Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2020-8315
In Python (CPython) 3.6 up to and including 3.6.10, 3.7 up to and including 3.7.6, and 3.8 up to and including 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the...
Python Python
7.4
CVSSv3
CVE-2021-28861
Python 3.x up to and including 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html d...
Python Python 3.11.0
Python Python
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2011-1364
Cross-site request forgery (CSRF) vulnerability in _ah/admin/interactive/execute (aka the Interactive Console) in the SDK Console (aka Admin Console) in the Google App Engine Python SDK prior to 1.5.4 allows remote malicious users to hijack the authentication of administrators fo...
Google App Engine Python Sdk
Google App Engine Python Sdk 1.1.4
Google App Engine Python Sdk 1.1.5
Google App Engine Python Sdk 1.2.2
Google App Engine Python Sdk 1.1.2
Google App Engine Python Sdk 1.1.3
Google App Engine Python Sdk 1.2.0
Google App Engine Python Sdk 1.2.3
Google App Engine Python Sdk 1.2.1
Google App Engine Python Sdk 1.3.1
Google App Engine Python Sdk 1.3.2
Google App Engine Python Sdk 1.4.0
Google App Engine Python Sdk 1.4.1
Google App Engine Python Sdk 1.1.0
Google App Engine Python Sdk 1.1.1
Google App Engine Python Sdk 1.1.8
Google App Engine Python Sdk 1.1.9
Google App Engine Python Sdk 1.2.7
Google App Engine Python Sdk 1.3.0
Google App Engine Python Sdk 1.3.7
Google App Engine Python Sdk 1.3.8
Google App Engine Python Sdk 1.5.2
NA
CVE-2011-4211
The FakeFile implementation in the sandbox environment in the Google App Engine Python SDK prior to 1.5.4 does not properly control the opening of files, which allows local users to bypass intended access restrictions and create arbitrary files via ALLOWED_MODES and ALLOWED_DIRS ...
Google App Engine Python Sdk 1.0.1
Google App Engine Python Sdk 1.0.2
Google App Engine Python Sdk 1.1.6
Google App Engine Python Sdk 1.1.7
Google App Engine Python Sdk 1.2.4
Google App Engine Python Sdk 1.2.5
Google App Engine Python Sdk 1.3.5
Google App Engine Python Sdk 1.3.6
Google App Engine Python Sdk 1.5.0
Google App Engine Python Sdk 1.5.1
Google App Engine Python Sdk
Google App Engine Python Sdk 1.1.4
Google App Engine Python Sdk 1.1.5
Google App Engine Python Sdk 1.2.1
Google App Engine Python Sdk 1.2.2
Google App Engine Python Sdk 1.3.3
Google App Engine Python Sdk 1.3.4
Google App Engine Python Sdk 1.4.2
Google App Engine Python Sdk 1.4.3
Google App Engine Python Sdk 1.1.0
Google App Engine Python Sdk 1.1.1
Google App Engine Python Sdk 1.1.8
NA
CVE-2011-4212
The sandbox environment in the Google App Engine Python SDK prior to 1.5.4 does not properly prevent os.popen calls, which allows local users to bypass intended access restrictions and execute arbitrary commands via a dev_appserver.RestrictedPathFunction._original_os reference wi...
Google App Engine Python Sdk 1.1.1
Google App Engine Python Sdk 1.1.2
Google App Engine Python Sdk 1.2.0
Google App Engine Python Sdk 1.2.3
Google App Engine Python Sdk 1.3.0
Google App Engine Python Sdk 1.3.1
Google App Engine Python Sdk 1.3.8
Google App Engine Python Sdk 1.4.0
Google App Engine Python Sdk 1.0.2
Google App Engine Python Sdk 1.1.0
Google App Engine Python Sdk 1.1.8
Google App Engine Python Sdk 1.1.9
Google App Engine Python Sdk 1.2.6
Google App Engine Python Sdk 1.2.7
Google App Engine Python Sdk 1.3.6
Google App Engine Python Sdk 1.3.7
Google App Engine Python Sdk 1.5.2
Google App Engine Python Sdk 1.1.3
Google App Engine Python Sdk 1.1.4
Google App Engine Python Sdk 1.1.5
Google App Engine Python Sdk 1.2.1
Google App Engine Python Sdk 1.2.2
7.8
CVSSv3
CVE-2017-20052
A vulnerability classified as problematic was found in Python 2.7.13. This vulnerability affects unknown code of the component pgAdmin4. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may ...
Python Python 2.7.13
5.5
CVSSv3
CVE-2023-33595
CPython v3.12.0 alpha 7 exists to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c.
Python Python 3.12.0
NA
CVE-2011-1015
The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote malicious users to read script source code via an HTTP GET request that lacks a / (slash) character at the beginning of the URI.
Python Python 3.0
NA
CVE-2009-4134
Buffer underflow in the rgbimg module in Python 2.5 allows remote malicious users to cause a denial of service (application crash) via a large ZSIZE value in a black-and-white (aka B/W) RGB image that triggers an invalid pointer dereference.
Python Python 2.5.0
5.3
CVSSv3
CVE-2023-38898
An issue in Python cpython v.3.7 allows an malicious user to obtain sensitive information via the _asyncio._swap_current_task component. NOTE: this is disputed by the vendor because (1) neither 3.7 nor any other release is affected (it is a bug in some 3.12 pre-releases); (2) the...
Python Python 3.13.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »