5616 matches found
PYSEC-2017-14
The serializer in html5lib before 0.99999999 might allow remote attackers to conduct cross-site scripting XSS attacks by leveraging mishandling of the less than character in attribute values...
PYSEC-2017-48
Openpyxl 2.4.1 resolves external entities by default, which allows remote attackers to conduct XXE attacks via a crafted .xlsx document...
PYSEC-2017-94
Heap-based buffer overflow in the ALGnew function in blocktemplace.c in Python Cryptography Toolkit aka pycrypto allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py...
PYSEC-2017-104
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
PYSEC-2017-103
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and...
PYSEC-2017-34
Salt before 2015.8.11 allows deleted minions to read or write to minions with the same id, related to caching...
PYSEC-2017-64
Cross-site scripting XSS vulnerability in the managefindResult component in the search feature in Zope ZMI in Plone before 4.3.12 and 5.x before 5.0.7 allows remote attackers to inject arbitrary web script or HTML via vectors involving double quotes, as demonstrated by the objids:tokens parameter...
PYSEC-2017-33
Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient...
PYSEC-2017-20
Cross-site scripting XSS vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
PYSEC-2017-32
The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows local users to obtain sensitive information by reading the file...
PYSEC-2017-28
python-jose before 1.3.2 allows attackers to have unspecified impact by leveraging failure to use a constant time comparison for HMAC keys...
PYSEC-2017-74
The tqdm.version module in tqdm versions 4.4.1 and 4.10 allows local users to execute arbitrary code via a crafted repo with a malicious git log in the current working directory...
PYSEC-2017-98
Versions 1.17 and 1.18 of the Python urllib3 library suffer from a vulnerability that can cause them, in certain configurations, to not correctly validate TLS certificates. This places users of the library with those configurations at risk of man-in-the-middle and information leakage attacks. Thi...
PYSEC-2017-93
A HTTP/2 implementation built using any version of the Python priority library prior to version 1.2.0 could be targeted by a malicious peer by having that peer assign priority information for every possible HTTP/2 stream ID. The priority tree would happily continue to store the priority informati...
PYSEC-2017-87
A HTTP/2 implementation built using any version of the Python HPACK library between v1.0.0 and v2.2.0 could be targeted for a denial of service attack, specifically a so-called "HPACK Bomb" attack. This attack occurs when an attacker inserts a header field that is exactly the size of the HPACK...
PYSEC-2016-39
An exploitable out-of-bounds array access vulnerability exists in the xrowheaderdecode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's valu...
PYSEC-2016-21
python-docx before 0.8.6 allows context-dependent attackers to conduct XML External Entity XXE attacks via a crafted document...
PYSEC-2016-24
redirect in bottle.py in bottle 0.12.10 doesn't filter a "\r\n" sequence, which leads to a CRLF attack, as demonstrated by a redirect"233\r\nSet-Cookie: name=salt" call...
PYSEC-2016-18
Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWEDHOSTS...
PYSEC-2016-17
Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually...
PYSEC-2016-30
MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation or crafted URL" approach, related to a "Cross Site Scripting XSS" issue affecting the action=fckdialog=attachment via page name component...
PYSEC-2016-31
MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation" approach, related to a "Cross Site Scripting XSS" issue affecting the action=AttachFile via page name component...
PYSEC-2016-9
Pillow before 3.3.2 allows context-dependent attackers to execute arbitrary code by using the "crafted image file" approach, related to an "Insecure Sign Extension" issue affecting the ImagingNew in Storage.c component...
PYSEC-2016-8
Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Integer Overflow" issue affecting the Image.core.mapbuffer in map.c component...
PYSEC-2016-25
flask-oidc version 0.1.2 and earlier is vulnerable to an open redirect...
PYSEC-2016-3
The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies...
PYSEC-2016-22
OpenStack Murano before 1.0.3 liberty and 2.x before 2.0.1 mitaka, Murano-dashboard before 1.0.3 liberty and 2.x before 2.0.1 mitaka, and python-muranoclient before 0.7.3 liberty and 0.8.x before 0.8.5 mitaka improperly use loaders inherited from yaml.Loader when parsing MuranoPL and UI files,...
PYSEC-2016-13
fileopen in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors...
PYSEC-2016-41
fileopen in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors...
PYSEC-2016-40
Tryton 3.x before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allow remote authenticated users to discover user password hashes via unspecified vectors...
PYSEC-2016-12
Tryton 3.x before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allow remote authenticated users to discover user password hashes via unspecified vectors...
PYSEC-2016-4
The Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack MMA...
PYSEC-2016-2
Cross-site scripting XSS vulnerability in the dismissChangeRelatedObjectPopup function in contrib/admin/static/admin/js/admin/RelatedObjectLookups.js in Django before 1.8.14, 1.9.x before 1.9.8, and 1.10.x before 1.10rc1 allows remote attackers to inject arbitrary web script or HTML via vectors...
PYSEC-2016-38
The Fernet Token Provider in OpenStack Identity Keystone 9.0.x before 9.0.1 mitaka allows remote authenticated users to prevent revocation of a chain of tokens and bypass intended access restrictions by rescoping a token...
PYSEC-2016-1
The createscript function in the lxccontainer module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on 1 /opt/.lxc-attach-script, 2 the archived container in the archivepath directory, or the 3...
PYSEC-2016-28
The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name...
PYSEC-2016-34
The TripleO Heat templates tripleo-heat-templates do not properly order the Identity Service keystone before the OpenStack Object Storage Swift staticweb middleware in the swiftproxy pipeline when the staticweb middleware is enabled, which might allow remote attackers to obtain sensitive...
PYSEC-2016-26
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository...
PYSEC-2016-7
Integer overflow in the ImagingResampleHorizontal function in libImaging/Resample.c in Pillow before 3.1.1 allows remote attackers to have unspecified impact via negative values of the new size, which triggers a heap-based buffer overflow...
PYSEC-2016-29
The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a 1 clone, 2 push, or 3 pull command, related to a a list sizing rounding error and b short records...
PYSEC-2016-6
Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service crash via a crafted FLI file...
PYSEC-2016-5
Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file...
PYSEC-2016-19
Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library PIL 1.1.7 and earlier allows remote attackers to cause a denial of service crash via a crafted PhotoCD file...
PYSEC-2016-27
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository...
PYSEC-2016-11
model/modelstorage.py in trytond 3.2.x before 3.2.10, 3.4.x before 3.4.8, 3.6.x before 3.6.5, and 3.8.x before 3.8.1 allows remote authenticated users to bypass intended access restrictions and write to arbitrary fields via a sequence of records...
PYSEC-2016-33
schema.py in Roundup before 1.5.1 does not properly limit attributes included in default user permissions, which might allow remote authenticated users to obtain sensitive user information by viewing user details...
PYSEC-2016-23
Salt 2015.8.x before 2015.8.4 does not properly handle clear messages on the minion, which allows man-in-the-middle attackers to execute arbitrary code by inserting packets into the minion-master data stream...
PYSEC-2016-35
The TripleO Heat templates tripleo-heat-templates, when deployed via the commandline interface, allow remote attackers to spoof OpenStack Networking metadata requests by leveraging knowledge of the default value of the NeutronMetadataProxySharedSecret parameter...
PYSEC-2016-16
The password hasher in contrib/auth/hashers.py in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to enumerate users via a timing attack involving login requests...
PYSEC-2016-15
The utils.http.issafeurl function in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or possibly conduct cross-site scripting XSS attacks via a URL containing basic authentication, as demonstrated by...