Exploitdb Exploits

4,733 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-118054 EXPLOITDB python
VideoCharge Express 3.16.3.04 - Local Buffer Overflow
by evil_comrade
EIP-2026-104617 EXPLOITDB python VERIFIED
MacKeeper - URL Handler Remote Code Execution
by Braden Thomas
EIP-2026-117466 EXPLOITDB python VERIFIED
Mediacoder 0.8.34.5716 - '.m3u' Local Buffer Overflow (SEH)
by evil_comrade
EIP-2026-106829 EXPLOITDB python
elFinder 2 - Remote Command Execution (via File Creation)
by TUNISIAN CYBER
EIP-2026-102934 EXPLOITDB python VERIFIED
Ninja Privilege Escalation Detection and Prevention System 0.1.3 - Race Condition Privilege Escalation
by Ben Sheppard
EIP-2026-115412 EXPLOITDB python VERIFIED
i.FTP 2.21 - Overflow Crash (SEH) (PoC)
by Avinash Thapa
EIP-2026-116459 EXPLOITDB python VERIFIED
UniPDF 1.2 - 'xml' Buffer Overflow Crash (PoC)
by Avinash Thapa
CVE-2013-0230 EXPLOITDB python
Miniupnpd - Memory Corruption
Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method.
by Onur Alanbel (BGA)
EIP-2026-103964 EXPLOITDB python VERIFIED
Legend Perl IRC Bot - Remote Code Execution
by Jay Turla
EIP-2026-103751 EXPLOITDB python VERIFIED
Wireshark 1.12.4 - Memory Corruption and Access Violation (PoC)
by Avinash Thapa
CVE-2011-5165 EXPLOITDB python VERIFIED
Cleanersoft Free Mp3 CD Ripper < 2.6 - Memory Corruption
Stack-based buffer overflow in Free MP3 CD Ripper 1.1, 2.6 and earlier, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .wav file.
by naxxo
CVE-2015-3306 EXPLOITDB python
ProFTPD 1.3.5 - RCE
The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
by R-73eN
CVE-2015-1635 EXPLOITDB CRITICAL python
MS15-034 HTTP Protocol Stack Request Handling Denial-of-Service
HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
by laurent gaffie
CVSS 9.8
CVE-2015-0240 EXPLOITDB python
Samba _netr_ServerPasswordSet Uninitialized Credential State
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.
by sleepya
CVE-2015-1130 EXPLOITDB HIGH python VERIFIED
Apple OS X Rootpipe Privilege Escalation
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
by Emil Kvarnhammar
CVSS 7.8
EIP-2026-104124 EXPLOITDB python VERIFIED
w3tw0rk / Pitbull Perl IRC Bot - Remote Code Execution
by Jay Turla
EIP-2026-104289 EXPLOITDB python
JBoss AS 3/4/5/6 - Remote Command Execution
by João Filho Matos Figueiredo
CVE-2015-2797 EXPLOITDB python
Airties Air Firmware < 1.0.2.0 - Memory Corruption
Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login.
by Batuhan Burakcin
EIP-2026-117311 EXPLOITDB python
IDM 6.20 - Local Buffer Overflow
by TUNISIAN CYBER
CVE-2014-6332 EXPLOITDB HIGH python VERIFIED
Microsoft Windows - RCE
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted web site, as demonstrated by an array-redimensioning attempt that triggers improper handling of a size value in the SafeArrayDimen function, aka "Windows OLE Automation Array Remote Code Execution Vulnerability."
by Naser Farhadi
CVSS 8.8
CVE-2009-1646 EXPLOITDB python
Mini-stream RM Downloader - Memory Corruption
Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long rtsp URL in a .ram file.
by TUNISIAN CYBER
EIP-2026-117605 EXPLOITDB python VERIFIED
Mini-stream Ripper 2.7.7.100 - Local Buffer Overflow
by TUNISIAN CYBER
CVE-2014-9013 EXPLOITDB HIGH python
WP Marketplace <2.4.0 - Privilege Escalation
The ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin 2.4.0 for WordPress allows remote authenticated users to create arbitrary users and gain admin privileges via a request to wpmp_pp_ajax_call with an execution target of wp_insert_user.
by Claudio Viviani
CVSS 8.8
CVE-2014-9014 EXPLOITDB MEDIUM python
WP Marketplace <2.4.1 - Path Traversal
Directory traversal vulnerability in the ajaxinit function in wpmarketplace/libs/cart.php in the WP Marketplace plugin before 2.4.1 for WordPress allows remote authenticated users to download arbitrary files via a .. (dot dot) in the file parameter.
by Claudio Viviani
CVSS 4.3
EIP-2026-118333 EXPLOITDB python VERIFIED
Bsplayer 2.68 - HTTP Response Universal
by Fady Mohammed Osman
By Source
All 4,733 Exploitdb 50,135 Writeup 48,661 Nomisec 21,327 Metasploit 3,228 Github 2,562 Vulncheck_xdb 901 Inthewild 518 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,346 ruby 5,959 python 5,903 c 3,575 perl 2,854 html 2,056 php 1,334 bash 459 java 362 javascript 260 c++ 249 shell 95 go 52 postscript 25 xml 24