Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-35548
A SQL injection vulnerability in Mybatis plus versions below 3.5.6 allows remote malicious users to obtain database information via a Boolean blind injection. NOTE: the vendor's position is that this can only occur in a misconfigured application; the documentation discusses ...
2 Github repositories
NA
CVE-2024-5084
π HashForm Exploit Script This script demonstrates the exploitation of CVE-2024-5084, a vulnerability in the Hash Form plugin for WordPress, which allows unauthenticated arbitrary file upload leading to remote code execution. π Vulnerability Details Name: CVE-2024-5084 Descripti...
1 Github repository
NA
CVE-2024-36105
dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. Prior to versions 1.6.15, 1.7.15, and 1.8.1, Binding to `INADDR_ANY (0.0.0.0)` or `IN6ADDR_ANY (::)` exposes an application on all network i...
NA
CVE-2024-99999
whatsthetalk.eu Research in API security If you want to lead, just find the API key. Powered by wtt wtt is a simple command line "ChatGPT". It is a wrapper around google.generativeai that accepts variable number of string and/or file path arguments. It concatenates them...
1 Github repository
NA
CVE-2024-35059
An issue in the Pickle Python library of NASA AIT-Core v2.5.2 allows malicious users to execute arbitrary commands.
NA
CVE-2024-35060
An issue in the YAML Python library of NASA AIT-Core v2.5.2 allows malicious users to execute arbitrary commands via supplying a crafted YAML file.
NA
CVE-2024-36039
PyMySQL up to and including 1.1.0 allows SQL injection if used with untrusted JSON input because keys are not escaped by escape_dict.
NA
CVE-2021-47274
In the Linux kernel, the following vulnerability has been resolved: tracing: Correct the length check which causes memory corruption We've suffered from severe kernel crashes due to memory corruption on our production environment, like, Call Trace: [1640542.554277] general p...
NA
CVE-2024-34083
aiosmptd is a reimplementation of the Python stdlib smtpd.py based on asyncio. Prior to version 1.4.6, servers based on aiosmtpd accept extra unencrypted commands after STARTTLS, treating them as if they came from inside the encrypted connection. This could be exploited by a man-...
NA
CVE-2024-3126
A command injection vulnerability exists in the 'run_xtts_api_server' function of the parisneo/lollms-webui application, specifically within the 'lollms_xtts.py' script. The vulnerability arises due to the improper neutralization of special elements used in an...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
open redirect
CVE-2024-3946
LFI
CVE-2024-25977
CVE-2024-36368
CVE-2024-23109
CVE-2024-23580
CVE-2024-23108
Vulnerability Notification Service
You donβt have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »