sinn3r

411 exploits Active since Dec 2002
EIP-2026-118764 EXPLOITDB ruby WORKING POC
McAfee SaaS MyCioScan ShowReport - Remote Command Execution (Metasploit)
CVE-2011-2882 EXPLOITDB ruby WORKING POC
Citrix Access Gateway Enterprise Edition 8.1-67.7 9.0-70.5 9.1-96.4 - Remote Code Execution via Crafted HTTP Header Data
Stack-based buffer overflow in the NSEPA.NsepaCtrl.1 ActiveX control in nsepa.ocx in Citrix Access Gateway Enterprise Edition 8.1 before 8.1-67.7, 9.0 before 9.0-70.5, and 9.1 before 9.1-96.4 allows remote attackers to execute arbitrary code via crafted HTTP header data.
CVE-2011-2089 EXPLOITDB ruby WORKING POC
ICONICS BizViz <9.22, GENESIS32 <9.22 - RCE
Stack-based buffer overflow in the SetActiveXGUID method in the VersionInfo ActiveX control in GenVersion.dll 8.0.138.0 in the WebHMI subsystem in ICONICS BizViz 9.x before 9.22 and GENESIS32 9.x before 9.22 allows remote attackers to execute arbitrary code via a long string in the argument. NOTE: some of these details are obtained from third party information.
CVE-2012-0198 EXPLOITDB ruby WORKING POC
IBM Tivoli Provisioning Manager Express 4.1.1 - Stack-Based Buffer Overflow
Stack-based buffer overflow in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control in IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 allows remote attackers to execute arbitrary code via vectors related to an Asset Information file.
CVE-2010-3407 EXPLOITDB ruby WORKING POC
IBM Lotus Domino <8.0.2 FP5-8.5.1 FP2 - RCE
Stack-based buffer overflow in the MailCheck821Address function in nnotes.dll in the nrouter.exe service in the server in IBM Lotus Domino 8.0.x before 8.0.2 FP5 and 8.5.x before 8.5.1 FP2 allows remote attackers to execute arbitrary code via a long e-mail address in an ORGANIZER:mailto header in an iCalendar calendar-invitation e-mail message, aka SPR NRBY7ZPJ9V.
CVE-2013-3576 EXPLOITDB ruby WORKING POC
HP System Management Homepage - Authenticated OS Command Injection via PATH_INFO to smhutil/snmpchp.php.en
ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to execute arbitrary commands via shell metacharacters in the PATH_INFO to smhutil/snmpchp.php.en.
CVE-2011-3167 EXPLOITDB ruby WORKING POC
HP OpenView Network Node Manager <7.51-7.53 - RCE
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1210.
CVE-2009-4179 EXPLOITDB python WORKING POC
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in ovalarm.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Accept-Language header in an OVABverbose action.
CVE-2011-0266 EXPLOITDB ruby WORKING POC
HP OpenView Network Node Manager 7.51 and 7.53 - Buffer Overflow via Long nameParams Parameter
Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long nameParams parameter, a different vulnerability than CVE-2011-0267.2.
CVE-2009-0920 EXPLOITDB ruby WORKING POC
HP Network Node Manager 7.01, 7.51, 7.53 - Stack-Based Buffer Overflow via OvOSLocale Cookie
Stack-based buffer overflow in OvCgi/Toolbar.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long OvOSLocale cookie, a variant of CVE-2008-0067.
CVE-2011-0267 EXPLOITDB ruby WORKING POC
HP OpenView Network Node Manager 7.51, 7.53 - Remote Code Execution via Long schdParams or nameParams
Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote attackers to execute arbitrary code via a long (1) schdParams or (2) nameParams parameter, a different vulnerability than CVE-2011-0266.
CVE-2011-1865 EXPLOITDB ruby WORKING POC
HP OpenView Storage Data Protector <6.20 - Buffer Overflow
Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters.
CVE-2010-2709 EXPLOITDB ruby WORKING POC
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long OvJavaLocale value in a cookie.
CVE-2010-2703 EXPLOITDB ruby WORKING POC
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in the execvp_nc function in the ov.dll module in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53, when running on Windows, allows remote attackers to execute arbitrary code via a long HTTP request to webappmon.exe.
EIP-2026-118646 EXPLOITDB ruby WORKING POC
HP Intelligent Management Center UAM - Remote Buffer Overflow (Metasploit)
CVE-2012-0124 EXPLOITDB ruby WORKING POC
HP Data Protector Express 5.0.00-59287 and 6.0.00-11974 - Remote Code Execution or Denial of Service
Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors.
EIP-2026-118550 EXPLOITDB ruby WORKING POC
FlexNet License Server Manager - lmgrd Buffer Overflow (Metasploit)
EIP-2026-118430 EXPLOITDB ruby WORKING POC
Distinct TFTP 3.01 - Writable Directory Traversal Execution (Metasploit)
EIP-2026-118405 EXPLOITDB ruby WORKING POC
Dell Webcam CrazyTalk - ActiveX BackImage (Metasploit)
CVE-2012-2962 EXPLOITDB ruby WORKING POC
Plixer Scrutinizer <9.5.2 - SQL Injection
SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2 allows remote authenticated users to execute arbitrary SQL commands via the q parameter.
CVE-2011-5007 EXPLOITDB ruby WORKING POC
3S CoDeSys < 3.4 - Remote Code Execution via Long URI to CmpWebServer
Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 and earlier, as used on the ABB AC500 PLC and possibly other products, allows remote attackers to execute arbitrary code via a long URI to TCP port 8080.
CVE-2015-5122 EXPLOITDB CRITICAL ruby WORKING POC
Adobe Flash opaqueBackground Use After Free
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12.x through 18.0.0.204 on Linux Chrome installations allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted Flash content that leverages improper handling of the opaqueBackground property, as exploited in the wild in July 2015.
CVSS 9.8
CVE-2011-5124 EXPLOITDB ruby WORKING POC
Blue Coat ProxyOne and ProxySG - Stack-Based Buffer Overflow via Large Packet to Synchronization Port
Stack-based buffer overflow in the BCAAA component before build 60258, as used by Blue Coat ProxySG 4.2.3 through 6.1 and ProxyOne, allows remote attackers to execute arbitrary code via a large packet to the synchronization port (16102/tcp).
CVE-2008-2683 EXPLOITDB ruby WORKING POC
Black Ice Barcode SDK - Arbitrary File Write via BIDIB.BIDIBCtrl.1 DownloadImageFileURL Method
The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to force the download and storage of arbitrary files by specifying the origin URL in the first argument to the DownloadImageFileURL method, and the local filename in the second argument. NOTE: some of these details are obtained from third party information.
CVE-2017-15222 EXPLOITDB CRITICAL ruby WORKING POC
nftp < 2.0 - Remote Code Execution via Buffer Overflow
Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code.
CVSS 9.8