juan vazquez

644 exploits Active since Sep 2005
CVE-2014-8440 EXPLOITDB ruby WORKING POC
Adobe Flash Player < 13.0.0.252 - Denial of Service
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0576, CVE-2014-0581, and CVE-2014-8441.
CVE-2013-5331 EXPLOITDB ruby WORKING POC
Adobe Flash Player <11.7.700.257, 11.8.x, 11.9.x - RCE
Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK & Compiler before 3.9.0.1380 allow remote attackers to execute arbitrary code via crafted .swf content that leverages an unspecified "type confusion," as exploited in the wild in December 2013.
CVE-2014-0515 EXPLOITDB ruby WORKING POC
Adobe Flash Player Shader Buffer Overflow
Buffer overflow in Adobe Flash Player before 11.7.700.279 and 11.8.x through 13.0.x before 13.0.0.206 on Windows and OS X, and before 11.2.202.356 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in April 2014.
CVE-2013-0634 EXPLOITDB ruby WORKING POC
Adobe Flash Player <10.3.183.51-11.5.502.149 - RCE
Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on Linux, before 11.1.111.32 on Android 2.x and 3.x, and before 11.1.115.37 on Android 4.x allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, as exploited in the wild in February 2013.
CVE-2012-0779 EXPLOITDB ruby WORKING POC
Adobe Flash Player <10.3.183.19-11.2.202.235 - RCE
Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows, Mac OS X, and Linux; before 11.1.111.9 on Android 2.x and 3.x; and before 11.1.115.8 on Android 4.x allows remote attackers to execute arbitrary code via a crafted file, related to an "object confusion vulnerability," as exploited in the wild in May 2012.
CVE-2015-0336 EXPLOITDB ruby WORKING POC
Adobe Flash Player NetConnection Type Confusion
Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-0334.
CVE-2014-0497 EXPLOITDB CRITICAL ruby WORKING POC
Adobe Flash Player Integer Underflow Remote Code Execution
Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linux, allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS 9.8
CVE-2015-0359 EXPLOITDB ruby WORKING POC
Adobe Flash Player domainMemory ByteArray Use After Free
Double free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0346.
CVE-2014-0556 EXPLOITDB ruby WORKING POC
Adobe Flash Player < 13.0.0.241 - Memory Corruption
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0559.
CVE-2014-0569 EXPLOITDB ruby WORKING POC
Adobe Flash Player < 11.2.202.406 - Integer Overflow
Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allows attackers to execute arbitrary code via unspecified vectors.
CVE-2015-0313 EXPLOITDB CRITICAL ruby WORKING POC
Adobe Flash Player < 11.2.202.442 - Use After Free
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in February 2015, a different vulnerability than CVE-2015-0315, CVE-2015-0320, and CVE-2015-0322.
CVSS 9.8
CVE-2015-0311 EXPLOITDB CRITICAL ruby WORKING POC
Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free
Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Windows and OS X and through 11.2.202.438 on Linux allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in January 2015.
CVSS 9.8
CVE-2012-0754 EXPLOITDB HIGH ruby WORKING POC
Adobe Flash Player <10.3.183.15, <11.1.102.62 - Memory Corruption
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CVSS 8.1
CVE-2015-5122 EXPLOITDB CRITICAL ruby WORKING POC
Adobe Flash opaqueBackground Use After Free
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.
CVSS 9.8
EIP-2026-118229 EXPLOITDB ruby WORKING POC
ActFax 5.01 - RAW Server Buffer Overflow (Metasploit)
EIP-2026-118220 EXPLOITDB ruby WORKING POC
ABB MicroSCADA - 'wserver.exe' Remote Code Execution (Metasploit)
EIP-2026-118130 EXPLOITDB ruby WORKING POC
WinRAR - Filename Spoofing (Metasploit)
CVE-2009-1831 EXPLOITDB ruby WORKING POC
Nullsoft Winamp < 5.55 - Numeric Error
The Nullsoft Modern Skins Support module (gen_ff.dll) in Nullsoft Winamp before 5.552 allows remote attackers to execute arbitrary code via a crafted MAKI file, which triggers an incorrect sign extension, an integer overflow, and a stack-based buffer overflow.
CVE-2008-5036 EXPLOITDB ruby WORKING POC
Videolan Vlc Media Player - Memory Corruption
Stack-based buffer overflow in VideoLAN VLC media player 0.9.x before 0.9.6 might allow user-assisted attackers to execute arbitrary code via an an invalid RealText (rt) subtitle file, related to the ParseRealText function in modules/demux/subtitle.c. NOTE: this issue was SPLIT from CVE-2008-5032 on 20081110.
CVE-2012-2915 EXPLOITDB ruby WORKING POC
Lattice Semiconductor PAC-Designer <6.2.1344 - Buffer Overflow
Stack-based buffer overflow in Lattice Semiconductor PAC-Designer 6.2.1344 allows remote attackers to execute arbitrary code via a long string in a Value tag in a SymbolicSchematicData definition tag in PAC Design (.pac) file.
CVE-2008-1602 EXPLOITDB ruby WORKING POC
Orbit Downloader <2.6.4 - Buffer Overflow
Stack-based buffer overflow in Orbit downloader 2.6.3 and 2.6.4 allows remote attackers to execute arbitrary code via a long download URL, which is not properly handled during Unicode conversion for a balloon notification after a download has failed.
CVE-2008-0320 EXPLOITDB ruby WORKING POC
OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.
CVE-2008-3158 EXPLOITDB ruby WORKING POC
Novell Client for Windows 4.91 SP4 - Buffer Overflow
Unspecified vulnerability in NWFS.SYS in Novell Client for Windows 4.91 SP4 has unknown impact and attack vectors, possibly related to IOCTL requests that overwrite arbitrary memory.
CVE-2011-3625 EXPLOITDB ruby WORKING POC
MPlayer <0.6.9 - Buffer Overflow
Stack-based buffer overflow in the sub_read_line_sami function in subreader.c in MPlayer, as used in SMPlayer 0.6.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a SAMI subtitle file.
CVE-2014-4113 EXPLOITDB HIGH ruby WORKING POC
Microsoft Windows - Privilege Escalation
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, as exploited in the wild in October 2014, aka "Win32k.sys Elevation of Privilege Vulnerability."
CVSS 7.8