Exploitdb Exploits
4,733 exploits tracked across all sources.
FTPGetter 3.58.0.21 - 'PASV' Remote Buffer Overflow
by modpr0be
AOL Desktop 9.6 - Buffer Overflow
AOL Desktop 9.6 contains a buffer overflow vulnerability in its Tool\rich.rct component when parsing .rtx files. By embedding an overly long string in a hyperlink tag, an attacker can trigger a stack-based buffer overflow due to the use of unsafe strcpy operations. This allows remote attackers to execute arbitrary code when a victim opens a malicious .rtx file. AOL Desktop is end-of-life and no longer supported. Users are encouraged to migrate to AOL Desktop Gold or alternative platforms.
by sup3r
All In One Control Panel 1.4.1 - 'cp_menu_data_file.php' SQL Injection
by AutoSec Tools
SDP Downloader 2.3.0 - 'http_response' Remote Buffer Overflow
by sup3r
WM Downloader 3.1.2.2 2010.04.15 - '.m3u' File Buffer Overflow (DEP Bypass)
by sickness
Virtuosa Phoenix Edition 5.2 - ASX Buffer Overflow (SEH)
by Acidgen
Automatedsolutions Modbus/tcp Master Opc Server < 3.0.1 - Memory Corruption
Heap-based buffer overflow in Automated Solutions Modbus/TCP Master OPC Server before 3.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a MODBUS response packet with a crafted length field.
by Jeremy Brown
Golden FTP Server 4.70 - Malformed Message Denial of Service
by Craig Freyman
Avira AntiVir Personal - Multiple Code Execution Vulnerabilities (2)
by D.Elser
Objectivity/db - Authentication Bypass
The server components in Objectivity/DB 10.0 do not require authentication for administrative commands, which allows remote attackers to modify data, obtain sensitive information, or cause a denial of service by sending requests over TCP to (1) the Lock Server or (2) the Advanced Multithreaded Server, as demonstrated by commands that are ordinarily sent by the (a) ookillls and (b) oostopams applications. NOTE: some of these details are obtained from third party information.
by Jeremy Brown
Blackmoonftpserver Blackmoon FTP Server - Denial of Service
FTPService.exe in Blackmoon FTP 3.1 Build 1735 and Build 1736 (3.1.7.1736), and possibly other versions before 3.1.8.1737, allows remote attackers to cause a denial of service (crash) via a large number of PORT commands with long arguments, which triggers a NULL pointer dereference. NOTE: some of these details are obtained from third party information.
by Craig Freyman
SiteScape Forum - RCE
support/dispatch.cgi in SiteScape Forum allows remote attackers to execute arbitrary TCL code via code separator characters in the query string.
by Spencer McIntyre
Nokia Multimedia Player - Memory Corruption
Stack-based buffer overflow in Nokia Multimedia Player 1.00.55.5010, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long entry in a playlist (.npl) file.
by Carlos Mario Penagos Hollmann
Solar FTP Server 2.1.1 - 'PASV' Remote Buffer Overflow
by John Leitch
Lotuscms Fraise - Path Traversal
Directory traversal vulnerability in core/lib/router.php in LotusCMS Fraise 3.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via the system parameter to index.php.
by mr_me
Wellintech Kingview - Memory Corruption
Heap-based buffer overflow in HistorySvr.exe in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a long request to TCP port 777.
by Dillon Beresford
IrfanView 4.28 - Multiple Denial of Service Vulnerabilities
by BraniX
Winamp 5.5.8 (in_mod plugin) - Local Stack Overflow (SEH)
by fdiskyou
Verytools Videospirit Lite < 1.68 - Memory Corruption
Buffer overflow in VideoSpirit Pro 1.6.8.1, 1.68, and earlier; and VideoSpirit Lite 1.4.0.1 and possibly other versions; allows user-assisted remote attackers to execute arbitrary code via a VideoSpirit project (.visprj) file containing a valitem element with a long "value" attribute, as demonstrated using a valitem with the mp3 name.
by xsploitedsec
BS.Player 2.57 - Buffer Overflow
BS.Player version 2.57 (build 1051) contains a vulnerability in its playlist import functionality. When processing .m3u files, the application fails to properly validate the length of playlist entries, resulting in a buffer overflow condition. This flaw occurs during parsing of long URLs embedded in the playlist, allowing overwrite of Structured Exception Handler (SEH) records. The vulnerability is triggered upon opening a crafted playlist file and affects the Unicode parsing logic in the Windows client.
by C4SS!0 G0M3S
Concrete CMS 5.4.1.1 - Cross-Site Scripting / Remote Code Execution
by mr_me
By Source