Metasploit

1,875 exploits Active since Aug 1990
CVE-2013-2347 EXPLOITDB ruby WORKING POC
HP Storage Data Protector 6.2X - Remote Code Execution via Crafted EXEC_BAR Packet
The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary commands or cause a denial of service via a crafted EXEC_BAR packet to TCP port 5555, aka ZDI-CAN-1885.
CVE-2011-1865 EXPLOITDB ruby WORKING POC
HP OpenView Storage Data Protector <6.20 - Buffer Overflow
Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters.
CVE-2013-2333 EXPLOITDB ruby WORKING POC
HP Storage Data Protector <7.01 - RCE
Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1680.
CVE-2007-2280 EXPLOITDB ruby WORKING POC
HP OpenView Storage Data Protector 5.50 and 6.0 - Remote Code Execution via MSG_PROTOCOL Command
Stack-based buffer overflow in OmniInet.exe (aka the backup client service daemon) in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via an MSG_PROTOCOL command with long arguments, a different vulnerability than CVE-2009-3844.
CVE-2012-5201 EXPLOITDB ruby WORKING POC
HP Intelligent Management Center < 5.1 - Remote Code Execution
Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1611.
CVE-2005-0768 EXPLOITDB ruby WORKING POC
GoodTech Telnet Server 4.0-5.0 - Remote Code Execution via Long String to Port 2380
Buffer overflow in the administration web server for GoodTech Telnet Server 4.0 and 5.0, and possibly all versions before 5.0.7, allows remote attackers to execute arbitrary code via a long string to port 2380.
EIP-2026-118621 EXPLOITDB ruby WORKING POC
Green Dam - URL Processing Buffer Overflow (Metasploit)
CVE-2009-2685 EXPLOITDB ruby WORKING POC
HP Power Manager - Stack-based Buffer Overflow via Login Variable
Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable.
CVE-2007-5779 EXPLOITDB ruby WORKING POC
GOM Player 2.1.6.3499 - Buffer Overflow via GomWeb Control OpenUrl Method
Buffer overflow in the GomManager (GomWeb Control) ActiveX control in GomWeb3.dll 1.0.0.12 in Gretech Online Movie Player (GOM Player) 2.1.6.3499 allows remote attackers to execute arbitrary code via a long argument to the OpenUrl method.
CVE-2018-5955 EXPLOITDB CRITICAL ruby WORKING POC
GitStack <2.3.10 - Privilege Escalation
An issue was discovered in GitStack through 2.3.10. User controlled input is not sufficiently filtered, allowing an unauthenticated attacker to add a user to the server via the username and password fields to the rest/user/ URI.
CVSS 9.8
CVE-2005-1415 EXPLOITDB ruby WORKING POC
GlobalSCAPE Secure FTP Server 3.0.2 - RCE
Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote authenticated users to execute arbitrary code via a long FTP command.
CVE-2013-0108 EXPLOITDB ruby WORKING POC
Honeywell EBI R310/R400.2/R410.1/R410.2 & SymmetrE R310/R410.1/R410.2 RCE via HscRemoteDeploy.dll
An ActiveX control in HscRemoteDeploy.dll in Honeywell Enterprise Buildings Integrator (EBI) R310, R400.2, R410.1, and R410.2; SymmetrE R310, R410.1, and R410.2; ComfortPoint Open Manager (aka CPO-M) Station R100; and HMIWeb Browser client packages allows remote attackers to execute arbitrary code via a crafted HTML document.
CVE-2006-6576 EXPLOITDB ruby WORKING POC
Golden FTP Server <1.92 - Buffer Overflow
Heap-based buffer overflow in Golden FTP Server (goldenftpd) 1.92 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long PASS command. NOTE: it was later reported that 4.70 is also affected. NOTE: the USER vector is already covered by CVE-2005-0634.
CVE-2014-0750 EXPLOITDB ruby WORKING POC
GE Proficy HMI/SCADA - CIMPLICITY < 8.2 - Remote Code Execution via Directory Traversal in WebView CimWeb
Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY through 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted HTTP request, aka ZDI-CAN-1622.
EIP-2026-118605 EXPLOITDB ruby WORKING POC
Gh0st Client (C2 Server) - Remote Buffer Overflow (Metasploit)
EIP-2026-118606 EXPLOITDB ruby WORKING POC
Gh0st Client (C2 Server) - Remote Buffer Overflow (Metasploit)
CVE-2000-0665 EXPLOITDB ruby WORKING POC
GAMSoft TelSrv <= 1.5 - Denial of Service via Long Username
GAMSoft TelSrv telnet server 1.5 and earlier allows remote attackers to cause a denial of service via a long username.
EIP-2026-118642 EXPLOITDB ruby WORKING POC
Honeywell Tema Remote Installer - ActiveX Remote Code Execution (Metasploit)
CVE-2018-7573 EXPLOITDB CRITICAL ruby WORKING POC
FTPShell Client 6.7 - Remote Code Execution via FTP 220 Response Buffer Overflow
An issue was discovered in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with the FTP 220 response code to crash the application; after this overflow, one can run arbitrary code on the victim machine. This is similar to CVE-2009-3364 and CVE-2017-6465.
CVSS 9.8
CVE-2005-1812 EXPLOITDB ruby WORKING POC
FutureSoft TFTP Server Evaluation Version 1.0.0.1 - Remote Code Execution via Long Filename or Transfer Mode String
Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote attackers to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Read Request (RRQ) or Write Request (WRQ) packet.
CVE-2012-2763 EXPLOITDB ruby WORKING POC
GIMP < 2.6.13 - Remote Code Execution via Long String in Script-Fu Server Command
Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long string in a command to the script-fu server.
CVE-2006-2407 EXPLOITDB ruby WORKING POC
freeFTPd 1.0.10 - Stack-Based Buffer Overflow via Long Key Exchange Algorithm String
Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string.
CVE-2006-2407 EXPLOITDB ruby WORKING POC
freeFTPd 1.0.10 - Stack-Based Buffer Overflow via Long Key Exchange Algorithm String
Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string.
CVE-2012-6066 EXPLOITDB ruby WORKING POC
freeSSHd < 1.2.6 - Unauthenticated Authentication Bypass via Crafted Session
freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to bypass authentication via a crafted session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c.
EIP-2026-118584 EXPLOITDB ruby WORKING POC
freeFTPd 1.0.10 - 'PASS' Remote Buffer Overflow (Metasploit)