Exploitdb Exploits
3,149 exploits tracked across all sources.
Microsoft Windows Plug-and-Play Service (French) - Remote Universal (MS05-039)
by Fabrice Mourron
Ventrilo <2.3.0 - DoS
Ventrilo 2.1.2 through 2.3.0 allows remote attackers to cause a denial of service (application crash) via a status packet that contains less data than specified in the packet header sent to UDP port 3784.
by Luigi Auriemma
ZipTorrent 1.3.7.3 - Info Disclosure
ZipTorrent 1.3.7.3 stores sensitive information in plaintext in the pref.txt file, which allows local users to obtain sensitive information such as proxy server information and passwords.
by Kozan
Mercora IMRadio 4.0.0.0 - Privilege Escalation
Mercora IMRadio 4.0.0.0 stores usernames and passwords in plaintext in the MercoraClient\Profiles registry key, which allows local users to gain privileges.
by Kozan
Elm <2.5 PL7 - Buffer Overflow
Stack-based buffer overflow in expires.c in Elm 2.5 PL5 through PL7, and possibly other versions, allows remote attackers to execute arbitrary code via an e-mail message with a long Expires header.
by c0ntex
WinAce <2.6.0.5 - RCE
Buffer overflow in WinAce 2.6.0.5, and possibly earlier versions, allows remote attackers to execute arbitrary code via a temporary (.tmp) file that contains an entry with a long file name.
by ATmaCA
Chris Moneymaker's World Poker Championship 1.0 - Buffer Overflow
Buffer overflow in Chris Moneymaker's World Poker Championship 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long nickname.
by Luigi Auriemma
Microsoft Windows 2000 - Buffer Overflow
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
by houseofdabus
Microsoft Windows 2000 - Buffer Overflow
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
by sl0ppy
Wyse Winterm - Denial of Service
Wyse Winterm 1125SE running firmware 4.2.09f or 4.4.061f allows remote attackers to cause a denial of service (device crash) via a packet with a zero in the IP option length field.
by Piotr Chytla
Microsoft Windows XP/2000/2003 - Keyboard Event Privilege Escalation
by Andres Tarasco
Ethereal <0.10.11 - RCE
Format string vulnerability in the proto_item_set_text function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet.
by vade79
nbsmtp <0.99 - RCE
Format string vulnerability in util.c in nbsmtp 0.99 and earlier, while running in debug mode, allows remote attackers to execute arbitrary code via format string specifiers that are not properly handled in a syslog call.
by CoKi
BrightStor ARCserve Backup Agent for SQL Server 11.0 - Buffer Overflow
Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Backup Agent for SQL Server 11.0 allows remote attackers to execute arbitrary code via a long string sent to port (1) 6070 or (2) 6050.
by cybertronic
CA Products <11.5 SP1 - Buffer Overflow
Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCserve Backup r11.5 SP1 and earlier, ARCserve Backup 9.01 up to 11.1, Enterprise Backup 10.5, and CA Server Protection Suite r2, allows remote attackers to execute arbitrary code via unspecified vectors.
by cybertronic
CA BrightStor ARCserve Backup - 'dsconfig.exe' Remote Buffer Overflow
by cybertronic
Pablo Software Solutions Quick N Easy FTP Server - Denial of Service
Quick 'n Easy FTP Server 3.0 allows remote attackers to cause a denial of service (application crash or CPU consumption) via a long USER command.
by Kozan
Microsoft Windows - 'LegitCheckControl.dll' Genuine Advantage Validation Patch
by HaCkZaTaN
Netcplus Businessmail - Buffer Overflow
Multiple buffer overflows in BusinessMail 4.60.00 allow remote attackers to cause a denial of service (application crash) via a long string to SMTP (1) HELO or (2) MAIL FROM commands.
by Kozan
GNU Mailutils <0.6.90 - RCE
Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the command tag for IMAP commands.
by CoKi
Microsoft Color Management Module - RCE
Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags.
by snooq
Pyrosoft Netpanzer - Denial of Service
NetPanzer 0.8 and earlier allows remote attackers to cause a denial of service (infinite loop) via a packet with a zero datablock size.
by Luigi Auriemma
By Source