Exploitdb Exploits

2,689 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-117228 EXPLOITDB ruby VERIFIED
gAlan 0.2.1 - Universal Buffer Overflow (Metasploit)
by loneferret
CVE-2009-4195 EXPLOITDB ruby VERIFIED
Adobe Illustrator <14.0.0 - Buffer Overflow
Buffer overflow in Adobe Illustrator CS4 14.0.0, CS3 13.0.3 and earlier, and CS3 13.0.0 allows remote attackers to execute arbitrary code via a long DSC comment in an Encapsulated PostScript (.eps) file. NOTE: some of these details are obtained from third party information.
by dookie
CVE-2001-0168 EXPLOITDB ruby VERIFIED
AT&T WinVNC < 3.3.3r7 - Remote Code Execution via Long HTTP GET Request
Buffer overflow in AT&T WinVNC (Virtual Network Computing) server 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long HTTP GET request when the DebugLevel registry key is greater than 0.
by Metasploit
CVE-2009-4265 EXPLOITDB ruby VERIFIED
Ideal Administration 2009 <9.7.1 - Buffer Overflow
Stack-based buffer overflow in Ideal Administration 2009 9.7.1, and possibly other versions, allows remote attackers to execute arbitrary code via a long Computer value in an .ipj project file.
by dookie
CVE-2009-2514 EXPLOITDB ruby VERIFIED
Microsoft Windows <2000 SP4 XP SP2-SP3 Server 2003 SP2 - RCE
win32k.sys in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not correctly parse font code during construction of a directory-entry table, which allows remote attackers to execute arbitrary code via a crafted Embedded OpenType (EOT) font, aka "Win32k EOT Parsing Vulnerability."
by H D Moore
CVE-2009-3643 EXPLOITDB ruby VERIFIED
Dxmsoft XM Easy Personal FTP Server 5.8.0 - Denial of Service via Long LIST or NLST Argument
Dxmsoft XM Easy Personal FTP Server 5.8.0 allows remote attackers to cause a denial of service via a long argument to the (1) LIST and (2) NLST commands, a differnt issue than CVE-2008-5626 and CVE-2006-5728.
by zhangmc
CVE-2009-3031 EXPLOITDB ruby VERIFIED
Symantec Altiris Deployment Solution and Notification Server - Stack-based Buffer Overflow via BrowseAndSaveFile Method
Stack-based buffer overflow in the BrowseAndSaveFile method in the Altiris eXpress NS ConsoleUtilities ActiveX control 6.0.0.1846 in AeXNSConsoleUtilities.dll in Symantec Altiris Notification Server (NS) 6.0 before R12, Deployment Server 6.8 and 6.9 in Symantec Altiris Deployment Solution 6.9 SP3, and Symantec Management Platform (SMP) 7.0 before SP3 allows remote attackers to execute arbitrary code via a long string in the second argument.
by Nikolas Sotiriu
CVE-2009-2288 EXPLOITDB ruby VERIFIED
Nagios < 3.1.1 - OS Command Injection via statuswml.cgi Ping or Traceroute Parameters
statuswml.cgi in Nagios before 3.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) ping or (2) Traceroute parameters.
by H D Moore
EIP-2026-104618 EXPLOITDB ruby VERIFIED
mDNSResponder 10.4.0/10.4.8 (OSX) - UPnP Location Overflow (Metasploit)
by Metasploit
EIP-2026-104613 EXPLOITDB ruby VERIFIED
Apple QuickTime RTSP 10.4.0 < 10.5.0 (OSX) - Content-Type Overflow (Metasploit)
by Metasploit
CVE-2009-2817 EXPLOITDB ruby VERIFIED
Apple iTunes < 9.0.1 - Remote Code Execution via Crafted .pls File
Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .pls file.
by Roger Hart
CVE-2009-3321 EXPLOITDB ruby VERIFIED
SaphpLesson 4.3 - SQL Injection via CLIENT_IP HTTP Header
SQL injection vulnerability in SaphpLesson 4.3, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the CLIENT_IP HTTP header.
by Jafer Al Zidjali
CVE-2007-4566 EXPLOITDB ruby VERIFIED
Alpha Centauri Software SIDVault <2.0f - RCE
Multiple buffer overflows in the login mechanism in sidvault in Alpha Centauri Software SIDVault LDAP Server before 2.0f allow remote attackers to execute arbitrary code via crafted LDAP packets, as demonstrated by a long dc entry in an LDAP bind.
by His0k4
CVE-2009-3976 EXPLOITDB ruby VERIFIED
Labtam ProFTP 2.9 - Buffer Overflow
Buffer overflow in Labtam ProFTP 2.9 allows remote FTP servers to cause a denial of service (application crash) or execute arbitrary code via a long 220 reply (aka connection greeting or welcome message).
by His0k4
EIP-2026-112777 EXPLOITDB ruby VERIFIED
Traidnt UP 2.0 - SQL Injection
by Jafer Al Zidjali
CVE-2009-2732 EXPLOITDB ruby VERIFIED
ntop < 3.3.10 - Denial of Service via Malformed Authorization Header
The checkHTTPpassword function in http.c in ntop 3.3.10 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an Authorization HTTP header that lacks a : (colon) character in the base64-decoded string.
by Brad Antoniewicz
EIP-2026-105217 EXPLOITDB ruby VERIFIED
Arab Portal 2.2 - Blind Cookie Authentication Bypass
by Jafer Al Zidjali
EIP-2026-101004 EXPLOITDB ruby VERIFIED
Cisco WLC 4402 - Basic Auth Remote Denial of Service (Metasploit)
by Christoph Bott
CVE-2011-4908 EXPLOITDB CRITICAL ruby VERIFIED
TinyBrowser < 1.5.13 - Unauthenticated Arbitrary File Upload via upload.php
TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php.
by spinbad
CVSS 9.8
CVE-2009-2765 EXPLOITDB ruby VERIFIED
DD-WRT < 24 - Remote Code Execution via CGI-BIN URI Shell Metacharacters
httpd.c in httpd in the management GUI in DD-WRT 24 sp1, and other versions before build 12533, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to a cgi-bin/ URI.
by H D Moore
CVE-2009-0695 EXPLOITDB ruby VERIFIED
Wyse Device Manager 4.7.x - Unauthenticated Remote Command Execution via hagent.exe
hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require authentication for commands, which allows remote attackers to obtain management access via a crafted query, as demonstrated by a V52 query that triggers a power-off action.
by kf
CVE-2009-2484 EXPLOITDB ruby VERIFIED
VLC media player <0.9.9 - Buffer Overflow
Stack-based buffer overflow in the Win32AddConnection function in modules/access/smb.c in VideoLAN VLC media player 0.9.9, when running on Microsoft Windows, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long smb URI in a playlist file.
by Trancer
CVE-2009-0714 EXPLOITDB ruby VERIFIED
HP Data Protector Express <4.6.5-3.4.7 - DoS
Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets.
by Nibin
CVE-2009-20008 EXPLOITDB HIGH ruby VERIFIED
Green Dam Youth Escort <3.17 - Buffer Overflow
Green Dam Youth Escort version 3.17 is vulnerable to a stack-based buffer overflow when processing overly long URLs. The flaw resides in the URL filtering component, which fails to properly validate input length before copying user-supplied data into a fixed-size buffer. A remote attacker can exploit this vulnerability by enticing a user to visit a specially crafted webpage containing a long URL, resulting in arbitrary code execution.
by Trancer
CVE-2009-0950 EXPLOITDB ruby VERIFIED
Apple iTunes < 8.2 - Remote Code Execution via Long itms: URL Component
Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon.
by Will Drewry
By Source
All 2,689 Writeup 62,482 Exploitdb 50,076 Nomisec 22,450 Github 3,674 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,597 ruby 6,006 c 3,631 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 133 go 73 postscript 25 typescript 25