Exploitdb Exploits
4,759 exploits tracked across all sources.
BulletProof FTP Client <2.63 - Buffer Overflow
Stack-based buffer overflow in BulletProof FTP Client 2.63 and 2010 allows user-assisted attackers to execute arbitrary code via a bookmark file entry with a long host name, which appears as a host parameter within the quick-connect bar.
by Gabor Seljan
Elasticsearch <1.4.5, <1.5.2 - Path Traversal
Directory traversal vulnerability in Elasticsearch before 1.4.5 and 1.5.x before 1.5.2, when a site plugin is enabled, allows remote attackers to read arbitrary files via unspecified vectors.
by pandujar
VideoCharge Vanilla 3.16.4.06 - Local Buffer Overflow
by evil_comrade
VideoCharge Professional + Express Vanilla 3.18.4.04 - Local Buffer Overflow
by evil_comrade
VideoCharge Express 3.16.3.04 - Local Buffer Overflow
by evil_comrade
MacKeeper - URL Handler Remote Code Execution
by Braden Thomas
Mediacoder 0.8.34.5716 - '.m3u' Local Buffer Overflow (SEH)
by evil_comrade
elFinder 2 - Remote Command Execution (via File Creation)
by TUNISIAN CYBER
Ninja Privilege Escalation Detection and Prevention System 0.1.3 - Race Condition Privilege Escalation
by Ben Sheppard
UniPDF 1.2 - 'xml' Buffer Overflow Crash (PoC)
by Avinash Thapa
miniupnpd 1.0 - Remote Code Execution via Long Quoted Method in SOAPAction Handler
Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method.
by Onur Alanbel (BGA)
Wireshark 1.12.4 - Memory Corruption and Access Violation (PoC)
by Avinash Thapa
Free MP3 CD Ripper <= 2.6 - Stack-based Buffer Overflow via Crafted WAV File
Stack-based buffer overflow in Free MP3 CD Ripper 1.1, 2.6 and earlier, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .wav file.
by naxxo
ProFTPD 1.3.5 - Unauthenticated Arbitrary File Read and Write via mod_copy Site Commands
The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
by R-73eN
MS15-034 HTTP Protocol Stack Request Handling Denial-of-Service
HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted HTTP requests, aka "HTTP.sys Remote Code Execution Vulnerability."
by laurent gaffie
CVSS 9.8
Samba _netr_ServerPasswordSet Uninitialized Credential State
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.
by sleepya
Apple OS X Rootpipe Privilege Escalation
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors.
by Emil Kvarnhammar
CVSS 7.8
w3tw0rk / Pitbull Perl IRC Bot - Remote Code Execution
by Jay Turla
JBoss AS 3/4/5/6 - Remote Command Execution
by João Filho Matos Figueiredo
AirTies Air Firmware < 1.0.2.0 - Remote Code Execution via Long Redirect Parameter
Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login.
by Batuhan Burakcin
By Source