Exploitdb Exploits

50,095 exploits tracked across all sources.

Sort: Activity Stars
CVE-2007-4466 EXPLOITDB ruby VERIFIED
Electronic Arts SnoopyCtrl - Stack-Based Buffer Overflow
Multiple stack-based buffer overflows in Electronic Arts (EA) SnoopyCtrl ActiveX control (NPSnpy.dll) allow remote attackers to execute arbitrary code via unspecified methods and parameters.
by Metasploit
CVE-2009-4225 EXPLOITDB ruby VERIFIED
PestPatrol <5.6.7.9 - Buffer Overflow
Stack-based buffer overflow in the PestPatrol ActiveX control (ppctl.dll) 5.6.7.9 in CA eTrust PestPatrol allows remote attackers to execute arbitrary code via a long argument to the Initialize method.
by Metasploit
EIP-2026-118286 EXPLOITDB ruby VERIFIED
AtHocGov IWSAlerts - ActiveX Control Buffer Overflow (Metasploit)
by Metasploit
CVE-2006-6251 EXPLOITDB ruby VERIFIED
VUPlayer < 2.44 - Remote Code Execution via Long M3U File String
Stack-based buffer overflow in VUPlayer 2.44 and earlier allows remote attackers to execute arbitrary code via a long string in an M3U file, aka an "M3U UNC Name" attack.
by Metasploit
EIP-2026-118074 EXPLOITDB ruby VERIFIED
VUPlayer - '.cue' Local Buffer Overflow (Metasploit)
by Metasploit
CVE-2009-3861 EXPLOITDB ruby VERIFIED
SafeNet SoftRemote <10.8.9 - Buffer Overflow
Stack-based buffer overflow in SafeNet SoftRemote 10.8.5 (Build 2) and 10.3.5 (Build 6), and possibly other versions before 10.8.9, allows local users to execute arbitrary code via a long string in a (1) TREENAME or (2) GROUPNAME Policy file (spd).
by Metasploit
EIP-2026-117886 EXPLOITDB ruby VERIFIED
S.O.M.P.L 1.0 Player - Local Buffer Overflow (Metasploit)
by Metasploit
CVE-2009-2364 EXPLOITDB python VERIFIED
mp3-nator 2.0 - Stack-Based Buffer Overflow via Long String in .plf or listdata.dat File
Stack-based buffer overflow in Mp3-Nator 2.0 allows remote attackers to execute arbitrary code via (1) a long string in a .plf file and (2) a long string in the listdata.dat file, possibly related to a track entry.
by C4SS!0 G0M3S
CVE-2009-0546 EXPLOITDB ruby VERIFIED
NewsGator FeedDemon <2.7 - Buffer Overflow
Stack-based buffer overflow in NewsGator FeedDemon 2.7 and earlier allows user-assisted remote attackers to execute arbitrary code via a long text attribute in an outline element in a .opml file.
by Metasploit
EIP-2026-117161 EXPLOITDB ruby VERIFIED
Fat Player Media Player 0.6b0 - Local Buffer Overflow (Metasploit)
by Metasploit
EIP-2026-117041 EXPLOITDB ruby VERIFIED
Digital Music Pad 8.2.3.3.4 - Local Stack Buffer Overflow (Metasploit)
by Metasploit
CVE-2007-2864 EXPLOITDB ruby VERIFIED
CA Products <30.6 - Buffer Overflow
Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.
by Metasploit
CVE-2006-6199 EXPLOITDB ruby VERIFIED
BlazeVideo BlazeDVD Standard and Professional 5.0 - Stack-based Buffer Overflow via PLF Playlist Filename
Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist.
by Metasploit
EIP-2026-116696 EXPLOITDB ruby VERIFIED
A-PDF WAV to MP3 1.0.0 - Local Buffer Overflow (Metasploit)
by Metasploit
EIP-2026-114487 EXPLOITDB text
XT:Commerce < 3.04 SP2.1 - Cross-Site Scripting
by Philipp Niedziela
CVE-2010-2892 EXPLOITDB text VERIFIED
LANDesk Management Gateway <4.0-1.48 & <4.2-1.8 - Command Injection
gsb/drivers.php in LANDesk Management Gateway 4.0 through 4.0-1.48 and 4.2 through 4.2-1.8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the DRIVES parameter, as demonstrated by a cross-site request forgery (CSRF) attack.
by Aureliano Calvo
EIP-2026-106652 EXPLOITDB php
E-Xoopport 3.1 - 'display.php?katid' SQL Injection
by Vis Intelligendi
CVE-2009-0950 EXPLOITDB ruby VERIFIED
Apple iTunes < 8.2 - Remote Code Execution via Long itms: URL Component
Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon.
by Metasploit
CVE-2010-1840 EXPLOITDB text VERIFIED
Apple Mac OS X 10.5.8 and 10.6.x < 10.6.5 - Remote Code Execution via Directory Services Password Validation
Stack-based buffer overflow in the password-validation functionality in Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
by Rodrigo Rubira
CVE-2008-4696 EXPLOITDB ruby VERIFIED
Opera - Stored Cross-Site Scripting via History Search Database
Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before 9.61 allows remote attackers to inject arbitrary web script or HTML via the anchor identifier (aka the "optional fragment"), which is not properly escaped before storage in the History Search database (aka md.dat).
by Metasploit
CVE-2009-3849 EXPLOITDB ruby VERIFIED
HP OpenView Network Node Manager 7.01, 7.51, 7.53 - Remote Code Execution via Long Template or Oid Parameter
Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) a long Template parameter to nnmRptConfig.exe, related to the strcat function; or (2) a long Oid parameter to snmp.exe.
by Metasploit
CVE-2009-2727 EXPLOITDB ruby VERIFIED
IBM AIX 5.2.0, 5.3.0, 5.3.7-5.3.10, 6.1.0-6.1.3 - Stack-Based Buffer Overflow in _tt_internal_realpath
Stack-based buffer overflow in the _tt_internal_realpath function in the ToolTalk library (libtt.a) in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allows remote attackers to execute arbitrary code via a long XDR-encoded ASCII string to remote procedure 15.
by Metasploit
CVE-2009-3699 EXPLOITDB ruby VERIFIED
IBM VIOS < 2.1.0 and AIX 5.x-6.1.3 - Remote Code Execution via Long XDR String in rpc.cmsd
Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd.
by Metasploit
EIP-2026-117188 EXPLOITDB ruby VERIFIED
Free CD to MP3 Converter 3.1 - Local Buffer Overflow (SEH)
by C4SS!0 G0M3S
EIP-2026-117187 EXPLOITDB perl VERIFIED
Free CD to MP3 Converter 3.1 - Local Buffer Overflow
by C4SS!0 G0M3S