Python Exploits

6,668 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-101392 EXPLOITDB python
NUUO NVRMini2 3.8 - 'cgi_system' Buffer Overflow (Enable Telnet)
by Jacob Baines
CVE-2018-25378 EXPLOITDB MEDIUM python
Notebook Pro 2.0 Denial of Service via Notebook Name Field
Notebook Pro 2.0 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the notebook name field. Attackers can create a malicious text file containing 500 or more characters, paste the content into the New Notebook Name field, and trigger an application crash when attempting to create and save the notebook.
by Ali Alipour
CVSS 6.2
CVE-2018-25125 EXPLOITDB HIGH python VERIFIED
Netis ADSL Router DL4322D RTK 2.1.1 - DoS
Netis ADSL Router DL4322D firmware RTK 2.1.1 contains a buffer overflow vulnerability in the embedded FTP service that allows an authenticated remote user to trigger a denial of service. After logging in to the FTP service, sending an FTP command such as ABOR with an excessively long argument causes the service, and in practice the router, to crash or become unresponsive, resulting in a loss of availability for the device and connected users.
by cakes
EIP-2026-119610 EXPLOITDB python VERIFIED
Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service (PoC)
by Jose Eduardo Castro
EIP-2026-119609 EXPLOITDB python VERIFIED
Oracle VirtualBox Manager 5.2.18 r124319 - 'Name Attribute' Denial of Service (PoC)
by Jose Eduardo Castro
EIP-2026-119504 EXPLOITDB python VERIFIED
XAMPP Control Panel 3.2.2 - Denial of Service (PoC)
by Gionathan Reale
EIP-2026-119503 EXPLOITDB python VERIFIED
XAMPP Control Panel 3.2.2 - Denial of Service (PoC)
by Gionathan Reale
CVE-2018-15691 EXPLOITDB CRITICAL python
CA Release Automation < 6.3.0.9945 - Remote Code Execution via Insecure Deserialization
Insecure deserialization of a specially crafted serialized object, in CA Release Automation 6.5 and earlier, allows attackers to potentially execute arbitrary code.
by Jakub Palaczynski
CVSS 9.8
CVE-2018-25275 EXPLOITDB MEDIUM python VERIFIED
Faleemi Plus 1.0.2 Denial of Service via Buffer Overflow
Faleemi Plus 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input strings. Attackers can paste a 2000-byte payload into the Camera name and DID number fields during camera addition to trigger an application crash.
by Gionathan Reale
CVSS 6.2
CVE-2018-25274 EXPLOITDB MEDIUM python VERIFIED
InfraRecorder 0.53 Denial of Service via txt File Import
InfraRecorder 0.53 contains a denial of service vulnerability that allows local attackers to crash the application by importing a maliciously crafted text file. Attackers can create a text file containing 6000 bytes of data and import it through the Edit menu's Import function to trigger an application crash.
by Gionathan Reale
CVSS 6.2
EIP-2026-119578 EXPLOITDB python VERIFIED
CdBurnerXP 4.5.8.6795 - 'File Name' Denial of Service (PoC)
by Alan Joaquín Baeza Meza
CVE-2019-9767 EXPLOITDB HIGH python VERIFIED
Free MP3 CD Ripper 2.6 - Buffer Overflow
Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .wma file.
by Gionathan Reale
CVSS 7.8
EIP-2026-119634 EXPLOITDB python
InduSoft Web Studio 8.1 SP1 - 'Tag Name' Buffer Overflow (SEH)
by Luis Martínez
EIP-2026-119617 EXPLOITDB python
TeamViewer App 13.0.100.0 - Denial of Service (PoC)
by Ali Alipour
CVE-2019-9766 EXPLOITDB HIGH python VERIFIED
Free MP3 CD Ripper 2.6 - Buffer Overflow
Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .mp3 file.
by Gionathan Reale
CVSS 7.8
EIP-2026-119462 EXPLOITDB python VERIFIED
Clone2Go Video to iPod Converter 2.5.0 - Denial of Service (PoC)
by ZwX
EIP-2026-117920 EXPLOITDB python
Socusoft Photo to Video Converter 8.07 - 'Registration Name' Buffer Overflow
by ZwX
EIP-2026-117919 EXPLOITDB python
Socusoft Photo to Video Converter 8.07 - 'Registration Name' Buffer Overflow
by ZwX
EIP-2026-117157 EXPLOITDB python
Faleemi Desktop Software 1.8.2 - 'SavePath for ScreenShots' Buffer Overflow (SEH)
by Gionathan Reale
EIP-2026-117156 EXPLOITDB python
Faleemi Desktop Software 1.8.2 - 'SavePath for ScreenShots' Buffer Overflow (SEH)
by Gionathan Reale
EIP-2026-115614 EXPLOITDB python
MediaTek Wirless Utility rt2870 - Denial of Service (PoC)
by Lawrence Amer
CVE-2018-25281 EXPLOITDB MEDIUM python VERIFIED
iCash 7.6.5 Denial of Service via Connect to Server
iCash 7.6.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload through the Connect to Server dialog. Attackers can paste a 7000-byte string into the Host field and click Connect to trigger an application crash.
by Gionathan Reale
CVSS 5.5
CVE-2018-25280 EXPLOITDB MEDIUM python VERIFIED
Infiltrator Network Security Scanner 4.6 Denial of Service
Infiltrator Network Security Scanner 4.6 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a 6000-byte payload into the Scan Target field and trigger a denial of service condition when the Scan button is clicked.
by Gionathan Reale
CVSS 5.5
CVE-2018-25279 EXPLOITDB MEDIUM python
jiNa OCR Image to Text 1.0 Denial of Service via PNG
jiNa OCR Image to Text 1.0 contains a denial of service vulnerability that allows local attackers to crash the application by processing a malformed PNG file. Attackers can create a specially crafted PNG file with an oversized buffer and trigger the crash when the application attempts to convert the file to PDF.
by Gionathan Reale
CVSS 6.2
CVE-2018-25278 EXPLOITDB MEDIUM python VERIFIED
PicaJet FX 2.6.5 Denial of Service via Registration Fields
PicaJet FX 2.6.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-byte buffer into the Registration Name and Registration Key fields via the Help menu's Register PicaJet dialog to trigger an application crash.
by Gionathan Reale
CVSS 6.2