Page 27 of 174 results (0.019 seconds)

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 1

CVE-2014-1933

https://notcve.org/view.php?id=CVE-2014-1933

The (1) JpegImagePlugin.py and (2) EpsImagePlugin.py scripts in Python Image Library (PIL) 1.1.7 and earlier and Pillow before 2.3.1 uses the names of temporary files on the command line, which makes it easier for local users to conduct symlink attacks by listing the processes. Los scripts (1) JpegImagePlugin.py y (2) EpsImagePlugin.py en Python Image Library (PIL) 1.1.7 y anteriores y Pillow anterior a 2.3.1 utiliza los nombres de archivos temporales en la línea de comando, lo que facilita a usuarios locales realizar ataques symlink mediante el listado de los procesos. • http://lists.opensuse.org/opensuse-updates/2014-05/msg00002.html http://www.openwall.com/lists/oss-security/2014/02/10/15 http://www.openwall.com/lists/oss-security/2014/02/11/1 http://www.securityfocus.com/bid/65513 http://www.ubuntu.com/usn/USN-2168-1 https://github.com/python-imaging/Pillow/commit/4e9f367dfd3f04c8f5d23f7f759ec12782e10ee7 https://security.gentoo.org/glsa/201612-52 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 60%CPEs: 52EXPL: 4

CVE-2014-1912 – Python - 'socket.recvfrom_into()' Remote Buffer Overflow

https://notcve.org/view.php?id=CVE-2014-1912

Buffer overflow in the socket.recvfrom_into function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string. Desbordamiento de buffer en la función socket.recvfrom_into en Modules/socketmodule.c en Python 2.5 anterior a 2.7.7, 3.x anterior a 3.3.4 y 3.4.x anterior a 3.4rc1 permite a atacantes remotos ejecutar código arbitrario a través de una cadena manipulada. It was discovered that the socket.recvfrom_into() function failed to check the size of the supplied buffer. This could lead to a buffer overflow when the function was called with an insufficiently sized buffer. • https://www.exploit-db.com/exploits/31875 http://bugs.python.org/issue20246 http://hg.python.org/cpython/rev/87673659d8f7 http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html http://lists.opensuse.org/opensuse-updates/2014-04/msg00035.html http://lists.opensuse.org/opensuse-updates/2014-05/msg00008.html http://pastebin.com/raw.php?i=GHXSmNEg http://rhn.redhat.com/errata/RHSA-2015-1064.html http://rhn.redhat.com/errata/RHSA-2015-1330.html http://www&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0

CVE-2013-2191

https://notcve.org/view.php?id=CVE-2013-2191

python-bugzilla before 0.9.0 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof Bugzilla servers via a crafted certificate. python-bugzilla anterior a 0.9.0 no valida los certificados X.509 , lo que permite a atacantes man-in-the-middle falsificar servidores Bugzilla a través de un certificado manipulado. • http://lists.opensuse.org/opensuse-updates/2013-07/msg00025.html http://lists.opensuse.org/opensuse-updates/2013-07/msg00026.html http://www.openwall.com/lists/oss-security/2013/06/19/6 https://bugzilla.redhat.com/show_bug.cgi?id=951594 https://git.fedorahosted.org/cgit/python-bugzilla.git/commit/?id=a782282ee479ba4cc1b8b1d89700ac630ba83eef https://lists.fedorahosted.org/pipermail/python-bugzilla/2013-June/000104.html • CWE-20: Improper Input Validation •

CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 1

CVE-2013-0340

https://notcve.org/view.php?id=CVE-2013-0340

expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE. expat 2.1.0 y anteriores no maneja adecuadamente entidades de expansión a menos que un desarrollador de aplicaciones use la función XML_SetEntityDeclHandler, esto permite a atacantes remotos provocar una denegación de servicio (consumo de recursos), enviar peticiones HTTP a los servidores de la intranet, o leer archivos arbitrarios a través de un documento XML manipulado, también conocido como problema XML External Entity (XXE) NOTA: se podría argumentar que debido a que expat ya ofrece la posibilidad de desactivar la expansión entidad externa, la responsabilidad de la solución de este problema se encuentra con los desarrolladores de aplicaciones, de acuerdo con este argumento, esta entrada debe ser rechazada, y cada aplicación afectada tendría su propio CVE . • http://openwall.com/lists/oss-security/2013/02/22/3 http://seclists.org/fulldisclosure/2021/Oct/61 http://seclists.org/fulldisclosure/2021/Oct/62 http://seclists.org/fulldisclosure/2021/Oct/63 http://seclists.org/fulldisclosure/2021/Sep/33 http://seclists.org/fulldisclosure/2021/Sep/34 http://seclists.org/fulldisclosure/2021/Sep/35 http://seclists.org/fulldisclosure/2021/Sep/38 http://seclists.org/fulldisclosure/2021/Sep/39 http://seclists.org/fulldisclosure/2021/Sep • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 4.3EPSS: 5%CPEs: 12EXPL: 0

CVE-2013-2099 – python: ssl.match_hostname() DoS via certificates with specially crafted hostname wildcard patterns

https://notcve.org/view.php?id=CVE-2013-2099

Algorithmic complexity vulnerability in the ssl.match_hostname function in Python 3.2.x, 3.3.x, and earlier, and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate. Vulnerabilidad de la complejidad algorítmica en la función ssl.match_hostname en Python 3.2.x, 3.3.x, y anteriores, y las versiones no especificadas de python-backports-ssl_match_hostname como las usadas por versiones anteriores de Python, permite a atacantes remotos provocar una denegación de servicio (consumo de CPU ) a través de múltiples caracteres comodín en el nombre común en el certificado. A denial of service flaw was found in the way Python's SSL module implementation performed matching of certain certificate names. A remote attacker able to obtain a valid certificate that contained multiple wildcard characters could use this flaw to issue a request to validate such a certificate, resulting in excessive consumption of CPU. • http://bugs.python.org/issue17980 http://rhn.redhat.com/errata/RHSA-2014-1690.html http://secunia.com/advisories/55107 http://secunia.com/advisories/55116 http://www.openwall.com/lists/oss-security/2013/05/16/6 http://www.ubuntu.com/usn/USN-1983-1 http://www.ubuntu.com/usn/USN-1984-1 http://www.ubuntu.com/usn/USN-1985-1 https://access.redhat.com/errata/RHSA-2016:1166 https://bugzilla.redhat.com/show_bug.cgi?id=963260 https://access.redhat.com/ • CWE-399: Resource Management Errors CWE-407: Inefficient Algorithmic Complexity •