Exploitdb Exploits
3,149 exploits tracked across all sources.
Softiacom Wmailserver - Buffer Overflow
SoftiaCom wMailServer 1.0 and 2.0 allows remote attackers to cause a denial of service (application crash) via a large TCP packet with a leading space, possibly triggering a buffer overflow.
by Kozan
PHPsFTPd 0.2/0.4 - 'Inc.login.php' Privilege Escalation
by Stefan Lochbihler
SoftiaCom wMailServer 1.0 - Local Information Disclosure
by fRoGGz
Privashare - Denial of Service
PrivaShare 1.1b allows remote attackers to cause a denial of service (crash) via a malformed message.
by basher13
Tonec. Internet Download Manager - Buffer Overflow
Stack-based buffer overflow in Internet Download Manager 4.05 allows remote attackers to execute arbitrary code via a long URL.
by c0d3r
Sudo 1.3.1 < 1.6.8p (OpenBSD) - Pathname Validation Privilege Escalation
by RusH
Nokia Affix - Buffer Overflow
Buffer overflow in Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary code via a long filename in an OBEX file share.
by Kevin Finisterre
Microsoft Windows 2000 - Buffer Overflow
Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows remote attackers to execute arbitrary code via a crafted message.
by houseofdabus
SUN Solaris - Access Control
The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by (1) modifying LD_AUDIT to reference malicious code and possibly (2) using a long value for LD_AUDIT.
by Przemyslaw Frasunek
SUN Solaris - Access Control
The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by (1) modifying LD_AUDIT to reference malicious code and possibly (2) using a long value for LD_AUDIT.
by Przemyslaw Frasunek
K-COLLECT CSV_DB.CGI 1.0/i_DB.CGI 1.0 - Remote Command Execution
by blahplok
Windows NT 4.0-Server 2003 - RCE
The Server Message Block (SMB) implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote attackers to execute arbitrary code via Transaction responses containing (1) Trans or (2) Trans2 commands, aka the "Server Message Block Vulnerability," and as demonstrated using Trans2 FIND_FIRST2 responses with large file name length fields.
by cybertronic
phpBB 2.0.15 - Register Multiple Users (Denial of Service)
by HaCkZaTaN
PeerCast <0.1211 - RCE
Format string vulnerability in PeerCast 0.1211 and earlier allows remote attackers to execute arbitrary code via format strings in the URL.
by darkeagle
launchd 106 - Local Privilege Escalation
launchd 106 in Apple Mac OS X 10.4.x up to 10.4.1 allows local users to overwrite arbitrary files via a symlink attack on the socket file in an insecure temporary directory.
by intropy
IBM AIX 5.3 - Code Injection
Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments.
by intropy
IBM Aix - Buffer Overflow
Buffer overflow in netpmon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -O argument.
by intropy
IBM Aix - Buffer Overflow
Buffer overflow in ipl_varyon on AIX 5.1, 5.2, and 5.3 allows local users to execute arbitrary code via a long -d argument.
by intropy
Webhints 1.03 - Command Injection
hints.pl in Webhints 1.03 allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.
by Alpha_Programmer
GNU Mailutils imap4d 0.5 < 0.6.90 - Remote Format String
by qobaiashi
tcpdump 3.x - DoS
The bgp_update_print function in tcpdump 3.x does not properly handle a -1 return value from the decode_prefix4 function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet.
by simon
By Source