Metasploit Exploits
3,314 exploits tracked across all sources.
CoCSoft Stream Down 6.8.0 - Stack-Based Buffer Overflow via Long Download Response
Stack-based buffer overflow in CoCSoft Stream Down 6.8.0 allows remote web servers to execute arbitrary code via a long response to a download request.
HP LoadRunner < 11.52 - Remote Code Execution
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735.
by Unknown, juan vazquez
ALLPlayer ALLMediaServer <= 0.95 - Remote Code Execution via TCP Port 888 Buffer Overflow
A buffer overflow vulnerability exists in MediaServer.exe in ALLPlayer ALLMediaServer 0.95 and earlier that could allow remote attackers to execute arbitrary code and/or cause denial of service on the victim machine/computer via a long string to TCP port 888.
CVSS 9.8
VMware Workstation Player 12.1.0-12.1.1 - Untrusted Search Path via HGFS Shared Folders
Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
CVSS 7.8
VEEAM One Agent 9.5.4.4587 - Deserialization
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HandshakeResult method. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-10401.
by Michael Zanetta, Edgar Boda-Majer, wvu
CVSS 9.8
ASUS Remote Console <2.0.0.19,2.0.0.24 - Buffer Overflow
Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 and 2.0.0.24 allows remote attackers to execute arbitrary code via a long string to TCP port 623.
Microsoft DirectX 7.0-10.0 - Remote Code Execution via SAMI File Parsing
Stack-based buffer overflow in the DirectShow Synchronized Accessible Media Interchange (SAMI) parser in quartz.dll for Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted SAMI file.
BigAnt IM Server <2.2 - Buffer Overflow
Stack-based buffer overflow in the AntServer module (AntServer.exe) in BigAnt IM Server in BigAnt Messenger 2.2 allows remote attackers to execute arbitrary code via a long URI in a request to TCP port 6080. NOTE: some of these details are obtained from third party information.
by MC
SolarWinds Platform - Code Injection
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
by Justin Hong, Lucas Miller, Piotr Bazydło, Spencer McIntyre
CVSS 7.2
IBM Cognos TM1 9.4.x-9.5.x - Remote Code Execution via Crafted Data
Multiple stack-based buffer overflows in tm1admsd.exe in the Admin Server in IBM Cognos TM1 9.4.x and 9.5.x before 9.5.2 FP2 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted data.
by Unknown, juan vazquez
ALLMediaServer <1.6 - Buffer Overflow
Mediaserver.exe in ALLMediaServer 1.6 has a stack-based buffer overflow that allows remote attackers to execute arbitrary code via a long string to TCP port 888, a related issue to CVE-2017-17932.
by Hejap Zairy Al-Sharif
CVSS 9.8
InterBase 8.0.0.53-8.1.0.253 & WI 5.1.1.680-8.1.0.257 - Remote Code Execution via Stack Overflow
Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function.
by Ramon de C Valle
HP OpenView Data Protector 5.50/6.0 - Remote Code Execution via MSG_PROTOCOL Packet
Stack-based buffer overflow in the OmniInet process in HP OpenView Data Protector Application Recovery Manager 5.50 and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted MSG_PROTOCOL packet.
Borland CaliberRM 2006 - Stack-Based Buffer Overflow in StarTeam Multicast Service
Stack-based buffer overflow in the PGMWebHandler::parse_request function in the StarTeam Multicast Service component (STMulticastService) 6.4 in Borland CaliberRM 2006 allows remote attackers to execute arbitrary code via a large HTTP request.
Enterasys NetSight < 4.1.0.79 - Remote Code Execution via Long PRIO Field in Syslog Message
Stack-based buffer overflow in the Syslog service (nssyslogd.exe) in Enterasys Network Management Suite (NMS) before 4.1.0.80 allows remote attackers to execute arbitrary code via a long PRIO field in a message to UDP port 514.
by Jeremy Brown
POP Peeper < 3.4.0.0 - Remote Code Execution via Long Date Header
Stack-based buffer overflow in POP Peeper 3.4.0.0 and earlier allows remote POP3 servers to execute arbitrary code via a long Date header, related to Imap.dll.
by MC
Anviz CrossChex 4.3.8.0 and 4.3.12 - Buffer Overflow
Anviz CrossChex access control management software 4.3.8.0 and 4.3.12 is vulnerable to a buffer overflow vulnerability.
by Luis Catarino <[email protected]>, Pedro Rodrigues <[email protected]>, agalway-r7, adfoster-r7
CVSS 9.8
HP Storage Data Protector 6.2X - Remote Code Execution or Denial of Service
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1905.
by Brian Gorenc, juan vazquez
TinyIdentD < 2.2 - Remote Code Execution via Long String to TCP Port 113
Stack-based buffer overflow in TinyIdentD 2.2 and earlier allows remote attackers to execute arbitrary code via a long string to TCP port 113.
by Maarten Boone
HP OpenView Storage Data Protector 5.50 and 6.0 - Remote Code Execution via MSG_PROTOCOL Command
Stack-based buffer overflow in OmniInet.exe (aka the backup client service daemon) in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via an MSG_PROTOCOL command with long arguments, a different vulnerability than CVE-2009-3844.
HP Storage Data Protector 8.x - Remote Code Execution
Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown vectors.
by Christian Ramirez, Henoch Barrera
BlueCoat WinProxy < 6.1a and ProxyAV < 2.4.2.3 - Remote Code Execution via Long Host Header
Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header.
Qbik WinGate 6.1.1.1077 - Buffer Overflow
Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate 6.1.1.1077 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL HTTP request.
CCProxy - Buffer Overflow via Long HTTP GET Request
Buffer overflow in the logging component of CCProxy allows remote attackers to execute arbitrary code via a long HTTP GET request.
by aushack
professional_gatekeeper 4.7 - Remote Code Execution via Long GET Request
Buffer overflow in the web proxy for GateKeeper Pro 4.7 allows remote attackers to execute arbitrary code via a long GET request.
By Source