Magento-Exploit

Magento-Exp...

SUSE CVE-2024-0450

An issue was found in the CPython zipfile module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to “quoted-overlap” zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython...

SUSE CVE-2025-8194

There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives...

CVE-2026-45672

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.12, the /api/v1/utils/code/execute endpoint executes arbitrary Python code via Jupyter for any verified user, even when the admin has set ENABLECODEEXECUTION=false. The feature gate is...

zparty

Zparty Automated web penetration testing framework with loc...

RHEL 10 : python-jwcrypto (RHSA-2026:19042)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:19042 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic...

Fedora 45 : python-uv-build / rust-astral_async_http_range_reader / etc (2026-588c639071)

The remote Fedora 45 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-588c639071 advisory. Update uv and python-uv-build to 0.11.5, fixing ee GHSA-3cv2-h65g-fgmm and GHSA-4gg8-gxpx-9rph. Tenable has extracted the preceding description block directl...

RHEL 10 : python-tornado (RHSA-2026:19034)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:19034 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

RHEL 9 : python3.9 (RHSA-2026:18693)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18693 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

ALSA-2026:19042 Low: python-jwcrypto security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

PT-2026-41957

Summary Alice exposes a Python SDK ProxyShare with a fixed target URL. Bob sends a request to the share with an absolute URL in the path. The Flask handler passes that path to urllib.parse.urljoin, which replaces Alice's configured target host with Bob's host and returns the server-side response ...

Moderate: python-tornado security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

ALSA-2026:19197 Low: python-jwcrypto security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cloud-init (SUSE-SU-2026:1980-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1980-1 advisory. - Update to version 25.1.3 bsc1245403, CVE-2024-11584, CVE-2024-6174 - Update to version 25.1.1...

RHEL 9 : python3.12 (RHSA-2026:18958)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18958 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

RHEL 10 : python3.14 (RHSA-2026:19019)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19019 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

Fedora 44 : python-pysam (2026-28858c383e)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-28858c383e advisory. Update pysam Resolves CVE issues Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

RHEL 9 : python3.11 (RHSA-2026:18957)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18957 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

Security update provided in Brocade ASCG3.4.0b Base OS (OVA Deployment) for glib2 (CVE-2025-13601), libsoup (CVE-2025-14523, CVE-2026-0719, CVE-2026-1761), libpng (CVE-2025-64720, CVE-2025-65018, CVE-2025-66293),  python-urllib3 (CVE-2025-66418, CVE-2025-66471, CVE-2026-21441), gnupg2 (CVE-2025-68973)

Security update provided in Brocade ASCG3.4.0b Base OS OVA Deployment for glib2 CVE-2025-13601, libsoup CVE-2025-14523, CVE-2026-0719, CVE-2026-1761, libpng CVE-2025-64720, CVE-2025-65018, CVE-2025-66293, python-urllib3 CVE-2025-66418, CVE-2025-66471, CVE-2026-21441, gnupg2 CVE-2025-68973 Product...

ALSA-2026:19189 Moderate: python-tornado security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...