Exploitdb Exploits
49,989 exploits tracked across all sources.
ASPRunner Professional 6.0.766 Local Buffer Overflow DoS
ASPRunner Professional 6.0.766 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by supplying an excessively long project name. Attackers can paste 180 or more characters into the Project name field during project creation to trigger an application crash.
by Rafael Pedrero
CVSS 6.2
a-Mac Address Change 5.4 Local Buffer Overflow DoS
a-Mac Address Change 5.4 contains a local buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input to registration form fields. Attackers can paste 212 bytes of data into the 'Your Name', 'Your Company', or 'Register Code' fields and click the Register button to trigger a denial of service crash.
by Rafael Pedrero
CVSS 5.5
AnyBurn 4.3 x86 Denial of Service via Image Conversion
AnyBurn 4.3 x86 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the image conversion function. Attackers can paste a large buffer into the source or destination image file fields and click Convert Now to trigger a crash.
by Dino Covotsos
CVSS 5.5
R i386 3.5.0 Local Buffer Overflow SEH
R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler (SEH) overwrite by supplying malicious input. Attackers can craft a payload string in the 'Language for menus and messages' field to overwrite SEH records and achieve code execution with calculator or arbitrary shellcode.
by Dino Covotsos
CVSS 8.4
UltraISO 9.7.1.3519 - 'Output FileName' Local Buffer Overflow (SEH)
by Dino Covotsos
UltraISO 9.7.1.3519 - 'Output FileName' Local Buffer Overflow (SEH)
by Dino Covotsos
FlexHEX 2.46 - Buffer Overflow (PoC) (SEH Overwrite)
by Rafael Pedrero
FlexHEX 2.46 - Buffer Overflow (PoC) (SEH Overwrite)
by Rafael Pedrero
Advanced Host Monitor 11.90 Beta - 'Registration number' Denial of Service (PoC)
by Luis Martínez
Advanced Host Monitor 11.90 Beta - 'Registration number' Denial of Service (PoC)
by Luis Martínez
Apple Iphone OS < 12.1.3 - Out-of-Bounds Write
A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes.
by Google Security Research
CVSS 7.8
Apple Iphone OS < 12.1.3 - Type Confusion
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to break out of its sandbox.
by Google Security Research
CVSS 8.6
Apple Iphone OS < 12.1.3 - Memory Corruption
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. An application may be able to execute arbitrary code with kernel privileges.
by Google Security Research
CVSS 7.8
Apple Iphone OS < 12.1.3 - Out-of-Bounds Write
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to execute arbitrary code with kernel privileges.
by Google Security Research
CVSS 7.8
iOS <12.1.3 - Memory Corruption
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes.
by Google Security Research
CVSS 5.5
IP TOOLS 2.50 Local Buffer Overflow Denial of Service
IP TOOLS 2.50 contains a local buffer overflow vulnerability in the SNMP Scanner component that allows local attackers to crash the application by supplying oversized input. Attackers can paste malicious data into the 'From Addr' and 'To Addr' fields and trigger the crash by clicking the Start button, causing denial of service and SEH overwrite.
by Rafael Pedrero
CVSS 5.5
10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow (SEH) (DEP Bypass)
by bzyo
10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow (SEH) (DEP Bypass)
by bzyo
Necrosoft DIG 0.4 - Buffer Overflow (PoC) (SEH Overwrite)
by Rafael Pedrero
Necrosoft DIG 0.4 - Buffer Overflow (PoC) (SEH Overwrite)
by Rafael Pedrero
Advanced File Manager 3.4.1 - Denial of Service (PoC)
by Rafael Pedrero
Rukovoditel Project Management CRM 2.4.1 - 'lists_id' SQL Injection
by Mehmet EMIROGLU
Apple Iphone OS < 12.1.3 - Out-of-Bounds Read
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to determine kernel memory layout.
by Google Security Research
CVSS 5.5
HTML5 Video Player 1.2.5 Local Buffer Overflow Non-SEH
HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register dialog to trigger code execution and spawn a calculator process.
by Dino Covotsos
CVSS 8.4
PDF Signer 3.0 - Server-Side Template Injection leading to Remote Command Execution (via Cross-Site Request Forgery Cookie)
by dd_
By Source