Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2020-16977
<p>A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads a Jupyter notebook file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged...
Microsoft Visual Studio Code -
1 Github repository
9.3
CVSSv2
CVE-2020-1192
A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1171.
Microsoft Visual Studio Code
1 Article
9.3
CVSSv2
CVE-2020-1171
A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads configuration files after opening a project, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1192.
Microsoft Visual Studio Code
9.3
CVSSv2
CVE-2019-13404
The MSI installer for Python up to and including 2.7.16 on Windows defaults to the C:\Python27 directory, which makes it easier for local users to deploy Trojan horse code. (This also affects old 3.x releases prior to 3.5.) NOTE: the vendor's position is that it is the user&...
Python Python
9.3
CVSSv2
CVE-2015-1326
python-dbusmock before version 0.15.1 AddTemplate() D-Bus method call or DBusTestCase.spawn_server_template() method could be tricked into executing malicious code if an attacker supplies a .pyc file.
Python-dbusmock Project Python-dbusmock
9.3
CVSSv2
CVE-2018-6461
March Hare WINCVS prior to 2.8.01 build 6610, and CVS Suite prior to 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local users to gain privileges via a Trojan horse Python or TCL DLL file in the curren...
March-hare Wincvs
9.3
CVSSv2
CVE-2015-6531
Palo Alto Networks Panorama VM Appliance with PAN-OS prior to 6.0.1 might allow remote malicious users to execute arbitrary Python code via a crafted firmware image file.
Paloaltonetworks Pan-os
9.3
CVSSv2
CVE-2016-9950
An issue exists in Apport prior to 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-hooks/ directory...
Apport Project Apport
Canonical Ubuntu Linux
1 EDB exploit
1 Github repository
1 Article
9.3
CVSSv2
CVE-2016-9949
An issue exists in Apport prior to 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote malicious users to execute arbitrary Python code.
Apport Project Apport
Canonical Ubuntu Linux
1 EDB exploit
1 Github repository
1 Article
9.3
CVSSv2
CVE-2015-8557
The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 up to and including 2.0.2 allows remote malicious users to execute arbitrary commands via shell metacharacters in a font name.
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Pygments Pygments 1.4
Pygments Pygments 1.5
Pygments Pygments 1.6
Pygments Pygments 2.0.1
Pygments Pygments 1.3.1
Pygments Pygments 1.3
Pygments Pygments 2.0
Pygments Pygments 1.2.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »