Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-105765 EXPLOITDB perl
cChatBox for vBulletin 3.6.8/3.7.x - SQL Injection
by DSecurity
EIP-2026-105494 EXPLOITDB text
Bitweaver 2.8.0 - Multiple Vulnerabilities
by lemlajt
CVE-2011-0762 EXPLOITDB c VERIFIED
vsftpd < 2.3.3 - Authenticated Denial of Service via Glob Expression in STAT Command
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.
by Maksymilian Arciemowicz
CVE-2011-1082 EXPLOITDB c VERIFIED
Linux Kernel < 2.6.38 - Denial of Service via epoll File Descriptor Chaining
fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for (1) closed loops or (2) deep chains, which allows local users to cause a denial of service (deadlock or stack memory consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.
by Nelson Elhage
CVE-2011-1083 EXPLOITDB c VERIFIED
Linux Kernel < 2.6.37.2 - Denial of Service via epoll File Descriptor Tree Traversal
The epoll implementation in the Linux kernel 2.6.37.2 and earlier does not properly traverse a tree of epoll file descriptors, which allows local users to cause a denial of service (CPU consumption) via a crafted application that makes epoll_create and epoll_ctl system calls.
by Nelson Elhage
CVE-2010-4165 EXPLOITDB c VERIFIED
Linux Kernel < 2.6.37 - Denial of Service via TCP_MAXSEG Setsockopt
The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not properly restrict TCP_MAXSEG (aka MSS) values, which allows local users to cause a denial of service (OOPS) via a setsockopt call that specifies a small value, leading to a divide-by-zero error or incorrect use of a signed integer.
by prdelka
CVE-2011-0045 EXPLOITDB c VERIFIED
Microsoft Windows XP SP3 - Buffer Overflow
The Trace Events functionality in the kernel in Microsoft Windows XP SP3 does not properly perform type conversion, which causes integer truncation and insufficient memory allocation and triggers a buffer overflow, which allows local users to gain privileges via a crafted application, related to WmiTraceMessageVa, aka "Windows Kernel Integer Truncation Vulnerability."
by Nikita Tarakanov
CVE-2011-1143 EXPLOITDB text VERIFIED
Wireshark < 1.4.4 - Denial of Service via NTLMSSP Dissector NULL Pointer Dereference
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.
by Buildbot Builder
EIP-2026-118640 EXPLOITDB text
Home FTP Server 1.12 - Directory Traversal
by clshack
EIP-2026-118433 EXPLOITDB perl VERIFIED
DivX Player 6.x - '.dps' Remote Buffer Overflow
by KedAns-Dz
EIP-2026-116130 EXPLOITDB python VERIFIED
Quick 'n Easy FTP Server 3.2 - Denial of Service
by clshack
EIP-2026-115940 EXPLOITDB text
Nitro PDF Reader 1.4.0 - Heap Memory Corruption (PoC)
by LiquidWorm
EIP-2026-115573 EXPLOITDB perl VERIFIED
Magic Music Editor - '.cda' Denial of Service
by AtT4CKxT3rR0r1ST
EIP-2026-113584 EXPLOITDB text VERIFIED
WordPress Plugin BackWPup 1.4 - Multiple Information Disclosure Vulnerabilities
by Danilo Massa
EIP-2026-112261 EXPLOITDB text VERIFIED
SnapProof - 'retPageID' Cross-Site Scripting
by difficult 511
EIP-2026-112260 EXPLOITDB text VERIFIED
SnapProof - 'page.php' SQL Injection
by AtT4CKxT3rR0r1ST
EIP-2026-106483 EXPLOITDB text VERIFIED
DO-CMS - Multiple SQL Injections
by AtT4CKxT3rR0r1ST
EIP-2026-103961 EXPLOITDB perl VERIFIED
KMPlayer 2.9.3.1214 - '.ksf' Remote Buffer Overflow
by KedAns-Dz
CVE-2011-0708 EXPLOITDB text VERIFIED
PHP < 5.3.6 - Denial of Service via Exif Image File Directory Buffer Over-read
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read.
by _ikki & paradoxengine
CVE-2011-0647 EXPLOITDB ruby VERIFIED
EMC Replication Manager < 5.3 - Remote Code Execution via irccd.exe RunProgram Function
The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsoft Applications 2.1.x and 2.2.x allows remote attackers to execute arbitrary commands via the RunProgram function to TCP port 6542.
by Metasploit
EIP-2026-117123 EXPLOITDB python VERIFIED
Elecard AVC_HD/MPEG Player 5.7 - Local Buffer Overflow
by sickness
EIP-2026-115230 EXPLOITDB perl VERIFIED
eXPert PDF Reader 4.0 - Null Pointer Dereference and Heap Corruption
by LiquidWorm
EIP-2026-113939 EXPLOITDB text VERIFIED
WordPress Plugin OPS Old Post Spinner 2.2.1 - Local File Inclusion
by AutoSec Tools
EIP-2026-113848 EXPLOITDB text VERIFIED
WordPress Plugin jQuery Mega Menu 1.0 - Local File Inclusion
by AutoSec Tools
EIP-2026-111266 EXPLOITDB text VERIFIED
phreebooks r30rc4 - Multiple Vulnerabilities
by AutoSec Tools