Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python 3.0 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2013-2167
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass
Openstack Python-keystoneclient
Redhat Openstack 3.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2013-2166
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass
Openstack Python-keystoneclient
Redhat Openstack 3.0
Fedoraproject Fedora 19
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2019-19844
Django prior to 1.11.27, 2.x prior to 2.2.9, and 3.x prior to 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an malicious user to be sent a passwo...
Djangoproject Django
Djangoproject Django 3.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
7 Github repositories
NA
CVE-2009-5065
Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) prior to 5.0 allows remote malicious users to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas.
Mark Pilgrim Feedparser 4.0.1
Mark Pilgrim Feedparser 3.3
Mark Pilgrim Feedparser 3.2
Mark Pilgrim Feedparser 3.1
Mark Pilgrim Feedparser 4.0
Mark Pilgrim Feedparser 4.0.2
Mark Pilgrim Feedparser
Mark Pilgrim Feedparser 3.0.1
Mark Pilgrim Feedparser 3.0
1 EDB exploit
NA
CVE-2011-1156
feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) prior to 5.0.1 allows remote malicious users to cause a denial of service (application crash) via a malformed DOCTYPE declaration.
Mark Pilgrim Feedparser 4.0.2
Mark Pilgrim Feedparser 4.0.1
Mark Pilgrim Feedparser 4.1
Mark Pilgrim Feedparser 3.0
Mark Pilgrim Feedparser 3.1
Mark Pilgrim Feedparser 3.3
Mark Pilgrim Feedparser 3.2
Mark Pilgrim Feedparser
Mark Pilgrim Feedparser 4.0
Mark Pilgrim Feedparser 3.0.1
NA
CVE-2008-0252
Directory traversal vulnerability in the _get_file_path function in (1) lib/sessions.py in CherryPy 3.0.x up to 3.0.2, (2) filter/sessionfilter.py in CherryPy 2.1, and (3) filter/sessionfilter.py in CherryPy 2.x allows remote malicious users to create or delete arbitrary files, a...
Cherrypy Cherrypy
6.1
CVSSv3
CVE-2020-13596
An issue exists in Django 2.2 prior to 2.2.13 and 3.0 prior to 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.
Djangoproject Django
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Netapp Steelstore Cloud Integrated Storage -
Netapp Sra Plugin -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Zfs Storage Appliance Kit 8.8
1 Github repository
8.1
CVSSv3
CVE-2019-2435
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 8.0.13 and prior and 2.1.8 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to comprom...
Oracle Mysql Connectors
Netapp Active Iq Unified Manager
Netapp Oncommand Workflow Automation -
Netapp Snapcenter -
5.9
CVSSv3
CVE-2020-13254
An issue exists in Django 2.2 prior to 2.2.13 and 3.0 prior to 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage.
Djangoproject Django
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Fedoraproject Fedora 32
Netapp Steelstore Cloud Integrated Storage -
Netapp Sra Plugin -
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Zfs Storage Appliance Kit 8.8
2 Github repositories
NA
CVE-2013-6491
The python-qpid client (common/rpc/impl_qpid.py) in OpenStack Oslo prior to 2013.2 does not enforce SSL connections when qpid_protocol is set to ssl, which allows remote malicious users to obtain sensitive information by sniffing the network.
Redhat Openstack 3.0
Openstack Oslo
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »