C Exploits

3,625 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-103634 EXPLOITDB c VERIFIED
Platinum SDK Library - POST UPnP 'sscanf' Buffer Overflow (PoC)
by n00b
CVE-2010-2963 EXPLOITDB c VERIFIED
Linux Kernel <2.6.36 - Privilege Escalation
drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device.
by Kees Cook
EIP-2026-118891 EXPLOITDB c VERIFIED
Microsoft Windows Vista - 'lpksetup.exe oci.dll' DLL Loading Arbitrary Code Execution
by Tyler Borland
EIP-2026-119048 EXPLOITDB c VERIFIED
PowerDVD 5.0.1107 - 'trigger.dll' DLL Loading Arbitrary Code Execution
by Inj3cti0n P4ck3t
EIP-2026-119034 EXPLOITDB c VERIFIED
Phoenix Project Manager 2.1.0.8 - DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
EIP-2026-118389 EXPLOITDB c VERIFIED
Cool iPhone Ringtone Maker 2.2.3 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
CVE-2010-3904 EXPLOITDB HIGH c VERIFIED
Reliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.
by Dan Rosenberg
CVSS 7.8
EIP-2026-119168 EXPLOITDB c VERIFIED
STDU Explorer 1.0.201 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
EIP-2026-118218 EXPLOITDB c VERIFIED
1CLICK DVD Converter 2.1.7.1 - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
by anT!-Tr0J4n
EIP-2026-119218 EXPLOITDB c VERIFIED
Torrent DVD Creator - 'quserex.dll' DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
EIP-2026-118957 EXPLOITDB c VERIFIED
NetStumbler 0.4 - 'mfc71esn.dll' DLL Loading Arbitrary Code Execution
by Pepelux
EIP-2026-118870 EXPLOITDB c VERIFIED
Microsoft Visio 2007 - 'mfc80esn.dll' DLL Loading Arbitrary Code Execution
by Pepelux
EIP-2026-118701 EXPLOITDB c VERIFIED
IsoBuster 2.7 - 'wnaspi32.dll' DLL Loading Arbitrary Code Execution
by Pepelux
EIP-2026-118238 EXPLOITDB c VERIFIED
Adobe Dreamweaver CS4 - 'mfc80esn.dll' DLL Loading Arbitrary Code Execution
by Pepelux
EIP-2026-118446 EXPLOITDB c VERIFIED
Dupehunter Professional 9.0.0.3911 - 'Fwpuclnt.dll' DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
CVE-2010-4210 EXPLOITDB HIGH c VERIFIED
FreeBSD 7.x < 7.3-RELEASE and 8.x < 8.0-RC1 - DoS and Memory Overwrite via pfs_getextattr
The pfs_getextattr function in FreeBSD 7.x before 7.3-RELEASE and 8.x before 8.0-RC1 unlocks a mutex that was not previously locked, which allows local users to cause a denial of service (kernel panic), overwrite arbitrary memory locations, and possibly execute arbitrary code via vectors related to opening a file on a file system that uses pseudofs.
by Babcia Padlina
CVSS 7.8
EIP-2026-116849 EXPLOITDB c VERIFIED
AudioTran 1.4.2.4 - SafeSEH + SEHOP
by x90c
CVE-2010-2943 EXPLOITDB HIGH c VERIFIED
Linux kernel <2.6.35 - Info Disclosure
The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.
by Red Hat
CVSS 8.1
CVE-2010-3437 EXPLOITDB c VERIFIED
Linux kernel <2.6.36-rc6 - Info Disclosure/DoS
Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call.
by Jon Oberheide
EIP-2026-119259 EXPLOITDB c VERIFIED
VirIT eXplorer 6.7.43 - 'tg-scan.dll' DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
EIP-2026-119163 EXPLOITDB c VERIFIED
Sothink SWF Decompiler - 'dwmapi.dll' DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
EIP-2026-118624 EXPLOITDB c VERIFIED
GreenBrowser - 'RSRC32.dll' DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
EIP-2026-118476 EXPLOITDB c VERIFIED
Easy Office Recovery - 'dwmapi.dll' DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
EIP-2026-119179 EXPLOITDB c VERIFIED
SWiSH Max3 - DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
CVE-2010-3301 EXPLOITDB c VERIFIED
Linux kernel <2.6.36-rc4-git2 - Privilege Escalation
The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-bounds access to the system call table using the %rax register. NOTE: this vulnerability exists because of a CVE-2007-4573 regression.
by ben hawkes
By Source
All 3,625 Writeup 62,188 Exploitdb 50,076 Nomisec 22,383 Github 3,590 Metasploit 3,311 Vulncheck_xdb 927 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,552 ruby 6,001 c 3,625 perl 2,849 html 2,074 php 1,333 bash 462 java 370 c++ 260 javascript 229 shell 131 go 73 postscript 25 typescript 25