Exploitdb Exploits

50,076 exploits tracked across all sources.

Sort: Activity Stars
CVE-2015-6132 EXPLOITDB ruby
Microsoft Windows - Local Privilege Escalation via Library Loading
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."
CVE-2015-6133 EXPLOITDB ruby
Microsoft Windows 8, 8.1, RT, RT 8.1, Server 2012, Server 2012 R2, and 10 - Privilege Escalation via Library Loading
Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."
CVE-2016-0041 EXPLOITDB HIGH ruby
Internet Explorer - DLL Loading Remote Code Execution
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 10 and 11 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability."
CVSS 7.8
CVE-2016-0100 EXPLOITDB HIGH ruby
Windows Vista SP2 and Server 2008 SP2 - Local Privilege Escalation via Library Loading
Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Library Loading Input Validation Remote Code Execution Vulnerability."
CVSS 8.4
CVE-1999-1575 EXPLOITDB
Internet Explorer 4.01/5.0 - Arbitrary File Write and Command Execution via ActiveX Controls
The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.
CVE-2006-0564 EXPLOITDB perl
Microsoft HTML Help Workshop 4.74.8702.0 - Stack-based Buffer Overflow via Long Contents File Field
Stack-based buffer overflow in Microsoft HTML Help Workshop 4.74.8702.0, and possibly earlier versions, and as included in the Microsoft HTML Help 1.4 SDK, allows context-dependent attackers to execute arbitrary code via a .hhp file with a long Contents file field.
CVE-2006-0564 EXPLOITDB python
Microsoft HTML Help Workshop 4.74.8702.0 - Stack-based Buffer Overflow via Long Contents File Field
Stack-based buffer overflow in Microsoft HTML Help Workshop 4.74.8702.0, and possibly earlier versions, and as included in the Microsoft HTML Help 1.4 SDK, allows context-dependent attackers to execute arbitrary code via a .hhp file with a long Contents file field.
CVE-2009-0133 EXPLOITDB cpp
Microsoft HTML Help Workshop <4.74 - Buffer Overflow
Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier allows context-dependent attackers to execute arbitrary code via a .hhp file with a long "Index file" field, possibly a related issue to CVE-2006-0564.
CVE-2006-0564 EXPLOITDB c
Microsoft HTML Help Workshop 4.74.8702.0 - Stack-based Buffer Overflow via Long Contents File Field
Stack-based buffer overflow in Microsoft HTML Help Workshop 4.74.8702.0, and possibly earlier versions, and as included in the Microsoft HTML Help 1.4 SDK, allows context-dependent attackers to execute arbitrary code via a .hhp file with a long Contents file field.
CVE-2006-0564 EXPLOITDB c
Microsoft HTML Help Workshop 4.74.8702.0 - Stack-based Buffer Overflow via Long Contents File Field
Stack-based buffer overflow in Microsoft HTML Help Workshop 4.74.8702.0, and possibly earlier versions, and as included in the Microsoft HTML Help 1.4 SDK, allows context-dependent attackers to execute arbitrary code via a .hhp file with a long Contents file field.
CVE-2008-0081 EXPLOITDB CRITICAL
Microsoft Excel 2000 SP3-2003 SP2 and Viewer 2003 - Remote Code Execution via Crafted Macros
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka "Macro Validation Vulnerability," a different vulnerability than CVE-2007-3490.
CVSS 9.8
CVE-2008-0111 EXPLOITDB
Microsoft Excel 2000 SP3-2007 - Remote Code Execution via Crafted Data Validation Records
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted data validation records, aka "Excel Data Validation Record Vulnerability."
CVE-2008-0112 EXPLOITDB
Microsoft Excel 2000 SP3 and Office for Mac 2004/2008 - Remote Code Execution via Crafted SLK File Import
Unspecified vulnerability in Microsoft Excel 2000 SP3, and Office for Mac 2004 and 2008 allows user-assisted remote attackers to execute arbitrary code via a crafted .SLK file that is not properly handled when importing the file, aka "Excel File Import Vulnerability."
CVE-2008-0114 EXPLOITDB
Microsoft Excel 2000 SP3-2003 SP2, Viewer 2003, Office for Mac 2004 - RCE via Crafted Style Records
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via crafted Style records that trigger memory corruption.
CVE-2008-0115 EXPLOITDB
Microsoft Excel 2000-2007, Viewer 2003, Compatibility Pack, Office for Mac 2004 - RCE via Malformed Formulas
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via malformed formulas, aka "Excel Formula Parsing Vulnerability."
CVE-2008-0116 EXPLOITDB
Microsoft Excel 2000-2003, Viewer 2003, Compatibility Pack, Office 2004-2008 for Mac - RCE via Malformed RTF Tags
Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, Compatibility Pack, and Office 2004 and 2008 for Mac allows user-assisted remote attackers to execute arbitrary code via malformed tags in rich text, aka "Excel Rich Text Validation Vulnerability."
CVE-2010-3143 EXPLOITDB c
Microsoft Windows Contacts - Untrusted Search Path and DLL Hijacking via Trojan Horse wab32res.dll
Untrusted search path vulnerability in Microsoft Windows Contacts allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32res.dll that is located in the same folder as a .contact, .group, .p7c, .vcf, or .wab file. NOTE: the codebase for this product may overlap the codebase for the product referenced in CVE-2010-3147.
CVE-2007-6681 EXPLOITDB python
VLC < 0.8.6d - Remote Code Execution via Long Subtitle in MicroDvd SSA or Vplayer File
Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a (1) MicroDvd, (2) SSA, and (3) Vplayer file.
CVE-2008-0073 EXPLOITDB python
xine-lib 1.1.10.1 - Remote Code Execution via Large streamid SDP Parameter
Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.
CVE-2008-0295 EXPLOITDB python
VLC Media Player < 0.8.6d - Heap-Based Buffer Overflow via Long SDP Data
Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier, allows user-assisted remote attackers to cause a denial of service (crash) or execute arbitrary code via long Session Description Protocol (SDP) data.
CVE-2008-0296 EXPLOITDB python
VLC Media Player < 0.8.6d - Heap-Based Buffer Overflow via RTSP Long String
Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string.
CVE-2008-0984 EXPLOITDB python
Miro Player < 1.1 - Remote Code Execution via Malformed MP4 File
The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.
CVE-2008-1489 EXPLOITDB python
VLC - Integer Overflow and Heap-Based Buffer Overflow via Crafted MP4 RDRF Box
Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC 0.8.6e allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MP4 RDRF box that triggers a heap-based buffer overflow, a different vulnerability than CVE-2008-0984.
CVE-1999-1170 EXPLOITDB
IPswitch IMail - Privilege Escalation
IPswitch IMail allows local users to gain additional privileges and modify or add mail accounts by setting the "flags" registry key to 1920.
CVE-2014-1947 EXPLOITDB HIGH perl
ImageMagick 6.5.4 - Buffer Overflow
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030.
CVSS 7.8
By Source
All 50,076 Writeup 62,204 Exploitdb 50,076 Nomisec 22,391 Github 3,608 Metasploit 3,311 Vulncheck_xdb 927 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,563 ruby 6,002 c 3,626 perl 2,849 html 2,075 php 1,333 bash 462 java 370 c++ 260 javascript 229 shell 131 go 73 postscript 25 typescript 25