C Exploits

3,632 exploits tracked across all sources.

Sort: Activity Stars
CVE-2002-0231 EXPLOITDB c VERIFIED
mIRC <= 5.91 - Remote Code Execution via Long Nickname
Buffer overflow in mIRC 5.91 and earlier allows a remote server to execute arbitrary code on the client via a long nickname.
by James Martin
CVE-2002-0210 EXPLOITDB c VERIFIED
TOLIS Group BRU 17.0 - Local Privilege Escalation
setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/brutest.$$ temporary file.
by Andrew Griffiths
CVE-2002-0048 EXPLOITDB c VERIFIED
rsync - Remote Code Execution via Signedness Error in I/O Functions
Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.
by sorbo
CVE-2000-0343 EXPLOITDB c VERIFIED
Sniffit 0.3.x - Remote Code Execution via Long MAIL FROM Header
Buffer overflow in Sniffit 0.3.x with the -L logging option enabled allows remote attackers to execute arbitrary commands via a long MAIL FROM mail header.
by g463
EIP-2026-103616 EXPLOITDB c VERIFIED
Oracle 8i - 'dbsnmp' Remote Denial of Service
by benjurry
CVE-2002-0132 EXPLOITDB c VERIFIED
Chinput 3.0 - Local Buffer Overflow via HOME Environment Variable
Buffer overflow in Chinput 3.0 allows local users to execute arbitrary code via a long HOME environment variable.
by xperc
CVE-2002-0142 EXPLOITDB c VERIFIED
pi3web 2.0 beta 1 and 2 - Denial of Service via Long Physical Path with Trailing Dots
CGI handler in John Roy Pi3Web for Windows 2.0 beta 1 and 2 allows remote attackers to cause a denial of service (crash) via a series of requests whose physical path is exactly 260 characters long and ends in a series of . (dot) characters.
by aT4r
CVE-2002-0143 EXPLOITDB c VERIFIED
Imlib2 <= 1.0.4 - Buffer Overflow via HOME Environment Variable
Buffer overflow in Eterm of Enlightenment Imlib2 1.0.4 and earlier allows local users to execute arbitrary code via a long HOME environment variable.
by Charles Stevenson
EIP-2026-114784 EXPLOITDB c VERIFIED
FreeWnn 1.1 0 - jserver JS_MKDIR MetaCharacter Command Execution
by UNYUN
CVE-2002-0098 EXPLOITDB c VERIFIED
boozt_standard 0.9.8 - Local Buffer Overflow via Long Banner Name Field
Buffer overflow in index.cgi administration interface for Boozt! Standard 0.9.8 allows local users to execute arbitrary code via a long name field when creating a new banner.
by Rafael San Miguel Carrasco
CVE-2002-0207 EXPLOITDB c VERIFIED
RealOne Player < 8.0 - Buffer Overflow via Header Length Mismatch
Buffer overflow in Real Networks RealPlayer 8.0 and earlier allows remote attackers to execute arbitrary code via a header length value that exceeds the actual length of the header.
by UNYUN
CVE-2002-1570 EXPLOITDB c VERIFIED
ucd-snmp < 4.2.3 - Remote Code Execution via snmpnetstat Heap Overflow
Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earlier, and net-snmp, allows remote attackers to execute arbitrary code via multiple getnextrequest PDU messages with conflicting ifindex variables, which cause snmpnetstat to write variable data past the end of an array.
by Juan M. de la Torre
EIP-2026-119114 EXPLOITDB c VERIFIED
SapporoWorks Black JumboDog 2.6.4/2.6.5 - HTTP Proxy Buffer Overflow
by UNYUN
CVE-2002-0033 EXPLOITDB c VERIFIED
Solaris - Remote Code Execution via cfsd_calloc Heap Overflow
Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name.
by Last Stage of Delirium
CVE-2002-0048 EXPLOITDB c VERIFIED
rsync - Remote Code Execution via Signedness Error in I/O Functions
Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.
by Teso
CVE-2002-0048 EXPLOITDB c VERIFIED
rsync - Remote Code Execution via Signedness Error in I/O Functions
Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.
by Teso
CVE-2000-0574 EXPLOITDB c VERIFIED
OpenBSD ftpd - Remote Code Execution via Format String in setproctitle
FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands.
by Teso
CVE-2002-0002 EXPLOITDB c VERIFIED
stunnel < 3.22 - Remote Code Execution via Format String in Client Mode
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
by deltha
CVE-2001-0876 EXPLOITDB c VERIFIED
Windows 98, 98SE, ME, and XP - Remote Code Execution via UPnP NOTIFY Location URL
Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL.
by JOCANOR
CVE-2001-0876 EXPLOITDB c VERIFIED
Windows 98, 98SE, ME, and XP - Remote Code Execution via UPnP NOTIFY Location URL
Buffer overflow in Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL.
by Gabriel Maggiotti
CVE-2001-0797 EXPLOITDB c VERIFIED
SGI IRIX - Buffer Overflow in Login via Telnet/Rlogin Arguments
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
by Teso
CVE-2001-1519 EXPLOITDB c VERIFIED
Windows 2000 - Local Privilege Escalation
RunAs (runas.exe) in Windows 2000 allows local users to create a spoofed named pipe when the service is stopped, then capture cleartext usernames and passwords when clients connect to the service. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to exploit it
by Camisade
CVE-2001-1518 EXPLOITDB c VERIFIED
Windows 2000 - Denial of Service via RunAs Named Pipe Session
RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service (RunAs hang) by creating a named pipe session with the authentication server without any request for service. NOTE: the vendor disputes this vulnerability, however the vendor also presents a scenario in which other users could be affected if running on a Terminal Server. Therefore this is a vulnerability.
by Camisade
CVE-2001-0951 EXPLOITDB c VERIFIED
Windows 2000 - Denial of Service via IKE UDP Port Flood
Windows 2000 allows remote attackers to cause a denial of service (CPU consumption) by flooding Internet Key Exchange (IKE) UDP port 500 with packets that contain a large number of dot characters.
by Nelson Brito
CVE-2001-1184 EXPLOITDB c VERIFIED
Denicomp Winsock RSHD/NT <2.21.00 - DoS
wrshdsp.exe in Denicomp Winsock RSHD/NT 2.21.00 and earlier allows remote attackers to cause a denial of service (CPU consumption) via (1) in 2.20.00 and earlier, an invalid port number such as a negative number, which causes a connection attempt to that port and all ports below 1024, and (2) in 2.21.00, a port number of 1024.
by jimmers
By Source
All 3,632 Writeup 62,507 Exploitdb 50,076 Nomisec 22,465 Github 3,690 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,604 ruby 6,006 c 3,632 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 133 go 73 postscript 25 typescript 25