Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xpl017elz vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2003-0466
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow malicious users to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 up to and including 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buff...
Wuftpd Wu-ftpd
Redhat Wu Ftpd 2.6.1-16
Apple Mac Os X Server 10.2.6
Apple Mac Os X 10.2.6
Sun Solaris 9.0
Freebsd Freebsd
Netbsd Netbsd
Openbsd Openbsd
5 EDB exploits
NA
CVE-2007-2668
Buffer overflow in webdesproxy 0.0.1 allows remote malicious users to execute arbitrary code via a long URL, possibly involving the process_connection_request function in webdesproxy.c.
Webdesproxy Webdesproxy 0.0.1
2 EDB exploits
NA
CVE-2007-2031
Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel prior to 20070413, might allow remote malicious users to execute arbitrary code via crafted transparent requests.
3proxy 3proxy
3 EDB exploits
NA
CVE-2007-0774
Stack-based buffer overflow in the map_uri_to_worker function (native/common/jk_uri_worker_map.c) in mod_jk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20, as used in Tomcat 4.1.34 and 5.5.20, allows remote malicious users to execute arbitrary code via a long URL ...
Apache Tomcat Jk Web Server Connector 1.2.20
Apache Tomcat Jk Web Server Connector 1.2.19
2 EDB exploits
NA
CVE-2006-2022
Buffer overflow in the parse_url function in the RTSP module (rtsp/parse_url.c) in Fenice 1.10 and previous versions allows remote malicious users to execute arbitrary code via a long URL.
Ls3 Fenice
2 EDB exploits
NA
CVE-2005-2878
Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command.
Gnu Mailutils 0.6
3 EDB exploits
NA
CVE-2005-1100
Format string vulnerability in the ErrorLog function in cnf.c in Greylisting daemon (GLD) 1.3 and 1.4 allows remote malicious users to execute arbitrary code via format string specifiers in data that is passed directly to syslog.
Salim Gasmi Gld 1.3
Salim Gasmi Gld 1.4
1 EDB exploit
NA
CVE-2005-1099
Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote malicious users to execute arbitrary code.
Salim Gasmi Gld 1.3.1
Salim Gasmi Gld 1.4
Salim Gasmi Gld 1.0
Salim Gasmi Gld 1.1
Salim Gasmi Gld 1.2
Salim Gasmi Gld 1.3
3 EDB exploits
NA
CVE-2003-1452
Untrusted search path vulnerability in Qualcomm qpopper 4.0 up to and including 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program.
Qualcomm Qpopper 4.0
Qualcomm Qpopper 4.0 B14
Qualcomm Qpopper 4.0.5
Qualcomm Qpopper 4.0.5 Fc2
Qualcomm Qpopper 4.0.1
Qualcomm Qpopper 4.0.2
Qualcomm Qpopper 4.0.3
Qualcomm Qpopper 4.0.4
1 EDB exploit
NA
CVE-2003-0339
Multiple heap-based buffer overflows in WsMp3 daemon (WsMp3d) 0.0.10 and previous versions allow remote malicious users to execute arbitrary code via long HTTP requests.
Wsmp3 Wsmp3 Daemon 0.0.9
Wsmp3 Wsmp3 Web Server 0.0.7
Wsmp3 Wsmp3 Daemon 0.0.10
Wsmp3 Wsmp3 Daemon 0.0.8
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »