Exploitdb Exploits

3,149 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-114774 EXPLOITDB c VERIFIED
UNIX 7th Edition /bin/mkdir - Local Buffer Overflow
by anonymous
CVE-2004-0396 EXPLOITDB c VERIFIED
CVS <1.11.16-1.12.8 - Buffer Overflow
Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.
by anonymous
CVE-2004-0396 EXPLOITDB c VERIFIED
CVS <1.11.16-1.12.8 - Buffer Overflow
Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.
by Ac1dB1tCh3z
CVE-2004-0397 EXPLOITDB c VERIFIED
Subversion <1.0.2 - RCE
Stack-based buffer overflow during the apr_time_t data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a (1) DAV2 REPORT query or (2) get-dated-rev svn-protocol command.
by Gyan Chawdhary
CVE-2004-0554 EXPLOITDB c VERIFIED
Linux kernel 2.4.x-2.6.x - DoS
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.
by lorenzo
CVE-2004-0618 EXPLOITDB c VERIFIED
FreeBSD 5.1 - DoS
FreeBSD 5.1 for the Alpha processor allows local users to cause a denial of service (crash) via an execve system call with an unaligned memory address as an argument.
by Marceta Milos
CVE-2004-0605 EXPLOITDB c VERIFIED
ircd-hybrid <7.0.1 - DoS
Non-registered IRC users using (1) ircd-hybrid 7.0.1 and earlier, (2) ircd-ratbox 1.5.1 and earlier, or (3) ircd-ratbox 2.0rc6 and earlier do not have a rate-limit imposed, which could allow remote attackers to cause a denial of service by repeatedly making requests, which are slowly dequeued.
by Erik Sperling Johansen
EIP-2026-115298 EXPLOITDB c VERIFIED
FreeIPS 1.0 Protected Service - Denial of Service
CVE-2004-1471 EXPLOITDB c VERIFIED
Cvs - Denial of Service
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.
by Gyan Chawdhary
CVE-2004-2555 EXPLOITDB c VERIFIED
Riverdeep FoolProof Security <3.9.x - Info Disclosure
Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses weak cryptography (arithmetic and XOR operations) to relate the Control password to the Administrator password, which allows local users to calculate the Administrator password if they know the Control password and password recovery key.
by Cyrillium Security
EIP-2026-104106 EXPLOITDB c VERIFIED
TildeSlash Monit 1-4 - Authentication Handling Buffer Overflow
by Nilanjan De
CVE-2004-0580 EXPLOITDB c VERIFIED
Linksys - Info Disclosure
DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information.
by Jon Hart
CVE-2004-2033 EXPLOITDB c VERIFIED
Orenosv HTTP FTP Server - Denial of Service
Orenosv 0.5.9f allows remote attackers to cause a denial of service (crash) via a long HTTP GET request.
by badpack3t
CVE-2004-2344 EXPLOITDB c VERIFIED
VocalTec VGW120-VGW480 - DoS
Unknown vulnerability in the ASN.1/H.323/H.225 stack of VocalTec VGW120 and VGW480 allows remote attackers to cause a denial of service.
by Alexander
EIP-2026-119116 EXPLOITDB c VERIFIED
Sasser Worm ftpd - Remote Buffer Overflow (port 5554)
by mandragore
CVE-2004-0445 EXPLOITDB c VERIFIED
Symantec Norton Internet Security <2004 - DoS
The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.
by houseofdabus
CVE-2004-2012 EXPLOITDB c VERIFIED
NetBSD/FreeBSD - Privilege Escalation
The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges.
by Stefan Esser
CVE-2004-2614 EXPLOITDB c VERIFIED
MyWeb 3.3 - Buffer Overflow
Buffer overflow in MyWeb 3.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request.
by badpack3t
CVE-2004-0399 EXPLOITDB c VERIFIED
Exim <4 - Buffer Overflow
Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
by newroot
CVE-2004-0409 EXPLOITDB c VERIFIED
XChat <2.0.8 - Buffer Overflow
Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote attackers to execute arbitrary code.
by vade79
CVE-2004-2026 EXPLOITDB c VERIFIED
Pound <1.5 - RCE
Format string vulnerability in the logmsg function in svc.c for Pound 1.5 and earlier allows remote attackers to execute arbitrary code via format string specifiers in syslog messages.
by Nilanjan De
CVE-2004-1983 EXPLOITDB c VERIFIED
THE PAX Team Pax Linux - Denial of Service
The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors.
by Shadowinteger
CVE-2005-0643 EXPLOITDB c VERIFIED
Mcafee Antivirus Engine - Buffer Overflow
Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4357 allows remote attackers to execute arbitrary code via crafted LHA files.
by N4rK07IX
CVE-2003-0533 EXPLOITDB c VERIFIED
Microsoft Windows - Buffer Overflow
Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.
by houseofdabus
CVE-2003-0533 EXPLOITDB c VERIFIED
Microsoft Windows - Buffer Overflow
Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.
by sbaa
By Source
All 3,149 Exploitdb 50,121 Writeup 46,832 Nomisec 21,205 Metasploit 3,189 Github 2,268 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,746 c 3,550 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 73 go 41 postscript 25 xml 24