Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2008-3143
Multiple integer overflows in Python prior to 2.5.2 might allow context-dependent malicious users to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9)...
Python Python
446
VMScore
CVE-2008-3144
Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and previous versions allow context-dependent malicious users to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to string formatting ...
Python Python
NA
CVE-2023-40217
An issue exists in Python prior to 3.8.18, 3.9.x prior to 3.9.18, 3.10.x prior to 3.10.13, and 3.11.x prior to 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buf...
Python Python
1 Github repository
605
VMScore
CVE-2017-17522
Lib/webbrowser.py in Python up to and including 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote malicious users to conduct argument-injection attacks via a crafted URL. NOTE: a software maintaine...
Python Python
641
VMScore
CVE-2015-5652
Untrusted search path vulnerability in python.exe in Python up to and including 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE: the vendor says "It was determined that this is a longtime beha...
Python Python
607
VMScore
CVE-2007-4559
Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote malicious users to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.
Python Python
7 Github repositories
1 Article
383
VMScore
CVE-2020-8315
In Python (CPython) 3.6 up to and including 3.6.10, 3.7 up to and including 3.7.6, and 3.8 up to and including 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the...
Python Python
668
VMScore
CVE-2008-2315
Multiple integer overflows in Python 2.5.2 and previous versions allow context-dependent malicious users to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and...
Python Python
668
VMScore
CVE-2008-2316
Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and previous versions might allow context-dependent malicious users to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB."
Python Python
383
VMScore
CVE-2019-9740
An issue exists in urllib2 in Python 2.x up to and including 2.7.16 and urllib in Python 3.x up to and including 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in ...
Python Python
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »