Exploitdb Exploits
4,724 exploits tracked across all sources.
GoldWave 5.70 - Buffer Overflow
GoldWave 5.70 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting malicious input in the File Open URL dialog. Attackers can generate a specially crafted text file with Unicode-encoded shellcode to trigger a stack-based overflow and execute commands when the file is opened.
by Andy Bowden
CVSS 9.8
Konica Minolta FTP Utility 1.0 - Buffer Overflow
Konica Minolta FTP Utility 1.0 contains a buffer overflow vulnerability in the NLST command that allows attackers to overwrite system registers. Attackers can send an oversized buffer of 1500 'A' characters to crash the FTP server and potentially execute unauthorized code.
by Socket_0x03
CVSS 9.8
Filetto 1.0 - DoS
Filetto 1.0 FTP server contains a denial of service vulnerability in the FEAT command processing that allows attackers to crash the service. Attackers can send an oversized FEAT command with 11,008 bytes of repeated characters to trigger a buffer overflow and terminate the FTP service.
by Socket_0x03
CVSS 9.8
VUPlayer 2.49 .m3u - Local Buffer Overflow (DEP_ASLR)
by Gobinathan
Gym Management System 1.0 - Unauthenticated Remote Code Execution
by boku
AbsoluteTelnet 11.21 - 'Username' Denial of Service (PoC)
by Xenofon Vassilakopoulos
CraftCMS 3 vCard Plugin 1.0.0 - Code Injection
CraftCMS 3 vCard Plugin 1.0.0 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary PHP code through a crafted payload. Attackers can generate a malicious serialized payload that triggers remote code execution by exploiting the plugin's vCard download functionality with a specially crafted request.
by Wade Guest
CVSS 9.8
BIND - DoS
Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results.
by Teppei Fukuda
CVSS 7.5
Dameware Remote Support 12.1.1.273 - Buffer Overflow (SEH)
by gurbanli
Complaint Management System 1.0 - 'username' SQL Injection
by Daniel Ortiz
Remote Desktop Audit 2.3.0.157 - RCE
Remote Desktop Audit 2.3.0.157 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code during the Add Computers Wizard file import process. Attackers can craft a malicious payload file to trigger a structured exception handler (SEH) bypass and execute shellcode when importing computer lists.
by gurbanli
CVSS 9.8
LanSend 3.2 - RCE
LanSend 3.2 contains a buffer overflow vulnerability in the Add Computers Wizard file import functionality that allows remote attackers to execute arbitrary code. Attackers can craft a malicious payload file to trigger a structured exception handler (SEH) overwrite and execute shellcode when importing computers from a file.
by gurbanli
CVSS 9.8
TylerTech Eagle <2018.3.11 - RCE
TylerTech Eagle 2018.3.11 deserializes untrusted user input, resulting in remote code execution via a crafted Java object to the recorder/ServiceManager?service=tyler.empire.settings.SettingManager URI.
by Anthony Cole
CVSS 8.8
WordPress Plugin Simple File List 4.2.2 - Remote Code Execution
by coiffeur
Pi-Hole heisenbergCompensator Blocklist OS Command Execution
The Gravity updater in Pi-hole through 4.4 allows an authenticated adversary to upload arbitrary files. This can be abused for Remote Code Execution by writing to a PHP file in the web directory. (Also, it can be used in conjunction with the sudo rule for the www-data user to escalate privileges to root.) The code error is in gravity_DownloadBlocklistFromUrl in gravity.sh.
by Nick Frichette
CVSS 8.8
Pi-Hole heisenbergCompensator Blocklist OS Command Execution
The Gravity updater in Pi-hole through 4.4 allows an authenticated adversary to upload arbitrary files. This can be abused for Remote Code Execution by writing to a PHP file in the web directory. (Also, it can be used in conjunction with the sudo rule for the www-data user to escalate privileges to root.) The code error is in gravity_DownloadBlocklistFromUrl in gravity.sh.
by Nick Frichette
CVSS 8.8
VirtualTablet Server 3.0.2 - DoS
VirtualTablet Server 3.0.2 contains a denial of service vulnerability that allows attackers to crash the service by sending oversized string payloads through the Thrift protocol. Attackers can exploit the vulnerability by sending a long string to the send_say() method, causing the server to become unresponsive.
by Dolev Farhi
CVSS 7.5
Open-AudIT Professional 3.3.1 - Remote Code Execution
by Askar
RM Downloader 3.1.3.2.2010.06.13 - 'Load' Buffer Overflow (SEH)
by Felipe Winsnes
Taskautomation Carbonftp - Broken Cryptographic Algorithm
CarbonFTP v1.4 uses insecure proprietary password encryption with a hard-coded weak encryption key. The key for local FTP server passwords is hard-coded in the binary.
by hyp3rlinx
CVSS 5.5
By Source