Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pip vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-1965
Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component 3.0, 7.00 up to and including 7.02, and 7.10 up to and including 7.11 for SAP NetWeaver allows remote malicious users to inject arbitrary w...
Sap Netweaver 7.10
Sap Netweaver 3.0
Sap Netweaver 7.0
Sap Netweaver 7.01
Sap Netweaver 7.02
Sap Netweaver 7.11
4.7
CVSSv3
CVE-2023-35845
Anaconda 3 2023.03-1-Linux allows local users to disrupt TLS certificate validation by modifying the cacert.pem file used by the installed pip program. This occurs because many files are installed as world-writable on Linux, ignoring umask, even when these files are installed as ...
Anaconda Anaconda3 2023.03-1
6.1
CVSSv3
CVE-2021-21330
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In aiohttp before version 3.7.4 there is an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website. It is caused by a ...
Aiohttp Aiohttp
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
2 Github repositories
NA
CVE-2007-4559
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote malicious users to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.
Python Python
7 Github repositories
1 Article
7.8
CVSSv3
CVE-2023-41267
In the Apache Airflow HDFS Provider, versions before 4.1.1, a documentation info pointed users to an install incorrect pip package. As this package name was unclaimed, in theory, an attacker could claim this package and provide code that would be executed when this package was in...
Apache Airflow Hdfs Provider
6.5
CVSSv3
CVE-2024-30043
Microsoft SharePoint Server Information Disclosure Vulnerability
1 Github repository
1 Article
8.6
CVSSv3
CVE-2022-21668
pipenv is a Python development workflow tool. Starting with version 2018.10.9 and prior to version 2022.1.8, a flaw in pipenv's parsing of requirements files allows an malicious user to insert a specially crafted string inside a comment anywhere within a requirements.txt fil...
Pypa Pipenv
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
3 Github repositories
NA
CVE-2013-3581
ajax.cgi in the web interface on the Choice Wireless Green Packet WIXFMR-111 4G WiMax modem allows remote malicious users to obtain sensitive information via an Ajax (1) wmxState or (2) netState request.
Choice Wireless Wixfmr-111 -
NA
CVE_2024_3094
Ansible role cve_2024_3094 Check xz vulnerability (cve_2024_3094) on your system. GitHub Version Issues Pull Requests Downloads Example Playbook This example is taken from molecule/default/converge.yml and is tested on each push, pull request and release. --- - nam...
1 Github repository
7.5
CVSSv3
CVE-2022-0391
A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n'...
Python Python 3.10.0
Python Python
Netapp Ontap Select Deploy Administration Utility -
Netapp Hci -
Netapp Hci Compute Node -
Netapp Management Services For Element Software -
Netapp Solidfire\\, Enterprise Sds \\& Hci Storage Node -
Netapp Active Iq Unified Manager -
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Oracle Http Server 12.2.1.3.0
Oracle Http Server 12.2.1.4.0
Oracle Zfs Storage Appliance Kit 8.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »