Exploitdb Exploits
3,138 exploits tracked across all sources.
Linux Kernel < 2.6.31.6 - Denial of Service via do_mmap_pgoff Memory Allocation
The do_mmap_pgoff function in mm/nommu.c in the Linux kernel before 2.6.31.6, when the CPU lacks a memory management unit, allows local users to cause a denial of service (OOPS) via an application that attempts to allocate a large amount of memory.
by David Howells
Apple Mac OSX 10.5.6/10.5.7 - ptrace mutex Denial of Service
by prdelka
Apple Mac OSX 10.5.x - 'ptrace' Mutex Handling Local Denial of Service
by Micheal Turner
Linux Kernel < 2.6.32-rc6 - Race Condition in Pipe Handling via /proc/*/fd/ Pathname
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
by teach & xipe
CVSS 7.0
Linux Kernel < 2.6.32-rc6 - Race Condition in Pipe Handling via /proc/*/fd/ Pathname
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
by teach & xipe
CVSS 7.0
Mthree Development MP3 to WAV Decoder - '.mp3' Remote Buffer Overflow
by 4m!n
Linux Kernel < 2.6.31 - Denial of Service via NFSv4 Server Response with Incorrect File Attributes
The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state.
by Simon Vallet
FreeBSD 6.3-6.4 - Race Condition in Pipe Close Function
Race condition in the Pipe (IPC) close function in FreeBSD 6.3 and 6.4 allows local users to cause a denial of service (crash) or gain privileges via vectors related to kqueues, which triggers a use after free, leading to a NULL pointer dereference or memory corruption.
by Przemyslaw Frasunek
BulletProof FTP Client - Buffer Overflow
Stack-based buffer overflow in BulletProof FTP Client allows user-assisted attackers to execute arbitrary code via a .bps file (aka Session-File) with a long second line, possibly a related issue to CVE-2008-5753.
by Rafa De Sousa
VMware Fusion < 2.0.6 - Privilege Escalation via Incorrect File Permissions
The vmx86 kernel extension in VMware Fusion before 2.0.6 build 196839 does not use correct file permissions, which allows host OS users to gain privileges on the host OS via unspecified vectors.
by mu-b
VMware Fusion 2.0.5 - vmx86 kext Local Buffer Overflow (PoC)
by mu-b
Kaspersky Anti-Virus <9.0.0.736 - DoS
kl1.sys in Kaspersky Anti-Virus 2010 9.0.0.463, and possibly other versions before 9.0.0.736, does not properly validate input to IOCTL 0x0022c008, which allows local users to cause a denial of service (system crash) via IOCTL requests using crafted kernel addresses that trigger memory corruption, possibly related to klavemu.kdl.
by Heurs
Notepad++ 5.4.5 - '.C' / '.CPP' Local Stack Buffer Overflow (PoC)
by fl0 fl0w
NetBSD <5.0.1 - Privilege Escalation
The kernel in NetBSD, probably 5.0.1 and earlier, on x86 platforms does not properly handle a pre-commit failure of the iret instruction, which might allow local users to gain privileges via vectors related to a tempEIP pseudocode variable that is outside of the code-segment limits.
by Tavis Ormandy
Hero Super Player 3000 - Buffer Overflow
Buffer overflow in Hero Super Player 3000 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in a .M3U file. NOTE: this might be related to CVE-2008-4504.
by fl0 fl0w
Ipswitch IMail <2006.21 - Buffer Overflow
Multiple buffer overflows in Ipswitch IMail before 2006.21 allow remote attackers or authenticated users to execute arbitrary code via (1) the authentication feature in IMailsec.dll, which triggers heap corruption in the IMail Server, or (2) a long SUBSCRIBE IMAP command, which triggers a stack-based buffer overflow in the IMAP Daemon.
by dmc
Cerberus FTP Server 3.0.3 - Remote Denial of Service
by Single Eye
HTMLDOC 1.8.27 - '.html' File Handling Stack Buffer Overflow
by Pankaj Kohli
GemStone/S 6.3.1 - 'stoned' Local Buffer Overflow
by Jeremy Brown
Zeroboard 4.1 pl7 - Remote Code Execution via Crafted Parameter Name
lib.php in Zeroboard 4.1 pl7 allows remote attackers to execute arbitrary PHP code via a crafted parameter name, possibly related to now_connect.php.
by SpeeDr00t
Linux Kernel <2.6.19 - Privilege Escalation
The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.
by Andi
CVSS 7.8
By Source