Python Exploits
5,951 exploits tracked across all sources.
Realnetworks Realplayer < 16.0.3.51 - Code Injection
The GetGUID function in codecs/dmp4.dll in RealNetworks RealPlayer 16.0.3.51 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (write access violation and application crash) via a malformed .3gp file.
by Aryan Bayaninejad
Efssoft Easy File Sharing Web Server - Memory Corruption
Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 6.8 allows remote attackers to execute arbitrary code via a long string in a cookie UserID parameter to vfolder.ghp.
by superkojiman
Easy Chat Server <2.2 - DoS
chat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a denial of service (server crash) via a long username parameter, possibly due to a buffer overflow. NOTE: it was later reported that 2.2 is also affected.
by superkojiman
Jetaudio < 8.1.1 - Memory Corruption
JetMPAd.ax in JetAudio 8.1.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .ogg file.
by Aryan Bayaninejad
Gomlab Gom Media Player < 2.2.57.5189 - Improper Input Validation
GOM Media Player 2.2.57.5189 and earlier allows remote attackers to cause a denial of service (crash) via a crafted .ogg file.
by Aryan Bayaninejad
Videolan Vlc Media Player - Memory Corruption
codec\libpng_plugin.dll in VideoLAN VLC Media Player 2.1.3 allows remote attackers to cause a denial of service (crash) via a crafted .png file, as demonstrated by a png in a .wave file.
by Aryan Bayaninejad
AssistMyTeam Team Helpdesk - Multiple Information Disclosure Vulnerabilities
by bhamb
ApPHP MicroBlog 1.0.1 - Remote Command Execution
by LOTFREE
Kolibri 2.0 - Buffer Overflow
Stack-based buffer overflow in Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a GET request.
by Polunchis
Acunetix Web Vulnerability Scanner - Memory Corruption
Stack-based buffer overflow in Acunetix Web Vulnerability Scanner (WVS) 8 build 20120704 allows remote attackers to execute arbitrary code via an HTML file containing an IMG element with a long URL (src attribute).
by An7i
Jzip <2.0.0.132900 - Buffer Overflow
Stack-based buffer overflow in Jzip 1.3 through 2.0.0.132900 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long file name in a zip archive.
by motaz reda
OpenSSL <1.0.1g - Info Disclosure
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
by Fitzl Csaba
CVSS 7.5
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-0160. Reason: This candidate is a reservation duplicate of CVE-2014-0160. Notes: All CVE users should reference CVE-2014-0160 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
by Fitzl Csaba
OpenSSL <1.0.1g - Info Disclosure
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
by Jared Stafford
CVSS 7.5
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-0160. Reason: This candidate is a reservation duplicate of CVE-2014-0160. Notes: All CVE users should reference CVE-2014-0160 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
by Jared Stafford
EagleGet 1.1.8.1 - Denial of Service
by Interference Security
IBM Tealeaf CX - Path Traversal
Directory traversal vulnerability in download.php in the Passive Capture Application (PCA) web console in IBM Tealeaf CX 7.x, 8.x through 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote authenticated users to bypass intended access restrictions via a .. (dot dot) in the log parameter, as demonstrated using a crafted request for a customer-support file, as demonstrated by a log file.
by drone
IBM Tealeaf CX - OS Command Injection
delivery.php in the Passive Capture Application (PCA) web console in IBM Tealeaf CX 7.x, 8.x through 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the testconn_host parameter.
by drone
Haihaisoft Universal Player 1.5.8 - '.m3u' / '.pls '/ '.asx' Buffer Overflow (SEH)
by Gabor Seljan
Haihaisoft HUPlayer 1.0.4.8 - '.m3u' / '.pls' / '.asx' Buffer Overflow (SEH)
by Gabor Seljan
Microsoft Windows Media Player 11.0.5721.5230 - Memory Corruption
Microsoft Windows Media Player (WMP) 11.0.5721.5230 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted WAV file.
by TUNISIAN CYBER
By Source