Lucene search
+L

659 matches found

Vulnrichment
Vulnrichment
added 2025/12/29 5:5 a.m.3 views

CVE-2025-15069 Privilege Escalation in Gmission Web FAX

Improper Authentication vulnerability in Gmission Web Fax allows Privilege Escalation.This issue affects Web Fax: from 3.0 before 3.0.1...

8.4CVSS6.5AI score0.00294EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/29 12:0 a.m.9 views

PT-2025-53693

Name of the Vulnerable Software and Affected Versions Gmission Web Fax versions 3.0 through 3.9 Description A missing authorization check in Gmission Web Fax can allow an unauthorized actor to access sensitive information through authentication abuse. Recommendations Update Gmission Web Fax to...

6.8CVSS6.5AI score0.00294EPSS
Exploits0References8
EUVD
EUVD
added 2025/12/24 3:30 p.m.6 views

EUVD-2025-205264

Missing Authorization vulnerability in SALESmanago SALESmanago salesmanago allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SALESmanago: from n/a through = 3.9.0...

8.8CVSS6.5AI score0.00219EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.5 views

PT-2025-53270

Name of the Vulnerable Software and Affected Versions Funnelforms versions prior to 3.9 Description An authorization issue exists in Funnelforms Free that allows exploitation of incorrectly configured access control security levels. Recommendations Update to version 3.9 or later...

8.8CVSS6.6AI score0.00219EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/19 12:0 a.m.5 views

Oracle Linux 9 : python3.9 (ELSA-2025-23342)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-23342 advisory. 3.9.25-2.0.1 - Remove upstream URL reference 3.9.25-2 - Move sysconfigdatadlinux.py to the debug subpackage 3.9.25-1 - Update to Python 3.9.25 3.9.24-...

6.5CVSS6.5AI score0.00744EPSS
Exploits0References5
OSV
OSV
added 2025/12/18 10:9 a.m.9 views

RHSA-2025:23530 Red Hat Security Advisory: python39:3.9 security update

Bulletin has no description...

7.6CVSS6.9AI score0.01499EPSS
Exploits14References86
Rockylinux
Rockylinux
added 2025/12/18 9:4 a.m.7 views

python39:3.9 and python39-devel:3.9 security update

An update is available for module.python-psutil, python-packaging, module.Cython, module.python-iniconfig, module.python-wcwidth, module.python-ply, python-psutil, python-chardet, module.python-pluggy, python-lxml, python-pysocks, python-wcwidth, python-pluggy, module.python-attrs, Cython,...

7.5CVSS6.6AI score0.03502EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/12/16 8:44 p.m.5 views

CVE-2023-53887

Zomplog 3.9 contains a cross-site scripting vulnerability that allows authenticated users to inject malicious scripts when creating new pages. Attackers can craft malicious image source and onerror attributes to execute arbitrary JavaScript code in victim's browser...

5.4CVSS6.5AI score0.00208EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/16 8:44 p.m.7 views

CVE-2023-53888

Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Attackers can upload malicious JavaScript files, rename them to PHP, and execute system commands by exploiting the saveE and...

8.8CVSS8.5AI score0.00839EPSS
Exploits1References1
AlmaLinux
AlmaLinux
added 2025/12/16 12:0 a.m.5 views

Moderate: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

6.5CVSS6.7AI score0.00744EPSS
Exploits0References10
NVD
NVD
added 2025/12/15 9:15 p.m.5 views

CVE-2023-53888

Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Attackers can upload files such as JavaScript and rename them to .php via the saveE and rename actions, then execute the...

8.8CVSS0.00839EPSS
Exploits1References3
OSV
OSV
added 2025/12/15 9:15 p.m.2 views

CVE-2023-53888

Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Attackers can upload malicious JavaScript files, rename them to PHP, and execute system commands by exploiting the saveE and...

8.8CVSS6.5AI score0.00839EPSS
Exploits1References3
CVE
CVE
added 2025/12/15 8:28 p.m.17 views

CVE-2023-53893

Ateme TITAN File 3.9.12.4 contains an authenticated server-side request forgery (SSRF) in the job callback URL parameter, enabling an attacker to bypass network restrictions and force the application to make HTTP, DNS, or file requests to arbitrary destinations for enumeration. Affected component...

6.5CVSS6.6AI score0.00246EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/12/15 8:28 p.m.24 views

CVE-2023-53888 Zomplog 3.9 Remote Code Execution via Authenticated File Manipulation

Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Attackers can upload files such as JavaScript and rename them to .php via the saveE and rename actions, then execute the...

8.6CVSS0.00839EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2025/11/27 2:54 p.m.8 views

Important: Red Hat Security Advisory: Red Hat Quay 3.9

Red Hat Quay 3.9 is now available with bug fixes. Quay 3.9...

9.1CVSS6.8AI score0.03153EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2025/11/02 12:0 a.m.5 views

FreeBSD : python 3.9 -- end of life, not receiving security support (77a0f93a-b71e-11f0-8d86-d7789240c8c2)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 77a0f93a-b71e-11f0-8d86-d7789240c8c2 advisory. Unsupported versions: ... End of life: 2025-10-31. Tenable has extracted the preceding description bloc...

5.6AI score
Exploits0References2
OpenVAS
OpenVAS
added 2025/10/28 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-cf4edeb201)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8AI score
Exploits0References2
OpenVAS
OpenVAS
added 2025/10/28 12:0 a.m.4 views

Fedora: Security Advisory (FEDORA-2025-39a10a2c79)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.3CVSS6.8AI score0.01499EPSS
Exploits0References3
Amazon
Amazon
added 2025/10/27 12:0 a.m.6 views

Medium: python3.9

Issue Overview: The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be assumed to be the previous record in the ZIP archive. This could be...

4.3CVSS6.7AI score0.00353EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/25 12:0 a.m.5 views

Fedora 43 : python3.9 (2025-cf4edeb201)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-cf4edeb201 advisory. Update to Python 3.9.24 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

5.6AI score
Exploits0References1
Rows per page
Query Builder