header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Show More

DOS LOGIN Quick ‘n Easy FTP Server 3.2

This exploit allows an attacker to perform a Denial of Service (DOS) attack by sending a large buffer of random characters as the username and password to the Quick 'n Easy FTP Server 3.2. This causes the server to become unresponsive and deny service to legitimate users.

7.5
CVSS
HIGH
DOS
400
CWE
Product Name
Quick 'n Easy FTP Server
Platforms Tested
Windows XP SP3
Affected Version
From:
1.12
To:
1.12
2011
Show More

Developers should not rely on the stickiness of /tmp on Red Hat Linux

Unprivileged users can effectively remove the sticky-bit from the system /tmp directory, making it unsafe to rely on the stickiness of /tmp on Red Hat Linux systems.

5.5
CVSS
MEDIUM
Unreliable sticky-bit in /tmp directory
CWE
Product Name
Red Hat Enterprise Linux, Fedora
Platforms Tested
Linux
Affected Version
From:
All known versions of policycore-utils
To:
All known versions of policycore-utils
2011
Show More

AutoPlay v1.33 (autoplay.ini) Local Buffer Overflow Exploit (SEH)

The program suffers from a buffer overflow vulnerability when opening autorun file (.ini), as a result of adding extra bytes to parts of the edited file, giving the attackers the possibility for arbitrary code execution on the affected system. Also, the buffer overflow vulnerability allows the attacker to bypass Structured Exception Handling (SEH) protection mechanism.

7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name
AutoPlay
Platforms Tested
Microsoft Windows 7 Ultimate
Affected Version
From:
1.33
To:
1.33
2011
Show More

Oracle 10/11g exp.exe – param file Local Buffer Overflow PoC Exploit

This is a proof-of-concept exploit for a local buffer overflow vulnerability in Oracle 10/11g exp.exe. It allows an attacker to execute arbitrary code by exploiting a buffer overflow in the param file. This vulnerability was discovered around 9/3/2010.

7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name
Oracle Database
Platforms Tested
Windows XP SP3
Affected Version
From:
10.x
To:
11g r1
2010
Show More

MS Windows Server 2003 AD Pre-Auth BROWSER ELECTION Remote Heap Overflow

Mrxsmb.sys, around BowserWriteErrorLog+0x175, while trying to copy 1go from ESI to EDI ...Code will look something like this:if ((Len + 1) * sizeof(WCHAR)) > TotalBufferSize) { Len = TotalSize/sizeof(WCHAR) - 1; }-1 causes Len to go 0xFFFFFFFFFeel free to reuse this code without restrictions...

N/A
CVSS
N/A
Heap Overflow
CWE
Product Name
Windows Server 2003
Platforms Tested
Affected Version
From:
To:
2011

Recent Exploits:

RDPGuard 9.9.9 – Privilege Escalation

author
Ahmet Ümit BAYRAM
vendor
RDPGuard
severity
6.1
HIGH

YesWiki Unauthenticated Path Traversal

author
Al Baradi Joy
vendor
YesWiki
severity
7.1
HIGH

ABB Cylon Aspect 3.08.02 Stored Cross-Site Scripting Vulnerability

author
Gjoko 'LiquidWorm' Krstic
vendor
ABB Ltd.
severity
6.1
HIGH

Apache ActiveMQ 6.1.6 – Denial of Service (DOS)

author
Abdualhadi khalifa
vendor
Apache
severity
6.1
HIGH

GeoVision GV-ASManager 6.1.1.0 – CSRF

author
Giorgi Dograshvili [DRAGOWN]
vendor
GeoVision
severity
6.1
HIGH

ABB Cylon FLXeon 9.3.4 WebSocket Command Spawning Vulnerability

author
Zero Science Lab
vendor
ABB Ltd.
severity
6.1
HIGH

GestioIP 3.5.7 – Stored Cross-Site Scripting Vulnerability

author
m4xth0r (Maximiliano Belino)
vendor
GestioIP
severity
6.1
HIGH

Cacti 1.2.26 – Remote Code Execution (RCE) (Authenticated)

author
D3Ext
vendor
Cacti
severity
6.1
HIGH

Exclusive Addons for Elementor ≀ 2.6.9 – Authenticated Stored Cross-Site Scripting (XSS)

author
Al Baradi Joy
vendor
exclusiveaddons
severity
5.1
MEDIUM

Kentico Xperience 13.0.178 – Cross Site Scripting (XSS)

author
Alex Messham
vendor
Kentico
severity
6.1
HIGH

Navigation

Suggest Exploit

Services By CQR