Exploitdb Exploits
3,149 exploits tracked across all sources.
Microsoft Windows - Memory Corruption
Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application, aka "Windows Kernel Double Free Vulnerability."
by Tavis Ormandy
NewsGator FeedDemon <2.7 - Buffer Overflow
Stack-based buffer overflow in NewsGator FeedDemon 2.7 and earlier allows user-assisted remote attackers to execute arbitrary code via a long text attribute in an outline element in a .opml file.
by fl0 fl0w
Linux Kernel < 2.6.33 - Denial of Service
The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set.
by spender
SUN Opensolaris - Improper Input Validation
The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision.
by Patroklos Argyroudis
Qihoo 360 Security Guard 6.1.5.1009 - breg device drivers Privilege Escalation
by anonymous
DeepBurner pro 1.9.0.228 - '.dbr' file Buffer Overflow (Universal)
by fl0 fl0w
Rising-global Rising Antivirus - Improper Input Validation
Beijing Rising International Rising Antivirus 2008 through 2010 does not properly validate input to certain IOCTLs, including 0x83003C07, which allows local users to gain privileges via crafted IOCTL requests to the (1) HookCont.sys, (2) HookNtos.sys, (3) HOOKREG.sys, or (4) HookSys.sys device driver; or the (5) RsNTGdi.sys kernel module, reachable through \Device\RSNTGDI.
by Dlrow
Authentium SafeCentral 2.6 - 'shdrv.sys' Local Kernel Ring0 SYSTEM
by mu-b
Videolan Vlc Media Player - Memory Corruption
Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows user-assisted remote attackers to execute arbitrary code via an ogg file with a crafted Advanced SubStation Alpha Subtitle (.ass) file, probably involving the Dialogue field.
by fl0 fl0w
Sub Station Alpha 4.08 - '.rt' Local Buffer Overflow (PoC)
by fl0 fl0w
Apple Itunes < 8.1.1 - Memory Corruption
Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon.
by Simo36
Winamp 5.05 < 5.13 - '.ini' Local Stack Buffer Overflow
by fl0 fl0w
HTMLDOC 1.9.x-r1629 (Windows x86) - '.html' Local Buffer Overflow
by fl0 fl0w
Array index error - DoS
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
by Maksymilian Arciemowicz
PlayMeNow (Windows XP SP2 French) - '.M3U' Playlist Buffer Overflow
by bibi-info
Mini-stream Ripper - Memory Corruption
Stack-based buffer overflow in Mini-Stream Ripper 3.0.1.1 allows remote attackers to execute arbitrary code via a long entry in a .pls file.
by mr_me
Mini-stream Castripper - Memory Corruption
Stack-based buffer overflow in Mini-stream CastRipper 2.50.70 allows remote attackers to execute arbitrary code via a long entry in a .m3u file, a different vector than CVE-2009-5137.
by bibi-info
Mini-stream Easy RM TO Mp3 Converter - Memory Corruption
Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary code via a long filename in a playlist (.pls) file.
by bibi-info
Linux Kernel 2.6.18 < 2.6.18-20 - Local Privilege Escalation
by DigitALL
Alliedtelesyn At-tftp < 1.9 - Buffer Overflow
Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.
by Socket_0x03
Linux kernel <2.6.33-rc4 - Privilege Escalation
Use-after-free vulnerability in the fasync_helper function in fs/fcntl.c in the Linux kernel before 2.6.33-rc4-git1 allows local users to gain privileges via vectors that include enabling O_ASYNC (aka FASYNC or FIOASYNC) on a locked file, and then closing this file.
by Tavis Ormandy
Jasc Paint Shop Pro 8.10 - Buffer Overflow
Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel Paint Shop Pro) allows user-assisted remote attackers to execute arbitrary code via a crafted PNG file. NOTE: this might be the same issue as CVE-2007-2366.
by fl0 fl0w
By Source