Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python 3.1.1 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2016-0775
Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow prior to 3.1.1 allows remote malicious users to cause a denial of service (crash) via a crafted FLI file.
Python Pillow
Debian Debian Linux 8.0
Debian Debian Linux 7.0
9.8
CVSSv3
CVE-2020-15348
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows use of live/CPEManager/AXCampaignManager/delete_cpes_by_ids?cpe_ids= for eval injection of Python code.
Zyxel Cloud Cnm Secumanager 3.1.1
Zyxel Cloud Cnm Secumanager 3.1.0
7.5
CVSSv3
CVE-2020-24584
An issue exists in Django 2.2 prior to 2.2.16, 3.0 prior to 3.0.10, and 3.1 prior to 3.1.1 (when Python 3.7+ is used). The intermediate-level directories of the filesystem cache had the system's standard umask rather than 0o077.
Djangoproject Django
Canonical Ubuntu Linux 20.04
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Oracle Zfs Storage Appliance Kit 8.8
6.1
CVSSv3
CVE-2020-6802
In Mozilla Bleach prior to 3.11, a mutation XSS affects users calling bleach.clean with noscript and a raw tag in the allowed/whitelisted tags option.
Mozilla Bleach
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
2 Github repositories
7.5
CVSSv3
CVE-2020-24583
An issue exists in Django 2.2 prior to 2.2.16, 3.0 prior to 3.0.10, and 3.1 prior to 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to in...
Djangoproject Django
Canonical Ubuntu Linux 20.04
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Oracle Zfs Storage Appliance Kit 8.8
NA
CVE-2014-3146
Incomplete blacklist vulnerability in the lxml.html.clean module in lxml prior to 3.3.5 allows remote malicious users to conduct cross-site scripting (XSS) attacks via control characters in the link scheme to the clean_html function.
Lxml Lxml 2.1.4
Lxml Lxml 2.0.8
Lxml Lxml 2.1.1
Lxml Lxml 1.1.2
Lxml Lxml 3.1.2
Lxml Lxml 3.2.1
Lxml Lxml 2.0.1
Lxml Lxml 3.3.0
Lxml Lxml 3.1
Lxml Lxml 3.3.3
Lxml Lxml 2.1
Lxml Lxml 3.3.1
Lxml Lxml 3.2.3
Lxml Lxml 1.0
Lxml Lxml 2.0.10
Lxml Lxml 3.0
Lxml Lxml 1.3.2
Lxml Lxml 2.3.4
Lxml Lxml 2.2
Lxml Lxml 2.3.6
Lxml Lxml 1.2
Lxml Lxml 2.2.8
1 EDB exploit
NA
CVE-2009-0668
Unspecified vulnerability in Zope Object Database (ZODB) prior to 3.8.2, when certain Zope Enterprise Objects (ZEO) database sharing is enabled, allows remote malicious users to execute arbitrary Python code via vectors involving the ZEO network protocol.
Zope Zodb
Zope Zodb 3.2
Zope Zodb 2.11.4
Zope Zodb 2.9.11
Zope Zodb 3.8.0
Zope Zodb 3.5
Zope Zodb 3.4
Zope Zodb 3.1.1
Zope Zodb 3.3
Zope Zodb 3.7
Zope Zodb 2.10.9
Zope Zodb 3.1
Zope Zodb 3.6
Zope Zodb 3.2.4
Zope Zodb 3.4.1
Zope Zodb 3.3.3
Zope Zodb 2.8.11
4.3
CVSSv3
CVE-2023-25601
On version 3.0.0 up to and including 3.1.1, Apache DolphinScheduler's python gateway suffered from improper authentication: an attacker could use a socket bytes attack without authentication. This issue has been fixed from version 3.1.2 onwards. For users who use version 3.0...
Apache Dolphinscheduler
6.5
CVSSv3
CVE-2022-36087
OAuthLib is an implementation of the OAuth request-signing logic for Python 3.6+. In OAuthLib versions 3.1.1 until 3.2.1, an attacker providing malicious redirect uri can cause denial of service. An attacker can also leverage usage of `uri_validate` functions depending where it i...
Oauthlib Project Oauthlib
Fedoraproject Fedora 37
NA
CVE-2012-5493
gtbn.py in Plone prior to 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain permissions to bypass the Python sandbox and execute arbitrary Python code via unspecified vectors.
Plone Plone 3.3
Plone Plone 1.0
Plone Plone 4.2
Plone Plone 4.0.5
Plone Plone 3.0.1
Plone Plone 1.0.3
Plone Plone 3.0
Plone Plone 3.2.3
Plone Plone 3.1.4
Plone Plone 3.1.5.1
Plone Plone 4.2.0.1
Plone Plone 2.1.4
Plone Plone 4.0.2
Plone Plone 4.2.1.1
Plone Plone 3.3.5
Plone Plone 3.0.6
Plone Plone 2.5.4
Plone Plone 3.2
Plone Plone 3.1.1
Plone Plone 4.3
Plone Plone 2.1.1
Plone Plone 3.3.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »