23 matches found
EUVD-2021-10772
Malware in sbrugna...
OPENSUSE-SU-2024:13261-1 python311-3.11.5-2.1 on GA media
These are all security issues fixed in the python311-3.11.5-2.1 package on the GA media of openSUSE Tumbleweed...
Bosch Security Systems B426 Conettix Cleartext Transmission of Sensitive Information (CVE-2021-23846)
When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firmware version 3.11.5, which will be released on the 30th of June, 2021. This plugin only works wit...
CVE-2024-1369
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setting the username and password for collectd configurations. Exploitation of this vulnerability...
SUSE-SU-2023:3943-1 Security update for python311
This update for python311 fixes the following issues: Update to 3.11.5. - CVE-2023-40217: Fixed TLS handshake bypass on closed sockets bsc1214692. - CVE-2023-41105: Fixed input truncation on null bytes in os.path.normpath bsc1214693...
Python 3.11.x < 3.11.5, 3.12.0a1 < 3.12.0rc2 Security Bypass Vulnerability - Linux
Python is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...
Python 3.11.x < 3.11.5, 3.12.0a1 < 3.12.0rc2 Security Bypass Vulnerability - Mac OS X
Python is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...
SUSE CVE-2023-40587
Pyramid is an open source Python web framework. A path traversal vulnerability in Pyramid versions 2.0.0 and 2.0.1 impacts users of Python 3.11 that are using a Pyramid static view with a full filesystem path and have a index.html file that is located exactly one directory above the location of t...
Python < 3.8.18, 3.9.x < 3.9.18, 3.10.x < 3.10.13, 3.11.x < 3.11.5 Security Bypass Vulnerability - Windows
Python is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...
Python < 3.8.18, 3.9.x < 3.9.18, 3.10.x < 3.10.13, 3.11.x < 3.11.5 Security Bypass Vulnerability - Linux
Python is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...
Moodle 3.9.x < 3.9.12 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.12, 3.10.x prior to 3.10.9 or 3.11.x prior to 3.11.5. It is, therefore, affected by multiple vulnerabilities: - An SQL injection vulnerability in the h5p activity web service responsible for fetching user attempt data...
Moodle SQL注入漏洞
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A SQL injection vulnerability exists in Moodle versions 3.9.0 through 3.11.5, which stems from insufficient cleanup of user-supplied da...
Moodle 3.11.5 - SQL injection (Authenticated) Exploit
Exploit Title: Moodle 3.11.5 - SQLi Authenticated Date: 2/3/2022 Exploit Author: Chris Anastasio @mufinnnnnnn Vendor Homepage: https://moodle.com/ Software Link: https://github.com/moodle/moodle/archive/refs/tags/v3.11.5.zip Write Up: https://muffsec.com/blog/moodle-2nd-order-sqli/ Tested on:...
Moodle 3.11.5 SQL Injection
Exploit Title: Moodle 3.11.5 - SQLi Authenticated Date: 2/3/2022 Exploit Author: Chris Anastasio @mufinnnnnnn Vendor Homepage: https://moodle.com/ Software Link: https://github.com/moodle/moodle/archive/refs/tags/v3.11.5.zip Write Up: https://muffsec.com/blog/moodle-2nd-order-sqli/ Tested on:...
Moodle 3.11.5 - SQLi (Authenticated)
Exploit Title: Moodle 3.11.5 - SQLi Authenticated Date: 2/3/2022 Exploit Author: Chris Anastasio @mufinnnnnnn Vendor Homepage: https://moodle.com/ Software Link: https://github.com/moodle/moodle/archive/refs/tags/v3.11.5.zip Write Up: https://muffsec.com/blog/moodle-2nd-order-sqli/ Tested on:...
Moodle < 3.9.12, 3.10.x < 3.10.9, 3.11.x < 3.11.5 Multiple Vulnerabilities
Moodle is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2021-23846
When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firmware version 3.11.5, which will be released on the 30th of June, 2021...
CVE-2021-23846
When using http protocol, the user password is transmitted as a clear text parameter for which it is possible to be obtained by an attacker through a MITM attack. This will be fixed starting from Firmware version 3.11.5, which will be released on the 30th of June, 2021...
CVE-2011-2697
foomatic-rip-hplip in HP Linux Imaging and Printing HPLIP 3.11.5 allows remote attackers to execute arbitrary code via a crafted FoomaticRIPCommandLine field in a .ppd file...
CVE-2011-2697
foomatic-rip-hplip in HP Linux Imaging and Printing HPLIP 3.11.5 allows remote attackers to execute arbitrary code via a crafted FoomaticRIPCommandLine field in a .ppd file...