Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-40217
An issue exists in Python prior to 3.8.18, 3.9.x prior to 3.9.18, 3.10.x prior to 3.10.13, and 3.11.x prior to 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buf...
Python Python
1 Github repository
383
VMScore
CVE-2019-9740
An issue exists in urllib2 in Python 2.x up to and including 2.7.16 and urllib in Python 3.x up to and including 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in ...
Python Python
1 Github repository
384
VMScore
CVE-2019-9947
An issue exists in urllib2 in Python 2.x up to and including 2.7.16 and urllib in Python 3.x up to and including 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in ...
Python Python
760
VMScore
CVE-2008-4864
Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 up to and including 2.5.1 allow context-dependent malicious users to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to ...
Python Python
2 EDB exploits
641
VMScore
CVE-2015-5652
Untrusted search path vulnerability in python.exe in Python up to and including 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE: the vendor says "It was determined that this is a longtime beha...
Python Python
NA
CVE-2024-22194
cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in `cdo-local-uuid` at version `0.4.0`, and in `case-utils` in unpatched versions (ma...
Lfprojects Case Python Utilities 0.5.0
Lfprojects Case Python Utilities 0.6.0
Lfprojects Case Python Utilities 0.7.0
Lfprojects Case Python Utilities 0.8.0
Lfprojects Case Python Utilities 0.9.0
Lfprojects Case Python Utilities 0.10.0
Lfprojects Case Python Utilities 0.11.0
Lfprojects Case Python Utilities 0.12.0
Lfprojects Case Python Utilities 0.13.0
Lfprojects Case Python Utilities 0.14.0
Lfprojects Cdo Local Uuid Utility 0.4.0
392
VMScore
CVE-2022-26488
In Python prior to 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local malicious user to add user-writable directories to the system search path. To exploit, an administrator must have installed Pytho...
Python Python
Python Python 3.11.0
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
446
VMScore
CVE-2009-4134
Buffer underflow in the rgbimg module in Python 2.5 allows remote malicious users to cause a denial of service (application crash) via a large ZSIZE value in a black-and-white (aka B/W) RGB image that triggers an invalid pointer dereference.
Python Python 2.5.0
392
VMScore
CVE-2017-20052
A vulnerability classified as problematic was found in Python 2.7.13. This vulnerability affects unknown code of the component pgAdmin4. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may ...
Python Python 2.7.13
668
VMScore
CVE-2010-1449
Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote malicious users to have an unspecified impact via a large image that triggers a buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-3143.12.
Python Python 2.5.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »