Exploitdb Exploits
2,012 exploits tracked across all sources.
n-cms-equipe 1.1c.Debug - Multiple Local File Inclusions
by ITSecTeam
cPanel - Multiple Cross-Site Request Forgery Vulnerabilities
by SecurityRules
Employee Timeclock Software 0.99 - CSRF
Cross-site request forgery (CSRF) vulnerability in add_user.php in Employee Timeclock Software 0.99 allows remote attackers to hijack the authentication of an administrator for requests that create new administrative users. NOTE: some of these details are obtained from third party information.
by ViRuSMaN
Rising Online Virus Scanner 22.0.0.5 - ActiveX Control Stack Overflow (Denial of Service)
by wirebonder
Symantec Antivirus - Memory Corruption
Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attackers to execute arbitrary code via a long argument to the SetRemoteComputerName function.
by Alexander Polyakov
Apple Safari 4.0.4 / Firefox 3.5.7 / SeaMonkey 2.0.1 - Remote Denial of Service
by 599eme Man
Mozilla Firefox 3.5.x and SeaMonkey 2.0.1 - Remote Denial of Service
by 599eme Man
LANDesk Management Gateway 4.x - Multiple Vulnerabilities
by Aureliano Calvo
TVUPlayer 2.4.4.9beta1 - 'PlayerOcx.ocx' ActiveX Control Arbitrary File Overwrite
by Evdokimov Dmitriy
WebKit <r53607 - SSRF
WebKit before r53607, as used in Google Chrome before 4.0.249.89, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets[0].href property value, related to an IFRAME element.
by Cesar Cerrudo
Microsoft Windows Live Messenger 2009 - ActiveX Heap Overflow (PoC)
by SarBoT511
AOL <9.5 - Buffer Overflow
AOL versions up to and including 9.5 includes an ActiveX control (Phobos.dll) that exposes a method called Import() via the Phobos.Playlist COM object. This method is vulnerable to a stack-based buffer overflow when provided with an excessively long string argument. Exploitation allows remote attackers to execute arbitrary code in the context of the user, but only when the malicious HTML file is opened locally, due to the control not being marked safe for scripting or initialization. AOL remains an active and supported brand offering services like AOL Mail and AOL Desktop Gold, but the legacy AOL 9.5 desktop software—specifically the version containing the vulnerable Phobos.dll ActiveX control—is long discontinued and no longer maintained.
by Dz_attacker
Microsoft Windows Defender - ActiveX Heap Overflow (PoC)
by SarBoT511
Foxit Reader 3.1.4.1125 - ActiveX Heap Overflow (PoC)
by SarBoT511 & D3V!L FUCKER
Gracenote CDDBControl - ActiveX Control 'ViewProfile' Method Heap Buffer Overflow (PoC)
by karak0rsan
NOS Microsystems getPlus Helper <1.6.2.49 - Buffer Overflow
Multiple stack-based buffer overflows in the NOS Microsystems getPlus Helper ActiveX control before 1.6.2.49 in gp.ocx in the Download Manager in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow remote attackers to execute arbitrary code via unspecified initialization parameters.
by superli
Microsoft Internet Explorer - 'wshom.ocx' ActiveX Control Remote Code Execution
by germaya_x & D3V!L FUCKER
VideoLAN VLC Media Player 0.8.6i - ActiveX Denial of Service (PoC)
by D3V!L FUCKER & germaya_x
Google Chrome < 4.0.249.78 - Resource Management Error
Use-after-free vulnerability in Google Chrome before 4.0.249.78 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving the display of a blocked popup window during navigation to a different web site.
by Cesar Cerrudo
By Source