Exploitdb Exploits
3,138 exploits tracked across all sources.
ConfigServer Security & Firewall < 5.43 - Stack-Based Buffer Overflow via Admin List File
Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall (CSF) before 5.43, when running on a DirectAdmin server, allows local users to cause a denial of service (crash) via a long string in an admin.list file.
by FoX HaCkEr
GIGAPOD OfficeHard <3.04.03, GIGAPOD 2010/3 <3.01.02 - DoS via Apache HTTP Request Handling
GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80/tcp and 443/tcp for user operation, and 8001/tcp for administrative operation.
8001/tcp is served by a version of Apache HTTP server containing a flaw in handling HTTP requests (CVE-2011-3192), which may lead to a denial-of-service (DoS) condition.
by Ramon de C Valle
CVSS 7.5
3S CoDeSys < 3.4 - Remote Code Execution via Long URI to CmpWebServer
Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 and earlier, as used on the ABB AC500 PLC and possibly other products, allows remote attackers to execute arbitrary code via a long URI to TCP port 8080.
by Celil Ünüver
bzip2 < 1.0.5 - Local Arbitrary Code Execution via Temporary File Handling
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.
by vladz
Microsoft Winows 7 - Keyboard Layout Blue Screen of Death (MS10-073)
by instruder
Microsoft Windows - Buffer Overflow
Integer overflow in the TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code by sending a sequence of crafted UDP packets to a closed port, aka "Reference Counter Overflow Vulnerability."
by anonymous
CVSS 9.8
Linux Kernel 3.0.4 - '/proc/interrupts' Password Length Local Information Disclosure
by Vasiliy Kulikov
Calibre E-Book Reader - Local Privilege Escalation (3)
by zx2c4
Linux Kernel 2.6.37-rc1 - 'serial_multiport_struct' Local Information Leak
by Todor Donev
Android < 2.3.6 - Information Exposure via PowerVR SGX Driver Request
The PowerVR SGX driver in Android before 2.3.6 allows attackers to obtain potentially sensitive information from kernel stack memory via an application that uses a crafted length parameter in a request to the pvrsrvkm device.
by Geremy Condra
X.Org X Server - Local Access Restriction Bypass via TTY Verification Flaw
The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY.
by vladz
Linux PolicyKit Race Condition Privilege Escalation
Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID.
by xi4oyu
Linux PolicyKit Race Condition Privilege Escalation
Race condition in the pkexec utility and polkitd daemon in PolicyKit (aka polkit) 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID.
by zx2c4
Norman Security Suite 8 - 'nprosec.sys' Local Privilege Escalation
by Xst3nZ
Apple Mac OS X <10.6.7 - Privilege Escalation
The i386_set_ldt system call in the kernel in Apple Mac OS X before 10.6.7 does not properly handle call gates, which allows local users to gain privileges via vectors involving the creation of a call gate entry.
by hkpco
Linux Kernel < 2.6.37 - Information Disclosure via Uninitialized IPC Structures
The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3) compat_sys_shmctl functions in ipc/compat.c; and the (4) compat_sys_mq_open and (5) compat_sys_mq_getsetattr functions in ipc/compat_mq.c.
by Jon Oberheide
Linux Kernel < 3.1 - Denial of Service via Performance Events Subsystem
The Performance Events subsystem in the Linux kernel before 3.1 does not properly handle event overflows associated with PERF_COUNT_SW_CPU_CLOCK events, which allows local users to cause a denial of service (system hang) via a crafted application.
by Vince Weaver
CVSS 5.5
DVD X Player 5.5.0 Professional / Standard - '.plf' File Universal (ASLR + DEP Bypass)
by sickness
Kingsoft AntiVirus 2012 'KisKrnl.sys' 2011.7.8.913 - Kernel Mode Privilege Escalation
by MJ0011
NetBSD 5.1 - 'libc/net' Multiple Stack Buffer Overflows
by Maksymilian Arciemowicz
IBM DB2 - 'DT_RPATH' Insecure Library Loading Arbitrary Code Execution
by Tim Brown
xAurora 10.00 - 'RSRC32.dll' DLL Loading Arbitrary Code Execution
by Zer0 Thunder
By Source