CVE-2026-3572

creationtimestamp| type| source ---|---|--- 2026-03-20 23:16:28+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-3572 2026-04-08 11:30:08+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3miy6wha4on2c...

MiracleLinux 8 : python-pip-9.0.3-20.el8 (AXSA:2021-2732:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2732:02 advisory. python-pip: Incorrect handling of unicode separators in git references CVE-2021-3572 Tenable has extracted the preceding description block directly from the...

Linux Distros Unpatched Vulnerability : CVE-2019-3572

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libming 0.4.8. There is a heap-based buffer over-read in the function writePNG in the file util/dbl2png.c of the dbl2png command-line...

TencentOS Server 3: python-pip (TSSA-2022:0103)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0103 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Alibaba Cloud Linux 3 : 0103: python-pip (ALINUX3-SA-2022:0103)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0103 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2018-18074: The Requests package befor...

Ubuntu: Security Advisory (USN-7476-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM Security Verify Access is vulnerable to multiple Security Vulnerabilities

Summary The IBM Security Verify Access Appliance and IBM Security Verify Access Container has addressed multiple vulnerabilities in release 10.0.0.8. Vulnerability Details CVEID:CVE-2024-31883 DESCRIPTION: IBM Security Verify Access, under certain configurations, could allow an unauthenticated...

CVE-2025-3572

SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to probe internal network and even access arbitrary local files on the server...

CVE-2025-3572

SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated remote attackers to probe internal network and even access arbitrary local files on the server...

CVE-2025-3572

CVE-2025-3572 concerns a Server-Side Request Forgery in INTUMIT’s SmartRobot. The issue allows unauthenticated remote attackers to probe internal networks and access arbitrary local files on the server via SSRF in the affected SmartRobot component. Public listings consistently describe the vulner...

Linux Distros Unpatched Vulnerability : CVE-2021-3572

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a differen...

Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 277. Vulnerability Details CVEID:CVE-2023-47038 DESCRIPTION: Perl is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the user-defined...

CGA-FR6G-3572-26P6

Bulletin has no description...

CVE-2024-3572

The scrapy/scrapy project is vulnerable to XML External Entity XXE attacks due to the use of lxml.etree.fromstring for parsing untrusted XML data without proper validation. This vulnerability allows attackers to perform denial of service attacks, access local files, generate network connections, ...

CVE-2024-3572 XML External Entity (XXE) Vulnerability in scrapy/scrapy

The scrapy/scrapy project is vulnerable to XML External Entity XXE attacks due to the use of lxml.etree.fromstring for parsing untrusted XML data without proper validation. This vulnerability allows attackers to perform denial of service attacks, access local files, generate network connections, ...

ayugespidertools (>=3.4.0 <=3.9.5), baotool (=1.0.1) +7 more potentially affected by CVE-2024-3572 via scrapy (>=2.0.1 <=2.11.0)

scrapy PYPI version =2.0.1, =3.4.0, =2.8.3, =0.3.0a0, =0.1.2, =0.2.3, =0.2.1, =0.4.0, =0.8.1 Source cves: CVE-2024-3572 Source advisory: OSV:GHSA-7J7M-V7M3-JQM7...

K000138628: python-pip vulnerabilities CVE-2021-3572 and CVE-2023-5752

Security Advisory Description CVE-2021-3572 A flaw was found in python-pip in the way it handled Unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository. The highest threat from this vulnerability is to data integrity...

Ubuntu 16.04 ESM / 18.04 ESM : pip vulnerability (USN-4961-2)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4961-2 advisory. USN-4961-1 fixed a vulnerability in pip. This update provides the corresponding updates for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 ESM...

CVE-2023-3572

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote, unauthenticated attacker may use an attribute of a specific HTTP POST request releated to date/time operations to gain full access to the device...

CVE-2023-3572

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote, unauthenticated attacker may use an attribute of a specific HTTP POST request releated to date/time operations to gain full access to the device...