Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-1119
os._execvpe from os.py in Python 2.2.1 and previous versions creates temporary files with predictable names, which could allow local users to execute arbitrary code via a symlink attack.
Python Python
NA
CVE-2008-3143
Multiple integer overflows in Python prior to 2.5.2 might allow context-dependent malicious users to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9)...
Python Python
NA
CVE-2008-3144
Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and previous versions allow context-dependent malicious users to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to string formatting ...
Python Python
NA
CVE-2010-3492
The asyncore module in Python prior to 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote...
Python Python
NA
CVE-2007-4965
Multiple integer overflows in the imageop module in Python 2.5.1 and previous versions allow context-dependent malicious users to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) the tovideo met...
Python Python
1 EDB exploit
8.8
CVSSv3
CVE-2017-17522
Lib/webbrowser.py in Python up to and including 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote malicious users to conduct argument-injection attacks via a crafted URL. NOTE: a software maintaine...
Python Python
7.5
CVSSv3
CVE-2023-36632
The legacy email.utils.parseaddr function in Python up to and including 3.11.4 allows malicious users to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argument is plausibly an untrusted value from a...
Python Python
NA
CVE-2007-4559
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote malicious users to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.
Python Python
7 Github repositories
1 Article
5.5
CVSSv3
CVE-2020-8315
In Python (CPython) 3.6 up to and including 3.6.10, 3.7 up to and including 3.7.6, and 3.8 up to and including 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the...
Python Python
NA
CVE-2008-4864
Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 up to and including 2.5.1 allow context-dependent malicious users to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to ...
Python Python
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
logic flaw
CVE-2024-23692
CVE-2024-26229
CVE-2024-35255
CVE-2024-5835
CVE-2024-5837
XML external entity
dos
CVE-2024-5813
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »