Exploitdb Exploits
3,149 exploits tracked across all sources.
Digital Illusions Battlefield 1942 - Denial of Service
Battlefield 1942 1.6.19 and earlier, and Battlefield Vietnam 1.2 and earlier, allows a remote master server to cause a denial of service (client crash) via a server reply that contains a large numplayers value, which triggers a null dereference.
by Luigi Auriemma
Linux Kernel 2.6.x - 'AIO_Free_Ring' Local Denial of Service
by Darrick J. Wong
Napshare - Buffer Overflow
Buffer overflow in the auto_filter_extern function in auto.c for NapShare 1.2, with the extern filter enabled, allows remote attackers to execute arbitrary code via a crafted gnutella response.
by Bartlomiej Sieka
phpBB 1.0.0/2.0.10 - 'admin_cash.php' Remote Code Execution
by evilrabbi
Burut Kreed - Denial of Service
The scripts that handle players in Kreed 1.05 and earlier allow remote attackers to cause a denial of service (server freeze) via a long (1) nickname or (2) model type, which generates dialog boxes on the server that must be manually handled before the server continues the game.
by Luigi Auriemma
Mercury (Pegasus) Mail 4.01 - RCE
Buffer overflow in the IMAP service of Mercury (Pegasus) Mail 4.01 allows remote attackers to execute arbitrary code via a long SELECT command.
by JohnH
Neverwinter Nights special - Fake Players Denial of Service
by Luigi Auriemma
Aspell - Buffer Overflow
Multiple stack-based buffer overflows in the word-list-compress functionality in compress.c for Aspell allow local users to execute arbitrary code via a long entry in the wordlist that is not properly handled when using the (1) "c" compress option or (2) "d" decompress option.
by c0d3r
Mercury (Pegasus) Mail 4.01 - RCE
Buffer overflow in the IMAP service of Mercury (Pegasus) Mail 4.01 allows remote attackers to execute arbitrary code via a long SELECT command.
by JohnH
Jana Server 2.4.4 - 'http/pna' Denial of Service
by Luigi Auriemma
21-6 Productions Orbz - Buffer Overflow
Buffer overflow in Orbz 2.10 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long password field in a join request.
by Luigi Auriemma
Ipswitch WS FTP Server - Buffer Overflow
Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow remote attackers to cause a denial of service (service crash) via long (1) SITE, (2) XMKD, (3) MKD, and (4) RNFR commands.
by NoPh0BiA
PHP 4.x-5.0.0RC3 - RCE
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.
by Gyan Chawdhary
MailEnable <1.52-1.01 - RCE
Buffer overflow in the IMAP service of MailEnable Professional Edition 1.52 and Enterprise Edition 1.01 allows remote attackers to execute arbitrary code via (1) a long command string or (2) a long string to the MEIMAP service and then terminating the connection.
by class101
Nullsoft Winamp - Buffer Overflow
Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist file.
by k-otik
Lucasarts Star Wars Battlefront - Denial of Service
Star Wars Battlefront 1.11 and earlier allows remote attackers to cause a denial of service (application crash) via a join request that contains a memory address that causes the server to read arbitrary memory.
by Luigi Auriemma
Raven Software Soldier OF Fortune - Buffer Overflow
Buffer overflow in Soldier of Fortune II 1.03 Gold and earlier allows remote attackers to cause a denial of service (server or client crash) via a long (1) query or (2) reply.
by Luigi Auriemma
Prozilla Download Accelerator - Buffer Overflow
Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header.
by Serkan Akpolat
Weonlydo Wodftpdlx Activex Component - Buffer Overflow
Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component before 2.3.2.97, as used by CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10, and possibly other applications, allows remote attackers to execute arbitrary code via a long filename.
by Komrade
Weonlydo Wodftpdlx Activex Component - Buffer Overflow
Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component before 2.3.2.97, as used by CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10, and possibly other applications, allows remote attackers to execute arbitrary code via a long filename.
by Komrade
Gearbox Software Halo Combat Evolved - Denial of Service
Halo: Combat Evolved 1.05 and earlier allows remote game servers to cause a denial of service (client crash) via a long value in a game server reply, which triggers a NULL dereference.
by Luigi Auriemma
Linux <2.6.8 - DoS
Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet.
by Richard Hart
CVSS 7.5
Microsoft Windows - RCE
Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP 64-bit Edition, Windows Server 2003, and Windows Server 2003 64-bit Edition allows remote attackers to execute arbitrary code via compressed (zipped) folders that involve an "unchecked buffer" and improper length validation.
by tarako
cscope <15-5 - Local Privilege Escalation
main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
by Gangstuck
By Source