Optima APIFTP server versions 1.5.2.13 and below suffer from endless loop and NULL pointer vulnerabilities.
3b2741903629c4845132b4ba7b1e2d6652a0a961f5708a28aad6d53aaf6442df
Microsoft Excel in Office 2003 version 11.8335.8333 SP3 suffers from a use-after-free vulnerability. Proof of concept included.
de3b7829c10d4b0bb9337bbec900ab6dba8975b738f7268a64884cb5d48ea585
HP Data Protector Media Operations versions 6.20 and below suffer from a directory traversal vulnerability. Proof of concept included.
c616b8c10bf822e6f792c5e79c0b731416917f82c9947882c509bbae639cf484
HP Data Protector Media Operations versions 6.20 and below suffer from a heap corruption vulnerability.
af5e76c52f4018432b4920e228ed337cdd6ec28166118bae3d87ea69d6286f47
Microsoft Excel in Office 2003 version 11.8335.8333 SP3 suffers from a memory corruption vulnerability. Proof of concept included.
7bc888fe4dd23f5c472f81da4b3f94f9ff21c5f791f277ebde1ec6021951f893
Microsys PROMOTIC version 8.1.4 suffers from a code execution vulnerability due to an uninitialized pointer that is exploitable via the GetPromoticSite method of the PmTable.ocx active-x control.
b0a62dda9986c2c4f7a5bd5b6f586762d0e8b4383c7500db646fd8cb0ea01ab5
This Metasploit module exploits a stack based buffer overflow found in Cytel Studio <= 9.0. The overflow is triggered during the copying of strings to a stack buffer of 256 bytes.
54cba2669ee78e390a6c7b20623fad6a9b5c9f2f49e59b8a55adc94afd84b482
PROMOTIC version 8.1.3 suffers from an ActiveX SaveCfg stack overflow, an ActiveX AddTrend heap overflow, and a directory traversal. Details and proof of concept included.
3771948f0bd952728776730df1a273e42847c65f28d2f2d69c737d27de5ba2c2
This Metasploit module exploits a function pointer control within SVUIGrd.ocx of PcVue 10.0. By setting a dword value for the SaveObject() or LoadObject(), an attacker can overwrite a function pointer and execute arbitrary code.
9cec135d4cf28788b201ff76bbf8e4da5b3898cae8eca25fb07c606afc723f80
atvise webMI2ADS versions 1.0 and below suffer from directory traversal, NULL pointer, termination, and resource consumption vulnerabilities.
c8de8c2737604f7f41b76e7d2424b6442a3e1ef4cd17c90108cadec3df0bd7a9
IRAI AUTOMGEN versions 8.0.0.7 and below suffer from a use-after-free vulnerability.
591426b6f67dcfdbd177f4d7f529500eedb1243e3a1f09710a8f5dba34c5d4d1
OPC Systems.NET versions 4.00.0048 and below suffer from a denial of service vulnerability.
45324c6a520c4d80012a80fcd91e555d641006009de1f3be4b69876b1f99e308
GenStat versions 14.1.0.5943 and below suffer from an array overflow with write2 and a heap overflow. Proof of concept code included.
0377384c7f84d834a0e39fbd2b9026bab2120403e763bcf646f4811e09951430
Cytel Studio: StatXact / LogXact / CrossOver versions 9.0.0 and below suffer from multiple stack and integer overflows. Proof of concept code included.
f0aea5e4c39c536fab980b8b5bfd20fdeec3ce5e73e290377a07027665b46d62
eSignal and eSignal Pro versions 10.6.2425.1208 and below suffer from a file parsing buffer overflow in QUO. Successful exploitation of this vulnerability may take up to several seconds due to the use of egghunter. Also, DEP bypass is unlikely due to the limited space for payload.
45cd9b3a8b486aca462800fbb23d651421a08959c7bf6605daf83dde4828f239
NCSS versions 07.1.21 and below suffer from an array overflow with write2.
c6619e3f31945a8a7b5e376281cae03af5f42af0a358b23c58813c1c6078ad33
PcVue versions 10.0 and below suffer from code execution, file corruption, and an array overflow.
2b492fc5f7687d09c964607ba7f43df83758c2deffbd132dac6f74f247ee0d92
Sterling Trader versions 7.0.2 and below suffer from an integer overflow vulnerability.
be6fbbd5c1406751e12672870cb02440d8217601e35a328d93b875ae0e05adfd
Sunway ForceControl versions 6.1 SP3 and below suffer from stack overflows, directory traversals, third party ActiveX code execution, and denial of service vulnerabilities.
89c4c166c8194c9585125b7a6737879dcfa4a5324859d50835a4df7c6271c943
EViews versions 7.0.0.1 and below suffer from memory corruption and heap overflow vulnerabilities.
be48badc72b4e1d5c824e861b9cf4392dc32970a580ebf2abc57ca1c1f2bcb31
MetaServer RT versions 3.2.1.450 and below suffer from heap overflow and denial of service vulnerabilities.
7a443b62dbf2c43b4d149adce2a09d72963021bff26038d582a82a3bcec0adad
This Metasploit module exploits a stack buffer overflow in Azeotech's DaqFactory product. The specific vulnerability is triggered when sending a specially crafted 'NETB' request to port 20034. Exploitation of this vulnerability may take a few seconds due to the use of egghunter. This vulnerability was one of the 14 releases discovered by researcher Luigi Auriemma.
f768d01949d1c55ca3bfc13b8651ff570985496cb1e98d04e3b557ddfbf40e5e
This Metasploit module allows remote attackers to execute arbitrary commands on the affected system by abusing a directory traversal attack when using the 'xf' command (execute function). An attacker can execute system() from msvcrt.dll to upload a backdoor and gain remote code execution.
802baf0283f3035901e556177c67bc14ff8b62fa5e4ccd9e691b0fd5740792be
Beckhoff TwinCAT versions 2.11.0.2004 and below suffer from a denial of service vulnerability.
9ae5fa0332f0210ce3e53d42906d8106eabd9512e4c02fcbfec8ff8f35aafb88
Measuresoft ScadaPro versions 4.0.0 and below suffer from directory traversal, denial of service, and stack overflow vulnerabilities.
6639f15d908f337b59c6e233d17567a8e75300c3d7445e8916701a7b3a05d9d5