffer overflow in Apple Quicktime Player 7.3.1.70 and other versions before 7.4.1, when RTSP tunneling is enabled, allows remote attackers to execute arbitrary code via a long Reason-Phrase response to an rtsp:// request, as demonstrated using a 404 error message.
EIP-2026-116155 EXPLOITDB text WRITEUP
Raven Software Soldier Of Fortune 2 - Ignore Command Remote Denial of Service
CVE-2006-2412 EXPLOITDB text SUSPICIOUS
Raydium - Denial of Service
The raydium_network_read function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to cause a denial of service (application crash) via a large ID, which causes an invalid memory access (buffer over-read).
EIP-2026-116160 EXPLOITDB text WRITEUP
RealityServer Web Services RTMP Server 3.1.1 build 144525.5 - Null Pointer Dereference Denial of Service
CVE-2011-1525 EXPLOITDB text WORKING POC
RealNetworks RealPlayer <14.0.2 - RCE
Heap-based buffer overflow in rvrender.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted frame in an Internet Video Recording (IVR) file.
CVE-2006-2555 EXPLOITDB text STUB
Genecys < 0.2 - Denial of Service
The parse_command function in Genecys 0.2 and earlier allows remote attackers to cause a denial of service (crash) via a command with a missing ":" (colon) separator, which triggers a null dereference.
EIP-2026-115660 EXPLOITDB text WRITEUP
Microsoft Host Integration Server 8.5.4224.0 - Denial of Service
CVE-2011-2007 EXPLOITDB text WRITEUP
Microsoft HIS <2010 - DoS
Microsoft Host Integration Server (HIS) 2004 SP1, 2006 SP1, 2009, and 2010 allows remote attackers to cause a denial of service (SNA Server service outage) via crafted TCP or UDP traffic, aka "Endless Loop DoS in snabase.exe Vulnerability."
EIP-2026-115652 EXPLOITDB text WRITEUP
Microsoft Excel 2003 11.8335.8333 - Use-After-Free
EIP-2026-115638 EXPLOITDB text SUSPICIOUS
Microsoft DirectX 8/9 DirectPlay - Multiple Denial of Service Vulnerabilities
EIP-2026-115623 EXPLOITDB text WRITEUP
MetaServer RT 3.2.1.450 - Multiple Vulnerabilities
CVE-2004-0735 EXPLOITDB c WORKING POC
Medal of Honor - Buffer Overflow
Buffer overflow in Medal of Honor (1) Allied Assault 1.11v9 and earlier, (2) Breakthrough 2.40b and earlier, and (3) Spearhead 2.15 and earlier, when playing on a Local Area Network (LAN), allows remote attackers to execute arbitrary code via vectors such as (1) the getinfo query, (2) the connect packet, and other unknown vectors.
CVE-2011-3497 EXPLOITDB text WORKING POC
Measuresoft ScadaPro <4.0.0 - RCE
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary DLL functions via the XF function, possibly related to an insecure exposed method.
CVE-2008-1357 EXPLOITDB text WRITEUP
McAfee CMA <3.6.0.574 - RCE
Format string vulnerability in the logDetail function of applib.dll in McAfee Common Management Agent (CMA) 3.6.0.574 (Patch 3) and earlier, as used in ePolicy Orchestrator 4.0.0 build 1015, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in a sender field in an AgentWakeup request to UDP port 8082. NOTE: this issue only exists when the debug level is 8.
CVE-2004-1493 EXPLOITDB c WORKING POC
Master of Orion III <1.2.5 - DoS
Master of Orion III 1.2.5 and earlier allows remote attackers to cause a denial of service (server crash) via multiple connections with long nicknames, possibly triggering a buffer overflow.
CVE-2008-1277 EXPLOITDB text WRITEUP
MailEnable <3.13 - DoS
The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference.
CVE-2007-5464 EXPLOITDB text WRITEUP
LFS Live For Speed < 0.5x10 - Memory Corruption
Stack-based buffer overflow in Live for Speed 0.5X10 and earlier allows remote authenticated users to cause a denial of service (client crash) and possibly execute arbitrary code via a long skin name.
EIP-2026-115559 EXPLOITDB text WRITEUP
Lithtech Engine - Memory Corruption
CVE-2004-1395 EXPLOITDB c SCANNER
Monolith Productions Contract Jack - Denial of Service
The Lithtech engine, as used in (1) Contract Jack 1.1 and earlier, (2) No one lives forever 2 1.3 and earlier, (3) Tron 2.0 1.042 and earlier, (4) F.E.A.R. (First Encounter Assault and Recon), and possibly other games, allows remote attackers to cause a denial of service (connection refused) via a UDP packet that causes recvfrom to generate a return code that causes the listening loop to exit, as demonstrated using zero byte packets or packets between 8193 and 12280 bytes, which result in conditions that are not "Operation would block."
EIP-2026-115553 EXPLOITDB c WORKING POC
LieroX 0.62b - Remote Server/Client Denial of Service