hdm

397 exploits Active since Jan 1997
CVE-2010-0188 EXPLOITDB HIGH ruby WORKING POC
Adobe Acrobat and Reader 8.x < 8.2.1 and 9.x < 9.3.1 - Remote Code Execution
Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 7.8
CVE-2010-0188 EXPLOITDB HIGH ruby WORKING POC
Adobe Acrobat and Reader 8.x < 8.2.1 and 9.x < 9.3.1 - Remote Code Execution
Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
CVSS 7.8
CVE-2002-1473 EXPLOITDB ruby WORKING POC
HP-UX 10.20-11.11 - Buffer Overflow in lp Subsystem
Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code.
CVE-2005-3757 EXPLOITDB ruby WORKING POC
Google Mini Search Appliance - Remote Code Execution via XSLT Style Sheet Select Attribute
The Saxon XSLT parser in Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to obtain sensitive information and execute arbitrary code via dangerous Java class methods in select attribute of xsl:value-of tags in XSLT style sheets, such as (1) system-property, (2) sys:getProperty, and (3) run:exec.
CVE-2006-3459 EXPLOITDB ruby WORKING POC
libtiff < 3.8.2 - Stack-Based Buffer Overflow via Large tdir_count in TIFFFetchShortPair
Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c.
CVE-2006-3459 EXPLOITDB ruby WORKING POC
libtiff < 3.8.2 - Stack-Based Buffer Overflow via Large tdir_count in TIFFFetchShortPair
Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c.
CVE-2013-3623 EXPLOITDB ruby WORKING POC
Supermicro Onboard IPMI CGI Vulnerability Scanner
Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allow remote attackers to execute arbitrary code via the (1) sess_sid or (2) ACT parameter.
CVE-2006-5972 EXPLOITDB ruby WORKING POC
NetGear WG111v2 Driver - Stack-Based Buffer Overflow via Long 802.11 Beacon Request
Stack-based buffer overflow in WG111v2.SYS in NetGear WG111v2 wireless adapter (USB) allows remote attackers to execute arbitrary code via a long 802.11 beacon request.
CVE-2013-2751 EXPLOITDB ruby WORKING POC
NETGEAR ReadyNAS <4.1.12 & <4.2.24 - Code Injection
Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to execute arbitrary Perl code via a crafted request, related to the "forgot password workflow."
CVE-2006-3459 EXPLOITDB ruby WORKING POC
libtiff < 3.8.2 - Stack-Based Buffer Overflow via Large tdir_count in TIFFFetchShortPair
Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c.
CVE-2015-2857 EXPLOITDB CRITICAL ruby WORKING POC
Accellion File Transfer Appliance < 9_11_200 - Remote Code Execution via oauth_token Parameter
Accellion File Transfer Appliance before FTA_9_11_210 allows remote attackers to execute arbitrary code via shell metacharacters in the oauth_token parameter.
CVSS 9.8
CVE-2003-0050 EXPLOITDB ruby WORKING POC
Apple Darwin Streaming Administration Server <4.1.2 - RCE
parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via shell metacharacters.
CVE-2009-4502 EXPLOITDB ruby WORKING POC
Zabbix Agent <1.6.7 - Command Injection
The NET_TCP_LISTEN function in net.c in Zabbix Agent before 1.6.7, when running on FreeBSD or Solaris, allows remote attackers to bypass the EnableRemoteCommands setting and execute arbitrary commands via shell metacharacters in the argument to net.tcp.listen. NOTE: this attack is limited to attacks from trusted IP addresses.
CVE-2006-5710 EXPLOITDB ruby WORKING POC
macOS 10.4.8 - Remote Code Execution via Malformed 802.11 Probe Response Frame
The Airport driver for certain Orinoco based Airport cards in Darwin kernel 8.8.0 in Apple Mac OS X 10.4.8, and possibly other versions, allows remote attackers to execute arbitrary code via an 802.11 probe response frame without any valid information element (IE) fields after the header, which triggers a heap-based buffer overflow.
CVE-2014-7196 EXPLOITDB ruby WORKING POC
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-7169. Reason: This candidate is a duplicate of CVE-2014-7169. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2014-7169 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2009-2765 EXPLOITDB ruby WORKING POC
DD-WRT < 24 - Remote Code Execution via CGI-BIN URI Shell Metacharacters
httpd.c in httpd in the management GUI in DD-WRT 24 sp1, and other versions before build 12533, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to a cgi-bin/ URI.
CVE-2009-2288 EXPLOITDB ruby WORKING POC
Nagios < 3.1.1 - OS Command Injection via statuswml.cgi Ping or Traceroute Parameters
statuswml.cgi in Nagios before 3.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) ping or (2) Traceroute parameters.
CVE-2005-0116 EXPLOITDB ruby WORKING POC
awstats < 6.3 - Remote Code Execution via configdir Parameter
AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl.
CVE-2005-0116 EXPLOITDB ruby WORKING POC
awstats < 6.3 - Remote Code Execution via configdir Parameter
AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl.
CVE-2005-2847 EXPLOITDB ruby WORKING POC
Barracuda Spam Firewall <3.1.17 - Command Injection
img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter.
CVE-2003-0201 EXPLOITDB ruby WORKING POC
Samba < 2.2.8a and 2.0.10 - Remote Code Execution via call_trans2open Buffer Overflow
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
CVE-2011-4862 EXPLOITDB ruby WORKING POC
GNU inetutils < 1.9 - Remote Code Execution via Long Encryption Key
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.