Sign-up

VARIoT IoT exploits database

Affected products: vendor, model and version
Type can be e.g: Remote Code Execution or Denial of Service
Look up free text in title and description

VAR-E-201011-1068 No CVE RETIRED: AT-TFTP Server Directory Traversal Vulnerability No EDB ID
AT-TFTP Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to retrieve arbitrary files outside of the FTP server root directory. This may aid in further attacks. AT-TFTP Server 1.8 is vulnerable; other versions may also be affected. RETIRED: This issue is retired because it is a duplicate of BID 11584.
VAR-E-201011-0876 No CVE Trend Micro Titanium Maximum Security 2011 'tmtdi.sys' Local Privilege Escalation Vulnerability No EDB ID
Trend Micro Titanium Maximum Security 2011 is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with SYSTEM-level privileges and completely compromise the affected computer. Failed exploit attempts will result in a denial-of-service condition. Trend Micro Titanium Maximum Security 2011 version 3.0.1303 is vulnerable; other versions may also be affected.
VAR-E-201011-0692 No CVE Trend Micro Titanium Maximum Security 2011 - Local Kernel - Windows local Exploit EDB ID: 15376
Trend Micro Titanium Maximum Security 2011 - Local Kernel. CVE-69018 . local exploit for Windows platform
VAR-E-201010-1013 No CVE Xerox 4595 Copier/Printer Unspecified Remote Denial of Service Vulnerability No EDB ID
Xerox 4595 Copier/Printer is prone to an unspecified remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected device to restart, denying service to legitimate users. 4595 Copier/Printer with firmware prior to 1.224.255 are vulnerable.
VAR-E-201010-0946 No CVE Microsoft Windows Mobile - Overly Long vCard Name Field Denial of Service - Windows dos Exploit EDB ID: 34889
Microsoft Windows Mobile - Overly Long vCard Name Field Denial of Service.. dos exploit for Windows platform
VAR-E-201009-0032 CVE-2010-3573
CVE-2012-0053
CVE-2011-3368
 Oracle JRE - java.net.URLConnection class Same-of-Origin 'SOP' Policy Bypass - Windows remote Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201110-0291, VAR-201201-0038		 EDB ID: 15288
Oracle JRE - java.net.URLConnection class Same-of-Origin 'SOP' Policy Bypass. CVE-2010-3573 . remote exploit for Windows platform
VAR-E-201010-1179 CVE-2010-3573
CVE-2012-0053
CVE-2011-3368
 Oracle JRE - java.net.URLConnection class Same-of-Origin 'SOP' Policy Bypass - Windows remote Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201110-0291, VAR-201201-0038		 EDB ID: 15288
Oracle JRE - java.net.URLConnection class Same-of-Origin 'SOP' Policy Bypass. CVE-2010-3573 . remote exploit for Windows platform
VAR-E-201010-0131 CVE-2010-4142
 DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - Buffer Overflow - Windows dos Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201011-0106		 EDB ID: 15259
DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - Buffer Overflow. CVE-68812CVE-2010-4142 . dos exploit for Windows platform
VAR-E-201010-0133 CVE-2010-4142
 DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_TXTEVENT Buffer Overflow (Metasploit) - Windows remote Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201011-0106		 EDB ID: 16384
DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_TXTEVENT Buffer Overflow (Metasploit). CVE-2010-4142CVE-68812 . remote exploit for Windows platform
VAR-E-201010-0130 CVE-2010-4142
 DATAC RealWin SCADA Server 1.06 - Remote Buffer Overflow - Windows remote Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201011-0106		 EDB ID: 15337
DATAC RealWin SCADA Server 1.06 - Remote Buffer Overflow. CVE-2010-4142CVE-68812 . remote exploit for Windows platform
VAR-E-201010-0132 CVE-2010-4142
 DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_INITIALIZE Buffer Overflow (Metasploit) - Windows remote Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201011-0106		 EDB ID: 16382
DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_INITIALIZE Buffer Overflow (Metasploit). CVE-2010-4142CVE-68812 . remote exploit for Windows platform
VAR-E-201010-0129 CVE-2010-4142
 DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_INITIALIZE_RF Buffer Overflow (Metasploit) - Windows remote Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201011-0106		 EDB ID: 16383
DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_INITIALIZE_RF Buffer Overflow (Metasploit). CVE-2010-4142CVE-68812 . remote exploit for Windows platform
VAR-E-201302-0650 CVE-2011-0418
CVE-2010-4051
CVE-2010-4052
CVE-2010-2632
CVE-2011-3336
 FreeBSD 9.1 - 'ftpd' Remote Denial of Service - FreeBSD dos Exploit

Related entries in the VARIoT vulnerabilities database: VAR-202002-0084, VAR-201101-0120		 EDB ID: 24450
FreeBSD 9.1 - 'ftpd' Remote Denial of Service. CVE-2011-0418CVE-90005 . dos exploit for FreeBSD platform
VAR-E-201010-0031 CVE-2010-4052
CVE-2010-4051
CVE-2011-0418
CVE-2010-2632
CVE-2011-3336
 GNU glibc - 'regcomp()' Stack Exhaustion Denial of Service - Linux dos Exploit

Related entries in the VARIoT vulnerabilities database: VAR-202002-0084, VAR-201101-0120		 EDB ID: 35061
GNU glibc - 'regcomp()' Stack Exhaustion Denial of Service. CVE-2010-4052CVE-70447 . dos exploit for Linux platform
VAR-E-201101-0760 CVE-2010-4051
CVE-2010-4052
CVE-2011-0418
CVE-2010-2632
CVE-2011-3336
 GNU libc/regcomp(3) - Multiple Vulnerabilities - Linux dos Exploit

Related entries in the VARIoT vulnerabilities database: VAR-202002-0084, VAR-201101-0120		 EDB ID: 15935
GNU libc/regcomp(3) - Multiple Vulnerabilities. CVE-2010-4051CVE-2010-4052 . dos exploit for Linux platform
VAR-E-201010-1183 CVE-2010-2632
CVE-2011-0418
CVE-2010-4051
CVE-2010-4052
CVE-2011-3336
 libc/glob(3) - Resource Exhaustion / Remote ftpd-anonymous (Denial of Service) - Multiple dos Exploit

Related entries in the VARIoT vulnerabilities database: VAR-202002-0084, VAR-201101-0120		 EDB ID: 15215
libc/glob(3) - Resource Exhaustion / Remote ftpd-anonymous (Denial of Service). CVE-2010-2632CVE-68527 . dos exploit for Multiple platform
VAR-E-201010-0393 No CVE Research In Motion BlackBerry Device Software 4.7.1 - Cross Domain Information Disclosure - Hardware remote Exploit EDB ID: 34802
Research In Motion BlackBerry Device Software 4.7.1 - Cross Domain Information Disclosure.. remote exploit for Hardware platform
VAR-E-201009-0030 CVE-2010-0094
CVE-2012-0053
CVE-2011-3368
 Java - RMIConnectionImpl Deserialization Privilege Escalation (Metasploit) - Multiple remote Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201110-0291, VAR-201201-0038		 EDB ID: 16305
Java - RMIConnectionImpl Deserialization Privilege Escalation (Metasploit). CVE-2010-0094CVE-63484 . remote exploit for Multiple platform
VAR-E-201009-1221 CVE-2010-0094
CVE-2012-0053
CVE-2011-3368
 Java - RMIConnectionImpl Deserialization Privilege Escalation (Metasploit) - Multiple remote Exploit

Related entries in the VARIoT vulnerabilities database: VAR-201110-0291, VAR-201201-0038		 EDB ID: 16305
Java - RMIConnectionImpl Deserialization Privilege Escalation (Metasploit). CVE-2010-0094CVE-63484 . remote exploit for Multiple platform
VAR-E-201009-0486 CVE-2010-2833
 Cisco IOS NAT Functionality H.225.0 Denial of Service Vulnerability

Related entries in the VARIoT vulnerabilities database: VAR-201009-0069		 No EDB ID
Cisco IOS is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCtd86472.