Exploitdb Exploits
3,149 exploits tracked across all sources.
Microsoft Windows 2003 Server - Access Control
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, do not properly handle unspecified exceptions, which allows local users to gain privileges via a crafted application, aka "Win32k Exception Handling Vulnerability."
by MJ0011
Mini-stream Ripper 3.1.2.1 - Local Buffer Overflow (DEP Bypass)
by fl0 fl0w
Microsoft Windows - Buffer Overflow
Buffer overflow in the CreateDIBPalette function in win32k.sys in Microsoft Windows XP SP3, Server 2003 R2 Enterprise SP2, Vista Business SP1, Windows 7, and Server 2008 SP2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by performing a clipboard operation (GetClipboardData API function) with a crafted bitmap with a palette that contains a large number of colors.
by Arkon
Apache Tomcat < 4.1.37 - Path Traversal
Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than CVE-2008-2370. NOTE: versions earlier than 6.0.18 were reported affected, but the vendor advisory lists 6.0.16 as the last affected version.
by mywisdom
IBM AIX <5.3 - RCE
Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code via a long NLST command.
by kingcope
libpng <1.2.44, <1.4.3 - Buffer Overflow
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
by kripthor
CVSS 9.8
IBM AIX <6.1, VIOS <2.1, HP-UX <B.11.23, IRIX <6.5 - RCE
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.
by Rodrigo Rubira Branco
Corel WordPerfect Office X5 15.0.0.357 - 'wpd' Buffer Overflow (PoC)
by LiquidWorm
iscripts Socialware 2.2.x - Multiple Vulnerabilities
by Salvatore Fresta
iScripts Socialware 2.2.x - Arbitrary File Upload
by Salvatore Fresta
Adobe Acrobat - Denial of Service
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.
by LiquidWorm
UltraISO 9.3.6.2750 - '.mds' / '.mdf' Buffer Overflow (PoC)
by fl0 fl0w
Freebsd - Improper Input Validation
sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD 7.2 through 8.1-PRERELEASE, when vfs.usermount is enabled, does not validate the length of a certain fhsize parameter, which allows local users to gain privileges via a crafted mount request.
by Patroklos Argyroudis
Freebsd - Improper Input Validation
sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD 7.2 through 8.1-PRERELEASE, when vfs.usermount is enabled, does not validate the length of a certain fhsize parameter, which allows local users to gain privileges via a crafted mount request.
by Patroklos Argyroudis
Microsoft MFC Library - Buffer Overflow
Stack-based buffer overflow in the UpdateFrameTitleForDocument method in the CFrameWnd class in mfc42.dll in the Microsoft Foundation Class (MFC) Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows context-dependent attackers to execute arbitrary code via a long window title that this library attempts to create at the request of an application, as demonstrated by the Trident PowerZip 7.2 Build 4010 application, aka "Windows MFC Document Title Updating Buffer Overflow Vulnerability."
by fl0 fl0w
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-3227. Reason: This candidate is a duplicate of CVE-2010-3227. Notes: All CVE users should reference CVE-2010-3227 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
by fl0 fl0w
Timhillone H264webcam - Resource Management Error
H264WebCam 3.7 allows remote attackers to cause a denial of service (crash) via a long URI in a GET request, which triggers a NULL pointer dereference. NOTE: some of these details are obtained from third party information.
by fl0 fl0w
Saschart Sascam Webcam Server < 2.7 - Improper Input Validation
Soft SaschArt SasCAM Webcam Server 2.6.5, 2.7, and earlier allows remote attackers to cause a denial of service (crash) via a large number of requests with a long line, as demonstrated using a long GET request.
by fl0 fl0w
SureThing CD Labeler - '.m3u/.pls' Unicode Stack Overflow
by mr_me
Adobe Photoshop CS4 <11.0.2 - Buffer Overflow
Multiple buffer overflows in Adobe Photoshop CS4 before 11.0.2 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) .ASL, (2) .ABR, or (3) .GRD file.
by LiquidWorm
Adobe Photoshop CS4 <11.0.2 - Buffer Overflow
Multiple buffer overflows in Adobe Photoshop CS4 before 11.0.2 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) .ASL, (2) .ABR, or (3) .GRD file.
by LiquidWorm
By Source