Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python 3.0 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2013-2167
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass
Openstack Python-keystoneclient
Redhat Openstack 3.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
668
VMScore
CVE-2013-2166
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass
Openstack Python-keystoneclient
Redhat Openstack 3.0
Fedoraproject Fedora 19
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
447
VMScore
CVE-2019-19844
Django prior to 1.11.27, 2.x prior to 2.2.9, and 3.x prior to 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an malicious user to be sent a passwo...
Djangoproject Django
Djangoproject Django 3.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
7 Github repositories
435
VMScore
CVE-2009-5065
Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) prior to 5.0 allows remote malicious users to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas.
Mark Pilgrim Feedparser 4.0.1
Mark Pilgrim Feedparser 3.3
Mark Pilgrim Feedparser 3.2
Mark Pilgrim Feedparser 3.1
Mark Pilgrim Feedparser 4.0
Mark Pilgrim Feedparser 4.0.2
Mark Pilgrim Feedparser
Mark Pilgrim Feedparser 3.0.1
Mark Pilgrim Feedparser 3.0
1 EDB exploit
445
VMScore
CVE-2011-1156
feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) prior to 5.0.1 allows remote malicious users to cause a denial of service (application crash) via a malformed DOCTYPE declaration.
Mark Pilgrim Feedparser 4.0.2
Mark Pilgrim Feedparser 4.0.1
Mark Pilgrim Feedparser 4.1
Mark Pilgrim Feedparser 3.0
Mark Pilgrim Feedparser 3.1
Mark Pilgrim Feedparser 3.3
Mark Pilgrim Feedparser 3.2
Mark Pilgrim Feedparser
Mark Pilgrim Feedparser 4.0
Mark Pilgrim Feedparser 3.0.1
383
VMScore
CVE-2020-13596
An issue exists in Django 2.2 prior to 2.2.13 and 3.0 prior to 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.
Djangoproject Django
Fedoraproject Fedora 32
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Netapp Steelstore Cloud Integrated Storage -
Netapp Sra Plugin -
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Zfs Storage Appliance Kit 8.8
1 Github repository
384
VMScore
CVE-2020-13254
An issue exists in Django 2.2 prior to 2.2.13 and 3.0 prior to 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage.
Djangoproject Django
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
Fedoraproject Fedora 32
Netapp Steelstore Cloud Integrated Storage -
Netapp Sra Plugin -
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Zfs Storage Appliance Kit 8.8
2 Github repositories
670
VMScore
CVE-2020-7471
Django 1.11 prior to 1.11.28, 2.2 prior to 2.2.10, and 3.0 prior to 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter). By passing a s...
Djangoproject Django
11 Github repositories
445
VMScore
CVE-2021-3281
In Django 2.2 prior to 2.2.18, 3.0 prior to 3.0.12, and 3.1 prior to 3.1.6, the django.utils.archive.extract method (used by "startapp --template" and "startproject --template") allows directory traversal via an archive with absolute paths or relative paths wi...
Djangoproject Django
Fedoraproject Fedora 33
Netapp Snapcenter -
1 Github repository
668
VMScore
CVE-2008-0252
Directory traversal vulnerability in the _get_file_path function in (1) lib/sessions.py in CherryPy 3.0.x up to 3.0.2, (2) filter/sessionfilter.py in CherryPy 2.1, and (3) filter/sessionfilter.py in CherryPy 2.x allows remote malicious users to create or delete arbitrary files, a...
Cherrypy Cherrypy
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »