Exploitdb Exploits
4,724 exploits tracked across all sources.
Freefloat FTP Server 1.0 - 'SIZE' Remote Buffer Overflow
by Kevin Randall
Freefloat FTP Server 1.0 - 'SIZE' Remote Buffer Overflow
by Kevin Randall
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
by Hayden Wright
Domoticz <4.10579 - Info Disclosure
Domoticz before 4.10579 neglects to categorize \n and \r as insecure argument options.
by Fabio Carretto
CVSS 7.5
NSauditor 3.1.2.0 Denial of Service via Community Field
NSauditor 3.1.2.0 contains a buffer overflow vulnerability in the SNMP Auditor Community field that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a large payload into the Community field and trigger the Walk function to cause a denial of service condition.
by Victor Mondragón
CVSS 6.2
NSauditor 3.1.2.0 - 'Name' Denial of Service (PoC)
by Victor Mondragón
NSauditor 3.1.2.0 - 'Name' Denial of Service (PoC)
by Victor Mondragón
AnMing MP3 CD Burner 2.0 Local Denial of Service
AnMing MP3 CD Burner 2.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string. Attackers can paste a 6000-byte payload into the registration name field to trigger a denial of service condition.
by Achilles
CVSS 6.2
Lavavo CD Ripper 4.20 Local SEH Buffer Overflow
Lavavo CD Ripper 4.20 contains a structured exception handling (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Activation Name field. Attackers can craft a payload with controlled buffer data, NSEH jump instructions, and SEH handler addresses to trigger code execution and establish a bind shell on port 3110.
by Achilles
CVSS 8.4
Backup Key Recovery 2.2.4 Denial of Service via Name Field
Backup Key Recovery 2.2.4 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste a buffer of 300 or more characters into the Name field during registration to trigger a crash when submitting the form.
by Victor Mondragón
CVSS 6.2
HeidiSQL Portable 10.1.0.5464 Denial of Service via Buffer Overflow
HeidiSQL Portable 10.1.0.5464 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the password field. Attackers can paste a buffer overflow payload into the password input during Microsoft SQL Server login to trigger an application crash.
by Victor Mondragón
CVSS 6.2
Ease Audio Converter 5.30 Denial of Service via Audio Cutter
Ease Audio Converter 5.30 contains a denial of service vulnerability in the Audio Cutter function that allows local attackers to crash the application by processing malformed MP4 files. Attackers can create a crafted MP4 file containing an oversized buffer and load it through the Audio Cutter interface to trigger an application crash.
by Achilles
CVSS 6.2
LabF nfsAxe 3.7 Ping Client - 'Host IP' Buffer Overflow (Direct Ret)
by Dino Covotsos
LabF nfsAxe 3.7 Ping Client - 'Host IP' Buffer Overflow (Direct Ret)
by Dino Covotsos
myQNAPcloud Connect <1.3.3.0925 - Buffer Overflow
Buffer Overflow vulnerability in myQNAPcloud Connect 1.3.3.0925 and earlier could allow remote attackers to crash the program.
by Dino Covotsos
CVSS 7.5
MailCarrier 2.51 - POP3 'RETR' SEH Buffer Overflow
by Dino Covotsos
MailCarrier 2.51 - POP3 'RETR' SEH Buffer Overflow
by Dino Covotsos
AdminExpress 1.2.5 Denial of Service via System Compare
AdminExpress 1.2.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input through the System Compare feature. Attackers can paste a large buffer of characters into the Folder Path field and trigger the comparison function to cause the application to become unresponsive or crash.
by Mücahit İsmail Aktaş
CVSS 6.2
PCHelpWareV2 1.0.0.5 Denial of Service via Group Field
PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Group field. Attackers can paste a buffer overflow payload into the Group property field and click Ok to trigger an application crash.
by Alejandra Sánchez
CVSS 5.5
PCHelpWareV2 1.0.0.5 Denial of Service via SC Creation
PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to crash the application by supplying a malformed image file. Attackers can trigger the vulnerability through the Create SC feature by selecting a crafted BMP file with an oversized buffer, causing the application to crash.
by Alejandra Sánchez
CVSS 6.2
Joomla! < 3.9.4 - Path Traversal
An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory.
by Haboob Team
CVSS 9.8
UltraVNC Launcher 1.2.2.4 Denial of Service Buffer Overflow
UltraVNC Launcher 1.2.2.4 contains a buffer overflow vulnerability in the Path vncviewer.exe property field that allows local attackers to crash the application by supplying an excessively long string. Attackers can input a 300-byte payload of repeated characters through the Properties dialog to trigger a denial of service condition.
by Victor Mondragón
CVSS 6.2
UltraVNC Viewer 1.2.2.4 Denial of Service via Buffer Overflow
UltraVNC Viewer 1.2.2.4 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized string to the VNC Server input field. Attackers can paste a malicious string containing 256 repeated characters into the VNC Server field and click Connect to trigger a buffer overflow that crashes the viewer.
by Victor Mondragón
CVSS 6.5
By Source