Exploitdb Exploits

3,138 exploits tracked across all sources.

Sort: Activity Stars
CVE-2006-5567 EXPLOITDB c VERIFIED
Nullsoft WinAmp - Heap-Based Buffer Overflow via Ultravox Protocol Handler or Lyrics3 Tags
Multiple heap-based buffer overflows in AOL Nullsoft WinAmp before 5.31 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) ultravox-max-msg header to the Ultravox protocol handler or (2) unspecified Lyrics3 tags.
by cocoruder
CVE-2006-5715 EXPLOITDB c VERIFIED
Easy File Sharing (EFS) Easy Address Book 1.2 - Info Disclosure
Easy File Sharing (EFS) Easy Address Book 1.2, when run on an NTFS file system, allows remote attackers to read arbitrary files under the web root by appending "::$DATA" to the end of an HTTP GET request, which accesses the alternate data stream.
by Greg Linares
EIP-2026-118969 EXPLOITDB c VERIFIED
Novell eDirectory 9.0 - 'DHost' Remote Buffer Overflow
by Expanders
CVE-2006-5714 EXPLOITDB c VERIFIED
Easy File Sharing EFS Web Server 4.0 - Info Disclosure
Easy File Sharing (EFS) Web Server 4.0, when running on an NTFS file system, allows remote attackers to read arbitrary files under the web root by appending "::$DATA" to the end of a HTTP GET request, which accesses the alternate data stream.
by Greg Linares
CVE-2006-5478 EXPLOITDB c VERIFIED
Novell eDirectory 8.x-8.8.x - Remote Code Execution via Long HTTP Host Header or Dot in Username
Multiple stack-based buffer overflows in Novell eDirectory 8.8.x before 8.8.1 FTF1, and 8.x up to 8.7.3.8, and Novell NetMail before 3.52e FTF2, allow remote attackers to execute arbitrary code via (1) a long HTTP Host header, which triggers an overflow in the BuildRedirectURL function; or vectors related to a username containing a . (dot) character in the (2) SMTP, (3) POP, (4) IMAP, (5) HTTP, or (6) Networked Messaging Application Protocol (NMAP) Netmail services.
by Expanders
CVE-2006-5551 EXPLOITDB c VERIFIED
qk_smtp < 3.0.1 - Remote Code Execution via RCPT TO Command
Stack-based buffer overflow in QK SMTP 3.01 and earlier might allow remote attackers to execute arbitrary code via a long argument to the RCPT TO command.
by Expanders
CVE-2006-5597 EXPLOITDB c VERIFIED
MiniHTTP Web Forum & File Server PowerPack 4.0 - RCE
join.asp in MiniHTTP Web Forum & File Server PowerPack 4.0 allows remote attackers to add or modify arbitrary user accounts via modified (1) frmMailBox and (2) frmUserPass parameters.
by Greg Linares
CVE-2006-5552 EXPLOITDB c VERIFIED
RevilloC MailServer <= 1.21 - Remote Code Execution via Long MAIL FROM or RCPT TO Argument
Multiple heap-based buffer overflows in RevilloC MailServer 1.21 and earlier allow remote attackers to cause a denial of service (CPU consumption or application crash) or execute arbitrary code via a long argument to the (1) MAIL FROM or (2) RCPT TO command.
by Greg Linares
CVE-2006-5596 EXPLOITDB c VERIFIED
AEP Smartgate 4.3b - Directory Traversal via HTTP GET Request
Directory traversal vulnerability in the SSL server in AEP Smartgate 4.3b allows remote attackers to download arbitrary files via ..\ (dot dot backslash) sequences in an HTTP GET request.
by prdelka
CVE-2006-5725 EXPLOITDB c VERIFIED
AEP Smartgate SSL Server 4.3b - Directory Existence Disclosure via HTTP Status Code
The SSL server in AEP Smartgate 4.3b allows remote attackers to determine existence of directories via a direct request for a directory URI, which returns different HTTP status codes for existing and non-existing directories.
by prdelka
CVE-2006-5568 EXPLOITDB c VERIFIED
FtpXQ Server 3.0.1 - Denial of Service via Long MKD Command
FtpXQ Server 3.0.1 allows remote attackers to cause a denial of service (CPU exhaustion) via a long MKD command.
by Federico Fazzi
CVE-2006-5557 EXPLOITDB c VERIFIED
HP-UX - Stack-based Buffer Overflow via Long -S Argument
Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long -S argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.
by prdelka
CVE-2006-5557 EXPLOITDB c VERIFIED
HP-UX - Stack-based Buffer Overflow via Long -S Argument
Stack-based buffer overflow in the (1) swpackage and (2) swmodify commands in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long -S argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.
by prdelka
CVE-2006-5558 EXPLOITDB c VERIFIED
HP-UX B.11.11 - Local Format String Vulnerability via swask -s Argument
Format string vulnerability in the swask command in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via format string specifiers in the -s argument. NOTE: this might be a duplicate of CVE-2006-2574, but the details relating to CVE-2006-2574 are too vague to be certain.
by prdelka
CVE-2006-5556 EXPLOITDB c VERIFIED
HP-UX B.11.11 - Buffer Overflow via Long TZ Environment Variable
Buffer overflow in the localtime_r function, and certain other functions, in libc in HP-UX B.11.11 and possibly other versions allows local users to execute arbitrary code via a long TZ environment variable.
by prdelka
EIP-2026-101206 EXPLOITDB c VERIFIED
Cisco VPN 3000 Concentrator 4.1.7/4.7.2 - 'FTP' Remote File System Access
by prdelka
CVE-2006-5550 EXPLOITDB c VERIFIED
FreeBSD 6.1 and OpenBSD 4.0 - Denial of Service via /dev/crypto ioctl Requests
The kernel in FreeBSD 6.1 and OpenBSD 4.0 allows local users to cause a denial of service via unspecified vectors involving certain ioctl requests to /dev/crypto.
by Evgeny Legerov
CVE-2006-5551 EXPLOITDB c VERIFIED
qk_smtp < 3.0.1 - Remote Code Execution via RCPT TO Command
Stack-based buffer overflow in QK SMTP 3.01 and earlier might allow remote attackers to execute arbitrary code via a long argument to the RCPT TO command.
by Greg Linares
CVE-2006-4379 EXPLOITDB c VERIFIED
Ipswitch Collaboration Suite, IMail, IMail Plus, and IMail Secure - Stack-Based Buffer Overflow via SMTP Daemon
Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary code via a long string located after an '@' character and before a ':' character.
by Greg Linares
CVE-2006-5379 EXPLOITDB c VERIFIED
NVIDIA Binary Graphics Driver <v8774,v8762 - RCE
The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.
by Rapid7 Security
EIP-2026-100951 EXPLOITDB c VERIFIED
FreeBSD 6.0/6.1 - Ftrucante Local Denial of Service
by Kirk Russell
EIP-2026-100950 EXPLOITDB c VERIFIED
FreeBSD 5.5/6.x - Scheduler Policy Local Denial of Service
by Diane Bruce
CVE-2006-5483 EXPLOITDB c VERIFIED
FreeBSD 6.1 - Denial of Service via Scheduler Policy Setting
p1003_1b.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by setting a scheduler policy, which should only be settable by root.
by kokanin
CVE-2006-5482 EXPLOITDB c VERIFIED
FreeBSD 6.1 - Denial of Service via ftruncate on Non-Standard File Types
ufs_vnops.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by calling the ftruncate function on a file type that is not VREG, VLNK or VDIR, which is not defined in POSIX.
by kokanin
EIP-2026-107906 EXPLOITDB c VERIFIED
Invision Gallery 2.0.7 (Linux) - 'readfile()' / SQL Injection
by ShadOS
By Source
All 3,138 Writeup 62,194 Exploitdb 50,076 Nomisec 22,389 Github 3,603 Metasploit 3,311 Vulncheck_xdb 927 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,561 ruby 6,002 c 3,626 perl 2,849 html 2,075 php 1,333 bash 462 java 370 c++ 260 javascript 229 shell 131 go 73 postscript 25 typescript 25