Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python 3.0 vulnerabilities and exploits
(subscribe to this query)
584
VMScore
CVE-2020-9402
Django 1.11 prior to 1.11.29, 2.2 prior to 2.2.11, and 3.0 prior to 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was p...
Djangoproject Django
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Netapp Steelstore Cloud Integrated Storage -
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
570
VMScore
CVE-2019-14859
A flaw was found in all python-ecdsa versions prior to 0.13.3, where it did not correctly verify whether signatures used DER encoding. Without this verification, a malformed signature could be accepted, making the signature malleable. Without proper verification, an attacker coul...
Python-ecdsa Project Python-ecdsa
Redhat Ceph Storage 3.0
Redhat Ceph Storage 2.0
Redhat Openstack 10
Redhat Openstack 14
Redhat Openstack 13
Redhat Openstack 15
Redhat Virtualization 4.0
570
VMScore
CVE-2011-1521
The urllib and urllib2 modules in Python 2.x prior to 2.7.2 and 3.x prior to 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote malicious users to obtain sensitive information or cause a denial of service (resource consumption)...
Python Python 2.4.2
Python Python 2.5.1
Python Python 2.3.4
Python Python 2.6.6
Python Python 2.1
Python Python 2.0.1
Python Python 2.6.1
Python Python 2.3.1
Python Python 2.1.2
Python Python 2.2.1
Python Python 2.5.4
Python Python 2.2.2
Python Python 2.1.1
Python Python 2.3.3
Python Python 2.7.1
Python Python 2.3.2
Python Python 2.6.7
Python Python 2.4.6
Python Python 2.0
Python Python 2.2.3
Python Python 2.5.2
Python Python 2.3.7
516
VMScore
CVE-2019-2435
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 8.0.13 and prior and 2.1.8 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to comprom...
Oracle Mysql Connectors
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Active Iq Unified Manager
516
VMScore
CVE-2010-1125
The JavaScript implementation in Mozilla Firefox 3.x prior to 3.5.10 and 3.6.x prior to 3.6.4, and SeaMonkey prior to 2.0.5, allows remote malicious users to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via cer...
Mozilla Firefox 3.6.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.0.7
Mozilla Firefox 3.0.9
Mozilla Firefox 3.5.6
Mozilla Firefox 3.0.8
Mozilla Firefox 3.5
Mozilla Firefox 3.5.5
Mozilla Firefox 3.0.4
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.7
Mozilla Firefox 3.0.5
Mozilla Firefox 3.5.1
Mozilla Firefox 3.0.14
Mozilla Firefox 3.5.2
Mozilla Firefox 3.0.10
Mozilla Firefox 3.0.12
Mozilla Firefox 3.0.3
Mozilla Firefox 3.0.15
Mozilla Firefox 3.0
Mozilla Firefox 3.0.1
447
VMScore
CVE-2019-19844
Django prior to 1.11.27, 2.x prior to 2.2.9, and 3.x prior to 3.0.1 allows account takeover. A suitably crafted email address (that is equal to an existing user's email address after case transformation of Unicode characters) would allow an malicious user to be sent a passwo...
Djangoproject Django
Djangoproject Django 3.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
7 Github repositories
446
VMScore
CVE-2012-1150
Python prior to 2.6.8, 2.7.x prior to 2.7.3, 3.x prior to 3.1.5, and 3.2.x prior to 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via...
Python Python 2.4.2
Python Python 2.5.1
Python Python 2.3.4
Python Python 2.6.6
Python Python 2.1
Python Python 2.0.1
Python Python 2.6.1
Python Python 2.3.1
Python Python 0.9.1
Python Python 2.1.2
Python Python 0.9.0
Python Python 1.6.1
Python Python 2.2.1
Python Python 2.5.4
Python Python 1.3
Python Python 2.6.3
Python Python 2.2.2
Python Python 2.1.1
Python Python 1.5.2
Python Python 2.6.2150
Python Python 2.3.3
Python Python 2.3.2
2 Github repositories
445
VMScore
CVE-2021-28658
In Django 2.2 prior to 2.2.20, 3.0 prior to 3.0.14, and 3.1 prior to 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability.
Djangoproject Django
Debian Debian Linux 9.0
Fedoraproject Fedora 34
445
VMScore
CVE-2021-3281
In Django 2.2 prior to 2.2.18, 3.0 prior to 3.0.12, and 3.1 prior to 3.1.6, the django.utils.archive.extract method (used by "startapp --template" and "startproject --template") allows directory traversal via an archive with absolute paths or relative paths wi...
Djangoproject Django
Fedoraproject Fedora 33
Netapp Snapcenter -
1 Github repository
445
VMScore
CVE-2020-24583
An issue exists in Django 2.2 prior to 2.2.16, 3.0 prior to 3.0.10, and 3.1 prior to 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to in...
Djangoproject Django
Canonical Ubuntu Linux 20.04
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Oracle Zfs Storage Appliance Kit 8.8
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »