Exploitdb Exploits
50,095 exploits tracked across all sources.
SUN Jre < 1.6.0 - Denial of Service
The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308.
by Konstantin Preisser
AOL Desktop < 9.6 - Stack-based Buffer Overflow via RTX Hyperlink Tag
AOL Desktop 9.6 contains a buffer overflow vulnerability in its Tool\rich.rct component when parsing .rtx files. By embedding an overly long string in a hyperlink tag, an attacker can trigger a stack-based buffer overflow due to the use of unsafe strcpy operations. This allows remote attackers to execute arbitrary code when a victim opens a malicious .rtx file. AOL Desktop is end-of-life and no longer supported. Users are encouraged to migrate to AOL Desktop Gold or alternative platforms.
by sup3r
Joomla! Component com_virtuemart 1.1.6 - SQL Injection
by Andrea Fabrizi
All In One Control Panel 1.4.1 - 'cp_menu_data_file.php' SQL Injection
by AutoSec Tools
OpenVAS Manager <2.0rc2 - Command Injection
The email function in manage_sql.c in OpenVAS Manager 1.0.x through 1.0.3 and 2.0.x through 2.0rc2 allows remote authenticated users to execute arbitrary commands via the (1) To or (2) From e-mail address in an OMP request to the Greenbone Security Assistant (GSA).
by Tim Brown
Real Networks Netzip Classic 7.5.1.86 - Buffer Overflow
Real Networks Netzip Classic version 7.5.1.86 is vulnerable to a stack-based buffer overflow when parsing a specially crafted ZIP archive. The vulnerability is triggered when the application attempts to process a file name within the archive that exceeds the expected buffer size. Exploitation allows arbitrary code execution under the context of the victim user when the ZIP file is opened.
by C4SS!0 G0M3S
SDP Downloader 2.3.0 - 'http_response' Remote Buffer Overflow
by sup3r
Maxthon Browser 3.0.20.1000 - ref / replace Denial of Service
by Carlos Mario Penagos Hollmann
vBSEO 3.2.2/3.5.2 - Persistent Cross-Site Scripting via LinkBacks
by MaXe
vBSEO 3.2.2/3.5.2 - Multiple Cross-Site Scripting Vulnerabilities
by MaXe
eSyndiCat Directory Software 2.2/2.3 - 'preview' Cross-Site Scripting
by Avram Marius
Google Chrome 8.0.552.237 - replace Denial of Service
by Carlos Mario Penagos Hollmann
Caedo HTTPd Server 0.5.1 ALPHA - Arbitrary File Download
by Zer0 Thunder
WM Downloader 3.1.2.2 2010.04.15 - '.m3u' File Buffer Overflow (DEP Bypass)
by sickness
Microsoft Windows - Cross-Site Scripting via MHTML Protocol Handler
The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for content blocks in a document, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site that is visited in Internet Explorer, aka "MHTML Mime-Formatted Request Vulnerability."
by 80vul
CVSS 6.1
A-PDF All to MP3 Converter 2.0.0 - '.wav' Local Buffer Overflow (SEH)
by m0nna
Virtuosa Phoenix Edition 5.2 - ASX Buffer Overflow (SEH)
by Acidgen
PHP Script Directory Software - 'sbcat_id' SQL Injection
by h4ck3r
PHP Link Directory Software - 'sbcat_id' SQL Injection
by h4ck3r
By Source