C Exploits

3,628 exploits tracked across all sources.

Sort: Activity Stars
CVE-2005-2812 EXPLOITDB c VERIFIED
man2web - Remote Code Execution via -P Argument
man2web allows remote attackers to execute arbitrary commands via -P arguments.
by tracewar
CVE-2005-2850 EXPLOITDB c VERIFIED
SlimFTPd 3.17 - Denial of Service via USER and PASS Commands
SlimFTPd 3.17 allows remote attackers to cause a denial of service (crash) via certain (1) USER and (2) PASS commands, possibly due to a buffer overflow or off-by-one error.
by Critical Security
CVE-2005-2898 EXPLOITDB c VERIFIED
FileZilla <2.2.15 - Info Disclosure
NOTE: this issue has been disputed by the vendor. FileZilla 2.2.14b and 2.2.15, and possibly earlier versions, when "Use secure mode" is disabled, uses a weak encryption scheme to store the user's password in the configuration settings file, which allows local users to obtain sensitive information. NOTE: the vendor has disputed the issue, stating that "the problem is not a vulnerability at all, but in fact a fundamental issue of every single program that can store passwords transparently.
CVE-2005-2842 EXPLOITDB c VERIFIED
DameWare Mini Remote Control <4.9.0 - RCE
Buffer overflow in dwrcs.exe in DameWare Mini Remote Control before 4.9.0 allows remote attackers to execute arbitrary code via the username.
by jpno5
EIP-2026-112988 EXPLOITDB c VERIFIED
vBulletin 3.0.8 - Accessible Database Backup Searcher (3)
by str0ke
CVE-2005-1843 EXPLOITDB c VERIFIED
Adobe Version Cue 1.0-1.0.1 - Local Arbitrary Library Loading via -lib Command Line Argument
VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, allows local users to load arbitrary libraries and execute arbitrary code via the -lib command line argument.
by vade79
CVE-2005-2773 EXPLOITDB CRITICAL c VERIFIED
HP OpenView Network Node Manager <7.50 - RCE
HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl.
by Lympex
CVSS 9.8
CVE-2005-2772 EXPLOITDB c VERIFIED
University of Minnesota gopher client 3.0.9 - Buffer Overflow
Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via (1) a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and (2) certain arguments when launching third party programs such as a web browser from a web link, which is not properly handled in the FIOgetargv function.
by vade79
CVE-2004-1220 EXPLOITDB c VERIFIED
Battlefield 1942 and Vietnam - Denial of Service via Large numplayers Server Reply
Battlefield 1942 1.6.19 and earlier, and Battlefield Vietnam 1.2 and earlier, allows a remote master server to cause a denial of service (client crash) via a server reply that contains a large numplayers value, which triggers a null dereference.
by Luigi Auriemma
CVE-2005-1983 EXPLOITDB c VERIFIED
Microsoft Windows 2000 and XP SP1 - Stack-Based Buffer Overflow in Plug and Play Service
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
by RoMaNSoFt
EIP-2026-118884 EXPLOITDB c VERIFIED
Microsoft Windows Plug-and-Play Service (French) - Remote Universal (MS05-039)
by Fabrice Mourron
EIP-2026-118790 EXPLOITDB c VERIFIED
Microsoft IIS 5.0 - '500-100.asp' Server Name Spoof
by Lympex
CVE-2005-2719 EXPLOITDB c VERIFIED
Ventrilo 2.1.2-2.3.0 - Denial of Service via Malformed Status Packet
Ventrilo 2.1.2 through 2.3.0 allows remote attackers to cause a denial of service (application crash) via a status packet that contains less data than specified in the packet header sent to UDP port 3784.
by Luigi Auriemma
CVE-2005-2868 EXPLOITDB c VERIFIED
ZipTorrent 1.3.7.3 - Info Disclosure
ZipTorrent 1.3.7.3 stores sensitive information in plaintext in the pref.txt file, which allows local users to obtain sensitive information such as proxy server information and passwords.
by Kozan
CVE-2005-2866 EXPLOITDB c VERIFIED
Mercora IMRadio 4.0.0.0 - Privilege Escalation
Mercora IMRadio 4.0.0.0 stores usernames and passwords in plaintext in the MercoraClient\Profiles registry key, which allows local users to gain privileges.
by Kozan
CVE-2005-2665 EXPLOITDB c VERIFIED
Elm 2.5 PL5-PL7 - Remote Code Execution via Expires Header Buffer Overflow
Stack-based buffer overflow in expires.c in Elm 2.5 PL5 through PL7, and possibly other versions, allows remote attackers to execute arbitrary code via an e-mail message with a long Expires header.
by c0ntex
CVE-2005-2694 EXPLOITDB c VERIFIED
WinAce 2.6.0.5 - Buffer Overflow via Long File Name in Temporary File
Buffer overflow in WinAce 2.6.0.5, and possibly earlier versions, allows remote attackers to execute arbitrary code via a temporary (.tmp) file that contains an entry with a long file name.
by ATmaCA
CVE-2005-2639 EXPLOITDB c VERIFIED
Chris Moneymaker's World Poker Championship 1.0 - Buffer Overflow
Buffer overflow in Chris Moneymaker's World Poker Championship 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long nickname.
by Luigi Auriemma
CVE-2005-1983 EXPLOITDB c VERIFIED
Microsoft Windows 2000 and XP SP1 - Stack-Based Buffer Overflow in Plug and Play Service
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
by houseofdabus
CVE-2005-1983 EXPLOITDB c VERIFIED
Microsoft Windows 2000 and XP SP1 - Stack-Based Buffer Overflow in Plug and Play Service
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
by sl0ppy
CVE-2005-2577 EXPLOITDB c VERIFIED
Wyse Winterm 1125SE 4.2.09f/4.4.061f - Denial of Service via Zero IP Option Length Packet
Wyse Winterm 1125SE running firmware 4.2.09f or 4.4.061f allows remote attackers to cause a denial of service (device crash) via a packet with a zero in the IP option length field.
by Piotr Chytla
EIP-2026-117587 EXPLOITDB c VERIFIED
Microsoft Windows XP/2000/2003 - Keyboard Event Privilege Escalation
by Andres Tarasco
CVE-2005-2367 EXPLOITDB c VERIFIED
Ethereal 0.9.4-0.10.11 - Remote Code Execution via AFP Packet Format String
Format string vulnerability in the proto_item_set_text function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet.
by vade79
EIP-2026-110806 EXPLOITDB c VERIFIED
PHP-Fusion 6.0.106 - BBCode IMG Tag Script Injection
by Easyex
CVE-2005-2409 EXPLOITDB c VERIFIED
nbsmtp < 0.99 - Remote Code Execution via Format String in Debug Mode
Format string vulnerability in util.c in nbsmtp 0.99 and earlier, while running in debug mode, allows remote attackers to execute arbitrary code via format string specifiers that are not properly handled in a syslog call.
by CoKi
By Source
All 3,628 Writeup 62,313 Exploitdb 50,076 Nomisec 22,418 Github 3,633 Metasploit 3,314 Vulncheck_xdb 929 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,574 ruby 6,005 c 3,628 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 229 shell 131 go 73 postscript 25 typescript 25