Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python 3.3.3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-1752
Rejected reason: Various versions of Python do not properly restrict readline calls, which allows remote malicious users to cause a denial of service (memory consumption) via a long string, related to (1) httplib - fixed in 2.7.4, 2.6.9, and 3.3.3; (2) ftplib - fixed in 2.7.6, 2....
6.5
CVSSv3
CVE-2017-1000483
Accessing private content via str.format in through-the-web templates and scripts in Plone 2.5-5.1rc1. This improves an earlier hotfix. Since the format method was introduced in Python 2.6, this part of the hotfix is only relevant for Plone 4 and 5.
Plone Plone 5.0.6
Plone Plone 5.0.5
Plone Plone 5.0.4
Plone Plone 5.0.3
Plone Plone 5.0.2
Plone Plone 4.3.4
Plone Plone 4.3.3
Plone Plone 4.3.2
Plone Plone 4.3.1
Plone Plone 4.1.2
Plone Plone 4.1.1
Plone Plone 4.1
Plone Plone 4.0.10
Plone Plone 3.3.2
Plone Plone 3.3.1
Plone Plone 3.3
Plone Plone 2.5.5
Plone Plone 5.1
Plone Plone 4.3.12
Plone Plone 4.3.11
Plone Plone 4.3.10
Plone Plone 4.3.9
6.1
CVSSv3
CVE-2016-5699
CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) prior to 2.7.10 and 3.x prior to 3.4.4 allows remote malicious users to inject arbitrary HTTP headers via CRLF sequences in a URL.
Python Python
Python Python 3.1.1
Python Python 3.3.2
Python Python 3.0
Python Python 3.0.1
Python Python 3.2.2
Python Python 3.1.0
Python Python 3.2.5
Python Python 3.1.5
Python Python 3.3.6
Python Python 3.4.0
Python Python 3.2.1
Python Python 3.2.0
Python Python 3.3.1
Python Python 3.4.3
Python Python 3.1.2
Python Python 3.3.4
Python Python 3.3.5
Python Python 3.2.3
Python Python 3.2.6
Python Python 3.3.0
Python Python 3.4.2
3 Github repositories
NA
CVE-2014-2667
Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 up to and including 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to bypass intended file permissions by leveraging a separate application vulnerability before th...
Python Python 3.2.6
Python Python 3.3.0
Python Python 3.4.0
Python Python 3.4.1
Python Python 3.2.0
Python Python 3.2.1
Python Python 3.3.1
Python Python 3.3.2
Python Python 3.4.2
Python Python 3.2.4
Python Python 3.2.5
Python Python 3.3.5
Python Python 3.3.6
Python Python 3.2.2
Python Python 3.2.3
Python Python 3.3.3
Python Python 3.3.4
NA
CVE-2012-5493
gtbn.py in Plone prior to 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain permissions to bypass the Python sandbox and execute arbitrary Python code via unspecified vectors.
Plone Plone 4.3
Plone Plone
Plone Plone 4.2.1
Plone Plone 4.2.1.1
Plone Plone 4.0.6.1
Plone Plone 4.0.5
Plone Plone 4.0.4
Plone Plone 4.0.3
Plone Plone 3.1.7
Plone Plone 3.1.6
Plone Plone 3.1.5.1
Plone Plone 3.1.4
Plone Plone 2.5.3
Plone Plone 4.2
Plone Plone 3.3.4
Plone Plone 3.3.3
Plone Plone 3.3.2
Plone Plone 3.3.1
Plone Plone 3.3
Plone Plone 3.0.6
Plone Plone 3.0.5
Plone Plone 3.0.4
NA
CVE-2012-5495
python_scripts.py in Plone prior to 4.2.3 and 4.3 before beta 1 allows remote malicious users to execute Python code via a crafted URL, related to "go_back."
Plone Plone 4.2
Plone Plone 3.3.3
Plone Plone 3.3.2
Plone Plone 3.3.1
Plone Plone 3.3
Plone Plone 3.0.6
Plone Plone 3.0.5
Plone Plone 3.0.4
Plone Plone 3.0.3
Plone Plone 2.1
Plone Plone 2.0.5
Plone Plone 2.0.4
Plone Plone 2.0.3
Plone Plone 4.1.6
Plone Plone 4.1.4
Plone Plone 4.0.1
Plone Plone 3.3.5
Plone Plone 3.2.2
Plone Plone 3.2
Plone Plone 3.1.3
Plone Plone 3.1.1
Plone Plone 3.0.1
NA
CVE-2012-5485
registerConfiglet.py in Plone prior to 4.2.3 and 4.3 before beta 1 allows remote malicious users to execute Python code via unspecified vectors, related to the admin interface.
Plone Plone 3.3
Plone Plone 1.0
Plone Plone 4.2
Plone Plone 4.0.5
Plone Plone 3.0.1
Plone Plone 1.0.3
Plone Plone 3.0
Plone Plone 3.2.3
Plone Plone 3.1.4
Plone Plone 3.1.5.1
Plone Plone 4.2.0.1
Plone Plone 2.1.4
Plone Plone 4.0.2
Plone Plone 4.2.1.1
Plone Plone 3.3.5
Plone Plone 3.0.6
Plone Plone 2.5.4
Plone Plone 3.2
Plone Plone 3.1.1
Plone Plone 4.3
Plone Plone 2.1.1
Plone Plone 3.3.4
NA
CVE-2012-5488
python_scripts.py in Plone prior to 4.2.3 and 4.3 before beta 1 allows remote malicious users to execute Python code via a crafted URL, related to createObject.
Plone Plone 3.3
Plone Plone 1.0
Plone Plone 4.2
Plone Plone 4.0.5
Plone Plone 3.0.1
Plone Plone 1.0.3
Plone Plone 3.0
Plone Plone 3.2.3
Plone Plone 3.1.4
Plone Plone 3.1.5.1
Plone Plone 4.2.0.1
Plone Plone 2.1.4
Plone Plone 4.0.2
Plone Plone 4.2.1.1
Plone Plone 3.3.5
Plone Plone 3.0.6
Plone Plone 2.5.4
Plone Plone 3.2
Plone Plone 3.1.1
Plone Plone 4.3
Plone Plone 2.1.1
Plone Plone 3.3.4
NA
CVE-2012-5487
The sandbox whitelisting function (allowmodule.py) in Plone prior to 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain privileges to bypass the Python sandbox restriction and execute arbitrary Python code via vectors related to importing.
Plone Plone 1.0
Plone Plone 1.0.1
Plone Plone 1.0.2
Plone Plone 2.1.2
Plone Plone 2.1.3
Plone Plone 2.1.4
Plone Plone 2.5
Plone Plone 3.1.1
Plone Plone 3.1.2
Plone Plone 3.1.3
Plone Plone 3.1.4
Plone Plone 4.0
Plone Plone 4.0.1
Plone Plone 4.0.2
Plone Plone 4.0.3
Plone Plone 4.2
Plone Plone 4.2.0.1
Plone Plone 4.2.1.1
Plone Plone 4.2.1
Plone Plone 2.0
Plone Plone 2.0.1
Plone Plone 2.0.2
NA
CVE-2013-7040
Python 2.7 prior to 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the ability to trigger hash collisions predictably and makes it easier for context-dependent malicious users to cause a denial ...
Apple Mac Os X
Python Python 3.3.2
Python Python 3.3.3
Python Python 3.2
Python Python 3.2.5
Python Python 3.1
Python Python 3.0.1
Python Python 2.7.1
Python Python 2.7.5
Python Python 2.7.6
Python Python 3.3
Python Python 3.3.4
Python Python 3.2.0
Python Python 3.2.1
Python Python 3.1.1
Python Python 3.1.2
Python Python 2.7.1150
Python Python 2.7.7
Python Python 3.3.0
Python Python 3.3.5
Python Python 3.2.2
Python Python 3.2.2150
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »