Metasploit

1,875 exploits Active since Aug 1990
EIP-2026-116873 EXPLOITDB ruby WORKING POC
BACnet OPC Client - Local Buffer Overflow (Metasploit) (2)
EIP-2026-116859 EXPLOITDB ruby WORKING POC
Aviosoft Digital TV Player Professional 1.0 - Local Stack Buffer Overflow (Metasploit)
CVE-2009-0476 EXPLOITDB ruby WORKING POC
MultiMedia Soft AdjMmsEng.dll <7.11.2.7 - Buffer Overflow
Stack-based buffer overflow in MultiMedia Soft AdjMmsEng.dll 7.11.1.0 and 7.11.2.7, as distributed in multiple MultiMedia Soft audio components for .NET, allows remote attackers to execute arbitrary code via a long string in a playlist (.pls) file, as originally reported for Euphonics Audio Player 1.0. NOTE: some of these details are obtained from third party information.
EIP-2026-116845 EXPLOITDB ruby WORKING POC
Audiotran - '.pls' Local Stack Buffer Overflow (Metasploit)
EIP-2026-116838 EXPLOITDB ruby WORKING POC
AudioCoder - '.m3u' Local Buffer Overflow (Metasploit)
CVE-2006-6665 EXPLOITDB ruby WORKING POC
Astonsoft DeepBurner Pro & Free <1.8.0 - RCE
Buffer overflow in Astonsoft DeepBurner Pro and Free 1.8.0 and earlier allows user-assisted remote attackers to execute arbitrary code via a long file name tag in a dbr file.
EIP-2026-116806 EXPLOITDB ruby WORKING POC
AppLocker - Execution Prevention Bypass (Metasploit)
CVE-2010-1818 EXPLOITDB ruby WORKING POC
Apple QuickTime - Remote Code Execution via Untrusted Pointer Unmarshalling
The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple QuickTime 6.x, 7.x before 7.6.8, and other versions allows remote attackers to execute arbitrary code via the _Marshaled_pUnk attribute, which triggers unmarshalling of an untrusted pointer.
CVE-2012-0663 EXPLOITDB ruby WORKING POC
Apple QuickTime <7.7.2 - Buffer Overflow
Multiple stack-based buffer overflows in Apple QuickTime before 7.7.2 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TeXML file.
CVE-2011-0257 EXPLOITDB ruby WORKING POC
Apple QuickTime PICT PnSize Buffer Overflow
Integer signedness error in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PnSize opcode in a PICT file that triggers a stack-based buffer overflow.
CVE-2005-0043 EXPLOITDB ruby WORKING POC
Apple iTunes 4.7 - Remote Code Execution via Long URL in Playlist Files
Buffer overflow in Apple iTunes 4.7 allows remote attackers to execute arbitrary code via a long URL in (1) .m3u or (2) .pls playlist files.
EIP-2026-116798 EXPLOITDB ruby WORKING POC
AOL 9.5 - 'Phobos.Playlist Import()' Stack Buffer Overflow (Metasploit)
CVE-2007-3314 EXPLOITDB ruby WORKING POC
Altap Salamander 2.5 PE Viewer Buffer Overflow
Stack-based buffer overflow in peviewer.spl in Altap Servant Salamander 2.5 with Portable Executable Viewer 2.02 (English Trial), and 2.0 with Portable Executable Viewer 1.00 (English Trial), allows remote attackers to execute arbitrary code via a long PDB debug filename in a PE file.
CVE-2013-7409 EXPLOITDB ruby WORKING POC
ALLPlayer 5.6.2-5.8.1 - Buffer Overflow via .m3u Playlist File
Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .m3u (playlist) file.
CVE-2007-3068 EXPLOITDB ruby WORKING POC
DVD X Player 4.1 Professional - Stack-Based Buffer Overflow via PLF Playlist Filename
Stack-based buffer overflow in DVD X Player 4.1 Professional allows remote attackers to execute arbitrary code via a PLF playlist containing a long filename.
CVE-2019-15752 EXPLOITDB HIGH ruby WORKING POC
Docker Desktop Community Edition < 2.1.0.1 - Privilege Escalation via Trojan Horse docker-credential-wincred.exe
Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, and then waiting for an admin or service user to authenticate with Docker, restart Docker, or run 'docker login' to force the command.
CVSS 7.8
CVE-2007-2193 EXPLOITDB ruby WORKING POC
ACDSee 9.0/Pro 8.1/Photo Editor 4.0 - Stack-Based Buffer Overflow via Crafted XPM File
Stack-based buffer overflow in the ID_X.apl plugin in ACDSee 9.0 Build 108, Pro 8.1 Build 99, and Photo Editor 4.0 Build 195 allows user-assisted remote attackers to execute arbitrary code via a crafted XPM file with a long section string. NOTE: some of these details are obtained from third party information.
EIP-2026-116700 EXPLOITDB ruby WORKING POC
ABBS Audio Media Player - '.LST' Local Buffer Overflow (Metasploit)
EIP-2026-116696 EXPLOITDB ruby WORKING POC
A-PDF WAV to MP3 1.0.0 - Local Buffer Overflow (Metasploit)
EIP-2026-116718 EXPLOITDB ruby WORKING POC
ActiveFax (ActFax) 4.3 - Client Importer Buffer Overflow (Metasploit)
CVE-2011-2595 EXPLOITDB ruby WORKING POC
ACDSee FotoSlate 4.0 Build 146 - Stack-Based Buffer Overflow via PLP File Tag
Multiple stack-based buffer overflows in ACDSee FotoSlate 4.0 Build 146 allow remote attackers to execute arbitrary code via a long id parameter in a (1) String or (2) Int tag in a FotoSlate Project (aka PLP) file.
CVE-2013-2730 EXPLOITDB ruby WORKING POC
Adobe Reader/Acrobat <9.5.5, <10.1.7, <11.0.03 - Buffer Overflow
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2733.
CVE-2011-2462 EXPLOITDB CRITICAL ruby WORKING POC
Adobe Acrobat and Reader < 10.1.1 - Remote Code Execution via U3D Memory Corruption
Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.
CVSS 9.8
CVE-2010-1240 EXPLOITDB ruby WORKING POC
Adobe PDF Embedded EXE Social Engineering
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PDF document, as demonstrated by a text field that claims that the Open button will enable the user to read an encrypted message.
CVE-2010-1240 EXPLOITDB ruby WORKING POC
Adobe PDF Embedded EXE Social Engineering
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PDF document, as demonstrated by a text field that claims that the Open button will enable the user to read an encrypted message.