Python Exploits
6,700 exploits tracked across all sources.
Speed Commander 13.10 - '.zip' Memory Corruption
by TecR0c
tweakfs_zip_utility 1.0 - Stack-Based Buffer Overflow via Long Filename in ZIP Archive
Stack-based buffer overflow in Create and Extract Zips TweakFS Zip Utility 1.0 for Flight Simulator X (FSX) allows remote attackers to execute arbitrary code via a long filename in a ZIP archive.
by corelanc0d3r
RealNetworks Helix Server < 13.1.1 - Remote Code Execution via Buffer Overflow
Stack-based buffer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Server and Helix Mobile Server 11.x through 13.x and other products, allows remote attackers to execute arbitrary code via unspecified vectors.
by ZSploit.com
Windows 7 and Windows Server 2008 - Remote Code Execution via Crafted SMB Response Packet
The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly handle (1) SMBv1 and (2) SMBv2 response packets, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted packet that causes the client to read the entirety of the response, and then improperly interact with the Winsock Kernel (WSK), aka "SMB Client Message Size Vulnerability."
by laurent gaffie
Windows 7 and Server 2008 - Remote Code Execution via SMB Negotiate Response Race Condition
Race condition in the SMB client implementation in Microsoft Windows Server 2008 R2 and Windows 7 allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code, and in the SMB client implementation in Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows local users to gain privileges, via a crafted SMB Negotiate response, aka "SMB Client Race Condition Vulnerability."
by laurent gaffie
RPM Select/Elite 5.0 - '.xml Configuration parsing' Unicode Buffer Overflow (PoC)
by mr_me
MovieLibrary 1.4.401 - '.dmv' Local Denial of Service
by anonymous
Mocha W32 LPD 1.9 - Stack-Based Buffer Overflow via Receive Jobs Request
Stack-based buffer overflow in lpd.exe in Mocha W32 LPD 1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted "recieve jobs" request. NOTE: some of these details are obtained from third party information.
by mr_me
Book Library 1.4.162 - '.bkd' Local Denial of Service
by anonymous
aircrack-ng < 1.1 - Heap-Based Buffer Overflow via EAPOL Packet
Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) large length value in an EAPOL packet or (2) long EAPOL packet.
by Lukas Lueg
Elite Gaming Ladders <3.5 - SQL Injection
SQL injection vulnerability in matchdb.php in Elite Gaming Ladders 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the match parameter.
by Easy Laster
Tembria Server Monitor <5.6.1 - Buffer Overflow
Multiple stack-based buffer overflows in Tembria Server Monitor before 5.6.1 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted (1) GET, (2) PUT, or (3) HEAD request, as demonstrated by a malformed GET request containing a long PATH_INFO to index.asp.
by Lincoln
Linux kernel <2.6.33.2 - Privilege Escalation
The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under .reiserfs_priv/xattrs/.
by Jon Oberheide
ZipCentral < 4.01 - Stack-based Buffer Overflow via Long Filename in ZIP Archive
Stack-based buffer overflow in ZipCentral 4.01 allows remote user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename.
by TecR0c
WM Downloader 3.0.0.9 - '.asx' Local Buffer Overflow
by b0telh0
Open Direct Connect Hub 0.8.1 - Authenticated Stack-Based Buffer Overflow via MyINFO Message
Stack-based buffer overflow in Open Direct Connect Hub (aka Open DC Hub or OpenDCHub) 0.8.1 allows remote authenticated users to execute arbitrary code via a long MyINFO message.
by Pierre Nogues
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Heap-based buffer overflow in OvWebHelp.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Topic parameter.
by S2 Crew
Mini-stream ASX to MP3 Converter 3.0.0.7 - Stack-based Buffer Overflow via Long rtsp URL or HREF Attribute
Multiple stack-based buffer overflows in Mini-stream ASX to MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. NOTE: the latter was also subsequently reported in "prior to 3.1.3.7."
by b0telh0
RM Downloader 3.0.2.1 - '.asx' Local Buffer Overflow (SEH)
by b0telh0
By Source