C Exploits

3,628 exploits tracked across all sources.

Sort: Activity Stars
CVE-2005-0330 EXPLOITDB c VERIFIED
Painkiller <= 1.35 - Authenticated Buffer Overflow via Long CD-Key Hash
Buffer overflow in Painkiller 1.35 and earlier, and possibly other versions before 1.61, allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a long cd-key hash.
by Luigi Auriemma
CVE-2005-0245 EXPLOITDB c VERIFIED
PostgreSQL < 7.3.10 - Heap-Based Buffer Overflow via Refcursor Function Arguments
Buffer overflow in gram.y for PostgreSQL 8.0.0 and earlier may allow attackers to execute arbitrary code via a large number of arguments to a refcursor function (gram.y), which leads to a heap-based buffer overflow, a different vulnerability than CVE-2005-0247.
by ChoiX
CVE-2005-0325 EXPLOITDB c VERIFIED
Xpand Rally 1.0.0.0 - Denial of Service via Malformed Packet
Xpand Rally 1.0.0.0 allows remote attackers or remote malicious game servers to cause a denial of service (application crash) via a packet with large values that are not properly handled in certain malloc or memcpy operations.
by Luigi Auriemma
CVE-2005-0199 EXPLOITDB CRITICAL c VERIFIED
ngIRCd < 0.8.2 - Remote Denial of Service and Possible Code Execution via MODE Line Integer Underflow
Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MODE line that causes an incorrect length calculation, which leads to a buffer overflow.
by Florian Westphal
CVSS 9.8
CVE-2004-1235 EXPLOITDB c VERIFIED
Linux kernel <2.6.11 - RCE
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
by Tim Hsu
CVE-2004-1388 EXPLOITDB c VERIFIED
BerliOS GPD daemon 1.9.0-2.7 - Remote Code Execution via Format String in GPS Request
Format string vulnerability in the gpsd_report function for BerliOS GPD daemon (gpsd, formerly pygps) 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls.
by JohnH
EIP-2026-102921 EXPLOITDB c VERIFIED
Mandrake / Slackware /usr/bin/trn - Local Privilege Escalation (Not SUID)
by ZzagorR
CVE-2005-0116 EXPLOITDB c VERIFIED
awstats < 6.3 - Remote Code Execution via configdir Parameter
AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl.
by THUNDER
EIP-2026-117223 EXPLOITDB c VERIFIED
Funduc Search and Replace - Compressed File Local Buffer Overflow
by ATmaCA
CVE-2005-0416 EXPLOITDB c VERIFIED
Windows NT/2000/XP/2003 - Remote Code Execution via Animated Cursor Length Field
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow.
by houseofdabus
CVE-2005-0193 EXPLOITDB c VERIFIED
iSync mRouter - Buffer Overflow via Command Line Switches
Buffer overflow in the (1) -v and (2) -a switches in mRouter in iSync 1.5 in Mac OS X 10.3.7 and earlier allows local users to execute arbitrary code.
by nemo
EIP-2026-102839 EXPLOITDB c VERIFIED
fkey 0.0.2 - Local File Accessibility
by vade79
EIP-2026-104594 EXPLOITDB c VERIFIED
Darwin Kernel 7.1 - Mach File Parsing Local Integer Overflow
CVE-2005-0043 EXPLOITDB c VERIFIED
Apple iTunes 4.7 - Remote Code Execution via Long URL in Playlist Files
Buffer overflow in Apple iTunes 4.7 allows remote attackers to execute arbitrary code via a long URL in (1) .m3u or (2) .pls playlist files.
by nemo
CVE-2005-0021 EXPLOITDB c VERIFIED
Exim < 4.43 - Buffer Overflow via IPv6 Address or DNS PTR Lookup
Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function.
by Rafael Carrasco
CVE-2005-0382 EXPLOITDB c VERIFIED
Breed patch 1 - Denial of Service via Empty UDP Packet
Breed patch 1 and earlier allows remote attackers to cause a denial of service (application crash) via an empty UDP packet, which triggers a null dereference.
by Luigi Auriemma
CVE-2004-1172 EXPLOITDB c VERIFIED
Veritas Backup Exec 8.x-9.x - Stack-Based Buffer Overflow via Long Hostname in Agent Browser Registration
Stack-based buffer overflow in the Agent Browser in Veritas Backup Exec 8.x before 8.60.3878 Hotfix 68, and 9.x before 9.1.4691 Hotfix 40, allows remote attackers to execute arbitrary code via a registration request with a long hostname.
by class101
CVE-2004-1235 EXPLOITDB c VERIFIED
Linux kernel <2.6.11 - RCE
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
by Paul Starzetz
EIP-2026-115359 EXPLOITDB c VERIFIED
Gore 1.50 - Socket Unreacheable Denial of Service
by Luigi Auriemma
CVE-2005-0280 EXPLOITDB c VERIFIED
Soldner Secret Wars - Format String Vulnerability via Message Processing
Format string vulnerability in Soldner Secret Wars 30830 and earlier allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in a message.
by Luigi Auriemma
EIP-2026-104634 EXPLOITDB c VERIFIED
iWebNegar 1.1 - Configuration Nullification Denial of Service
by c0d3r
CVE-2004-0567 EXPLOITDB c VERIFIED
Windows NT Server 4.0 SP 6a- Windows Server 2003 - Buffer Overflow
The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability."
by zuc
CVE-2004-0206 EXPLOITDB c VERIFIED
Microsoft Windows NetDDE - Remote Code Execution via Malicious Message
Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or application that involves an "unchecked buffer," possibly a buffer overflow.
by houseofdabus
EIP-2026-119296 EXPLOITDB c VERIFIED
Working Resources BadBlue 2.55 - MFCISAPICommand Remote Buffer Overflow (1)
by Miguel Tarasc
CVE-2004-1317 EXPLOITDB c VERIFIED
Netcat for Windows 1.1 - Buffer Overflow
Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote attackers to execute arbitrary code via a long DNS command.
by class101
By Source
All 3,628 Writeup 62,344 Exploitdb 50,076 Nomisec 22,425 Github 3,649 Metasploit 3,314 Vulncheck_xdb 929 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,585 ruby 6,005 c 3,628 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 229 shell 132 go 73 postscript 25 typescript 25