Lucene search
K

27 matches found

OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.19 views

Ubuntu: Security Advisory (USN-4247-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.7CVSS4.9AI score0.00496EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2022/05/24 5:12 p.m.4 views

cfsshtunnel (>=0.1.7 <=0.2.1), click-reviewers-tools (>=0.70.0 <=0.84.0) +2 more potentially affected by CVE-2019-15796 via python-apt (=0.7.8)

python-apt PYPI version =0.7.8 is affected by a known vulnerability. The following packages have a transitive dependency on python-apt and may be impacted: - cfsshtunnel =0.1.7, =0.70.0, =0.84.0 - craft-parts =1.19.8 - plex-updater =0.1.0 Source cves: CVE-2019-15796 Source advisory:...

4.7CVSS5.8AI score0.00496EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.16 views

Siemens SIMATIC Controller Web Servers Uncaught Exception (CVE-2020-15796)

A vulnerability has been identified in SIMATIC ET 200SP Open Controller incl. SIPLUS variants V20.8, SIMATIC S7-1500 Software Controller V20.8. The web server of the affected products contains a vulnerability that could allow a remote attacker to trigger a denial-of-service condition by sending a...

7.5CVSS7.3AI score0.01591EPSS
Exploits0References3
Circl
Circl
added 2020/12/15 12:39 a.m.5 views

CVE-2020-15796

creationtimestamp| type| source ---|---|--- 2020-12-15 00:39:24+00:00| seen| https://t.me/cibsecurity/20780...

7.5CVSS7.3AI score0.01591EPSS
Exploits0References1
CVE
CVE
added 2020/12/14 9:5 p.m.49 views

CVE-2020-15796

CVE-2020-15796 affects Siemens SIMATIC Controller Web Servers, specifically the web servers in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants, V20.8) and SIMATIC S7-1500 Software Controller (V20.8) . The vulnerability stems from an Uncaught Exception (CWE-248) in the web server, which co...

7.5CVSS7.4AI score0.01591EPSS
Exploits0References1Affected Software1
ICS
ICS
added 2020/12/08 12:0 a.m.34 views

Siemens SIMATIC Controller Web Servers

1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC Controller Web Servers Vulnerability: Uncaught Exception 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a...

7.5CVSS7.6AI score0.01591EPSS
Exploits0References5
Circl
Circl
added 2020/03/26 3:52 p.m.5 views

CVE-2019-15796

creationtimestamp| type| source ---|---|--- 2020-03-26 15:52:29+00:00| seen| https://t.me/cibsecurity/10752...

4.7CVSS4.6AI score0.00496EPSS
Exploits0References1
OSV
OSV
added 2020/03/26 1:15 p.m.8 views

CVE-2019-15796

Python-apt doesn't check if hashes are signed in Version.fetchbinary and Version.fetchsource of apt/package.py or in fetcharchives of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5...

4.7CVSS4.6AI score
Exploits0References2
OSV
OSV
added 2020/03/26 1:15 p.m.1 views

DEBIAN-CVE-2019-15796

Python-apt doesn't check if hashes are signed in Version.fetchbinary and Version.fetchsource of apt/package.py or in fetcharchives of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5...

4.7CVSS4.8AI score0.00496EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/03/26 1:0 p.m.33 views

CVE-2019-15796 python-apt downloads from untrusted sources

Python-apt doesn't check if hashes are signed in Version.fetchbinary and Version.fetchsource of apt/package.py or in fetcharchives of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5...

4.7CVSS4.6AI score0.00496EPSS
Exploits0References2
CVE
CVE
added 2020/03/26 1:0 p.m.109 views

CVE-2019-15796

CVE-2019-15796 affects the Python-apt package where Version.fetch_binary(), Version.fetch_source(), and _fetch_archives() did not verify signed hashes in versions up to 1.9.3ubuntu2, enabling downloads from unsigned repositories. The issue has been fixed in versions 1.9.5, 1.9.0ubuntu1.2, 1.6.5ub...

4.7CVSS4.6AI score0.00496EPSS
Exploits0References2Affected Software1
Cloud Foundry
Cloud Foundry
added 2020/02/12 12:0 a.m.31 views

USN-4247-2: python-apt regression | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description USN-4247-1 fixed vulnerabilities in python-apt. The updated packages caused a regression when attempting to upgrade to a new Ubuntu release. This update fixes the problem. We apologize for the...

4.7CVSS4.9AI score0.00496EPSS
Exploits0Affected Software1
Cloud Foundry
Cloud Foundry
added 2020/02/12 12:0 a.m.34 views

USN-4247-1: python-apt vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be...

4.7CVSS4.5AI score0.00496EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2020/01/24 12:0 a.m.72 views

Debian: Security Advisory (DLA-2074-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.7CVSS4.8AI score0.00496EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/01/24 12:0 a.m.29 views

Debian DLA-2074-1 : python-apt security update

Several issues have been found in python-apt, a python interface to libapt-pkg. CVE-2019-15795 It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be...

4.7CVSS5.1AI score0.00496EPSS
Exploits0References4
Debian
Debian
added 2020/01/23 9:3 p.m.57 views

[SECURITY] [DLA 2074-1] python-apt security update

Package : python-apt Version : 0.9.3.13 CVE ID : CVE-2019-15795 CVE-2019-15796 Debian Bug : 944696 Several issues have been found in python-apt, a python interface to libapt-pkg. CVE-2019-15795 It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. I...

4.7CVSS4.9AI score0.00496EPSS
Exploits0
OSV
OSV
added 2020/01/23 3:11 p.m.4 views

USN-4247-3 python-apt vulnerabilities

USN-4247-1 fixed several vulnerabilities in python-apt. This update provides the corresponding updates for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker...

4.7CVSS5.8AI score0.00496EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/01/23 12:0 a.m.29 views

Ubuntu 16.04 LTS / 18.04 LTS : python-apt vulnerabilities (USN-4247-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4247-1 advisory. It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perfo...

4.7CVSS5.2AI score0.00496EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.40 views

Ubuntu: Security Advisory (USN-4247-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.7CVSS4.8AI score0.00496EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/01/23 12:0 a.m.27 views

Ubuntu 16.04 LTS / 18.04 LTS : python-apt regression (USN-4247-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4247-2 advisory. USN-4247-1 fixed vulnerabilities in python-apt. The updated packages caused a regression when attempting to upgrade to a new Ubuntu release. This upda...

5.6AI score
Exploits0References1
Rows per page
Query Builder