Exploitdb Exploits
4,759 exploits tracked across all sources.
EFS Software Easy File Sharing FTP Server 2.0 - Stack-Based Buffer Overflow via PASS Command
Stack-based buffer overflow in EFS Software Easy File Sharing FTP Server 2.0 allows remote attackers to execute arbitrary code via a long argument to the PASS command. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
by superkojiman
InfraRecorder - '.m3u' File Buffer Overflow (PoC)
by Osanda Malith Jayathissa
Core FTP Server 1.2 build 535 (32-bi)t - Crash (PoC)
by Kaczinski Ramirez
Easy File Management Web Server 5.3 - Remote Stack Buffer Overflow
by superkojiman
Easy Address Book Web Server 1.6 - Remote Stack Buffer Overflow
by superkojiman
mod_wsgi < 3.4 - Exposure of Sensitive Information via Content-Type Header
mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.
by Buck Golemon
CVSS 7.5
SafeNet Sentinel Protection Server <7.4.0 - Path Traversal
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string.
by Matt Schmidt
SPIP <3.0.9, <2.1.22, <2.0.23 - Privilege Escalation
SPIP 3.0.x before 3.0.9, 2.1.x before 2.1.22, and 2.0.x before 2.0.23 allows remote attackers to gain privileges and "take editorial control" via vectors related to ecrire/inc/filtres.php.
by Gregory Draperi
cairo 1.10.2 - Denial of Service via Large String in cairo_image_surface_get_data
The cairo_image_surface_get_data function in Cairo 1.10.2, as used in GTK+ and Wireshark, allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a large string.
by Osanda Malith Jayathissa
ALLPlayer - '.wav' File Processing Memory Corruption
by Aryan Bayaninejad
RealNetworks RealPlayer <= 16.0.3.51 - Remote Code Execution via Malformed .3gp File
The GetGUID function in codecs/dmp4.dll in RealNetworks RealPlayer 16.0.3.51 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (write access violation and application crash) via a malformed .3gp file.
by Aryan Bayaninejad
Easy File Sharing Web Server 6.8 - Remote Code Execution via UserID Cookie Buffer Overflow
Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6.8 allows remote attackers to execute arbitrary code via a long string in a cookie UserID parameter to vfolder.ghp.
by superkojiman
Easy Chat Server 1.2 and 2.2 - Denial of Service via Long Username Parameter
chat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a denial of service (server crash) via a long username parameter, possibly due to a buffer overflow. NOTE: it was later reported that 2.2 is also affected.
by superkojiman
JetAudio < 8.1.1 - Denial of Service via Crafted OGG File
JetMPAd.ax in JetAudio 8.1.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .ogg file.
by Aryan Bayaninejad
GOM Media Player < 2.2.57.5189 - Denial of Service via Crafted OGG File
GOM Media Player 2.2.57.5189 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .ogg file.
by Aryan Bayaninejad
VideoLAN VLC Media Player 2.1.3 - Denial of Service via Crafted PNG File
codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file.
by Aryan Bayaninejad
AssistMyTeam Team Helpdesk - Multiple Information Disclosure Vulnerabilities
by bhamb
ApPHP MicroBlog 1.0.1 - Remote Command Execution
by LOTFREE
Kolibri 2.0 - Remote Code Execution via Long URI in GET Request
Stack-based buffer overflow in Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a GET request.
by Polunchis
Acunetix Web Vulnerability Scanner 8 build 20120704 - Stack-Based Buffer Overflow via IMG Element URL
Stack-based buffer overflow in Acunetix Web Vulnerability Scanner (WVS) 8 build 20120704 allows remote attackers to execute arbitrary code via an HTML file containing an IMG element with a long URL (src attribute).
by An7i
Jzip <2.0.0.132900 - Buffer Overflow
Stack-based buffer overflow in Jzip 1.3 through 2.0.0.132900 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file name in a zip archive.
by motaz reda
OpenSSL 1.0.1-1.0.1f - Out-of-bounds Read via Heartbeat Extension
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
by Fitzl Csaba
CVSS 7.5
By Source