CVSS: 3.6EPSS: 1%CPEs: 5EXPL: 1CVE-2018-1000030 – Gentoo Linux Security Advisory 201811-02
https://notcve.org/view.php?id=CVE-2018-1000030
08 Feb 2018 — Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are handling large amounts of data. In both cases there is essentially a race condition that occurs. For the Heap-Buffer-Overflow, Thread 2 is creating the size for a buffer, but Thread1 is already writing to the buffer ... • https://github.com/tylepr96/CVE-2018-1000030 • CWE-416: Use After Free CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0CVE-2017-17522
https://notcve.org/view.php?id=CVE-2017-17522
14 Dec 2017 — Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting ** EN DISPUTA ** Lib/webbrowser.py en Python hasta la versión 3.6.3 no valida las cadenas antes de iniciar el programa especif... • http://www.securityfocus.com/bid/102207 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 9.8EPSS: 2%CPEs: 6EXPL: 0CVE-2017-1000158 – Ubuntu Security Notice USN-3496-1
https://notcve.org/view.php?id=CVE-2017-1000158
17 Nov 2017 — CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution) CPython (también conocido como Python) hasta la versión 2.7.13 es vulnerable a un desbordamiento de enteros en la función PyString_DecodeEscape en stringobject.c, lo que resulta en un desbordamiento de búfer basado en memoria dinámica (heap) y, posiblemente, la ejecución de código arbitrario. USN-3496-1... • http://www.securitytracker.com/id/1039890 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 44%CPEs: 30EXPL: 1CVE-2016-5636 – python: Heap overflow in zipimporter module
https://notcve.org/view.php?id=CVE-2016-5636
02 Sep 2016 — Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow. Desbordamiento de entero en la función get_data en zipimport.c en CPython (también conocido como Python) en versiones anteriores a 2.7.12, 3.x en versiones anteriores a 3.4.5 y 3.5.x en versiones anteriores a 3.5.2 permite a atacantes remotos tene... • https://github.com/insuyun/CVE-2016-5636 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 10%CPEs: 30EXPL: 1CVE-2016-0772 – Python smtplib 2.7.11 / 3.4.4 / 3.5.1 - Man In The Middle StartTLS Stripping
https://notcve.org/view.php?id=CVE-2016-0772
21 Aug 2016 — The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack." La librería smtplib en CPython (también conocido como Python) en versiones anteriores a 2.7.12, 3.x en versiones anteriores a 3.4.5 y 3.5.x en versiones an... • https://www.exploit-db.com/exploits/43500 • CWE-693: Protection Mechanism Failure •
CVSS: 6.1EPSS: 10%CPEs: 27EXPL: 3CVE-2016-5699 – python: http protocol steam injection attack
https://notcve.org/view.php?id=CVE-2016-5699
21 Aug 2016 — CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL. Vulnerabilidad de inyección CRLF en la función HTTPConnection.putheader en urllib2 y urllib en CPython (también conocido como Python) en versiones anteriores a 2.7.10 y 3.x en versiones anteriores a 3.4.4 permite a atacantes remotos inyectar cabeceras HTTP arbitrarias a trav... • https://github.com/bunseokbot/CVE-2016-5699-poc • CWE-20: Improper Input Validation CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVSS: 5.9EPSS: 0%CPEs: 26EXPL: 0CVE-2013-7440 – python: wildcard matching rules do not follow RFC 6125
https://notcve.org/view.php?id=CVE-2013-7440
31 May 2016 — The ssl.match_hostname function in CPython (aka Python) before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate. La función ssl.match_hostname en CPython (también concida como Python) en versiones anteriores a 2.7.9 y 3.x en versiones anteriores a 3.3.3 no maneja correctamente comodines en los nombres de host, lo que podría permitir a atacantes man-in-the-middle suplantar servidores a través d... • http://seclists.org/oss-sec/2015/q2/483 • CWE-19: Data Processing Errors •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5652 – HP Security Bulletin HPSBGN03669 1
https://notcve.org/view.php?id=CVE-2015-5652
05 Oct 2015 — Untrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE: the vendor says "It was determined that this is a longtime behavior of Python that cannot really be altered at this point." Vulnerabilidad de busqueda de ruta no confiable en python.exe en Python hasta la versión 3.5.0 en Windows, permite a usuarios locales obtener privilegios a través de un Troyano en el archi... • http://jvn.jp/en/jp/JVN49503705/995204/index.html •
CVSS: 9.8EPSS: 1%CPEs: 12EXPL: 3CVE-2014-7185 – python: buffer() integer overflow leading to out of bounds read
https://notcve.org/view.php?id=CVE-2014-7185
08 Oct 2014 — Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function. Desbordamiento de enteros en bufferobject.c en Python anterior a 2.7.8 permite a atacantes dependientes de contexto obtener información sensible de la memoria de procesos a través de un tamaño y desplazamiento grande en una función 'buffer'. An integer overflow flaw was found in the way the buffer() function handl... • http://bugs.python.org/issue21831 • CWE-189: Numeric Errors CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 6%CPEs: 58EXPL: 1CVE-2012-0845 – python: SimpleXMLRPCServer CPU usage DoS via malformed XML-RPC request
https://notcve.org/view.php?id=CVE-2012-0845
05 Oct 2012 — SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that contains a smaller amount of data than specified by the Content-Length header. SimpleXMLRPCServer.py en SimpleXMLRPCServer en Python antes de v2.6.8, v2.7.x antes de v2.7.3, v3.x antes de v3.1.5, y v3.2.x antes de v3.2.x, permite a atacantes remotos provocar un... • http://bugs.python.org/issue14001 • CWE-399: Resource Management Errors •