Python Exploits
6,694 exploits tracked across all sources.
Blackmoon FTP Server 3.1 Build 1735-1736 - Denial of Service via PORT Command
FTPService.exe in Blackmoon FTP 3.1 Build 1735 and Build 1736 (3.1.7.1736), and possibly other versions before 3.1.8.1737, allows remote attackers to cause a denial of service (crash) via a large number of PORT commands with long arguments, which triggers a NULL pointer dereference. NOTE: some of these details are obtained from third party information.
by Craig Freyman
SiteScape Forum - Remote Code Execution via TCL Code Separator in Query String
support/dispatch.cgi in SiteScape Forum allows remote attackers to execute arbitrary TCL code via code separator characters in the query string.
by Spencer McIntyre
Nokia Multimedia Player 1.00.55.5010 - Stack-Based Buffer Overflow via Playlist File
Stack-based buffer overflow in Nokia Multimedia Player 1.00.55.5010, and possibly other versions, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long entry in a playlist (.npl) file.
by Carlos Mario Penagos Hollmann
Solar FTP Server 2.1.1 - 'PASV' Remote Buffer Overflow
by John Leitch
LotusCMS Fraise 3.0 - Path Traversal and Arbitrary Local File Inclusion via System Parameter
Directory traversal vulnerability in core/lib/router.php in LotusCMS Fraise 3.0, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via the system parameter to index.php.
by mr_me
WellinTech KingView 6.53 - Remote Code Execution via Long TCP Request to Port 777
Heap-based buffer overflow in HistorySvr.exe in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a long request to TCP port 777.
by Dillon Beresford
IrfanView 4.28 - Multiple Denial of Service Vulnerabilities
by BraniX
Winamp 5.5.8 (in_mod plugin) - Local Stack Overflow (SEH)
by fdiskyou
VideoSpirit Lite and Pro <= 1.68 - Buffer Overflow via Project File valitem Attribute
Buffer overflow in VideoSpirit Pro 1.6.8.1, 1.68, and earlier; and VideoSpirit Lite 1.4.0.1 and possibly other versions; allows user-assisted remote attackers to execute arbitrary code via a VideoSpirit project (.visprj) file containing a valitem element with a long "value" attribute, as demonstrated using a valitem with the mp3 name.
by xsploitedsec
BS.Player Free and Pro Editions < 2.57 (build 1051) - Buffer Overflow via M3U Playlist Import
BS.Player version 2.57 (build 1051) contains a vulnerability in its playlist import functionality. When processing .m3u files, the application fails to properly validate the length of playlist entries, resulting in a buffer overflow condition. This flaw occurs during parsing of long URLs embedded in the playlist, allowing overwrite of Structured Exception Handler (SEH) records. The vulnerability is triggered upon opening a crafted playlist file and affects the Unicode parsing logic in the Windows client.
by C4SS!0 G0M3S
Concrete CMS 5.4.1.1 - Cross-Site Scripting / Remote Code Execution
by mr_me
Music Animation Machine MIDI Player 2006aug19 Release 035 - Stack-Based Buffer Overflow via Long Line in .mamx File
Stack-based buffer overflow in Music Animation Machine MIDI Player 2006aug19 Release 035 and possibly other versions allows user-assisted remote attackers to execute arbitrary code via a long line in a .mamx file.
by Acidgen
Xynph FTP Server 1.0 - USER Denial of Service
by freak_out
Music Animation Machine MIDI Player 2006aug19 Release 035 - Denial of Service via Long Line in MIDI File
Music Animation Machine MIDI Player 2006aug19 Release 035 and possibly other versions allows user-assisted remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a long line in a MIDI (.mid) file.
by c0d3R'Z
Wireshark - Buffer Overflow in ENTTEC DMX Packet Dissector
Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression.
by non-customers crew
CoolPlayer 2.18 - Stack-Based Buffer Overflow via Crafted m3u File
Stack-based buffer overflow in CoolPlayer 2.18, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a crafted m3u file.
by blake
Digital Music Pad 8.2.3.4.8 - '.pls' Local Overflow (SEH)
by Abhishek Lyall
Typsoft FTP Server < 1.11 - Denial of Service via Multiple RETR Commands
Typsoft FTP Server 1.11, with "Sub Directory Include" enabled, allows remote attackers to cause a denial of service (crash) by sending multiple RETR commands. NOTE: it was later reported that 1.10 is also affected.
by emgent
QuickTime Picture Viewer 7.6.6 JP2000 - Denial of Service
by BraniX
IrfanView 4.27 - 'JP2000.dll' plugin Denial of Service
by BraniX
Mongoose 2.11 - 'Content-Length' HTTP Header Remote Denial of Service
by JohnLeitch
Kolibri 2.0 - Remote Code Execution via Long URI in HEAD Request
Stack-based buffer overflow in Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a HEAD request.
by TheLeader
Microsoft Internet Information Services FTP Service 7.0-7.5 - Remote Code Execution via Crafted FTP Command
Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka "IIS FTP Service Heap Buffer Overrun Vulnerability." NOTE: some of these details are obtained from third party information.
by Matthew Bergin
By Source