Luigi Auriemma

568 exploits Active since Feb 2002
CVE-2011-3491 EXPLOITDB WRITEUP
Progea Movicon/PowereHMI <11.2.1085 - Buffer Overflow
Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative Content-Length field.
CVE-2011-3498 EXPLOITDB WRITEUP
Progea Movicon/PowereHMI <11.2.1085 - Buffer Overflow
Heap-based buffer overflow in Progea Movicon / PowerHMI 11.2.1085 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request.
CVE-2012-3792 EXPLOITDB WRITEUP
Pro-face Pro-Server EX < 1.30.000 and WinGP PC Runtime < 3.1.00 - Denial of Service via Crafted Packet
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (out-of-bounds read operation) via a crafted packet that triggers a certain Find Node check attempt.
CVE-2012-3793 EXPLOITDB WRITEUP
Pro-face Pro-Server EX < 1.30.000 and WinGP PC Runtime < 3.1.00 - Denial of Service via Crafted Packet
Integer overflow in Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (daemon crash) via a crafted packet with a certain opcode that triggers an incorrect memory allocation and a buffer overflow.
CVE-2012-3794 EXPLOITDB WRITEUP
Pro-face Pro-Server EX < 1.30.000 and WinGP PC Runtime < 3.1.00 - Denial of Service via Crafted Packet
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (unhandled exception and daemon crash) via a crafted packet with a certain opcode that triggers an invalid attempt to allocate a large amount of memory.
CVE-2012-3795 EXPLOITDB WRITEUP
Pro-face Pro-Server EX < 1.30.000 and WinGP PC Runtime < 3.1.00 - Denial of Service via Crafted Packet
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to cause a denial of service (daemon crash) via a crafted packet with a certain opcode and a large value in a size field.
CVE-2012-3796 EXPLOITDB WRITEUP
Pro-face Pro-Server EX < 1.30.000 & WinGP PC Runtime < 3.1.00 - Sensitive Info Exposure via Crafted Packet
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, allows remote attackers to obtain sensitive information from daemon memory via a crafted packet with a certain opcode.
CVE-2011-4042 EXPLOITDB WRITEUP
ARC Informatique PcVue 6.0-10.0 - Remote Code Execution via SVUIGrd.ocx ActiveX Control
An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code by using a crafted HTML document to obtain control of a function pointer.
CVE-2011-4043 EXPLOITDB WRITEUP
ARC Informatique PcVue 6.0-10.0 FrontVue and PlantVue - Remote Code Execution via Integer Overflow in SVUIGrd.ocx
Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code via a large value for an integer parameter, leading to a buffer overflow.
CVE-2011-4044 EXPLOITDB WRITEUP
ARC Informatique PcVue 6.0-10.0 FrontVue and PlantVue - Arbitrary File Write via SVUIGrd.ocx ActiveX Control
An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to modify files via calls to unknown methods.
CVE-2012-5048 EXPLOITDB WRITEUP
Optimalog Optima PLC < 1.5.2 - Denial of Service via Crafted Packet
APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted packet.
CVE-2011-4518 EXPLOITDB WRITEUP
MICROSYS PROMOTIC < 8.1.5 - Path Traversal
Directory traversal vulnerability in the PmWebDir object in the web server in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2011-4519 EXPLOITDB WRITEUP
MICROSYS PROMOTIC < 8.1.5 - Denial of Service via ActiveX Component
Stack-based buffer overflow in an ActiveX component in MICROSYS PROMOTIC before 8.1.5 allows remote attackers to cause a denial of service via a crafted web page.
CVE-2011-3490 EXPLOITDB WRITEUP
Measuresoft ScadaPro <4.0.0 - Buffer Overflow
Multiple stack-based buffer overflows in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long command to port 11234, as demonstrated with the TF command.
CVE-2011-3495 EXPLOITDB WRITEUP
Measuresoft ScadaPro <4.0.0 - Path Traversal
Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to read, modify, or delete arbitrary files via the (1) RF, (2) wF, (3) UF, or (4) NF command.
CVE-2011-3496 EXPLOITDB WRITEUP
Measuresoft ScadaPro <4.0.0 - Command Injection
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) BF, (2) OF, or (3) EF command.
CVE-2004-1214 EXPLOITDB c WORKING POC
Kreed <1.05 - Remote Code Execution
Format string vulnerability in Kreed 1.05 and earlier allows remote attackers to execute arbitrary code via format specifiers in (1) a nickname or (2) message text.
CVE-2004-1215 EXPLOITDB c WORKING POC
Kreed <= 1.05 - Denial of Service via Long UDP Packet
Kreed 1.05 and earlier allows remote attackers to cause a denial of service (server disconnect) via a long UDP packet, which causes a "message too long" socket error.
CVE-2005-3491 EXPLOITDB c WORKING POC
FlatFrag 0.3 - Remote Code Execution via Receiver Function Buffer Overflow
Multiple buffer overflows in the receiver function in loop.c in FlatFrag 0.3 and earlier allow remote attackers to execute arbitrary code via the (1) version, (2) name, and (3) model fields.
CVE-2012-0241 EXPLOITDB WRITEUP
Advantech WebAccess < 7.0 - Denial of Service via Modified Stream Identifier
Advantech/BroadWin WebAccess before 7.0 allows remote attackers to cause a denial of service (memory corruption) via a modified stream identifier to a function.
CVE-2011-4880 EXPLOITDB WORKING POC
atvise webMI2ADS < 2.0.2 - Path Traversal via Crafted HTTP Request
Directory traversal vulnerability in the web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to read arbitrary files via a crafted HTTP request.
CVE-2011-4881 EXPLOITDB WORKING POC
atvise webMI2ADS < 2.0.2 - Denial of Service via Crafted HTTP Request
The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly check return values from functions, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted HTTP request.
CVE-2011-4882 EXPLOITDB WRITEUP
atvise webMI2ADS < 2.0.2 - Denial of Service via HTTP Request
The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to cause a denial of service (application exit) via an unspecified command in an HTTP request.
CVE-2005-0369 EXPLOITDB MEDIUM c WORKING POC
Armagetron < 0.2.6.0 and Armagetron Advanced < 0.2.7.0 - Denial of Service via Large Descriptor ID or Claim ID
Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier allows remote attackers to cause a denial of service (application crash) via a packet with a large (1) descriptor ID or (2) claim_id, which exceeds the boundaries of an array.
CVSS 5.3
CVE-2006-1145 EXPLOITDB c WORKING POC
Alien Arena 2006 Gold Edition 5.00 - RCE
Format string vulnerability in the safe_cprintf function in acebot_cmds.c in Alien Arena 2006 Gold Edition 5.00 allows remote attackers (possibly authenticated) to execute arbitrary code via unspecified vectors when the server sends crafted messages to the clients.