Exploitdb Exploits

3,149 exploits tracked across all sources.

Sort: Activity Stars
CVE-2004-1638 EXPLOITDB c VERIFIED
MailCarrier 2.51 - RCE
Buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long (1) EHLO and possibly (2) HELO command.
by NoPh0BiA
CVE-2004-2271 EXPLOITDB c VERIFIED
MiniShare <1.4.1 - RCE
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
by NoPh0BiA
CVE-2004-2442 EXPLOITDB c VERIFIED
F-Secure Anti-Virus <5.43 - Auth Bypass
Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system.
by oc192
EIP-2026-115920 EXPLOITDB c VERIFIED
NetNote Server 2.2 build 230 - Crafted String Denial of Service
by class101
EIP-2026-114891 EXPLOITDB c VERIFIED
AlShare Software NetNote Server 2.2 - Remote Denial of Service
by class101
CVE-2004-1109 EXPLOITDB c VERIFIED
Kerio Personal Firewall - Denial of Service
The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1) TCP, (2) UDP, or (3) ICMP packet with a zero length IP Option field.
by houseofdabus
CVE-2004-2418 EXPLOITDB c VERIFIED
SlimFTPd <3.15 - RCE
Buffer overflow in SlimFTPd 3.15 and earlier allows local users to execute arbitrary code via a long command, such as (1) CWD, (2) STOR, (3) MKD, and (4) STAT.
by class101
CVE-2004-0083 EXPLOITDB c VERIFIED
Xfree86 X11r6 - Buffer Overflow
Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106.
CVE-2004-1073 EXPLOITDB c VERIFIED
Linux kernel <2.6.8 - Code Injection
The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.
by Paul Starzetz
CVE-2004-2416 EXPLOITDB c VERIFIED
CCProxy - Buffer Overflow
Buffer overflow in the logging component of CCProxy allows remote attackers to execute arbitrary code via a long HTTP GET request.
by Ruder
CVE-2004-2677 EXPLOITDB c VERIFIED
QwikMail SMTP <0.3 - RCE
Format string vulnerability in qwik-smtpd.c in QwikMail SMTP (qwik-smtpd) 0.3 and earlier allows remote attackers to execute arbitrary code via format specifiers in the (1) clientRcptTo array, and the (2) Received and (3) messageID variables, possibly involving HELO and hostname arguments.
by Carlos Barros
CVE-2004-2271 EXPLOITDB c VERIFIED
MiniShare <1.4.1 - RCE
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
by class101
CVE-2004-1626 EXPLOITDB c VERIFIED
Code-crafters Ability Server - Buffer Overflow
Buffer overflow in Ability Server 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long STOR command.
by NoPh0BiA
CVE-2004-1500 EXPLOITDB c VERIFIED
Freeform Interactive Purge Jihad - Denial of Service
Format string vulnerability in the Lithtech engine, as used in multiple games, allows remote authenticated users to cause a denial of service (application crash) via format string specifiers in (1) a nickname or (2) a message.
by Luigi Auriemma
EIP-2026-115047 EXPLOITDB c VERIFIED
Chesapeake TFTP Server 1.0 - Directory Traversal / Denial of Service (PoC)
by Luigi Auriemma
CVE-2004-1636 EXPLOITDB c VERIFIED
NET Integration Technologies. Wvtftp - Buffer Overflow
Heap-based buffer overflow in the WvTFTPServer::new_connection function in wvtftpserver.cc for WvTftp 0.9 allows remote attackers to execute arbitrary code via a long option string in a TFTP packet.
by infamous41md
CVE-2004-1493 EXPLOITDB c VERIFIED
Master of Orion III <1.2.5 - DoS
Master of Orion III 1.2.5 and earlier allows remote attackers to cause a denial of service (server crash) via multiple connections with long nicknames, possibly triggering a buffer overflow.
by Luigi Auriemma
CVE-2004-0510 EXPLOITDB c VERIFIED
MMDF <5.0.7 - Buffer Overflow
Multiple buffer overflows in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to execute arbitrary code, as demonstrated via the execmail program.
by Ramon de C Valle
CVE-2004-0989 EXPLOITDB c VERIFIED
libXML 2.6.12-2.6.13 - Buffer Overflow
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost.
by Sean
CVE-2004-0110 EXPLOITDB c VERIFIED
SGI Propack - Buffer Overflow
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
by infamous41md
CVE-2004-0990 EXPLOITDB c VERIFIED
GD Graphics Library libgd 2.0.28 - RCE/DoS
Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941.
by anonymous
CVE-2004-1484 EXPLOITDB c VERIFIED
Socat <1.4.0.3 - RCE
Format string vulnerability in the _msg function in error.c in socat 1.4.0.3 and earlier, when used as an HTTP proxy client and run with the -ly option, allows remote attackers or local users to execute arbitrary code via format string specifiers in a syslog message.
by CoKi
CVE-2004-1595 EXPLOITDB c VERIFIED
Shixxnote - Buffer Overflow
Buffer overflow in ShixxNote 6.net build 117 allows remote attackers to execute arbitrary code via a long font field.
by class101
CVE-2004-0940 EXPLOITDB HIGH c VERIFIED
Apache <1.3.32 - Buffer Overflow
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
by xCrZx
CVSS 7.8
CVE-2004-0209 EXPLOITDB c VERIFIED
Microsoft Windows <2000-2003 - RCE
Unknown vulnerability in the Graphics Rendering Engine processes of Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats that involve "an unchecked buffer."
by houseofdabus
By Source
All 3,149 Exploitdb 50,121 Writeup 46,831 Nomisec 21,202 Metasploit 3,189 Github 2,265 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,745 c 3,550 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 73 go 41 postscript 25 xml 24