Exploitdb Exploits

3,138 exploits tracked across all sources.

Sort: Activity Stars
CVE-2004-0524 EXPLOITDB c VERIFIED
SquirrelMail <4.0 - Privilege Escalation
Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelMail, allows local users to gain root privileges via a long user name.
by Bytes
CVE-2004-1741 EXPLOITDB c VERIFIED
music_daemon 0.0.3 - Denial of Service via LOAD and SHOWLIST Commands
Music daemon (musicd) 0.0.3 and earlier allows remote attackers to cause a denial of service (crash) by calling LOAD with a binary file as an argument, then calling SHOWLIST.
by Tal0n
CVE-2004-0691 EXPLOITDB c VERIFIED
QT <3.3.3 - Buffer Overflow
Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code.
by infamous41md
EIP-2026-103049 EXPLOITDB c VERIFIED
XV 3.x - '.BMP' Parsing Local Buffer Overflow
by infamous41md
CVE-1999-1497 EXPLOITDB c VERIFIED
Ipswitch IMail <6.0 - Info Disclosure
Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts.
by Adik
EIP-2026-115450 EXPLOITDB c VERIFIED
IPD (Integrity Protection Driver) - Denial of Service
by anonymous
CVE-2004-1717 EXPLOITDB c VERIFIED
gv - Buffer Overflow via Long Postscript File Values
Multiple buffer overflows in the psscan function in ps.c for gv (ghostview) allow remote attackers to execute arbitrary code via a Postscript file with a long (1) BoundingBox, (2) comment, (3) Orientation, (4) PageOrder, or (5) Pages value.
by infamous41md
CVE-2004-0636 EXPLOITDB c VERIFIED
AOL Instant Messenger <5.5.3595 - RCE
Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away message.
by mandragore
CVE-2004-0416 EXPLOITDB c VERIFIED
CVS <1.12.8/<1.11.16 - Memory Corruption
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
by Gyan Chawdhary
CVE-2004-1717 EXPLOITDB c VERIFIED
gv - Buffer Overflow via Long Postscript File Values
Multiple buffer overflows in the psscan function in ps.c for gv (ghostview) allow remote attackers to execute arbitrary code via a Postscript file with a long (1) BoundingBox, (2) comment, (3) Orientation, (4) PageOrder, or (5) Pages value.
by infamous41md
CVE-2006-6563 EXPLOITDB c VERIFIED
ProFTPD <1.3.1rc1 - Buffer Overflow
Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value.
by pi3
CVE-2004-0597 EXPLOITDB c VERIFIED
libpng < 1.2.5 - Remote Code Execution via Malformed PNG Image
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
by anonymous
CVE-2004-0597 EXPLOITDB c VERIFIED
libpng < 1.2.5 - Remote Code Execution via Malformed PNG Image
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
by infamous41md
CVE-2004-0733 EXPLOITDB c VERIFIED
OllyDbg 1.10 - Remote Code Execution via Format String Specifiers
Format string vulnerability in OllyDbg 1.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers that are directly provided to the OutputDebugString function call.
by Ahmet Cihan
CVE-2004-1475 EXPLOITDB c VERIFIED
xine-lib 1-rc2-1-rc5 - Stack-Based Buffer Overflow via Long VideoCD MRL or Subtitle Lines
Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 allow attackers to execute arbitrary code via (1) long VideoCD vcd:// MRLs or (2) long subtitle lines.
by c0ntex
CVE-2004-1701 EXPLOITDB c VERIFIED
Cfengine 2.0.0-2.1.7p1 - Remote Code Execution via Long SAUTH Command
Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication.
by jsk
EIP-2026-103100 EXPLOITDB c VERIFIED
Dropbear SSH 0.34 - Remote Code Execution
by livenn
CVE-2004-2532 EXPLOITDB c VERIFIED
Serv-U FTP <5.1.0.0 - Command Injection
Serv-U FTP server before 5.1.0.0 has a default account and password for local administration, which allows local users to execute arbitrary commands by connecting to the server using the default administrator account, creating a new user, logging in as that new user, and then using the SITE EXEC command.
by Andrés Acunha
CVE-2003-0717 EXPLOITDB c VERIFIED
Messenger Service - Buffer Overflow
The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
by VeNoMouS
CVE-2004-1437 EXPLOITDB c VERIFIED
pavuk - Remote Code Execution via Digest Authentication Buffer Overflow
Multiple buffer overflows in the digest authentication functionality in Pavuk 0.9.28-r2 and earlier allow remote attackers to execute arbitrary code.
by infamous41md
CVE-2004-0633 EXPLOITDB c VERIFIED
Ethereal 0.10.3-0.10.4 - Denial of Service via iSNS Dissector Integer Overflow
The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.
by Rémi Denis-Courmont
CVE-2004-2646 EXPLOITDB c VERIFIED
Free Web Chat 2.0 - Denial of Service via Null usrName Variable
The addUser function in UserManager.java in Free Web Chat 2.0 allows remote attackers to cause a denial of service (uncaught NullPointerException) via unknown attack vectors that cause the usrName variable to be null.
by Donato Ferrante
CVE-2004-2523 EXPLOITDB c VERIFIED
OpenFTPD < 0.30.2 - Authenticated Remote Code Execution via Format String in Message Argument
Format string vulnerability in the msg command (cat_message function in msg.c) in OpenFTPD 0.30.2 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in the message argument.
by infamous41md
CVE-2004-0557 EXPLOITDB c VERIFIED
SoX 12.17.2-12.17.4 - Remote Code Execution via WAV File Header Fields
Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.
by Rave
CVE-2004-0415 EXPLOITDB c VERIFIED
Linux Kernel - Unauthenticated Memory Exposure via 64-bit File Offset Pointer Conversion
Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory.
by Paul Starzetz
By Source
All 3,138 Writeup 62,313 Exploitdb 50,076 Nomisec 22,418 Github 3,633 Metasploit 3,314 Vulncheck_xdb 929 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,574 ruby 6,005 c 3,628 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 229 shell 131 go 73 postscript 25 typescript 25