Python Exploits
6,700 exploits tracked across all sources.
Easy FTP 1.7.0.11 - 'NLST' / 'NLST -al' / 'APPE' / 'RETR' / 'SIZE' / 'XCWD' Remote Buffer Overflow
by Rabih Mohsen
Rosoft Media Player 4.4.4 - Buffer Overflow (SEH) (PoC)
by anonymous
Mthree Development MP3 to WAV Decoder - Denial of Service
by Oh Yaw Theng
Microsoft XML Core Services 3.0 - Remote Code Execution via Crafted HTTP Response
Microsoft XML Core Services (aka MSXML) 3.0 does not properly handle HTTP responses, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted response, aka "Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption Vulnerability."
by Skylined
Microsoft Windows SMB Server - Remote Code Execution via Crafted SMB Packet
The SMB Server in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate fields in an SMB request, which allows remote attackers to execute arbitrary code via a crafted SMB packet, aka "SMB Pool Overflow Vulnerability."
by laurent gaffie
Fat Player 0.6b - Remote Code Execution via Long String in WAV File
Stack-based buffer overflow in Fat Player 0.6b allows remote attackers to execute arbitrary code via a long string in a .wav file. NOTE: some of these details are obtained from third party information.
by Praveen Darshanam
Visual MP3 Splitter & Joiner 6.1 - Denial of Service
by Oh Yaw Theng
Quintessential Media Player 5.0.121 - '.m3u' Buffer Overflow
by Abhishek Lyall
QQ Computer Manager - 'TSKsp.sys' Local Denial of Service
by Lufeng Li
Linux Kernel < 2.6.33.3 - Denial of Service via SCTPChunkInit Packet with Invalid Parameters
The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data.
by Jon Oberheide
Steinberg MyMP3Player <3.0.0.67 - Buffer Overflow
Steinberg MyMP3Player version 3.0 (build 3.0.0.67) is vulnerable to a stack-based buffer overflow when parsing .m3u playlist files. The application fails to properly validate the length of input data within the playlist, allowing a specially crafted file to overwrite critical memory structures and execute arbitrary code. This vulnerability can be exploited locally by convincing a user to open a malicious .m3u file.
by Oh Yaw Theng
MediaMonkey 3.2.1.1297 - Denial of Service (PoC)
by anonymous
Easy RM to MP3 Converter - Stack-based Buffer Overflow via Long Filename in Playlist File
Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary code via a long filename in a playlist (.pls) file.
by Oh Yaw Theng
Mini-stream RM-MP3 Converter/WMDownloader/ASX to MP3 Converter - Local Stack Buffer Overflow
by Praveen Darshanam
WM Downloader 3.1.2.2 - Buffer Overflow
WM Downloader version 3.1.2.2 is vulnerable to a buffer overflow when processing a specially crafted .m3u playlist file. The application fails to properly validate input length, allowing an attacker to overwrite structured exception handler (SEH) records and execute arbitrary code. Exploitation occurs locally when a user opens the malicious file, and the payload executes with the privileges of the current user.
by fdiskyou
UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow
by Karn Ganeshen & corelanc0d3r
QQPlayer 2.3.696.400p1 - '.smi' File Buffer Overflow
by Lufeng Li
QQPlayer - '.asx' File Processing Buffer Overflow
by Li Qingshan
EasyFTP Server <= 1.7.0.11 - Unauthenticated Stack-based Buffer Overflow via CWD Command
EasyFTP Server versions up to 1.7.0.11 contain a stack-based buffer overflow vulnerability in the FTP command parser. When processing the CWD (Change Working Directory) command, the server fails to properly validate the length of the input string, allowing attackers to overwrite memory on the stack. This flaw enables remote code execution without authentication, as EasyFTP allows anonymous access by default. The vulnerability was resolved in version 1.7.0.12, after which the product was renamed “UplusFtp.”
by fdiskyou
CVSS 9.8
Really Simple IM 1.3beta - Denial of Service (PoC)
by loneferret
EasyFTP Server 1.7.0.11 - 'MKD' (Authenticated) Remote Buffer Overflow
by Karn Ganeshen
EasyFTP Server 1.7.0.11 - 'LIST' (Authenticated) Remote Buffer Overflow
by Karn Ganeshen
Power/Personal FTP Server - RETR Denial of Service
by antrhacks
MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow
Stack-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted OBJ (0x5D) record, aka "Excel Object Stack Overflow Vulnerability."
by webDEViL
By Source