Exploitdb Exploits

50,123 exploits tracked across all sources.

Sort: Activity Stars
CVE-2011-3490 EXPLOITDB
Measuresoft ScadaPro <4.0.0 - Buffer Overflow
Multiple stack-based buffer overflows in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long command to port 11234, as demonstrated with the TF command.
CVE-2011-3495 EXPLOITDB
Measuresoft ScadaPro <4.0.0 - Path Traversal
Multiple directory traversal vulnerabilities in service.exe in Measuresoft ScadaPro 4.0.0 and earlier allow remote attackers to read, modify, or delete arbitrary files via the (1) RF, (2) wF, (3) UF, or (4) NF command.
CVE-2011-3496 EXPLOITDB
Measuresoft ScadaPro <4.0.0 - Command Injection
service.exe in Measuresoft ScadaPro 4.0.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) BF, (2) OF, or (3) EF command.
CVE-2004-1214 EXPLOITDB c
Kreed <1.05 - RCE
Format string vulnerability in Kreed 1.05 and earlier allows remote attackers to execute arbitrary code via format specifiers in (1) a nickname or (2) message text.
CVE-2004-1215 EXPLOITDB c
Burut Kreed - Denial of Service
Kreed 1.05 and earlier allows remote attackers to cause a denial of service (server disconnect) via a long UDP packet, which causes a "message too long" socket error.
CVE-2013-2416 EXPLOITDB
Oracle Java SE <7.17 - Info Disclosure
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
CVE-2011-5232 EXPLOITDB
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0025. Reason: This candidate is a duplicate of CVE-2012-0025. Notes: All CVE users should reference CVE-2012-0025 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2008-7135 EXPLOITDB html
Icq Toolbar - Improper Input Validation
toolbaru.dll in ICQ Toolbar (ICQToolbar) 2.3 allows remote attackers to cause a denial of service (toolbar crash) via a long argument to the IsChecked method, a different vector than CVE-2008-7136.
CVE-2006-2554 EXPLOITDB
Genecys - Buffer Overflow
Buffer overflow in the tell_player_surr_changes function in Genecys 0.2 and earlier might allow remote attackers to execute arbitrary code via long arguments.
CVE-2005-0339 EXPLOITDB python
Foxmail Email Server - Buffer Overflow
Buffer overflow in Foxmail 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long MAIL FROM command.
CVE-2005-3491 EXPLOITDB c
Johannes F. Kuhlmann Flatfrag - Buffer Overflow
Multiple buffer overflows in the receiver function in loop.c in FlatFrag 0.3 and earlier allow remote attackers to execute arbitrary code via the (1) version, (2) name, and (3) model fields.
CVE-2006-6564 EXPLOITDB php
FileZilla Server <0.9.22 - DoS
FileZilla Server before 0.9.22 allows remote attackers to cause a denial of service (crash) via a malformed argument to the STOR command, which results in a NULL pointer dereference. NOTE: CVE analysis suggests that the problem might be due to a malformed PORT command.
CVE-2009-2957 EXPLOITDB
Thekelleys Dnsmasq < 2.49 - Memory Corruption
Heap-based buffer overflow in the tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, might allow remote attackers to execute arbitrary code via a long filename in a TFTP packet, as demonstrated by a read (aka RRQ) request.
CVE-2012-0241 EXPLOITDB
Advantech Webaccess < 6.0 - Memory Corruption
Advantech/BroadWin WebAccess before 7.0 allows remote attackers to cause a denial of service (memory corruption) via a modified stream identifier to a function.
CVE-2011-4880 EXPLOITDB
Atvise Webmi2ads < 2.0.1 - Path Traversal
Directory traversal vulnerability in the web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to read arbitrary files via a crafted HTTP request.
CVE-2011-4881 EXPLOITDB
Atvise Webmi2ads < 2.0.1 - Denial of Service
The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 does not properly check return values from functions, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted HTTP request.
CVE-2011-4882 EXPLOITDB
Atvise Webmi2ads < 2.0.1 - Code Injection
The web server in Certec atvise webMI2ADS (aka webMI) before 2.0.2 allows remote attackers to cause a denial of service (application exit) via an unspecified command in an HTTP request.
CVE-2009-1325 EXPLOITDB perl
Mini-stream Ripper - Memory Corruption
Stack-based buffer overflow in Mini-stream Ripper 3.0.1.1 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
CVE-2009-1326 EXPLOITDB perl
Mini-stream RM Downloader - Memory Corruption
Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
CVE-2009-1327 EXPLOITDB perl
Mini-stream WM Downloader - Memory Corruption
Stack-based buffer overflow in Mini-stream WM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
CVE-2009-1328 EXPLOITDB perl
Mini-stream Rm-mp3 Converter - Memory Corruption
Stack-based buffer overflow in Mini-stream RM-MP3 Converter 3.0.0.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
CVE-2009-1329 EXPLOITDB perl
Mini-stream Shadow Stream Recorder - Memory Corruption
Stack-based buffer overflow in Mini-stream Shadow Stream Recorder 3.0.1.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
CVE-2005-0369 EXPLOITDB MEDIUM c
Armagetron < 0.2.6.0 - Improper Array Index Validation
Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 earlier allows remote attackers to cause a denial of service (application crash) via a packet with a large (1) descriptor ID or (2) claim_id, which exceeds the boundaries of an array.
CVSS 5.3
CVE-1999-0925 EXPLOITDB perl
Messagemedia Unitymail < 2.0 - Denial of Service
UnityMail allows remote attackers to conduct a denial of service via a large number of MIME headers.
CVE-2006-1145 EXPLOITDB c
Alien Arena 2006 Gold Edition 5.00 - RCE
Format string vulnerability in the safe_cprintf function in acebot_cmds.c in Alien Arena 2006 Gold Edition 5.00 allows remote attackers (possibly authenticated) to execute arbitrary code via unspecified vectors when the server sends crafted messages to the clients.
By Source
All 50,123 Exploitdb 50,123 Writeup 46,593 Nomisec 21,119 Metasploit 3,189 Github 2,225 Vulncheck_xdb 900 Inthewild 518 Gitlab 438 Gitee 415 Patchapalooza 312
By Language
text 31,341 ruby 5,920 python 5,728 c 3,550 perl 2,854 html 2,054 php 1,334 bash 459 java 359 javascript 256 c++ 245 shell 68 go 41 postscript 25 xml 24