Python Exploits

6,652 exploits tracked across all sources.

Sort: Activity Stars
CVE-2019-25609 EXPLOITDB HIGH python
JetAudio jetCast Server 2.0 Local SEH Buffer Overflow
JetAudio jetCast Server 2.0 contains a stack-based buffer overflow vulnerability in the Log Directory configuration field that allows local attackers to overwrite structured exception handling pointers. Attackers can inject alphanumeric encoded shellcode through the Log Directory field to trigger an SEH exception handler and execute arbitrary code with application privileges.
by Connor McGarr
CVSS 8.4
CVE-2019-25607 EXPLOITDB HIGH python
Axessh 4.2 Local Stack-based Buffer Overflow via Log File Name
Axessh 4.2 contains a stack-based buffer overflow vulnerability in the log file name field that allows local attackers to execute arbitrary code by supplying an excessively long filename. Attackers can overflow the buffer at offset 214 bytes to overwrite the instruction pointer and execute shellcode with system privileges.
by Victor Mondragón
CVSS 8.4
CVE-2019-25589 EXPLOITDB MEDIUM python
ZOC Terminal 7.23.4 Buffer Overflow Denial of Service
ZOC Terminal 7.23.4 contains a buffer overflow vulnerability in the Shell field of Program Settings that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a crafted payload into the Shell configuration field and trigger a crash when accessing the Command Shell feature.
by Victor Mondragón
CVSS 6.2
EIP-2026-116657 EXPLOITDB python
ZOC Terminal v7.23.4 - 'Private key file' Denial of Service (PoC)
by Victor Mondragón
EIP-2026-116656 EXPLOITDB python
ZOC Terminal v7.23.4 - 'Private key file' Denial of Service (PoC)
by Victor Mondragón
EIP-2026-116653 EXPLOITDB python
ZOC Terminal 7.23.4 - 'Script' Denial of Service (PoC)
by Victor Mondragón
EIP-2026-116652 EXPLOITDB python
ZOC Terminal 7.23.4 - 'Script' Denial of Service (PoC)
by Victor Mondragón
CVE-2018-10608 EXPLOITDB HIGH python
SEL AcSELerator Architect <2.2.24.0 - DoS
SEL AcSELerator Architect version 2.2.24.0 and prior can be exploited when the AcSELerator Architect FTP client connects to a malicious FTP server, which may cause denial of service via 100% CPU utilization. Restart of the application is required.
by LiquidWorm
CVSS 7.5
CVE-2019-25554 EXPLOITDB MEDIUM python
Tomabo MP4 Converter 3.25.22 Denial of Service via Name Field
Tomabo MP4 Converter 3.25.22 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can trigger a buffer overflow by pasting a large payload into the Name parameter when adding a preset in the Video/Audio Formats options, causing the application to crash when Reset All is clicked.
by Alejandra Sánchez
CVSS 5.5
CVE-2019-25558 EXPLOITDB MEDIUM python
Selfie Studio 2.17 Denial of Service via Resize Image
Selfie Studio 2.17 contains a denial of service vulnerability in the Resize Image function that allows local attackers to crash the application by supplying an excessively long buffer. Attackers can paste a large string of characters into the New Width or New Height field to trigger a buffer overflow that crashes the application.
by Alejandra Sánchez
CVSS 6.2
CVE-2019-25557 EXPLOITDB MEDIUM python
TwistedBrush Pro Studio 24.06 Denial of Service via srp File
TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability that allows local attackers to crash the application by importing a malformed .srp script file. Attackers can create a .srp file containing an excessively large buffer and import it through the Script Player interface to trigger an application crash.
by Alejandra Sánchez
CVSS 6.2
CVE-2019-25556 EXPLOITDB MEDIUM python
TwistedBrush Pro Studio 24.06 Resize Image Denial of Service
TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability in the Resize Image function that allows local attackers to crash the application by supplying an excessively long buffer. Attackers can paste a malicious string into the New Width or New Height field to trigger a buffer overflow that causes the application to crash.
by Alejandra Sánchez
CVSS 6.2
CVE-2019-25555 EXPLOITDB MEDIUM python
TwistedBrush Pro Studio 24.06 Script Recorder Denial of Service
TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability in the Script Recorder component that allows local attackers to crash the application by supplying an excessively large buffer. Attackers can paste a malicious string containing 500,000 characters into the Description field of the Script Recorder dialog to trigger an application crash.
by Alejandra Sánchez
CVSS 6.2
CVE-2019-25591 EXPLOITDB MEDIUM python
DNSS Domain Name Search Software 2.1.8 Denial of Service
DNSS Domain Name Search Software 2.1.8 contains a buffer overflow vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Attackers can trigger a denial of service by pasting a malicious registration code containing 300 repeated characters into the Name/Key field via the Register menu option.
by Victor Mondragón
CVSS 6.2
EIP-2026-116320 EXPLOITDB python
SpotMSN 2.4.6 - Denial of Service (PoC)
by Victor Mondragón
EIP-2026-116319 EXPLOITDB python
SpotMSN 2.4.6 - Denial of Service (PoC)
by Victor Mondragón
CVE-2019-25592 EXPLOITDB MEDIUM python
PHPRunner 10.1 Denial of Service via Dashboard Name Field
PHPRunner 10.1 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the dashboard name field. Attackers can paste a buffer of 10000 characters into the Name field during dashboard creation to trigger an application crash.
by Victor Mondragón
CVSS 6.2
CVE-2019-25594 EXPLOITDB MEDIUM python
ASPRunner.NET 10.1 Denial of Service via Table Name Field
ASPRunner.NET 10.1 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the table name field. Attackers can input a buffer of 10000 characters in the table name parameter during database table creation to trigger an application crash.
by Victor Mondragón
CVSS 6.2
CVE-2019-25593 EXPLOITDB MEDIUM python
jetCast Server 2.0 Denial of Service via Log Directory
jetCast Server 2.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Log directory configuration field. Attackers can paste a buffer of 5000 characters into the Log directory input, then click Start to trigger a crash that terminates the server process.
by Victor Mondragón
CVSS 5.5
CVE-2019-25559 EXPLOITDB MEDIUM python
SpotPaltalk 1.1.5 Name/Key Field Denial of Service
SpotPaltalk 1.1.5 contains a denial of service vulnerability in the registration code input field that allows local attackers to crash the application by submitting an excessively long string. Attackers can paste a buffer of 1000 characters into the Name/Key field during registration to trigger a crash when the OK button is clicked.
by Alejandra Sánchez
CVSS 5.5
EIP-2026-116317 EXPLOITDB python
SpotIM 2.2 - Denial of Service (PoC)
by Alejandra Sánchez
EIP-2026-116316 EXPLOITDB python
SpotIM 2.2 - Denial of Service (PoC)
by Alejandra Sánchez
CVE-2019-25562 EXPLOITDB MEDIUM python
jetAudio 8.1.7 Denial of Service via File Naming Buffer Overflow
jetAudio 8.1.7 contains a buffer overflow vulnerability in the video converter component that allows local attackers to crash the application by supplying an oversized string in the File Naming field. Attackers can paste a malicious buffer of 512 bytes into the File Naming parameter and trigger the crash by clicking the Preview button, causing a denial of service.
by Alejandra Sánchez
CVSS 5.5
CVE-2019-25561 EXPLOITDB MEDIUM python
Lyric Maker 2.0.1.0 Denial of Service via Buffer Overflow
Lyric Maker 2.0.1.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Title field. Attackers can paste a 5000-byte buffer into the Title input field and save the file to trigger a denial of service condition.
by Alejandra Sánchez
CVSS 6.2
CVE-2019-25560 EXPLOITDB HIGH python
Lyric Video Creator 2.1 Denial of Service via MP3 File
Lyric Video Creator 2.1 contains a denial of service vulnerability that allows attackers to crash the application by processing malformed MP3 files. Attackers can create a crafted MP3 file with an oversized buffer and trigger the crash by opening the file through the Browse song functionality.
by Alejandra Sánchez
CVSS 7.5