Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-36632
The legacy email.utils.parseaddr function in Python up to and including 3.11.4 allows malicious users to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argument is plausibly an untrusted value from a...
Python Python
375
VMScore
CVE-2006-1542
Stack-based buffer overflow in Python 2.4.2 and previous versions, running on Linux 2.6.12.5 under gcc 4.0.3 with libc 2.3.5, allows local users to cause a "stack overflow," and possibly gain privileges, by running a script from a current working directory that has a lo...
Python Python
1 EDB exploit
384
VMScore
CVE-2019-9947
An issue exists in urllib2 in Python 2.x up to and including 2.7.16 and urllib in Python 3.x up to and including 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in ...
Python Python
383
VMScore
CVE-2019-9740
An issue exists in urllib2 in Python 2.x up to and including 2.7.16 and urllib in Python 3.x up to and including 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in ...
Python Python
1 Github repository
446
VMScore
CVE-2018-20852
http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python prior to 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has ...
Python Python
607
VMScore
CVE-2007-4559
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote malicious users to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.
Python Python
7 Github repositories
1 Article
383
VMScore
CVE-2017-18207
The Wave_read._read_fmt_chunk function in Lib/wave.py in Python up to and including 3.6.4 does not ensure a nonzero channel value, which allows malicious users to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disput...
Python Python
384
VMScore
CVE-2019-18348
An issue exists in urllib2 in Python 2.x up to and including 2.7.17 and urllib in Python 3.x up to and including 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in ...
Python Python
668
VMScore
CVE-2008-2315
Multiple integer overflows in Python 2.5.2 and previous versions allow context-dependent malicious users to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and...
Python Python
668
VMScore
CVE-2008-2316
Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and previous versions might allow context-dependent malicious users to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB."
Python Python
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29824
CVE-2024-30095
CVE-2024-30104
client side
CVE-2024-5840
CVE-2024-34405
unprivileged
wireless
CVE-2024-4577
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »