Public Python bug reports.

Team Bounty Title
Python (IBB) $500 Unsafe arithmetic in PyString_DecodeEscape
Python (IBB) $500 Type confusion in FutureIter_throw() which may potentially lead to an arbitrary code execution
Python (IBB) $1,000 chain.__setstate__ Type Confusion
Python (IBB) $1,500 LZMADecompressor.decompress Use After Free
Python $1,000 msilib.OpenDatabase Type Confusion
Python $1,000 urllib HTTP header injection CVE-2016-5699
Python $1,000 CVE-2016-0772 - python: smtplib StartTLS stripping attack
Python $500 Heap corruption via Python 2.7.11 IOBase readline()
Python $500 Python 2.7 strop.replace Integer Overflow
Python $1,000 Type confusion in partial.setstate, partial_repr, partial_call leads to memory corruption, reliable control flow hijack
Python $500 tokenizer crash when processing undecodable source code
Python $1,000 PyFloat_FromString & PyNumber_Long Buffer Over-reads
Python $500 use after free in load_newobj_ex
Python $500 array.fromstring Use After Free
Python $1,000 bytearray.find Buffer Over-read
Python $500 hotshot pack_string Heap Buffer Overflow
Python $500 audioop.adpcm2lin Buffer Over-read
Python $500 audioop.lin2adpcm Buffer Over-read
Python $1,000 Python deque.index() uninitialized memory
Python $500 Python scan_eol() Buffer Over-read
Python $500 time_strftime() Buffer Over-read
Python $500 Python xmlparse_setattro() Type Confusion
Python $500 Python 3.3 - 3.5 product_setstate() Out-of-bounds Read
Python $500 Integer overflow in _Unpickler_Read