Python Exploits
6,652 exploits tracked across all sources.
GHIA CamIP 1.2 - Denial of Service via Password Input Field
GHIA CamIP 1.2 for iOS contains a denial of service vulnerability in the password input field that allows attackers to crash the application. Attackers can paste a 33-character buffer of repeated characters into the password field to trigger an application crash on iOS devices.
by Ivan Marmolejo
CVSS 7.5
Solstice Pod < 2.8.4 - Authenticated OS Command Injection via Networking Configuration
Insufficient validation of user-supplied input for the Solstice Pod before 2.8.4 networking configuration enables authenticated attackers to execute arbitrary commands as root.
by Alexandre Teyar
CVSS 8.8
SpotAuditor 5.3.2 - Denial of Service via Base64 Decryption Buffer Overflow
SpotAuditor 5.3.2 contains a denial of service vulnerability in its Base64 decryption feature that allows attackers to crash the application by supplying an oversized buffer. Attackers can generate a malformed input file with 2000 repeated characters to trigger an application crash when pasted into the Base64 Encrypted Password field.
by ZwX
CVSS 7.5
SpotAuditor 5.3.2 - Buffer Overflow
SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in the Base64 Encrypted Password tool that allows attackers to execute arbitrary code by crafting a malicious payload. Attackers can generate a specially crafted Base64 encoded payload to trigger a Structured Exception Handler (SEH) overwrite and execute shellcode on the vulnerable system.
by ZwX
CVSS 8.4
Microsoft DirectX SDK 2010 - '.PIXrun' Denial Of Service (PoC)
by ZwX
iNetTools for iOS 8.20 - Denial of Service via Whois Domain Name Field Buffer Overflow
iNetTools for iOS 8.20 contains a denial of service vulnerability in the Whois feature that allows attackers to crash the application by manipulating input. Attackers can paste a specially crafted 98-character buffer into the Domain Name field to trigger an application crash.
by Ivan Marmolejo
CVSS 7.5
InduSoft Web Studio 8.1 SP1 - _Atributos_ Denial of Service (PoC)
by chuyreds
SMPlayer 19.5.0 - Buffer Overflow via Long .m3u File
SMPlayer 19.5.0 has a buffer overflow via a long .m3u file.
by Malav Vyas
CVSS 5.5
InTouch Machine Edition 8.1 SP1 - 'Atributos' Denial of Service (PoC)
by chuyreds
XMedia Recode 3.4.8.6 - Denial of Service via Crafted .m3u Playlist File
XMedia Recode 3.4.8.6 contains a denial of service vulnerability that allows attackers to crash the application by loading a specially crafted .m3u playlist file. Attackers can create a malicious .m3u file with an oversized buffer to trigger an application crash when the file is opened.
by ZwX
CVSS 7.5
ScadaApp for iOS 1.1.4.0 - Denial of Service via Servername Field Buffer Overflow
ScadaApp for iOS 1.1.4.0 contains a denial of service vulnerability that allows attackers to crash the application by inputting an oversized buffer in the Servername field. Attackers can paste a 257-character buffer during login to trigger an application crash on iOS devices.
by Luis Martínez
CVSS 7.5
ipPulse < 1.92 - Denial of Service via Oversized Enter Key Input
ipPulse 1.92 contains a denial of service vulnerability that allows local attackers to crash the application by providing an oversized input in the Enter Key field. Attackers can generate a 256-byte buffer of repeated 'A' characters to trigger an application crash when pasting the malicious content.
by Diego Armando Buztamante Rico
CVSS 6.2
CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
by 0xeb-bp
CVSS 9.8
Foscam Video Management System 1.1.4.9 - Denial of Service via Username Input Buffer Overflow
Foscam Video Management System 1.1.4.9 contains a denial of service vulnerability in the username input field that allows attackers to crash the application. Attackers can overwrite the username with a 520-byte buffer of repeated 'A' characters to trigger an application crash during device login.
by chuyreds
CVSS 7.5
nipper-ng 0.11.10 - Remote Code Execution or Denial of Service via Crafted Firewall Configuration File
A stack-based buffer overflow in the processPrivilage() function in IOS/process-general.c in nipper-ng 0.11.10 allows remote attackers (serving firewall configuration files) to achieve Remote Code Execution or Denial Of Service via a crafted file.
by Guy Levin
CVSS 7.8
Open Proficy HMI-SCADA 5.0.0.25920 - 'Password' Denial of Service (PoC)
by Luis Martínez
By Source