Exploitdb Exploits

3,138 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-118620 EXPLOITDB c VERIFIED
Green Dam - Remote Change System Time
by Anti GD
CVE-2009-2227 EXPLOITDB c VERIFIED
B Labs Bopup Comm Server <3.2.26.5460 - Buffer Overflow
Stack-based buffer overflow in B Labs Bopup Communication Server 3.2.26.5460 allows remote attackers to execute arbitrary code via a crafted request to TCP port 19810.
by mu-b
CVE-2009-4832 EXPLOITDB c VERIFIED
DESlock+ 4.0.2 - Local Privilege Escalation via IOCTL 0x80012010 Request
The dlpcrypt.sys kernel driver 0.1.1.27 in DESlock+ 4.0.2 allows local users to gain privileges via a crafted IOCTL 0x80012010 request to the DLPCryptCore device.
by mu-b
EIP-2026-118655 EXPLOITDB c VERIFIED
httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files
by Jonathan Salwan
EIP-2026-104591 EXPLOITDB c VERIFIED
Apple Mac OSX xnu 1228.9.59 - Kernel Privilege Escalation
by mu-b
CVE-2009-2446 EXPLOITDB c VERIFIED
MySQL 4.0.0-5.0.83 - Authenticated Denial of Service via Format String in Database Name
Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in a database name in a (1) COM_CREATE_DB or (2) COM_DROP_DB request. NOTE: some of these details are obtained from third party information.
by kingcope
CVE-2009-1386 EXPLOITDB c VERIFIED
OpenSSL < 0.9.8i - Denial of Service via DTLS ChangeCipherSpec Packet
ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
by Jon Oberheide
EIP-2026-116832 EXPLOITDB c VERIFIED
Atomix Virtual Dj Pro 6.0 - Local Stack Buffer Overflow (SEH)
by fl0 fl0w
CVE-2009-5029 EXPLOITDB c VERIFIED
glibc < 2.15 - Integer Overflow in __tzfile_read via Crafted Timezone File
Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.
by dividead
CVE-2009-1961 EXPLOITDB MEDIUM c VERIFIED
Linux Kernel < 2.6.19 - Denial of Service via Inode Double Locking Deadlock
The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions.
by Miklos Szeredi
CVSS 4.7
CVE-2009-1831 EXPLOITDB c VERIFIED
Nullsoft Winamp < 5.552 - Remote Code Execution via Crafted MAKI File
The Nullsoft Modern Skins Support module (gen_ff.dll) in Nullsoft Winamp before 5.552 allows remote attackers to execute arbitrary code via a crafted MAKI file, which triggers an incorrect sign extension, an integer overflow, and a stack-based buffer overflow.
by n00b
CVE-2009-1831 EXPLOITDB c VERIFIED
Nullsoft Winamp < 5.552 - Remote Code Execution via Crafted MAKI File
The Nullsoft Modern Skins Support module (gen_ff.dll) in Nullsoft Winamp before 5.552 allows remote attackers to execute arbitrary code via a crafted MAKI file, which triggers an incorrect sign extension, an integer overflow, and a stack-based buffer overflow.
by n00b
CVE-2009-1378 EXPLOITDB c VERIFIED
OpenSSL 0.9.8-0.9.8k - Denial of Service via DTLS Fragment Handling Memory Leak
Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak."
by Jon Oberheide
CVE-2009-1379 EXPLOITDB c VERIFIED
OpenSSL 1.0.0 Beta 2 - Use-After-Free in DTLS Fragment Retrieval
Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate.
by Jon Oberheide
EIP-2026-102905 EXPLOITDB c VERIFIED
Linux Kernel 2.6.29 - 'ptrace_attach()' Race Condition Privilege Escalation
by prdelka
CVE-2009-1574 EXPLOITDB c VERIFIED
ipsec-tools < 0.7.2 - Denial of Service via Crafted Fragmented Packets
racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference.
by mu-b
CVE-2009-1527 EXPLOITDB c VERIFIED
Linux Kernel < 2.6.30-rc4 - Privilege Escalation via PTRACE_ATTACH Race Condition
Race condition in the ptrace_attach function in kernel/ptrace.c in the Linux kernel before 2.6.30-rc4 allows local users to gain privileges via a PTRACE_ATTACH ptrace call during an exec system call that is launching a setuid application, related to locking an incorrect cred_exec_mutex object.
by s0m3b0dy
CVE-2009-1668 EXPLOITDB c VERIFIED
TYPSoft FTP Server 1.11 - Denial of Service via ABOR Command
TYPSoft FTP Server 1.11 allows remote attackers to cause a denial of service (CPU consumption) by sending an ABOR (abort) command without an active file transfer.
by Jonathan Salwan
EIP-2026-114712 EXPLOITDB c VERIFIED
Solaris 10 / OpenSolaris - 'fasttrap' Local Kernel Denial of Service (PoC)
by mu-b
CVE-2009-1478 EXPLOITDB c VERIFIED
OpenSolaris < snv_114 - Denial of Service via DTrace ioctl Handlers
Multiple unspecified vulnerabilities in the DTrace ioctl handlers in Sun Solaris 10, and OpenSolaris before snv_114, allow local users to cause a denial of service (panic) via unknown vectors.
by mu-b
CVE-2009-1416 EXPLOITDB c VERIFIED
GnuTLS 2.5.0-2.6.5 - Invalid DSA Key Generation via RSA Key Storage
lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates RSA keys stored in DSA structures, instead of the intended DSA keys, which might allow remote attackers to spoof signatures on certificates or have unspecified other impact by leveraging an invalid DSA key.
by Miroslav Kratochvil
CVE-2009-1185 EXPLOITDB c VERIFIED
udev < 141 - Privilege Escalation via Unverified NETLINK Message
udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.
by Jon Oberheide
CVE-2009-1415 EXPLOITDB c VERIFIED
GnuTLS < 2.6.6 - Denial of Service via Invalid DSA Signature Handling
lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly handle invalid DSA signatures, which allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a malformed DSA key that triggers a (1) free of an uninitialized pointer or (2) double free.
by Miroslav Kratochvil
EIP-2026-113366 EXPLOITDB c VERIFIED
webSPELL 4.2.0d (Linux) - Local File Disclosure
by StAkeR
CVE-2009-0065 EXPLOITDB c VERIFIED
Linux kernel <2.6.28 - Buffer Overflow
Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID.
by sgrakkyu
By Source
All 3,138 Writeup 62,043 Exploitdb 50,076 Nomisec 22,336 Github 3,517 Metasploit 3,299 Vulncheck_xdb 927 Inthewild 514 Gitlab 470 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,515 ruby 5,989 c 3,622 perl 2,849 html 2,072 php 1,332 bash 462 java 370 c++ 257 javascript 228 shell 130 go 72 postscript 25 typescript 25