966 matches found
GHSA-7HXC-MWX7-5HMC Plone Code Injection vulnerability
registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via unspecified vectors, related to the admin interface...
Plone Code Injection vulnerability
pythonscripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to createObject...
Django Tastypie Improper Deserialization of YAML Data
The fromyaml method in serializers.py in Django Tastypie before 0.9.10 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method...
GHSA-QGVW-QC2Q-GV5Q Django Tastypie Improper Deserialization of YAML Data
The fromyaml method in serializers.py in Django Tastypie before 0.9.10 does not properly deserialize YAML data, which allows remote attackers to execute arbitrary Python code via vectors related to the yaml.load method...
GHSA-58H8-44MG-R43X ReviewBoard and Djblets library are vulnerable to code execution
An eval vulnerability exists in Python Software Foundation Djblets version before 0.6.30 and 0.7.0 before 0.7.19 and Beanbag Review Board before 1.7.15 when parsing JSON requests allowing an attacker to execute arbitrary Python code...
Zope Object Database (ZODB) vulnerable to arbitrary Python code execution in ZEO storage servers
Unspecified vulnerability in Zope Object Database ZODB before 3.8.2, when certain Zope Enterprise Objects ZEO database sharing is enabled, allows remote attackers to execute arbitrary Python code via vectors involving the ZEO network protocol...
GHSA-HF26-VVMX-X8C8 Plone Arbitrary Code Execution via Unsafe Handling of Pickles
Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python code via network data containing pickled objects for the 1 statusmessages or 2 linkintegrity module, which the module unpickles and executes...
Py2Play Unpickles Untrusted Objects
Py2Play allows remote attackers to execute arbitrary Python code via pickled objects, which Py2Play unpickles and executes...
Karaoke Video Creator V2.5.6.3 Denial of Service Exploit
Exploit Title: Karaoke Video Creator V2.5.6.3 Denial of Service Exploit Date: 20.04.2022 Vendor Homepage:https://www.powerkaraoke.com Software Link: https://www.powerkaraoke.com/download/karaoke-video-creator-setup.exe?v=2.5.6.3 Exploit Author: Achilles Tested Version: V2.5.6.3 Tested on: Windows...
Audio Conversion Wizard V2.01 Denial of Service Exploit
Exploit Title: Audio Conversion Wizard V2.01 Denial of Service Exploit Date: 20.04.2022 Vendor Homepage:https://www.litexmedia.com Software Link: https://www.litexmedia.com/acwizard.exe Exploit Author: Achilles Tested Version: V2.01 Tested on: Windows 7 x64 1.- Run python code :Audio.py 2.- Open...
Fast CD Ripper V1.8rc1 Denial of Service Exploit
Exploit Title: Fast CD Ripper V1.8rc1 Denial of Service Exploit Date: 20.04.2022 Vendor Homepage:https://www.litexmedia.com Software Link: https://en.softonic.com/download/fast-cd-ripper/windows/post-download Exploit Author: Achilles Tested Version: V1.7-V1.8rc1 Tested on: Windows 7 x64 1.- Run...
Xlight FTP 3.9.3.2 Buffer Overflow Exploit
Exploit Title: Xlight FTP v3.9.3.2 - Buffer Overflow SEH Egghunter + ROP Exploit Author: Hejap Zairy Software Link: http://www.xlightftpd.com/download/setup.exe Tested Version: v3.9.3.22022-1-5 Tested on: Windows 10 64bit 1.- Run python code : 0day-HejapZairy.py 2.- Open 0dayHejap.txt and copy Al...
Audio Conversion Wizard v2.01 - Buffer Overflow Exploit
Exploit Title: Audio Conversion Wizard v2.01 - Buffer Overflow Exploit Author: Hejap Zairy Software Link: https://www.litexmedia.com/acwizard.exe Tested Version: v2.01 Tested on: Windows 10 64bit 1.- Run python code : 0day-HejapZairy.py 2.- Open 0dayHejap.txt and copy All content to Clipboard 3.-...
Cobian Backup 11 Gravity 11.2.0.582 Denial Of Service
Exploit Title: Cobian Backup 11 Gravity 11.2.0.582 - 'Password' Denial of Service PoC Discovery by: Luis Martinez Discovery Date: 2022-02-16 Vendor Homepage: https://www.cobiansoft.com/ Software Link: https://files.cobiansoft.com/programs/cbSetup.exe Tested Version: 11.2.0.582 Vulnerability Type:...
25 Malicious JavaScript Libraries Distributed via Official NPM Package Repository
Another batch of 25 malicious JavaScript libraries have made their way to the official NPM package registry with the goal of stealing Discord tokens and environment variables from compromised systems, more than two months after 17 similar packages were taken down. The libraries in question...
GHSA-6P56-WP2H-9HXR NumPy Buffer Overflow (Disputed)
A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArrayNewFromDescrint function of ctors.c when specifying arrays of large dimensions over 32 from Python code, which could let a malicious user cause a Denial of Service. NOTE: The vendor does not agree this is a vulnerability; In very...
CVE-2021-33430
A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArrayNewFromDescrint function of ctors.c when specifying arrays of large dimensions over 32 from Python code, which could let a malicious user cause a Denial of Service. NOTE: The vendor does not agree this is a vulneraility; In very...
CVE-2021-33430
CVE-2021-33430 affects NumPy 1.9.x: a buffer overflow in PyArray_NewFromDescr_int (ctors.c) when creating very large arrays (>32) could cause a Denial of Service. The issue is disputed by the vendor as a vulnerability in some reports, and exploitation is constrained to unlikely API conditions....
Kingdia CD Extractor 3.0.2 Buffer Overflow
Exploit Title: Kingdia CD Extractor 3.0.2 - Buffer Overflow SEH Date: 31.10.2021 Software Link: https://en.softonic.com/download/kingdia-cd-extractor/windows/post-download Exploit Author: Achilles Tested Version: 3.0.2 Tested on: Windows 7 64bit 1.- Run python code : Kingdia.py 2.- Open EVIL.txt...
YouTube Video Grabber 1.9.9.1 Buffer Overflow
Exploit Title: YouTube Video Grabber 1.9.9.1 - Buffer Overflow SEH Date: 01.11.2021 Software Link: https://www.litexmedia.com/ytgrabber.exe Exploit Author: Achilles Tested Version: 1.9.9.1 Tested on: Windows 7 64bit 1.- Run python code : YouTube.py 2.- Open EVIL.txt and copy All content to...