Python Exploits
6,700 exploits tracked across all sources.
VideoLAN VLC Media Player 1.0.3 (OSX/Linux) - RTSP Buffer Overflow (PoC)
by Dr_IDE
Ideal Administration 2009 <9.7.1 - Buffer Overflow
Stack-based buffer overflow in Ideal Administration 2009 9.7.1, and possibly other versions, allows remote attackers to execute arbitrary code via a long Computer value in an .ipj project file.
by Dr_IDE
Microsoft HTML Help Workshop <4.74 - Buffer Overflow
Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier allows context-dependent attackers to execute arbitrary code via a .hhp file with a long "Index file" field, possibly a related issue to CVE-2006-0564.
by Encrypt3d.M!nd
M3U To ASX-WPL 1.1 - '.m3u' Local Buffer Overflow
by Encrypt3d.M!nd
HTML Help Workshop 4.74 - hhp Universal Buffer Overflow
by Dz_attacker
Audacity < 1.3.6 - Stack-based Buffer Overflow in String_parse::get_nonspace_quoted
Stack-based buffer overflow in the String_parse::get_nonspace_quoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .gro file containing a long string.
by Encrypt3d.M!nd
Core FTP Server 1.0 Build 319 - Denial of Service
by Mert SARICA
CoreHTTP 0.5.3.1 - Denial of Service and Possible Remote Code Execution via Long HTTP Request First Line
Off-by-one error in src/http.c in CoreHTTP 0.5.3.1 and earlier allows remote attackers to cause a denial of service or possibly execute arbitrary code via an HTTP request with a long first line that triggers a buffer overflow. NOTE: this vulnerability reportedly exists because of an incorrect fix for CVE-2007-4060.
by Patroklos Argyroudis
XM Easy Professional FTP Server 5.8.0 - Denial of Service
by Mert SARICA
Millenium MP3 Studio <=2.0 - Buffer Overflow
Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls file that overwrites the Structured Exception Handler (SEH) and executes arbitrary code. Exploitation requires the victim to open the file locally, though remote execution may be possible if the .pls extension is registered to the application and opened via a browser.
by Molotov
PHP < 5.2.12 and 5.3.x < 5.3.1 - Denial of Service via Multipart Form Data Temporary File Exhaustion
PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive.
by Eren
Eureka Email 2.2q - Remote Code Execution via Long POP3 Error Message
Stack-based buffer overflow in Eureka Email 2.2q allows remote POP3 servers to execute arbitrary code via a long error message.
by Dr_IDE & dookie
Serenity Audio Player <3.2.3 - Buffer Overflow
Stack-based buffer overflow in the MplayInputFile function in Serenity Audio Player 3.2.3 and earlier allows remote attackers to execute arbitrary code via a long URL in an M3U file. NOTE: some of these details are obtained from third party information.
by Rick2600
PHP - MultiPart Form-Data Denial of Service (PoC)
by Bogdan Calin
AIMP2 Audio Converter < 2.53 - Stack-based Buffer Overflow via Long File1 Argument in Playlist File
Stack-based buffer overflow in AIMP2 Audio Converter 2.53 (build 330) and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long File1 argument in a (1) .pls or (2) .m3u playlist file.
by mr_me
Baby Web Server 2.7.2 - found Denial of Service
by Asheesh kumar Mani Tripathi
Home FTP Server 1.10.1.139 - Path Traversal
Multiple directory traversal vulnerabilities in Home FTP Server 1.10.1.139 allow remote authenticated users to (1) create arbitrary directories via directory traversal sequences in an MKD command or (2) create files with any contents in arbitrary directories via directory traversal sequences in a file upload request. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by zhangmc
CVSS 6.5
FtpXQ 3.0 - (Authenticated) Remote Denial of Service
by Marc Doudiet
Novell eDirectory 8.8 SP5 - iConsole Buffer Overflow
by ryujin
HP Power Manager - Stack-based Buffer Overflow via Login Variable
Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable.
by ryujin
Novell eDirectory 883ftf3 - nldap module Denial of Service
by ryujin
Home FTP Server 1.10.1.139 - Denial of Service via Invalid SITE INDEX Commands
Home FTP Server 1.10.1.139 allows remote attackers to cause a denial of service (daemon outage) via multiple invalid SITE INDEX commands.
by zhangmc
XM Easy Personal FTP Server 5.8.0 - DoS
XM Easy Personal FTP Server 5.8.0 allows remote authenticated users to cause a denial of service (crash) by uploading or creating a large number of files or directories, then performing a LIST command.
by zhangmc
Windows Vista and Server 2008 - Remote Code Execution via SMBv2 Negotiate Protocol Request
Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via an & (ampersand) character in a Process ID High header field in a NEGOTIATE PROTOCOL REQUEST packet, which triggers an attempted dereference of an out-of-bounds memory location, aka "SMBv2 Negotiation Vulnerability." NOTE: some of these details are obtained from third party information.
by laurent gaffie
By Source