Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2018-6461
March Hare WINCVS prior to 2.8.01 build 6610, and CVS Suite prior to 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local users to gain privileges via a Trojan horse Python or TCL DLL file in the curren...
March-hare Wincvs
9.3
CVSSv2
CVE-2015-6531
Palo Alto Networks Panorama VM Appliance with PAN-OS prior to 6.0.1 might allow remote malicious users to execute arbitrary Python code via a crafted firmware image file.
Paloaltonetworks Pan-os
9.3
CVSSv2
CVE-2016-9950
An issue exists in Apport prior to 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-hooks/ directory...
Apport Project Apport
Canonical Ubuntu Linux
1 EDB exploit
1 Github repository
1 Article
9.3
CVSSv2
CVE-2016-9949
An issue exists in Apport prior to 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote malicious users to execute arbitrary Python code.
Apport Project Apport
Canonical Ubuntu Linux
1 EDB exploit
1 Github repository
1 Article
9.3
CVSSv2
CVE-2015-8557
The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 up to and including 2.0.2 allows remote malicious users to execute arbitrary commands via shell metacharacters in a font name.
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Pygments Pygments 1.4
Pygments Pygments 1.5
Pygments Pygments 1.6
Pygments Pygments 2.0.1
Pygments Pygments 1.3.1
Pygments Pygments 1.3
Pygments Pygments 2.0
Pygments Pygments 1.2.2
9.3
CVSSv2
CVE-2015-3446
The Framework Daemon in AlienVault Unified Security Management prior to 4.15 allows remote malicious users to execute arbitrary Python code via a crafted plugin configuration file (.cfg).
Alienvault Unified Security Management
9.3
CVSSv2
CVE-2014-6352
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote malicious users to execute arbitrary code via a crafted OLE object, as exploited in the wild in Octobe...
Microsoft Windows 7 -
Microsoft Windows 8.1 -
Microsoft Windows 8 -
Microsoft Windows Vista
Microsoft Windows Rt 8.1 -
Microsoft Windows Rt -
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
6 EDB exploits
4 Articles
9.3
CVSSv2
CVE-2014-4114
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote malicious users to execute arbitrary code via a crafted OLE object in an Office document, as exploited...
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows Rt -
Microsoft Windows 8.1 -
Microsoft Windows 8 -
Microsoft Windows Server 2008 R2
Microsoft Windows 7 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2012 R2
Microsoft Windows Rt 8.1 -
6 EDB exploits
3 Github repositories
5 Articles
9.3
CVSSv2
CVE-2012-0013
Incomplete blacklist vulnerability in the Windows Packager configuration in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote malicious users to execute arbitrary code vi...
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows Xp
Microsoft Windows Server 2003
Microsoft Windows Vista
2 EDB exploits
9.3
CVSSv2
CVE-2011-3587
Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x up to and including 4.0.9, 4.1, and 4.2 up to and including 4.2a2, allows remote malicious users to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python mod...
Zope Zope 2.12.9
Zope Zope 2.12.13
Zope Zope 2.12.2
Zope Zope 2.12.0
Zope Zope 2.12.17
Zope Zope 2.12.15
Zope Zope 2.13.0
Zope Zope 2.13.1
Plone Plone 4.0.8
Plone Plone 4.0.1
Plone Plone 4.1
Plone Plone 4.2
Zope Zope 2.12.12
Zope Zope 2.12.14
Zope Zope 2.12.18
Zope Zope 2.12.6
Zope Zope 2.13.2
Zope Zope 2.12.19
Zope Zope 2.12.20
Plone Plone 4.0.3
Plone Plone 4.0.2
Plone Plone 4.2a2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »