Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
python python 2.3.1 vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2014-3007
Python Image Library (PIL) 1.1.7 and previous versions and Pillow 2.3 might allow remote malicious users to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932, possibly JpegImagePlugin.py.
Pythonware Python Imaging Library
Python Pillow 2.3.0
668
VMScore
CVE-2017-0906
The Recurly Client Python Library prior to 2.0.5, 2.1.16, 2.2.22, 2.3.1, 2.4.5, 2.5.1, 2.6.2 is vulnerable to a Server-Side Request Forgery vulnerability in the "Resource.get" method that could result in compromise of API keys or other critical resources.
Recurly Recurly Client Python
Recurly Recurly Client Python 2.3.0
Recurly Recurly Client Python 2.5.0
Recurly Recurly Client Python 2.6.0
Recurly Recurly Client Python 2.6.1
570
VMScore
CVE-2011-1521
The urllib and urllib2 modules in Python 2.x prior to 2.7.2 and 3.x prior to 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote malicious users to obtain sensitive information or cause a denial of service (resource consumption)...
Python Python 2.4.2
Python Python 2.5.1
Python Python 2.3.4
Python Python 2.6.6
Python Python 2.1
Python Python 2.0.1
Python Python 2.6.1
Python Python 2.3.1
Python Python 2.1.2
Python Python 2.2.1
Python Python 2.5.4
Python Python 2.2.2
Python Python 2.1.1
Python Python 2.3.3
Python Python 2.7.1
Python Python 2.3.2
Python Python 2.6.7
Python Python 2.4.6
Python Python 2.0
Python Python 2.2.3
Python Python 2.5.2
Python Python 2.3.7
570
VMScore
CVE-2008-4099
PyDNS (aka python-dns) prior to 2.3.1-4 in Debian GNU/Linux does not use random source ports or transaction IDs for DNS requests, which makes it easier for remote malicious users to spoof DNS responses, a different vulnerability than CVE-2008-1447.
Debian Python-dns
Debian Python-dns 2.3.0-1
Debian Python-dns 2.3.0-2
Debian Python-dns 2.3.0-3
Debian Python-dns 2.3.0-4
Debian Python-dns 2.3.0-5
Debian Python-dns 2.3.0-5.1
Debian Python-dns 2.3.0-6
Debian Python-dns 2.3.1-1
Debian Python-dns 2.3.1-2
570
VMScore
CVE-2008-4126
PyDNS (aka python-dns) prior to 2.3.1-5 in Debian GNU/Linux does not use random source ports for DNS requests and does not use random transaction IDs for DNS retries, which makes it easier for remote malicious users to spoof DNS responses, a different vulnerability than CVE-2008-...
Debian Python-dns
Debian Python-dns 2.3.0-1
Debian Python-dns 2.3.0-2
Debian Python-dns 2.3.0-3
Debian Python-dns 2.3.0-4
Debian Python-dns 2.3.0-5
Debian Python-dns 2.3.0-5.1
Debian Python-dns 2.3.0-6
Debian Python-dns 2.3.1-1
Debian Python-dns 2.3.1-2
Debian Python-dns 2.3.1-3
490
VMScore
CVE-2020-15193
In Tensorflow prior to 2.2.1 and 2.3.1, the implementation of `dlpack.to_dlpack` can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users ...
Google Tensorflow 2.2.0
Google Tensorflow 2.3.0
Opensuse Leap 15.2
446
VMScore
CVE-2021-27291
In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a ...
Pygments Pygments
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
446
VMScore
CVE-2012-1150
Python prior to 2.6.8, 2.7.x prior to 2.7.3, 3.x prior to 3.1.5, and 3.2.x prior to 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent malicious users to cause a denial of service (CPU consumption) via...
Python Python 2.4.2
Python Python 2.5.1
Python Python 2.3.4
Python Python 2.6.6
Python Python 2.1
Python Python 2.0.1
Python Python 2.6.1
Python Python 2.3.1
Python Python 0.9.1
Python Python 2.1.2
Python Python 0.9.0
Python Python 1.6.1
Python Python 2.2.1
Python Python 2.5.4
Python Python 1.3
Python Python 2.6.3
Python Python 2.2.2
Python Python 2.1.1
Python Python 1.5.2
Python Python 2.6.2150
Python Python 2.3.3
Python Python 2.3.2
2 Github repositories
445
VMScore
CVE-2021-20270
An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword.
Pygments Pygments
Redhat Enterprise Linux 7.0
Redhat Openshift Container Platform 3.11
Redhat Enterprise Linux 8.0
Redhat Software Collections -
Redhat Openshift Container Platform 4.0
Redhat Openstack Platform 10.0
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
1 Github repository
445
VMScore
CVE-2012-0845
SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python prior to 2.6.8, 2.7.x prior to 2.7.3, 3.x prior to 3.1.5, and 3.2.x prior to 3.2.3 allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smal...
Python Python 2.4.2
Python Python 2.5.1
Python Python 2.3.4
Python Python 2.6.6
Python Python 2.1
Python Python 2.0.1
Python Python 2.6.1
Python Python 2.3.1
Python Python 0.9.1
Python Python 2.1.2
Python Python 0.9.0
Python Python 1.6.1
Python Python 2.2.1
Python Python 2.5.4
Python Python 1.3
Python Python 2.6.3
Python Python 2.2.2
Python Python 2.1.1
Python Python 1.5.2
Python Python 2.6.2150
Python Python 2.3.3
Python Python 2.3.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »