Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

82 matches found

Circl
Circladded 2026/04/02 5:0 p.m.1 views

CVE-2018-20852

creationtimestamp| type| source ---|---|--- 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/...

5.3CVSS6.7AI score0.0388EPSS
Exploits1References1
F5 Networks
F5 Networksadded 2025/05/27 4:17 p.m.8 views

K000151520: Python vulnerabilities CVE-2018-20852, CVE-2014-4616, and CVE-2013-7040

Security Advisory Description CVE-2018-20852 http.cookiejar.DefaultPolicy.domainreturnok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server...

5.9CVSS7.3AI score0.08125EPSS
Exploits2
OpenVAS
OpenVASadded 2024/07/12 12:0 a.m.52 views

Ubuntu: Security Advisory (USN-6891-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.23293EPSS
Exploits27References2
Tenable Nessus
Tenable Nessusadded 2024/04/28 12:0 a.m.36 views

RHEL 6 / 7 : rh-python36-python (RHSA-2019:3725)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3725 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high leve...

9.1CVSS6.8AI score0.20743EPSS
Exploits7References24
Tenable Nessus
Tenable Nessusadded 2024/04/28 12:0 a.m.29 views

RHEL 6 / 7 : python27-python (RHSA-2019:3948)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3948 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high leve...

7.5CVSS7.5AI score0.05366EPSS
Exploits1References7
Tenable Nessus
Tenable Nessusadded 2023/09/07 12:0 a.m.29 views

Oracle Linux 7 : python3 (ELSA-2020-1132)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1132 advisory. - Security fix for CVE-2019-16056 Resolves: rhbz1750774 Tenable has extracted the preceding description block directly from the Oracle Linux security...

7.5CVSS7.4AI score0.05366EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2023/09/07 12:0 a.m.21 views

Oracle Linux 6 : python (ELSA-2019-4877)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-4877 advisory. - http.cookiejar.DefaultPolicy.domainreturnok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into...

5.3CVSS7.2AI score0.0388EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2023/09/07 12:0 a.m.39 views

Oracle Linux 7 : python (ELSA-2019-4884)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-4884 advisory. 2.7.5-86.0.3 - Prefix dot in domain for proper subdomain validation CVE-2018-20852Orabug: 30114725 Tenable has extracted the preceding description block directl...

5.3CVSS7.2AI score0.0388EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2022/09/01 12:0 a.m.57 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.15.3)

The version of AOS installed on the remote host is prior to 5.15.3. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.15.3 advisory. - An issue was found in Linux kernel before 5.5.4. The mwifiexcmdappendvsietlv function in...

8.3CVSS6.6AI score0.04434EPSS
Exploits2References19
Tenable Nessus
Tenable Nessusadded 2022/09/01 12:0 a.m.78 views

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.18)

The version of AOS installed on the remote host is prior to 5.18. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.18 advisory. - When using the Apache JServ Protocol AJP, care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats A...

9.8CVSS8.4AI score0.9927EPSS
Exploits136References179
OpenVAS
OpenVASadded 2021/11/03 12:0 a.m.23 views

Python < 2.7.17, 3.x < 3.4.10, 3.5.x < 3.5.7, 3.6.x < 3.6.9, 3.7.x < 3.7.3 Cookie domain check returns incorrect results (bpo-35121) - Linux

Python is prone to an improper input validation vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python";...

5.3CVSS6.7AI score0.0388EPSS
Exploits1References1
OSV
OSVadded 2021/10/22 5:58 p.m.9 views

CLSA-2021-1634925483 Fixed CVEs in python: CVE-2018-20852, CVE-2020-8492, CVE-2020-26116, CVE-2020-27619

Add Oracle Linux distribution in platform.py - CVE-2018-20852: Prefix dot in domain for proper subdomain validation - CVE-2020-8492: Python allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client - CVE-2020-26116: http.client allows CRLF injection if...

9.8CVSS6.9AI score0.08235EPSS
Exploits3References1
OpenVAS
OpenVASadded 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2019:2114-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.8AI score0.0388EPSS
Exploits1References2
OpenVAS
OpenVASadded 2021/06/09 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2019:14142-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.3AI score0.08811EPSS
Exploits1References5
OpenVAS
OpenVASadded 2021/04/19 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2019:2091-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.3AI score0.08811EPSS
Exploits1References5
OpenVAS
OpenVASadded 2021/04/19 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2019:2798-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.3AI score0.05366EPSS
Exploits1References5
Tenable Nessus
Tenable Nessusadded 2021/02/01 12:0 a.m.33 views

CentOS 8 : python3 (CESA-2020:1764)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1764 advisory. - python: Cookie domain check returns incorrect results CVE-2018-20852 - python: email.utils.parseaddr wrongly parses email addresses CVE-2019-16056 No...

7.5CVSS7.3AI score0.05366EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2021/02/01 12:0 a.m.52 views

CentOS 8 : python27:2.7 (CESA-2020:1605)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1605 advisory. - python-requests: Redirect from HTTPS to HTTP does not remove Authorization header CVE-2018-18074 - python-urllib3: Cross-host redirect does not remov...

9.8CVSS7.1AI score0.07443EPSS
Exploits5References7
Tenable Nessus
Tenable Nessusadded 2020/12/09 12:0 a.m.147 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : python Multiple Vulnerabilities (NS-SA-2020-0059)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has python packages installed that are affected by multiple vulnerabilities: - http.cookiejar.DefaultPolicy.domainreturnok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricke...

7.5CVSS7.3AI score0.05366EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2020/12/09 12:0 a.m.38 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : python3 Multiple Vulnerabilities (NS-SA-2020-0089)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python3 packages installed that are affected by multiple vulnerabilities: - http.cookiejar.DefaultPolicy.domainreturnok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be trick...

7.5CVSS7.4AI score0.05366EPSS
Exploits1References3
Rows per page
Query Builder