Exploitdb Exploits

3,149 exploits tracked across all sources.

Sort: Activity Stars
CVE-2006-0671 EXPLOITDB c VERIFIED
Sony Ericsson K600i - Buffer Overflow
Buffer overflow in Sony Ericsson K600i, V600i, W800i, and T68i cell phone allows remote attackers to cause a denial of service (reboot or shutdown) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet whose length field is less than the actual length of the packet.
by Pierre Betouin
CVE-2002-0256 EXPLOITDB c VERIFIED
Arescom Netdsl - Denial of Service
The telnet port in Arescom NetDSL 1000 router allows remote attackers to cause a denial of service via a series of connections with long strings, which causes a large number of login failures and causes the telnet service to stop.
by Fabian Ramirez
EIP-2026-103221 EXPLOITDB c VERIFIED
SHOUTcast 1.9.4 - File Request 'Leaked' Format String
by crash-x
CVE-2006-0331 EXPLOITDB c VERIFIED
Thiago Melo DE Paula Change Passwd - Buffer Overflow
Buffer overflow in Change passwd 3.1 (chpasswd) SquirrelMail plugin allows local users to execute arbitrary code via long command line arguments.
by rod hedor
CVE-2006-0354 EXPLOITDB c VERIFIED
Cisco Aironet Ap1100 - Resource Management Error
Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number of spoofed ARP packets, which creates a large ARP table that exhausts memory, aka Bug ID CSCsc16644.
by Pasv
EIP-2026-102832 EXPLOITDB c VERIFIED
Eterm LibAST < 0.7 - '-X' Option Privilege Escalation
by Johnny Mast
EIP-2026-103043 EXPLOITDB c VERIFIED
Xmame 0.102 - '-pb/-lang/-rec' Local Buffer Overflow
by sj
EIP-2026-114987 EXPLOITDB c VERIFIED
BitComet 0.60 - '.Torrent' File Handling Remote Buffer Overflow
by Dejun Meng
CVE-2005-0711 EXPLOITDB c VERIFIED
MySQL <4.0.24 or 4.1.11 - Info Disclosure
MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack.
by Marco Ivaldi
CVE-2006-0357 EXPLOITDB c VERIFIED
Grant Averett Cerberus FTP Server - Denial of Service
Grant Averett Cerberus FTP Server 2.32, and possibly earlier versions, allows remote attackers to cause an unspecified denial of service via a long string that does not contain a valid FTP command.
by pi3ch
EIP-2026-118872 EXPLOITDB c VERIFIED
Microsoft Windows - Metafile '.WMF' Arbitrary File Download (Generator)
by darkeagle
CVE-2006-0359 EXPLOITDB c VERIFIED
Counterpath Eyebeam Sip Softphone - Memory Corruption
Buffer overflow in CounterPath eyeBeam SIP Softphone allows remote attackers to (1) cause a denial of service (device crash) via SIP INVITE commands with a long header field name sent during startup and (2) cause a denial of service (device hang or crash) via SIP INVITE commands with a long header field name sent during a call.
by ZwelL
CVE-2006-0355 EXPLOITDB c VERIFIED
Helmsman Research Homeftp - Denial of Service
Helmsman Research (aka CoolUtils) HomeFtp 1.1 allows remote attackers to cause an unspecified denial of service via a long USER command combined with a long PASS command and an NLST command.
by pi3ch
CVE-2006-0176 EXPLOITDB c VERIFIED
Xmame - Buffer Overflow
Buffer overflow in certain functions in src/fileio.c and src/unix/fileio.c in xmame before 11 January 2006 may allow local users to gain privileges via a long (1) -lang, (2) -ctrlr, (3) -pb, or (4) -rec argument on many operating systems, and via a long (5) -jdev argument on Ubuntu Linux.
by Qnix
CVE-2006-0189 EXPLOITDB c VERIFIED
Estara Softphone - Buffer Overflow
Buffer overflow in eStara Softphone 3.0.1.14 through 3.0.1.46 allows remote attackers to execute arbitrary code via a long attribute (aka "a") field in the SDP data of a SIP packet on UDP port 5060.
by ZwelL
CVE-2006-0359 EXPLOITDB c VERIFIED
Counterpath Eyebeam Sip Softphone - Memory Corruption
Buffer overflow in CounterPath eyeBeam SIP Softphone allows remote attackers to (1) cause a denial of service (device crash) via SIP INVITE commands with a long header field name sent during startup and (2) cause a denial of service (device hang or crash) via SIP INVITE commands with a long header field name sent during a call.
by ZwelL
CVE-2005-2827 EXPLOITDB c VERIFIED
Windows NT 4.0-2000 - Memory Corruption
The thread termination routine in the kernel for Windows NT 4.0 and 2000 (NTOSKRNL.EXE) allows local users to modify kernel memory and execution flow via steps in which a terminating thread causes Asynchronous Procedure Call (APC) entries to free the wrong data, aka the "Windows Kernel Vulnerability."
by SoBeIt
CVE-2005-4620 EXPLOITDB c VERIFIED
WinRAR <3.50 - Buffer Overflow
Buffer overflow in WinRAR 3.50 and earlier allows local users to execute arbitrary code via a long command-line argument. NOTE: because this program executes with the privileges of the invoking user, and because remote programs do not normally have the ability to specify a command-line argument for this program, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability.
by c0d3r
CVE-2005-4620 EXPLOITDB c VERIFIED
WinRAR <3.50 - Buffer Overflow
Buffer overflow in WinRAR 3.50 and earlier allows local users to execute arbitrary code via a long command-line argument. NOTE: because this program executes with the privileges of the invoking user, and because remote programs do not normally have the ability to specify a command-line argument for this program, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability.
by K4P0
CVE-2005-3358 EXPLOITDB c VERIFIED
Linux Kernel < 2.6.14.7 - Denial of Service
Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.
by Doug Chapman
CVE-2006-0072 EXPLOITDB c VERIFIED
termsh <5.0.7 - Buffer Overflow
Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector.
by prdelka
CVE-2005-0736 EXPLOITDB c VERIFIED
Linux kernel <2.6.12 - Memory Corruption
Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.
by alert7
CVE-2005-3807 EXPLOITDB c VERIFIED
Linux Kernel - Denial of Service
Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already been cleaned by the locks_delete_lock function.
by J. Bruce Fields
CVE-2005-4584 EXPLOITDB c VERIFIED
BZFlag server <2.0.4 - DoS
BZFlag server 2.0.4 and earlier allows remote attackers to cause a denial of service (application crash) via a callsign that is not followed by a NULL (\0) character.
by Luigi Auriemma
CVE-2005-4505 EXPLOITDB c VERIFIED
McAfee VirusScan Enterprise 8.0i-CMA 3.5 - Privilege Escalation
Unquoted Windows search path vulnerability in McAfee VirusScan Enterprise 8.0i (patch 11) and CMA 3.5 (patch 5) might allow local users to gain privileges via a malicious "program.exe" file in the C: folder, which is run by naPrdMgr.exe when it attempts to execute EntVUtil.EXE under an unquoted "Program Files" path.
by Reed Arvin
By Source
All 3,149 Exploitdb 50,121 Writeup 46,751 Nomisec 21,199 Metasploit 3,189 Github 2,250 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,738 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 68 go 41 postscript 25 xml 24