Exploitdb Exploits

4,759 exploits tracked across all sources.

Sort: Activity Stars
CVE-2006-2254 EXPLOITDB python VERIFIED
Intervations Filecopa - Buffer Overflow
Buffer overflow in filecpnt.exe in FileCOPA 1.01 allows remote attackers to cause a denial of service (application crash) via a username with a large number of newline characters.
by Bigeazer
CVE-2006-2225 EXPLOITDB python VERIFIED
Dxmsoft XM Easy Personal FTP Server < 4.3 - Buffer Overflow
Buffer overflow in XM Easy Personal FTP Server 4.3 and earlier allows remote attackers to execute arbitrary code, probably via a USER command with a long username.
by rewterz
EIP-2026-103538 EXPLOITDB python VERIFIED
Lotus Domino 7.0.x/8.0/8.5 - LDAP Message Remote Denial of Service
by Evgeny Legerov
EIP-2026-119233 EXPLOITDB python VERIFIED
Ultr@VNC 1.0.1 - 'client Log::ReallyPrint' Remote Buffer Overflow
by Paul Haas
CVE-2006-1652 EXPLOITDB python VERIFIED
UltraVNC <1.0.1 - Buffer Overflow
Multiple buffer overflows in (a) UltraVNC (aka Ultr@VNC) 1.0.1 and earlier and (b) tabbed_viewer 1.29 (1) allow user-assisted remote attackers to execute arbitrary code via a malicious server that sends a long string to a client that connects on TCP port 5900, which triggers an overflow in Log::ReallyPrint; and (2) allow remote attackers to cause a denial of service (server crash) via a long HTTP GET request to TCP port 5800, which triggers an overflow in VNCLog::ReallyPrint.
by Luigi Auriemma
EIP-2026-114752 EXPLOITDB python VERIFIED
IBM Tivoli Directory Server 6.2 - 'ibmdiradm' Null Pointer Dereference Denial of Service
by Intevydis
CVE-2006-1327 EXPLOITDB python VERIFIED
SoftBB 0.1 - SQL Injection
SQL injection vulnerability in reg.php in SoftBB 0.1 allows remote attackers to execute arbitrary SQL commands via the mail parameter.
by LOTFREE
CVE-2006-1542 EXPLOITDB python VERIFIED
Python <2.4.2 - Buffer Overflow
Stack-based buffer overflow in Python 2.4.2 and earlier, running on Linux 2.6.12.5 under gcc 4.0.3 with libc 2.3.5, allows local users to cause a "stack overflow," and possibly gain privileges, by running a script from a current working directory that has a long name, related to the realpath function. NOTE: this might not be a vulnerability. However, the fact that it appears in a programming language interpreter could mean that some applications are affected, although attack scenarios might be limited because the attacker might already need to cross privilege boundaries to cause an exploitable program to be placed in a directory with a long name; or, depending on the method that Python uses to determine the current working directory, setuid applications might be affected.
by Gotfault Security
CVE-2006-0006 EXPLOITDB python VERIFIED
Microsoft Windows Media Player <10 - Buffer Overflow
Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data.
by redsand
CVE-2006-0468 EXPLOITDB python VERIFIED
Stalker Communigate Pro - Denial of Service
CommuniGate Pro Core Server before 5.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via LDAP messages with negative BER lengths, and possibly other vectors, as demonstrated by the ProtoVer LDAP test suite.
by Evgeny Legerov
CVE-2005-4158 EXPLOITDB python VERIFIED
Sudo <1.6.8 p12 - Code Injection
Sudo before 1.6.8 p12, when the Perl taint flag is off, does not clear the (1) PERLLIB, (2) PERL5LIB, and (3) PERL5OPT environment variables, which allows limited local users to cause a Perl script to include and execute arbitrary library files that have the same name as library files that are included by the script.
by Breno Silva Pinto
CVE-2006-0637 EXPLOITDB python VERIFIED
Qualcomm Eudora Worldmail - Buffer Overflow
Buffer overflow in cram.dll in QUALCOMM Eudora WorldMail 3.0 allows remote attackers to execute arbitrary code via an IMAP APPEND command with a long message literal argument, as demonstrated by Worldmail.pl. NOTE: this is a different vector and a different manipulation than CVE-2005-4267, so it might be a different vulnerability than CVE-2005-4267.
by muts
CVE-2005-4456 EXPLOITDB python VERIFIED
MailEnable Professional <1.71 & Enterprise <1.1 - Buffer Overflow
Multiple buffer overflows in MailEnable Professional 1.71 and Enterprise 1.1 before patch ME-10009 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) LIST, (2) LSUB, and (3) UID FETCH commands. NOTE: it is possible that these are alternate vectors for the issue described in CVE-2005-4402.
by muts
CVE-2005-3992 EXPLOITDB python VERIFIED
Wineggdropshell - Buffer Overflow
Multiple buffer overflows in WinEggDropShell remote access trojan (RAT) 1.7 allow remote attackers to execute arbitrary code via (1) a long GET request to the HTTP server, or a long (2) USER or (3) PASS command to the FTP server.
by Sowhat
EIP-2026-106161 EXPLOITDB python VERIFIED
Coppermine Photo Gallery 1.3.2 - File Retrieval / SQL Injection
by DiGiTAL_MiDWAY
CVE-2006-3546 EXPLOITDB python VERIFIED
Patrice Freydiere ImgSvr - DoS
Patrice Freydiere ImgSvr (aka ADA Image Server) allows remote attackers to cause a denial of service (daemon crash) via a long HTTP POST request. NOTE: this might be the same issue as CVE-2004-2463.
by Xavier de Leon
CVE-2005-3243 EXPLOITDB python VERIFIED
Ethereal - Buffer Overflow
Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector.
by Sowhat
EIP-2026-110949 EXPLOITDB python VERIFIED
phpBB 2.0.15 - 'highlight' PHP Remote Code Execution
by rattle
CVE-2005-2078 EXPLOITDB python VERIFIED
Sofotex Bisonftp - Denial of Service
BisonFTP Server V4R1 allows remote authenticated users to cause a denial of service via an invalid command with a long argument.
by fRoGGz
CVE-2005-1415 EXPLOITDB python VERIFIED
GlobalSCAPE Secure FTP Server 3.0.2 - RCE
Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote authenticated users to execute arbitrary code via a long FTP command.
by muts
CVE-2005-1323 EXPLOITDB python VERIFIED
NetTerm <5.1.1 - RCE
Buffer overflow in NetFtpd for NetTerm 5.1.1 and earlier allows remote attackers to execute arbitrary code via a long USER command.
by Sergio Alvarez
CVE-2005-0944 EXPLOITDB python VERIFIED
Microsoft Jet DB engine <4.00.8618.0 - RCE
Unknown vulnerability in Microsoft Jet DB engine (msjet40.dll) 4.00.8618.0, related to insufficient data validation, allows remote attackers to execute arbitrary code via a crafted mdb file.
by Jean Luc
CVE-2005-0944 EXPLOITDB python VERIFIED
Microsoft Jet DB engine <4.00.8618.0 - RCE
Unknown vulnerability in Microsoft Jet DB engine (msjet40.dll) 4.00.8618.0, related to insufficient data validation, allows remote attackers to execute arbitrary code via a crafted mdb file.
by Tal Zeltzer
CVE-2005-1051 EXPLOITDB python VERIFIED
PunBB 1.2.4 - SQL Injection
SQL injection vulnerability in profile.php in PunBB 1.2.4 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a change_email action.
by Stefan Esser
CVE-2005-0903 EXPLOITDB python VERIFIED
Apple Quicktime Pictureviewer - Buffer Overflow
Buffer overflow in QuickTime PictureViewer 6.5.1 allows remote attackers to cause a denial of service (application crash) via a JPEG file with crafted Huffman Table (marker DHT) data.
By Source
All 4,759 Writeup 54,687 Exploitdb 50,186 Nomisec 21,443 Metasploit 3,228 Github 2,587 Vulncheck_xdb 904 Inthewild 518 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,364 ruby 5,960 python 5,949 c 3,580 perl 2,854 html 2,056 php 1,334 bash 459 java 362 javascript 260 c++ 250 shell 95 go 55 postscript 25 xml 24