Exploitdb Exploits
3,149 exploits tracked across all sources.
Magic Winmail Server 2.3 USER POP3 - Command Format String
by D4rkGr3y
kernel-utils - Privilege Escalation
uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode.
Maelstrom <3.0.6-3.0.5 - RCE
Buffer overflow in Maelstrom 3.0.6, 3.0.5, and earlier allows local users to execute arbitrary code via a long -server command line argument.
by ph4nt0m
WsMp3d <0.0.10 - RCE
Multiple heap-based buffer overflows in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allow remote attackers to execute arbitrary code via long HTTP requests.
by Xpl017Elz
EXPLORER.EXE <Windows XP - RCE
Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to execute arbitrary code as the XP user via a desktop.ini file with a long .ShellClassInfo parameter.
by einstein
BZFlag 1.7 g0 - Reconnect Denial of Service
by russian code molester
Maelstrom Player 3.0.x - Argument Buffer Overflow (2)
by knight420
Maelstrom <3.0.6-3.0.5 - RCE
Buffer overflow in Maelstrom 3.0.6, 3.0.5, and earlier allows local users to execute arbitrary code via a long -server command line argument.
by CMN
PalmOS - DoS
PalmOS allows remote attackers to cause a denial of service (CPU consumption) via a flood of ICMP echo request (ping) packets.
by Shaun Colley
cdrecord <2.0 - Privilege Escalation
Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users to gain privileges via format string specifiers in the dev parameter.
by CMN
Samba - Buffer Overflow
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
by eDSee
Firebird <1.5 - Buffer Overflow
Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_inet_server, (2) gds_lock_mgr, or (3) gds_drop.
by bob
eServ <2.9x - DoS
Memory leak in eServ 2.9x allows remote attackers to cause a denial of service (memory exhaustion) via a large number of connections, whose memory is not freed when the connection is terminated.
by rash
Borland Software Interbase - Buffer Overflow
Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server.
by bob
Kerio Personal Firewall <2.1.4 - RCE
Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet.
by Burebista
leksbot 1.2.3 - Privilege Escalation
leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have.
by gunzip
Mysql - Cryptographic Issue
MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods.
by Secret Squirrel
Realnetworks Helix Universal Server - Buffer Overflow
Multiple buffer overflows in RealNetworks Helix Universal Server 9.0 (9.0.2.768) allow remote attackers to execute arbitrary code via (1) a long Transport field in a SETUP RTSP request, (2) a DESCRIBE RTSP request with a long URL argument, or (3) two simultaneous HTTP GET requests with long arguments.
by Johnny Cyberpunk
Kerio Personal Firewall <2.1.4 - RCE
Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet.
by ThreaT
Hp-ux - Buffer Overflow
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.
by bysin
Openbsd Openssh < 3.6.1 - Information Disclosure
OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing attack.
by Maurizio Agazzini
By Source