Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python requests vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-26318
On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS prior to 12.7.2_U2, 12.x prior to 12.1.3_U8, and 12.2.x up to and including 12.5.x prior to 12.5.9_U2.
Watchguard Fireware
Watchguard Fireware 12.1.3
Watchguard Fireware 12.7.2
Watchguard Fireware 12.5.9
2 Github repositories
NA
CVE-2013-1664
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute (Nova) Essex and Folsom; Cinder Folsom; Django; and possibly other products allow remote malicious users to cause a denial of service (resource consump...
Openstack Cinder Folsom -
Openstack Keystone Essex -
Openstack Folsom -
Openstack Grizzly -
Openstack Compute \\(nova\\) Essex -
Openstack Compute \\(nova\\) Folsom -
8.1
CVSSv3
CVE-2021-32677
FastAPI is a web framework for building APIs with Python 3.6+ based on standard Python type hints. FastAPI versions lower than 0.65.2 that used cookies for authentication in path operations that received JSON payloads sent by browsers were vulnerable to a Cross-Site Request Forge...
Tiangolo Fastapi
Fedoraproject Fedora 34
1 Github repository
8.8
CVSSv3
CVE-2020-13948
While investigating a bug report on Apache Superset, it was determined that an authenticated user could craft requests via a number of templated text fields in the product that would allow arbitrary access to Python’s `os` package in the web application process in versions ...
Apache Superset
5.3
CVSSv3
CVE-2021-29471
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.33.2 "Push rules" can specify conditions under which they will match, including `e...
Matrix Synapse
Fedoraproject Fedora 34
6.8
CVSSv3
CVE-2020-28473
The package bottle from 0 and prior to 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the pr...
Bottlepy Bottle
Debian Debian Linux 9.0
NA
CVE-2005-0202
Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and previous versions allows remote malicious users to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended ...
Gnu Mailman 2.1.4
Gnu Mailman 2.1.5
Gnu Mailman 2.1b1
Gnu Mailman 2.1.2
Gnu Mailman 2.1.3
Gnu Mailman 2.1
Gnu Mailman 2.1.1
NA
CVE-2004-1177
Cross-site scripting (XSS) vulnerability in the driver script in mailman prior to 2.1.5 allows remote malicious users to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page.
Gnu Mailman 2.0.12
Gnu Mailman 2.0.13
Gnu Mailman 2.0.8
Gnu Mailman 2.0.9
Gnu Mailman 2.1.4
Gnu Mailman 2.1b1
Gnu Mailman 2.0
Gnu Mailman 2.0.1
Gnu Mailman 2.0.4
Gnu Mailman 2.0.5
Gnu Mailman 2.1
Gnu Mailman 2.1.1
Gnu Mailman 2.0.10
Gnu Mailman 2.0.11
Gnu Mailman 2.0.6
Gnu Mailman 2.0.7
Gnu Mailman 2.1.2
Gnu Mailman 2.1.3
Gnu Mailman 1.0
Gnu Mailman 1.1
Gnu Mailman 2.0.2
Gnu Mailman 2.0.3
7.4
CVSSv3
CVE-2021-21241
The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is a independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. In Flask-Security-Too from version 3.3.0 and before ver...
Flask-security-too Project Flask-security-too
NA
CVE-2010-2751
The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocShell.cpp in Mozilla Firefox 3.5.x prior to 3.5.11 and 3.6.x prior to 3.6.7, and SeaMonkey prior to 2.0.6, allows remote malicious users to spoof the SSL security status of a document via vectors involving multi...
Mozilla Firefox 3.5.7
Mozilla Firefox 3.5.9
Mozilla Firefox 3.5.10
Mozilla Firefox 3.5.1
Mozilla Firefox 3.5.2
Mozilla Firefox 3.6.1
Mozilla Firefox 3.6.2
Mozilla Firefox 3.5.3
Mozilla Firefox 3.5.4
Mozilla Firefox 3.6.3
Mozilla Firefox 3.6.4
Mozilla Firefox 3.5.5
Mozilla Firefox 3.5.6
Mozilla Firefox 3.6.6
Mozilla Seamonkey 1.0
Mozilla Seamonkey 1.0.1
Mozilla Seamonkey 1.0.8
Mozilla Seamonkey 1.0.9
Mozilla Seamonkey 1.1.12
Mozilla Seamonkey 1.1.13
Mozilla Seamonkey 1.1.14
Mozilla Seamonkey 1.1.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »