CVE-2019-3575

Sqla_yaml_fixtures up to version 0.9.1 is vulnerable to code injection: the fixture_text argument passed to sqla_yaml_fixtures.load can execute arbitrary Python code. Root cause is unsafe use of yaml.load. Impact is local code execution with high risk; remediation details are not provided in the ...

CVE-2017-10803

In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, insecure handling of anonymization data in the Database Anonymization module allows remote authenticated privileged users to execute arbitrary Python code, because unpickle is used...

CVE-2017-10803

In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, insecure handling of anonymization data in the Database Anonymization module allows remote authenticated privileged users to execute arbitrary Python code, because unpickle is used...

Remote Code Execution (RCE)

Tablib is vulnerable to remote code execution RCE. These attacks are possible because untrusted data is deserialized allowing attacks to execute python code...

Apport Arbitrary Code Execution Vulnerability

Ubuntu is a desktop-oriented GNU/Linux operating system developed by Canonical and the Ubuntu Foundation, and Apport is a toolkit that collects and provides feedback on errors information that the operating system finds useful when an application crashes. A security vulnerability exists in versio...

UBUNTU-CVE-2016-9949

An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "". This allows remote attackers to execute arbitrary Python code...

CVE-2016-9949

An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "". This allows remote attackers to execute arbitrary Python code...

CVE-2015-3446

The Framework Daemon in AlienVault Unified Security Management before 4.15 allows remote attackers to execute arbitrary Python code via a crafted plugin configuration file .cfg...

CVE-2015-0693

CVE-2015-0693 affects Cisco Web Security Appliance (WSA) devices running 8.5.0-ise-147, where improper handling of the pickle module during tunnel-status checks allows an authenticated, local attacker to execute arbitrary Python code and elevate privileges via a crafted pickle file (Bug CSCut3925...

CVE-2012-5495

pythonscripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to "goback."...

CVE-2012-5495

pythonscripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to "goback."...

CVE-2012-5488

pythonscripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to createObject...

CVE-2007-5741

Plone 2.5 through 2.5.4 and 3.0 through 3.0.2 allows remote attackers to execute arbitrary Python code via network data containing pickled objects for the 1 statusmessages or 2 linkintegrity module, which the module unpickles and executes...

CVE-2007-1253

Eval injection vulnerability in the a kmzImportWithMesh.py Script for Blender 0.1.9h, as used in b Blender before 2.43, allows user-assisted remote attackers to execute arbitrary Python code by importing a crafted 1 KML or 2 KMZ file...

DEBIAN-CVE-2005-3302

Eval injection vulnerability in bvhimport.py in Blender 2.36 allows attackers to execute arbitrary Python code via a hierarchy element in a .bvh file, which is supplied to an eval function call...

CVE-2005-3302

Eval injection vulnerability in bvhimport.py in Blender 2.36 allows attackers to execute arbitrary Python code via a hierarchy element in a .bvh file, which is supplied to an eval function call...

PT-2005-4113 · Blender · Blender

Name of the Vulnerable Software and Affected Versions: Blender version 2.36 Description: The issue allows attackers to execute arbitrary Python code via a hierarchy element in a .bvh file, which is supplied to an eval function call. This occurs in the bvh import.py module. Recommendations: For...