Exploitdb Exploits
4,733 exploits tracked across all sources.
PInfo 0.6.9-5.1 Local Buffer Overflow via -m Parameter
PInfo 0.6.9-5.1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -m parameter. Attackers can craft a malicious input string with 564 bytes of padding followed by a return address to overwrite the instruction pointer and execute shellcode with user privileges.
by Juan Sacco
CVSS 8.4
VUPlayer 2.49 (Windows 7) - '.m3u' Local Buffer Overflow (DEP Bypass)
by secfigo
Mediacoder 0.8.43.5830 - '.m3u' Local Buffer Overflow (SEH)
by Sibusiso Sishi
PHPLive 4.4.8 < 4.5.4 - Password Recovery SQL Injection
by Tiago Carvalho
Oracle Orakill.exe 11.2.0 - Buffer Overflow (PoC)
by hyp3rlinx
Mini-stream Easy RM TO Mp3 Converter - Memory Corruption
Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary code via a long filename in a playlist (.pls) file.
by Fitzl Csaba
Zabbix 2.2 < 3.0.3 - API JSON-RPC Remote Code Execution
by Alexander Gurin
Oracle MySQL Server <5.5.45-5.6.26 - DoS
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.
by Osanda Malith Jayathissa
HPE Data Protector <7.03_108,8.x<8.15,9.x<9.06 - RCE
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2623.
by Ian Lovering
CVSS 9.8
WordPress Plugin Job Script by Scubez - Remote Code Execution
by Bikramaditya Guha
Cisco ASA <9.5 - Buffer Overflow
Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 before 8.7(1.18), 9.0 before 9.0(4.38), 9.1 before 9.1(7), 9.2 before 9.2(4.5), 9.3 before 9.3(3.7), 9.4 before 9.4(2.4), and 9.5 before 9.5(2.2) on ASA 5500 devices, ASA 5500-X devices, ASA Services Module for Cisco Catalyst 6500 and Cisco 7600 devices, ASA 1000V devices, Adaptive Security Virtual Appliance (aka ASAv), Firepower 9300 ASA Security Module, and ISA 3000 devices allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via crafted UDP packets, aka Bug IDs CSCux29978 and CSCux42019.
by Exodus Intelligence
CVSS 9.8
NRSS RSS Reader 0.3.9-1 Stack Buffer Overflow
NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F parameter. Attackers can craft a malicious input with 256 bytes of padding followed by a controlled EIP value to overwrite the return address and achieve code execution.
by Juan Sacco
CVSS 8.4
CIScan 1.00 - Hostname/IP Field Overwrite (SEH) (PoC)
by Nipun Jaswal
Ipswitch WS_FTP LE 12.3 - Search field Overwrite (SEH) (PoC)
by Zahid Adeel
Dell SonicWALL Scrutinizer 11.0.1 - setUserSkin/deleteTab SQL Injection Remote Code Execution
by mr_me
RPCScan 2.03 - Hostname/IP Field Overwrite (SEH) (PoC)
by Nipun Jaswal
i.FTP 2.21 - Host Address / URL Field (SEH)
by Tantaryu MING
RPCScan 2.03 - Hostname/IP Field Crash (PoC)
by Irving Aguilar
CIScan 1.00 - Hostname/IP Field Crash (PoC)
by Irving Aguilar
TRN 3.6-23 Stack Buffer Overflow Local Code Execution
TRN 3.6-23 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the application. Attackers can craft a malicious command-line argument with 156 bytes of padding followed by a return address to overwrite the instruction pointer and execute shellcode with user privileges.
by Juan Sacco
CVSS 8.4
By Source