Exploitdb Exploits
4,759 exploits tracked across all sources.
Motorola SBG6580 Cable Modem & Wireless Router - Reboot (Denial of Service)
by nicx0
Easy Karaokay Player 3.3.31 - '.wav' Integer Division by Zero
by Osanda Malith Jayathissa
PotPlayer <1.5.40688 - Memory Corruption
PotPlayer 1.5.40688: .avi File Memory Corruption
by ariarat
CVSS 7.8
Gretech GOM Media Player <2.2.56.5158 - Memory Corruption
Gretech GOM Media Player 2.2.56.5158 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted AVI file.
by ariarat
Code-Crafters Ability Mail Server 3.1.1 - Cross-Site Scripting via Email Body
Cross-site scripting (XSS) vulnerability in Code-Crafters Ability Mail Server 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the body of an email.
by David Um
VUPlayer 2.49 - '.m3u' File Universal Buffer Overflow (DEP Bypass) (2)
by Morteza Hashemi
PotPlayer 1.5.42509 Beta - Integer Division by Zero Denial of Service
by sajith
Linux kernel < 3.12 - Info Disclosure
The ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a Wi-Fi device is listening, which allows remote attackers to discover the original MAC address after spoofing by sending a series of packets to MAC addresses with certain bit manipulations.
by Mathy Vanhoef
Eaton Network Shutdown Module 3.21 - Remote PHP Code Injection
by Filip Waeytens
D-Link DSR Series Firmware - SQL Injection via Login Password Parameter
Multiple SQL injection vulnerabilities in D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 allow remote attackers to execute arbitrary SQL commands via the password to (1) the login.authenticate function in share/lua/5.1/teamf1lualib/login.lua or (2) captivePortal.lua.
by 0_o
CVSS 9.8
Microsoft Windows XP/Server 2003 - Privilege Escalation
NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in November 2013.
by ryujin
CVSS 7.8
Kingsoft Writer 2012 8.1.0.3030 - Stack-based Buffer Overflow via Long Font Name in WPS File
Stack-based buffer overflow in Kingsoft Writer 2012 8.1.0.3030, as used in Kingsoft Office 2013 before 9.1.0.4256, allows remote attackers to execute arbitrary code via a long font name in a WPS file.
by Julien Ahrens
ZIP Password Recovery Professional 5.1 - '.zip' Crash (PoC)
by KAI
Zend-Framework - Full Information Disclosure
by Ariel Orellana
TP-Link TL-WR740N / TL-WR740ND 150M Wireless Lite N Router - HTTP Denial of Service
by Dino Causevic
CoolPlayer+ Portable 2.19.4 - Local Buffer Overflow
by Mike Czumak
VideoCharge Watermark Master 2.2.23 - Remote Code Execution via Long Name Attribute in .wstyle File
Buffer overflow in VideoCharge Software Watermark Master 2.2.23 allows remote attackers to execute arbitrary code via a long string in the name attribute of the cols element in a .wstyle file.
by Mike Czumak
Google Android <4.4 - Code Injection
Google Android prior to 4.4 has an APK Signature Security Bypass Vulnerability
by Jay Freeman
CVSS 9.8
VideoCharge Watermark Master 2.2.23 - Remote Code Execution via Long SourcePath in WCF File
Buffer overflow in VideoCharge Software Watermark Master 2.2.23 allows remote attackers to execute arbitrary code via a long string in the SourcePath value in a .wcf file.
by metacom
PHP < 5.3.13 and 5.4.x < 5.4.3 - Denial of Service via Malformed CGI Query String
sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to cause a denial of service (resource consumption) by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'T' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823.
by noptrix
VideoCharge Studio 2.12.3.685 - Buffer Overflow
A stack-based buffer overflow vulnerability exists in VideoCharge Studio 2.12.3.685 when processing a specially crafted .VSC configuration file. The issue occurs due to improper handling of user-supplied data in the XML 'Name' attribute, leading to an SEH overwrite condition. An attacker can exploit this vulnerability by convincing a user to open a malicious .VSC file, resulting in arbitrary code execution under the context of the user.
by metacom
Beetel Connection Manager PCW_BTLINDV1.0.0B04 - Buffer Overflow
A stack-based buffer overflow vulnerability exists in Beetel Connection Manager version PCW_BTLINDV1.0.0B04 when parsing the UserName parameter in the NetConfig.ini configuration file. A crafted .ini file containing an overly long UserName value can overwrite the Structured Exception Handler (SEH), leading to arbitrary code execution when the application processes the file.
by metacom
Dolibarr ERP/CRM 3.4.0 - 'exportcsv.php?sondage' SQL Injection
by drone
By Source