Lucene search
K

46 matches found

Positive Technologies
Positive Technologies
added 6 days ago8 views

PT-2026-52884

Name of the Vulnerable Software and Affected Versions Envoy versions 1.18.0 through 1.35.12 Envoy versions 1.36.0 through 1.36.8 Envoy versions 1.37.0 through 1.37.4 Envoy versions 1.38.0 through 1.38.2 Description The router filter contains a null pointer dereference—a condition where the softwa...

7.5CVSS5.9AI score0.00445EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/01/07 9:28 a.m.6 views

CVE-2019-12549

WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key...

10CVSS7.1AI score0.03261EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-53765

Malicious code in bioql PyPI...

9.1CVSS6.6AI score0.00417EPSS
Exploits0References1
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/05/13 5:30 a.m.12 views

New cybersecurity rules for smart heat pump manufacturers

TL;DR Smart heat pumps face new UK cybersecurity rules Must meet ETSI EN 303 645 under the Smart Secure Electricity Systems programme Applies to most domestic heat devices up to 45 kW Compliance deadline expected to be late 2026 / early 2027 Aims to protect consumers, data, and the national grid...

6.8AI score
Exploits0
CVE
CVE
added 2025/01/13 12:0 a.m.32 views

CVE-2024-57811

CVE-2024-57811 affects Eaton X303 firmware 3.5.16–3.5.17 Build 712. An attacker with network access to the XC-303 PLC can log in as root over SSH because the root password is hardcoded in the firmware. The advisory notes these vulnerable versions are no longer supported by Eaton. No patch/version...

9.1CVSS6.6AI score0.00417EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/12/17 7:56 p.m.2 views

urllib3: Request body not stripped after redirect from 303 status changes request method to GET

A flaw was found in urllib3, an HTTP client library for Python. urllib3 doesn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303, after changing the method in a request from one that could accept a request body such as POST to GET, as is required by HTTP...

4.2CVSS7.2AI score0.00544EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/12/17 7:1 p.m.1 views

urllib3: Request body not stripped after redirect from 303 status changes request method to GET

A flaw was found in urllib3, an HTTP client library for Python. urllib3 doesn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303, after changing the method in a request from one that could accept a request body such as POST to GET, as is required by HTTP...

4.2CVSS7.2AI score0.00544EPSS
Exploits0References7
Cvelist
Cvelist
added 2024/10/26 8:26 p.m.19 views

CVE-2020-26309 GHSL-2020-303: Regular Expression Denial of Service (ReDoS) in nope-validator

Validate.js provides a declarative way of validating javascript objects. Versions 0.11.3 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, it is unknown if any patches are available...

8.7CVSS0.00435EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/09/19 11:15 a.m.12 views

CVE-2024-8354

A flaw was found in QEMU. An assertion failure was present in the usbepget function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition...

5.5CVSS6.7AI score0.00286EPSS
Exploits0References4
OSV
OSV
added 2024/07/12 1:55 p.m.6 views

SUSE-SU-2024:2462-1 Security update for python-urllib3

This update for python-urllib3 fixes the following issues: - CVE-2023-45803: Fix a request body leak that could occur when receiving a 303 HTTP response bsc1216377...

4.2CVSS6.5AI score0.00544EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.37 views

RHEL 8 : Satellite 6.14.1 Async Security Update (Moderate) (RHSA-2023:7851)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7851 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...

8.1CVSS7AI score0.01207EPSS
Exploits3References24
Tenable Nessus
Tenable Nessus
added 2024/03/21 12:0 a.m.32 views

EulerOS Virtualization 2.11.0 : python-urllib3 (EulerOS-SA-2024-1435)

According to the versions of the python-urllib3 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide...

8.1CVSS6.9AI score0.01207EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/03/12 12:0 a.m.32 views

Huawei EulerOS: Security Advisory for python-urllib3 (EulerOS-SA-2024-1296)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.9AI score0.01207EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/01/25 11:5 a.m.42 views

Moderate: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.1CVSS6.8AI score0.01207EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/01/18 4:31 p.m.59 views

Moderate: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

8.1CVSS6.8AI score0.01207EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/01/10 10:50 a.m.57 views

Moderate: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.1CVSS6.8AI score0.01207EPSS
Exploits0References3
AlmaLinux
AlmaLinux
added 2024/01/10 12:0 a.m.90 views

Moderate: python-urllib3 security update

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: python-urllib3: Cookie request header isn't stripped during cross-origin redirects CVE-2023-43804 urllib3: Request body not stripped after redirect from 303 status changes...

8.1CVSS7.2AI score0.01207EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/11/15 12:0 a.m.26 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : pip vulnerabilities (USN-6473-2)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6473-2 advisory. USN-6473-1 fixed vulnerabilities in urllib3. This update provides the corresponding updates for the...

8.1CVSS7.1AI score0.01207EPSS
Exploits0References4
OSV
OSV
added 2023/11/07 2:20 p.m.11 views

USN-6473-1 python-urllib3 vulnerabilities

It was discovered that urllib3 didn't strip HTTP Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2018-25091 It was discovered that urllib3 didn't...

8.1CVSS6.8AI score0.01207EPSS
Exploits0References4
OSV
OSV
added 2023/10/17 8:15 p.m.5 views

GHSA-G4MX-Q9VG-27P4 urllib3's request body not stripped after redirect from 303 status changes request method to GET

urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect response using status 303 "See Other" after the request had its method changed from one that could accept a request body like POST to GET as is required by HTTP RFCs. Although the behavior of removing the request body ...

5.7CVSS6.7AI score0.00544EPSS
Exploits0References14
Rows per page
Query Builder