Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python 3.0 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2020-24584
An issue exists in Django 2.2 prior to 2.2.16, 3.0 prior to 3.0.10, and 3.1 prior to 3.1.1 (when Python 3.7+ is used). The intermediate-level directories of the filesystem cache had the system's standard umask rather than 0o077.
Djangoproject Django
Canonical Ubuntu Linux 20.04
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Oracle Zfs Storage Appliance Kit 8.8
445
VMScore
CVE-2012-5495
python_scripts.py in Plone prior to 4.2.3 and 4.3 before beta 1 allows remote malicious users to execute Python code via a crafted URL, related to "go_back."
Plone Plone 3.3
Plone Plone 1.0
Plone Plone 4.2
Plone Plone 4.0.5
Plone Plone 3.0.1
Plone Plone 1.0.3
Plone Plone 3.0
Plone Plone 3.2.3
Plone Plone 3.1.4
Plone Plone 3.1.5.1
Plone Plone 4.2.0.1
Plone Plone 2.1.4
Plone Plone 4.0.2
Plone Plone 4.2.1.1
Plone Plone 3.3.5
Plone Plone 3.0.6
Plone Plone 2.5.4
Plone Plone 3.2
Plone Plone 3.1.1
Plone Plone 4.3
Plone Plone 2.1.1
Plone Plone 3.3.4
445
VMScore
CVE-2012-5488
python_scripts.py in Plone prior to 4.2.3 and 4.3 before beta 1 allows remote malicious users to execute Python code via a crafted URL, related to createObject.
Plone Plone 3.3
Plone Plone 1.0
Plone Plone 4.2
Plone Plone 4.0.5
Plone Plone 3.0.1
Plone Plone 1.0.3
Plone Plone 3.0
Plone Plone 3.2.3
Plone Plone 3.1.4
Plone Plone 3.1.5.1
Plone Plone 4.2.0.1
Plone Plone 2.1.4
Plone Plone 4.0.2
Plone Plone 4.2.1.1
Plone Plone 3.3.5
Plone Plone 3.0.6
Plone Plone 2.5.4
Plone Plone 3.2
Plone Plone 3.1.1
Plone Plone 4.3
Plone Plone 2.1.1
Plone Plone 3.3.4
445
VMScore
CVE-2012-0845
SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python prior to 2.6.8, 2.7.x prior to 2.7.3, 3.x prior to 3.1.5, and 3.2.x prior to 3.2.3 allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smal...
Python Python 2.4.2
Python Python 2.5.1
Python Python 2.3.4
Python Python 2.6.6
Python Python 2.1
Python Python 2.0.1
Python Python 2.6.1
Python Python 2.3.1
Python Python 0.9.1
Python Python 2.1.2
Python Python 0.9.0
Python Python 1.6.1
Python Python 2.2.1
Python Python 2.5.4
Python Python 1.3
Python Python 2.6.3
Python Python 2.2.2
Python Python 2.1.1
Python Python 1.5.2
Python Python 2.6.2150
Python Python 2.3.3
Python Python 2.3.2
445
VMScore
CVE-2012-2921
Universal Feed Parser (aka feedparser or python-feedparser) prior to 5.1.2 allows remote malicious users to cause a denial of service (memory consumption) via a crafted XML ENTITY declaration in a non-ASCII encoded document.
Mark Pilgrim Feedparser 3.0
Mark Pilgrim Feedparser 5.1
Mark Pilgrim Feedparser 4.0.2
Mark Pilgrim Feedparser 3.0.1
Mark Pilgrim Feedparser 5.0
Mark Pilgrim Feedparser 4.1
Mark Pilgrim Feedparser 3.2
Mark Pilgrim Feedparser 4.0
Mark Pilgrim Feedparser 3.3
Mark Pilgrim Feedparser 5.1.2
Mark Pilgrim Feedparser 5.0.1
Mark Pilgrim Feedparser 3.1
Mark Pilgrim Feedparser
Mark Pilgrim Feedparser 4.0.1
445
VMScore
CVE-2011-1015
The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote malicious users to read script source code via an HTTP GET request that lacks a / (slash) character at the beginning of the URI.
Python Python 3.0
445
VMScore
CVE-2011-1156
feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) prior to 5.0.1 allows remote malicious users to cause a denial of service (application crash) via a malformed DOCTYPE declaration.
Mark Pilgrim Feedparser 3.0
Mark Pilgrim Feedparser 4.0.2
Mark Pilgrim Feedparser 3.0.1
Mark Pilgrim Feedparser
Mark Pilgrim Feedparser 4.1
Mark Pilgrim Feedparser 3.2
Mark Pilgrim Feedparser 4.0
Mark Pilgrim Feedparser 3.3
Mark Pilgrim Feedparser 3.1
Mark Pilgrim Feedparser 4.0.1
445
VMScore
CVE-2010-2754
dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, Thunderbird 3.0.x prior to 3.0.6 and 3.1.x prior to 3.1.1, and SeaMonkey prior to 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and...
Mozilla Firefox 3.6.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.6.3
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5.5
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.10
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.2
Mozilla Firefox 3.6.6
Mozilla Firefox 3.6.1
Mozilla Firefox 3.6.4
Mozilla Thunderbird 3.0.5
Mozilla Thunderbird 3.0.1
Mozilla Thunderbird 3.0.3
Mozilla Thunderbird 3.0.4
Mozilla Thunderbird 3.0
Mozilla Thunderbird 3.1
Mozilla Thunderbird 3.0.2
Mozilla Seamonkey
445
VMScore
CVE-2003-0973
Unknown vulnerability in mod_python 3.0.x prior to 3.0.4, and 2.7.x prior to 2.7.9, allows remote malicious users to cause a denial of service (httpd crash) via a certain query string.
Apache Mod Python 2.7.3
Apache Mod Python 2.7.4
Apache Mod Python 2.7.6
Apache Mod Python 3.0
Apache Mod Python 3.0.2
Apache Mod Python 2.7.1
Apache Mod Python 3.0.1
Apache Mod Python 2.7.2
Apache Mod Python 2.7
Apache Mod Python 2.7.5
Apache Mod Python 3.0.3
Apache Mod Python 2.7.7
Apache Mod Python 2.7.8
436
VMScore
CVE-2008-5913
The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x prior to 3.5.10 and 3.6.x prior to 3.6.4, and SeaMonkey prior to 2.0.5, uses a random number generator that is seeded only once per browser session, which makes it easier for remote malicious users...
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.6
Mozilla Firefox 3.5
Mozilla Firefox 3.5.5
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.4
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.2
Mozilla Firefox 3.5.8
Mozilla Firefox 3.6.2
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.4
Mozilla Firefox 3.6
Mozilla Seamonkey 1.1.10
Mozilla Seamonkey 1.0.3
Mozilla Seamonkey 1.1.8
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.1.7
Mozilla Seamonkey 1.0.6
Mozilla Seamonkey 1.0.9
Mozilla Seamonkey 1.1.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »