659 matches found
CVE-2025-15069 Privilege Escalation in Gmission Web FAX
Improper Authentication vulnerability in Gmission Web Fax allows Privilege Escalation.This issue affects Web Fax: from 3.0 before 3.0.1...
PT-2025-53693
Name of the Vulnerable Software and Affected Versions Gmission Web Fax versions 3.0 through 3.9 Description A missing authorization check in Gmission Web Fax can allow an unauthorized actor to access sensitive information through authentication abuse. Recommendations Update Gmission Web Fax to...
EUVD-2025-205264
Missing Authorization vulnerability in SALESmanago SALESmanago salesmanago allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SALESmanago: from n/a through = 3.9.0...
PT-2025-53270
Name of the Vulnerable Software and Affected Versions Funnelforms versions prior to 3.9 Description An authorization issue exists in Funnelforms Free that allows exploitation of incorrectly configured access control security levels. Recommendations Update to version 3.9 or later...
Oracle Linux 9 : python3.9 (ELSA-2025-23342)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-23342 advisory. 3.9.25-2.0.1 - Remove upstream URL reference 3.9.25-2 - Move sysconfigdatadlinux.py to the debug subpackage 3.9.25-1 - Update to Python 3.9.25 3.9.24-...
RHSA-2025:23530 Red Hat Security Advisory: python39:3.9 security update
Bulletin has no description...
python39:3.9 and python39-devel:3.9 security update
An update is available for module.python-psutil, python-packaging, module.Cython, module.python-iniconfig, module.python-wcwidth, module.python-ply, python-psutil, python-chardet, module.python-pluggy, python-lxml, python-pysocks, python-wcwidth, python-pluggy, module.python-attrs, Cython,...
CVE-2023-53887
Zomplog 3.9 contains a cross-site scripting vulnerability that allows authenticated users to inject malicious scripts when creating new pages. Attackers can craft malicious image source and onerror attributes to execute arbitrary JavaScript code in victim's browser...
CVE-2023-53888
Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Attackers can upload malicious JavaScript files, rename them to PHP, and execute system commands by exploiting the saveE and...
Moderate: python3.9 security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
CVE-2023-53888
Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Attackers can upload files such as JavaScript and rename them to .php via the saveE and rename actions, then execute the...
CVE-2023-53888
Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Attackers can upload malicious JavaScript files, rename them to PHP, and execute system commands by exploiting the saveE and...
CVE-2023-53893
Ateme TITAN File 3.9.12.4 contains an authenticated server-side request forgery (SSRF) in the job callback URL parameter, enabling an attacker to bypass network restrictions and force the application to make HTTP, DNS, or file requests to arbitrary destinations for enumeration. Affected component...
CVE-2023-53888 Zomplog 3.9 Remote Code Execution via Authenticated File Manipulation
Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Attackers can upload files such as JavaScript and rename them to .php via the saveE and rename actions, then execute the...
Important: Red Hat Security Advisory: Red Hat Quay 3.9
Red Hat Quay 3.9 is now available with bug fixes. Quay 3.9...
FreeBSD : python 3.9 -- end of life, not receiving security support (77a0f93a-b71e-11f0-8d86-d7789240c8c2)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 77a0f93a-b71e-11f0-8d86-d7789240c8c2 advisory. Unsupported versions: ... End of life: 2025-10-31. Tenable has extracted the preceding description bloc...
Fedora: Security Advisory (FEDORA-2025-cf4edeb201)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-39a10a2c79)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Medium: python3.9
Issue Overview: The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be...
Fedora 43 : python3.9 (2025-cf4edeb201)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-cf4edeb201 advisory. Update to Python 3.9.24 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...