C Exploits
3,565 exploits tracked across all sources.
Microsoft Windows ME - XSS
Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote attackers to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter.
by s0h
Electronic Arts Battlefield 1942 - Memory Corruption
Buffer overflow in the remote console (rcon) in Battlefield 1942 1.2 and 1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long user name and password.
by greuff
Amxmod.net Amx Mod - Format String Vulnerability
Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software's Half-Life Server, allows remote attackers to execute arbitrary commands via format string specifiers in the amx_say command.
by greuff
Zlib - Buffer Overflow
Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code.
by CrZ
Zlib - Buffer Overflow
Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code.
by Richard Kettlewel
Cisco Ios - Buffer Overflow
Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements.
by FX
Cpanel - Improper Input Validation
guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitrary commands via the template parameter.
by bob
les <2.4.1 - Buffer Overflow
Buffer overflow in les for ATM on Linux (linux-atm) before 2.4.1, if used setuid, allows local users to gain privileges via a long -f command line argument.
by Angelo Rosiello
AutomatedShops WebC 2.0/5.0 Script - Name Remote Buffer Overrun
by Carl Livitt
Hp-ux - Memory Corruption
Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument.
by Last Stage of Delirium
nethack <3.4.0 & falconseye <1.9.3 - Buffer Overflow
Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.
nethack <3.4.0 & falconseye <1.9.3 - Buffer Overflow
Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.
by tsao@efnet
Bitchx - Improper Input Validation
BitchX 75p3 and 1.0c16 through 1.0c20cvs allows remote attackers to cause a denial of service (segmentation fault) via a malformed RPL_NAMREPLY numeric 353 message.
by argv
Gamespy3d Gamespy 3D - Memory Corruption
Multiple GameSpy 3D 2.62 compatible gaming servers generate very large UDP responses to small requests, which allows remote attackers to use the servers as an amplifier in DDoS attacks with spoofed UDP query packets, as demonstrated using Battlefield 1942.
by Mike Kristovich
Caldera Openlinux Ebuilder - Access Control
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
by logikal
mpg123 pre0.59s - Invalid MP3 Header Memory Corruption
by Gobbles Security
Half-Life StatsMe 2.6.x Plugin - MakeStats Format String
Half-Life StatsMe 2.6.x Plugin - CMD_ARGV Buffer Overflow
Half-Life ClanMod 1.80/1.81 Plugin - Remote Format String
Half-Life AdminMod 2.50 Plugin - Remote Format String
by greuff
Tanne 0.6.17 - RCE
Multiple format string vulnerabilities in the logger function in netzio.c for Tanne 0.6.17 allows remote attackers to execute arbitrary code via format string specifiers in syslog.
by dong-h0un yoU
Positive Software H-sphere - Buffer Overflow
Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fname in flist.
by Carl Livitt
Positive Software H-sphere - Buffer Overflow
Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fname in flist.
by Carl Livitt
rpc.walld - Solaris 2.6-9 - Local Privilege Escalation
rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header.
by Brant Roman
By Source