Python Exploits
5,948 exploits tracked across all sources.
KiTTY Portable <0.65.0.2p - RCE
Buffer overflow in the chat server in KiTTY Portable 0.65.0.2p and earlier allows remote attackers to execute arbitrary code via a long nickname.
by Guillaume Kaddouch
CVSS 9.8
KiTTY Portable 0.65.1.1p - Local Saved Session Overflow (Egghunter XP / Denial of Service 7/8.1/10)
by Guillaume Kaddouch
KiTTY Portable 0.65.0.2p (Windows 8.1/10) - Local kitty.ini Overflow
by Guillaume Kaddouch
KiTTY Portable 0.65.0.2p (Windows 7) - Local kitty.ini Overflow (Wow64 Egghunter)
by Guillaume Kaddouch
EasyCafe Server <2.2.14 - Info Disclosure
A remote file disclosure vulnerability exists in EasyCafe Server 2.2.14, exploitable by unauthenticated remote attackers via TCP port 831. The server listens for a custom protocol where opcode 0x43 can be used to request arbitrary files by absolute path. If the file exists and is accessible, its content is returned without authentication. This flaw allows attackers to retrieve sensitive files such as system configuration, password files, or application data.
by R-73eN
Joomla! <3.4.6 - Code Injection
Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the HTTP User-Agent header, as exploited in the wild in December 2015.
by Andrew McNicol
Joomla! Framework <1.3.1 - RCE
The Session package 1.x before 1.3.1 for Joomla! Framework allows remote attackers to execute arbitrary code via unspecified session values.
by Andrew McNicol
Easy File Sharing Web Server 7.2 - HEAD Request Buffer Overflow (SEH)
by ArminCyber
Easy File Sharing Web Server 7.2 - GET Buffer Overflow (SEH)
by ArminCyber
IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - Invalid Pointer Dereference
by Ptrace Security
IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - '_FXCLI_SetConfFileChunk' Stack Buffer Overflow (PoC)
by Ptrace Security
IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - '_FXCLI_GetConfFileChunk' Stack Buffer Overflow (PoC)
by Ptrace Security
Joomla! <3.4.6 - Code Injection
Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the HTTP User-Agent header, as exploited in the wild in December 2015.
by Sec-1
OpenMRS 2.3 (1.11.4) - XML External Entity Processing
by LiquidWorm
Acunetix Web Vulnerability Scanner < 10 - Access Control
The AcuWVSSchedulerv10 service in Acunetix Web Vulnerability Scanner (WVS) before 10 build 20151125 allows local users to gain privileges via a command parameter in the reporttemplate property in a params JSON object to api/addScan.
by Daniele Linguaglossa
ABRT sosreport Privilege Escalation
The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump.
by rebel
ABRT sosreport Privilege Escalation
The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable name, as demonstrated by /var/tmp/abrt/abrt-hax-coredump or /var/spool/abrt/abrt-hax-coredump.
by rebel
Easy File Sharing Web Server 7.2 - Remote Buffer Overflow (SEH) (DEP Bypass + ROP)
by Knaps
SuperScan 4.1 - Windows Enumeration Hostname/IP/URL Field Overflow (SEH)
by Luis Martínez
SuperScan 4.1 - Tools Hostname/IP/URL Field Buffer Overflow
by Luis Martínez
SuperScan 4.1 - Scan Hostname/IP Field Buffer Overflow
by Luis Martínez
Sam Spade 1.14 - Decode URL Buffer Overflow Crash (PoC)
by Vivek Mahajan
By Source