Exploitdb Exploits
4,733 exploits tracked across all sources.
Elif Keir Knftp - Memory Corruption
Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote attackers to execute arbitrary code via a long string to the (1) USER, (2) PASS, (3) REIN, (4) QUIT, (5) PORT, (6) PASV, (7) TYPE, (8) STRU, (9) MODE, (10) RETR, (11) STOR, (12) APPE, (13) ALLO, (14) REST, (15) RNFR, (16) RNTO, (17) ABOR, (18) DELE, (19) CWD, (20) LIST, (21) NLST, (22) SITE, (23) STST, (24) HELP, (25) NOOP, (26) MKD, (27) RMD, (28) PWD, (29) CDUP, (30) STOU, (31) SNMT, (32) SYST, and (33) XPWD commands.
by blake
Wav Player 1.1.3.6 - '.pll' Local Buffer Overflow
by Iván García Ferreira
MelOn Player 1.0.11.x - Denial of Service (PoC)
by modpr0be
Crush FTP 5 - 'APPE' Remote JVM Blue Screen of Death (PoC)
by BSOD Digital
DVD X Studios Dvd X Player - Buffer Overflow
Stack-based buffer overflow in DVD X Player 4.1 Professional allows remote attackers to execute arbitrary code via a PLF playlist containing a long filename.
by blake
Cerberus FTP Server 4.0.9.8 - Remote Buffer Overflow
by KedAns-Dz
CoolPlayer Portable 2.19.2 - Local Buffer Overflow (ASLR Bypass) (1)
by blake
Mini FTP Server 1.1 - Buffer Corruption Remote Denial of Service
by LiquidWorm
Freefloat FTP Server - 'ALLO' Remote Buffer Overflow
by Black.Spook
Xlight FTP Server 3.7 - Remote Buffer Overflow
by KedAns-Dz
Sagem Router Fast 3304/3464/3504 - Telnet Authentication Bypass
by Elouafiq Ali
Shttpd - Memory Corruption
Stack-based buffer overflow in the (1) put_dir function in mongoose.c in Mongoose 3.0, (2) put_dir function in yasslEWS.c in yaSSL Embedded Web Server (yasslEWS) 0.2, and (3) _shttpd_put_dir function in io_dir.c in Simple HTTPD (shttpd) 1.42 allows remote attackers to execute arbitrary code via an HTTP PUT request, as exploited in the wild in 2011.
by nion
Shttpd - Memory Corruption
Stack-based buffer overflow in the (1) put_dir function in mongoose.c in Mongoose 3.0, (2) put_dir function in yasslEWS.c in yaSSL Embedded Web Server (yasslEWS) 0.2, and (3) _shttpd_put_dir function in io_dir.c in Simple HTTPD (shttpd) 1.42 allows remote attackers to execute arbitrary code via an HTTP PUT request, as exploited in the wild in 2011.
by G13
MP3 CD Converter Professional 5.3.0 - Universal DEP Bypass
by C4SS!0 G0M3S
Bisonware FTP Server < 4.1 - Buffer Overflow
Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or (3) CWD commands.
by localh0t
iphone/ipad phone drive 1.1.1 - Directory Traversal
by Khashayar Fereidani
CiscoKits 1.0 - TFTP Server Directory Traversal
by SecPod Research
CiscoKits 1.0 - TFTP Server 'Write Command' Denial of Service
by SecPod Research
Openslp - Denial of Service
The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Location Protocol daemon (SLPD) in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, allows remote attackers to cause a denial of service (infinite loop) via a packet with a "next extension offset" that references this extension or a previous extension. NOTE: some of these details are obtained from third party information.
by Nicolas Gregoire
Omnicom Alpha 4.0e LPD Server - Denial of Service
by Craig Freyman
By Source