Python Exploits
6,703 exploits tracked across all sources.
compface < 1.5.2 - Buffer Overflow via Long Declaration in .xbm File
Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to cause a denial of service (crash) via a long declaration in a .xbm file. NOTE: this issue only affects compface on distributions that used a certain patch.
by metalhoney
Apple iTunes < 8.2 - Remote Code Execution via Long itms: URL Component
Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon.
by ryujin
LightNEasy sql/no-db 2.2.x - System Configuration Disclosure
by StAkeR
Free Download Manager 2.5/3.0 - Control Server Remote Buffer Overflow
by His0k4
CUPS < 1.3.10 - Denial of Service via IPP Request with Consecutive UNSUPPORTED Tags
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler request with two consecutive IPP_TAG_UNSUPPORTED tags.
by Anibal Sacco
CVSS 7.5
ASP Football Pool 2.3 - Info Disclosure
ASP Football Pool 2.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for NFL.mdb.
by ByALBAYX
Soulseek 156 and 157 NS - Stack-Based Buffer Overflow via Long Search Query
Stack-based buffer overflow in Soulseek 156 and 157 NS allows remote attackers to execute arbitrary code via a long search query.
by His0k4
Slayer 2.4 - 'skin' Universal Buffer Overflow (SEH)
by SuNHouSe2
Nullsoft Winamp < 5.552 - Remote Code Execution via Crafted MAKI File
The Nullsoft Modern Skins Support module (gen_ff.dll) in Nullsoft Winamp before 5.552 allows remote attackers to execute arbitrary code via a crafted MAKI file, which triggers an incorrect sign extension, an integer overflow, and a stack-based buffer overflow.
by His0k4
Joomla com_casinobase, com_casino_blackjack, com_casino_videopoker 0.3.1 - SQL Injection via Itemid Parameter
SQL injection vulnerability in the (1) casinobase (com_casinobase), (2) casino_blackjack (com_casino_blackjack), and (3) casino_videopoker (com_casino_videopoker) components 0.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
by ByALBAYX
httpdx 0.5b - FTP Server (CWD) Remote Buffer Overflow (SEH)
by His0k4
httpdx 0.5b - FTP Server (USER) Remote Buffer Overflow (SEH)
by His0k4
Sonic Spot Audioactive Player 1.93b - Stack-based Buffer Overflow via Playlist File
Stack-based buffer overflow in Sonic Spot Audioactive Player 1.93b allows remote attackers to execute arbitrary code via a long string in a playlist file, as demonstrated by a long .mp3 URL in a .m3u file.
by His0k4
Mini-stream CastRipper 2.50.70 - Stack-based Buffer Overflow via Long Entry in .m3u File
Stack-based buffer overflow in Mini-stream CastRipper 2.50.70 allows remote attackers to execute arbitrary code via a long entry in a .m3u file, a different vector than CVE-2009-5137.
by Super Cristal
Microchip MPLAB IDE 8.30 - Stack-Based Buffer Overflow via Long .cof Pathname in .mcp File
Stack-based buffer overflow in Microchip MPLAB IDE 8.30 allows user-assisted remote attackers to execute arbitrary code via a long .cof pathname in a [TOOL_SETTINGS] section in a .mcp file, possibly a related issue to CVE-2009-1608.
by His0k4
ElectraSoft 32bit FTP 09.04.24 - Remote Code Execution via Long CWD Reply
Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long 257 reply to a CWD command.
by His0k4
ElectraSoft 32bit FTP 09.04.24 - Remote Code Execution via Long CWD Reply
Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long 257 reply to a CWD command.
by His0k4
ElectraSoft 32bit FTP 09.04.24 - Stack-based Buffer Overflow via Long FTP Banner
Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long banner. NOTE: this might overlap CVE-2003-1368.
by His0k4
IceWarp eMail Server < 9.4.2 - CRLF Injection via Forgot Password XML Subject
CRLF injection vulnerability in the Forgot Password implementation in server/webmail.php in IceWarp eMail Server and WebMail Server before 9.4.2 makes it easier for remote attackers to trick a user into disclosing credentials via CRLF sequences preceding a Reply-To header in the subject element of an XML document, as demonstrated by triggering an e-mail message from the server that contains a user's correct credentials, and requests that the user compose a reply that includes this message.
by RedTeam Pentesting GmbH
Quick 'n Easy Mail Server 3.3 - Denial of Service via Long SMTP Commands
Pablo Software Solutions Quick 'n Easy Mail Server 3.3 allows remote attackers to cause a denial of service (daemon outage or CPU consumption) via multiple long SMTP commands, as demonstrated by HELO commands.
by shinnai
Mini-stream RM Downloader - Buffer Overflow
Stack-based buffer overflow in Mini-stream RM Downloader allows remote attackers to execute arbitrary code via a long string in a .smi file.
by ThE g0bL!N
Mercury Audio Player 1.21 - Buffer Overflow
Stack-based buffer overflow in Mercury Audio Player 1.21 allows remote attackers to execute arbitrary code via a long string in a malformed playlist (.m3u) file.
by His0k4
By Source