Peter Baris

19 exploits Active since Feb 2017
CVE-2017-8339 EXPLOITDB MEDIUM c WORKING POC
Panda Free Antivirus 18.0 - Denial of Service via Crafted DeviceIoControl Request
PSKMAD.sys in Panda Free Antivirus 18.0 allows local users to cause a denial of service (BSoD) via a crafted DeviceIoControl request to \\.\PSMEMDriver.
CVSS 5.5
CVE-2017-6416 EXPLOITDB CRITICAL python WORKING POC
SysGauge 1.5.18 - Buffer Overflow via SMTP Service Ready String
An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string.
CVSS 9.8
CVE-2017-6416 METASPLOIT CRITICAL ruby WORKING POC
SysGauge 1.5.18 - Buffer Overflow via SMTP Service Ready String
An issue was discovered in SysGauge 1.5.18. A buffer overflow vulnerability in SMTP connection verification leads to arbitrary code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string.
CVSS 9.8
CVE-2017-6427 EXPLOITDB HIGH python WORKING POC
EvoStream Media Server 1.7.1 - Buffer Overflow via Malicious HTTP Header
A Buffer Overflow was discovered in EvoStream Media Server 1.7.1. A crafted HTTP request with a malicious header will cause a crash. An example attack methodology may include a long message-body in a GET request.
CVSS 7.5
EIP-2026-119281 EXPLOITDB python WORKING POC
WinaXe Plus 8.7 - Remote Buffer Overflow
EIP-2026-119203 EXPLOITDB ruby WORKING POC
SysGauge 1.5.18 - SMTP Validation Buffer Overflow (Metasploit)
CVE-2017-6187 EXPLOITDB CRITICAL python WORKING POC
DiskSavvy Enterprise 9.4.18 - Remote Code Execution via Long URI in GET Request
Buffer overflow in the built-in web server in DiskSavvy Enterprise 9.4.18 allows remote attackers to execute arbitrary code via a long URI in a GET request.
CVSS 9.8
CVE-2017-6465 EXPLOITDB CRITICAL python WORKING POC
FTPShell Client 6.53 - Remote Code Execution via PWD Response Buffer Overflow
Remote Code Execution was discovered in FTPShell Client 6.53. By default, the client sends a PWD command to the FTP server it is connecting to; however, it doesn't check the response's length, leading to a buffer overflow situation.
CVSS 9.8
CVE-2017-6506 EXPLOITDB CRITICAL python WORKING POC
Azure Data Expert Ultimate 2.2.16 - Remote Code Execution via SMTP 220 String Buffer Overflow
In Azure Data Expert Ultimate 2.2.16, the SMTP verification function suffers from a buffer overflow vulnerability, leading to remote code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string.
CVSS 9.8
CVE-2017-14311 EXPLOITDB HIGH c WORKING POC
NetMechanica NetDecision 5.8.2 - Privilege Escalation
The Winring0x32.sys driver in NetMechanica NetDecision 5.8.2 allows local users to gain privileges via a crafted 0x9C402088 IOCTL call.
CVSS 7.8
EIP-2026-116813 EXPLOITDB text SUSPICIOUS
aSc Timetables 2017 - Local Buffer Overflow
EIP-2026-116465 EXPLOITDB python WORKING POC
uSQLite 1.0.0 - Denial of Service
CVE-2017-6371 EXPLOITDB HIGH python WORKING POC
Synchronet BBS 3.16c - Denial of Service via HTTP Referer Header
Synchronet BBS 3.16c for Windows allows remote attackers to cause a denial of service (service crash) via a long string in the HTTP Referer header.
CVSS 7.5
CVE-2016-10079 EXPLOITDB HIGH python WORKING POC
SAPlpd < 7400.3.11.33 - Denial of Service via Long String to TCP Port 515
SAPlpd through 7400.3.11.33 in SAP GUI 7.40 on Windows has a Denial of Service vulnerability (service crash) with a long string to TCP port 515.
CVSS 7.5
EIP-2026-116180 EXPLOITDB python WORKING POC
Remote Utilities Host 6.3 - Denial of Service
EIP-2026-115774 EXPLOITDB c WORKING POC
Microsoft Visual Studio 2015 update 3 - Denial of Service
CVE-2017-5881 EXPLOITDB HIGH text WORKING POC
GOM Player 2.3.10.5266 - Memory Corruption via Crafted FPX File
GOM Player 2.3.10.5266 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted fpx file.
CVSS 7.8
CVE-2017-6367 EXPLOITDB HIGH python WORKING POC
Cerberus FTP Server 8.0.10.1 - Denial of Service via Long Host Header
In Cerberus FTP Server 8.0.10.1, a crafted HTTP request causes the Windows service to crash. The attack methodology involves a long Host header and an invalid Content-Length header.
CVSS 7.5
EIP-2026-114997 EXPLOITDB python WORKING POC
BlueIris 4.5.1.4 - Denial of Service