Lucene search
K

96 matches found

SUSE CVE
SUSE CVE
added 2026/01/13 12:24 a.m.5 views

SUSE CVE-2026-22702

virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU Time-of-Check-Time-of-Use vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a rac...

4.5CVSS6.5AI score0.00085EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.6 views

FreeBSD : virtualenv -- CWE-59: Improper Link Resolution Before File Access ('Link Following') (fd3855b8-efbc-11f0-9e3f-b0416f0c4c67)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fd3855b8-efbc-11f0-9e3f-b0416f0c4c67 advisory. https://github.com/pypa/virtualenv/security/advisories/GHSA-597g-3phw-6986 reports: virtualenv is a too...

4.5CVSS5.8AI score0.00085EPSS
Exploits0References3
NVD
NVD
added 2026/01/10 7:16 a.m.9 views

CVE-2026-22702

virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU Time-of-Check-Time-of-Use vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a rac...

4.5CVSS0.00085EPSS
Exploits0References3
OSV
OSV
added 2026/01/10 7:16 a.m.6 views

AZL-74237 CVE-2026-22702 affecting package python-virtualenv 20.25.0-3

virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU Time-of-Check-Time-of-Use vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a rac...

4.5CVSS5.7AI score0.00085EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/01/10 7:16 a.m.5 views

CVE-2026-22702

virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU Time-of-Check-Time-of-Use vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a rac...

4.5CVSS5.8AI score0.00085EPSS
Exploits0References4
OSV
OSV
added 2026/01/10 7:16 a.m.5 views

UBUNTU-CVE-2026-22702

virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU Time-of-Check-Time-of-Use vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a rac...

4.5CVSS5.7AI score0.00085EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/01/10 6:5 a.m.27 views

CVE-2026-22702 virtualenv Has TOCTOU Vulnerabilities in Directory Creation

virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU Time-of-Check-Time-of-Use vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a rac...

4.5CVSS0.00085EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/10 6:5 a.m.3 views

CVE-2026-22702 virtualenv Has TOCTOU Vulnerabilities in Directory Creation

virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU Time-of-Check-Time-of-Use vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a rac...

4.5CVSS6.1AI score0.00085EPSS
Exploits0References3
CVE
CVE
added 2026/01/10 6:5 a.m.31 views

CVE-2026-22702

CVE-2026-22702 concerns the Python tool for creating isolated environments, virtualenv. The issue is a TOCTOU race in directory creation where a local attacker can exploit a window between existence checks and creation to redirect virtualenv’s app_data and lock files to attacker-controlled locati...

4.5CVSS6.1AI score0.00085EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/01/10 6:5 a.m.5 views

CVE-2026-22702 virtualenv Has TOCTOU Vulnerabilities in Directory Creation

virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU Time-of-Check-Time-of-Use vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a rac...

4.5CVSS6.2AI score0.00085EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 10:5 a.m.8 views

CVE-2019-20617

An issue was discovered on Samsung mobile devices with P9.0 software. Secure Folder leaks preview data of recent apps. The Samsung ID is SVE-2018-13764 March 2019...

5.3CVSS7AI score0.0034EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/02 3:51 p.m.3 views

CVE-2025-62840 HBS 3 Hybrid Backup Sync

A generation of error message containing sensitive information vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If an attacker gains local network access, they can then exploit the vulnerability to read application data. We have already fixed the vulnerability in the following...

7CVSS5.9AI score0.00203EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/31 5:11 a.m.3 views

CVE-2025-15221

A flaw has been found in SohuTV CacheCloud up to 3.2.0. This vulnerability affects the function index of the file src/main/java/com/sohu/cache/web/controller/AppDataMigrateController.java. This manipulation causes cross site scripting. Remote exploitation of the attack is possible. The exploit ha...

5.4CVSS5.5AI score0.002EPSS
Exploits1References1
CNVD
CNVD
added 2025/12/19 12:0 a.m.6 views

Apple macOS Tahoe Insufficient Authentication Vulnerability

Apple macOS Tahoe is a desktop operating system released by Apple on June 10, 2025, using the LiquidGlass design language and integrating several AI and cross-device features. Apple macOS Tahoe suffers from an insufficient authentication vulnerability that can be exploited by an attacker to cause...

5.5CVSS6.3AI score0.00197EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/13 10:0 p.m.7 views

CVE-2025-43471

The issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data...

5.5CVSS6AI score0.00159EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/12 8:57 p.m.1 views

CVE-2025-43522

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Tahoe 26.2, macOS Sequoia 15.7.3. An app may be able to access user-sensitive data...

5.5AI score0.00111EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.5 views

PT-2025-51019

Name of the Vulnerable Software and Affected Versions macOS versions prior to 14.8.3 macOS versions prior to 15.7.3 macOS version 26.2 iOS versions prior to 18.7.3 iPadOS versions prior to 18.7.3 Description An application may be able to access sensitive user data due to insufficient checks. The...

5.5CVSS5.9AI score0.00197EPSS
Exploits0References26
EUVD
EUVD
added 2025/11/24 3:30 p.m.16 views

EUVD-2025-198706

Null pointer dereference in coapdtlsinfocallback in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake where SSLgetappdata returns NULL...

4.3CVSS6.2AI score0.00226EPSS
Exploits0References3
CVE
CVE
added 2025/11/24 12:0 a.m.12 views

CVE-2025-65501

CVE-2025-65501 affects libcoap 4.3.5. The issue is a null pointer dereference in coap_dtls_info_callback() during a DTLS handshake when SSL_get_app_data() returns NULL, enabling potential denial of service. Fedora advisories indicate that updates to 4.3.5a are released for Fedora 42/43; Nessus/Op...

4.3CVSS6.3AI score0.00226EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2025/11/24 12:0 a.m.3 views

CVE-2025-65501

Null pointer dereference in coapdtlsinfocallback in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a DTLS handshake where SSLgetappdata returns NULL...

4.3CVSS6.4AI score0.00226EPSS
Exploits0References2
Rows per page
Query Builder