Exploitdb Exploits

3,149 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-119308 EXPLOITDB c VERIFIED
xAurora 10.00 - 'RSRC32.dll' DLL Loading Arbitrary Code Execution
by Zer0 Thunder
EIP-2026-102573 EXPLOITDB c
Conky Linux 1.8.0 - Local Denial of Service (PoC)
by Arturo D'Elia
EIP-2026-102904 EXPLOITDB c VERIFIED
Linux Kernel 2.6.28/3.0 (DEC Alpha Linux) - Local Privilege Escalation
by Dan Rosenberg
CVE-2011-2183 EXPLOITDB c VERIFIED
Linux <2.6.39.3 - DoS
Race condition in the scan_get_next_rmap_item function in mm/ksm.c in the Linux kernel before 2.6.39.3, when Kernel SamePage Merging (KSM) is enabled, allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted application.
by Andrea Righi
EIP-2026-118879 EXPLOITDB c VERIFIED
Microsoft Windows Live Messenger 14 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution
by Kalashinkov3
EIP-2026-119044 EXPLOITDB c VERIFIED
Poison Ivy 2.3.2 - Remote Buffer Overflow
by Kevin R.V
EIP-2026-116361 EXPLOITDB c
Symantec Backup Exec System Recovery 8.5 - Kernel Pointers Dereferences
by Stefan LE BERRE
CVE-2011-1761 EXPLOITDB c VERIFIED
libmodplug <0.8.8.3 - Buffer Overflow
Multiple stack-based buffer overflows in the (1) abc_new_macro and (2) abc_new_umacro functions in src/load_abc.cpp in libmodplug before 0.8.8.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ABC file. NOTE: some of these details are obtained from third party information.
by epiphant
CVE-2011-5155 EXPLOITDB c VERIFIED
Help & Manual 5.5.1 Build 1296 - Privilege Escalation
Untrusted search path vulnerability in Help & Manual 5.5.1 Build 1296 allows local users to gain privileges via a Trojan horse ijl15.dll file in the current working directory, as demonstrated by a directory that contains a .hmxz, .hmxp, .hmskin, .hmx, .hm3, .hpj, .hlp, or .chm file. NOTE: some of these details are obtained from third party information.
by LiquidWorm
CVE-2011-1479 EXPLOITDB c VERIFIED
Linux kernel <2.6.39 - Use After Free
Double free vulnerability in the inotify subsystem in the Linux kernel before 2.6.39 allows local users to cause a denial of service (system crash) via vectors involving failed attempts to create files. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-4250.
by anonymous
EIP-2026-115820 EXPLOITDB c
Microsoft Windows XP - 'afd.sys' Local Kernel Denial of Service
by Lufeng Li
CVE-2011-1547 EXPLOITDB c VERIFIED
NetBSD 4.0-5.1.1 - Memory Corruption
Multiple stack consumption vulnerabilities in the kernel in NetBSD 4.0, 5.0 before 5.0.3, and 5.1 before 5.1.1, when IPsec is enabled, allow remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a crafted (1) IPv4 or (2) IPv6 packet with nested IPComp headers.
by Tavis Ormandy
CVE-2011-0180 EXPLOITDB c VERIFIED
Apple Mac OS X <10.6.7 - Info Disclosure
Integer overflow in HFS in Apple Mac OS X before 10.6.7 allows local users to read arbitrary (1) HFS, (2) HFS+, or (3) HFS+J files via a crafted F_READBOOTSTRAP ioctl call.
by Dan Rosenberg
CVE-2010-4077 EXPLOITDB c
Linux Kernel < 2.6.36.1 - Information Disclosure
The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.
by prdelka
CVE-2010-4165 EXPLOITDB c
Linux Kernel < 2.6.37 - Divide By Zero
The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect use of a signed integer.
by zx2c4
CVE-2008-5736 EXPLOITDB c
Freebsd - Access Control
Multiple unspecified vulnerabilities in FreeBSD 6 before 6.4-STABLE, 6.3 before 6.3-RELEASE-p7, 6.4 before 6.4-RELEASE-p1, 7.0 before 7.0-RELEASE-p7, 7.1 before 7.1-RC2, and 7 before 7.1-PRERELEASE allow local users to gain privileges via unknown attack vectors related to function pointers that are "not properly initialized" for (1) netgraph sockets and (2) bluetooth sockets.
by zx2c4
EIP-2026-116671 EXPLOITDB c VERIFIED
.NET Runtime Optimization Service - Local Privilege Escalation
by XenoMuta
CVE-2011-0762 EXPLOITDB c VERIFIED
Vsftpd < 2.3.3 - Denial of Service
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.
by Maksymilian Arciemowicz
CVE-2011-1082 EXPLOITDB c VERIFIED
Linux Kernel < 2.6.38 - Denial of Service
fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for (1) closed loops or (2) deep chains, which allows local users to cause a denial of service (deadlock or stack memory consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.
by Nelson Elhage
CVE-2011-1083 EXPLOITDB c VERIFIED
Linux Kernel < 2.6.37.2 - Denial of Service
The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.
by Nelson Elhage
CVE-2010-4165 EXPLOITDB c VERIFIED
Linux Kernel < 2.6.37 - Divide By Zero
The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect use of a signed integer.
by prdelka
CVE-2011-0045 EXPLOITDB c VERIFIED
Microsoft Windows XP SP3 - Buffer Overflow
The Trace Events functionality in the kernel in Microsoft Windows XP SP3 does not properly perform type conversion, which causes integer truncation and insufficient memory allocation and triggers a buffer overflow, which allows local users to gain privileges via a crafted application, related to WmiTraceMessageVa, aka "Windows Kernel Integer Truncation Vulnerability."
by Nikita Tarakanov
CVE-2011-1071 EXPLOITDB c
GNU Eglibc < 2.12.1 - Resource Management Error
The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome.
by Simon Berry-Byrne
EIP-2026-117029 EXPLOITDB c
DESlock+ < 4.1.10 - 'vdlptokn.sys' Local Kernel Ring0 SYSTEM
by mu-b
CVE-2010-4435 EXPLOITDB c
Sunos - Buffer Overflow
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CDE Calendar Manager Service Daemon and RPC. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from other software vendors that this affects other operating systems, such as HP-UX, or claims from a reliable third party that this is a buffer overflow in rpc.cmsd via long XDR-encoded ASCII strings in RPC call 10.
by Rodrigo Rubira Branco
By Source
All 3,149 Exploitdb 50,123 Writeup 46,621 Nomisec 21,121 Metasploit 3,189 Github 2,231 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,731 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 259 c++ 245 shell 68 go 41 postscript 25 xml 24