header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

notepad++[v4.1]: (win32) ruby file processing buffer overflow exploit

notepad++ contains a buffer overflow vulnerability in the way it processes ruby source files (.rb). This exploit works by overwriting EAX which gets called during processing as 'CALL DWORD EAX+4', so EAX needs to point to a user-controlled area that contains another address which will then become EIP. Once EIP is controlled it simply jumps a little bit forward in memory to the nop sled/shellcode.

KiTTY Portable <= 0.65.0.2p Chat Remote Buffer Overflow (SEH WinXP/Win7/Win10)

A remote overflow exists in the KiTTY Chat feature, which enables a remote attacker to execute code on the vulnerable system with the rights of the current user, from Windows XP x86 to Windows 10 x64 included (builds 10240/10586). Chat feature is not enabled by default. When sending a long string to the KiTTY chat server as nickname, a crash occurs. The EIP overwrite does let little room for exploitation (offset 54) with no more than 160 to 196 bytes for the shellcode from XP to Windows10. Using a Metasploit

VideoCharge Studio Remote Stack-based Buffer Overflow Vulnerability

VideoCharge Studio is prone to a remote stack-based buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Successful exploits allow remote attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts likely result in denial-of-service conditions.

PrecisionID Barcode ActiveX (PrecisionID_DataMatrix.DLL) 1.3 Denial of Service

This exploit targets the PrecisionID Barcode ActiveX control, specifically the PrecisionID_DataMatrix.DLL version 1.3. By sending a specially crafted input, an attacker can cause a denial of service condition in the affected software. The exploit code is written in VBScript and utilizes a buffer overflow vulnerability.

Recent Exploits: