Python Exploits

6,689 exploits tracked across all sources.

Sort: Activity Stars
EIP-2026-103632 EXPLOITDB python
PHP 5.4.0 Built-in Web Server - Denial of Service (PoC)
by ls
EIP-2026-116313 EXPLOITDB python
Spotify 0.8.2.610 - search func Memory Exhaustion
by LiquidWorm
CVE-2012-4869 EXPLOITDB python VERIFIED
FreePBX < 2.10 - Remote Code Execution via callmenum Parameter
The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attackers to execute arbitrary commands via the callmenum parameter in a c action.
by muts
CVE-2015-6750 EXPLOITDB python VERIFIED
Ricoh DL-1 SR10 < 1.1.0.6 - Remote Code Execution via Long USER Command
Buffer overflow in Ricoh DL FTP Server 1.1.0.6 and earlier allows remote attackers to execute arbitrary code via a long USER command.
by Julien Ahrens
CVE-2012-4864 EXPLOITDB python
Oreans WinLicense 2.1.8.0 - Memory Corruption, DoS
Oreans WinLicense 2.1.8.0 allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted xml file.
by LiquidWorm
EIP-2026-116410 EXPLOITDB python VERIFIED
Tiny Server 1.1.9 - HEAD Denial of Service
by brock haun
EIP-2026-116053 EXPLOITDB python
PeerFTP Server 4.01 - Remote Crash (PoC)
by localh0t
CVE-2012-5329 EXPLOITDB python VERIFIED
TYPSoft FTP Server 1.1 - Authenticated Denial of Service via APPE Command Buffer Overflow
Buffer overflow in TYPSoft FTP Server 1.1 allows remote authenticated users to cause a denial of service (application crash) via a long string in an APPE command.
by brock haun
CVE-2012-5329 EXPLOITDB python
TYPSoft FTP Server 1.1 - Authenticated Denial of Service via APPE Command Buffer Overflow
Buffer overflow in TYPSoft FTP Server 1.1 allows remote authenticated users to cause a denial of service (application crash) via a long string in an APPE command.
by brock haun
EIP-2026-115931 EXPLOITDB python VERIFIED
Network Instrument Observer - SNMP SetRequest Denial of Service
by Francis Provencher
EIP-2026-117432 EXPLOITDB python VERIFIED
Macro Toolworks 7.5 - Local Buffer Overflow
by Julien Ahrens
EIP-2026-118479 EXPLOITDB python
EasyFTP Server 1.7.0.11 - 'APPE' Remote Buffer Overflow
by Swappage
CVE-2012-1464 EXPLOITDB python VERIFIED
NetMechanica NetDecision < 4.5.1 - Information Disclosure via Trailing Question Mark
Dashboard Server for NetMechanica NetDecision before 4.6.1 allows remote attackers to obtain the installation path via a request with a trailing "?" character, which causes Dashboard to attempt to access a non-existent resource. NOTE: some of these details are obtained from third party information.
by SecPod Research
CVE-2012-1465 EXPLOITDB python VERIFIED
NetMechanica NetDecision < 4.5.1 - Denial of Service via Long URL
Stack-based buffer overflow in the HTTP Server in NetMechanica NetDecision before 4.6.1 allows remote attackers to cause a denial of service (application crash) via a long URL in an HTTP request. NOTE: some of these details are obtained from third party information.
by SecPod Research
CVE-2012-1096 EXPLOITDB MEDIUM python VERIFIED
NetworkManager <0.9 - Privilege Escalation
NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys when making a connection via the file path when adding a new connection.
by Ludwig
CVSS 5.5
CVE-2012-10060 EXPLOITDB CRITICAL python VERIFIED
Sysax Multi Server <5.55 - Buffer Overflow
Sysax Multi Server versions prior to 5.55 contain a stack-based buffer overflow in its SSH service. When a remote attacker supplies an overly long username during authentication, the server copies the input to a fixed-size stack buffer without proper bounds checking. This allows remote code execution under the context of the service.
by Craig Freyman
CVSS 9.8
EIP-2026-119199 EXPLOITDB python
Sysax Multi Server 5.53 - SFTP (Authenticated) (SEH)
by Craig Freyman
CVE-2012-1783 EXPLOITDB python VERIFIED
Tiny Server <= 1.1.9 - Denial of Service via Long GET Request
Tiny Server 1.1.9 and earlier allows remote attackers to cause a denial of service (crash) via a long string in a GET request without an HTTP version number.
by localh0t
CVE-2012-1257 EXPLOITDB MEDIUM python VERIFIED
Pidgin 2.10.0 - Cleartext Transmission of Sensitive Information via DBUS
Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.
by Dimitris Glynos
CVSS 5.5
EIP-2026-115129 EXPLOITDB python VERIFIED
DAMN Hash Calculator 1.5.1 - Local Heap Overflow (PoC)
by Julien Ahrens
EIP-2026-116894 EXPLOITDB python VERIFIED
Blade API Monitor - Unicode Bypass Serial Number Buffer Overflow
by b33f
CVE-2012-4361 EXPLOITDB python VERIFIED
HP SAN/iQ < 9.5 - Authenticated OS Command Injection via Ping Parameter
lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the second parameter.
by Nicolas Gregoire
CVE-2012-0292 EXPLOITDB python
Symantec pcAnywhere <= 12.5.3 - Denial of Service via Crafted TCP Session
The awhost32 service in Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allows remote attackers to cause a denial of service (daemon crash) via a crafted TCP session on port 5631.
by Johnathan Norman
CVE-2012-4362 EXPLOITDB python VERIFIED
HP SAN/iQ < 9.5 - Unauthenticated Remote Access via Hardcoded Password
hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management service via a login: request to TCP port 13838.
by Nicolas Gregoire
EIP-2026-115491 EXPLOITDB python
jetVideo 8.0.2 - Denial of Service
by Senator of Pirates