Exploitdb Exploits
2,012 exploits tracked across all sources.
Novell Groupwise Client 7.0.3.1294 - 'gxmim1.dll' ActiveX Control Buffer Overflow (PoC)
by Francis Provencher
EasyMail Objects 6.0.2.0 - 'emimap4.dll' ActiveX Control Remote Code Execution
by Francis Provencher
Apple iPhone 2.2.1/3.x - MobileSafari Crash + Reboot (Denial of Service)
by TheLeader
Kaspersky Anti-virus - Resource Management Error
avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request that contains a large number of dot "." characters.
by Prakhar Prasad
Nokia Lotus Notes Connector - 'lnresobject.dll' Remote Denial of Service
by Francis Provencher
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (2)
by Francis Provencher
Novell Client 4.91.5 - ActiveX Control 'nwsetup.dll' Remote Denial of Service (1)
by Francis Provencher
Microsoft Internet Explorer - Code Injection
Microsoft Internet Explorer 6 on Windows XP SP2 and SP3, and Internet Explorer 7 on Vista, allows remote attackers to cause a denial of service (application crash) via JavaScript code that calls createElement to create an instance of the LI element, and then calls setAttribute to set the value attribute.
by Irfan Asrar
Microsoft Internet Explorer 8.0.7100.0 - DoS
Microsoft Internet Explorer 8.0.7100.0 on Windows 7 RC on the x64 platform allows remote attackers to cause a denial of service (application crash) via a certain DIV element in conjunction with SCRIPT elements that have empty contents and no reference to a valid external script location.
by schnuddelbuddel
Microsoft Internet Explorer <8 - DoS
mshtml.dll in Microsoft Internet Explorer 7 and 8 on Windows XP SP3 allows remote attackers to cause a denial of service (application crash) by calling the JavaScript findText method with a crafted Unicode string in the first argument, and only one additional argument, as demonstrated by a second argument of -1.
by Hong10
Mozilla Firefox <3.5.2 - DoS
Mozilla Firefox 3.0.x, 3.5, and 3.5.1 on Windows allows remote attackers to cause a denial of service (uncaught exception and application crash) via a long Unicode string argument to the write method. NOTE: this was originally reported as a stack-based buffer overflow. NOTE: on Linux and Mac OS X, a crash resulting from this long string reportedly occurs in an operating-system library, not in Firefox.
by Andrew Haynes
Mozilla Firefox <3.5.1 - RCE
js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements.
by Sberry
Mozilla Firefox <3.5 - DoS
Mozilla Firefox 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors, related to a "flash bug."
by Sberry
WindsPlayerIE.View.1 - Buffer Overflow
Heap-based buffer overflow in the WindsPlayerIE.View.1 ActiveX control in WindsPly.ocx 3.5.0.0 Beta, 3.0.0.5, and earlier in AwingSoft Awakening Web3D Player and Winds3D Viewer allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long SceneUrl property value, a different vulnerability than CVE-2009-2386. NOTE: some of these details are obtained from third party information.
by shinnai
Microsoft Internet Explorer - Buffer Overflow
Stack-based buffer overflow in the AddFavorite method in Microsoft Internet Explorer allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a long URL in the first argument.
by Sberry
Messages Library 2.0 - Arbitrary Administrator Account
by ThE g0bL!N
Google Chrome 2.0.172 - 'About:blank' Address Bar URI Spoofing 'About:blank' Address Bar URI Spoofing
by Lostmon
Apple Safari 4.0.1 - Error Page Address Bar URI Spoofing
by Juan Pablo Lopez Yacubian
Mozilla Firefox <3.0.13, 3.5.x <3.5.2 - XSS
Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write calls to the resulting object, and then calls the stop method during the loading of the error page.
by Juan Pablo Lopez Yacubian
Evernew Free Joke Script 1.2 - Remote Change Password
by Hakxer
Grestul 1.2 - Auth Bypass
admin/options.php in Grestul 1.2 does not properly restrict access, which allows remote attackers to bypass authentication and create administrative accounts via a manage_admin action in a direct request.
by ThE g0bL!N
Avax Vector ActiveX <1.3 - Buffer Overflow
Buffer overflow in the Avax Vector ActiveX control in avPreview.ocx in AVAX-software Avax Vector ActiveX 1.3 allows remote attackers to cause a denial of service (application crash) via a long PrinterName property.
by Satan_HackerS
Web Directory PRO - 'Admins.php' Change Admin Password
by TiGeR-Dz
Host Directory PRO 2.1.0 - Remote Change Admin Password
by TiGeR-Dz
By Source