C Exploits

3,631 exploits tracked across all sources.

Sort: Activity Stars
CVE-2004-0636 EXPLOITDB c VERIFIED
AOL Instant Messenger <5.5.3595 - RCE
Buffer overflow in the goaway function in the aim:goaway URI handler for AOL Instant Messenger (AIM) 5.5, including 5.5.3595, allows remote attackers to execute arbitrary code via a long Away message.
by mandragore
CVE-2004-0416 EXPLOITDB c VERIFIED
CVS <1.12.8/<1.11.16 - Memory Corruption
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
by Gyan Chawdhary
CVE-2004-1717 EXPLOITDB c VERIFIED
gv - Buffer Overflow via Long Postscript File Values
Multiple buffer overflows in the psscan function in ps.c for gv (ghostview) allow remote attackers to execute arbitrary code via a Postscript file with a long (1) BoundingBox, (2) comment, (3) Orientation, (4) PageOrder, or (5) Pages value.
by infamous41md
CVE-2006-6563 EXPLOITDB c VERIFIED
ProFTPD <1.3.1rc1 - Buffer Overflow
Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value.
by pi3
CVE-2004-0597 EXPLOITDB c VERIFIED
libpng < 1.2.5 - Remote Code Execution via Malformed PNG Image
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
by anonymous
CVE-2004-0597 EXPLOITDB c VERIFIED
libpng < 1.2.5 - Remote Code Execution via Malformed PNG Image
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
by infamous41md
CVE-2004-0733 EXPLOITDB c VERIFIED
OllyDbg 1.10 - Remote Code Execution via Format String Specifiers
Format string vulnerability in OllyDbg 1.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers that are directly provided to the OutputDebugString function call.
by Ahmet Cihan
CVE-2004-1475 EXPLOITDB c VERIFIED
xine-lib 1-rc2-1-rc5 - Stack-Based Buffer Overflow via Long VideoCD MRL or Subtitle Lines
Multiple stack-based buffer overflows in xine-lib 1-rc2 through 1-rc5 allow attackers to execute arbitrary code via (1) long VideoCD vcd:// MRLs or (2) long subtitle lines.
by c0ntex
CVE-2004-1701 EXPLOITDB c VERIFIED
Cfengine 2.0.0-2.1.7p1 - Remote Code Execution via Long SAUTH Command
Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication.
by jsk
EIP-2026-103100 EXPLOITDB c VERIFIED
Dropbear SSH 0.34 - Remote Code Execution
by livenn
CVE-2004-2532 EXPLOITDB c VERIFIED
Serv-U FTP <5.1.0.0 - Command Injection
Serv-U FTP server before 5.1.0.0 has a default account and password for local administration, which allows local users to execute arbitrary commands by connecting to the server using the default administrator account, creating a new user, logging in as that new user, and then using the SITE EXEC command.
by Andrés Acunha
CVE-2003-0717 EXPLOITDB c VERIFIED
Messenger Service - Buffer Overflow
The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
by VeNoMouS
CVE-2004-1437 EXPLOITDB c VERIFIED
pavuk - Remote Code Execution via Digest Authentication Buffer Overflow
Multiple buffer overflows in the digest authentication functionality in Pavuk 0.9.28-r2 and earlier allow remote attackers to execute arbitrary code.
by infamous41md
CVE-2004-0633 EXPLOITDB c VERIFIED
Ethereal 0.10.3-0.10.4 - Denial of Service via iSNS Dissector Integer Overflow
The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.
by Rémi Denis-Courmont
CVE-2004-2646 EXPLOITDB c VERIFIED
Free Web Chat 2.0 - Denial of Service via Null usrName Variable
The addUser function in UserManager.java in Free Web Chat 2.0 allows remote attackers to cause a denial of service (uncaught NullPointerException) via unknown attack vectors that cause the usrName variable to be null.
by Donato Ferrante
CVE-2004-2523 EXPLOITDB c VERIFIED
OpenFTPD < 0.30.2 - Authenticated Remote Code Execution via Format String in Message Argument
Format string vulnerability in the msg command (cat_message function in msg.c) in OpenFTPD 0.30.2 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in the message argument.
by infamous41md
CVE-2004-0557 EXPLOITDB c VERIFIED
SoX 12.17.2-12.17.4 - Remote Code Execution via WAV File Header Fields
Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.
by Rave
CVE-2004-0415 EXPLOITDB c VERIFIED
Linux Kernel - Unauthenticated Memory Exposure via 64-bit File Offset Pointer Conversion
Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory.
by Paul Starzetz
CVE-2004-2523 EXPLOITDB c VERIFIED
OpenFTPD < 0.30.2 - Authenticated Remote Code Execution via Format String in Message Argument
Format string vulnerability in the msg command (cat_message function in msg.c) in OpenFTPD 0.30.2 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in the message argument.
by Andi
CVE-2004-1705 EXPLOITDB c VERIFIED
Citadel/UX <= 6.23 - Denial of Service via Long Username
Buffer overflow in Citadel/UX 6.23 and earlier allows remote attackers to cause a denial of service via a long username.
by CoKi
CVE-2004-0493 EXPLOITDB c VERIFIED
Apache httpd 2.0.49 - DoS/Buffer Overflow
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.
by anonymous
CVE-2004-0212 EXPLOITDB c VERIFIED
Avaya IP600 Media Servers - Stack-Based Buffer Overflow via Long Parameters in .job File
Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a .job file on an anonymous share.
by houseofdabus
EIP-2026-103088 EXPLOITDB c VERIFIED
Citadel/UX 5.9/6.x - 'Username' Remote Buffer Overflow (2)
by Nebunu
EIP-2026-103087 EXPLOITDB c VERIFIED
Citadel/UX 5.9/6.x - 'Username' Remote Buffer Overflow (1)
by CoKi
EIP-2026-103099 EXPLOITDB c VERIFIED
Drcat 0.5.0-beta - 'drcatd' Remote Code Execution
by Taif
By Source
All 3,631 Writeup 62,478 Exploitdb 50,076 Nomisec 22,448 Github 3,670 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,594 ruby 6,006 c 3,631 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 133 go 73 postscript 25 typescript 25