Exploitdb Exploits

3,138 exploits tracked across all sources.

Sort: Activity Stars
CVE-2003-0910 EXPLOITDB c VERIFIED
Windows NT and Windows 2000 - Local Privilege Escalation via NtSetLdtEntries
The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.
EIP-2026-100680 EXPLOITDB c VERIFIED
BSD-Games 2.x - Mille Local Save Game File Name Buffer Overrun
by N4rK07IX
CVE-2004-0333 EXPLOITDB c VERIFIED
UUDeview <8.1 - Remote Code Execution
Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain long MIME parameters.
by snooq
CVE-2003-0908 EXPLOITDB c VERIFIED
Microsoft Windows 2000 - Local Privilege Escalation via Utility Manager Shatter Attack
The Utility Manager in Microsoft Windows 2000 executes winhlp32.exe with system privileges, which allows local users to execute arbitrary code via a "Shatter" style attack using a Windows message that accesses the context sensitive help button in the GUI, as demonstrated using the File Open dialog in the Help window, a different vulnerability than CVE-2004-0213.
by Cesar Cerrudo
CVE-2004-0120 EXPLOITDB c VERIFIED
Microsoft Windows SSL Library - Denial of Service via Malformed SSL Messages
The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service via malformed SSL messages.
by David Barroso
CVE-2004-1897 EXPLOITDB c VERIFIED
Monit 1.4-4.2 - Denial of Service via Basic Authentication Request Without Password
Administration interface in Monit 1.4 through 4.2 allows remote attackers to cause a denial of service (segmentation fault) by sending a Basic Authentication request without a password, which causes Monit to decrement a null pointer and perform an out-of-bounds read.
by Abhisek Datta
EIP-2026-102649 EXPLOITDB c VERIFIED
Linux Kernel 2.4/2.6 - Sigqueue Blocking Denial of Service
by Nikita V. Youshchenko
EIP-2026-117168 EXPLOITDB c VERIFIED
FirstClass Desktop 7.1 - Local Buffer Overflow
by I2S-LaB
EIP-2026-116944 EXPLOITDB c VERIFIED
Centrinity FirstClass Desktop Client 7.1 - Local Buffer Overflow
by I2S-LaB
CVE-2004-0184 EXPLOITDB c VERIFIED
tcpdump < 3.8.1 - Denial of Service via ISAKMP Identification Payload Length Underflow
Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.
by Rapid7
EIP-2026-103013 EXPLOITDB c VERIFIED
Systrace 1.x - Local Policy Bypass
by Brad
CVE-2004-0362 EXPLOITDB c VERIFIED
ISS Protocol Analysis Module - Buffer Overflow
Multiple stack-based buffer overflows in the ICQ parsing routines of the ISS Protocol Analysis Module (PAM) component, as used in various RealSecure, Proventia, and BlackICE products, allow remote attackers to execute arbitrary code via a SRV_MULTI response containing a SRV_USER_ONLINE response packet and a SRV_META_USER response packet with long (1) nickname, (2) firstname, (3) lastname, or (4) email address fields, as exploited by the Witty worm.
by Sam
CVE-2004-0176 EXPLOITDB c VERIFIED
Ethereal 0.8.13-0.10.2 - Multiple Buffer Overflow in NetFlow, IGAP, EIGRP, PGM, IrDA, BGP, ISUP, and TCAP Dissectors
Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors.
by Abhisek Datta
EIP-2026-118694 EXPLOITDB c VERIFIED
Internet Security Systems Protocol Analysis Module ICQ - Parsing Buffer Overflow
by Sam
CVE-2004-0176 EXPLOITDB c VERIFIED
Ethereal 0.8.13-0.10.2 - Multiple Buffer Overflow in NetFlow, IGAP, EIGRP, PGM, IrDA, BGP, ISUP, and TCAP Dissectors
Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors.
by Rémi Denis-Courmont
CVE-2004-1883 EXPLOITDB c VERIFIED
WS_FTP Server 4.0.2 - Authenticated Buffer Overflow via ALLO Handler or STAT Command
Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred.
by Hugh Mann
CVE-2004-2719 EXPLOITDB c VERIFIED
Foxmail 5.0.300 - Buffer Overflow via Long From Field in Mail Message
Buffer overflow in the UrlToLocal function in PunyLib.dll of Foxmail 5.0.300 allows remote attackers to execute arbitrary code via a mail message with a long From field, a different issue than CVE-2005-0339.
by xfocus
CVE-2004-1855 EXPLOITDB c VERIFIED
Dark Age of Camelot <1.68 - Info Disclosure
Dark Age of Camelot before 1.68 live patch does not sign the RSA public key, which could allow remote malicious servers to gain sensitive information via a man-in-the-middle attack.
by Todd Chapman
CVE-2004-0544 EXPLOITDB c VERIFIED
IBM AIX 5.1-5.2 - Local Privilege Escalation via LVM putlvcb/getlvcb Buffer Overflow
Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1) putlvcb or (2) getlvcb commands.
by mattox
CVE-2004-0230 EXPLOITDB c VERIFIED
Juniper Junos - Denial of Service via TCP RST Packet Injection
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.
by Matt Edman
CVE-2004-0345 EXPLOITDB c VERIFIED
Red Faction <= 1.20 - Remote Code Execution via Long Server Name
Buffer overflow in Red Faction client 1.20 and earlier allows remote servers to execute arbitrary code via a long server name.
by Luigi Auriemma
CVE-2004-1207 EXPLOITDB c VERIFIED
Serioussam Seriousengine - Denial of Service
The Serious engine, as used in (1) Alpha Black Zero Intrepid Protocol 1.04 and earlier, (2) Nitro family, and (3) Serious Sam Second Encounter 1.07 allows remote attackers to cause a denial of service (server crash) via a large number of UDP join requests that exceeds the maximum player limit, as originally reported for Alpha Black Zero.
by Luigi Auriemma
CVE-2004-1619 EXPLOITDB c VERIFIED
Privateer's Bounty: Age of Sail II - Buffer Overflow via Long Nickname
Buffer overflow in Privateer's Bounty: Age of Sail II allows remote attackers to execute arbitrary code via a long nickname.
by Luigi Auriemma
EIP-2026-115253 EXPLOITDB c VERIFIED
Flash Messaging 5.2.0g - Remote Denial of Service
by Luigi Auriemma
EIP-2026-101088 EXPLOITDB c VERIFIED
SureCom EP-9510AX/EP-4504AX Network Device - Malformed Web Authorisation Request Denial of Service (2)
by shaun2k2
By Source
All 3,138 Writeup 62,313 Exploitdb 50,076 Nomisec 22,418 Github 3,633 Metasploit 3,314 Vulncheck_xdb 929 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,574 ruby 6,005 c 3,628 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 229 shell 131 go 73 postscript 25 typescript 25