Exploitdb Exploits
3,149 exploits tracked across all sources.
ArcGIS for ESRI ArcInfo Workstation 9.0 - Privilege Escalation
Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain privileges via format string specifiers in the ARCHOME environment variable to (1) wservice or (2) lockmgr.
by Kevin Finisterre
Kmint21 Software Golden FTP Server - Buffer Overflow
Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long USER command.
by darkeagle
Kmint21 Software Golden FTP Server - Buffer Overflow
Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long USER command.
by c0d3r
snmppd <0.4.5 - RCE
Format string vulnerability in the snmppd_log function in snmppd_util.c for snmppd 0.4.5 and earlier may allow remote attackers to cause a denial of service or execute arbitrary code via format string specifiers that are not properly handled in a syslog call.
by cybertronic
NetLeaf Limited NotJustBrowsing <1.0.3 - Info Disclosure
NetLeaf Limited NotJustBrowsing 1.0.3 stores the View Lock Password in plaintext in the notjustbrowsing.prf file, which allows local users to gain privileges.
by Kozan
Cybration ICUII 7.0 - Info Disclosure
Cybration ICUII 7.0 stores passwords in plaintext in the world-readable icuii.ini file, which allows local users to gain privileges.
by Kozan
StumbleInside GoText 1.01 - Info Disclosure
StumbleInside GoText 1.01 stores sensitive username, mail address,and phone number information in plaintext in the GoText.bin file, which allows local users to obtain that information.
by Kozan
ExoticSoft FilePocket 1.2 - Privilege Escalation
ExoticSoft FilePocket 1.2 stores sensitive proxy information, including proxy passwords, in plaintext in the registry, which allows local users to gain privileges.
by Kozan
MySQL MaxDB Webtool 7.5.00.23 - Remote Stack Overflow
by cybertronic
BakBone NetVault 7.1 - Privilege Escalation
nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop privileges before opening files, which allows local users to gain privileges via the Help menu.
by Reed Arvin
Altiris Client 6.0.88 - Service Privilege Escalation
by Reed Arvin
tcpdump <3.9.1 - DoS
The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4.
by vade79
tcpdump <3.9.1 - DoS
The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet.
by vade79
tcpdump <3.8.3 - DoS
tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted (1) BGP packet, which is not properly handled by RT_ROUTING_INFO, or (2) LDP packet, which is not properly handled by the ldp_print function.
by vade79
tcpdump <3.8.3 - DoS
tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted (1) BGP packet, which is not properly handled by RT_ROUTING_INFO, or (2) LDP packet, which is not properly handled by the ldp_print function.
by vade79
Yager <5.24 - RCE
Multiple buffer overflows in Yager 5.24 and earlier allow remote attackers to execute arbitrary code via (1) a crafted nickname or (2) a packet with a large amount of data.
by cybertronic
Affix Bluetooth Protocol Stack 3.1/3.2 - Signed Buffer Index (2)
by kf
Affix Bluetooth Protocol Stack 3.1/3.2 - Signed Buffer Index (1)
by kf
PMSoftware Simple Web Server 1.0 - RCE
Buffer overflow in PMSoftware Simple Web Server 1.0 allows remote attackers to execute arbitrary code via a long GET request.
by cybertronic
GoodTech Telnet Server < 5.0.7 - Remote Buffer Overflow (2)
by cybertronic
Crystal ART Software Crystal FTP - Buffer Overflow
Buffer overflow in Crystal FTP Client 2.8 allows remote malicious servers to execute arbitrary code via a response to a LIST command that contains a file name with a long extension.
by cybertronic
PMSoftware Simple Web Server 1.0 - RCE
Buffer overflow in PMSoftware Simple Web Server 1.0 allows remote attackers to execute arbitrary code via a long GET request.
by c0d3r
Multiple TCP/IP - DoS
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
by houseofdabus
By Source