Exploitdb Exploits
4,724 exploits tracked across all sources.
WebDrive 18.00.5057 Denial of Service via Secure WebDAV
WebDrive 18.00.5057 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the username field during Secure WebDAV connection setup. Attackers can input a buffer-overflow payload of 5000 bytes in the username parameter and trigger a connection test to cause the application to crash.
by Victor Mondragón
CVSS 6.2
Artha - Memory Corruption
Artha ~ The Open Thesaurus 1.0.3.0 has a Buffer Overflow.
by Ihsan Sencan
CVSS 7.5
Arm Whois 3.11 - Denial of Service (PoC)
by Yair Rodríguez Aparicio
SmartFTP Client 9.0.2615.0 Denial of Service via Host Field
SmartFTP Client 9.0.2615.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Host field. Attackers can paste a buffer of 300 repeated characters into the Host connection parameter to trigger an application crash.
by Victor Mondragón
CVSS 6.2
Loadbalancer.org Enterprise VA MAX 8.3.2 - Remote Code Execution
by Jakub Palaczynski
R 3.4.4 (Windows 10 x64) - Buffer Overflow (DEP/ASLR Bypass)
by Charles Truscott
QNAP NetBak Replicator 4.5.6.0607 - Denial of Service (PoC)
by Yair Rodríguez Aparicio
Nutanix AOS & Prism < 5.5.5 (LTS) / < 5.8.1 (STS) - SFTP Authentication Bypass
by Adam Brown
Navicat 12.0.29 - 'SSH' Denial of Service (PoC)
by Rafael Alfaro
AlienIP 2.41 - Denial of Service (PoC)
by Arturo de la Cruz Tellez
Paramiko <2.4.1 - RCE
transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.
by Adam Brown
CVSS 9.8
Exim < 4.90.1 - Buffer Overflow
An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.
by hackk.gr
CVSS 9.8
Apache OFBiz 16.11.04 - XML External Entity Injection
by Jamie Parfet
Microsoft Windows 10 - Local Privilege Escalation (UAC Bypass)
by Fabien DROMAS
libssh Authentication Bypass Scanner
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
by jas502n
CVSS 9.1
libssh Authentication Bypass Scanner
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
by Dayanç Soyadlı
CVSS 9.1
Any Sound Recorder 2.93 - Buffer Overflow (SEH)
by Abdullah Alıç
Any Sound Recorder 2.93 - Buffer Overflow (SEH)
by Abdullah Alıç
Snes9K 0.0.9z Buffer Overflow SEH via Netplay Socket
Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attackers can craft a malicious payload and paste it into the Socket Port Number field via the Netplay Options menu to achieve code execution through SEH chain exploitation.
by Abdullah Alıç
CVSS 8.4
FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution
by LiquidWorm
By Source