Exploitdb Exploits

2,689 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-119232 EXPLOITDB ruby VERIFIED
UFO: Alien Invasion IRC Client (Windows) - Remote Buffer Overflow (Metasploit)
by Metasploit
CVE-2010-2309 EXPLOITDB ruby VERIFIED
EvoLogical EvoCam 3.6.6-3.6.7 - Remote Code Execution via Long GET Request
Buffer overflow in the web server for EvoLogical EvoCam 3.6.6 and 3.6.7 allows remote attackers to execute arbitrary code via a long GET request.
by Metasploit
CVE-2007-6166 EXPLOITDB ruby VERIFIED
Apple QuickTime <7.3.1 - Buffer Overflow
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.
by Metasploit
CVE-2010-2309 EXPLOITDB ruby VERIFIED
EvoLogical EvoCam 3.6.6-3.6.7 - Remote Code Execution via Long GET Request
Buffer overflow in the web server for EvoLogical EvoCam 3.6.6 and 3.6.7 allows remote attackers to execute arbitrary code via a long GET request.
by Metasploit
CVE-2007-5208 EXPLOITDB ruby VERIFIED
HP Linux Imaging and Printing Project < 2.7.10 - OS Command Injection via Sendmail From Address
hpssd in Hewlett-Packard Linux Imaging and Printing Project (hplip) 1.x and 2.x before 2.7.10 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a from address, which is not properly handled when invoking sendmail.
by Metasploit
CVE-2007-4560 EXPLOITDB ruby VERIFIED
ClamAV < 0.91.2 - Remote Code Execution via Shell Metacharacters in Sendmail Recipient Field
clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call, involving the "recipient field of sendmail."
by Metasploit
CVE-2002-1473 EXPLOITDB ruby VERIFIED
HP-UX 10.20-11.11 - Buffer Overflow in lp Subsystem
Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code.
by Metasploit
CVE-2003-0727 EXPLOITDB ruby VERIFIED
Oracle 9i Database Release 2 - Buffer Overflow
Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to cause a denial of service or hijack user sessions.
by Metasploit
CVE-2005-2373 EXPLOITDB ruby VERIFIED
SlimFTPd 3.15-3.16 - Authenticated Buffer Overflow via Long Directory Name
Buffer overflow in SlimFTPd 3.15 and 3.16 allows remote authenticated users to execute arbitrary code via a long directory name to (1) LIST, (2) DELE or (3) RNFR commands.
by Metasploit
CVE-2005-1323 EXPLOITDB ruby VERIFIED
NetTerm 5.1.1 - Buffer Overflow via USER Command
Buffer overflow in NetFtpd for NetTerm 5.1.1 and earlier allows remote attackers to execute arbitrary code via a long USER command.
by Metasploit
CVE-2006-4691 EXPLOITDB ruby VERIFIED
Microsoft Windows <XP - Buffer Overflow
Stack-based buffer overflow in the NetpManageIPCConnect function in the Workstation service (wkssvc.dll) in Microsoft Windows 2000 SP4 and XP SP2 allows remote attackers to execute arbitrary code via NetrJoinDomain2 RPC messages with a long hostname.
by Metasploit
CVE-2007-3901 EXPLOITDB ruby VERIFIED
Microsoft DirectX 7.0-10.0 - Remote Code Execution via SAMI File Parsing
Stack-based buffer overflow in the DirectShow Synchronized Accessible Media Interchange (SAMI) parser in quartz.dll for Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted SAMI file.
by Metasploit
CVE-2004-1135 EXPLOITDB ruby VERIFIED
WS_FTP Server 5.03 2004.10.14 - Denial of Service via Long SITE, XMKD, MKD, or RNFR Commands
Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow remote attackers to cause a denial of service (service crash) via long (1) SITE, (2) XMKD, (3) MKD, and (4) RNFR commands.
by Metasploit
CVE-2005-1415 EXPLOITDB ruby VERIFIED
GlobalSCAPE Secure FTP Server 3.0.2 - RCE
Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote authenticated users to execute arbitrary code via a long FTP command.
by Metasploit
EIP-2026-118340 EXPLOITDB ruby VERIFIED
CA BrightStor ARCserve Tape Engine - 0x8A Buffer Overflow (Metasploit)
by Metasploit
EIP-2026-118339 EXPLOITDB ruby VERIFIED
CA BrightStor ARCserve Message Engine 0x72 - Remote Buffer Overflow (Metasploit)
by Metasploit
CVE-2007-3010 EXPLOITDB CRITICAL ruby VERIFIED
Alcatel OmniPCX Enterprise < 7.1 - Remote Command Execution via Unified Maintenance Tool
masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during a ping action.
by Metasploit
CVSS 9.8
CVE-2002-1120 EXPLOITDB ruby VERIFIED
Savant Web Server < 3.1 - Remote Code Execution via Long HTTP GET Request
Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
by Metasploit
EIP-2026-117916 EXPLOITDB ruby VERIFIED
SnackAmp 3.1.3B - SMP Buffer Overflow (SEH) (DEP Bypass)
by Muhamad Fadzil Ramli
CVE-2010-3189 EXPLOITDB ruby VERIFIED
Trend Micro Internet Security Pro 2010 - RCE
The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (UfPBCtrl.dll) in Trend Micro Internet Security Pro 2010 allows remote attackers to execute arbitrary code via an invalid address that is dereferenced as a pointer.
by Trancer
EIP-2026-108703 EXPLOITDB ruby VERIFIED
Joomla! Component JE Job - SQL Injection
by Easy Laster
CVE-2010-4862 EXPLOITDB ruby VERIFIED
Joomla! com_jedirectory 1.0 - SQL Injection
SQL injection vulnerability in the JExtensions JE Directory (com_jedirectory) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php.
by Easy Laster
CVE-2010-0483 EXPLOITDB ruby VERIFIED
Microsoft Windows VBScript - Remote Code Execution via MsgBox Help File Argument
vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (2) UNC share pathname, or (3) WebDAV server with a crafted .hlp file in the fourth argument (aka helpfile argument) to the MsgBox function, leading to code execution involving winhlp32.exe when the F1 key is pressed, aka "VBScript Help Keypress Vulnerability."
by Metasploit
CVE-2007-1748 EXPLOITDB ruby VERIFIED
Windows 2000 Server SP4 and Server 2003 SP1/SP2 - Remote Code Execution via DNS RPC Zone Name Overflow
Stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to execute arbitrary code via a long zone name containing character constants represented by escape sequences.
by Metasploit
CVE-2010-20111 EXPLOITDB HIGH ruby VERIFIED
Digital Music Pad v8.2.3.3.4 - Buffer Overflow
Digital Music Pad v8.2.3.3.4 contains a stack-based buffer overflow vulnerability in its playlist file parser. When opening a .pls file containing an excessively long string in the File1 field, the application fails to properly validate input length, resulting in corruption of the Structured Exception Handler (SEH) on the stack. This flaw may allow an attacker to control execution flow when the file is opened, potentially leading to arbitrary code execution.
by Abhishek Lyall
By Source
All 2,689 Writeup 62,313 Exploitdb 50,076 Nomisec 22,418 Github 3,633 Metasploit 3,314 Vulncheck_xdb 929 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,574 ruby 6,005 c 3,628 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 229 shell 131 go 73 postscript 25 typescript 25