Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-1542
Stack-based buffer overflow in Python 2.4.2 and previous versions, running on Linux 2.6.12.5 under gcc 4.0.3 with libc 2.3.5, allows local users to cause a "stack overflow," and possibly gain privileges, by running a script from a current working directory that has a lo...
Python Python
1 EDB exploit
7.4
CVSSv3
CVE-2021-28861
Python 3.x up to and including 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. NOTE: this is disputed by a third party because the http.server.html d...
Python Python 3.11.0
Python Python
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
NA
CVE-2011-4211
The FakeFile implementation in the sandbox environment in the Google App Engine Python SDK prior to 1.5.4 does not properly control the opening of files, which allows local users to bypass intended access restrictions and create arbitrary files via ALLOWED_MODES and ALLOWED_DIRS ...
Google App Engine Python Sdk 1.0.1
Google App Engine Python Sdk 1.0.2
Google App Engine Python Sdk 1.1.6
Google App Engine Python Sdk 1.1.7
Google App Engine Python Sdk 1.2.4
Google App Engine Python Sdk 1.2.5
Google App Engine Python Sdk 1.3.5
Google App Engine Python Sdk 1.3.6
Google App Engine Python Sdk 1.5.0
Google App Engine Python Sdk 1.5.1
Google App Engine Python Sdk
Google App Engine Python Sdk 1.1.4
Google App Engine Python Sdk 1.1.5
Google App Engine Python Sdk 1.2.1
Google App Engine Python Sdk 1.2.2
Google App Engine Python Sdk 1.3.3
Google App Engine Python Sdk 1.3.4
Google App Engine Python Sdk 1.4.2
Google App Engine Python Sdk 1.4.3
Google App Engine Python Sdk 1.1.0
Google App Engine Python Sdk 1.1.1
Google App Engine Python Sdk 1.1.8
NA
CVE-2011-4212
The sandbox environment in the Google App Engine Python SDK prior to 1.5.4 does not properly prevent os.popen calls, which allows local users to bypass intended access restrictions and execute arbitrary commands via a dev_appserver.RestrictedPathFunction._original_os reference wi...
Google App Engine Python Sdk 1.1.1
Google App Engine Python Sdk 1.1.2
Google App Engine Python Sdk 1.2.0
Google App Engine Python Sdk 1.2.3
Google App Engine Python Sdk 1.3.0
Google App Engine Python Sdk 1.3.1
Google App Engine Python Sdk 1.3.8
Google App Engine Python Sdk 1.4.0
Google App Engine Python Sdk 1.0.2
Google App Engine Python Sdk 1.1.0
Google App Engine Python Sdk 1.1.8
Google App Engine Python Sdk 1.1.9
Google App Engine Python Sdk 1.2.6
Google App Engine Python Sdk 1.2.7
Google App Engine Python Sdk 1.3.6
Google App Engine Python Sdk 1.3.7
Google App Engine Python Sdk 1.5.2
Google App Engine Python Sdk 1.1.3
Google App Engine Python Sdk 1.1.4
Google App Engine Python Sdk 1.1.5
Google App Engine Python Sdk 1.2.1
Google App Engine Python Sdk 1.2.2
NA
CVE-2011-1364
Cross-site request forgery (CSRF) vulnerability in _ah/admin/interactive/execute (aka the Interactive Console) in the SDK Console (aka Admin Console) in the Google App Engine Python SDK prior to 1.5.4 allows remote malicious users to hijack the authentication of administrators fo...
Google App Engine Python Sdk
Google App Engine Python Sdk 1.1.4
Google App Engine Python Sdk 1.1.5
Google App Engine Python Sdk 1.2.2
Google App Engine Python Sdk 1.1.2
Google App Engine Python Sdk 1.1.3
Google App Engine Python Sdk 1.2.0
Google App Engine Python Sdk 1.2.3
Google App Engine Python Sdk 1.2.1
Google App Engine Python Sdk 1.3.1
Google App Engine Python Sdk 1.3.2
Google App Engine Python Sdk 1.4.0
Google App Engine Python Sdk 1.4.1
Google App Engine Python Sdk 1.1.0
Google App Engine Python Sdk 1.1.1
Google App Engine Python Sdk 1.1.8
Google App Engine Python Sdk 1.1.9
Google App Engine Python Sdk 1.2.7
Google App Engine Python Sdk 1.3.0
Google App Engine Python Sdk 1.3.7
Google App Engine Python Sdk 1.3.8
Google App Engine Python Sdk 1.5.2
NA
CVE-2010-1449
Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote malicious users to have an unspecified impact via a large image that triggers a buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-3143.12.
Python Python 2.5.0
5.3
CVSSv3
CVE-2023-38898
An issue in Python cpython v.3.7 allows an malicious user to obtain sensitive information via the _asyncio._swap_current_task component. NOTE: this is disputed by the vendor because (1) neither 3.7 nor any other release is affected (it is a bug in some 3.12 pre-releases); (2) the...
Python Python 3.13.0
7.8
CVSSv3
CVE-2017-20052
A vulnerability classified as problematic was found in Python 2.7.13. This vulnerability affects unknown code of the component pgAdmin4. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may ...
Python Python 2.7.13
5.5
CVSSv3
CVE-2023-33595
CPython v3.12.0 alpha 7 exists to contain a heap use-after-free via the function ascii_decode at /Objects/unicodeobject.c.
Python Python 3.12.0
NA
CVE-2009-4134
Buffer underflow in the rgbimg module in Python 2.5 allows remote malicious users to cause a denial of service (application crash) via a large ZSIZE value in a black-and-white (aka B/W) RGB image that triggers an invalid pointer dereference.
Python Python 2.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »