header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Show More

Autodesk IDrop ActiveX Control Heap Memory Corruption

This module exploits a heap-based memory corruption vulnerability in Autodesk IDrop ActiveX control (IDrop.ocx) version 17.1.51.160. An attacker can execute arbitrary code by triggering a heap use after free condition using the Src, Background, PackageXml properties.

7,6
CVSS
HIGH
Heap Memory Corruption
119
CWE
Product Name
IDrop ActiveX Control
Platforms Tested
Windows XP SP0-SP3, Windows Vista SP0-SP1, IE 6.0 SP0-2 & IE 7.0
Affected Version
From:
17.1.51.160
To:
17.1.51.160
2009
Show More

Roxio CinePlayer ActiveX Control Buffer Overflow

This module exploits a stack-based buffer overflow in SonicPlayer ActiveX control (SonicMediaPlayer.dll) 3.0.0.1 installed by Roxio CinePlayer 3.2. By setting an overly long value to 'DiskType', an attacker can overrun a buffer and execute arbitrary code.

7,5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name
CinePlayer
Platforms Tested
Windows XP SP0-SP3, Windows Vista SP0-SP1, IE 6.0 SP0-2 & IE 7.0
Affected Version
From:
3.0.0.1
To:
3.0.0.1
2007
Show More

Internet Explorer 7 CFunctionPointer Uninitialized Memory Corruption

This module exploits an error related to the CFunctionPointer function when attempting to access uninitialized memory. A remote attacker could exploit this vulnerability to corrupt memory and execute arbitrary code on the system with the privileges of the victim.

N/A
CVSS
N/A
Memory Corruption
119
CWE
Product Name
Internet Explorer
Platforms Tested
Windows
Affected Version
From:
Windows XP SP2-SP3 / Windows Vista SP0 / IE 7
To:
Windows XP SP2-SP3 / Windows Vista SP0 / IE 7
2008
Show More

BaoFeng Storm mps.dll ActiveX OnBeforeVideoDownload Buffer Overflow

This module exploits a buffer overflow in BaoFeng's Storm media Player ActiveX control. Verions of mps.dll including 3.9.4.27 and lower are affected. When passing an overly long string to the method "OnBeforeVideoDownload" an attacker can execute arbitrary code.

N/A
CVSS
N/A
Buffer Overflow
119
CWE
Product Name
Storm Media Player
Platforms Tested
Windows XP SP0-SP3, Windows Vista, IE 6.0 SP0-SP2, IE 7
Affected Version
From:
3.9.4.27
To:
3.9.4.27
2009

Recent Exploits:

RDPGuard 9.9.9 – Privilege Escalation

author
Ahmet Ümit BAYRAM
vendor
RDPGuard
severity
6.1
HIGH

YesWiki Unauthenticated Path Traversal

author
Al Baradi Joy
vendor
YesWiki
severity
7.1
HIGH

ABB Cylon Aspect 3.08.02 Stored Cross-Site Scripting Vulnerability

author
Gjoko 'LiquidWorm' Krstic
vendor
ABB Ltd.
severity
6.1
HIGH

Apache ActiveMQ 6.1.6 – Denial of Service (DOS)

author
Abdualhadi khalifa
vendor
Apache
severity
6.1
HIGH

GeoVision GV-ASManager 6.1.1.0 – CSRF

author
Giorgi Dograshvili [DRAGOWN]
vendor
GeoVision
severity
6.1
HIGH

ABB Cylon FLXeon 9.3.4 WebSocket Command Spawning Vulnerability

author
Zero Science Lab
vendor
ABB Ltd.
severity
6.1
HIGH

GestioIP 3.5.7 – Stored Cross-Site Scripting Vulnerability

author
m4xth0r (Maximiliano Belino)
vendor
GestioIP
severity
6.1
HIGH

Cacti 1.2.26 – Remote Code Execution (RCE) (Authenticated)

author
D3Ext
vendor
Cacti
severity
6.1
HIGH

Exclusive Addons for Elementor ≤ 2.6.9 – Authenticated Stored Cross-Site Scripting (XSS)

author
Al Baradi Joy
vendor
exclusiveaddons
severity
5.1
MEDIUM

Kentico Xperience 13.0.178 – Cross Site Scripting (XSS)

author
Alex Messham
vendor
Kentico
severity
6.1
HIGH

Navigation

Suggest Exploit

Services By CQR