Python Exploits

5,916 exploits tracked across all sources.

Sort: Activity Stars
CVE-2017-7494 EXPLOITDB CRITICAL python VERIFIED
Samba is_known_pipename() Arbitrary Module Load
Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
by steelo
CVSS 9.8
EIP-2026-102509 EXPLOITDB python
NetGain EM 7.2.647 build 941 - Authentication Bypass / Local File Inclusion
by f3ci
EIP-2026-102508 EXPLOITDB python
NetGain EM 7.2.647 build 941 - Authentication Bypass / Local File Inclusion
by f3ci
EIP-2026-101514 EXPLOITDB python
Aerohive HiveOS 5.1r5 < 6.1r5 - Remote Code Execution
by Ike-Clinton
EIP-2026-116352 EXPLOITDB python VERIFIED
Sure Thing Disc Labeler 6.2.138.0 - Buffer Overflow (PoC)
by Chance Johnson
EIP-2026-119669 EXPLOITDB python
Oracle PeopleSoft - XML External Entity to SYSTEM Remote Code Execution
by Ambionics Security
EIP-2026-119668 EXPLOITDB python
Oracle PeopleSoft - XML External Entity to SYSTEM Remote Code Execution
by Ambionics Security
CVE-2017-0144 EXPLOITDB HIGH python VERIFIED
Microsoft Server Message Block < 4.0e - Remote Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
by sleepya
CVSS 8.8
CVE-2017-0144 EXPLOITDB HIGH python VERIFIED
Microsoft Server Message Block < 4.0e - Remote Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
by sleepya
CVSS 8.8
CVE-2017-3548 EXPLOITDB MEDIUM python
Oracle PeopleSoft Products <8.56 - Info Disclosure
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of PeopleSoft Enterprise PeopleTools. CVSS 3.0 Base Score 6.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L).
by Charles Fol
CVSS 6.5
CVE-2017-18047 EXPLOITDB CRITICAL python VERIFIED
Labf Nfsaxe - Memory Corruption
Buffer Overflow in the FTP client in LabF nfsAxe 3.7 allows remote FTP servers to execute arbitrary code via a long reply.
by Tulpa
CVSS 9.8
CVE-2017-8927 EXPLOITDB HIGH python VERIFIED
Larson VizEx Reader <9.7.5 - Buffer Overflow
Buffer overflow in Larson VizEx Reader 9.7.5 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file.
by Muhann4d
CVSS 7.8
CVE-2017-8926 EXPLOITDB HIGH python VERIFIED
Halliburton LogView Pro 10.0.1 - Buffer Overflow
Buffer overflow in Halliburton LogView Pro 10.0.1 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file.
by Muhann4d
CVSS 7.8
CVE-2017-7478 EXPLOITDB HIGH python VERIFIED
OpenVPN >=2.3.12 - DoS
OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.
by QuarksLab
CVSS 7.5
CVE-2017-0147 EXPLOITDB HIGH python
Microsoft Windows 10 1507 < 4.0e - Information Disclosure
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted packets, aka "Windows SMB Information Disclosure Vulnerability."
by Juan Sacco
CVSS 7.5
CVE-2017-0146 EXPLOITDB HIGH python
Microsoft Server Message Block < 4.0e - Remote Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0148.
by Juan Sacco
CVSS 8.8
CVE-2017-0145 EXPLOITDB HIGH python
Microsoft Server Message Block < 4.0e - Remote Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0146, and CVE-2017-0148.
by Juan Sacco
CVSS 8.8
CVE-2017-0144 EXPLOITDB HIGH python
Microsoft Server Message Block < 4.0e - Remote Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
by Juan Sacco
CVSS 8.8
CVE-2017-0143 EXPLOITDB HIGH python
Microsoft Server Message Block < 4.0e - Remote Code Execution
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
by Juan Sacco
CVSS 8.8
CVE-2017-0148 EXPLOITDB HIGH python
Microsoft Server Message Block < 4.0e - Improper Input Validation
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, and CVE-2017-0146.
by Juan Sacco
CVSS 8.1
CVE-2017-5689 EXPLOITDB CRITICAL python
Intel AMT Digest Authentication Bypass Scanner
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
by nixawk
CVSS 9.8
CVE-2017-8852 EXPLOITDB HIGH python VERIFIED
Sapcar - Memory Corruption
SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the file. The vendor response is SAP Security Note 2441560.
by Core Security
CVSS 7.8
EIP-2026-104034 EXPLOITDB python
Oracle GoldenGate 12.1.2.0.0 - Remote Code Execution
by Silent Signal
CVE-2017-8869 EXPLOITDB HIGH python VERIFIED
Mediacoder - Memory Corruption
Buffer overflow in MediaCoder 0.8.48.5888 allows remote attackers to execute arbitrary code via a crafted .m3u file.
by Muhann4d
CVSS 7.8
CVE-2017-5135 EXPLOITDB CRITICAL python
Technicolor DPC3928SL - Auth Bypass
Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in some cases. The Technicolor (formerly Cisco) DPC3928SL with firmware D3928SL-P15-13-A386-c3420r55105-160127a could be reached by any SNMP community string from the Internet; also, you can write in the MIB because it provides write properties, aka Stringbleed. NOTE: the string-bleed/StringBleed-CVE-2017-5135 GitHub repository is not a valid reference as of 2017-04-27; it contains Trojan horse code purported to exploit this vulnerability.
by nixawk
CVSS 9.1
By Source
All 5,916 Writeup 51,780 Exploitdb 50,135 Nomisec 21,388 Metasploit 3,228 Github 2,578 Vulncheck_xdb 901 Inthewild 518 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,346 ruby 5,959 python 5,916 c 3,576 perl 2,854 html 2,056 php 1,334 bash 459 java 362 javascript 260 c++ 250 shell 95 go 52 postscript 25 xml 24