Python Exploits
5,914 exploits tracked across all sources.
Apache Struts < 2.3.34 - Improper Input Validation
In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.
by brianwrf
CVSS 9.8
Jungos WinDriver <12.4.0 - Privilege Escalation
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x953824b7 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in a kernel pool overflow. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel.
by mr_me
CVSS 7.8
Jungos WinDriver <12.4.0 - Privilege Escalation
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x953824a7 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in an out-of-bounds write condition. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel.
by mr_me
CVSS 7.8
Apache Struts 2 REST Plugin XStream RCE
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
by Warflop
CVSS 8.1
Dup Scout Enterprise 9.9.14 - 'Input Directory' Local Buffer Overflow
by Touhid M.Shaikh
Easy WMV/ASF/ASX to DVD Burner 2.3.11 - Local Buffer Overflow (SEH)
by Touhid M.Shaikh
Easy Vedio to PSP Converter 1.6.20 - Local Buffer Overflow (SEH)
by Kishan Sharma
Easy RM RMVB to DVD Burner 1.8.11 - Local Buffer Overflow (SEH)
by Touhid M.Shaikh
Easy DVD Creator 2.5.11 - Local Buffer Overflow (SEH)
by tr0ubl3m4k3r
Flexense Dupscout - Memory Corruption
A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server component. Successful exploitation of the software will allow an attacker to gain complete access to the system with NT AUTHORITY / SYSTEM level privileges. The vulnerability lies due to improper handling and sanitization of the incoming request.
by Nipun Jaswal
CVSS 9.8
Flexense Dupscout - Memory Corruption
A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server component. Successful exploitation of the software will allow an attacker to gain complete access to the system with NT AUTHORITY / SYSTEM level privileges. The vulnerability lies due to improper handling and sanitization of the incoming request.
by Nipun Jaswal
CVSS 9.8
Flexense Dupscout - Memory Corruption
A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server component. Successful exploitation of the software will allow an attacker to gain complete access to the system with NT AUTHORITY / SYSTEM level privileges. The vulnerability lies due to improper handling and sanitization of the incoming request.
by Nipun Jaswal
CVSS 9.8
Flexense Dupscout - Memory Corruption
A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise 9.9.16, and Disk Pulse Enterprise 9.9.16 where an attacker can craft a malicious GET request and exploit the web server component. Successful exploitation of the software will allow an attacker to gain complete access to the system with NT AUTHORITY / SYSTEM level privileges. The vulnerability lies due to improper handling and sanitization of the incoming request.
by Nipun Jaswal
CVSS 9.8
My Video Converter 1.5.24 - Local Buffer Overflow (SEH)
by Anurag Srivastava
MP3 WAV to CD Burner 1.4.24 - Local Buffer Overflow (SEH)
by Anurag Srivastava
Easy Video to iPod/MP4/PSP/3GP Converter 1.5.20 - Local Buffer Overflow (SEH)
by Anurag Srivastava
Easy AVI DivX Converter 1.2.24 - Local Buffer Overflow (SEH)
by Anurag Srivastava
Twsz Wifi Repeater Firmware - Information Disclosure
There is LFD (local file disclosure) on BE126 WIFI repeater 1.0 devices that allows attackers to read the entire filesystem on the device via a crafted getpage parameter.
by Hay Mizrachi
CVSS 7.5
VX Search Enterprise 9.9.12 - 'Import Command' Local Buffer Overflow
by Anurag Srivastava
Disk Savvy Enterprise 9.9.14 - 'Import Command' Local Buffer Overflow
by Anurag Srivastava
Disk Pulse Enterprise 9.9.16 - 'Import Command' Local Buffer Overflow
by Anurag Srivastava
ALC WebCTRL <6.5 - RCE
An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. An authenticated attacker may be able to upload a malicious file allowing the execution of arbitrary code.
by LiquidWorm
CVSS 7.8
Easy DVD Creater 2.5.11 - Local Buffer Overflow (SEH)
by Anurag Srivastava
MessengerScan 1.05 - Local Buffer Overflow (PoC)
by Anurag Srivastava
By Source