Python Exploits
6,700 exploits tracked across all sources.
Linux Kernel < 2.6.32-rc6 - Race Condition in Pipe Handling via /proc/*/fd/ Pathname
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.
by Matthew Bergin
CVSS 7.0
Konae Alleycode HTML Editor 2.21 - Stack-Based Buffer Overflow via TITLE Tag
Stack-based buffer overflow in the Meta Content Optimizer in Konae Technologies Alleycode HTML Editor 2.21 allows user-assisted remote attackers to execute arbitrary code via a long value in a TITLE tag.
by Dr_IDE
Adobe Acrobat and Reader < 9.1.3 - Remote Code Execution
Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.
by Felipe Andres Manzano
xp-AntiSpy 3.9.7-4 - '.xpas' File Buffer Overflow
by Dr_IDE
Gpg4win 2.0.1 - Denial of Service via Long Certificate Signature
gpg2.exe in Gpg4win 2.0.1, as used in KDE Kleopatra 2.0.11, allows remote attackers to cause a denial of service (application crash) via a long certificate signature.
by Dr_IDE
Joomla! Plugin JD-WordPress 2.0 RC2 - Remote File Inclusion
by Don Tukulesto
ZoIPer < 2.24 - Denial of Service via Empty Call-Info Header
ZoIPer 2.22, and possibly other versions before 2.24 Library 5324, allows remote attackers to cause a denial of service (crash) via a SIP INVITE request with an empty Call-Info header.
by Tomer Bitton
Free WMA MP3 Converter 1.1 - '.wav' Local Buffer Overflow
by KriPpLer
Ada Image Server 0.6.7 - 'imgsrv.exe' Remote Buffer Overflow
by blake
VMware Workstation/Player/ACE/Server DoS via Format String in Auth Daemon
VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, and VMware Server 2.x allows remote attackers to cause a denial of service (process crash) via a \x25\xFF sequence in the USER and PASS commands, related to a "format string DoS" issue. NOTE: some of these details are obtained from third party information.
by shinnai
Core FTP Server 1.0 build 304 - Denial of Service
by Dr_IDE
VideoLAN VLC Media Player 1.0.2 - 'smb://' URI Stack Overflow
by Dr_IDE
CuteFTP 8.3.3 - 'create new site' Local Buffer Overflow (PoC)
by Dr_IDE
Core FTP 2.1 build 1612 - Stack-based Buffer Overflow via Long Hostname in Site Backup File
Stack-based buffer overflow in Core FTP 2.1 build 1612 allows user-assisted remote attackers to execute arbitrary code via a long hostname in an FTP server entry in a site backup file. NOTE: some of these details are obtained from third party information.
by Dr_IDE
CDBurnerXP 4.2.4.1351 - Local Crash (Denial of Service)
by Dr_IDE
html2ps < 1.0b6 - Path Traversal via SSI Include File Directive
Directory traversal vulnerability in html2ps before 1.0b6 allows remote attackers to read arbitrary files via a .. (dot dot) in the "include file" SSI directive. NOTE: this issue only might be a vulnerability in limited scenarios, such as if html2ps is invoked by a web application, or if a user-assisted attacker provides filenames whose contents could cause a denial of service, such as certain devices.
by epiphant
BigAnt Server <2.50 SP6 - Buffer Overflow
Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item.
by Dr_IDE
cP Creator 2.7.1 - SQL Injection via Support Ticket Parameter
SQL injection vulnerability in index.php in cP Creator 2.7.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the tickets parameter in a support ticket action.
by Sina Yazdanmehr
BigAnt Server <2.50 SP6 - Buffer Overflow
Multiple buffer overflows in BigAnt Server 2.50 SP6 and earlier allow user-assisted remote attackers to cause a denial of service (application crash) via a crafted ZIP file that is not properly handled when the victim uses the (1) Update or (2) Plug-In console menu item.
by Dr_IDE
BigAnt IM Server 2.50 - Buffer Overflow
Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660.
by hack4love
BigAnt IM Server 2.50 - Buffer Overflow
Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660.
by blake
SAP Player 0.9 - '.pla' Universal Local Buffer Overflow (SEH)
by mr_me
VLC media player 0.5.0-0.9.5 - Stack-based Buffer Overflow via Invalid CUE Image File Header
Stack-based buffer overflow in VideoLAN VLC media player 0.5.0 through 0.9.5 might allow user-assisted attackers to execute arbitrary code via the header of an invalid CUE image file, related to modules/access/vcd/cdrom.c. NOTE: this identifier originally included an issue related to RealText, but that issue has been assigned a separate identifier, CVE-2008-5036.
by Dr_IDE
By Source