Exploitdb Exploits
3,149 exploits tracked across all sources.
Jason Maloney's Guestbook 3.0 - Remote Command Execution
by shaun2k2
Applied Watch Command Center - CSRF
Applied Watch Command Center allows remote attackers to conduct unauthorized activities without authentication, such as (1) add new users to a console, as demonstrated using appliedsnatch.c, or (2) add spurious IDS rules to sensors, as demonstrated using addrule.c.
by Bugtraq Security
Applied Watch Command Center - CSRF
Applied Watch Command Center allows remote attackers to conduct unauthorized activities without authentication, such as (1) add new users to a console, as demonstrated using appliedsnatch.c, or (2) add spurious IDS rules to sensors, as demonstrated using addrule.c.
by Bugtraq Security
Thomson Cablemodem TCM315 - Denial of Service
by Shell security group
GEdit 2.0/2.2 - Large IOStream File Memory Corruption
by MegaHz
OpenBSD 3.3/3.4 - semctl/semop Local Unexpected Array Indexing
by anonymous
mod_gzip 1.3.26.1a - Buffer Overflow
Stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode, allows remote attackers to execute arbitrary code via a long filename in a GET request with an "Accept-Encoding: gzip" header.
by xCrZx
OpenBSD 3.3/3.4 - 'sysctl' Local Denial of Service
by anonymous
Openbsd - Buffer Overflow
OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, which leads to a stack-based buffer overflow.
by Sinan Eren
Windows Workstation Service - Buffer Overflow
Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated using the NetAddAlternateComputerName API.
by snooq
Windows NT-Server 2003 - Buffer Overflow
Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application.
by xCrZx
Microsoft FrontPage Server Extensions <2002 - RCE
Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request.
by Adik
TerminatorX 3.81 - Local Stack Overflow / Local Privilege Escalation
by Li0n7
Windows Workstation Service - Buffer Overflow
Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated using the NetAddAlternateComputerName API.
by eEYe
Wireless Tools - Buffer Overflow
Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable.
by heka
Winace UnAce 2.2 - Command Line Argument Buffer Overflow (2)
by Li0n7
Winace UnAce 2.2 - Command Line Argument Buffer Overflow (1)
by demz
Hylafax <4.1.7 - RCE
Format string vulnerability in hfaxd for Hylafax 4.1.7 and earlier allows remote attackers to execute arbitrary code.
by Sebastian Krahmer
EPIC IRC Client <2.002-0 - DoS/Code Injection
EPIC IRC Client (EPIC4) pre2.002, pre2.003, and possibly later versions, allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via a CTCP request from a large nickname, which causes an incorrect length calculation.
by Li0n7
Windows 2000 SP3-SP4 - DoS
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function.
by ins1der
TerminatorX 3.8 - Multiple Command-Line and Environment Buffer Overrun Vulnerabilities (3)
by m00 security
TerminatorX 3.8 - Multiple Command-Line and Environment Buffer Overrun Vulnerabilities (2)
by Bobby
TerminatorX 3.8 - Multiple Command-Line and Environment Buffer Overrun Vulnerabilities (1)
by c0wboy
Openbsd - Buffer Overflow
OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, which leads to a stack-based buffer overflow.
by Scott Bartram
Help in NIPrint LPD-LPR Print Server <4.10 - Privilege Escalation
Help in NIPrint LPD-LPR Print Server 4.10 and earlier executes Windows Explorer with SYSTEM privileges, which allows local users to gain privileges.
by xCrZx
By Source