Lucene search
K

84 matches found

Ubuntu
Ubuntu
added 2026/03/31 12:19 a.m.10 views

USN-8135-1: Pillow vulnerabilities

It was discovered that Pillow did not correctly handle reading J2K files, which could lead to an out-of-bounds read vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue...

9.1CVSS7.8AI score0.02876EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : python-pillow-5.1.1-18.el8_9.1.ML.1 (AXSA:2024-7539:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7539:03 advisory. pillow: Arbitrary Code Execution via the environment parameter CVE-2023-50447 Tenable has extracted the preceding description block directly from the...

8.1CVSS8AI score0.01703EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 7 : python-pillow-2.0.0-25.gitd1c6db8.el7 (AXSA:2024-7532:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-7532:02 advisory. pillow: Arbitrary Code Execution via the environment parameter CVE-2023-50447 Tenable has extracted the preceding description block directly from the...

8.1CVSS8.4AI score0.01703EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

RHEL 9 : kernel (RHSA-2026:0535)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0535 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: nfsd: handle getclientlocked...

7.8CVSS7.2AI score0.00194EPSS
Exploits0References24
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.4 views

TencentOS Server 4: python-pillow (TSSA-2024:0593)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0593 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

9.8CVSS7.1AI score0.03399EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/01 6:42 p.m.4 views

CVE-2022-50447

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: Fix crash on hcicreatecissync When attempting to connect multiple ISO sockets without using DEFERSETUP may result in the following crash: BUG: KASAN: null-ptr-deref in hcicreatecissync+0x18b/0x2b0 Read of size...

7CVSS5.8AI score0.0015EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/10/01 12:15 p.m.1 views

CVE-2022-50447

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: Fix crash on hcicreatecissync When attempting to connect multiple ISO sockets without using DEFERSETUP may result in the following crash: BUG: KASAN: null-ptr-deref in hcicreatecissync+0x18b/0x2b0 Read of size...

5.5CVSS6.2AI score0.0015EPSS
Exploits0References5
Virtuozzo
Virtuozzo
added 2025/09/25 12:0 a.m.52 views

[Important] [Security] Vulnerability Fixes in urllib3, PyYAML, and Pillow (CVE-2018-20060, CVE-2020-1747, CVE-2020-14343, CVE-2023-50447, and CVE-2023-44271) for VzLinux 7.9

This update fixes the vulnerabilities in urllib3, PyYAML, and Pillow, which are registered as CVE-2018-20060, CVE-2020-1747, CVE-2020-14343, CVE-2023-50447, and CVE-2023-44271...

10CVSS8.1AI score0.05984EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.3 views

TencentOS Server 3: python-pillow (TSSA-2024:0078)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0078 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

8.1CVSS7.7AI score0.01703EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.5 views

TencentOS Server 2: python-pillow (TSSA-2024:0069)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0069 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

8.1CVSS7.7AI score0.01703EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.3 views

openSUSE Security Advisory (SUSE-SU-2024:0185-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.4AI score0.01703EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/11/07 12:0 a.m.8 views

RHEL 7 : python-pillow (RHSA-2024:0857)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0857 advisory. The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representatio...

8.1CVSS7.2AI score0.01703EPSS
Exploits0References4
Circl
Circl
added 2024/10/28 7:30 p.m.5 views

CVE-2024-50447

creationtimestamp| type| source ---|---|--- 2024-10-28 19:30:37+00:00| seen| https://t.me/cvedetector/9146...

6.5CVSS4.8AI score0.00239EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/28 5:57 p.m.17 views

CVE-2024-50447 WordPress Envo's Elementor Templates & Widgets for WooCommerce plugin <= 1.4.19 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce envo-elementor-for-woocommerce allows Stored XSS.This issue affects Envo's Elementor Templates & Widgets for WooCommerce: from n/a...

6.5CVSS0.00239EPSS
Exploits0References1
CVE
CVE
added 2024/10/28 5:57 p.m.50 views

CVE-2024-50447

CVE-2024-50447 affects EnvoThemes Envo’s Elementor Templates & Widgets for WooCommerce (WordPress plugin). It is a Stored XSS vulnerability caused by improper input neutralization during page generation, affecting versions up to 1.4.19. Patch: update to 1.4.20 or later. The vulnerability details ...

6.5CVSS5.9AI score0.00239EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/28 5:57 p.m.9 views

CVE-2024-50447 WordPress Envo's Elementor Templates & Widgets for WooCommerce plugin <= 1.4.19 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce envo-elementor-for-woocommerce allows Stored XSS.This issue affects Envo's Elementor Templates & Widgets for WooCommerce: from n/a...

6.5CVSS5.9AI score0.00239EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/10/28 12:0 a.m.11 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-2658)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS9.8AI score0.01703EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/10/28 12:0 a.m.10 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-2624)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS9.8AI score0.01703EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.9 views

WordPress Envo's Elementor Templates & Widgets for WooCommerce Plugin <= 1.4.19 is vulnerable to Cross Site Scripting (XSS)

Software Envo's Elementor Templates & Widgets for WooCommerce Type Plugin Vulnerable versions = 1.4.19 Fixed in 1.4.20 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50447 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 28c4d14cb691 Credits...

6.5CVSS6.3AI score0.00239EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2024/09/23 12:0 a.m.15 views

Huawei EulerOS: Security Advisory for python-pillow (EulerOS-SA-2024-2488)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.4AI score0.01703EPSS
Exploits0References2
Rows per page
Query Builder