Exploitdb Exploits

3,138 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-103190 EXPLOITDB c VERIFIED
PeerCast 0.1216 - 'nextCGIarg' Remote Buffer Overflow (1)
by prdelka
CVE-2006-1147 EXPLOITDB c VERIFIED
Alien Arena 2006 Gold Edition 5.00 - DoS
The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold Edition 5.00 does not properly NULL terminate certain long strings, which allows remote attackers (possibly authenticated) to cause a denial of service (application crash) via a long skin, weapon, or model name.
by Luigi Auriemma
CVE-2006-1103 EXPLOITDB c VERIFIED
Sauerbraten 2006_02_28 - Denial of Service via Incomplete Client Join Timeout
engine/server.cpp in Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial of service (segmentation fault) via a client that does not completely join the game and times out, which results in a null pointer dereference.
by Luigi Auriemma
EIP-2026-115553 EXPLOITDB c VERIFIED
LieroX 0.62b - Remote Server/Client Denial of Service
by Luigi Auriemma
CVE-2006-0047 EXPLOITDB c VERIFIED
Freeciv < 2.0.8 - Denial of Service via Crafted Packets with Negative Compressed Size
packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values.
by Luigi Auriemma
CVE-2006-1101 EXPLOITDB c VERIFIED
Sauerbraten Cube - Denial of Service via Long Input Stream in sgetstr and getint Functions
The (1) sgetstr and (2) getint functions in Sauerbraten 2006_02_28, as derived from the Cube engine, allow remote attackers to cause a denial of service (segmentation fault) via long streams of input data that trigger an out-of-bounds read, as demonstrated using SV_EXT tag data in the Cube engine, which is not properly handled by getint.
by Luigi Auriemma
CVE-2006-1043 EXPLOITDB c VERIFIED
Microsoft Visual Studio and Visual InterDev - Stack-based Buffer Overflow via Long DataProject Field
Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 allows user-assisted attackers to execute arbitrary code via a long DataProject field in a (1) Visual Studio Database Project File (.dbp) or (2) Visual Studio Solution (.sln).
by Kozan
CVE-2005-1544 EXPLOITDB c VERIFIED
libtiff - Stack-based Buffer Overflow via Malformed BitsPerSample Tag
Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to execute arbitrary code via a TIFF file with a malformed BitsPerSample tag.
by Agustin Gianni
CVE-2006-1010 EXPLOITDB c VERIFIED
CrossFire - Buffer Overflow in socket/request.c
Buffer overflow in socket/request.c in CrossFire before 1.9.0, when oldsocketmode is enabled, allows remote attackers to cause a denial of service (segmentation fault) and possibly execute code by sending the server a large request.
by Luigi Auriemma
CVE-2005-2934 EXPLOITDB c VERIFIED
SCO UnixWare <7.1.4 - Privilege Escalation
Unspecified vulnerability in ptrace in SCO UnixWare 7.1.3 and 7.1.4 allows local users to gain privileges via unspecified vectors.
by prdelka
CVE-2006-1090 EXPLOITDB c VERIFIED
PunBB 1.2.10 - Denial of Service via User Registration Flood
register.php in PunBB 1.2.10 allows remote attackers to cause an unspecified denial of service via a flood of new user registrations.
by K4P0
EIP-2026-102930 EXPLOITDB c VERIFIED
MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Dynamic Library (2)
by Marco Ivaldi
CVE-2005-1219 EXPLOITDB c VERIFIED
Microsoft Color Management Module - RCE
Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags.
by darkeagle
CVE-2006-0784 EXPLOITDB c VERIFIED
D-Link DWL-G700AP 2.00-2.01 - Denial of Service via Malformed HTTP Request
D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote attackers to cause a denial of service (CAMEO HTTP service crash) via a request composed of "GET" followed by a space and two newlines, possibly triggering the crash due to missing arguments.
by l0om
CVE-2005-4723 EXPLOITDB c VERIFIED
D-Link DI-524, DI-624, and DI-784 - Denial of Service via Crafted Fragmented UDP Packets
D-Link DI-524 Wireless Router, DI-624 Wireless Router, and DI-784 allow remote attackers to cause a denial of service (device reboot) via a series of crafted fragmented UDP packets, possibly involving a missing fragment.
by Aaron Portnoy
EIP-2026-117517 EXPLOITDB c VERIFIED
Microsoft Windows - ACLs Privilege Escalation (2)
by Andres Tarasco
CVE-2009-0133 EXPLOITDB c VERIFIED
Microsoft HTML Help Workshop <4.74 - Buffer Overflow
Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier allows context-dependent attackers to execute arbitrary code via a .hhp file with a long "Index file" field, possibly a related issue to CVE-2006-0564.
by k3xji
CVE-2006-0681 EXPLOITDB c VERIFIED
Power Daemon < 2.0.2 - Remote Code Execution via Format String in WHATIDO Variable
Format string vulnerability in powerd.c in Power Daemon (powerd) 2.0.2 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the WHATIDO variable.
by Gotfault Security
CVE-2005-4714 EXPLOITDB c VERIFIED
OpenVMPS 1.3 - Remote Code Execution via Format String in vmps_log
Format string vulnerability in the vmps_log function in OpenVMPS (VLAN Management Policy Server) 1.3 allows remote attackers to execute arbitrary code via unknown vectors.
by Gotfault Security
CVE-2009-0133 EXPLOITDB c VERIFIED
Microsoft HTML Help Workshop <4.74 - Buffer Overflow
Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier allows context-dependent attackers to execute arbitrary code via a .hhp file with a long "Index file" field, possibly a related issue to CVE-2006-0564.
by bratax
CVE-2006-0671 EXPLOITDB c VERIFIED
Sony Ericsson K600i V600i W800i T68i - Denial of Service via Malformed L2CAP Packet
Buffer overflow in Sony Ericsson K600i, V600i, W800i, and T68i cell phone allows remote attackers to cause a denial of service (reboot or shutdown) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet whose length field is less than the actual length of the packet.
by Pierre Betouin
CVE-2002-0256 EXPLOITDB c VERIFIED
Arescom NetDSL 1000 - Denial of Service via Telnet Connection Flood
The telnet port in Arescom NetDSL 1000 router allows remote attackers to cause a denial of service via a series of connections with long strings, which causes a large number of login failures and causes the telnet service to stop.
by Fabian Ramirez
EIP-2026-103221 EXPLOITDB c VERIFIED
SHOUTcast 1.9.4 - File Request 'Leaked' Format String
by crash-x
CVE-2006-0331 EXPLOITDB c VERIFIED
Change passwd 3.1 - Buffer Overflow via Long Command Line Arguments
Buffer overflow in Change passwd 3.1 (chpasswd) SquirrelMail plugin allows local users to execute arbitrary code via long command line arguments.
by rod hedor
CVE-2006-0354 EXPLOITDB c VERIFIED
Cisco Aironet Wireless Access Points - Authenticated Denial of Service via ARP Table Exhaustion
Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number of spoofed ARP packets, which creates a large ARP table that exhausts memory, aka Bug ID CSCsc16644.
by Pasv
By Source
All 3,138 Writeup 62,204 Exploitdb 50,076 Nomisec 22,391 Github 3,608 Metasploit 3,311 Vulncheck_xdb 927 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,563 ruby 6,002 c 3,626 perl 2,849 html 2,075 php 1,333 bash 462 java 370 c++ 260 javascript 229 shell 131 go 73 postscript 25 typescript 25