Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python 3.2 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-45116
An issue exists in Django 2.2 prior to 2.2.26, 3.2 prior to 3.2.11, and 4.0 prior to 4.0.1. Due to leveraging the Django Template Language's variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure, or an unintended method ...
Djangoproject Django
Fedoraproject Fedora 35
NA
CVE-2023-24580
An issue exists in the Multipart Request Parser in Django 3.2 prior to 3.2.18, 4.0 prior to 4.0.10, and 4.1 prior to 4.1.7. Passing certain inputs (e.g., an excessive number of parts) to multipart forms could result in too many open files or memory exhaustion, and provided a pote...
Djangoproject Django
Debian Debian Linux 10.0
445
VMScore
CVE-2021-45115
An issue exists in Django 2.2 prior to 2.2.26, 3.2 prior to 3.2.11, and 4.0 prior to 4.0.1. UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was artificially large in relation to the comparison values. In a situation where acc...
Djangoproject Django
Fedoraproject Fedora 35
756
VMScore
CVE-2012-5493
gtbn.py in Plone prior to 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain permissions to bypass the Python sandbox and execute arbitrary Python code via unspecified vectors.
Plone Plone 4.3
Plone Plone
Plone Plone 4.2.1
Plone Plone 4.2.1.1
Plone Plone 4.0.6.1
Plone Plone 4.0.5
Plone Plone 4.0.4
Plone Plone 4.0.3
Plone Plone 3.1.7
Plone Plone 3.1.6
Plone Plone 3.1.5.1
Plone Plone 3.1.4
Plone Plone 2.5.3
Plone Plone 4.2
Plone Plone 3.3.4
Plone Plone 3.3.3
Plone Plone 3.3.2
Plone Plone 3.3.1
Plone Plone 3.3
Plone Plone 3.0.6
Plone Plone 3.0.5
Plone Plone 3.0.4
756
VMScore
CVE-2012-5487
The sandbox whitelisting function (allowmodule.py) in Plone prior to 4.2.3 and 4.3 before beta 1 allows remote authenticated users with certain privileges to bypass the Python sandbox restriction and execute arbitrary Python code via vectors related to importing.
Plone Plone 1.0
Plone Plone 1.0.1
Plone Plone 1.0.2
Plone Plone 2.1.2
Plone Plone 2.1.3
Plone Plone 2.1.4
Plone Plone 2.5
Plone Plone 3.1.1
Plone Plone 3.1.2
Plone Plone 3.1.3
Plone Plone 3.1.4
Plone Plone 4.0
Plone Plone 4.0.1
Plone Plone 4.0.2
Plone Plone 4.0.3
Plone Plone 4.2
Plone Plone 4.2.0.1
Plone Plone 4.2.1.1
Plone Plone 4.2.1
Plone Plone 2.0
Plone Plone 2.0.1
Plone Plone 2.0.2
445
VMScore
CVE-2021-33571
In Django 2.2 prior to 2.2.24, 3.x prior to 3.1.12, and 3.2 prior to 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46_address do not prohibit leading zero characters in octal literals. This may allow a bypass of access control that is based on IP addresses. (validat...
Djangoproject Django
Fedoraproject Fedora 35
446
VMScore
CVE-2013-1665
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote malicious users to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, ...
Openstack Folsom -
Openstack Keystone Essex -
356
VMScore
CVE-2021-33203
Django prior to 2.2.24, 3.x prior to 3.1.12, and 3.2.x prior to 3.2.4 has a potential directory traversal via django.contrib.admindocs. Staff members could use the TemplateDetailView view to check the existence of arbitrary files. Additionally, if (and only if) the default admind...
Djangoproject Django
Fedoraproject Fedora 35
445
VMScore
CVE-2012-5488
python_scripts.py in Plone prior to 4.2.3 and 4.3 before beta 1 allows remote malicious users to execute Python code via a crafted URL, related to createObject.
Plone Plone 3.3
Plone Plone 1.0
Plone Plone 4.2
Plone Plone 4.0.5
Plone Plone 3.0.1
Plone Plone 1.0.3
Plone Plone 3.0
Plone Plone 3.2.3
Plone Plone 3.1.4
Plone Plone 3.1.5.1
Plone Plone 4.2.0.1
Plone Plone 2.1.4
Plone Plone 4.0.2
Plone Plone 4.2.1.1
Plone Plone 3.3.5
Plone Plone 3.0.6
Plone Plone 2.5.4
Plone Plone 3.2
Plone Plone 3.1.1
Plone Plone 4.3
Plone Plone 2.1.1
Plone Plone 3.3.4
445
VMScore
CVE-2012-5495
python_scripts.py in Plone prior to 4.2.3 and 4.3 before beta 1 allows remote malicious users to execute Python code via a crafted URL, related to "go_back."
Plone Plone 4.2
Plone Plone 3.3.3
Plone Plone 3.3.2
Plone Plone 3.3.1
Plone Plone 3.3
Plone Plone 3.0.6
Plone Plone 3.0.5
Plone Plone 3.0.4
Plone Plone 3.0.3
Plone Plone 2.1
Plone Plone 2.0.5
Plone Plone 2.0.4
Plone Plone 2.0.3
Plone Plone 4.1.6
Plone Plone 4.1.4
Plone Plone 4.0.1
Plone Plone 3.3.5
Plone Plone 3.2.2
Plone Plone 3.2
Plone Plone 3.1.3
Plone Plone 3.1.1
Plone Plone 3.0.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »