Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2017/08/24 8:29 p.m.31 views

CVE-2014-4616

Array index error in the scanstring function in the json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the rawdecode function...

5.9CVSS6.8AI score
Exploits0References19
Tenable Nessus
Tenable Nessusadded 2014/10/12 12:0 a.m.25 views

Amazon Linux AMI : python27 (ALAS-2014-380)

It was reported that Python built-in json module have a flaw insufficient bounds checking, which allows a local user to read current process' arbitrary memory. Quoting the upstream bug report : 'The sole prerequisites of this attack are that the attacker is able to control or influence the two...

5.9CVSS7.3AI score0.00427EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2014/07/11 12:0 a.m.29 views

Mandriva Linux Security Advisory : python (MDVSA-2014:135)

Updated python and python-simplejson package fixes security vulnerability Python are susceptible to arbitrary process memory reading by a user or adversary due to a bug in the json module caused by insufficient bounds checking. The bug is caused by allowing the user to supply a negative value tha...

5.9CVSS7.3AI score0.00427EPSS
Exploits1References3
Mageia
Mageiaadded 2014/07/08 10:38 p.m.40 views

Updated python-simplejson package fixes security vulnerability

Python 2 and 3 are susceptible to arbitrary process memory reading by a user or adversary due to a bug in the json module caused by insufficient bounds checking. The bug is caused by allowing the user to supply a negative value that is used as an array index, causing the scanstring function to...

5.9CVSS6.7AI score0.00427EPSS
Exploits1References4
Mageia
Mageiaadded 2014/07/08 10:35 p.m.56 views

Updated python & python3 packages fix two vulnerabilities

Updated python and python3 packages fix security vulnerabilities: Python 2 and 3 are susceptible to arbitrary process memory reading by a user or adversary due to a bug in the json module caused by insufficient bounds checking. The bug is caused by allowing the user to supply a negative value tha...

9.8CVSS7.1AI score0.07232EPSS
Exploits6References4
Hacker One
Hacker Oneadded 2014/05/16 11:14 p.m.57 views

Internet Bug Bounty: Python vulnerability: reading arbitrary process memory

Python 2 and 3 are susceptible to arbitrary process memory reading by a user or adversary due to a bug in the json module caused by insufficient bounds checking. The sole prerequisites of this attack are that the attacker is able to control or influence the two parameters of the default scanstrin...

4.3CVSS6.4AI score0.00427EPSS
Exploits1
Rows per page
Query Builder