Python Exploits
6,700 exploits tracked across all sources.
Mozilla Firefox <2.0.0.17 - Buffer Overflow
Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to execute arbitrary code via a crafted UTF-8 URL in a link.
by dmc
Tuniac 090517c - Buffer Overflow via .pls Playlist File1 Argument
Tuniac 090517c allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long File1 argument in a .pls playlist file, possibly a buffer overflow.
by zAx
DataWizard Technologies FtpXQ FTP Server 3.0 - Authenticated Denial of Service via Long ABOR Command
DataWizard Technologies FtpXQ FTP Server 3.0 allows remote authenticated users to cause a denial of service (crash) via a long ABOR command.
by PLATEN
Kolibri+ Web Server 2 - GET Remote Overwrite (SEH)
by blake
FreeRADIUS < 1.1.8 - Denial of Service via Zero-Length Tunnel-Password Attribute
The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes, as demonstrated by a certain module in VulnDisco Pack Professional 7.6 through 8.11. NOTE: this is a regression error related to CVE-2003-0967.
by Matthew Gillespie
KSP Sound Player 2009 R2 and R2.1 - Stack-Based Buffer Overflow via .m3u Playlist File
Stack-based buffer overflow in KSP Sound Player 2009 R2 and R2.1 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file.
by hack4love
Jgaa Warftpd - Format String Vulnerability
Format string vulnerability in War FTP Daemon (warftpd) 1.82 RC 12 allows remote authenticated users to cause a denial of service (crash) via format string specifiers in a LIST command.
by corelanc0d3r
jetAudio 7.5.5 plus vx - '.M3U'/'.ASX'/'.WAX'/'.WVX' Local Crash (PoC)
by Dr_IDE
INMATRIX Zoom Player Pro 6.0.0 - '.mid' Integer Overflow (PoC)
by Dr_IDE
Millenium MP3 Studio <=2.0 - Buffer Overflow
Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls file that overwrites the Structured Exception Handler (SEH) and executes arbitrary code. Exploitation requires the victim to open the file locally, though remote execution may be possible if the .pls extension is registered to the application and opened via a browser.
by hack4love
Alpha Centauri Software SIDVault <2.0f - RCE
Multiple buffer overflows in the login mechanism in sidvault in Alpha Centauri Software SIDVault LDAP Server before 2.0f allow remote attackers to execute arbitrary code via crafted LDAP packets, as demonstrated by a long dc entry in an LDAP bind.
by SkuLL-HackeR
FTPShell Client 4.1 RC2 - Remote Code Execution via Long PASV Response
Stack-based buffer overflow in FTPShell Client 4.1 RC2 allows remote FTP servers to execute arbitrary code via a long response to a PASV command.
by His0k4
Audio Lib Player - Stack-based Buffer Overflow via Long URL in .m3u Playlist File
Stack-based buffer overflow in Audio Lib Player (ALP) allows remote attackers to execute arbitrary code via a long URL in a .m3u playlist file.
by blake
Alpha Centauri Software SIDVault <2.0f - RCE
Multiple buffer overflows in the login mechanism in sidvault in Alpha Centauri Software SIDVault LDAP Server before 2.0f allow remote attackers to execute arbitrary code via crafted LDAP packets, as demonstrated by a long dc entry in an LDAP bind.
by blake
Adobe Acrobat Reader 7.0-7.1.1 - Remote Code Execution via Collab.getIcon Method
Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658.
by kralor
CVSS 8.8
Soritong MP3 Player 1.0 - Stack-Based Buffer Overflow via Crafted .m3u File
Stack-based buffer overflow in Sorinara Soritong MP3 Player 1.0 allows remote attackers to execute arbitrary code via a crafted .m3u file.
by hack4love
akPlayer 1.9.0 - Remote Code Execution via Long String in PLT Playlist File
Stack-based buffer overflow in akPlayer 1.9.0 allows remote attackers to execute arbitrary code via a long string in a .plt playlist file.
by TiGeR-Dz
AIMP2 Audio Converter < 2.53 - Stack-based Buffer Overflow via Long File1 Argument in Playlist File
Stack-based buffer overflow in AIMP2 Audio Converter 2.53 (build 330) and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long File1 argument in a (1) .pls or (2) .m3u playlist file.
by mr_me
Sorcerer Software MultiMedia Jukebox 4.0 - Buffer Overflow
Heap-based buffer overflow in Sorcerer Software MultiMedia Jukebox 4.0 Build 020124 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .m3u or possibly (2) .pst file.
by mr_me
BreakPoint Software Hex Workshop <6 - Buffer Overflow
Stack-based buffer overflow in BreakPoint Software Hex Workshop 4.23, 6.0.1.4603, and other 6.x and earlier versions allows remote attackers to execute arbitrary code via a crafted Intel Hex Code (.hex) file. NOTE: some of these details are obtained from third party information.
by hack4love
Programmed Integration PIPL 2.5.0 and 2.5.0D - Remote Code Execution via Long String in Playlist File
Multiple stack-based buffer overflows in xaudio.dll in Programmed Integration PIPL 2.5.0 and 2.5.0D allow remote attackers to execute arbitrary code via a long string in a (1) .pls or (2) .pl playlist file.
by mr_me
HTML Creator & Sender 2.3 build 697 - Local Buffer Overflow (SEH)
by Dr_IDE
uTorrent 1.8.3 - Buffer Overflow via Large String in Create Torrent Dialog
Buffer overflow in the "create torrent dialog" functionality in uTorrent 1.8.3 build 15772, and possibly other versions before 1.8.3 (Build 16010), allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a text file containing a large string. NOTE: some of these details are obtained from third party information.
by Dr_IDE
TFTPUtil GUI 1.3.0 - Remote Denial of Service
by ThE g0bL!N
By Source