Exploitdb Exploits
459 exploits tracked across all sources.
Lantronix Secure Console Server SCS820/SCS1620 - Multiple Local Vulnerabilities
by c0ntex
Skype Technologies Skype 0.92/1.0/1.1 - Insecure Temporary File Creation
by Giovanni Delvecchio
Gentoo webapp-config <1.10-r14 - Local Privilege Escalation
The fn_show_postinst function in Gentoo webapp-config before 1.10-r14 allows local users to overwrite arbitrary files via a symlink attack on the postinst.txt temporary file.
by Eric Romang
cdrdao (Mandrake 10.2) - Local Privilege Escalation
by newbug
Linux kernel <2.6.12-rc4 - Code Injection
The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in certain conditions involving the create_elf_tables function, causes a negative length argument to pass a signed integer comparison, leading to a buffer overflow.
by Paul Starzetz
PHP-Nuke <7.6 - SQL Injection
SQL injection vulnerability in the Top module for PHP-Nuke 6.x through 7.6 allows remote attackers to execute arbitrary SQL commands via the querylang parameter.
by Fabrizi Andrea
Esmi Paypal Storefront - SQL Injection
Multiple SQL injection vulnerabilities in ESMI PayPal Storefront allow remote attackers to execute arbitrary SQL commands via the (1) idpages parameter to pages.php or the (2) id2 parameter to products1.php.
by Dcrab
IBM AIX <5.3.0 - Privilege Escalation
Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout.
by ri0t
Linux Kernel - Denial of Service
Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem.
by Michal Zalewski
ncpfs <2.2.6 - DoS/Info Disclosure
ncpfs 2.2.6 allows local users to cause a denial of service, obtain sensitive information, or possibly gain privileges via symlink attacks involving the (1) ncpmount and (2) ncpumount programs.
by super
AIX <5.3 - RCE
Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program.
by cees-bart
IBM AIX <5.3.0 - Privilege Escalation
Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout.
by cees-bart
cscope <15-5 - Local Privilege Escalation
main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
by Gangstuck
cPanel 9.9.1 -R3 Front Page Extension - Installation Information Disclosure
by Karol Wiesek
Serendipity 0.7-beta1 - SQL Injection
SQL injection vulnerability in Serendipity 0.7-beta1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter to (1) exit.php or (2) comment.php.
by aCiDBiTS
Microsoft .net Framework - Buffer Overflow
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
by Elia Florio
Microsoft .net Framework - Buffer Overflow
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
by perplexy
cdrecord <2.01 - Privilege Escalation
cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before executing a program specified in the RSH environment variable, which allows local users to gain privileges.
by Max Vozeler
cdrecord <2.01 - Privilege Escalation
cdrecord in the cdrtools package before 2.01, when installed setuid root, does not properly drop privileges before executing a program specified in the RSH environment variable, which allows local users to gain privileges.
by I)ruid
Imwheel < 1.0.0pre11 - Race Condition
Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service (IMWheel crash) and possibly modify arbitrary files via a symlink attack on the imwheel.pid file.
by I)ruid
By Source