Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python 2.6.2 vulnerabilities and exploits
(subscribe to this query)
7.6
CVSSv3
CVE-2015-20107
In Python (aka CPython) up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow malicious users to inject shell commands into applications that call mailcap.findmatch with untrusted input (if they lack va...
Python Python
Netapp Snapcenter -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
2 Github repositories
7.5
CVSSv3
CVE-2022-0391
A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n'...
Python Python 3.10.0
Python Python
Netapp Ontap Select Deploy Administration Utility -
Netapp Hci -
Netapp Hci Compute Node -
Netapp Management Services For Element Software -
Netapp Solidfire, Enterprise Sds & Hci Storage Node -
Netapp Active Iq Unified Manager -
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
9.8
CVSSv3
CVE-2017-0906
The Recurly Client Python Library prior to 2.0.5, 2.1.16, 2.2.22, 2.3.1, 2.4.5, 2.5.1, 2.6.2 is vulnerable to a Server-Side Request Forgery vulnerability in the "Resource.get" method that could result in compromise of API keys or other critical resources.
Recurly Recurly Client Python
Recurly Recurly Client Python 2.3.0
Recurly Recurly Client Python 2.5.0
Recurly Recurly Client Python 2.6.0
Recurly Recurly Client Python 2.6.1
5.5
CVSSv3
CVE-2016-3076
Heap-based buffer overflow in the j2k_encode_entry function in Pillow 2.5.0 up to and including 3.1.1 allows remote malicious users to cause a denial of service (memory corruption) via a crafted Jpeg2000 file.
Python Pillow 2.5.1
Python Pillow 3.0.0
Python Pillow 2.8.0
Python Pillow 2.6.1
Python Pillow 2.9.0
Python Pillow 2.8.2
Python Pillow 2.5.2
Python Pillow 2.6.0
Python Pillow 2.7.0
Python Pillow 2.6.2
Python Pillow 2.5.0
Python Pillow 3.1.0
Python Pillow 2.8.1
Python Pillow 2.5.3
2 Github repositories
NA
CVE-2012-1150
Python prior to 2.6.8, 2.7.x prior to 2.7.3, 3.x prior to 3.1.5, and 3.2.x prior to 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via...
Python Python 2.4.2
Python Python 2.5.1
Python Python 2.3.4
Python Python 2.6.6
Python Python 2.1
Python Python 2.0.1
Python Python 2.6.1
Python Python 2.3.1
Python Python 0.9.1
Python Python 2.1.2
Python Python 0.9.0
Python Python 1.6.1
Python Python 2.2.1
Python Python 2.5.4
Python Python 1.3
Python Python 2.6.3
Python Python 2.2.2
Python Python 2.1.1
Python Python 1.5.2
Python Python 2.6.2150
Python Python 2.3.3
Python Python 2.3.2
2 Github repositories
NA
CVE-2012-0845
SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python prior to 2.6.8, 2.7.x prior to 2.7.3, 3.x prior to 3.1.5, and 3.2.x prior to 3.2.3 allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smal...
Python Python 2.4.2
Python Python 2.5.1
Python Python 2.3.4
Python Python 2.6.6
Python Python 2.1
Python Python 2.0.1
Python Python 2.6.1
Python Python 2.3.1
Python Python 0.9.1
Python Python 2.1.2
Python Python 0.9.0
Python Python 1.6.1
Python Python 2.2.1
Python Python 2.5.4
Python Python 1.3
Python Python 2.6.3
Python Python 2.2.2
Python Python 2.1.1
Python Python 1.5.2
Python Python 2.6.2150
Python Python 2.3.3
Python Python 2.3.2
NA
CVE-2011-4944
Python 2.6 up to and including 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file.
Python Python 3.1
Python Python 3.1.1
Python Python 3.0
Python Python 2.6.6
Python Python 3.0.1
Python Python 2.7.1150
Python Python 2.6.1
Python Python 3.1.5
Python Python 2.6.3
Python Python 2.6.2150
Python Python 2.7.1
Python Python 3.1.2150
Python Python 3.1.2
Python Python 2.6.8
Python Python 2.6.7
Python Python 2.7.3
Python Python 2.6.4
Python Python 2.7.2
Python Python 2.6.6150
Python Python 3.2
Python Python 2.6.2
Python Python 2.7.2150
NA
CVE-2011-4940
The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python prior to 2.5.6c1, 2.6.x prior to 2.6.7 rc2, and 2.7.x prior to 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote malicious users to conduc...
Python Python 2.4.2
Python Python 2.5.1
Python Python 2.3.4
Python Python 2.0.1
Python Python 2.3.1
Python Python 0.9.1
Python Python 2.1.2
Python Python 0.9.0
Python Python 1.6.1
Python Python 2.2.1
Python Python 2.5.4
Python Python 1.3
Python Python 2.2.2
Python Python 2.1.1
Python Python 1.5.2
Python Python 2.3.3
Python Python 2.3.2
Python Python 1.6
Python Python 1.2
Python Python 2.4.6
Python Python 2.2.3
Python Python 2.5.2
NA
CVE-2005-0088
The publisher handler for mod_python 2.7.8 and previous versions allows remote malicious users to obtain access to restricted objects via a crafted URL.
Apache Mod Python 2.1
Apache Mod Python 2.7.3
Apache Mod Python 2.7.4
Apache Mod Python 2.2
Apache Mod Python
Apache Mod Python 2.7.6
Apache Mod Python 2.4
Apache Mod Python 2.4.1
Apache Mod Python 2.0
Apache Mod Python 2.6.3
Apache Mod Python 2.7.1
Apache Mod Python 2.6.2
Apache Mod Python 2.7.2
Apache Mod Python 2.7
Apache Mod Python 1.9a
Apache Mod Python 2.7.5
Apache Mod Python 2.6.1
Apache Mod Python 2.6.4
Apache Mod Python 2.5
Apache Mod Python 2.7.7
Apache Mod Python 2.3
Apache Mod Python 2.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started