Python Exploits
5,908 exploits tracked across all sources.
compface <1.5.2 - Buffer Overflow
Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to cause a denial of service (crash) via a long declaration in a .xbm file. NOTE: this issue only affects compface on distributions that used a certain patch.
by His0k4
Adobe Acrobat 9.1.2 NOS - Local Privilege Escalation
by Dr_IDE
stftp 1.10 - PWD Response Remote Stack Overflow (PoC)
by sqlevil
WzdFTPD 8.0 - Remote Denial of Service
by Jose Miguel Esparza
Ekiga < 2.0.9 - Improper Input Validation
The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \0 byte to be written to an "attacker-controlled address."
by Jose Miguel Esparza
Ekiga - Resource Management Error
pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting).
by Jose Miguel Esparza
Mozilla Firefox 3.5 (OSX) - Font Tags Remote Buffer Overflow
by Dr_IDE
WINMOD 1.4 - '.lst' Universal Buffer Overflow (SEH) (2)
by Dz_Girl
Microsoft Office Web Components Spreadsheet - ActiveX 'OWC10/11' Remote Overflow
by Ahmed Obied
Mozilla Firefox <3.5.1 - RCE
js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements.
by David Kennedy (ReL1K)
Mozilla Firefox <3.5 - DoS
Mozilla Firefox 3.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via unspecified vectors, related to a "flash bug."
by David Kennedy (ReL1K)
Zortam MP3 Media Studio 9.40 - Multiple Memory Corruption Vulnerabilities
by LiquidWorm
Michael J Greenwood Php Content Manager - Path Traversal
Directory traversal vulnerability in include/processor.php in Greenwood PHP Content Manager 0.3.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the content_path parameter.
by Khashayar Fereidani
Live For Speed 2 Version Z - '.mpr' Local Buffer Overflow (SEH)
by His0k4
Tandberg MXP F7.0 - Buffer Overflow
Buffer overflow in the FTP service on the Tandberg MXP F7.0 allows remote attackers to cause a denial of service (process crash or device reboot) or possibly execute arbitrary code via a long USER command, as demonstrated by a command ending with many space characters.
by otokoyama
Pirch IRC 98 Client - 'Response' Remote Buffer Overflow (SEH)
by His0k4
ATL < unknown - Buffer Overflow
Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability."
by David Kennedy (ReL1K)
CVSS 8.8
Photo DVD Maker 8.02 - Buffer Overflow
Stack-based buffer overflow in Photo DVD Maker 8.02, and possibly earlier versions, allows remote attackers to execute arbitrary code via a long File_Name parameter in a .pdm file. NOTE: some of these details are obtained from third party information.
by His0k4
eEye Retina WiFi Scanner <1.0.8.68 - Buffer Overflow
Buffer overflow in eEye Retina WiFi Scanner 1.0.8.68, as used in Retina Network Security Scanner 5.10.14, allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .rws file with a long RWS010 entry.
by LiquidWorm
ARD-9808 DVR - DoS
The ARD-9808 DVR card security camera allows remote attackers to cause a denial of service via a long URI composed of //.\ (slash slash dot backslash) sequences.
by Stack
B Labs Bopup Comm Server <3.2.26.5460 - Buffer Overflow
Stack-based buffer overflow in B Labs Bopup Communication Server 3.2.26.5460 allows remote attackers to execute arbitrary code via a crafted request to TCP port 19810.
by His0k4
HT-MP3Player 1.0 - Buffer Overflow
Stack-based buffer overflow in HT-MP3Player 1.0 allows remote attackers to execute arbitrary code via a long string in a .ht3 file.
by His0k4
BookFlip 2.1 - SQL Injection
SQL injection vulnerability in the BookFlip (com_bookflip) component 2.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the book_id parameter to index.php.
by boom3rang
By Source