Gnupg2 Information Disclosure Vulnerability

GnuPG is a Python module that allows, from a Python program, to conveniently use the key management, encryption and signing features of GnuPG. GnuPG memcpy uses overlapping scopes, allowing attackers to exploit vulnerabilities to obtain sensitive information...

CVE-2014-8165

scripts/amsvis/powerpcAMS/amsnet.py in powerpc-utils-python uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object...

CVE-2014-8165

scripts/amsvis/powerpcAMS/amsnet.py in powerpc-utils-python uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object...

CVE-2014-8165

CVE-2014-8165 affects the powerpc-utils-python package used by PowerKVM. The root cause is unsafe use of Python’s Pickle in amsnet.py (AMS server/client path), enabling remote code execution when unpickled data is processed. IBM bulletin lists PowerKVM 2.1 and 3.1 as affected; remediation is to u...

Gnupg2 '/sm/minip12.c' Double Free Denial of Service Vulnerability

GnuPG is a Python module that allows, from a Python program, to conveniently use the key management, encryption and signing features of GnuPG. A denial of service vulnerability exists in Gnupg2 '/sm/minip12.c', which can be exploited by an attacker to launch a denial of service attack...

[SECURITY] Fedora 20 Update: python-eyed3-0.7.4-4.fc20

A Python module and program for processing ID3 tags. Information about mp3 filesi.e bit rate, sample frequency, play time, etc. is also provided. The formats supported are ID3 v1.0/v1.1 and v2.3/v2.4...

[SECURITY] Fedora 19 Update: python-eyed3-0.7.4-4.fc19

A Python module and program for processing ID3 tags. Information about mp3 filesi.e bit rate, sample frequency, play time, etc. is also provided. The formats supported are ID3 v1.0/v1.1 and v2.3/v2.4...

CVE-2014-5340

The wato component in CheckMK before 1.2.4p4 and 1.2.5 before 1.2.5i4 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to an automation URL...

CVE-2014-0485

S3QL 1.18.1 and earlier uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object in 1 common.py or 2 local.py in backends/...

CVE-2014-0485

S3QL 1.18.1 and earlier uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object in 1 common.py or 2 local.py in backends/...

CVE-2014-0485

S3QL 1.18.1 and earlier uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object in 1 common.py or 2 local.py in backends/...

CVE-2014-0485

S3QL 1.18.1 and earlier uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object in 1 common.py or 2 local.py in backends/...

Ada Image Server <= 0.6.7 imgsrv.exe Buffer Overflow

No description provided by source. !/usr/bin/python Only usable module with safeseh disabled on XP SP2 and XP SP3 is imgsrv.exe. However, it contains a null character in the address ex: XP SP3 = 00689aff. Versions above 0.6.7 do not seem to be vulnerable. $ ./imgsrv.py 192.168.1.146 Ada Image...

CVE-2014-1934

tag.py in eyeD3 aka python-eyed3 7.0.3, 0.6.18, and earlier for Python allows local users to modify arbitrary files via a symlink attack on a temporary file...

CVE-2014-0472

The django.core.urlresolvers.reverse function in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 allows remote attackers to import and execute arbitrary Python modules by leveraging a view that constructs URLs using user input and a "dotted Python path."...

MGASA-2014-0019 Updated net-snmp packages fix CVE-2012-6151

Updated net-snmp packages fix security vulnerability: Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service crash or infinite loop, CPU consumption, and hang by causing the AgentX subagent to...

CVE-2013-5942

Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to 1 remotestorage.py, 2 storage.py, 3 render/datalib.py, and 4 whitelist/views.py, a different vulnerability than CVE-2013-5093...

CVE-2013-5093

The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object...

Design/Logic Flaw

Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to 1 remotestorage.py, 2 storage.py, 3 render/datalib.py, and 4 whitelist/views.py, a different vulnerability than CVE-2013-5093...

CVE-2013-5093

The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object...