CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

68 matches found

Tenable Nessus•added 2025/11/13 12:0 a.m.•2 views

Siemens SIMATIC S7-1500 Improper Input Validation (CVE-2021-23336)

The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can...

5.9CVSS6.8AI score0.003EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-0038

Malware in sbrugna...

6.8CVSS6.4AI score0.00244EPSS

Exploits1References13

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-10423

Malware in sbrugna...

5.9CVSS7.7AI score0.003EPSS

Exploits1References49

Tenable Nessus•added 2025/08/27 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2020-28473

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate...

6.8CVSS6.4AI score0.00244EPSS

Exploits1References2

OSV•added 2025/08/11 1:51 p.m.•3 views

BIT-LIBPYTHON-2021-23336 Web Cache Poisoning

5.9CVSS6.6AI score0.003EPSS

Exploits1References38

F5 Networks•added 2025/02/19 11:21 p.m.•6 views

K000149880: Python vulnerabilities CVE-2021-3733, CVE-2021-3426, CVE-2021-23336, and CVE-2020-8492

Security Advisory Description CVE-2021-3733 There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client such as web browser connects to, could trigger a Regular Expression Denial of Service ReDOS during an authentication request...

7.1CVSS6.8AI score0.02954EPSS

Exploits3

OSV•added 2025/01/16 7:23 a.m.•11 views

BIT-PYTHON-MIN-2021-23336 Web Cache Poisoning

5.9CVSS7.7AI score0.003EPSS

Exploits1References38

OSV•added 2024/03/06 11:7 a.m.•37 views

BIT-PYTHON-2021-23336 Web Cache Poisoning

5.9CVSS7.7AI score0.003EPSS

Exploits1References38

OSV•added 2024/03/06 10:55 a.m.•14 views

BIT-DJANGO-2021-23336 Web Cache Poisoning

5.9CVSS7.7AI score0.003EPSS

Exploits1References38

SUSE CVE•added 2023/02/15 3:52 a.m.•2 views

SUSE CVE-2020-28473

The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request between the proxy running with...

6.8CVSS6.9AI score0.00244EPSS

Exploits1References5

SUSE CVE•added 2023/02/15 3:45 a.m.•0 views

SUSE CVE-2021-23336

5.9CVSS9.1AI score0.003EPSS

Exploits1References44

RedHat Linux•added 2021/11/09 5:42 p.m.•1 views

python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters

The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of the request...

5.9CVSS6.8AI score0.003EPSS

Exploits1References5

Tenable Nessus•added 2021/07/02 12:0 a.m.•68 views

EulerOS Virtualization for ARM 64 3.0.2.0 : python (EulerOS-SA-2021-2096)

According to the versions of the python packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF...

9.8CVSS8.3AI score0.00903EPSS

Exploits3References5

Tenable Nessus•added 2021/07/01 12:0 a.m.•45 views

EulerOS Virtualization 3.0.6.6 : python (EulerOS-SA-2021-2028)

According to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in...

9.8CVSS8.5AI score0.003EPSS

Exploits2References3

OpenVAS•added 2021/07/01 12:0 a.m.•14 views

Huawei EulerOS: Security Advisory for python2 (EulerOS-SA-2021-2022)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.7AI score0.003EPSS

Exploits1References2

Tenable Nessus•added 2021/06/30 12:0 a.m.•222 views

EulerOS Virtualization for ARM 64 3.0.6.0 : python2 (EulerOS-SA-2021-2022)

According to the version of the python2 packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9...

5.9CVSS7.2AI score0.003EPSS

Exploits1References2

Amazon•added 2021/05/24 12:0 a.m.•73 views

Medium: python3

Issue Overview: The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon ;, they can cause a difference in the interpretation of...

5.9CVSS8AI score0.003EPSS

Exploits1

Amazon•added 2021/05/19 12:0 a.m.•68 views

Medium: python36

5.9CVSS8AI score0.003EPSS

Exploits1

OpenVAS•added 2021/05/19 12:0 a.m.•18 views

Huawei EulerOS: Security Advisory for python (EulerOS-SA-2021-1911)

9.8CVSS8.2AI score0.003EPSS

Exploits2References2

RedHat Linux•added 2021/05/18 3:39 p.m.•2 views

python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters