Exploitdb Exploits

4,759 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-116952 EXPLOITDB python VERIFIED
Chasys Media Player 1.1 - '.m3u' Local Stack Overflow
by Encrypt3d.M!nd
EIP-2026-115043 EXPLOITDB python VERIFIED
Chasys Media Player 1.1 - '.pls' Local Buffer Overflow (PoC) (SEH)
by zAx
CVE-2009-1022 EXPLOITDB python VERIFIED
gomlab gom_encoder < 1.0.0.11 - Heap-Based Buffer Overflow via Long Text Field in Subtitle File
Heap-based buffer overflow in the Preview/ Set Segment function in Gretech GOMlab GOM Encoder 1.0.0.11 and earlier allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a long text field in a subtitle (.srt) file.
by Encrypt3d.M!nd
EIP-2026-118078 EXPLOITDB python VERIFIED
VUPlayer 2.49 - '.cue' Universal Buffer Overflow
by Stack
EIP-2026-117829 EXPLOITDB python VERIFIED
RainbowPlayer 0.91 - Playlist Universal Overwrite (SEH)
by His0k4
EIP-2026-117845 EXPLOITDB python VERIFIED
Realtek Sound Manager 1.15.0.0 - Playlist Overwrite (SEH)
by His0k4
EIP-2026-117825 EXPLOITDB python VERIFIED
RadASM 2.2.1.5 - '.rap' Local Stack Overflow
by zAx
EIP-2026-117698 EXPLOITDB python VERIFIED
Nokia MultiMedia Player 1.0 - Playlist Universal Overwrite (SEH)
by His0k4
CVE-2008-3733 EXPLOITDB python VERIFIED
EO Video 1.36 - Stack-Based Buffer Overflow via Long Name Element in ProjectElement
Stack-based buffer overflow in EO Video (eo-video) 1.36 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .eop (aka playlist) file with a ProjectElement element that contains a long Name element.
by His0k4
EIP-2026-117448 EXPLOITDB python VERIFIED
Media Commands - '.m3u' Universal Overwrite (SEH)
by His0k4
CVE-2009-0076 EXPLOITDB python VERIFIED
Microsoft Internet Explorer 7 - RCE
Microsoft Internet Explorer 7, when XHTML strict mode is used, allows remote attackers to execute arbitrary code via the zoom style directive in conjunction with unspecified other directives in a malformed Cascading Style Sheets (CSS) stylesheet in a crafted HTML document, aka "CSS Memory Corruption Vulnerability."
by Ahmed Obied
EIP-2026-118505 EXPLOITDB python VERIFIED
EFS Easy Chat Server 2.2 - Authentication Request Buffer Overflow (SEH)
by His0k4
CVE-2009-0849 EXPLOITDB python VERIFIED
NovaStor NovaNET 12 - Stack-Based Buffer Overflow via Long Username Field
Stack-based buffer overflow in the DtbClsLogin function in NovaStor NovaNET 12 allows remote attackers to (1) execute arbitrary code on Linux platforms via a long username field during backup domain authentication, related to libnnlindtb.so; or (2) cause a denial of service (daemon crash) on Windows platforms via a long username field during backup domain authentication, related to nnwindtb.dll. NOTE: some of these details are obtained from third party information.
by AbdulAziz Hariri
CVE-2009-0350 EXPLOITDB python VERIFIED
Merak Media Player 3.2 - Buffer Overflow
Stack-based buffer overflow in Merak Media Player 3.2 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file, related to the status bar icon's tooltip. NOTE: some of these details are obtained from third party information.
by Encrypt3d.M!nd
CVE-2009-0885 EXPLOITDB python VERIFIED
Media Commands 1.0 - Remote Code Execution via Long String in Playlist File
Multiple heap-based buffer overflows in Media Commands 1.0 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in a (1) M3U, (2) M3l, (3) TXT, and (4) LRC playlist file.
by His0k4
CVE-2008-6775 EXPLOITDB python VERIFIED
HTC Touch Pro and Touch Cruise - Denial of Service via vCard Flood to UDP Port 9204
HTC Touch Pro and HTC Touch Cruise vCard allows remote attackers to cause denial of service (CPU consumption, SMS consumption, and connectivity loss) via a flood of vCards to UDP port 9204.
by Mobile Security Lab
CVE-2009-0367 EXPLOITDB python VERIFIED
Wesnoth 1.4.x and 1.5 < 1.5.11 - Remote Code Execution via Python AI Module Sandbox Escape
The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module.
by Wesnoth
CVE-2009-0075 EXPLOITDB python VERIFIED
Microsoft Internet Explorer 7 - Uninitialized Memory Corruption
Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to CFunctionPointer and the appending of document objects, aka "Uninitialized Memory Corruption Vulnerability."
by David Kennedy (ReL1K)
CVE-2009-0076 EXPLOITDB python VERIFIED
Microsoft Internet Explorer 7 - RCE
Microsoft Internet Explorer 7, when XHTML strict mode is used, allows remote attackers to execute arbitrary code via the zoom style directive in conjunction with unspecified other directives in a malformed Cascading Style Sheets (CSS) stylesheet in a crafted HTML document, aka "CSS Memory Corruption Vulnerability."
by David Kennedy (ReL1K)
CVE-2009-0815 EXPLOITDB python VERIFIED
TYPO3 <4.0.12-4.3alpha1 - Info Disclosure
The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which allows remote attackers to read arbitrary files by including the hash in a request.
by Lolek
CVE-2009-0388 EXPLOITDB python VERIFIED
UltraVNC 1.0.2-1.0.5 & TightVnc 1.3.9 - DoS/Code Injection
Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and (2) TightVnc 1.3.9 allow remote VNC servers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code via a large length value in a message, related to the (a) ClientConnection::CheckBufferSize and (b) ClientConnection::CheckFileZipBufferSize functions in ClientConnection.cpp.
by desi
CVE-2009-0544 EXPLOITDB python VERIFIED
PyCrypto ARC2 2.0.1 - Buffer Overflow
Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length.
by Mike Wiacek
CVE-2009-0450 EXPLOITDB python VERIFIED
BlazeVideo HDTV Player <3.5 - Buffer Overflow
Stack-based buffer overflow in BlazeVideo HDTV Player 3.5 and earlier allows remote attackers to execute arbitrary code via a long string in a playlist (aka .plf) file.
by LiquidWorm
CVE-2009-0388 EXPLOITDB python VERIFIED
UltraVNC 1.0.2-1.0.5 & TightVnc 1.3.9 - DoS/Code Injection
Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and (2) TightVnc 1.3.9 allow remote VNC servers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code via a large length value in a message, related to the (a) ClientConnection::CheckBufferSize and (b) ClientConnection::CheckFileZipBufferSize functions in ClientConnection.cpp.
by Andres Luksenberg
CVE-2009-0734 EXPLOITDB python VERIFIED
Nokia PC Suite <6.86.9.3 - Buffer Overflow
Heap-based buffer overflow in MultimediaPlayer.exe 6.86.240.7 in Nokia PC Suite 6.86.9.3 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file.
by zer0in