Exploitdb Exploits
3,149 exploits tracked across all sources.
GNU Mailutils 0.6 - RCE
Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command.
by Angelo Rosiello
Nokia Series - Denial of Service
Nokia Symbian 60 allows remote attackers to cause a denial of service (phone restart) via a Bluetooth nickname.
by Qnix
Pmail Mercury Mail Transport System < 4.01b - Buffer Overflow
Stack-based buffer overflow in Mercury/32 (aka Mercury Mail Transport System) 4.01b and earlier allows remote attackers to execute arbitrary code via a long LOGIN command. NOTE: this might be the same issue as CVE-2006-5961.
by c0d3r
Wireless Tools - Buffer Overflow
Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment variable.
by Qnix
Snort 2.4.0 - SACK TCP Option Error Handling Denial of Service
by nitr0us
Snort 2.x - PrintTcpOptions Remote Denial of Service
by VulnFact Security Labs
GNU Mailutils 0.6 - RCE
Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command.
by Clément Lecigne
Zebedee 2.4.1 - DoS
Zebedee 2.4.1, when "allowed redirection port" is not set, allows remote attackers to cause a denial of service (application crash) via a zero in the port number of the protocol option header, which triggers an assert error in the makeConnection function in zebedee.c.
by Shiraishi.M
Microsoft Windows 2000 - Buffer Overflow
Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application that provides console window information with a long FaceName value.
by eyas
Microsoft Windows - 'keybd_event' Local Privilege Escalation
by Andrés Acunha
Trevor Hogan Bnbt - Denial of Service
The Util_DecodeHTTPAuth function in BNBT BitTorrent Tracker Beta 7.5 Release 2 and earlier allows remote attackers to cause a denial of service (crash) via a Basic Authorization HTTP request with a "A==" value.
by Sowhat
man2web - Command Injection
man2web allows remote attackers to execute arbitrary commands via -P arguments.
by tracewar
SlimFTPd 3.17 - DoS
SlimFTPd 3.17 allows remote attackers to cause a denial of service (crash) via certain (1) USER and (2) PASS commands, possibly due to a buffer overflow or off-by-one error.
by Critical Security
FileZilla <2.2.15 - Info Disclosure
NOTE: this issue has been disputed by the vendor. FileZilla 2.2.14b and 2.2.15, and possibly earlier versions, when "Use secure mode" is disabled, uses a weak encryption scheme to store the user's password in the configuration settings file, which allows local users to obtain sensitive information. NOTE: the vendor has disputed the issue, stating that "the problem is not a vulnerability at all, but in fact a fundamental issue of every single program that can store passwords transparently.
DameWare Mini Remote Control <4.9.0 - RCE
Buffer overflow in dwrcs.exe in DameWare Mini Remote Control before 4.9.0 allows remote attackers to execute arbitrary code via the username.
by jpno5
vBulletin 3.0.8 - Accessible Database Backup Searcher (3)
by str0ke
Adobe Version Cue <1.3 - RCE
VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, allows local users to load arbitrary libraries and execute arbitrary code via the -lib command line argument.
by vade79
HP OpenView Network Node Manager <7.50 - RCE
HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl.
by Lympex
CVSS 9.8
University of Minnesota gopher client 3.0.9 - Buffer Overflow
Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via (1) a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and (2) certain arguments when launching third party programs such as a web browser from a web link, which is not properly handled in the FIOgetargv function.
by vade79
Digital Illusions Battlefield 1942 - Denial of Service
Battlefield 1942 1.6.19 and earlier, and Battlefield Vietnam 1.2 and earlier, allows a remote master server to cause a denial of service (client crash) via a server reply that contains a large numplayers value, which triggers a null dereference.
by Luigi Auriemma
Microsoft Windows 2000 - Buffer Overflow
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
by RoMaNSoFt
By Source