Exploitdb Exploits

2,689 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-20045 EXPLOITDB HIGH ruby VERIFIED
FileWrangler <= 5.30 - Buffer Overflow
FileWrangler <= 5.30 suffers from a stack-based buffer overflow vulnerability when parsing directory listings from an FTP server. A malicious server can send an overlong folder name in response to a LIST command, triggering memory corruption during client-side rendering. Exploitation requires passive user interaction—simply connecting to the server—without further input. Successful exploitation may lead to arbitrary code execution.
by Metasploit
CVE-2010-20034 EXPLOITDB HIGH ruby VERIFIED
Gekko Manager FTP Client <= 0.77 - Buffer Overflow
Gekko Manager FTP Client <= 0.77 contains a stack-based buffer overflow in its FTP directory listing parser. When processing a server response to a LIST command, the client fails to properly validate the length of filenames. A crafted response containing an overly long filename can overwrite the Structured Exception Handler (SEH), potentially allowing remote code execution.
by Metasploit
CVE-2010-20007 EXPLOITDB HIGH ruby VERIFIED
Seagull FTP Client <= v3.3 Build 409 - Buffer Overflow
Seagull FTP Client <= v3.3 Build 409 contains a stack-based buffer overflow vulnerability in its FTP directory listing parser. When the client connects to an FTP server and receives a crafted response to a LIST command containing an excessively long filename, the application fails to properly validate input length, resulting in a buffer overflow that overwrites the Structured Exception Handler (SEH). This may allow remote attackers to execute arbitrary code on the client system. This product line was discontinued and users were advised to use BlueZone Secure FTP instead, at the time of disclosure.
by Metasploit
CVE-2010-10014 EXPLOITDB HIGH ruby VERIFIED
Odin Secure FTP <= 4.1 - Buffer Overflow
Odin Secure FTP <= 4.1 is vulnerable to a stack-based buffer overflow when parsing directory listings received in response to an FTP LIST command. A malicious FTP server can send an overly long filename in the directory listing, which overflows a fixed-size stack buffer in the client and overwrites the Structured Exception Handler (SEH). This allows remote attackers to execute arbitrary code on the client system.
by Metasploit
EIP-2026-119564 EXPLOITDB ruby VERIFIED
AASync 2.2.1.0 (Windows x86) - Remote Stack Buffer Overflow 'LIST' (Metasploit)
by Metasploit
EIP-2026-119562 EXPLOITDB ruby VERIFIED
32bit FTP Client - Remote Stack Buffer Overflow (Metasploit)
by Metasploit
CVE-2001-1320 EXPLOITDB ruby VERIFIED
Network Associates PGP Keyserver 7.0 - DoS, RCE
Network Associates PGP Keyserver 7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via exceptional BER encodings (possibly buffer overflows), as demonstrated by the PROTOS LDAPv3 test suite.
by Metasploit
CVE-2010-4741 EXPLOITDB ruby VERIFIED
Moxa Device Manager <2.3 - Buffer Overflow
Stack-based buffer overflow in MDMUtil.dll in MDMTool.exe in MDM Tool before 2.3 in Moxa Device Manager allows remote MDM Gateways to execute arbitrary code via crafted data in a session on TCP port 54321.
by Metasploit
EIP-2026-118598 EXPLOITDB ruby VERIFIED
FTPShell 5.1 - Remote Stack Buffer Overflow (Metasploit)
by Metasploit
EIP-2026-118596 EXPLOITDB ruby VERIFIED
FTPGetter Standard 3.55.0.05 - Remote Stack Buffer Overflow (PWD) (Metasploit)
by Metasploit
CVE-2008-2639 EXPLOITDB ruby VERIFIED
Citect CitectSCADA 6-7 and CitectFacilities 7 - Remote Code Execution via ODBC Server Service
Stack-based buffer overflow in the ODBC server service in Citect CitectSCADA 6 and 7, and CitectFacilities 7, allows remote attackers to execute arbitrary code via a long string in the second application packet in a TCP session on port 20222.
by Metasploit
EIP-2026-116873 EXPLOITDB ruby VERIFIED
BACnet OPC Client - Local Buffer Overflow (Metasploit) (2)
by Metasploit
EIP-2026-104522 EXPLOITDB ruby VERIFIED
NetWare 6.5 - SunRPC Portmapper CALLIT Stack Buffer Overflow (Metasploit)
by Metasploit
CVE-2009-3023 EXPLOITDB ruby VERIFIED
Microsoft Internet Information Server 5.0-6.0 - Authenticated Remote Code Execution via FTP NLST Command Buffer Overflow
Buffer overflow in the FTP Service in Microsoft Internet Information Services (IIS) 5.0 through 6.0 allows remote authenticated users to execute arbitrary code via a crafted NLST (NAME LIST) command that uses wildcards, leading to memory corruption, aka "IIS FTP Service RCE and DoS Vulnerability."
by Metasploit
CVE-2009-20007 EXPLOITDB CRITICAL ruby VERIFIED
Talkative IRC v0.4.4.16 - Buffer Overflow
Talkative IRC v0.4.4.16 is vulnerable to a stack-based buffer overflow when processing specially crafted response strings sent to a connected client. An attacker can exploit this flaw by sending an overly long message that overflows a fixed-length buffer, potentially leading to arbitrary code execution in the context of the vulnerable process. This vulnerability is exploitable remotely and does not require authentication.
by Metasploit
CVE-2010-20123 EXPLOITDB HIGH ruby VERIFIED
Steinberg MyMP3Player <3.0.0.67 - Buffer Overflow
Steinberg MyMP3Player version 3.0 (build 3.0.0.67) is vulnerable to a stack-based buffer overflow when parsing .m3u playlist files. The application fails to properly validate the length of input data within the playlist, allowing a specially crafted file to overwrite critical memory structures and execute arbitrary code. This vulnerability can be exploited locally by convincing a user to open a malicious .m3u file.
by Metasploit
CVE-2010-10017 EXPLOITDB HIGH ruby VERIFIED
WM Downloader 3.1.2.2 - Buffer Overflow
WM Downloader version 3.1.2.2 is vulnerable to a buffer overflow when processing a specially crafted .m3u playlist file. The application fails to properly validate input length, allowing an attacker to overwrite structured exception handler (SEH) records and execute arbitrary code. Exploitation occurs locally when a user opens the malicious file, and the payload executes with the privileges of the current user.
by Metasploit
CVE-2008-20001 EXPLOITDB HIGH ruby VERIFIED
activePDF WebGrabber 3.8.2.0 - Buffer Overflow
activePDF WebGrabber version 3.8.2.0 contains a stack-based buffer overflow vulnerability in the GetStatus() method of the APWebGrb.ocx ActiveX control. By passing an overly long string to this method, a remote attacker can execute arbitrary code in the context of the vulnerable process. Although the control is not marked safe for scripting, exploitation is possible via crafted HTML content in Internet Explorer under permissive security settings.
by Metasploit
CVE-2006-5792 EXPLOITDB ruby VERIFIED
XLink Omni-NFS Enterprise - Remote Code Execution
Unspecified vulnerability in XLink Omni-NFS Enterprise allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by vd_xlink2.pm, an "Omni-NFS Enterprise remote exploit." NOTE: this is probably a different vulnerability than CVE-2006-5780. As of 20061107, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes.
by Metasploit
CVE-2006-5792 EXPLOITDB ruby VERIFIED
XLink Omni-NFS Enterprise - Remote Code Execution
Unspecified vulnerability in XLink Omni-NFS Enterprise allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by vd_xlink2.pm, an "Omni-NFS Enterprise remote exploit." NOTE: this is probably a different vulnerability than CVE-2006-5780. As of 20061107, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes.
by Metasploit
CVE-2009-3031 EXPLOITDB ruby VERIFIED
Symantec Altiris Deployment Solution and Notification Server - Stack-based Buffer Overflow via BrowseAndSaveFile Method
Stack-based buffer overflow in the BrowseAndSaveFile method in the Altiris eXpress NS ConsoleUtilities ActiveX control 6.0.0.1846 in AeXNSConsoleUtilities.dll in Symantec Altiris Notification Server (NS) 6.0 before R12, Deployment Server 6.8 and 6.9 in Symantec Altiris Deployment Solution 6.9 SP3, and Symantec Management Platform (SMP) 7.0 before SP3 allows remote attackers to execute arbitrary code via a long string in the second argument.
by Metasploit
CVE-2009-1029 EXPLOITDB ruby VERIFIED
POP Peeper < 3.4.0.0 - Remote Code Execution via Long Date Header
Stack-based buffer overflow in POP Peeper 3.4.0.0 and earlier allows remote POP3 servers to execute arbitrary code via a long Date header, related to Imap.dll.
by Metasploit
CVE-2009-3693 EXPLOITDB ruby VERIFIED
Persits XUpload - Path Traversal via MakeHttpRequest Method
Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via \.. (backwards slash dot dot) sequences in the third argument to the MakeHttpRequest method.
by Metasploit
CVE-2006-5780 EXPLOITDB ruby VERIFIED
XLink Omni-NFS Server 5.2 - Stack-Based Buffer Overflow via Crafted TCP Packet
Stack-based buffer overflow in nfsd.exe in XLink Omni-NFS Server 5.2 allows remote attackers to execute arbitrary code via a crafted TCP packet to port 2049 (nfsd), as demonstrated by vd_xlink.pm.
by Metasploit
CVE-2003-0714 EXPLOITDB ruby VERIFIED
Exchange Server 5.5 and 2000 - Denial of Service via SMTP Extended Verb Request
The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a buffer overflow in Exchange 2000.
by Metasploit
By Source
All 2,689 Writeup 62,302 Exploitdb 50,076 Nomisec 22,417 Github 3,632 Metasploit 3,314 Vulncheck_xdb 929 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,573 ruby 6,005 c 3,628 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 229 shell 131 go 73 postscript 25 typescript 25