Exploitdb Exploits
2,814 exploits tracked across all sources.
AudioCoder 0.8.22 - '.m3u' Local Buffer Overflow (SEH)
by Mike Czumak
Watchguard Fireware < 11.7.4 - Memory Corruption
Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8 allows remote attackers to execute arbitrary code via a long sessionid value in a cookie.
by st3n
Blazevideo Blaze Dvd - Memory Corruption
Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist.
by Mike Czumak
Photodex ProShow Producer 5.0.3310 - Local Buffer Overflow (SEH)
by Mike Czumak
Vbulletin - Access Control
The install/upgrade.php scripts in vBulletin 4.1 and 5 allow remote attackers to create administrative accounts via the customerid, htmldata[password], htmldata[confirmpassword], and htmldata[email] parameters, as exploited in the wild in October 2013.
by Joshua Rogers
TeraCopy 2.3 - 'default.mo' Language File Integer Overflow
by LiquidWorm
freeFTPd <1.0.10 - Buffer Overflow
A stack-based buffer overflow vulnerability exists in freeFTPd version 1.0.10 and earlier in the handling of the FTP PASS command. When an attacker sends a specially crafted password string, the application fails to validate input length, resulting in memory corruption. This can lead to denial of service or arbitrary code execution. Exploitation requires the anonymous user account to be enabled.
by Wireghoul
CVSS 9.8
Super Player 3500 - '.m3u' Local Stack Buffer Overflow
by jun
Blazevideo Blaze Dvd - Memory Corruption
Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist.
by PuN1sh3r
Squid - Improper Input Validation
client_side_request.cc in Squid 3.2.x before 3.2.13 and 3.3.x before 3.3.8 allows remote attackers to cause a denial of service via a crafted port number in a HTTP Host header.
by kingcope
F5 Nginx < 1.4.0 - Out-of-Bounds Write
The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow.
by kingcope
IPMI 2.0 - Info Disclosure
The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC.
by Dan Farmer
CVSS 7.5
Imagely Nextgen Gallery < 1.9.13 - Unrestricted File Upload
NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php file upload
by Marcos Garcia
CVSS 9.8
Adrenalin Player 2.2.5.3 - '.m3u' Local Buffer Overflow (SEH)
by seaofglass
Microsoft Windows Media Player 11.0.0 - '.wav' Crash (PoC)
by Asesino04
Stormy Studios Knet - Buffer Overflow
Buffer overflow in Stormy Studios Knet 1.04c and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP GET request.
by Wireghoul
By Source