Will Dormann

7 exploits Active since Jun 2006
CVE-2014-1943 WRITEUP WRITEUP
Fine Free <5.17 - DoS
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.
CVE-2022-50238 WRITEUP HIGH WORKING POC
Microsoft - Info Disclosure
The on-endpoint Microsoft vulnerable driver blocklist is not fully synchronized with the online Microsoft recommended driver block rules. Some entries present on the online list have been excluded from the on-endpoint blocklist longer than the expected periodic monthly Windows updates. It is possible to fully synchronize the driver blocklist using WDAC policies. NOTE: The vendor explains that Windows Update provides a smaller, compatibility-focused driver blocklist for general users, while the full XML list is available for advanced users and organizations to customize at the risk of usability issues.
CVSS 7.4
CVE-2007-5815 EXPLOITDB text WORKING POC
SonicWall SSL-VPN <2.1-2.5 - Path Traversal
Absolute path traversal vulnerability in the WebCacheCleaner ActiveX control 1.3.0.3 in SonicWall SSL-VPN 200 before 2.1, and SSL-VPN 2000/4000 before 2.5, allows remote attackers to delete arbitrary files via a full pathname in the argument to the FileDelete method.
CVE-2006-2383 EXPLOITDB text WORKING POC
Microsoft Internet Explorer <6 - RCE
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX control, which causes Internet Explorer to crash in a way that enables the code execution.
EIP-2026-118496 EXPLOITDB html WORKING POC
EasyMail Objects 'EMSMTP.DLL 6.0.1' - ActiveX Control Remote Buffer Overflow
CVE-2007-2983 EXPLOITDB html WORKING POC
Btglobalservices BT Consumer Webhelper < 2.0.0.7 - Memory Corruption
Multiple buffer overflows in the British Telecommunications Consumer webhelper ActiveX control before 2.0.0.8 in btwebcontrol.dll allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2009-4637 EXPLOITDB text WRITEUP
FFmpeg 0.5 - DoS/Buffer Overflow
FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a stack-based buffer overflow.