CVSS: 10.0EPSS: 44%CPEs: 30EXPL: 1CVE-2016-5636 – python: Heap overflow in zipimporter module
https://notcve.org/view.php?id=CVE-2016-5636
02 Sep 2016 — Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer overflow. Desbordamiento de entero en la función get_data en zipimport.c en CPython (también conocido como Python) en versiones anteriores a 2.7.12, 3.x en versiones anteriores a 3.4.5 y 3.5.x en versiones anteriores a 3.5.2 permite a atacantes remotos tene... • https://github.com/insuyun/CVE-2016-5636 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 40%CPEs: 45EXPL: 2CVE-2016-2183 – SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)
https://notcve.org/view.php?id=CVE-2016-2183
01 Sep 2016 — The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack. Los cifrados DES y Triple DES, como se usan en los protocolos TLS, SSH e IPSec y otros protocolos y productos, tienen ... • https://packetstorm.news/files/id/142756 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.5EPSS: 10%CPEs: 30EXPL: 1CVE-2016-0772 – Python smtplib 2.7.11 / 3.4.4 / 3.5.1 - Man In The Middle StartTLS Stripping
https://notcve.org/view.php?id=CVE-2016-0772
21 Aug 2016 — The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 does not return an error when StartTLS fails, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack." La librería smtplib en CPython (también conocido como Python) en versiones anteriores a 2.7.12, 3.x en versiones anteriores a 3.4.5 y 3.5.x en versiones an... • https://www.exploit-db.com/exploits/43500 • CWE-693: Protection Mechanism Failure •
CVSS: 6.1EPSS: 4%CPEs: 8EXPL: 0CVE-2016-1000110 – CGIHandler: sets environmental variable based on user supplied Proxy request header
https://notcve.org/view.php?id=CVE-2016-1000110
21 Aug 2016 — The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests. La clase CGIHandler en Python versiones anteriores a la versión 2.7.12, no protege contra el conflicto de nombre de la variable HTTP_PROXY en un script CGI, lo que podría permitir a un atacante remoto redireccionar las peticiones HTTP. It was discovered that the Python CGIHandler class did not properly protect against the HTT... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html • CWE-20: Improper Input Validation CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.1EPSS: 10%CPEs: 27EXPL: 3CVE-2016-5699 – python: http protocol steam injection attack
https://notcve.org/view.php?id=CVE-2016-5699
21 Aug 2016 — CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython (aka Python) before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL. Vulnerabilidad de inyección CRLF en la función HTTPConnection.putheader en urllib2 y urllib en CPython (también conocido como Python) en versiones anteriores a 2.7.10 y 3.x en versiones anteriores a 3.4.4 permite a atacantes remotos inyectar cabeceras HTTP arbitrarias a trav... • https://github.com/bunseokbot/CVE-2016-5699-poc • CWE-20: Improper Input Validation CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') •
CVSS: 8.1EPSS: 2%CPEs: 8EXPL: 0CVE-2016-4472 – Ubuntu Security Notice USN-7199-1
https://notcve.org/view.php?id=CVE-2016-4472
21 Jun 2016 — The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716. La protección de desbordamiento en Expat es eliminada por los compiladores con ciertos ajustes de optimización, lo que permite a atacantes remotos provocar una denegación de servicio (caída) o posi... • http://www.securityfocus.com/bid/91528 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.9EPSS: 0%CPEs: 26EXPL: 0CVE-2013-7440 – python: wildcard matching rules do not follow RFC 6125
https://notcve.org/view.php?id=CVE-2013-7440
31 May 2016 — The ssl.match_hostname function in CPython (aka Python) before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate. La función ssl.match_hostname en CPython (también concida como Python) en versiones anteriores a 2.7.9 y 3.x en versiones anteriores a 3.3.3 no maneja correctamente comodines en los nombres de host, lo que podría permitir a atacantes man-in-the-middle suplantar servidores a través d... • http://seclists.org/oss-sec/2015/q2/483 • CWE-19: Data Processing Errors •
CVSS: 9.8EPSS: 1%CPEs: 26EXPL: 1CVE-2016-0718 – expat: Out-of-bounds heap read on crafted input causing crash
https://notcve.org/view.php?id=CVE-2016-0718
18 May 2016 — Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow. Expat permite a atacantes dependientes del contexto provocar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de un documento de entrada mal formado, lo que desencadena un desbordamiento de buffer. An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker c... • https://packetstorm.news/files/id/141350 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2015-5652 – HP Security Bulletin HPSBGN03669 1
https://notcve.org/view.php?id=CVE-2015-5652
05 Oct 2015 — Untrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows allows local users to gain privileges via a Trojan horse readline.pyd file in the current working directory. NOTE: the vendor says "It was determined that this is a longtime behavior of Python that cannot really be altered at this point." Vulnerabilidad de busqueda de ruta no confiable en python.exe en Python hasta la versión 3.5.0 en Windows, permite a usuarios locales obtener privilegios a través de un Troyano en el archi... • http://jvn.jp/en/jp/JVN49503705/995204/index.html •
CVSS: 7.3EPSS: 0%CPEs: 27EXPL: 0CVE-2015-1283 – chromium-browser: Heap-buffer-overflow in expat.
https://notcve.org/view.php?id=CVE-2015-1283
23 Jul 2015 — Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716. Múltiples vulnerabilidades de desbordamiento de entero en la función XML_GetBuffer en Expat hasta la versión 2.1.0 implementada en Chrome en versiones anteriores a la 44.0.2403.89 y otros... • http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •