VYPR

Vendor CVEs

Python (programming language)

All CVEs

310 total · sorted by risk
  • CVE-2008-3142Aug 1, 2008
    risk 0.00cvss epss 0.04

    Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related…

  • CVE-2008-1679Apr 22, 2008
    risk 0.00cvss epss 0.04

    Multiple integer overflows in imageop.c in Python before 2.5.3 allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows. NOTE: this issue is due to an incomplete fix…

  • CVE-2008-1721Apr 10, 2008
    risk 0.00cvss epss 0.23

    Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.

  • CVE-2008-0299Jan 16, 2008
    risk 0.00cvss epss 0.02

    common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool.

  • CVE-2006-4980Oct 10, 2006
    risk 0.00cvss epss 0.05

    Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts.

  • CVE-2006-1542Mar 30, 2006
    risk 0.00cvss epss 0.01

    Stack-based buffer overflow in Python 2.4.2 and earlier, running on Linux 2.6.12.5 under gcc 4.0.3 with libc 2.3.5, allows local users to cause a "stack overflow," and possibly gain privileges, by running a script from a current working directory that has a long name, related to…

  • CVE-2005-0089May 2, 2005
    risk 0.00cvss epss 0.05

    The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote attackers to read or modify globals of the associated module, and…

  • CVE-2004-0150Apr 15, 2004
    risk 0.00cvss epss 0.05

    Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disabled, allows remote attackers to execute arbitrary code via an IPv6 address that is obtained using DNS.

  • CVE-2003-0973Dec 15, 2003
    risk 0.00cvss epss 0.06

    Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string.

  • CVE-2002-1119Oct 4, 2002
    risk 0.00cvss epss 0.00

    os._execvpe from os.py in Python 2.2.1 and earlier creates temporary files with predictable names, which could allow local users to execute arbitrary code via a symlink attack.

Page 7 of 7