Metasploit

1,875 exploits Active since Aug 1990
EIP-2026-118379 EXPLOITDB ruby WORKING POC
Commvault Communications Service (cvd) - Command Injection (Metasploit)
EIP-2026-118366 EXPLOITDB ruby WORKING POC
Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020006 Buffer Overflow (Metasploit)
CVE-2018-6892 EXPLOITDB CRITICAL ruby WORKING POC
CloudMe Sync < 1.10.9 - Unauthenticated Remote Buffer Overflow via Port 8888
An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the program's execution flow and allowing arbitrary code execution.
CVSS 9.8
CVE-2007-4620 EXPLOITDB ruby WORKING POC
CA Alert Notification Service <8.1.586.0 - Remote Code Execution
Multiple stack-based buffer overflows in Computer Associates (CA) Alert Notification Service (Alert.exe) 8.1.586.0, 8.0.450.0, and 7.1.758.0, as used in multiple CA products including Anti-Virus for the Enterprise 7.1 through r11.1 and Threat Manager for the Enterprise 8.1 and r8, allow remote authenticated users to execute arbitrary code via crafted RPC requests.
CVE-2011-5007 EXPLOITDB ruby WORKING POC
3S CoDeSys < 3.4 - Remote Code Execution via Long URI to CmpWebServer
Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 and earlier, as used on the ABB AC500 PLC and possibly other products, allows remote attackers to execute arbitrary code via a long URI to TCP port 8080.
EIP-2026-118362 EXPLOITDB ruby WORKING POC
Citrix Provisioning Services 5.6 - 'streamprocess.exe' Remote Buffer Overflow (Metasploit)
EIP-2026-118363 EXPLOITDB ruby WORKING POC
Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020000 Buffer Overflow (Metasploit)
CVE-2011-2882 EXPLOITDB ruby WORKING POC
Citrix Access Gateway Enterprise Edition 8.1-67.7 9.0-70.5 9.1-96.4 - Remote Code Execution via Crafted HTTP Header Data
Stack-based buffer overflow in the NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access Gateway Enterprise Edition 8.1 before 8.1-67.7, 9.0 before 9.0-70.5, and 9.1 before 9.1-96.4 allows remote attackers to execute arbitrary code via crafted HTTP header data.
EIP-2026-118364 EXPLOITDB ruby WORKING POC
Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020002 Buffer Overflow (Metasploit)
CVE-2008-3558 EXPLOITDB ruby WORKING POC
Cisco WebEx Meeting Manager <20.2008.2606.4919 - Buffer Overflow
Stack-based buffer overflow in the WebexUCFObject ActiveX control in atucfobj.dll in Cisco WebEx Meeting Manager before 20.2008.2606.4919 allows remote attackers to execute arbitrary code via a long argument to the NewObject method.
EIP-2026-118365 EXPLOITDB ruby WORKING POC
Citrix Provisioning Services 5.6 SP1 - Streamprocess Opcode 0x40020004 Buffer Overflow (Metasploit)
CVE-2008-4397 EXPLOITDB ruby WORKING POC
CA ARCserve Backup r11.1-r12.0 - Remote Command Execution via RPC Interface
Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A.
CVE-2008-2639 EXPLOITDB ruby WORKING POC
Citect CitectSCADA 6-7 and CitectFacilities 7 - Remote Code Execution via ODBC Server Service
Stack-based buffer overflow in the ODBC server service in Citect CitectSCADA 6 and 7, and CitectFacilities 7, allows remote attackers to execute arbitrary code via a long string in the second application packet in a TCP session on port 20222.
CVE-2006-2961 EXPLOITDB ruby WORKING POC
CesarFTP <= 0.99g - Stack-Based Buffer Overflow via MKD Command
Stack-based buffer overflow in CesarFTP 0.99g and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MKD command. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
CVE-2008-5002 EXPLOITDB ruby WORKING POC
Chilkat Crypt ActiveX Control - Arbitrary File Write via WriteFile Method
Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ActiveX control (ChilkatCrypt2.dll 4.3.2.1) in Chilkat Crypt ActiveX Component allows remote attackers to create and overwrite arbitrary files via the WriteFile method. NOTE: this could be leveraged for code execution by creating executable files in Startup folders or by accessing files using hcp:// URLs. NOTE: some of these details are obtained from third party information.
CVE-2005-3190 EXPLOITDB ruby WORKING POC
Computer Associates iGateway <4.0.050623 - RCE
Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests.
CVE-2011-2039 EXPLOITDB ruby WORKING POC
Cisco AnyConnect Secure Mobility Client <2.3.185 - RCE
The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.3.185 on Windows, and on Windows Mobile, downloads a client executable file (vpndownloader.exe) without verifying its authenticity, which allows remote attackers to execute arbitrary code via the url property to a certain ActiveX control in vpnweb.ocx, aka Bug ID CSCsy00904.
CVE-2005-2535 EXPLOITDB ruby WORKING POC
BrightStor ARCserve Backup 9.0-11.1 - Remote Code Execution via Discovery Service Buffer Overflow
Buffer overflow in the Discovery Service in BrightStor ARCserve Backup 9.0 through 11.1 allows remote attackers to execute arbitrary commands via a large packet to TCP port 41523, a different vulnerability than CVE-2005-0260.
CVE-2005-1018 EXPLOITDB ruby WORKING POC
CA BrightStor ARCserve Backup - Buffer Overflow
Buffer overflow in the UniversalAgent for Computer Associates (CA) BrightStor ARCserve Backup allows remote authenticated users to cause a denial of service or execute arbitrary code via an agent request to TCP port 6050 with a large argument before the option field.
EIP-2026-118359 EXPLOITDB ruby WORKING POC
Cisco Linksys PlayerPT - ActiveX Control Buffer Overflow (Metasploit)
CVE-2009-4225 EXPLOITDB ruby WORKING POC
PestPatrol <5.6.7.9 - Buffer Overflow
Stack-based buffer overflow in the PestPatrol ActiveX control (ppctl.dll) 5.6.7.9 in CA eTrust PestPatrol allows remote attackers to execute arbitrary code via a long argument to the Initialize method.
CVE-2005-0581 EXPLOITDB ruby WORKING POC
CA License Client and Server 0.1.0.15 - Multiple Buffer Overflow via GCR Request and GETCONFIG Packet
Multiple buffer overflows in Computer Associates (CA) License Client and Server 0.1.0.15 allow remote attackers to execute arbitrary code via (1) certain long fields in the Checksum item in a GCR request, (2) a long IP address, hostname, or netmask values in a GCR request, (3) a long last parameter in a GETCONFIG packet, or (4) long values in a request with an invalid format.
EIP-2026-118339 EXPLOITDB ruby WORKING POC
CA BrightStor ARCserve Message Engine 0x72 - Remote Buffer Overflow (Metasploit)
CVE-2007-5003 EXPLOITDB ruby WORKING POC
CA BrightStor ARCserve Backup r11.0-r11.5 - Stack-Based Buffer Overflow
Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function.
EIP-2026-118340 EXPLOITDB ruby WORKING POC
CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit)