Python Exploits

6,652 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-116520 EXPLOITDB python
VX Search Enterprise 10.4.16 - 'User-Agent' Denial of Service
by James Chamberlain
EIP-2026-116519 EXPLOITDB python
VX Search Enterprise 10.4.16 - 'User-Agent' Denial of Service
by James Chamberlain
CVE-2019-10709 EXPLOITDB CRITICAL python
Asus Precision TouchPad 11.0.0.25 - Denial of Service or Privilege Escalation via Crafted DeviceIoControl Call
AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \\.\AsusTP device, leading to a DoS or potentially privilege escalation via a crafted DeviceIoControl call.
by Athanasios Tserpelis
CVSS 9.8
CVE-2019-25476 EXPLOITDB MEDIUM python
Outlook Password Recovery 2.10 - Buffer Overflow
Outlook Password Recovery 2.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can create a malicious text file containing 6000 bytes of data and paste it into the User Name and Registration Code field to trigger a denial of service condition.
by Velayutham Selvaraj_ Praveen Thiyagarayam
CVSS 6.2
CVE-2019-15637 EXPLOITDB HIGH python VERIFIED
Tableau Server 10.5-10.5.17 - XML External Entity Injection via Workbook
Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS. This affects Tableau Server, Tableau Desktop, Tableau Reader, and Tableau Public Desktop.
by Jarad Kopf
CVSS 8.1
CVE-2019-10227 EXPLOITDB MEDIUM python
openITCOCKPIT < 3.7.1 - Reflected Cross-Site Scripting in 404 Not Found Component
openITCOCKPIT before 3.7.1 has reflected XSS in the 404-not-found component.
by Julian Rittweger
CVSS 6.1
CVE-2019-25477 EXPLOITDB MEDIUM python
RAR Password Recovery 1.80 - Buffer Overflow
RAR Password Recovery 1.80 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload in the registration dialog. Attackers can craft a malicious input string exceeding 6000 bytes and paste it into the User Name and Registration Code field to trigger an application crash.
by Achilles
CVSS 6.2
CVE-2018-13379 EXPLOITDB CRITICAL python
FortiProxy < 1.2.9 and FortiOS 5.4.6-5.4.12 - Unauthenticated Path Traversal via SSL VPN Web Portal
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.
by Carlos E. Vieira
CVSS 9.1
CVE-2019-14923 EXPLOITDB HIGH python VERIFIED
EyesOfNetwork 5.1 - Remote Command Execution via Tool All Host Field
EyesOfNetwork 5.1 allows Remote Command Execution via shell metacharacters in the module/tool_all/ host field.
by Nassim Asrir
CVSS 8.8
EIP-2026-119396 EXPLOITDB python
ManageEngine opManager 12.3.150 - Authenticated Code Execution
by kindredsec
EIP-2026-115815 EXPLOITDB python VERIFIED
Microsoft Windows PowerShell - Unsanitized Filename Command Execution
by hyp3rlinx
EIP-2026-104714 EXPLOITDB python
AZORult Botnet - SQL Injection
by prsecurity
EIP-2026-104708 EXPLOITDB python
Agent Tesla Botnet - Arbitrary Code Execution
by prsecurity
CVE-2019-12255 EXPLOITDB CRITICAL python
Wind River VxWorks - Buffer Overflow
Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 of 4). This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow.
by Zhou Yu
CVSS 9.8
CVE-2019-14931 EXPLOITDB CRITICAL python
Mitsubishielectric Smartrtu Firmware < 2.02 - OS Command Injection
An issue was discovered on Mitsubishi Electric Europe B.V. ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. An unauthenticated remote OS Command Injection vulnerability allows an attacker to execute arbitrary commands on the RTU due to the passing of unsafe user supplied data to the RTU's system shell. Functionality in mobile.php provides users with the ability to ping sites or IP addresses via Mobile Connection Test. When the Mobile Connection Test is submitted, action.php is called to execute the test. An attacker can use a shell command separator (;) in the host variable to execute operating system commands upon submitting the test data.
by xerubus
CVSS 9.8
CVE-2019-14927 EXPLOITDB HIGH python
Mitsubishi Electric and INEA ME-RTU Firmware < 2.02 and < 3.0 - Unauthenticated Sensitive Configuration Download
An issue was discovered on Mitsubishi Electric Europe B.V. ME-RTU devices through 2.02 and INEA ME-RTU devices through 3.0. An unauthenticated remote configuration download vulnerability allows an attacker to download the smartRTU's configuration file (which contains data such as usernames, passwords, and other sensitive RTU data).
by xerubus
CVSS 7.5
CVE-2019-13623 EXPLOITDB HIGH python VERIFIED
NSA Ghidra < 9.1 - Path Traversal and Arbitrary File Write via Archive Filename
In NSA Ghidra before 9.1, path traversal can occur in RestoreTask.java (from the package ghidra.app.plugin.core.archive) via an archive with an executable file that has an initial ../ in its filename. This allows attackers to overwrite arbitrary files in scenarios where an intermediate analysis result is archived for sharing with other persons. To achieve arbitrary code execution, one approach is to overwrite some critical Ghidra modules, e.g., the decompile module.
by Etienne Lacoche
CVSS 7.8
CVE-2019-25480 EXPLOITDB HIGH python
ARMBot - Unauthenticated Arbitrary File Upload and Remote Code Execution via upload.php Path Traversal
ARMBot contains an unrestricted file upload vulnerability in upload.php that allows unauthenticated attackers to upload arbitrary files by manipulating the file parameter with path traversal sequences. Attackers can upload PHP files with traversal payloads ../public_html/ to write executable code to the web root and achieve remote code execution.
by prsecurity
CVSS 7.5
CVE-2018-7600 GITHUB CRITICAL python
Drupal Drupalgeddon 2 Forms API Property Injection
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
by dark-vex
2 stars
CVSS 9.8
CVE-2017-5123 GITHUB HIGH python
Linux Kernel 4.13 through 4.13.7 - Sandbox Escape via waitid
Insufficient data validation in waitid allowed an user to escape sandboxes on Linux.
by dark-vex
2 stars
CVSS 8.8
CVE-2017-0199 GITHUB HIGH python
Microsoft Office Word Malicious Hta Execution
Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API."
by dark-vex
2 stars
CVSS 7.8
CVE-2016-1764 GITHUB MEDIUM python
Apple OS X <10.11.4 - Info Disclosure
The Content Security Policy (CSP) implementation in Messages in Apple OS X before 10.11.4 allows remote attackers to obtain sensitive information via a javascript: URL.
by dark-vex
2 stars
CVSS 4.3
CVE-2014-6324 GITHUB HIGH python
Microsoft Windows - Privilege Escalation
The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a forged signature in a ticket, as exploited in the wild in November 2014, aka "Kerberos Checksum Vulnerability."
by dark-vex
2 stars
CVSS 8.8
CVE-2019-3948 EXPLOITDB HIGH python VERIFIED
Amcrest IP2M-841B and Dahua Cameras < 2018-05-18 - Unauthenticated Audio Stream Access via /videotalk Endpoint
The Amcrest IP2M-841B V2.520.AC00.18.R, Dahua IPC-XXBXX V2.622.0000000.9.R, Dahua IPC HX5X3X and HX4X3X V2.800.0000008.0.R, Dahua DH-IPC HX883X and DH-IPC-HX863X V2.622.0000000.7.R, Dahua DH-SD4XXXXX V2.623.0000000.7.R, Dahua DH-SD5XXXXX V2.623.0000000.1.R, Dahua DH-SD6XXXXX V2.640.0000000.2.R and V2.623.0000000.1.R, Dahua NVR5XX-4KS2 V3.216.0000006.0.R, Dahua NVR4XXX-4KS2 V3.216.0000006.0.R, and NVR2XXX-4KS2 do not require authentication to access the HTTP endpoint /videotalk. An unauthenticated, remote person can connect to this endpoint and potentionally listen to the audio of the capturing device.
by Jacob Baines
CVSS 7.5
CVE-2019-10267 EXPLOITDB HIGH python VERIFIED
Ahsay Cloud Backup Suite 7.7.0.0-8.1.0.50 - Unauthenticated Arbitrary File Upload RCE
An insecure file upload and code execution issue was discovered in Ahsay Cloud Backup Suite 8.1.0.50. It is possible to upload a file into any directory of the server. One can insert a JSP shell into the web server's directory and execute it. This leads to full access to the system, as the configured user (e.g., Administrator).
by Wietse Boonstra
CVSS 8.8