Exploitdb Exploits
2,814 exploits tracked across all sources.
GNU make <4.3.3 - Buffer Overflow
Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument.
by watercloud
LVM for AIX <5.3 - Buffer Overflow
Multiple buffer overflows in LVM for AIX 5.1 and 5.2 allow local users to gain privileges via the (1) putlvcb or (2) getlvcb commands.
by watercloud
Webfroot Shoutbox 2.32 - Remote Command Execution
by pokleyzz
Webfroot Shoutbox < 2.32 (Apache) - Local File Inclusion / Remote Code Execution
by anonymous
IBM Aix - Race Condition
The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002.
by watercloud
Gnome Batalla Naval 1.0.4 - RCE
Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows remote attackers to execute arbitrary code via a long connection string.
by wsxz
Ifenslave 0.0.7 - Argument Local Buffer Overflow (1)
by jlanthea
Prishtina FTP client <1 - DoS/Buffer Overflow
Buffer overflow in Prishtina FTP client 1.x allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP banner.
by DHGROUP
Qualcomm Eudora - Symlink Following
Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."
by Paul Szabo
CVSS 7.5
Maelstrom Player 3.0.x - Argument Buffer Overflow (1)
by Luca Ercoli
Maelstrom <3.0.6-3.0.5 - RCE
Buffer overflow in Maelstrom 3.0.6, 3.0.5, and earlier allows local users to execute arbitrary code via a long -server command line argument.
by Luca Ercoli
cdrecord <2.0 - Privilege Escalation
Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users to gain privileges via format string specifiers in the dev parameter.
by anonymous
Snitz Communications Snitz Forums 2000 < 3.4.04 - XSS
Cross-site scripting (XSS) vulnerability in register.asp in Snitz Forums 2000 3.4.04 and earlier allows remote attackers to inject arbitrary web script or HTML via javascript events in the Email parameter.
by anonymous
eServ <2.9x - DoS
Memory leak in eServ 2.9x allows remote attackers to cause a denial of service (memory exhaustion) via a large number of connections, whose memory is not freed when the connection is terminated.
by Matthew Murphy
CMailServer 4.0.2003.03 - Buffer Overflow
Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.
by Dennis Rand
CMailServer 4.0.2003.03 - Buffer Overflow
Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.
by Dennis Rand
Snitz Forums 2000 - 'register.asp' SQL Injection
by sharpiemarker
Lgames Ltris - Memory Corruption
Buffer overflow in LTris 1.0.1 of FreeBSD Ports Collection 2003-02-25 and earlier allows local users to execute arbitrary code with gid "games" permission via a long HOME environment variable.
by Knud Erik Hojgaard
catmail <8.2.09 - RCE
Buffer overflow in catmail for ListProc 8.2.09 and earlier allows remote attackers to execute arbitrary code via a long ULISTPROC_UMASK value.
by kf
Happycgi.com Happymall <4.4 - RCE
Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter for the (1) normal_html.cgi or (2) member_html.cgi scripts.
by Revin Aldi
Happycgi.com Happymall <4.4 - RCE
Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter for the (1) normal_html.cgi or (2) member_html.cgi scripts.
by Revin Aldi
Floosietek FTGate Pro Mail Server <1.22 - RCE
Multiple buffer overflows in Floosietek FTGate Pro Mail Server (FTGatePro) 1.22 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.
by Dennis Rand
Floosietek FTGate Pro Mail Server <1.22 - RCE
Multiple buffer overflows in Floosietek FTGate Pro Mail Server (FTGatePro) 1.22 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.
by Dennis Rand
youbin - Buffer Overflow
Buffer overflow in youbin allows local users to gain privileges via a long HOME environment variable.
by Knud Erik Hojgaard
Stalker Communigate Pro - Information Disclosure
CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer.
by Yaroslav Polyakov
By Source