Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python 2.4.0 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2015-5082
Endian Firewall prior to 3.0 allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) NEW_PASSWORD_1 or (2) NEW_PASSWORD_2 parameter to cgi-bin/chpasswd.cgi.
Endian Firewall Endian Firewall
3 EDB exploits
9.3
CVSSv2
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1179 Github repositories
28 Articles
7.5
CVSSv2
CVE-2005-0089
The SimpleXMLRPCServer library module in Python 2.2, 2.3 prior to 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote malicious users to read or modify globals of the associated module,...
Python Python 2.4.0
Python Python
6.8
CVSSv2
CVE-2015-2296
The resolve_redirects function in sessions.py in requests 2.1.0 up to and including 2.5.3 allows remote malicious users to conduct session fixation attacks via a cookie without a host value in a redirect.
Mageia Project Mageia 4.0
Python Requests 2.1.0
Python Requests 2.2.1
Python Requests 2.3.0
Python Requests 2.4.1
Python Requests 2.4.3
Python Requests 2.5.0
Python Requests 2.5.1
Python Requests 2.5.2
Python Requests 2.4.0
Python Requests 2.4.2
Python Requests 2.5.3
Canonical Ubuntu Linux 14.10
Canonical Ubuntu Linux 14.04
6.8
CVSSv2
CVE-2007-4559
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote malicious users to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.
Python Python
7 Github repositories
1 Article
5.5
CVSSv2
CVE-2012-0215
model/modelstorage.py in the Tryton application framework (trytond) prior to 2.4.0 for Python does not properly restrict access to the Many2Many field in the relation model, which allows remote authenticated users to modify the privileges of arbitrary users via a (1) create, (2) ...
Tryton Trytond 2.0.5
Tryton Trytond 1.8.7
Tryton Trytond 1.4.13
Tryton Trytond 1.6.8
Tryton Trytond
5
CVSSv2
CVE-2021-26813
markdown2 >=1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. If an attacker provides a malicious string, it can make markdown2 processing difficult or delayed for an extended period of time.
Markdown2 Project Markdown2
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
5
CVSSv2
CVE-2007-2052
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent malicious users to read portions of memory via unknown manipulations that trigge...
Python Python 2.4.0
Python Python 2.5.0
1 EDB exploit
3.6
CVSSv2
CVE-2020-26268
In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor is not an integral type, the operation crashes the Python interpreter as it tries ...
Google Tensorflow
NA
CVE-2023-33175
ToUI is a Python package for creating user interfaces (websites and desktop apps) from HTML. ToUI is using Flask-Caching (SimpleCache) to store user variables. Websites that use `Website.user_vars` property. It affects versions 2.0.1 to 2.4.0. This issue has been patched in versi...
Toui Project Toui
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started