5616 matches found
PYSEC-2016-14
Django 1.9.x before 1.9.2, when ModelAdmin.saveas is set to True, allows remote authenticated users to bypass intended access restrictions and create ModelAdmin objects via the "Save as New" option when editing objects and leveraging the "change" permission...
PYSEC-2016-36
The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name...
PYSEC-2016-37
Radicale before 1.1 allows remote authenticated users to bypass ownerwrite and owneronly limitations via regex metacharacters in the user name, as demonstrated by "."...
PYSEC-2016-20
The identity service in OpenStack Identity Keystone before 2015.1.3 Kilo and 8.0.x before 8.0.2 Liberty and keystonemiddleware formerly python-keystoneclient before 1.5.4 Kilo and Liberty before 2.3.3 does not properly invalidate authorization tokens when using the PKI or PKIZ token providers,...
PYSEC-2016-10
The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...
PYSEC-2016-32
The FontManager.getnixfontpath function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name...
PYSEC-2015-11
The getformat function in utils/formats.py in Django before 1.7.x before 1.7.11, 1.8.x before 1.8.7, and 1.9.x before 1.9rc2 might allow remote attackers to obtain sensitive application secrets via a settings key in place of a date/time format setting, as demonstrated by SECRETKEY...
PYSEC-2015-28
OpenStack Ironic Inspector aka ironic-inspector or ironic-discoverd, when debug mode is enabled, might allow remote attackers to access the Flask console and execute arbitrary Python code by triggering an error...
PYSEC-2015-41
providers/saml2/admin.py in the Identity Provider IdP server in Ipsilon 0.1.0 before 1.0.1 does not properly check permissions to update the SAML2 Service Provider SP owner, which allows remote authenticated users to cause a denial of service via a duplicate SP name...
PYSEC-2015-42
providers/saml2/admin.py in the Identity Provider IdP server in Ipsilon 0.1.0 before 1.0.2 and 1.1.x before 1.1.1 does not properly check permissions, which allows remote authenticated users to cause a denial of service by deleting a SAML2 Service Provider SP...
PYSEC-2015-13
CRLF injection vulnerability in Kallithea before 0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the camefrom parameter to admin/login...
PYSEC-2015-25
The editor in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to execute arbitrary JavaScript code via a crafted file, which triggers a redirect to files/, related to MIME types...
PYSEC-2015-27
The editor in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to execute arbitrary JavaScript code via a crafted file, which triggers a redirect to files/, related to MIME types...
PYSEC-2015-26
Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...
PYSEC-2015-24
Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...
PYSEC-2015-22
contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service session store consumption or session record removal via a large number of requests to...
PYSEC-2015-23
The 1 contrib.sessions.backends.base.SessionBase.flush and 2 cachedb.SessionStore.flush functions in Django 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions create empty sessions in certain circumstances, which allows remote attackers to cause a denial of service session stor...
PYSEC-2015-40
Cross-site scripting XSS vulnerability in the Orchestration/Stack section in OpenStack Dashboard Horizon 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbitrary web script or HTML via the description parameter in a heat template, which is not properly handl...
PYSEC-2015-39
The import task action in OpenStack Image Service Glance 2015.1.x before 2015.1.2 kilo, when using the V2 API, allows remote authenticated users to read arbitrary files via a crafted backing file for a qcow2 image...
PYSEC-2015-1
Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...
PYSEC-2015-20
The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 allows remote attackers to cause a denial of service session store consumption via multiple requests with unique session keys...
PYSEC-2015-10
Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 uses an incorrect regular expression, which allows remote attackers to inject arbitrary headers and conduct HTTP response splitting attacks via a newline character in an 1 email message to the EmailValidator, a ...
PYSEC-2015-21
validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to cause a denial of service CPU consumption via unspecified vectors...
PYSEC-2015-2
ceph-deploy before 1.5.23 uses weak permissions 644 for ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...
PYSEC-2015-3
The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file...
PYSEC-2015-19
The session.flush function in the cacheddb backend in Django 1.8.x before 1.8.2 does not properly flush the session, which allows remote attackers to hijack user sessions via an empty string in the session key...
PYSEC-2015-15
The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image...
PYSEC-2015-12
django-markupfield before 1.3.2 uses the default docutils RESTRUCTUREDTEXTFILTERSETTINGS settings, which allows remote attackers to include and read arbitrary files via unspecified vectors...
PYSEC-2015-30
The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...
PYSEC-2015-31
The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...
PYSEC-2015-14
The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command...
PYSEC-2015-34
The buildindexfromtree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree...
PYSEC-2015-35
Buffer overflow in the C implementation of the applydelta function in pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file...
PYSEC-2015-9
The utils.http.issafeurl function in Django before 1.4.20, 1.5.x, 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1 does not properly validate URLs, which allows remote attackers to conduct cross-site scripting XSS attacks via a control character in a URL, as demonstrated by a...
PYSEC-2015-18
The utils.html.striptags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of service infinite loop by increasing the length of the input string...
PYSEC-2015-17
The resolveredirects function in sessions.py in requests 2.1.0 through 2.5.3 allows remote attackers to conduct session fixation attacks via a cookie without a host value in a redirect...
PYSEC-2015-8
Cross-site scripting XSS vulnerability in the contents function in admin/helpers.py in Django before 1.7.6 and 1.8 before 1.8b2 allows remote attackers to inject arbitrary web script or HTML via a model attribute in ModelAdmin.readonlyfields, as demonstrated by a @property...
PYSEC-2015-38
OpenStack Image Registry and Delivery Service Glance 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service disk consumption by creating a large number of images using the task v2 API and then deleting them, a different...
PYSEC-2015-37
OpenStack Image Registry and Delivery Service Glance 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service disk consumption by creating a large number of images using the task v2 API and then deleting them before the uploads...
PYSEC-2015-33
RhodeCode before 2.2.7 allows remote authenticated users to obtain API keys and other sensitive information via the 1 updaterepo, 2 getlocks, or 3 getusergroups API method...
PYSEC-2015-32
RhodeCode before 2.2.7 and Kallithea 0.1 allows remote authenticated users to obtain API keys and other sensitive information via the getrepo API method...
PYSEC-2015-29
RhodeCode before 2.2.7 and Kallithea 0.1 allows remote authenticated users to obtain API keys and other sensitive information via the getrepo API method...
PYSEC-2015-5
The django.util.http.issafeurl function in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 does not properly handle leading whitespaces, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL, related to redirect URLs, as demonstrated by a...
PYSEC-2015-4
Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 allows remote attackers to spoof WSGI headers by using an underscore character instead of a - dash character in an HTTP header, as demonstrated by an X-AuthUser header...
PYSEC-2015-16
Pillow before 2.7.0 allows remote attackers to cause a denial of service via a compressed text chunk in a PNG image that has a large size when it is decompressed...
PYSEC-2015-7
ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when showhiddeninitial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries...
PYSEC-2015-6
The django.views.static.serve view in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 reads files an entire line at a time, which allows remote attackers to cause a denial of service memory consumption via a long line in a file...
PYSEC-2015-36
Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service crash via a long IKEY INFO tag value in an AVI file...
PYSEC-2014-11
pip 1.3 through 1.5.6 allows local users to cause a denial of service prevention of package installation by creating a /tmp/pip-build- file for another user...
PYSEC-2014-101
FreeIPA 4.0.x before 4.0.5 and 4.1.x before 4.1.1, when 2FA is enabled, allows remote attackers to bypass the password requirement of the two-factor authentication leveraging an enabled OTP token, which triggers an anonymous bind...