VYPR

Python

by Python (programming language)

Source repositories

CVEs (183)

  • CVE-2010-3493Oct 19, 2010
    risk 0.00cvss epss 0.03

    Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected…

  • CVE-2010-3492Oct 19, 2010
    risk 0.00cvss epss 0.04

    The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote…

  • CVE-2010-2089May 27, 2010
    risk 0.00cvss epss 0.15

    The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a…

  • CVE-2010-1634May 27, 2010
    risk 0.00cvss epss 0.04

    Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first…

  • CVE-2010-1450May 27, 2010
    risk 0.00cvss epss 0.04

    Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function.

  • CVE-2010-1449May 27, 2010
    risk 0.00cvss epss 0.04

    Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to have an unspecified impact via a large image that triggers a buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-3143.12.

  • CVE-2009-4134May 27, 2010
    risk 0.00cvss epss 0.04

    Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service (application crash) via a large ZSIZE value in a black-and-white (aka B/W) RGB image that triggers an invalid pointer dereference.

  • CVE-2008-5983Jan 28, 2009
    risk 0.00cvss epss 0.01

    Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which might allow local users to execute arbitrary code…

  • CVE-2008-5031Nov 10, 2008
    risk 0.00cvss epss 0.03

    Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in…

  • CVE-2008-4108Sep 18, 2008
    risk 0.00cvss epss 0.00

    Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common usage scenarios in which tmp$RANDOM.tmp is located in…

  • CVE-2008-3143Aug 1, 2008
    risk 0.00cvss epss 0.04

    Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9)…

  • CVE-2008-3144Aug 1, 2008
    risk 0.00cvss epss 0.04

    Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to string formatting operations. …

  • CVE-2008-2315Aug 1, 2008
    risk 0.00cvss epss 0.04

    Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule…

  • CVE-2008-3142Aug 1, 2008
    risk 0.00cvss epss 0.04

    Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related…

  • CVE-2008-2316Aug 1, 2008
    risk 0.00cvss epss 0.03

    Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB."

  • CVE-2008-1679Apr 22, 2008
    risk 0.00cvss epss 0.04

    Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix…

  • CVE-2008-1721Apr 10, 2008
    risk 0.00cvss epss 0.23

    Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.

  • CVE-2006-4980Oct 10, 2006
    risk 0.00cvss epss 0.05

    Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts.

  • CVE-2006-1542Mar 30, 2006
    risk 0.00cvss epss 0.01

    Stack-based buffer overflow in Python 2.4.2 and earlier, running on Linux 2.6.12.5 under gcc 4.0.3 with libc 2.3.5, allows local users to cause a "stack overflow," and possibly gain privileges, by running a script from a current working directory that has a long name, related to…

  • CVE-2005-0089May 2, 2005
    risk 0.00cvss epss 0.05

    The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote attackers to read or modify globals of the associated module, and…

Page 9 of 10