Python Exploits

5,951 exploits tracked across all sources.

Sort: Activity Stars
CVE-2014-1206 EXPLOITDB python
Openwebanalytics Open Web Analytics < 1.5.4 - SQL Injection
SQL injection vulnerability in the password reset page in Open Web Analytics (OWA) before 1.5.5 allows remote attackers to execute arbitrary SQL commands via the owa_email_address parameter in a base.passwordResetRequest action to index.php.
by Dana James Traversie
CVE-2013-2347 EXPLOITDB python
HP Storage Data Protector - Denial of Service
The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary commands or cause a denial of service via a crafted EXEC_BAR packet to TCP port 5555, aka ZDI-CAN-1885.
by Chris Graham
CVE-2014-10031 EXPLOITDB python VERIFIED
Qualcomm Eudora Worldmail - Memory Corruption
Buffer overflow in the IMAPd service in Qualcomm Eudora WorldMail 9.0.333.0 allows remote attackers to execute arbitrary code via a long string in a UID command.
by Muhammad Alharmeel
EIP-2026-104221 EXPLOITDB python VERIFIED
Dexter (CasinoLoader) Panel - SQL Injection
by bwall
EIP-2026-115993 EXPLOITDB python
OneHTTPD 0.8 - Crash (PoC)
by Mahmod Mahajna (Mahy)
EIP-2026-108314 EXPLOITDB python
Joomla! Component com_community 2.6 - Code Execution
by Matias Fontanini
CVE-2014-1684 EXPLOITDB python
VLC Media Player <2.1.3 - DoS
The ASF_ReadObject_file_properties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a zero minimum and maximum data packet size in an ASF file.
by Saif
CVE-2013-4730 EXPLOITDB python VERIFIED
PCMan's FTP Server 2.0.7 - RCE
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USER command.
by Mahmod Mahajna (Mahy)
CVE-2013-4730 EXPLOITDB python VERIFIED
PCMan's FTP Server 2.0.7 - RCE
Buffer overflow in PCMan's FTP Server 2.0.7 allows remote attackers to execute arbitrary code via a long string in a USER command.
by Mahmod Mahajna (Mahy)
EIP-2026-118631 EXPLOITDB python VERIFIED
haneWIN DNS Server 1.5.3 - Remote Buffer Overflow (SEH)
by Dario Estrada
CVE-2013-5791 EXPLOITDB python
Oracle Fusion Middleware - Buffer Overflow
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.0 and 8.4.1 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters. NOTE: the previous information is from the October 2013 CPU. Oracle has not commented on claims from a third party that the issue is a stack-based buffer overflow in the Microsoft Access 1.x parser in vsacs.dll before 8.4.0.108 and before 8.4.1.52, which allows attackers to execute arbitrary code via a long field (aka column) name.
by Citadelo
CVE-2006-2465 EXPLOITDB python VERIFIED
Mp3info - Buffer Overflow
Buffer overflow in MP3Info 0.8.4 allows attackers to execute arbitrary code via a long command line argument. NOTE: if mp3info is not installed setuid or setgid in any reasonable context, then this issue might not be a vulnerability.
by jsacco
EIP-2026-101569 EXPLOITDB python
BLUE COM Router 5360/52018 - Password Reset
by KAI
CVE-2013-6343 EXPLOITDB python
Asus Tm-ac1900 Firmware - Memory Corruption
Multiple buffer overflows in web.c in httpd on the ASUS RT-N56U and RT-AC66U routers with firmware 3.0.0.4.374_979 allow remote attackers to execute arbitrary code via the (1) apps_name or (2) apps_flag parameter to APP_Installation.asp.
by Jacob Holcomb
EIP-2026-115376 EXPLOITDB python
haneWIN DNS Server 1.5.3 - Denial of Service
by sajith
EIP-2026-116942 EXPLOITDB python VERIFIED
CCProxy 7.3 - Integer Overflow
by Mr.XHat
EIP-2026-101046 EXPLOITDB python
Motorola SBG6580 Cable Modem & Wireless Router - Reboot (Denial of Service)
by nicx0
EIP-2026-115191 EXPLOITDB python VERIFIED
Easy Karaokay Player 3.3.31 - '.wav' Integer Division by Zero
by Osanda Malith Jayathissa
CVE-2013-7185 EXPLOITDB HIGH python
PotPlayer <1.5.40688 - Memory Corruption
PotPlayer 1.5.40688: .avi File Memory Corruption
by ariarat
CVSS 7.8
CVE-2013-7184 EXPLOITDB python
Gretech GOM Media Player <2.2.56.5158 - Memory Corruption
Gretech GOM Media Player 2.2.56.5158 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted AVI file.
by ariarat
CVE-2013-6162 EXPLOITDB python VERIFIED
Code-crafters Ability Mail Server - XSS
Cross-site scripting (XSS) vulnerability in Code-Crafters Ability Mail Server 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the body of an email.
by David Um
EIP-2026-118080 EXPLOITDB python
VUPlayer 2.49 - '.m3u' File Universal Buffer Overflow (DEP Bypass) (2)
by Morteza Hashemi
EIP-2026-116082 EXPLOITDB python VERIFIED
PotPlayer 1.5.42509 Beta - Integer Division by Zero Denial of Service
by sajith
EIP-2026-116941 EXPLOITDB python VERIFIED
Castripper 2.50.70 - '.pls' DEP Bypass
by Morteza Hashemi
CVE-2013-4579 EXPLOITDB python VERIFIED
Linux kernel < 3.12 - Info Disclosure
The ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a Wi-Fi device is listening, which allows remote attackers to discover the original MAC address after spoofing by sending a series of packets to MAC addresses with certain bit manipulations.
by Mathy Vanhoef
By Source
All 5,951 Writeup 54,084 Exploitdb 50,193 Nomisec 21,431 Metasploit 3,228 Github 2,586 Vulncheck_xdb 904 Inthewild 518 Gitlab 441 Gitee 415 Patchapalooza 312
By Language
text 31,368 ruby 5,960 python 5,951 c 3,580 perl 2,854 html 2,056 php 1,334 bash 459 java 362 javascript 260 c++ 250 shell 95 go 55 postscript 25 xml 24