Exploitdb Exploits
3,138 exploits tracked across all sources.
Windows Me - Cross-Site Scripting via Help and Support Center Topic Parameter
Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote attackers to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter.
by s0h
Battlefield 1942 1.2-1.3 - Buffer Overflow via Remote Console Authentication
Buffer overflow in the remote console (rcon) in Battlefield 1942 1.2 and 1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long user name and password.
by greuff
amx_mod 0.9.2 - Remote Code Execution via Format String Specifiers in amx_say Command
Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software's Half-Life Server, allows remote attackers to execute arbitrary commands via format string specifiers in the amx_say command.
by greuff
zlib 1.1.4 - Buffer Overflow in gzprintf
Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code.
by CrZ
zlib 1.1.4 - Buffer Overflow in gzprintf
Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code.
by Richard Kettlewel
Cisco IOS 11.2.x-12.0.x - Denial of Service via OSPF Neighbor Announcements
Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements.
by FX
cPanel 5.0 - Remote Code Execution via Guestbook.cgi Template Parameter
guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitrary commands via the template parameter.
by bob
linux-atm - Buffer Overflow via Long Command Line Argument
Buffer overflow in les for ATM on Linux (linux-atm) before 2.4.1, if used setuid, allows local users to gain privileges via a long -f command line argument.
by Angelo Rosiello
AutomatedShops WebC 2.0/5.0 Script - Name Remote Buffer Overrun
by Carl Livitt
HP-UX 10.0-11.22 - Local Buffer Overflow via stmkfont Command Line Argument
Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument.
by Last Stage of Delirium
nethack <3.4.0 & falconseye <1.9.3 - Buffer Overflow
Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.
nethack <3.4.0 & falconseye <1.9.3 - Buffer Overflow
Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.
by tsao@efnet
BitchX 75p3 and 1.0c16-1.0c20cvs - Denial of Service via Malformed RPL_NAMREPLY Message
BitchX 75p3 and 1.0c16 through 1.0c20cvs allows remote attackers to cause a denial of service (segmentation fault) via a malformed RPL_NAMREPLY numeric 353 message.
by argv
GameSpy 3D 2.62 - Denial of Service via UDP Amplification
Multiple GameSpy 3D 2.62 compatible gaming servers generate very large UDP responses to small requests, which allows remote attackers to use the servers as an amplifier in DDoS attacks with spoofed UDP query packets, as demonstrated using Battlefield 1942.
by Mike Kristovich
Caldera Openlinux Ebuilder - Access Control
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
by logikal
mpg123 pre0.59s - Invalid MP3 Header Memory Corruption
by Gobbles Security
Half-Life StatsMe 2.6.x Plugin - MakeStats Format String
Half-Life StatsMe 2.6.x Plugin - CMD_ARGV Buffer Overflow
Half-Life ClanMod 1.80/1.81 Plugin - Remote Format String
Half-Life AdminMod 2.50 Plugin - Remote Format String
by greuff
Tanne 0.6.17 - Remote Code Execution via Format String in Logger Function
Multiple format string vulnerabilities in the logger function in netzio.c for Tanne 0.6.17 allows remote attackers to execute arbitrary code via format string specifiers in syslog.
by dong-h0un yoU
H-Sphere WebShell 2.3 - Remote Code Execution via Buffer Overflow in CGI::readFile diskusage and flist
Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fname in flist.
by Carl Livitt
H-Sphere WebShell 2.3 - Remote Code Execution via Buffer Overflow in CGI::readFile diskusage and flist
Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fname in flist.
by Carl Livitt
rpc.walld - Solaris 2.6-9 - Local Privilege Escalation
rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header.
by Brant Roman
By Source