Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2010-4476 EXPLOITDB text VERIFIED
SUN Jre < 1.6.0 - Denial of Service
The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
by Konstantin Preisser
CVE-2011-10027 EXPLOITDB HIGH python VERIFIED
AOL Desktop < 9.6 - Stack-based Buffer Overflow via RTX Hyperlink Tag
AOL Desktop 9.6 contains a buffer overflow vulnerability in its Tool\rich.rct component when parsing .rtx files. By embedding an overly long string in a hyperlink tag, an attacker can trigger a stack-based buffer overflow due to the use of unsafe strcpy operations. This allows remote attackers to execute arbitrary code when a victim opens a malicious .rtx file. AOL Desktop is end-of-life and no longer supported. Users are encouraged to migrate to AOL Desktop Gold or alternative platforms.
by sup3r
EIP-2026-108583 EXPLOITDB text VERIFIED
Joomla! Component com_virtuemart 1.1.6 - SQL Injection
by Andrea Fabrizi
EIP-2026-105099 EXPLOITDB python VERIFIED
All In One Control Panel 1.4.1 - 'cp_menu_data_file.php' SQL Injection
by AutoSec Tools
CVE-2011-0018 EXPLOITDB text VERIFIED
OpenVAS Manager <2.0rc2 - Command Injection
The email function in manage_sql.c in OpenVAS Manager 1.0.x through 1.0.3 and 2.0.x through 2.0rc2 allows remote authenticated users to execute arbitrary commands via the (1) To or (2) From e-mail address in an OMP request to the Greenbone Security Assistant (GSA).
by Tim Brown
CVE-2011-10016 EXPLOITDB CRITICAL ruby VERIFIED
Real Networks Netzip Classic 7.5.1.86 - Buffer Overflow
Real Networks Netzip Classic version 7.5.1.86 is vulnerable to a stack-based buffer overflow when parsing a specially crafted ZIP archive. The vulnerability is triggered when the application attempts to process a file name within the archive that exceeds the expected buffer size. Exploitation allows arbitrary code execution under the context of the victim user when the ZIP file is opened.
by C4SS!0 G0M3S
EIP-2026-119121 EXPLOITDB python VERIFIED
SDP Downloader 2.3.0 - 'http_response' Remote Buffer Overflow
by sup3r
EIP-2026-115591 EXPLOITDB html VERIFIED
Maxthon Browser 3.0.20.1000 - ref / replace Denial of Service
by Carlos Mario Penagos Hollmann
EIP-2026-112978 EXPLOITDB text VERIFIED
vBSEO Sitemap 2.5/3.0 - Multiple Vulnerabilities
by MaXe
EIP-2026-112977 EXPLOITDB text VERIFIED
vBSEO 3.2.2/3.5.2 - Persistent Cross-Site Scripting via LinkBacks
by MaXe
EIP-2026-112976 EXPLOITDB html VERIFIED
vBSEO 3.2.2/3.5.2 - Multiple Cross-Site Scripting Vulnerabilities
by MaXe
EIP-2026-111852 EXPLOITDB text VERIFIED
RW-Download 4.0.6 - 'index.php' SQL Injection
by Dr.NeT
EIP-2026-106916 EXPLOITDB text VERIFIED
eSyndiCat Directory Software 2.2/2.3 - 'preview' Cross-Site Scripting
by Avram Marius
EIP-2026-103495 EXPLOITDB html VERIFIED
Google Chrome 8.0.552.237 - replace Denial of Service
by Carlos Mario Penagos Hollmann
EIP-2026-118342 EXPLOITDB perl VERIFIED
Caedo HTTPd Server 0.5.1 ALPHA - Arbitrary File Download
by Zer0 Thunder
EIP-2026-118145 EXPLOITDB python VERIFIED
WM Downloader 3.1.2.2 2010.04.15 - '.m3u' File Buffer Overflow (DEP Bypass)
by sickness
CVE-2011-0096 EXPLOITDB MEDIUM text VERIFIED
Microsoft Windows - Cross-Site Scripting via MHTML Protocol Handler
The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for content blocks in a document, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site that is visited in Internet Explorer, aka "MHTML Mime-Formatted Request Vulnerability."
by 80vul
CVSS 6.1
EIP-2026-116694 EXPLOITDB perl VERIFIED
A-PDF All to MP3 Converter 2.0.0 - '.wav' Local Buffer Overflow (SEH)
by m0nna
EIP-2026-109634 EXPLOITDB text VERIFIED
MultiCMS - Local File Inclusion
by R3VAN_BASTARD
EIP-2026-118065 EXPLOITDB python VERIFIED
Virtuosa Phoenix Edition 5.2 - ASX Buffer Overflow (SEH)
by Acidgen
EIP-2026-110754 EXPLOITDB text VERIFIED
PHP Script Directory Software - 'sbcat_id' SQL Injection
by h4ck3r
EIP-2026-110716 EXPLOITDB text VERIFIED
PHP Link Directory Software - 'sbcat_id' SQL Injection
by h4ck3r
EIP-2026-110665 EXPLOITDB text
PHP Classified ads software - 'cid' Blind SQL Injection
by h4ck3r
EIP-2026-101066 EXPLOITDB perl
Polycom SoundPoint IP Devices - Denial of Service
by pawel gawinek
EIP-2026-100670 EXPLOITDB c
FreeBSD 8.0 - Local Forced Reboot (Denial of Service)
by kingcope