Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python 3.0 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2011-1015
The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote malicious users to read script source code via an HTTP GET request that lacks a / (slash) character at the beginning of the URI.
Python Python 3.0
169
VMScore
CVE-2011-4944
Python 2.6 up to and including 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file.
Python Python 2.6.2
Python Python 2.6.5
Python Python 2.7.2
Python Python 2.7.1
Python Python 3.2
Python Python 2.6.2150
Python Python 2.6.6
Python Python 2.6.4
Python Python 2.7.2150
Python Python 3.0.1
Python Python 3.0
Python Python 2.6.7
Python Python 2.6.8
Python Python 2.6.1
Python Python 2.6.3
Python Python 2.7.1150
Python Python 3.1.2
Python Python 3.1.1
Python Python 3.1.4
Python Python 3.1.3
Python Python 2.6.6150
Python Python 3.1.2150
384
VMScore
CVE-2016-5699
CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) prior to 2.7.10 and 3.x prior to 3.4.4 allows remote malicious users to inject arbitrary HTTP headers via CRLF sequences in a URL.
Python Python
Python Python 3.1.1
Python Python 3.3.2
Python Python 3.0
Python Python 3.0.1
Python Python 3.2.2
Python Python 3.1.0
Python Python 3.2.5
Python Python 3.1.5
Python Python 3.3.6
Python Python 3.4.0
Python Python 3.2.1
Python Python 3.2.0
Python Python 3.3.1
Python Python 3.4.3
Python Python 3.1.2
Python Python 3.3.4
Python Python 3.3.5
Python Python 3.2.3
Python Python 3.2.6
Python Python 3.3.0
Python Python 3.4.2
3 Github repositories
383
VMScore
CVE-2013-7040
Python 2.7 prior to 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the ability to trigger hash collisions predictably and makes it easier for context-dependent malicious users to cause a denial ...
Apple Mac Os X
Python Python 3.3.2
Python Python 3.3.3
Python Python 3.2
Python Python 3.2.5
Python Python 3.1
Python Python 3.0.1
Python Python 2.7.1
Python Python 2.7.5
Python Python 2.7.6
Python Python 3.3
Python Python 3.3.4
Python Python 3.2.0
Python Python 3.2.1
Python Python 3.1.1
Python Python 3.1.2
Python Python 2.7.1150
Python Python 2.7.7
Python Python 3.3.0
Python Python 3.3.5
Python Python 3.2.2
Python Python 3.2.2150
1 Github repository
570
VMScore
CVE-2011-1521
The urllib and urllib2 modules in Python 2.x prior to 2.7.2 and 3.x prior to 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote malicious users to obtain sensitive information or cause a denial of service (resource consumption)...
Python Python 2.5.2
Python Python 2.1.2
Python Python 2.3.3
Python Python 2.4.4
Python Python 2.4.2
Python Python 2.5.4
Python Python 2.4.6
Python Python 2.6.7
Python Python 2.3.2
Python Python 2.3.1
Python Python 2.4.3
Python Python 2.3.5
Python Python 2.5.1
Python Python 2.3.7
Python Python 2.1.3
Python Python 2.1
Python Python 2.2.1
Python Python 2.2.2
Python Python 2.2.3
Python Python 2.4.1
Python Python 2.0.1
Python Python 2.6.6
445
VMScore
CVE-2012-0845
SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python prior to 2.6.8, 2.7.x prior to 2.7.3, 3.x prior to 3.1.5, and 3.2.x prior to 3.2.3 allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smal...
Python Python 2.6.4
Python Python 2.6.3
Python Python 2.6.2150
Python Python 2.5.2
Python Python 2.5.1
Python Python 2.4.6
Python Python 2.6.6
Python Python 2.6.5
Python Python 2.5.3
Python Python 2.5.6
Python Python 2.4.4
Python Python 2.4.2
Python Python 2.3.2
Python Python 2.3.1
Python Python 2.3.7
Python Python 2.1.3
Python Python 2.1
Python Python 1.3
Python Python 0.9.1
Python Python
Python Python 2.6.6150
Python Python 2.5.150
446
VMScore
CVE-2012-1150
Python prior to 2.6.8, 2.7.x prior to 2.7.3, 3.x prior to 3.1.5, and 3.2.x prior to 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via...
Python Python 2.6.6
Python Python 2.6.5
Python Python 2.5.3
Python Python 2.5.6
Python Python 2.4.4
Python Python 2.4.2
Python Python 2.3.2
Python Python 2.3.1
Python Python
Python Python 2.6.6150
Python Python 2.5.150
Python Python 2.4.3
Python Python 2.3.3
Python Python 2.1.1
Python Python 2.1.2
Python Python 1.5.2
Python Python 1.2
Python Python 2.6.4
Python Python 2.6.3
Python Python 2.5.2
Python Python 2.5.1
Python Python 2.4.6
2 Github repositories
445
VMScore
CVE-2003-0973
Unknown vulnerability in mod_python 3.0.x prior to 3.0.4, and 2.7.x prior to 2.7.9, allows remote malicious users to cause a denial of service (httpd crash) via a certain query string.
Apache Mod Python 2.7.2
Apache Mod Python 2.7.3
Apache Mod Python 3.0.2
Apache Mod Python 3.0.3
Apache Mod Python 2.7
Apache Mod Python 2.7.1
Apache Mod Python 3.0
Apache Mod Python 3.0.1
Apache Mod Python 2.7.4
Apache Mod Python 2.7.5
Apache Mod Python 2.7.6
Apache Mod Python 2.7.7
Apache Mod Python 2.7.8
570
VMScore
CVE-2019-14859
A flaw was found in all python-ecdsa versions prior to 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker coul...
Python-ecdsa Project Python-ecdsa
Redhat Ceph Storage 2.0
Redhat Ceph Storage 3.0
Redhat Openstack 10
Redhat Openstack 13
Redhat Openstack 14
Redhat Openstack 15
Redhat Virtualization 4.0
187
VMScore
CVE-2017-3590
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 2.1.5 and previous versions. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure whe...
Oracle Connector\\/python
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »