Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-18348
An issue exists in urllib2 in Python 2.x up to and including 2.7.17 and urllib in Python 3.x up to and including 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in ...
Python Python
NA
CVE-2004-0150
Buffer overflow in the getaddrinfo function in Python 2.2 prior to 2.2.2, when IPv6 support is disabled, allows remote malicious users to execute arbitrary code via an IPv6 address that is obtained using DNS.
Python Python
7.5
CVSSv3
CVE-2023-36632
The legacy email.utils.parseaddr function in Python up to and including 3.11.4 allows malicious users to trigger "RecursionError: maximum recursion depth exceeded while calling a Python object" via a crafted argument. This argument is plausibly an untrusted value from a...
Python Python
NA
CVE-2008-2316
Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and previous versions might allow context-dependent malicious users to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB."
Python Python
NA
CVE-2008-1679
Multiple integer overflows in imageop.c in Python prior to 2.5.3 allow context-dependent malicious users to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete ...
Python Python
NA
CVE-2008-2315
Multiple integer overflows in Python 2.5.2 and previous versions allow context-dependent malicious users to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and...
Python Python
NA
CVE-2008-3143
Multiple integer overflows in Python prior to 2.5.2 might allow context-dependent malicious users to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9)...
Python Python
NA
CVE-2008-3144
Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and previous versions allow context-dependent malicious users to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to string formatting ...
Python Python
NA
CVE-2010-2089
The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent malicious users to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated ...
Python Python
1 EDB exploit
6.5
CVSSv3
CVE-2017-18207
The Wave_read._read_fmt_chunk function in Lib/wave.py in Python up to and including 3.6.4 does not ensure a nonzero channel value, which allows malicious users to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disput...
Python Python
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »