Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-20052
A vulnerability classified as problematic was found in Python 2.7.13. This vulnerability affects unknown code of the component pgAdmin4. The manipulation leads to uncontrolled search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may ...
Python Python 2.7.13
NA
CVE-2009-4134
Buffer underflow in the rgbimg module in Python 2.5 allows remote malicious users to cause a denial of service (application crash) via a large ZSIZE value in a black-and-white (aka B/W) RGB image that triggers an invalid pointer dereference.
Python Python 2.5.0
7
CVSSv3
CVE-2022-26488
In Python prior to 3.10.3 on Windows, local users can gain privileges because the search path is inadequately secured. The installer may allow a local malicious user to add user-writable directories to the system search path. To exploit, an administrator must have installed Pytho...
Python Python
Python Python 3.11.0
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager -
2.8
CVSSv3
CVE-2024-22194
cdo-local-uuid project provides a specialized UUID-generating function that can, on user request, cause a program to generate deterministic UUIDs. An information leakage vulnerability is present in `cdo-local-uuid` at version `0.4.0`, and in `case-utils` in unpatched versions (ma...
Lfprojects Case Python Utilities 0.5.0
Lfprojects Case Python Utilities 0.6.0
Lfprojects Case Python Utilities 0.7.0
Lfprojects Case Python Utilities 0.8.0
Lfprojects Case Python Utilities 0.9.0
Lfprojects Case Python Utilities 0.10.0
Lfprojects Case Python Utilities 0.11.0
Lfprojects Case Python Utilities 0.12.0
Lfprojects Case Python Utilities 0.13.0
Lfprojects Case Python Utilities 0.14.0
Lfprojects Cdo Local Uuid Utility 0.4.0
NA
CVE-2013-7323
python-gnupg prior to 0.3.5 allows context-dependent malicious users to execute arbitrary commands via shell metacharacters in unspecified vectors.
Vinay Sajip Python-gnupg
Vinay Sajip Python-gnupg 0.3.3
Vinay Sajip Python-gnupg 0.3.1
Vinay Sajip Python-gnupg 0.3.2
Vinay Sajip Python-gnupg 0.3.0
9.8
CVSSv3
CVE-2017-0906
The Recurly Client Python Library prior to 2.0.5, 2.1.16, 2.2.22, 2.3.1, 2.4.5, 2.5.1, 2.6.2 is vulnerable to a Server-Side Request Forgery vulnerability in the "Resource.get" method that could result in compromise of API keys or other critical resources.
Recurly Recurly Client Python
Recurly Recurly Client Python 2.3.0
Recurly Recurly Client Python 2.5.0
Recurly Recurly Client Python 2.6.1
Recurly Recurly Client Python 2.6.0
6.5
CVSSv3
CVE-2021-46823
python-ldap prior to 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service (ReDoS) flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker cou...
Python-ldap Python-ldap
7.8
CVSSv3
CVE-2021-25322
A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local malicious users to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1....
Python-hyperkitty Project Python-hyperkitty
9.1
CVSSv3
CVE-2022-39227
python-jwt is a module for generating and verifying JSON Web Tokens. Versions before 3.3.4 are subject to Authentication Bypass by Spoofing, resulting in identity spoofing, session hijacking or authentication bypass. An attacker who obtains a JWT can arbitrarily forge its content...
Python-jwt Project Python-jwt
3 Github repositories
9.8
CVSSv3
CVE-2022-30284
In the python-libnmap package up to and including 0.7.2 for Python, remote command execution can occur (if used in a client application that does not validate arguments). NOTE: the vendor believes it would be unrealistic for an application to call NmapProcess with arguments taken...
Python-libnmap Project Python-libnmap
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »