| Max CVSS | 6.9 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-1634 | 5.0 |
Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with
|
13-02-2023 - 04:18 | 27-05-2010 - 19:30 | |
| CVE-2011-4940 | 2.6 |
The list_directory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote a
|
13-02-2023 - 03:24 | 27-06-2012 - 10:18 | |
| CVE-2010-2089 | 5.0 |
The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arg
|
16-08-2022 - 13:32 | 27-05-2010 - 19:30 | |
| CVE-2012-0876 | 4.3 |
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file wit
|
05-08-2022 - 14:52 | 03-07-2012 - 19:55 | |
| CVE-2008-5983 | 6.9 |
Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv[0] argument does not contain a path separator, which might allow local us
|
05-07-2022 - 18:57 | 28-01-2009 - 02:30 | |
| CVE-2012-1148 | 5.0 |
Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation
|
25-01-2021 - 15:44 | 03-07-2012 - 19:55 | |
| CVE-2011-4944 | 1.9 |
Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file.
|
25-10-2019 - 11:53 | 27-08-2012 - 23:55 | |
| CVE-2010-3493 | 4.3 |
Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept f
|
25-10-2019 - 11:53 | 19-10-2010 - 20:00 | |
| CVE-2011-1521 | 6.4 |
The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain sensitive information or cause a denial of service (r
|
25-10-2019 - 11:53 | 24-05-2011 - 23:55 | |
| CVE-2012-0845 | 5.0 |
SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an XML-RPC POST request that
|
25-10-2019 - 11:53 | 05-10-2012 - 21:55 | |
| CVE-2011-1015 | 5.0 |
The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / (slash) character at the beginning of the URI.
|
25-10-2019 - 11:53 | 09-05-2011 - 22:55 |