Exploitdb Exploits
2,814 exploits tracked across all sources.
MA Lighting Technology grandMA onPC 6.808 - Remote Denial of Service
by LiquidWorm
Mp3info - Buffer Overflow
Buffer overflow in MP3Info 0.8.4 allows attackers to execute arbitrary code via a long command line argument. NOTE: if mp3info is not installed setuid or setgid in any reasonable context, then this issue might not be a vulnerability.
by Ayman Sagy
FreePBX <2.9.0.14, <2.10.1.15, <2.11.0.23, <12.0.1alpha22 - RCE
admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args parameters to admin/config.php.
by @0x00string
ALLPlayer <5.8.1 - Buffer Overflow
Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .m3u (playlist) file.
by Gabor Seljan
Gold MP4 Player 3.3 - Buffer Overflow (PoC) (SEH)
by Gabor Seljan
ImageMagick - Buffer Overflow
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947.
by Mike Czumak
CVSS 8.8
WHMCompleteSolution (WHMCS) 5.12 - 'cart.php' Denial of Service
by Amir
NCH Software Express Burn Plus 4.68 - '.EBP' Project File Buffer Overflow
by LiquidWorm
RealNetworks RealPlayer <17.0.4.61 - Windows/Mac - Buffer Overflow
Multiple stack-based buffer overflows in RealNetworks RealPlayer before 17.0.4.61 on Windows, and Mac RealPlayer before 12.0.1.1738, allow remote attackers to execute arbitrary code via a long (1) version number or (2) encoding declaration in the XML declaration of an RMP file, a different issue than CVE-2013-6877.
by Gabor Seljan
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue because of dependency on the victim's direct involvement in modifying the Windows registry to enable the attack. Notes: none
by Mike Czumak
PHPThumb - 'PHPThumb.php' Arbitrary File Upload
by DevilScreaM
Audacious Player 3.4.2/3.4.1 - '.mp3' Crash (PoC)
by Akin Tosunlar
Total Video Player 1.3.1 - 'Settings.ini' Local Buffer Overflow (SEH)
by Mike Czumak
ALLPlayer <5.8.1 - Buffer Overflow
Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .m3u (playlist) file.
by Mike Czumak
Pirelli Discus DRG A125g - Remote Change WiFi Password
by Sebastián Magof
Pirelli Discus DRG A125g - Local Password Disclosure
by Sebastián Magof
Boilsoft RM TO MP3 Converter 1.72 - '.wav' Crash (PoC)
by Akin Tosunlar
Vortexgroup Light Alloy < 4.7.3 - Memory Corruption
Stack-based buffer overflow in Vortex Light Alloy before 4.7.4 allows remote attackers to execute arbitrary code via a long URL in a .m3u file.
by Mike Czumak
ALLPlayer <5.8.1 - Buffer Overflow
Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .m3u (playlist) file.
by Mike Czumak
Plogue Sforzando 1.665 - Buffer Overflow (SEH) (PoC)
by Mike Czumak
By Source