Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python 3.0.1 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-19844
Django prior to 1.11.27, 2.x prior to 2.2.9, and 3.x prior to 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an malicious user to be sent a passwo...
Djangoproject Django
Djangoproject Django 3.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
7 Github repositories
NA
CVE-2007-5741
Plone 2.5 up to and including 2.5.4 and 3.0 up to and including 3.0.2 allows remote malicious users to execute arbitrary Python code via network data containing pickled objects for the (1) statusmessages or (2) linkintegrity module, which the module unpickles and executes.
Plone Plone 2.5
Plone Plone 2.5.1
Plone Plone 2.5 Beta1
Plone Plone 3.0
Plone Plone 3.0.1
Plone Plone 3.0.2
Plone Plone 2.5.1 Rc
Plone Plone 2.5.4
NA
CVE-2014-3146
Incomplete blacklist vulnerability in the lxml.html.clean module in lxml prior to 3.3.5 allows remote malicious users to conduct cross-site scripting (XSS) attacks via control characters in the link scheme to the clean_html function.
Lxml Lxml
Lxml Lxml 3.3.0
Lxml Lxml 3.2.0
Lxml Lxml 3.1.2
Lxml Lxml 3.0
Lxml Lxml 2.3
Lxml Lxml 2.2.4
Lxml Lxml 2.2.3
Lxml Lxml 2.2.2
Lxml Lxml 2.1.4
Lxml Lxml 2.0.11
Lxml Lxml 2.0.8
Lxml Lxml 2.1
Lxml Lxml 2.0.2
Lxml Lxml 2.0.1
Lxml Lxml 1.3.2
Lxml Lxml 1.3.1
Lxml Lxml 1.0.4
Lxml Lxml 1.0.3
Lxml Lxml 0.7
Lxml Lxml 0.6
Lxml Lxml 3.3.1
1 EDB exploit
NA
CVE-2012-2921
Universal Feed Parser (aka feedparser or python-feedparser) prior to 5.1.2 allows remote malicious users to cause a denial of service (memory consumption) via a crafted XML ENTITY declaration in a non-ASCII encoded document.
Mark Pilgrim Feedparser 5.1.2
Mark Pilgrim Feedparser
Mark Pilgrim Feedparser 3.0
Mark Pilgrim Feedparser 5.1
Mark Pilgrim Feedparser 3.3
Mark Pilgrim Feedparser 3.1
Mark Pilgrim Feedparser 4.1
Mark Pilgrim Feedparser 4.0.1
Mark Pilgrim Feedparser 5.0
Mark Pilgrim Feedparser 3.2
Mark Pilgrim Feedparser 4.0.2
Mark Pilgrim Feedparser 3.0.1
Mark Pilgrim Feedparser 5.0.1
Mark Pilgrim Feedparser 4.0
NA
CVE-2010-1125
The JavaScript implementation in Mozilla Firefox 3.x prior to 3.5.10 and 3.6.x prior to 3.6.4, and SeaMonkey prior to 2.0.5, allows remote malicious users to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via cer...
Mozilla Firefox 3.0.1
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.4
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.4
Mozilla Firefox 3.0.11
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.5
Mozilla Firefox 3.0.7
Mozilla Firefox 3.5.5
Mozilla Firefox 3.6
Mozilla Firefox 3.0
Mozilla Firefox 3.0.15
Mozilla Firefox 3.0.2
Mozilla Firefox 3.5
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.9
Mozilla Firefox 3.0.13
Mozilla Firefox 3.0.14
NA
CVE-2012-5493
gtbn.py in Plone prior to 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain permissions to bypass the Python sandbox and execute arbitrary Python code via unspecified vectors.
Plone Plone 4.3
Plone Plone
Plone Plone 4.2.1
Plone Plone 4.2.1.1
Plone Plone 4.0.6.1
Plone Plone 4.0.5
Plone Plone 4.0.4
Plone Plone 4.0.3
Plone Plone 3.1.7
Plone Plone 3.1.6
Plone Plone 3.1.5.1
Plone Plone 3.1.4
Plone Plone 2.5.3
Plone Plone 4.2
Plone Plone 3.3.4
Plone Plone 3.3.3
Plone Plone 3.3.2
Plone Plone 3.3.1
Plone Plone 3.3
Plone Plone 3.0.6
Plone Plone 3.0.5
Plone Plone 3.0.4
NA
CVE-2012-5487
The sandbox whitelisting function (allowmodule.py) in Plone prior to 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain privileges to bypass the Python sandbox restriction and execute arbitrary Python code via vectors related to importing.
Plone Plone 1.0
Plone Plone 1.0.1
Plone Plone 1.0.2
Plone Plone 2.1.2
Plone Plone 2.1.3
Plone Plone 2.1.4
Plone Plone 2.5
Plone Plone 3.1.1
Plone Plone 3.1.2
Plone Plone 3.1.3
Plone Plone 3.1.4
Plone Plone 4.0
Plone Plone 4.0.1
Plone Plone 4.0.2
Plone Plone 4.0.3
Plone Plone 4.2
Plone Plone 4.2.0.1
Plone Plone 4.2.1.1
Plone Plone 4.2.1
Plone Plone 2.0
Plone Plone 2.0.1
Plone Plone 2.0.2
7.5
CVSSv3
CVE-2023-46136
Werkzeug is a comprehensive WSGI web application library. If an upload of a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are appended chunk by chunk into internal bytearray and lookup for boundary is perform...
Palletsprojects Werkzeug 3.0.0
Palletsprojects Werkzeug
1 Github repository
NA
CVE-2010-1196
Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x prior to 3.5.10 and 3.6.x prior to 3.6.4, Thunderbird prior to 3.0.5, and SeaMonkey prior to 2.0.5 allows remote malicious users to execute arbitrary code via a DOM node with a long te...
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.5
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.3
Mozilla Seamonkey 2.0
Mozilla Seamonkey 1.1.18
Mozilla Seamonkey 1.1.17
Mozilla Seamonkey 1.1.9
Mozilla Seamonkey 1.1.8
Mozilla Seamonkey 1.1.1
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.0.5
Mozilla Seamonkey 1.0.4
Mozilla Seamonkey 2.0.1
Mozilla Seamonkey 1.1.19
Mozilla Seamonkey 1.1.11
Mozilla Seamonkey 1.1.10
NA
CVE-2010-1201
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x prior to 3.5.10, Thunderbird prior to 3.0.5, and SeaMonkey prior to 2.0.5 allows remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary co...
Mozilla Firefox 3.5
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.5
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.4
Mozilla Seamonkey 2.0
Mozilla Seamonkey 1.1.17
Mozilla Seamonkey 1.1.16
Mozilla Seamonkey 1.1.9
Mozilla Seamonkey 1.1.8
Mozilla Seamonkey 1.1
Mozilla Seamonkey 1.0.4
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 2.0.1
Mozilla Seamonkey 1.1.19
Mozilla Seamonkey 1.1.18
Mozilla Seamonkey 1.1.11
Mozilla Seamonkey 1.1.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »