Exploitdb Exploits
3,138 exploits tracked across all sources.
smail 3.2.0.120 - Buffer Overflow via SMTP MAIL FROM Command
Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code via a long string in the MAIL FROM command and possibly other SMTP commands.
by infamous41md
Linux Kernel <2.6.11.5 - Privilege Escalation
The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.
by ilja van sprundel
smail 3.2.0.120 - Buffer Overflow via SMTP MAIL FROM Command
Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code via a long string in the MAIL FROM command and possibly other SMTP commands.
by infamous42md
Mac OS X 10.3.5-10.3.6 - Local Buffer Overflow via CF_CHARSET_PATH Environment Variable
Stack-based buffer overflow in the Core Foundation Library in Mac OS X 10.3.5 and 10.3.6, and possibly earlier versions, allows local users to execute arbitrary code via a long CF_CHARSET_PATH environment variable.
by vade79
Linux kernel <2.6.11 - RCE
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
by sd
Mac OS X <10.3.8 - Privilege Escalation
The Bluetooth Setup Assistant for Mac OS X before 10.3.8 can be launched without a keyboard or Bluetooth device, which allows local users to bypass access restrictions and gain privileges.
by V9
Ethereal 0.10.9 (Linux) - '3G-A11' Remote Buffer Overflow
by Diego Giagio
PaX <2005.03.05 - Privilege Escalation
Unknown vulnerability in PaX from the September 2003 release to 2.2 before 2005.03.05, related to SEGMEXEC or RANDEXEC and VMA mirroring, allows local users and possibly remote attackers to bypass intended access restrictions and execute arbitrary code.
by Christophe Devine
Sentinel License Manager 7.2.0.2 - Remote Code Execution via UDP Port 5093 Buffer Overflow
Buffer overflow in the Sentinel LM (Lservnt) service in the Sentinel License Manager 7.2.0.2 allows remote attackers to execute arbitrary code by sending a large amount of data to UDP port 5093.
by class101
UBB.Threads - SQL Injection
SQL injection vulnerability in printthread.php in UBB.Threads allows remote attackers to execute arbitrary SQL commands via the main parameter.
by HLL
Linux kernel <2.6.12 - Memory Corruption
Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.
by sd
OpenBSD 2.0 < 3.6 - TCP Timestamp Remote Denial of Service
by RusH
paNews 2.0.4b - Remote Code Execution via admin_setup.php Parameters
admin_setup.php in paNews 2.0.4b allows remote attackers to inject arbitrary PHP code via the (1) $form[comments] or (2) $form[autoapprove] parameters, which are written to config.php.
by Silentium
Windows 2003 Server and XP - Denial of Service via IPv6 Land Attack
The IPv6 support in Windows XP SP2, 2003 Server SP1, and Longhorn, with Windows Firewall turned off, allows remote attackers to cause a denial of service (CPU consumption) via a TCP packet with the SYN flag set and the same destination and source address and port, a variant of CVE-2005-0688 and a reoccurrence of the "Land" vulnerability (CVE-1999-0016).
by RusH
Aztek Forum 4.0 - Unauthenticated Database File Exposure via Export Index Action
The export_index action in myadmin.php for Aztek Forum 4.0 allows remote attackers to obtain database files, possibly by setting the ATK_ADMIN cookie.
by sirius_black
Computer Associates License Client 0.1.0.15 - Remote Code Execution via Long Filename in PUTOLF Request
Buffer overflow in Computer Associates (CA) License Client 0.1.0.15 allows remote attackers to execute arbitrary code via a long filename in a PUTOLF request.
by class101
AWStats 6.3 and 6.4 - Information Disclosure via Debug Parameter
awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain sensitive information by setting the debug parameter.
by omin0us
Scrapland 1.0 and earlier - Denial of Service via Error Handling
Scrapland 1.0 and earlier allows remote attackers to cause a denial of service (server termination) by triggering an error, which is treated as a fatal error by the server, as demonstrated using (1) signed integers for size values, (2) an invalid model, (3) a "newpos" value that is less than or equal to a size value, or (4) partial packets.
by Luigi Auriemma
Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow (2)
by class101
BadBlue 2.55 - Remote Code Execution via Long mfcisapicommand Parameter
Buffer overflow in ext.dll in BadBlue 2.55 allows remote attackers to execute arbitrary code via a long mfcisapicommand parameter.
by class101
Stormy Studios Knet <= 1.04c - Buffer Overflow via Long HTTP GET Request
Buffer overflow in Stormy Studios Knet 1.04c and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP GET request.
by CorryL
wu-ftpd 2.6.1-2.6.2 - Denial of Service via Glob Pattern Recursion
The wu_fnmatch function in wu_fnmatch.c in wu-ftpd 2.6.1 and 2.6.2 allows remote attackers to cause a denial of service (CPU exhaustion by recursion) via a glob pattern with a large number of * (wildcard) characters, as demonstrated using the dir command.
by str0ke
By Source