Python Exploits

5,917 exploits tracked across all sources.

Sort: Activity Stars
CVE-2016-3989 EXPLOITDB HIGH python
Meinberg IMS-LANTIME - Privilege Escalation
The NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS-LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100, and LCES devices with firmware before 6.20.004 allows remote authenticated users to obtain root privileges for writing to unspecified scripts, and consequently obtain sensitive information or modify data, by leveraging access to the nobody account.
by b0yd
CVSS 8.1
EIP-2026-100757 EXPLOITDB python
Belkin AC1200 Router Firmware 1.00.27 - Authentication Bypass
by Gregory Smiley
EIP-2026-115759 EXPLOITDB python
Microsoft Process Kill Utility (kill.exe) 6.3.9600.17298 - Crash (PoC)
by hyp3rlinx
EIP-2026-112676 EXPLOITDB python VERIFIED
Tiki Wiki 15.1 - File Upload
by Ivan Ivanovic
EIP-2026-113998 EXPLOITDB python VERIFIED
WordPress Plugin Real3D FlipBook - Multiple Vulnerabilities
by Mukarram Khalid
EIP-2026-118393 EXPLOITDB python
Cuckoo Sandbox Guest 2.0.1 - XMLRPC Privileged Remote Code Execution
by Rémi ROCHER
EIP-2026-115088 EXPLOITDB python VERIFIED
Core FTP LE 2.2 - Path Field Local Buffer Overflow (PoC)
by Netfairy
EIP-2026-102449 EXPLOITDB python
Untangle NGFW 12.1.0 Beta - 'execEvil()' Command Injection
by Matt Bush
CVE-2016-20045 EXPLOITDB HIGH python
HNB Organizer 1.9.18-10 Local Buffer Overflow via -rc Parameter
HNB Organizer 1.9.18-10 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -rc command-line parameter. Attackers can craft a malicious input string exceeding 108 bytes containing shellcode and a return address to overwrite the stack and achieve code execution.
by Juan Sacco
CVSS 8.4
CVE-2016-20044 EXPLOITDB HIGH python
PInfo 0.6.9-5.1 Local Buffer Overflow via -m Parameter
PInfo 0.6.9-5.1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -m parameter. Attackers can craft a malicious input string with 564 bytes of padding followed by a return address to overwrite the instruction pointer and execute shellcode with user privileges.
by Juan Sacco
CVSS 8.4
EIP-2026-118075 EXPLOITDB python VERIFIED
VUPlayer 2.49 (Windows 7) - '.m3u' Local Buffer Overflow (DEP Bypass)
by secfigo
EIP-2026-117467 EXPLOITDB python VERIFIED
Mediacoder 0.8.43.5830 - '.m3u' Local Buffer Overflow (SEH)
by Sibusiso Sishi
EIP-2026-102564 EXPLOITDB python
Banshee 2.6.2 - '.mp3' Crash (PoC)
by Ilca Lucian
EIP-2026-111124 EXPLOITDB python
PHPLive 4.4.8 < 4.5.4 - Password Recovery SQL Injection
by Tiago Carvalho
EIP-2026-116017 EXPLOITDB python VERIFIED
Oracle Orakill.exe 11.2.0 - Buffer Overflow (PoC)
by hyp3rlinx
CVE-2009-1330 EXPLOITDB python VERIFIED
Mini-stream Easy RM TO Mp3 Converter - Memory Corruption
Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary code via a long filename in a playlist (.pls) file.
by Fitzl Csaba
EIP-2026-114563 EXPLOITDB python
Zabbix 2.2 < 3.0.3 - API JSON-RPC Remote Code Execution
by Alexander Gurin
EIP-2026-102747 EXPLOITDB python
TCPDump 4.5.1 - Crash (PoC)
by David Silveiro
EIP-2026-102571 EXPLOITDB python
CCextractor 0.80 - Crash (PoC)
by David Silveiro
CVE-2015-4870 EXPLOITDB python
Oracle MySQL Server <5.5.45-5.6.26 - DoS
Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Parser.
by Osanda Malith Jayathissa
CVE-2016-2004 EXPLOITDB CRITICAL python VERIFIED
HPE Data Protector <7.03_108,8.x<8.15,9.x<9.06 - RCE
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2623.
by Ian Lovering
CVSS 9.8
EIP-2026-113847 EXPLOITDB python
WordPress Plugin Job Script by Scubez - Remote Code Execution
by Bikramaditya Guha
CVE-2016-1287 EXPLOITDB CRITICAL python VERIFIED
Cisco ASA <9.5 - Buffer Overflow
Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 before 8.7(1.18), 9.0 before 9.0(4.38), 9.1 before 9.1(7), 9.2 before 9.2(4.5), 9.3 before 9.3(3.7), 9.4 before 9.4(2.4), and 9.5 before 9.5(2.2) on ASA 5500 devices, ASA 5500-X devices, ASA Services Module for Cisco Catalyst 6500 and Cisco 7600 devices, ASA 1000V devices, Adaptive Security Virtual Appliance (aka ASAv), Firepower 9300 ASA Security Module, and ISA 3000 devices allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via crafted UDP packets, aka Bug IDs CSCux29978 and CSCux42019.
by Exodus Intelligence
CVSS 9.8
CVE-2016-20043 EXPLOITDB HIGH python
NRSS RSS Reader 0.3.9-1 Stack Buffer Overflow
NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F parameter. Attackers can craft a malicious input with 256 bytes of padding followed by a controlled EIP value to overwrite the return address and achieve code execution.
by Juan Sacco
CVSS 8.4
EIP-2026-115052 EXPLOITDB python
CIScan 1.00 - Hostname/IP Field Overwrite (SEH) (PoC)
by Nipun Jaswal
By Source
All 5,917 Writeup 52,991 Exploitdb 50,135 Nomisec 21,420 Metasploit 3,228 Github 2,580 Vulncheck_xdb 903 Inthewild 518 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,346 ruby 5,959 python 5,917 c 3,577 perl 2,854 html 2,056 php 1,334 bash 459 java 362 javascript 260 c++ 250 shell 95 go 52 postscript 25 xml 24