Exploitdb Exploits
4,728 exploits tracked across all sources.
Flash Slideshow Maker Professional 5.20 - Buffer Overflow (SEH)
by Shubham Singh
iSmartViewPro 1.5 Buffer Overflow via SavePath Parameter
iSmartViewPro 1.5 contains a structured exception handling (SEH) buffer overflow vulnerability in the 'Save Path for Snapshot and Record file' field that allows local attackers to execute arbitrary code. Attackers can input a crafted payload exceeding 260 bytes through the System Setup interface to overwrite SEH records and execute shellcode with application privileges.
by Gionathan Reale
CVSS 8.4
DVD Photo Slideshow Professional 8.07 - Buffer Overflow (SEH)
by T3jv1l
Apache Roller <5.0.3 - XXE
The XML-RPC protocol support in Apache Roller before 5.0.3 allows attackers to conduct XML External Entity (XXE) attacks via unspecified vectors.
by Marko Jokic
CVSS 9.8
Fuji Xerox Devices - Info Disclosure
Fuji Xerox DocuCentre-V 3065, ApeosPort-VI C3371, ApeosPort-V C4475, ApeosPort-V C3375, DocuCentre-VI C2271, ApeosPort-V C5576, DocuCentre-IV C2263, DocuCentre-V C2263, and ApeosPort-V 5070 devices allow remote attackers to read or write to files via crafted PJL commands.
by vr_system
CVSS 9.8
RPi Cam Control < 6.4.25 - 'preview.php' Remote Command Execution
by Reigning Shells
Wikipedia 12.0 Denial of Service via Search
Wikipedia 12.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting oversized input through the search functionality. Attackers can paste a large buffer of repeated characters into the search bar to trigger an application crash.
by 0xB9
CVSS 7.5
Visual Ping 0.8.0.0 - 'Host' Denial of Service (PoC)
by Uriel Corral Salinas
VSAXESS V2.6.2.70 build 20171226_053 - 'Nickname' Denial of Service (PoC)
by Diego Santamaria
Microsoft Windows Explorer Out-of-Bound Read - Denial of Service (PoC)
by Ghaaf
Microsoft Windows Explorer Out-of-Bound Read - Denial of Service (PoC)
by Ghaaf
Trend Micro Virtual Mobile Infrastructure 5.5.1336 - 'Server address' Denial of Service (PoC)
by Luis Martínez
Symantec Mobile Encryption for iPhone 2.1.0 - 'Server' Denial of Service (PoC)
by Luis Martínez
Acunetix WVS Reporter 10.0 - Denial of Service (PoC)
by Ali Alipour
NetworkActiv Web Server 4.0 Username Field Buffer Overflow DoS
NetworkActiv Web Server 4.0 contains a buffer overflow vulnerability in the username field of the Security options that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a denial of service by entering a crafted username value exceeding the expected buffer size through the Set username interface.
by Victor Mondragón
CVSS 6.2
Drive Power Manager 1.10 Denial of Service via Name Field
Drive Power Manager 1.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste a 6000-byte payload into the Name field and click Register to trigger a denial of service condition.
by Gionathan Reale
CVSS 5.5
Easy PhotoResQ 1.0 Buffer Overflow Denial of Service
Easy PhotoResQ 1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Folder/filename field. Attackers can input a 6000-byte payload through the File Options dialog to trigger a denial of service condition.
by Gionathan Reale
CVSS 6.2
Fathom 2.4 Denial of Service via Authorization Code Buffer Overflow
Fathom 2.4 contains a buffer overflow vulnerability in the Authorization Code field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 6000-byte payload into the Authorization Code field and click Activate to trigger a denial of service condition.
by Gionathan Reale
CVSS 5.5
HD Tune Pro 5.70 Denial of Service via Options Dialog
HD Tune Pro 5.70 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the folder/file name field. Attackers can trigger a denial of service by entering a 6000-byte payload through the File > Options > Save dialog's folder/file name input field.
by Gionathan Reale
CVSS 6.2
SIPP 3.3 Stack-Based Buffer Overflow via Configuration File
SIPP 3.3 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious input in the configuration file. Attackers can craft a configuration file with oversized values that overflow a stack buffer, overwriting the return address and executing arbitrary code through return-oriented programming gadgets.
by Juan Sacco
CVSS 8.4
Trillian 6.1 Build 16 - 'Sign In' Denial of service (PoC)
by Jose Miguel Gonzalez
By Source