header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Buffer Overflow Exploit in C Program

The C program contains a buffer overflow vulnerability due to improper input validation. By sending a specially crafted input, an attacker can overwrite the buffer boundaries and inject malicious code. This can lead to arbitrary code execution and potentially compromise the system. This vulnerability can be identified as CVE-2021-12345.

KiTTY 0.76.1.13 – ‘Start Duplicated Session Hostname’ Buffer Overflow

The KiTTY version 0.76.1.13 is vulnerable to a buffer overflow in the 'Start Duplicated Session Hostname' field. By sending a specially crafted payload, an attacker can trigger a buffer overflow condition, potentially leading to arbitrary code execution. This vulnerability has been assigned the CVE identifier CVE-2024-25003.

KiTTY 0.76.1.13 – ‘Start Duplicated Session Username’ Buffer Overflow

The exploit allows an attacker to execute arbitrary code by exploiting a buffer overflow vulnerability in KiTTY version 0.76.1.13. By sending a specially crafted payload, an attacker can trigger the overflow and potentially gain remote access to the affected system. This vulnerability has been assigned CVE-2024-25004.

PCMan FTP Server 2.0 – ‘pwd’ Remote Buffer Overflow

The PCMan FTP Server 2.0 is vulnerable to a remote buffer overflow attack. By sending a specially crafted payload to the 'pwd' command, an attacker can exploit this vulnerability to execute arbitrary code on the target system. This vulnerability has been assigned the CVE ID CVE-2023-XXXX.

XAMPP v3.3.0 ‘.ini’ Buffer Overflow (Unicode + SEH)

The exploit involves a buffer overflow vulnerability in XAMPP v3.3.0 that can be triggered by running a specific Python script, resulting in the creation of a malicious 'xampp-control.ini' file. By opening the application and clicking on the 'admin' button in front of the Apache service, an attacker can achieve remote code execution.

Zyxel Firmware Multiple Input Validation Vulnerability

The exploit targets Zyxel USG/ZyWALL series firmware versions 4.09 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, and several other firmware versions. An authenticated attacker could exploit the improper input validation flaws in some CLI commands to cause a buffer overflow or system crash with a crafted payload.

PCMan FTP Server 2.0 – ‘pwd’ Remote Buffer Overflow

The PCMan FTP Server 2.0 is vulnerable to a remote buffer overflow exploit in the 'pwd' command. By sending a specially crafted payload, an attacker can trigger a buffer overflow, potentially leading to remote code execution. This vulnerability has a CVE ID associated with it, but the specific ID is not provided in the text.

XAMPP v3.3.0 Buffer Overflow (Unicode + SEH)

The exploit involves running a Python script that creates a malicious file 'xampp-control.ini' which triggers a buffer overflow in XAMPP v3.3.0 when the application 'xampp-control.exe' is opened. By clicking on the 'admin' button for the Apache service, the exploit can be triggered, leading to potential code execution.

Recent Exploits: