Exploitdb Exploits
4,733 exploits tracked across all sources.
Webspell wCMS-Clanscript4.01.02net - static Blind SQL Injection
by Easy Laster
Microsoft Windows 7 - Code Injection
The Cinepak codec in Microsoft Windows XP SP2 and SP3, Windows Vista SP1 and SP2, and Windows 7 does not properly decompress media files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Cinepak Codec Decompression Vulnerability."
by Abysssec
BS.Player 2.56 - '.m3u' / '.pls' File Processing Multiple Remote Denial of Service Vulnerabilities
by modpr0be
VMware Workstation 7.1.1 - 'VMkbd.sys' Denial of Service
by Lufeng Li
Mozilla Firefox <3.5.11 & <3.6.7 - RCE
Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets (CSS) values in an array, related to references to external font resources and an inconsistency between 16-bit and 32-bit integers.
by Abysssec
E-Xoopport Samsara <3.1 - SQL Injection
SQL injection vulnerability in location.php in the eCal module in E-Xoopport Samsara 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the lid parameter.
by _mRkZ_
MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow
Stack-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted OBJ (0x5D) record, aka "Excel Object Stack Overflow Vulnerability."
by Abysssec
Microsoft Windows 2000 - Memory Corruption
Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a crafted AVI file, aka "MPEG Layer-3 Audio Decoder Stack Overflow Vulnerability."
by Abysssec
Adobe Acrobat - Resource Management Error
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content, involving the newfunction (0x44) operator and an "invalid pointer vulnerability" that triggers memory corruption, a different vulnerability than CVE-2010-1285 and CVE-2010-2201.
by Abysssec
Adobe Shockwave Player <11.5.8.612 - Memory Corruption
Integer signedness error in the DIRAPI module in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a count value associated with an "undocumented structure" and the tSAC chunk in a Director movie.
by Abysssec
Acoustica Audio Converter Pro 1.1 (build 25) - '.mp3 / .wav / .ogg / .wma' Local Heap Overflow
by Carlos Mario Penagos Hollmann
Oracle Java SE/Jav for Bus <23 - Info Disclosure
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow using an untrusted size value in the readMabCurveData function in the CMM module in the JVM.
by Abysssec
Novell iPrint Client <5.44 - Buffer Overflow
Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute arbitrary code via a long call-back-url parameter in an op-client-interface-version action.
by Abysssec
Basic Web Server 1.0 - Directory Traversal / Denial of Service
by John Leitch
Apple Mac OS X - Memory Corruption
Heap-based buffer overflow in QuickTimeAuthoring.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC file, related to crafted DELTA_FLI chunks and untrusted length values in a .fli file, which are not properly handled during decompression.
by Abysssec
DJ Studio Pro 8.1.3.2.1 - Local Overflow (SEH)
by Abhishek Lyall
A-PDF All to MP3 Converter 1.1.0 - Universal Local (SEH)
by modpr0be
Mozilla Firefox <3.5.11 & SeaMonkey <2.0.6 - RCE
Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via plugin content with many parameter elements.
by Abysssec
MediaHuman Music Converter 1.0.1 - '.wav' / '.mp3' Denial of Service
by modpr0be
Honestech VHS to DVD 3.0.30 Deluxe - Local Buffer Overflow (SEH)
by Brennon Thomas
SCADA Engine BACnet OPC Client <1.0.25 - Buffer Overflow
Stack-based buffer overflow in WTclient.dll in SCADA Engine BACnet OPC Client before 1.0.25 allows user-assisted remote attackers to execute arbitrary code via a crafted .csv file, related to a status log message.
by Jeremy Brown
Chalk Creek Media Player 1.0.7 - '.mp3' / '.wma' Denial of Service
by Carlos Mario Penagos Hollmann
Ipswitch Imail Server - List Mailer Reply-To Address Memory Corruption
by Abysssec
By Source