Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python 3.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-3492
The asyncore module in Python prior to 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote...
Python Python
NA
CVE-2012-2135
The utf-16 decoder in Python 3.1 up to and including 3.3 does not update the aligned_end variable after calling the unicode_decode_call_errorhandler function, which allows remote malicious users to obtain sensitive information (process memory) or cause a denial of service (memory...
Python Python
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 12.04
Debian Debian Linux 6.0
NA
CVE-2010-1634
Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent malicious users to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the fir...
Python Python
Fedoraproject Fedora 13
Suse Linux Enterprise Server 11
Opensuse Opensuse 11.2
Opensuse Opensuse 11.3
Suse Linux Enterprise Server 10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
NA
CVE-2009-5065
Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) prior to 5.0 allows remote malicious users to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas.
Mark Pilgrim Feedparser 4.0.1
Mark Pilgrim Feedparser 3.3
Mark Pilgrim Feedparser 3.2
Mark Pilgrim Feedparser 3.1
Mark Pilgrim Feedparser 4.0
Mark Pilgrim Feedparser 4.0.2
Mark Pilgrim Feedparser
Mark Pilgrim Feedparser 3.0.1
Mark Pilgrim Feedparser 3.0
1 EDB exploit
NA
CVE-2011-1156
feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) prior to 5.0.1 allows remote malicious users to cause a denial of service (application crash) via a malformed DOCTYPE declaration.
Mark Pilgrim Feedparser 4.0.2
Mark Pilgrim Feedparser 4.0.1
Mark Pilgrim Feedparser 4.1
Mark Pilgrim Feedparser 3.0
Mark Pilgrim Feedparser 3.1
Mark Pilgrim Feedparser 3.3
Mark Pilgrim Feedparser 3.2
Mark Pilgrim Feedparser
Mark Pilgrim Feedparser 4.0
Mark Pilgrim Feedparser 3.0.1
8.8
CVSSv3
CVE-2022-36359
An issue exists in the HTTP FileResponse class in Django 3.2 prior to 3.2.15 and 4.0 prior to 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied i...
Djangoproject Django
Debian Debian Linux 11.0
9.8
CVSSv3
CVE-2022-34265
An issue exists in Django 3.2 prior to 3.2.14 and 4.0 prior to 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list ...
Djangoproject Django
8 Github repositories
9.8
CVSSv3
CVE-2023-31047
In Django 3.2 prior to 3.2.19, 4.x prior to 4.1.9, and 4.2 prior to 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField (only the last uploaded file wa...
Djangoproject Django 4.2
Djangoproject Django
Fedoraproject Fedora 38
7.5
CVSSv3
CVE-2022-23833
An issue exists in MultiPartParser in Django 2.2 prior to 2.2.27, 3.2 prior to 3.2.12, and 4.0 prior to 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.
Djangoproject Django
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 11.0
6.1
CVSSv3
CVE-2022-22818
The {% debug %} template tag in Django 2.2 prior to 2.2.27, 3.2 prior to 3.2.12, and 4.0 prior to 4.0.2 does not properly encode the current context. This may lead to XSS.
Djangoproject Django
Fedoraproject Fedora 35
Debian Debian Linux 11.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »