Metasploit Exploits

3,189 exploits tracked across all sources.

Sort: Activity Stars
CVE-2008-1661 METASPLOIT ruby
HP StorageWorks SWSM <4.5 SP2 - Buffer Overflow
Stack-based buffer overflow in DoubleTake.exe in HP StorageWorks Storage Mirroring (SWSM) before 4.5 SP2 allows remote attackers to execute arbitrary code via a crafted encoded authentication request.
CVE-2009-4988 METASPLOIT ruby
SAP Business One 2005-a - Memory Corruption
Stack-based buffer overflow in NT_Naming_Service.exe in SAP Business One 2005 A 6.80.123 and 6.80.320 allows remote attackers to execute arbitrary code via a long GIOP request to TCP port 30000.
CVE-2011-5003 METASPLOIT ruby
Avid Media Composer < 5.5.3 - Memory Corruption
Stack-based buffer overflow in the Phonetic Indexer (AvidPhoneticIndexer.exe) in Avid Media Composer 5.5.3 and earlier allows remote attackers to execute arbitrary code via a long request to TCP port 4659.
CVE-2010-3964 METASPLOIT ruby
Microsoft Sharepoint Server - Unrestricted File Upload
Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka "Malformed Request Code Execution Vulnerability."
by Oleksandr Mirosh, James Burton, Entomology: A Case Study of Rare and Interesting Bugs, juan vazquez
CVE-2009-0880 METASPLOIT ruby
IBM Director < 5.20.3 - Path Traversal
Directory traversal vulnerability in the CIM server in IBM Director before 5.20.3 Service Update 2 on Windows allows remote attackers to load and execute arbitrary local DLL code via a .. (dot dot) in a /CIMListener/ URI in an M-POST request.
by Bernhard Mueller, kingcope, juan vazquez
CVE-2008-1914 METASPLOIT ruby
BigAnt IM Server <2.2 - Buffer Overflow
Stack-based buffer overflow in the AntServer module (AntServer.exe) in BigAnt IM Server in BigAnt Messenger 2.2 allows remote attackers to execute arbitrary code via a long URI in a request to TCP port 6080. NOTE: some of these details are obtained from third party information.
CVE-2011-3360 METASPLOIT ruby
Wireshark <1.4.9, <1.6.2 - Privilege Escalation
Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory.
by Haifei Li, sinn3r
CVE-2019-10267 METASPLOIT HIGH ruby
Ahsay Cloud Backup Suite < 8.1.1.50 - Unrestricted File Upload
An insecure file upload and code execution issue was discovered in Ahsay Cloud Backup Suite 8.1.0.50. It is possible to upload a file into any directory of the server. One can insert a JSP shell into the web server's directory and execute it. This leads to full access to the system, as the configured user (e.g., Administrator).
by Wietse Boonstra
CVSS 8.8
CVE-2022-3365 METASPLOIT CRITICAL ruby
Remote Mouse Server <4.110 - Command Injection
Due to reliance on a trivial substitution cipher, sent in cleartext, and the reliance on a default password when the user does not set a password, the Remote Mouse Server by Emote Interactive can be abused by attackers to inject OS commands over theproduct's custom control protocol. A Metasploit module was written and tested against version 4.110, the current version when this CVE was reserved.
by h00die, 0RPHON, H4rk3nz0
CVSS 9.8
CVE-2023-1133 METASPLOIT CRITICAL ruby
Deltaww Infrasuite Device Master < 1.0.5 - Insecure Deserialization
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability in which the Device-status service listens on port 10100/ UDP by default. The service accepts the unverified UDP packets and deserializes the content, which could allow an unauthenticated attacker to remotely execute arbitrary code.
by Anonymous, Shelby Pace
CVSS 9.8
CVE-2007-3566 METASPLOIT ruby
Borland Software Interbase - Buffer Overflow
Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp.
CVE-2018-6892 METASPLOIT CRITICAL ruby
Cloudme Sync < 1.10.9 - Memory Corruption
An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the program's execution flow and allowing arbitrary code execution.
by hyp3rlinx, Daniel Teixeira
CVSS 9.8
CVE-2012-6274 METASPLOIT ruby
Bigantsoft Bigant IM Message Server - Authentication Bypass
BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to create arbitrary files under AntServer\DocData\Public via unspecified vectors.
by Hamburgers Maccoy, juan vazquez
CVE-2010-3007 METASPLOIT ruby
HP Data Protector <4.0 - Privilege Escalation/DoS
Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition (SSE), 3.x before build 56936 and 4.x before build 56906 allows local users to gain privileges or cause a denial of service via unknown vectors.
by AbdulAziz Hariri, juan vazquez
CVE-2010-1318 METASPLOIT ruby
AgentX++ <1.4.16 - Buffer Overflow
Stack-based buffer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Server and Helix Mobile Server 11.x through 13.x and other products, allows remote attackers to execute arbitrary code via unspecified vectors.
by jduck
CVE-2011-1865 METASPLOIT ruby
HP OpenView Storage Data Protector <6.20 - Buffer Overflow
Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters.
by MC
CVE-2004-1595 METASPLOIT ruby
Shixxnote - Buffer Overflow
Buffer overflow in ShixxNote 6.net build 117 allows remote attackers to execute arbitrary code via a long font field.
CVE-2025-34127 METASPLOIT CRITICAL ruby
Achat v0.150 - Buffer Overflow
A stack-based buffer overflow exists in Achat v0.150 in its default configuration. By sending a specially crafted message to the UDP port 9256, an attacker can overwrite the structured exception handler (SEH) due to insufficient bounds checking on user-supplied input leading to remote code execution.
CVE-2007-1674 METASPLOIT ruby
Landesk Management Suite - Buffer Overflow
Stack-based buffer overflow in the Alert Service (aolnsrvr.exe) in LANDesk Management Suite 8.7 allows remote attackers to execute arbitrary code via a crafted packet to port 65535/UDP.
CVE-2011-5001 METASPLOIT ruby
Trend Micro Control Manager < 5.5 - Memory Corruption
Stack-based buffer overflow in the CGenericScheduler::AddTask function in cmdHandlerRedAlertController.dll in CmdProcessor.exe in Trend Micro Control Manager 5.5 before Build 1613 allows remote attackers to execute arbitrary code via a crafted IPC packet to TCP port 20101.
by Luigi Auriemma, Blue
CVE-2019-10123 METASPLOIT CRITICAL ruby
AIS ESEL-Server 67 - SQL Injection
SQL Injection in Advanced InfoData Systems (AIS) ESEL-Server 67 (which is the backend for the AIS logistics mobile app) allows an anonymous attacker to execute arbitrary code in the context of the user of the MSSQL database. The default user for the database is the 'sa' user.
by Manuel Feifel
CVSS 9.8
CVE-2007-5243 METASPLOIT ruby
Borland Software Interbase - Memory Corruption
Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function.
by Ramon de C Valle
CVE-2023-32560 METASPLOIT CRITICAL ruby
Ivanti Avalanche < 6.4.1 - Out-of-Bounds Write
An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in service disruption or arbitrary code execution. Thanks to a Researcher at Tenable for finding and reporting. Fixed in version 6.4.1.
CVSS 9.8
CVE-2022-4978 METASPLOIT CRITICAL ruby
Remote Control Server 3.1.1.12 - RCE
Remote Control Server, maintained by Steppschuh, 3.1.1.12 allows unauthenticated remote code execution when authentication is disabled, which is the default configuration. The server exposes a custom UDP-based control protocol that accepts remote keyboard input events without verification. An attacker on the same network can issue a sequence of keystroke commands to launch a system shell and execute arbitrary commands, resulting in full system compromise.
by h00die, H4rk3nz0
CVE-2017-5817 METASPLOIT CRITICAL ruby
HP Intelligent Management Center < 7.3 - Improper Input Validation
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found.
by sztivi, Chris Lyne, bcoles
CVSS 9.8
By Source
All 3,189 Exploitdb 50,121 Writeup 46,830 Nomisec 21,202 Metasploit 3,189 Github 2,258 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,742 c 3,550 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 69 go 41 postscript 25 xml 24