Exploitdb Exploits

3,138 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-0415 EXPLOITDB c
Linux Kernel < 2.6.33 - Arbitrary Kernel Memory Read and Denial of Service via Invalid Node Values
The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel's node set.
by spender
CVE-2010-0453 EXPLOITDB c
OpenSolaris snv_69-snv_133 - Denial of Service via UCODE_GET_VERSION IOCTL
The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running on x86 architectures, allows local users to cause a denial of service (panic) via a request with a 0 size value to the UCODE_GET_VERSION IOCTL, which triggers a NULL pointer dereference in the ucode_get_rev function, related to retrieval of the microcode revision.
by Patroklos Argyroudis
EIP-2026-117804 EXPLOITDB c
Qihoo 360 Security Guard 6.1.5.1009 - breg device drivers Privilege Escalation
by anonymous
EIP-2026-117024 EXPLOITDB c VERIFIED
DeepBurner pro 1.9.0.228 - '.dbr' file Buffer Overflow (Universal)
by fl0 fl0w
CVE-2010-1591 EXPLOITDB c
Beijing Rising International Rising Antivirus 2008-2010 - Privilege Escalation via IOCTL Input Validation
Beijing Rising International Rising Antivirus 2008 through 2010 does not properly validate input to certain IOCTLs, including 0x83003C07, which allows local users to gain privileges via crafted IOCTL requests to the (1) HookCont.sys, (2) HookNtos.sys, (3) HOOKREG.sys, or (4) HookSys.sys device driver; or the (5) RsNTGdi.sys kernel module, reachable through \Device\RSNTGDI.
by Dlrow
EIP-2026-116850 EXPLOITDB c VERIFIED
Authentium SafeCentral 2.6 - 'shdrv.sys' Local Kernel Ring0 SYSTEM
by mu-b
CVE-2010-0364 EXPLOITDB c VERIFIED
VideoLAN VLC Media Player 0.8.6 - Stack-Based Buffer Overflow via Crafted Advanced SubStation Alpha Subtitle
Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows user-assisted remote attackers to execute arbitrary code via an ogg file with a crafted Advanced SubStation Alpha Subtitle (.ass) file, probably involving the Dialogue field.
by fl0 fl0w
EIP-2026-116341 EXPLOITDB c VERIFIED
Sub Station Alpha 4.08 - '.rt' Local Buffer Overflow (PoC)
by fl0 fl0w
CVE-2009-0950 EXPLOITDB c VERIFIED
Apple iTunes < 8.2 - Remote Code Execution via Long itms: URL Component
Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon.
by Simo36
EIP-2026-118104 EXPLOITDB c VERIFIED
Winamp 5.05 < 5.13 - '.ini' Local Stack Buffer Overflow
by fl0 fl0w
EIP-2026-119530 EXPLOITDB c VERIFIED
HTMLDOC 1.9.x-r1629 (Windows x86) - '.html' Local Buffer Overflow
by fl0 fl0w
CVE-2009-0689 EXPLOITDB c VERIFIED
K-Meleon 1.5.3 - Heap-Based Buffer Overflow via Large Precision Value in printf Format Argument
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
by Maksymilian Arciemowicz
EIP-2026-117777 EXPLOITDB c VERIFIED
PlayMeNow (Windows XP SP2 French) - '.M3U' Playlist Buffer Overflow
by bibi-info
CVE-2009-5109 EXPLOITDB c VERIFIED
Mini-Stream Ripper 3.0.1.1 - Stack-Based Buffer Overflow via .pls File
Stack-based buffer overflow in Mini-Stream Ripper 3.0.1.1 allows remote attackers to execute arbitrary code via a long entry in a .pls file.
by mr_me
CVE-2009-1667 EXPLOITDB c VERIFIED
Mini-stream CastRipper 2.50.70 - Stack-based Buffer Overflow via Long Entry in .m3u File
Stack-based buffer overflow in Mini-stream CastRipper 2.50.70 allows remote attackers to execute arbitrary code via a long entry in a .m3u file, a different vector than CVE-2009-5137.
by bibi-info
CVE-2009-1330 EXPLOITDB c VERIFIED
Easy RM to MP3 Converter - Stack-based Buffer Overflow via Long Filename in Playlist File
Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary code via a long filename in a playlist (.pls) file.
by bibi-info
EIP-2026-102903 EXPLOITDB c VERIFIED
Linux Kernel 2.6.18 < 2.6.18-20 - Local Privilege Escalation
by DigitALL
CVE-2006-6184 EXPLOITDB c
Allied Telesyn AT-TFTP < 1.9 - Stack-Based Buffer Overflow via Long Filename in GET or PUT Command
Multiple stack-based buffer overflows in Allied Telesyn TFTP Server (AT-TFTP) 1.9, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long filename in a (1) GET or (2) PUT command.
by Socket_0x03
EIP-2026-117781 EXPLOITDB c VERIFIED
PlayMeNow 7.3/7.4 - '.M3U' Playlist File Buffer
by Gr33nG0bL1n
CVE-2009-4141 EXPLOITDB c VERIFIED
Linux kernel <2.6.33-rc4 - Privilege Escalation
Use-after-free vulnerability in the fasync_helper function in fs/fcntl.c in the Linux kernel before 2.6.33-rc4-git1 allows local users to gain privileges via vectors that include enabling O_ASYNC (aka FASYNC or FIOASYNC) on a locked file, and then closing this file.
by Tavis Ormandy
CVE-2009-4251 EXPLOITDB c VERIFIED
Jasc Paint Shop Pro 8.10 - Buffer Overflow
Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel Paint Shop Pro) allows user-assisted remote attackers to execute arbitrary code via a crafted PNG file. NOTE: this might be the same issue as CVE-2007-2366.
by fl0 fl0w
CVE-2009-3522 EXPLOITDB c VERIFIED
avast! Home and Professional < 4.8.1356 - Local Privilege Escalation via IOCTL 0xb2c80018
Stack-based buffer overflow in aswMon2.sys in avast! Home and Professional for Windows 4.8.1351, and possibly other versions before 4.8.1356, allows local users to cause a denial of service (system crash) and possibly gain privileges via a crafted IOCTL request to IOCTL 0xb2c80018.
by Giuseppe
CVE-2009-4049 EXPLOITDB c VERIFIED
avast! Home and Professional 4.8.1356.0 - Memory Corruption
Heap-based buffer overflow in aswRdr.sys (aka the TDI RDR driver) in avast! Home and Professional 4.8.1356.0 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted arguments to IOCTL 0x80002024.
by Evilcry
EIP-2026-103786 EXPLOITDB c VERIFIED
Multiple Vendor - TLS Protocol Session Renegotiation Security
by Marsh Ray
CVE-2009-3621 EXPLOITDB MEDIUM c VERIFIED
Linux Kernel < 2.6.31.4 - Denial of Service via Abstract-Namespace AF_UNIX Socket
net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket.
by Tomoki Sekiyama
CVSS 5.5
By Source
All 3,138 Writeup 62,029 Exploitdb 50,076 Nomisec 22,334 Github 3,515 Metasploit 3,299 Vulncheck_xdb 927 Inthewild 514 Gitlab 470 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,514 ruby 5,989 c 3,622 perl 2,849 html 2,072 php 1,332 bash 462 java 370 c++ 257 javascript 228 shell 130 go 72 postscript 25 typescript 25