Exploitdb Exploits

3,149 exploits tracked across all sources.

Sort: Activity Stars
CVE-2008-5121 EXPLOITDB c VERIFIED
Citrix Deterministic Network Enhancer - Access Control
dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \\.\DNE device interface.
by mu-b
CVE-2008-6702 EXPLOITDB c VERIFIED
Stalker-game S.t.a.l.k.e.r. < 1.0006 - Improper Input Validation
S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (crash) via a long nickname, which triggers an exception.
by Luigi Auriemma
EIP-2026-117979 EXPLOITDB c VERIFIED
Symantec Altiris Client Service 6.8.378 - Local Privilege Escalation
by Alex Hernandez
EIP-2026-117719 EXPLOITDB c VERIFIED
Open Office.org 2.31 - swriter Local Code Execution
by Marsu
CVE-2007-6682 EXPLOITDB c VERIFIED
VLC 0.8.6d - RCE
Format string vulnerability in the httpd_FileCallBack function (network/httpd.c) in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via format string specifiers in the Connection parameter.
by EpiBite
CVE-2008-1084 EXPLOITDB c VERIFIED
Microsoft Windows - RCE
Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, through Vista SP1, and Server 2008 allows local users to execute arbitrary code via unknown vectors related to improper input validation. NOTE: it was later reported that one affected function is NtUserFnOUTSTRING in win32k.sys.
by Whitecell
CVE-2008-1996 EXPLOITDB c VERIFIED
licq <1.3.6 - DoS
licq before 1.3.6 allows remote attackers to cause a denial of service (file-descriptor exhaustion and application crash) via a large number of connections.
by Milen Rangelov
CVE-2008-6558 EXPLOITDB c VERIFIED
SCO Unixware - Improper Input Validation
Untrusted search path vulnerability in (1) hvdisp and (2) rcvm in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges by modifying the RELIANT_PATH environment variable to point to a malicious bin/hvenv program.
by qaaz
CVE-2008-6559 EXPLOITDB c VERIFIED
SCO Reliantha - Improper Input Validation
Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges via a crafted -d argument that contains .. (dot dot) sequences that point to a directory containing a file whose name includes shell metacharacters.
by qaaz
CVE-2008-6519 EXPLOITDB c VERIFIED
Imatix Xitami - Format String Vulnerability
Format string vulnerability in Xitami Web Server 2.2a through 2.5c2, and possibly other versions, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via format string specifiers in a Long Running Web Process (LRWP) request, which triggers incorrect logging code involving the sendfmt function in the SMT kernel.
by bratax
CVE-2007-6258 EXPLOITDB c VERIFIED
mod_jk2 <2.0.3-DEV - RCE
Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header.
by Heretic2
CVE-2008-1391 EXPLOITDB c VERIFIED
NetBSD 4.x-FreeBSD 6.x-7.x - RCE
Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to (1) the strfmon function in lib/libc/stdlib/strfmon.c, related to the GET_NUMBER macro; and (2) the printf function, related to left_prec and right_prec.
by Maksymilian Arciemowicz
CVE-2008-1482 EXPLOITDB c VERIFIED
xine-lib <1.1.11 - RCE
Multiple integer overflows in xine-lib 1.1.11 and earlier allow remote attackers to trigger heap-based buffer overflows and possibly execute arbitrary code via (1) a crafted .FLV file, which triggers an overflow in demuxers/demux_flv.c; (2) a crafted .MOV file, which triggers an overflow in demuxers/demux_qt.c; (3) a crafted .RM file, which triggers an overflow in demuxers/demux_real.c; (4) a crafted .MVE file, which triggers an overflow in demuxers/demux_wc3movie.c; (5) a crafted .MKV file, which triggers an overflow in demuxers/ebml.c; or (6) a crafted .CAK file, which triggers an overflow in demuxers/demux_film.c.
by Luigi Auriemma
CVE-2008-1480 EXPLOITDB c VERIFIED
Sun Solaris 10 - DoS
rpc.metad in Sun Solaris 10 allows remote attackers to cause a denial of service (daemon crash) via a malformed RPC request.
by kingcope
CVE-2007-5225 EXPLOITDB c VERIFIED
Sunos - Numeric Error
Integer signedness error in FIFO filesystems (named pipes) on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the I_PEEK ioctl.
by Marco Ivaldi
EIP-2026-117887 EXPLOITDB c VERIFIED
SafeGuard PrivateDisk 2.0/2.3 - 'privatediskm.sys' Multiple Local Security Bypass Vulnerabilities
by mu-b
EIP-2026-114856 EXPLOITDB c VERIFIED
ADI Convergence Galaxy FTP Server Password - Remote Denial of Service
by Maks M
EIP-2026-102599 EXPLOITDB c VERIFIED
Galaxy FTP Server 1.0 (Neostrada Livebox DSL Router) - Denial of Service
by 0in
CVE-2008-0411 EXPLOITDB c VERIFIED
Ghostscript < 8.61 - Memory Corruption
Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.
by Will Drewry
CVE-2008-0177 EXPLOITDB c VERIFIED
Kame Ipcomp - Denial of Service
The ipcomp6_input function in sys/netinet6/ipcomp_input.c in the KAME project before 20071201 does not properly check the return value of the m_pulldown function, which allows remote attackers to cause a denial of service (system crash) via an IPv6 packet with an IPComp header.
by mu-b
EIP-2026-102892 EXPLOITDB c
Libmodplug - 's3m' Buffer Overflow
by dummy
CVE-2008-1139 EXPLOITDB c VERIFIED
DESlock+ <3.2.6 - Privilege Escalation
DESlock+ 3.2.6 and earlier, when DLMFENC.sys 1.0.0.26 and DLMFDISK.sys 1.2.0.27 are present, allows local users to gain privileges via a certain DLMFENC_IOCTL request to \\.\DLKPFSD_Device that overwrites a pointer, aka the "ring0 link list zero SYSTEM" vulnerability.
by mu-b
CVE-2008-1141 EXPLOITDB c VERIFIED
DLMFENC.sys <1.0.0.26 - DoS
Memory leak in DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users to cause a denial of service (kernel memory consumption) via a series of DLMFENC_IOCTL requests to \\.\DLKPFSD_Device that allocate "link list structures."
by mu-b
CVE-2008-1140 EXPLOITDB c VERIFIED
DLMFDISK.sys 1.2.0.27 - Privilege Escalation
DLMFDISK.sys 1.2.0.27 in DESlock+ 3.2.6 and earlier allows local users to gain privileges via a certain DLKFDISK_IOCTL request to \\.\DLKFDisk_Control that overwrites a data structure associated with a mounted pseudo-filesystem, aka the "ring0 SYSTEM" vulnerability.
by mu-b
CVE-2008-1138 EXPLOITDB c VERIFIED
DLMFENC.sys 1.0.0.26 - DoS
DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users to cause a denial of service (system crash) via a certain ZERO_MEM DLMFENC_IOCTL request to \\.\DLKPFSD_Device, aka the "ring0 link list zero" vulnerability.
by mu-b
By Source
All 3,149 Exploitdb 50,121 Writeup 46,662 Nomisec 21,135 Metasploit 3,189 Github 2,237 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,731 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 260 c++ 246 shell 68 go 41 postscript 25 xml 24