VARIoT IoT exploits database

UplusFtp (formerly Easy Ftp Server) is prone to multiple remote buffer-overflow vulnerabilities. Attackers can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. UplusFtp 1.7.0.12 is vulnerable; prior versions, including Easy Ftp Server, may also be affected.

Linux Kernel 2.6.x (x64) - Personality Handling Local Denial of Service. CVE-2010-0307CVE-62045 . dos exploit for Linux_x86-64 platform

Linux Kernel 2.6.x (x64) - Personality Handling Local Denial of Service. CVE-2010-0307CVE-62045 . dos exploit for Linux_x86-64 platform

Ingres Database 9.3 - Heap Buffer Overflow.. dos exploit for Multiple platform

MicroLogix 1100 and 1400 Controllers are prone to multiple vulnerabilities. Attackers may exploit these issues to gain unauthorized access to the programmable logic controller (PLC). Successful exploits will allow attackers to compromise affected devices. Other attacks are also possible.

SAP MaxDB is prone to an unspecified information-disclosure vulnerability and an unspecified denial-of-service vulnerability. Very few details are currently available regarding these issues. We will update this BID as more information emerges. Attackers can exploit these issues to a cause a denial-of-service condition or obtain sensitive information. SAP MaxDB 7.6.06 is vulnerable; other versions any also be affected.

DeltaScripts PHP Links version 1.0 suffers from a cross site scripting vulnerability.

DELTAScripts PHP Links 1.0 - 'email' Cross-Site Scripting.. webapps exploit for PHP platform

Multiple D-Link routers are prone to a security-bypass vulnerability. Remote attackers can exploit this issue to bypass security restrictions and access certain administrative functions. This issue affects the following routers: DI-524 DIR-628 DIR-655

DeltaScripts PHP Links is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

TLS - Renegotiation. CVE-2009-3555 . remote exploit for Multiple platform

TLS - Renegotiation. CVE-2009-3555 . remote exploit for Multiple platform

D-Link DIR-615 is is prone to a security-bypass vulnerability. Remote attackers can exploit this issue to bypass security restrictions and access certain administrative functions.

NTP is prone to a remote denial-of-service vulnerability because it fails to properly handle certain incoming network packets. An attacker can exploit this issue to cause the application to consume excessive CPU resources and fill disk space with log messages.

MuPDF < 20091125231942 - 'pdf_shade4.c' Multiple Stack Buffer Overflows. CVE-2009-4117CVE-60609 . local exploit for Windows platform

SonicWALL SSL-VPN - NetExtender ActiveX Control Buffer Overflow (Metasploit). CVE-2007-5603CVE-39069 . remote exploit for Windows platform

Mozilla NSS - NULL Character CA SSL Certificate Validation Security Bypass. CVE-2009-3555CVE-59970 . remote exploit for Multiple platform

Mozilla NSS - NULL Character CA SSL Certificate Validation Security Bypass. CVE-2009-3555CVE-59970 . remote exploit for Multiple platform

Cisco IOS is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected device to consume an excessive amount of memory, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCsz72535.