Perl Exploits
2,849 exploits tracked across all sources.
Squid 3.2.x-3.2.12 and 3.3.x-3.3.7 - Denial of Service via HTTP Host Header Port Number
client_side_request.cc in Squid 3.2.x before 3.2.13 and 3.3.x before 3.3.8 allows remote attackers to cause a denial of service via a crafted port number in a HTTP Host header.
by kingcope
nginx 1.3.9-1.4.0 - Remote Code Execution via Chunked Transfer-Encoding
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
by kingcope
Fujitsu M10 Firmware < 2290 - Unauthenticated Password Hash Exposure via IPMI RAKP HMAC
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC.
by Dan Farmer
CVSS 7.5
NextGEN Gallery < 1.9.13 - Unrestricted Upload of File with Dangerous Type via ngggallery.php
NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php file upload
by Marcos Garcia
CVSS 9.8
Adrenalin Player 2.2.5.3 - '.m3u' Local Buffer Overflow (SEH)
by seaofglass
Microsoft Windows Media Player 11.0.0 - '.wav' Crash (PoC)
by Asesino04
Stormy Studios Knet <= 1.04c - Buffer Overflow via Long HTTP GET Request
Buffer overflow in Stormy Studios Knet 1.04c and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP GET request.
by Wireghoul
ircd-hybrid < 8.0.6 - Denial of Service via Negative Mask Parsing
The try_parse_v4_netmask function in hostmask.c in IRCD-Hybrid before 8.0.6 does not properly validate masks, which allows remote attackers to cause a denial of service (crash) via a mask that causes a negative number to be parsed.
by kingcope
IconCool MP3 WAV Converter 3.00 Build 120518 - Stack Buffer Overflow
by G0li47h
vBulletin 5.0.0 Beta 11 and earlier - Authenticated SQL Injection via nodeid Parameter
SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11, 5.0.0 Beta 28, and earlier allows remote authenticated users to execute arbitrary SQL commands via the nodeid parameter.
by Orestis Kourides
StarVedia IPCamera IC502w IC502w+ v020313 - 'Username'/Password Disclosure
by Todor Donev
DELL SonicWALL Analyzer 7.0, GMS 4.1-7.0, UMA 5.1-7.0, ViewPoint 4.1-6.0 - Authentication Bypass
An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0; Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, 5.1, and 6.0 via the skipSessionCheck parameter to the UMA interface (/appliance/), which could let a remote malicious user obtain access to the root account.
by Nikolas Sotiriu
CVSS 9.8
Oracle MySQL 5.5.0-5.5.28 & MariaDB 5.2.0-5.2.13 - Brute Force via Insufficient Salt Rotation
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.
by kingcope
Oracle MySQL <5.5.38 & MariaDB <5.5.28a - Info Disclosure
Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending on whether a user name exists, which allows remote attackers to enumerate valid usernames.
by kingcope
MySQL <5.5.19 & MariaDB <5.5.28a - Privilege Escalation
MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.
by kingcope
Oracle MySQL <5.5.28 & MariaDB <5.5.28a - RCE
Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command.
by kingcope
Oracle MySQL <5.5.29 - Buffer Overflow
Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code, as demonstrated using certain variations of the (1) USE, (2) SHOW TABLES, (3) DESCRIBE, (4) SHOW FIELDS FROM, (5) SHOW COLUMNS FROM, (6) SHOW INDEX FROM, (7) CREATE TABLE, (8) DROP TABLE, (9) ALTER TABLE, (10) DELETE FROM, (11) UPDATE, and (12) SET PASSWORD commands.
by kingcope
By Source