Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2014-2967
Autodesk VRED Professional 2014 before SR1 SP8 allows remote malicious users to execute arbitrary code via Python os library calls in Python API commands to the integrated web server.
Autodesk Vred 2014
890
VMScore
CVE-2014-3007
Python Image Library (PIL) 1.1.7 and previous versions and Pillow 2.3 might allow remote malicious users to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932, possibly JpegImagePlugin.py.
Python Pillow 2.3.0
Pythonware Python Imaging Library
890
VMScore
CVE-2010-1121
Mozilla Firefox 3.6.x prior to 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote malicious users to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving improper interacti...
Mozilla Firefox 3.6.1
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6
890
VMScore
CVE-2005-3068
Unspecified vulnerability in Eric Integrated Development Environment (eric3) prior to 3.7.2 has unknown impact and attack vectors related to a "potential security exploit."
Eric Integrated Development Environment Eric Integrated Development Environment 3.6.0
Eric Integrated Development Environment Eric Integrated Development Environment 3.6.1
Eric Integrated Development Environment Eric Integrated Development Environment 3.6.2
Eric Integrated Development Environment Eric Integrated Development Environment 3.7.0
Eric Integrated Development Environment Eric Integrated Development Environment 3.5.0
Eric Integrated Development Environment Eric Integrated Development Environment 3.4.2
Eric Integrated Development Environment Eric Integrated Development Environment 3.5.1
Eric Integrated Development Environment Eric Integrated Development Environment 3.7.1
855
VMScore
CVE-2017-10803
In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, insecure handling of anonymization data in the Database Anonymization module allows remote authenticated privileged users to execute arbitrary Python code, because unpickle is used.
Odoo Odoo 10.0
Odoo Odoo 9.0
Odoo Odoo 8.0
1 EDB exploit
855
VMScore
CVE-2008-1000
Directory traversal vulnerability in ContentServer.py in the Wiki Server in Apple Mac OS X 10.5.2 (aka Leopard) allows remote authenticated users to write arbitrary files via ".." sequences in file attachments.
Apple Mac Os X 10.5.2
Apple Mac Os X Server 10.5.2
1 EDB exploit
837
VMScore
CVE-2013-5654
Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to the phone's storage
Yingzhipython Project Yingzhipython 1.9
830
VMScore
CVE-2016-10033
The mailSend function in the isMail transport in PHPMailer prior to 5.2.18 might allow remote malicious users to pass extra parameters to the mail command and consequently execute arbitrary code via a \" (backslash double quote) in a crafted Sender property.
Phpmailer Project Phpmailer
Wordpress Wordpress
Joomla Joomla\\!
9 EDB exploits
118 Github repositories
829
VMScore
CVE-2022-21668
pipenv is a Python development workflow tool. Starting with version 2018.10.9 and prior to version 2022.1.8, a flaw in pipenv's parsing of requirements files allows an malicious user to insert a specially crafted string inside a comment anywhere within a requirements.txt fil...
Pypa Pipenv
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
3 Github repositories
829
VMScore
CVE-2019-13404
The MSI installer for Python up to and including 2.7.16 on Windows defaults to the C:\Python27 directory, which makes it easier for local users to deploy Trojan horse code. (This also affects old 3.x releases prior to 3.5.) NOTE: the vendor's position is that it is the user&...
Python Python
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »