Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4040
CVE-2024-4040 PoC Python exploit for CVE-2024-4040 Description A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox...
1 Github repository
NA
CVE-2024-3400
CVE-2024-3400 PoC for educational purposes only. only use on servers you have permission to test. How-To-Use deps: $ pip install rich scan targets.txt: $ python run.py -f targets.txt -t 10 [-] Sending 102 requests... [+] Requests sent. Writi...
1 Github repository
NA
CVE-2024-22774
Panoramic Dental Imaging Software 9.1.2.7600. Phantom DLL Hijack Privilege Escalation (CVE-2024-22774) Table of Contents Table of Contents Introduction Final Version of the Software Searching for Hijackable DLL Setting up the attack Exploit Persistance after OS install Introduc...
1 Github repository
NA
CVE-2023-52654
Run file python3 CVE-2023-52654.py or sudo CVE-2023-52654.py latest kernel bypass root updated POC just run python file with root ______________________________________________________________________________________________________________________________________________________...
1 Github repository
NA
CVE_2023_29489
XSS_1312 Mass Scaning vulnerability in Cpanel [XSS] KALI LINUX sudo pip install BeautifulSoup sudo pip install shodan sudo pip install pystyle git clone https://github.com/tucommenceapousser/XSS_1312.git cd XSS_1312 python cve_2023_29489.py TERMUX pkg install BeautifulSoup pkg in...
1 Github repository
NA
CVE-2024-4030
On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users w...
NA
CVE_2022_40684
Official Writeup - Simple CTF 2.0 Created: April 23, 2024 7:50 PM Today I completed an other room on TryHackMe with a simple file-upload vulnerability which I built. I have tried for dancing around this whole CTF machine and getting a lot of walls of challenges in the end it co...
1 Github repository
NA
CVE-2024-27453
In Extreme XOS up to and including 22.6.1.4, a read-only user can escalate privileges to root via a crafted HTTP POST request to the python method of the Machine-to-Machine Interface (MMI).
NA
CVE-2024-34072
sagemaker-python-sdk is a library for training and deploying machine learning models on Amazon SageMaker. The sagemaker.base_deserializers.NumpyDeserializer module before v2.218.0 allows potentially unsafe deserialization when untrusted data is passed as pickled object arrays. Th...
NA
CVE-2024-34073
sagemaker-python-sdk is a library for training and deploying machine learning models on Amazon SageMaker. In affected versions the capture_dependencies function in `sagemaker.serve.save_retrive.version_1_0_0.save.utils` module allows for potentially unsafe Operating System (OS) C...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »