Python Exploits

6,653 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-116737 EXPLOITDB python
Advanced Host Monitor 11.92 beta - Local Buffer Overflow
by Peyman Forouzan
CVE-2019-25645 EXPLOITDB MEDIUM python
WinAVI iPod 3GP MP4 PSP Converter 4.4.2 Denial of Service
WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 contains a denial of service vulnerability that allows local attackers to crash the application by processing malformed AVI files. Attackers can create a specially crafted AVI file with an oversized buffer and load it through the Convert to iPhone function to trigger an application crash.
by Achilles
CVSS 6.2
CVE-2019-25644 EXPLOITDB MEDIUM python
WinMPG Video Convert 9.3.5 Buffer Overflow Local Denial of Service
WinMPG Video Convert 9.3.5 and older versions contain a buffer overflow vulnerability in the registration dialog that allows local attackers to crash the application by supplying oversized input. Attackers can paste a large payload of 6000 bytes into the Name and Registration Code field to trigger a denial of service condition.
by Achilles
CVSS 6.2
CVE-2019-25646 EXPLOITDB CRITICAL python
Tabs Mail Carrier 2.5.1 Buffer Overflow via MAIL FROM
Tabs Mail Carrier 2.5.1 contains a buffer overflow vulnerability in the MAIL FROM SMTP command that allows remote attackers to execute arbitrary code by sending a crafted MAIL FROM parameter. Attackers can connect to the SMTP service on port 25 and send a malicious MAIL FROM command with an oversized buffer to overwrite the EIP register and execute a bind shell payload.
by Joseph McDonagh
CVSS 9.8
CVE-2019-9692 EXPLOITDB MEDIUM python VERIFIED
CMS Made Simple < 2.2.10 - Unrestricted File Upload via Watermark Image Extension Bypass
class.showtime2_image.php in CMS Made Simple (CMSMS) before 2.2.10 does not ensure that a watermark file has a standard image file extension (GIF, JPG, JPEG, or PNG).
by Daniele Scanu
CVSS 6.5
CVE-2019-25687 EXPLOITDB CRITICAL python
Pegasus CMS 1.0 Remote Code Execution via extra_fields.php
Pegasus CMS 1.0 contains a remote code execution vulnerability in the extra_fields.php plugin that allows unauthenticated attackers to execute arbitrary commands by exploiting unsafe eval functionality. Attackers can send POST requests to the submit.php endpoint with malicious PHP code in the action parameter to achieve code execution and obtain an interactive shell.
by R3zk0n
CVSS 9.8
CVE-2019-9760 EXPLOITDB CRITICAL python
FTPGetter Standard <5.97.0.177 - RCE
FTPGetter Standard v.5.97.0.177 allows remote code execution when a user initiates an FTP connection to an attacker-controlled machine that sends crafted responses. Long responses can also crash the FTP client with memory corruption.
by w4fz5uck5
CVSS 9.8
EIP-2026-103854 EXPLOITDB python
Apache UNO / LibreOffice Version: 6.1.2 / OpenOffice 4.1.6 API - Remote Code Execution
by sud0woodo
CVE-2018-1335 EXPLOITDB HIGH python VERIFIED
Apache Tika <1.18 - Command Injection
From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to untrusted clients. The mitigation is to upgrade to Tika 1.18.
by Rhino Security Labs
CVSS 8.1
CVE-2019-25686 EXPLOITDB HIGH python
Core FTP 2.0 build 653 PBSZ Unauthenticated Denial of Service
Core FTP 2.0 build 653 contains a denial of service vulnerability in the PBSZ command that allows unauthenticated attackers to crash the service by sending a malformed command with an oversized buffer. Attackers can send a PBSZ command with a payload exceeding 211 bytes to trigger an access violation and crash the FTP server process.
by Hodorsec
CVSS 7.5
EIP-2026-117686 EXPLOITDB python
NetSetMan 4.7.1 - Local Buffer Overflow (SEH Unicode)
by Devin Casadey
CVE-2018-11686 EXPLOITDB CRITICAL python
FlexPaper < 2.3.6 - Remote Code Execution via Publish Service
The Publish Service in FlexPaper (later renamed FlowPaper) 2.3.6 allows remote code execution via setup.php and change_config.php.
by redtimmysec
CVSS 9.8
EIP-2026-119512 EXPLOITDB python
Anyburn 4.3 x86 - 'Copy disc to image file' Buffer Overflow (Unicode) (SEH)
by Hodorsec
EIP-2026-119438 EXPLOITDB python
Splunk Enterprise 7.2.4 - Custom App Remote Command Execution (Persistent Backdoor / Custom Binary)
by Matteo Malvica
CVE-2019-7751 EXPLOITDB HIGH python
Ricoh MarcomCentral - Path Traversal
A directory traversal and local file inclusion vulnerability in FPProducerInternetServer.exe in Ricoh MarcomCentral, formerly PTI Marketing, FusionPro VDP before 10.0 allows a remote attacker to list or enumerate sensitive contents of files. Furthermore, this could allow for privilege escalation by dumping the local machine's SAM and SYSTEM database files, and possibly remote code execution.
by 0v3rride
CVSS 7.5
CVE-2019-9194 EXPLOITDB CRITICAL python VERIFIED
elFinder < 2.1.48 - OS Command Injection in PHP Connector
elFinder before 2.1.48 has a command injection vulnerability in the PHP connector.
by q3rv0
CVSS 9.8
CVE-2019-25566 EXPLOITDB MEDIUM python
TransMac 12.3 Denial of Service via Volume Name Field
TransMac 12.3 contains a buffer overflow vulnerability in the volume name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can create a malicious file with 1000 repeated characters, paste the content into the volume name field during disk image creation, and trigger an application crash.
by Alejandra Sánchez
CVSS 6.2
CVE-2019-3921 EXPLOITDB HIGH python
Nokia I-240W-Q GPON ONT Firmware 3FE54567BOZJ19 - Authenticated Stack-based Buffer Overflow via HTTP POST Request
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated attacker to /GponForm/usb_Form?script/. An attacker can leverage this vulnerability to potentially execute arbitrary code.
by Artem Metla
CVSS 8.8
CVE-2019-9600 EXPLOITDB HIGH python
The Olive Tree FTP Server < 1.32 - Denial of Service via Connection Flood
The Olive Tree FTP Server (aka com.theolivetree.ftpserver) application through 1.32 for Android allows remote attackers to cause a denial of service via a client that makes many connection attempts and drops certain packets.
by s4vitar
CVSS 7.5
CVE-2019-25681 EXPLOITDB HIGH python
Xlight FTP Server 3.9.1 SEH Overwrite Buffer Overflow
Xlight FTP Server 3.9.1 contains a structured exception handler (SEH) overwrite vulnerability that allows local attackers to crash the application and overwrite SEH pointers by supplying a crafted buffer string. Attackers can inject a 428-byte payload through the program execution field in virtual server configuration to trigger a buffer overflow that corrupts the SEH chain and enables potential code execution.
by Logan Whitmire
CVSS 8.4
CVE-2018-1999002 EXPLOITDB HIGH python
Jenkins <2.132, <2.121.1 - Info Disclosure
A arbitrary file read vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework's org/kohsuke/stapler/Stapler.java that allows attackers to send crafted HTTP requests returning the contents of any file on the Jenkins master file system that the Jenkins master has access to.
by wetw0rk
CVSS 7.5
CVE-2019-6340 EXPLOITDB HIGH python
Drupal 7.0.0-7.61.0 8.5.0-8.5.10 8.6.0-8.6.9 - Remote Code Execution via Unsanitized Field Data
Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.)
by leonjza
CVSS 8.1
CVE-2019-1003000 EXPLOITDB HIGH python
Jenkins Script Security Plugin < 1.50 - Sandbox Bypass Remote Code Execution
A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM.
by wetw0rk
CVSS 8.8
CVE-2018-20250 EXPLOITDB HIGH python VERIFIED
WinRAR <= 5.61 - Path Traversal and Remote Code Execution via ACE Filename Field
In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as an absolute path.
by WyAtu
CVSS 7.8
CVE-2019-25679 EXPLOITDB HIGH python
RealTerm Serial Terminal 2.0.0.70 Buffer Overflow SEH
RealTerm Serial Terminal 2.0.0.70 contains a structured exception handling (SEH) buffer overflow vulnerability in the Echo Port tab that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a buffer overflow payload with a POP POP RET gadget chain and shellcode that triggers code execution when pasted into the Port field and the Change button is clicked.
by Matteo Malvica
CVSS 7.8