VYPR

Vendor CVEs

Python (programming language)

All CVEs

310 total · sorted by risk
  • CVE-2018-1000117MedMar 7, 2018
    risk 0.00cvss 6.7epss 0.01

    Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python…

  • CVE-2015-5652Oct 6, 2015
    risk 0.00cvss epss 0.01

    Untrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE: the vendor says "It was determined that this is a longtime behavior of Python…

  • CVE-2015-7337Sep 29, 2015
    risk 0.00cvss epss 0.02

    The editor in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to execute arbitrary JavaScript code via a crafted file, which triggers a redirect to files/, related to MIME types.

  • CVE-2015-6938Sep 21, 2015
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported…

  • CVE-2015-2534Sep 9, 2015
    risk 0.00cvss epss 0.02

    Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 improperly processes ACL settings, which allows local users to bypass intended network-traffic restrictions via a crafted application, aka "Hyper-V Security Feature Bypass Vulnerability."

  • CVE-2014-3598May 1, 2015
    risk 0.00cvss epss 0.02

    The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image.

  • CVE-2015-2296Mar 18, 2015
    risk 0.00cvss epss 0.03

    The resolve_redirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect.

  • CVE-2014-9601Jan 16, 2015
    risk 0.00cvss epss 0.05

    Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed.

  • CVE-2014-9365Dec 12, 2014
    risk 0.00cvss epss 0.03

    The HTTP clients in the (1) httplib, (2) urllib, (3) urllib2, and (4) xmlrpclib libraries in CPython (aka Python) 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not (a) check the certificate against a trust store or verify that the server hostname matches…

  • CVE-2014-2667Nov 16, 2014
    risk 0.00cvss epss 0.00

    Race condition in the _get_masked_mode function in Lib/os.py in Python 3.2 through 3.5, when exist_ok is set to true and multiple threads are used, might allow local users to bypass intended file permissions by leveraging a separate application vulnerability before the umask has…

  • CVE-2014-1830Oct 15, 2014
    risk 0.00cvss epss 0.02

    Requests (aka python-requests) before 2.3.0 allows remote servers to obtain sensitive information by reading the Proxy-Authorization header in a redirected request.

  • CVE-2014-1829Oct 15, 2014
    risk 0.00cvss epss 0.02

    Requests (aka python-requests) before 2.3.0 allows remote servers to obtain a netrc password by reading the Authorization header in a redirected request.

  • CVE-2014-7185Oct 8, 2014
    risk 0.00cvss epss 0.05

    Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function.

  • CVE-2014-3589Aug 25, 2014
    risk 0.00cvss epss 0.04

    PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote attackers to cause a denial of service via a crafted block size.

  • CVE-2014-3429Aug 7, 2014
    risk 0.00cvss epss 0.05

    IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page.

  • CVE-2013-7040May 19, 2014
    risk 0.00cvss epss 0.03

    Python 2.7 before 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the ability to trigger hash collisions predictably and makes it easier for context-dependent attackers to cause a denial of…

  • CVE-2013-7338Apr 22, 2014
    risk 0.00cvss epss 0.05

    Python before 3.3.4 RC1 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a file size value larger than the size of the zip file to the (1) ZipExtFile.read, (2) ZipExtFile.read(n), (3) ZipExtFile.readlines, (4) ZipFile.extract, or (5)…

  • CVE-2014-1933Apr 17, 2014
    risk 0.00cvss epss 0.00

    The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes.

  • CVE-2014-1932Apr 17, 2014
    risk 0.00cvss epss 0.00

    The (1) load_djpeg function in JpegImagePlugin.py, (2) Ghostscript function in EpsImagePlugin.py, (3) load function in IptcImagePlugin.py, and (4) _copy function in Image.py in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 do not properly create temporary…

  • CVE-2014-1624Jan 28, 2014
    risk 0.00cvss epss 0.00

    Race condition in the xdg.BaseDirectory.get_runtime_dir function in python-xdg 0.25 allows local users to overwrite arbitrary files by pre-creating /tmp/pyxdg-runtime-dir-fallback-victim to point to a victim-owned location, then replacing it with a symlink to an…

  • CVE-2014-1604Jan 28, 2014
    risk 0.00cvss epss 0.00

    The parser cache functionality in parsergenerator.py in RPLY (aka python-rply) before 0.7.1 allows local users to spoof cache data by pre-creating a temporary rply-*.json file with a predictable name.

  • CVE-2013-2099Oct 9, 2013
    risk 0.00cvss epss 0.05

    Algorithmic complexity vulnerability in the ssl.match_hostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption)…

  • CVE-2013-4238Aug 18, 2013
    risk 0.00cvss epss 0.05

    The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a…

  • CVE-2013-1633Aug 6, 2013
    risk 0.00cvss epss 0.02

    easy_install in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product.

  • CVE-2012-4571Nov 30, 2012
    risk 0.00cvss epss 0.00

    Python Keyring 0.9.1 does not securely initialize the cipher when encrypting passwords for CryptedFileKeyring files, which makes it easier for local users to obtain passwords via a brute-force attack.

  • CVE-2012-1150Oct 5, 2012
    risk 0.00cvss epss 0.05

    Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted…

  • CVE-2012-0845Oct 5, 2012
    risk 0.00cvss epss 0.06

    SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of…

  • CVE-2012-3458Sep 15, 2012
    risk 0.00cvss epss 0.02

    Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors.

  • CVE-2011-4944Aug 27, 2012
    risk 0.00cvss epss 0.00

    Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file.

  • CVE-2012-2135Aug 14, 2012
    risk 0.00cvss epss 0.05

    The utf-16 decoder in Python 3.1 through 3.3 does not update the aligned_end variable after calling the unicode_decode_call_errorhandler function, which allows remote attackers to obtain sensitive information (process memory) or cause a denial of service (memory corruption and…

  • CVE-2012-0876Jul 3, 2012
    risk 0.00cvss epss 0.06

    The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the…

  • CVE-2011-4940Jun 27, 2012
    risk 0.00cvss epss 0.03

    The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct…

  • CVE-2011-4617Dec 31, 2011
    risk 0.00cvss epss 0.00

    virtualenv.py in virtualenv before 1.5 allows local users to overwrite arbitrary files via a symlink attack on a certain file in /tmp/.

  • CVE-2011-1521May 24, 2011
    risk 0.00cvss epss 0.04

    The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain sensitive information or cause a denial of service (resource consumption) via a…

  • CVE-2011-1015May 9, 2011
    risk 0.00cvss epss 0.04

    The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / (slash) character at the beginning of the URI.

  • CVE-2010-3493Oct 19, 2010
    risk 0.00cvss epss 0.03

    Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected…

  • CVE-2010-3492Oct 19, 2010
    risk 0.00cvss epss 0.04

    The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote…

  • CVE-2010-2089May 27, 2010
    risk 0.00cvss epss 0.15

    The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a…

  • CVE-2010-1634May 27, 2010
    risk 0.00cvss epss 0.04

    Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first…

  • CVE-2010-1450May 27, 2010
    risk 0.00cvss epss 0.04

    Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function.

  • CVE-2010-1449May 27, 2010
    risk 0.00cvss epss 0.04

    Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to have an unspecified impact via a large image that triggers a buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-3143.12.

  • CVE-2009-4134May 27, 2010
    risk 0.00cvss epss 0.04

    Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service (application crash) via a large ZSIZE value in a black-and-white (aka B/W) RGB image that triggers an invalid pointer dereference.

  • CVE-2009-0317Jan 28, 2009
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in the Python language bindings for Nautilus (nautilus-python) allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function…

  • CVE-2008-5983Jan 28, 2009
    risk 0.00cvss epss 0.01

    Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which might allow local users to execute arbitrary code…

  • CVE-2008-5031Nov 10, 2008
    risk 0.00cvss epss 0.03

    Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in…

  • CVE-2008-4108Sep 18, 2008
    risk 0.00cvss epss 0.00

    Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common usage scenarios in which tmp$RANDOM.tmp is located in…

  • CVE-2008-2315Aug 1, 2008
    risk 0.00cvss epss 0.04

    Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7) gcmodule, and (8) mmapmodule…

  • CVE-2008-2316Aug 1, 2008
    risk 0.00cvss epss 0.03

    Integer overflow in _hashopenssl.c in the hashlib module in Python 2.5.2 and earlier might allow context-dependent attackers to defeat cryptographic digests, related to "partial hashlib hashing of data exceeding 4GB."

  • CVE-2008-3142Aug 1, 2008
    risk 0.00cvss epss 0.04

    Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related…

  • CVE-2008-3143Aug 1, 2008
    risk 0.00cvss epss 0.04

    Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c, (8) cStringIO.c, (9)…

Page 6 of 7