Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

27 matches found

0day.today
0day.todayadded 2009/11/12 12:0 a.m.37 views

Expat 2.0.1 UTF-8 Character XML Parsing Remote DOS Vulnerability

Exploit for unknown platform in category dos / poc ============================================================================== Expat 2.0.1 UTF-8 Character XML Parsing Remote Denial of Service Vulnerability ============================================================================== Title:...

7AI score
Exploits0
Exploit DB
Exploit DBadded 2009/11/12 12:0 a.m.42 views

Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service

Bugtraq ID: 36097 Class: Input Validation Error Published: Jan 17 2009 12:00AM Updated: Nov 12 2009 08:06PM Credit: Peter Valchev Vulnerable: SuSE openSUSE 11.0 SuSE openSUSE 10.3 SuSE Linux 9 SuSE Linux 11 SuSE Linux 10.0 RedHat Fedora 11 RedHat Fedora 10 RedHat Enterprise Linux WS 4 RedHat...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2009/11/12 12:0 a.m.23 views

Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service

Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service Bugtraq ID: 36097 Class: Input Validation Error Published: Jan 17 2009 12:00AM Updated: Nov 12 2009 08:06PM Credit: Peter Valchev Vulnerable: SuSE openSUSE 11.0 SuSE openSUSE 10.3 SuSE Linux 9 SuSE Linux 11 SuSE Linux 10.0 RedHat...

0.1AI score
Exploits0
seebug.org
seebug.orgadded 2008/04/14 12:0 a.m.14 views

Python stringobject.c多个远程溢出漏洞

BUGTRAQ ID: 28749 Python是一种开放源代码的脚本编程语言。 Python的核心API提供了多个用于分配字符串对象的函数,其中一个API调用允许分配或重新分配PyStringObject,这个函数为PyStringFromStringAndSize,该函数获取了两个参数,分别为一个指针和一个有符整数。如果指针非空的话,就会将指向该指针的内存重新分配为第二个参数所指定的大小;如果指针为空,就会分配整数所指定的字节数并返回。 在这个操作期间,没有验证第二个参数是否为负数,而该值与PyStringObject的大小相加并用作了分配函数的长度,可能导致错误的内存分配。...

6.9AI score
Exploits0
seebug.org
seebug.orgadded 2008/04/13 12:0 a.m.12 views

Python zlib模块远程溢出漏洞

BUGTRAQ ID: 28715 Python是一种开放源代码的脚本编程语言。 Python的zlib扩展模块中用于flush解压流的方式获取一个输入参数来确定应flush多少数据。这个参数是一个有符型整数,没有经过过滤检查,因此如果传送了负值的话就会导致错误的内存分配,然后有符型整数会被转换为无符整数,触发缓冲区溢出。 Python-2.5.2/Modules/zlibmodule.c: 761 PyDocSTRVARdecompflushdoc, 762 "flush length -- Return a string containing any remaining\n" 763...

6.8AI score
Exploits0
seebug.org
seebug.orgadded 2007/09/18 12:0 a.m.15 views

Python ImageOP模块多个整数溢出漏洞

BUGTRAQ ID: 25696 Python是一种开放源代码的脚本编程语言。 Python的imageop模块实现上存在堆溢出漏洞,本地攻击者可能利用此漏洞提升自己的权限。 Python的imageop模块的imageop.c和rbgimgmodule.c文件中存在整数溢出漏洞,最终会导致堆溢出。如果用户受骗打开了恶意的图形文件的话,就可能触发这些溢出,导致执行任意指令。有漏洞的代码段如下: static PyObject imageoptovideoPyObject self, PyObject args int maxx, maxy, x, y, len;...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2006/11/02 12:0 a.m.22 views

Python repr()函数远程指令执行漏洞

Python是一种开放源代码的强大功能的脚本编程语言。 Python的repr函数实现上存在漏洞,远程或本地攻击者可能利用此漏洞提升自己的权限。 Python的repr函数没有正确地处理UTF-32/UCS-4字符串。如果应用程序对任意不可信任的数据使用了repr的话,就可能导致以python应用程序的权限执行任意指令。 Python Software Foundation Python 2.4 Python Software Foundation Python 2.3 Ubuntu Linux 6.06 LTS Ubuntu Linux 5.10 Ubuntu Linux 5.04...

7AI score
Exploits0
Rows per page
Query Builder