Exploitdb Exploits
4,759 exploits tracked across all sources.
Mini-stream Ripper 3.0.1.1 - Stack-based Buffer Overflow via Long URI in Playlist File
Stack-based buffer overflow in Mini-stream Ripper 3.0.1.1 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
by blake
KnFTP 1.0.0 - Remote Code Execution via Multiple Stack-Based Buffer Overflows
Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote attackers to execute arbitrary code via a long string to the (1) USER, (2) PASS, (3) REIN, (4) QUIT, (5) PORT, (6) PASV, (7) TYPE, (8) STRU, (9) MODE, (10) RETR, (11) STOR, (12) APPE, (13) ALLO, (14) REST, (15) RNFR, (16) RNTO, (17) ABOR, (18) DELE, (19) CWD, (20) LIST, (21) NLST, (22) SITE, (23) STST, (24) HELP, (25) NOOP, (26) MKD, (27) RMD, (28) PWD, (29) CDUP, (30) STOU, (31) SNMT, (32) SYST, and (33) XPWD commands.
by blake
Wav Player 1.1.3.6 - '.pll' Local Buffer Overflow
by Iván García Ferreira
MelOn Player 1.0.11.x - Denial of Service (PoC)
by modpr0be
Crush FTP 5 - 'APPE' Remote JVM Blue Screen of Death (PoC)
by BSOD Digital
DVD X Player 4.1 Professional - Stack-Based Buffer Overflow via PLF Playlist Filename
Stack-based buffer overflow in DVD X Player 4.1 Professional allows remote attackers to execute arbitrary code via a PLF playlist containing a long filename.
by blake
Cerberus FTP Server 4.0.9.8 - Remote Buffer Overflow
by KedAns-Dz
CoolPlayer Portable 2.19.2 - Local Buffer Overflow (ASLR Bypass) (1)
by blake
Mini FTP Server 1.1 - Buffer Corruption Remote Denial of Service
by LiquidWorm
Freefloat FTP Server - 'ALLO' Remote Buffer Overflow
by Black.Spook
Xlight FTP Server 3.7 - Remote Buffer Overflow
by KedAns-Dz
Sagem Router Fast 3304/3464/3504 - Telnet Authentication Bypass
by Elouafiq Ali
shttpd 1.42 - Stack-based Buffer Overflow in _shttpd_put_dir Function
Stack-based buffer overflow in the (1) put_dir function in mongoose.c in Mongoose 3.0, (2) put_dir function in yasslEWS.c in yaSSL Embedded Web Server (yasslEWS) 0.2, and (3) _shttpd_put_dir function in io_dir.c in Simple HTTPD (shttpd) 1.42 allows remote attackers to execute arbitrary code via an HTTP PUT request, as exploited in the wild in 2011.
by nion
shttpd 1.42 - Stack-based Buffer Overflow in _shttpd_put_dir Function
Stack-based buffer overflow in the (1) put_dir function in mongoose.c in Mongoose 3.0, (2) put_dir function in yasslEWS.c in yaSSL Embedded Web Server (yasslEWS) 0.2, and (3) _shttpd_put_dir function in io_dir.c in Simple HTTPD (shttpd) 1.42 allows remote attackers to execute arbitrary code via an HTTP PUT request, as exploited in the wild in 2011.
by G13
MP3 CD Converter Professional 5.3.0 - Universal DEP Bypass
by C4SS!0 G0M3S
Bisonware FTP Server < 4.1 - Buffer Overflow via Long USER LIST or CWD Commands
Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or (3) CWD commands.
by localh0t
iphone/ipad phone drive 1.1.1 - Directory Traversal
by Khashayar Fereidani
CiscoKits 1.0 - TFTP Server Directory Traversal
by SecPod Research
CiscoKits 1.0 - TFTP Server 'Write Command' Denial of Service
by SecPod Research
OpenSLP - Denial of Service via Extension Parser Infinite Loop
The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Location Protocol daemon (SLPD) in VMware ESX 4.0 and 4.1 and ESXi 4.0 and 4.1, allows remote attackers to cause a denial of service (infinite loop) via a packet with a "next extension offset" that references this extension or a previous extension. NOTE: some of these details are obtained from third party information.
by Nicolas Gregoire
By Source