Exploitdb Exploits
50,095 exploits tracked across all sources.
Microsoft Windows Movie Maker 2.1.4026 - '.avi' Remote Buffer Overflow
by KedAns-Dz
CA BrightStor ARCserve Backup r11.1 - Remote Code Execution via Buffer Overflow
Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands.
by Metasploit
WikiWig 5.01 - Cross-Site Scripting via SpellChecker Module Parameters
Multiple cross-site scripting (XSS) vulnerabilities in spell-check-savedicts.php in the SpellChecker module in Xinha, as used in WikiWig 5.01 and possibly other products, allow remote attackers to inject arbitrary web script or HTML via the (1) to_p_dict or (2) to_r_list parameter. NOTE: this issue might be related to the htmlarea plugin and CVE-2013-5670.
by John Leitch
WordPress Plugin Lazyest Gallery 1.0.26 - 'image' Cross-Site Scripting
by High-Tech Bridge SA
Wikiwig 5.01 - Cross-Site Scripting / HTML Injection
by AutoSec Tools
PHP < 5.2.11 - Denial of Service via Malformed Zip Archive Processing
Integer signedness error in zip_stream.c in the Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (CPU consumption) via a malformed archive file that triggers errors in zip_fread function calls.
by TorokAlpar
PHP < 5.3.6 - Denial of Service via ZipArchive Stream Handling
The Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a ziparchive stream that is not properly handled by the stream_get_contents function.
by paulgao
PHP < 5.3.6 - Denial of Service via NumberFormatter::setSymbol Invalid Argument
Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument, a related issue to CVE-2010-4409.
by thoger
Linux Kernel < 2.6.37 - Denial of Service via TCP_MAXSEG Setsockopt
The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect use of a signed integer.
by zx2c4
Cosmoshop 10.05.00 - Multiple Cross-Site Scripting / SQL Injections
by High-Tech Bridge SA
FreeBSD 6-7 - Privilege Escalation via Uninitialized Function Pointers
Multiple unspecified vulnerabilities in FreeBSD 6 before 6.4-STABLE, 6.3 before 6.3-RELEASE-p7, 6.4 before 6.4-RELEASE-p1, 7.0 before 7.0-RELEASE-p7, 7.1 before 7.1-RC2, and 7 before 7.1-PRERELEASE allow local users to gain privileges via unknown attack vectors related to function pointers that are "not properly initialized" for (1) netgraph sockets and (2) bluetooth sockets.
by zx2c4
SmarterMail 7.1.3876 - Path Traversal
Directory traversal vulnerability in FileStorageUpload.ashx in SmarterMail 7.1.3876 allows remote attackers to read arbitrary files via a (1) ../ (dot dot slash), (2) %5C (encoded backslash), or (3) %255c (double-encoded backslash) in the name parameter.
by Hoyt LLC Research
Safari < 5.0.4 - Same Origin Policy Bypass via WebKit Window Functionality
The windows functionality in WebKit in Apple Safari before 5.0.4 allows remote attackers to bypass the Same Origin Policy, and force the upload of arbitrary local files from a client computer, via a crafted web site.
by Aaron Sigel
recordpress 0.3.1 - Multiple Vulnerabilities
by Khashayar Fereidani
Apple QuickTime 7.5 - '.m3u' Remote Stack Buffer Overflow
by KedAns-Dz
Oracle MySQL for Microsoft Windows - Payload Execution (Metasploit)
by Metasploit
Movavi VideoSuite 8.0 MediaPlayer - '.m3u' Local Buffer Overflow
by KedAns-Dz
.NET Runtime Optimization Service - Local Privilege Escalation
by XenoMuta
Movavi VideoSuite 8.0 Slideshow - '.jpg' Local Crash (PoC)
by KedAns-Dz
Movavi VideoSuite 8.0 Movie Editor - '.avi' Local Crash (PoC)
by KedAns-Dz
WS Interactive Automne 4.1 - '/admin/upload-controler.php' Arbitrary File Upload
by AutoSec Tools
By Source