Python Exploits
6,652 exploits tracked across all sources.
Cyberoam SSLVPN Client 1.3.1.30 - 'Connect To Server' Denial of Service (PoC)
by Victor Mondragón
Cyberoam General Authentication Client 2.1.2.7 - 'Server Address' Denial of Service (PoC)
by Victor Mondragón
Cyberoam General Authentication Client 2.1.2.7 - 'Server Address' Denial of Service (PoC)
by Victor Mondragón
NetAware 1.20 Denial of Service via Add Block Buffer Overflow
NetAware 1.20 contains a buffer overflow vulnerability in the User Blocking feature that allows local attackers to crash the application by supplying oversized input. Attackers can paste a malicious buffer of 512 bytes into the 'Add a website or keyword to be filtered' field and trigger a crash when removing the created block.
by Alejandra Sánchez
CVSS 6.2
NetAware 1.20 Share Name Denial of Service
NetAware 1.20 contains a buffer overflow vulnerability in the Share Name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a denial of service by pasting a 1000-byte buffer into the Share Name parameter when adding a new share through the Manage Shares interface.
by Alejandra Sánchez
CVSS 6.2
Terminal Services Manager 3.2.1 Local Buffer Overflow Denial of Service
Terminal Services Manager 3.2.1 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string in the computer name field. Attackers can input a 5000-byte buffer of data into the 'Computer name or IP address' field during computer addition, causing a denial of service when the server entry is accessed.
by Alejandra Sánchez
CVSS 6.2
BlueStacks 4.80.0.1060 Denial of Service via Search Field
BlueStacks 4.80.0.1060 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to the search field. Attackers can paste a buffer of 100,000 'A' characters into the search field and trigger a search operation to cause the application to crash.
by Alejandra Sánchez
CVSS 6.2
TapinRadio 2.11.6 - 'Uername' Denial of Service (PoC)
by Victor Mondragón
TapinRadio 2.11.6 - 'Address' Denial of Service (PoC)
by Victor Mondragón
Deluge 1.3.15 Denial of Service via URL Field
Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the URL field. Attackers can paste a buffer of 5000 characters into the 'From URL' field during torrent addition to trigger an application crash.
by Victor Mondragón
CVSS 6.2
Deluge 1.3.15 Denial of Service via Webseeds Field
Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Webseeds field. Attackers can paste a buffer of 5000 bytes into the Webseeds field during torrent creation to trigger an application crash.
by Victor Mondragón
CVSS 6.2
WPGraphQL 0.2.3 - Unauthenticated Comment Posting via createComment Mutation
The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress allows unauthenticated users to post comments on any article, even when 'allow comment' is disabled.
by Simone Quatrini
CVSS 5.3
BulletProof FTP Server 2019.0.0.50 Denial of Service via DNS Address
BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the DNS Address field that allows local attackers to crash the application by supplying an excessively long string. Attackers can enable the DNS Address option in the Firewall settings and paste a buffer of 700 bytes to trigger a crash when the Test function is invoked.
by Victor Mondragón
CVSS 6.2
BulletProof FTP Server 2019.0.0.50 Storage-Path Denial of Service
BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the Storage-Path configuration parameter that allows local attackers to crash the application by supplying an excessively long string value. Attackers can enable the Override Storage-Path setting and paste a buffer of 500 bytes or more to trigger an application crash when saving the configuration.
by Victor Mondragón
CVSS 6.2
Encrypt PDF 2.3 Denial of Service via Buffer Overflow
Encrypt PDF 2.3 contains a buffer overflow vulnerability that allows local attackers to crash the application by inputting excessively long strings into password fields. Attackers can paste a 1000-byte buffer into the User Password or Master Password field in the Settings dialog to trigger an application crash when importing PDF files.
by Alejandra Sánchez
CVSS 6.2
VeryPDF PCL Converter 2.7 Denial of Service via PDF Security
VeryPDF PCL Converter 2.7 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long password string. Attackers can trigger a buffer overflow by entering a 3000-byte password in the PDF Security encryption fields, causing the application to crash when processing PCL files.
by Alejandra Sánchez
CVSS 6.2
Huawei eSpace Desktop <V100R001C03 - DoS
Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted QES file.
by LiquidWorm
AbsoluteTelnet 10.16 - 'License name' Denial of Service (PoC)
by Victor Mondragón
elabftw 1.8.5 - Authenticated Arbitrary File Upload via EntityController
eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the web root, and for code to execute on the remote server.
by liquidsky
CVSS 8.8
CEWE PHOTO IMPORTER 6.4.3 Denial of Service via Malformed Image
CEWE PHOTO IMPORTER 6.4.3 contains a denial of service vulnerability that allows local attackers to crash the application by importing a specially crafted image file. Attackers can create a malformed JPG file with an oversized buffer and trigger the crash through the import functionality during the image processing workflow.
by Alejandra Sánchez
CVSS 6.2
CEWE PHOTO SHOW 6.4.3 Denial of Service via Password Field
CEWE PHOTO SHOW 6.4.3 contains a denial of service vulnerability that allows attackers to crash the application by submitting an excessively long buffer to the password field. Attackers can paste a large string of repeated characters into the password input during the upload process to trigger an application crash.
by Alejandra Sánchez
CVSS 7.5
Sandboxie 5.30 Denial of Service via Program Alerts Buffer Overflow
Sandboxie 5.30 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Program Alerts configuration field. Attackers can paste a buffer of 5000 characters into the 'Select or enter a program' field during program alert configuration to trigger an application crash.
by Alejandra Sánchez
CVSS 6.2
Cisco Prime Infrastructure/EPN Manager - RCE
A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. This vulnerability exist because the software improperly validates user-supplied input. An attacker could exploit this vulnerability by uploading a malicious file to the administrative web interface. A successful exploit could allow the attacker to execute code with root-level privileges on the underlying operating system.
by mr_me
CVSS 8.8
Axessh 4.2 Denial of Service via Log File Name
Axessh 4.2 contains a denial of service vulnerability in the logging configuration that allows local attackers to crash the application by supplying an excessively long string in the log file name field. Attackers can enable session logging, paste a buffer of 500 or more characters into the log file name parameter, and trigger a crash when establishing a telnet connection.
by Victor Mondragón
CVSS 6.2
By Source