EUVD-2024-31811

Malicious code in bioql PyPI...

CVE-2024-3219

The “socket” module provides a pure-Python fallback to the socket.socketpair function for platforms that don’t support AFUNIX, such as Windows. This pure-Python implementation uses AFINET or AFINET6 to create a local connected pair of sockets. The connection between the two sockets was not verifi...

EulerOS Virtualization 2.12.0 : python3 (EulerOS-SA-2025-1572)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : There is a MEDIUM severity vulnerability affecting CPython. The socket module provides a pure- Python fallback to the...

EulerOS Virtualization 2.12.1 : python3 (EulerOS-SA-2025-1556)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : There is a MEDIUM severity vulnerability affecting CPython. The socket module provides a pure- Python fallback to the...

EulerOS 2.0 SP12 : python3 (EulerOS-SA-2024-2942)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There is a MEDIUM severity vulnerability affecting CPython. The socket module provides a pure- Python fallback to the socket.socketpair function...

CVE-2024-3219

The “socket” module provides a pure-Python fallback to the socket.socketpair function for platforms that don’t support AFUNIX, such as Windows. This pure-Python implementation uses AFINET or AFINET6 to create a local connected pair of sockets. The connection between the two sockets was not verifi...

UBUNTU-CVE-2024-3219

There is a MEDIUM severity vulnerability affecting CPython. The “socket” module provides a pure-Python fallback to the socket.socketpair function for platforms that don’t support AFUNIX, such as Windows. This pure-Python implementation uses AFINET or AFINET6 to create a local connected pair of...

CVE-2024-3219

CVE-2024-3219 affects CPython’s pure-Python socketpair fallback for AF_INET/AF_INET6 on platforms without AF_UNIX (e.g., Windows). The two sockets are not explicitly validated before returning, enabling a local race by a malicious local peer to exploit a connection race. Linux/macOS with AF_UNIX ...

CVE-2024-3219 Pure-Python fallback of socket.socketpair() doesn’t authenticate peer connection

The “socket” module provides a pure-Python fallback to the socket.socketpair function for platforms that don’t support AFUNIX, such as Windows. This pure-Python implementation uses AFINET or AFINET6 to create a local connected pair of sockets. The connection between the two sockets was not verifi...

CVE-2024-3219

The “socket” module provides a pure-Python fallback to the socket.socketpair function for platforms that don’t support AFUNIX, such as Windows. This pure-Python implementation uses AFINET or AFINET6 to create a local connected pair of sockets. The connection between the two sockets was not verifi...

PT-2024-24457 · Python +1 · Cpython +1

Name of the Vulnerable Software and Affected Versions: CPython versions 3.5 through latest Description: The issue arises from the "socket" module's pure-Python fallback for the socket.socketpair function on platforms that don't support AF UNIX, such as Windows. This implementation uses AF INET or...

SUSE CVE-2014-1912

Buffer overflow in the socket.recvfrominto function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string...

Linux kerne input validation error vulnerability

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. An input validation error vulnerability exists in the basesockcreate function in the drivers/isdn/mISDN/socket.c file in the AFISDN network module in Linux kernel 5.3....

[ MDVSA-2014:041 ] python

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:041 http://www.mandriva.com/en/support/security/ Package : python Date : February 19, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability was reported in Pythons...

FreeBSD : Python -- buffer overflow in socket.recvfrom_into() (8e5e6d42-a0fa-11e3-b09a-080027f2d077)

Vincent Danen via Red Hat Issue Tracker reports : A vulnerability was reported in Python's socket module, due to a boundary error within the sockrecvfrominto function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the...

DEBIAN-CVE-2014-1912

Buffer overflow in the socket.recvfrominto function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string...

Mandriva Linux Security Advisory : python (MDVSA-2014:041)

A vulnerability was reported in Python's socket module, due to a boundary error within the sockrecvfrominto function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrominfo function or, possibly, execute arbitrary co...

Python -- buffer overflow in socket.recvfrom_into()

Vincent Danen via Red Hat Issue Tracker reports: A vulnerability was reported in Python's socket module, due to a boundary error within the sockrecvfrominto function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the...

PHP Socket connect() Stack Buffer Overflow

Hi there, This is a quick writeup about some fun with apache based on CVE-2011-1938 that was disclosed yesterday. While the first POC was literally just a trivial POC - the second one was written for self-educational purposes we leared quite a lot which is the most important thing and we hope it...

Squid Denial Of Service

!usr/bin/perl -w Reference: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0478 http://www.securityfocus.com/bid/33604/discuss $$$$$This was strictly written for educational purpose. Use it at your own risk.$$$$$ $$$$$Author will not bare any responsibility for any damages...