Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-43304
The d8s-timer for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-uuids package. The affected version of d8s-htm is 0.1.0.
Democritus D8s-timer 0.1.0
9.8
CVSSv3
CVE-2022-43305
The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-algorithms package. The affected version of d8s-htm is 0.1.0.
Democritus D8s-python 0.1.0
9.8
CVSSv3
CVE-2022-37454
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows malicious users to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.
Extended Keccak Code Package Project Extended Keccak Code Package -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Php Php
Python Python
Sha3 Project Sha3
Pysha3 Project Pysha3
Pypy Pypy
1 Github repository
9.8
CVSSv3
CVE-2022-42037
The d8s-asns package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0.
Democritus D8s-asns 0.1.0
9.8
CVSSv3
CVE-2022-42038
The d8s-ip-addresses package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0.
Democritus D8s-ip-addresses 0.1.0
9.8
CVSSv3
CVE-2022-42040
The d8s-algorithms package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-dicts package. The affected version is 0.1.0.
Democritus D8s-algorithms 0.1.0
9.8
CVSSv3
CVE-2022-42042
The d8s-networking package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hashes package. The affected version is 0.1.0.
Democritus D8s-networking 0.1.0
9.8
CVSSv3
CVE-2022-42043
The d8s-xml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. The affected version is 0.1.0.
Democritus D8s-xml 0.1.0
9.8
CVSSv3
CVE-2022-42044
The d8s-asns package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. The affected version is 0.1.0.
Democritus D8s-asns 0.1.0
9.8
CVSSv3
CVE-2022-41380
The d8s-yaml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0.
Democritus D8s-yaml 0.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »