Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2021-43837
vault-cli is a configurable command-line interface tool (and python library) to interact with Hashicorp Vault. In versions prior to 3.0.0 vault-cli features the ability for rendering templated values. When a secret starts with the prefix `!template!`, vault-cli interprets the res...
Vault-cli Project Vault-cli
9
CVSSv2
CVE-2020-26943
An issue exists in OpenStack blazar-dashboard prior to 1.3.1, 2.0.0, and 3.0.0. A user allowed to access the Blazar dashboard in Horizon may trigger code execution on the Horizon host as the user the Horizon service runs under (because the Python eval function is used). This may ...
Openstack Blazar-dashboard
Openstack Blazar-dashboard 2.0.0
Openstack Blazar-dashboard 3.0.0
9
CVSSv2
CVE-2020-11057
In XWiki Platform 7.2 up to and including 11.10.2, registered users without scripting/programming permissions are able to execute python/groovy scripts while editing personal dashboards. This has been fixed 11.3.7 , 11.10.3 and 12.0.
Xwiki Xwiki
9
CVSSv2
CVE-2019-9189
Prima Systems FlexAir, Versions 2.4.9api3 and prior. The application allows the upload of arbitrary Python scripts when configuring the main central controller. These scripts can be immediately executed because of root code execution, not as a web server user, allowing an authent...
Primasystems Flexair
1 EDB exploit
9
CVSSv2
CVE-2019-10662
Grandstream UCM6204 prior to 1.0.19.20 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the backupUCMConfig file-backup parameter to the /cgi? URI.
Grandstream Ucm6204 Firmware
1 Metasploit module
9
CVSSv2
CVE-2015-5164
The Qpid server on Red Hat Satellite 6 does not properly restrict message types, which allows remote authenticated users with administrative access on a managed content host to execute arbitrary code via a crafted message, related to a pickle processing problem in pulp.
Pulpproject Qpid -
9
CVSSv2
CVE-2008-6954
The web interface (CobblerWeb) in Cobbler prior to 1.2.9 allows remote authenticated users to execute arbitrary Python code in cobblerd by editing a Cheetah kickstart template to import arbitrary Python modules.
Michael Dehaan Cobbler 1.2.3
Michael Dehaan Cobbler 1.2.2
Michael Dehaan Cobbler 0.6.5
Michael Dehaan Cobbler 0.6.4
Michael Dehaan Cobbler 0.4.6
Michael Dehaan Cobbler 0.4.5
Michael Dehaan Cobbler 0.3.5
Michael Dehaan Cobbler 0.3.4
Michael Dehaan Cobbler 0.2.3
Michael Dehaan Cobbler 0.2.2
Michael Dehaan Cobbler 1.2.0
Michael Dehaan Cobbler 1.0.3-1
Michael Dehaan Cobbler 0.6.3
Michael Dehaan Cobbler 0.6.1
Michael Dehaan Cobbler 0.4.3
Michael Dehaan Cobbler 0.4.2
Michael Dehaan Cobbler 0.3.3
Michael Dehaan Cobbler 0.3.1
Michael Dehaan Cobbler 0.2.1
Michael Dehaan Cobbler 0.1.1.7
Michael Dehaan Cobbler 1.2.6
Michael Dehaan Cobbler 1.2.5
8.8
CVSSv2
CVE-2021-41131
python-tuf is a Python reference implementation of The Update Framework (TUF). In both clients (`tuf/client` and `tuf/ngclient`), there is a path traversal vulnerability that in the worst case can overwrite files ending in `.json` anywhere on the client system on a call to `get_o...
Linuxfoundation The Update Framework
8.5
CVSSv2
CVE-2021-33509
Plone up to and including 5.2.4 allows remote authenticated managers to perform disk I/O via crafted keyword arguments to the ReStructuredText transform in a Python script.
Plone Plone
8.5
CVSSv2
CVE-2018-0015
A malicious user with unrestricted access to the AppFormix application management platform may be able to access a Python debug console and execute system commands with root privilege. The AppFormix Agent exposes the debug console on a host where AppFormix Agent is executing. If ...
Juniper Appformix
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »