Vulnerabilities > Python
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-05-27 | CVE-2010-2089 | Out-of-bounds Write vulnerability in Python The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634. | 5.0 |
| 2010-05-27 | CVE-2010-1450 | Classic Buffer Overflow vulnerability in Python 2.5.0 Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function. | 7.5 |
| 2010-05-27 | CVE-2009-4134 | Out-Of-Bounds Write vulnerability in Python 2.5.0 Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service (application crash) via a large ZSIZE value in a black-and-white (aka B/W) RGB image that triggers an invalid pointer dereference. | 5.0 |
| 2009-10-22 | CVE-2009-2940 | Remote Security vulnerability in Pygresql 3.8.1/4.0 The pygresql module 3.8.1 and 4.0 for Python does not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings. | 7.5 |
| 2008-11-10 | CVE-2008-5031 | Numeric Errors vulnerability in Python Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. | 10.0 |
| 2008-11-01 | CVE-2008-4864 | Integer Overflow or Wraparound vulnerability in Python Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679. | 7.5 |
| 2008-08-01 | CVE-2008-3142 | Classic Buffer Overflow vulnerability in multiple products Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro. | 7.5 |
| 2008-04-18 | CVE-2008-1887 | Classic Buffer Overflow vulnerability in multiple products Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() is disabled and triggers a buffer overflow. | 9.3 |
| 2008-04-10 | CVE-2008-1721 | Incorrect Conversion between Numeric Types vulnerability in multiple products Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow. | 7.5 |