Lucene search
K

341 matches found

OSV
OSV
added 2019/10/27 7:22 p.m.9 views

OPENSUSE-SU-2019:2393-1 Security update for python

This update for python fixes the following issues: Security issues fixed: - CVE-2019-9947: Fixed an insufficient validation of URL paths with embedded whitespace or control characters that could allow HTTP header injections. bsc1130840 - CVE-2019-16056: Fixed a parser issue in the email module...

7.5CVSS7.7AI score0.05406EPSS
Exploits2References7
OPENSUSE Linux
OPENSUSE Linux
added 2019/10/27 12:0 a.m.153 views

Security update for python (moderate)

openSUSE Security Update: Security update for python Announcement ID: openSUSE-SU-2019:2393-1 Rating: moderate References: 1130840 1149955 1153238 Cross-References: CVE-2019-16056 CVE-2019-16935 CVE-2019-9947 Affected Products: openSUSE Leap 15.1 An update that fixes three vulnerabilities is now...

7.5CVSS7.7AI score0.05406EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2019/10/23 12:0 a.m.53 views

SUSE SLED15 / SLES15 Security Update : python (SUSE-SU-2019:2743-1)

This update for python fixes the following issues : Security issues fixed : CVE-2019-9947: Fixed an insufficient validation of URL paths with embedded whitespace or control characters that could allow HTTP header injections. bsc1130840 CVE-2019-16056: Fixed a parser issue in the email module...

7.5CVSS7.2AI score0.05406EPSS
Exploits2References10
CNVD
CNVD
added 2019/10/08 12:0 a.m.3 views

SugarCRM SQL Injection Vulnerability

SugarCRM is a set of open source customer relationship management software . A SQL injection vulnerability exists in the email module of SugarCRM. The vulnerability stems from a lack of input validation. An attacker can exploit the vulnerability to inject custom PHP code...

8.8CVSS8AI score0.01173EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/09/17 12:0 a.m.47 views

Debian DLA-1924-1 : python3.4 security update

A vulnerability was discovered in Python, an interactive high-level object-oriented language. CVE-2019-16056 The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a...

7.5CVSS7AI score0.05366EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2019/09/17 12:0 a.m.134 views

Debian: Security Advisory (DLA-1925-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.05366EPSS
Exploits0References3
Debian
Debian
added 2019/09/16 8:33 p.m.171 views

[SECURITY] [DLA 1924-1] python3.4 security update

Package : python3.4 Version : 3.4.2-1+deb8u7 CVE ID : CVE-2019-16056 A vulnerability was discovered in Python, an interactive high-level object-oriented language. CVE-2019-16056 The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email...

7.5CVSS6.7AI score0.05366EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2019/09/09 9:21 a.m.55 views

CVE-2019-16056

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

7.5CVSS3.1AI score0.05366EPSS
Exploits0References2
OSV
OSV
added 2019/09/06 6:15 p.m.1 views

DEBIAN-CVE-2019-16056

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

7.5CVSS7.1AI score0.05366EPSS
Exploits0References1
OSV
OSV
added 2019/09/06 6:15 p.m.30 views

CVE-2019-16056

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

7.5CVSS3.1AI score
Exploits0References34
Prion
Prion
added 2019/09/06 6:15 p.m.30 views

Design/Logic Flaw

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

5CVSS6.4AI score0.05366EPSS
Exploits0References34Affected Software10
OSV
OSV
added 2019/09/06 6:15 p.m.2 views

UBUNTU-CVE-2019-16056

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

7.5CVSS6.8AI score0.05366EPSS
Exploits0References5
CVE
CVE
added 2019/09/06 5:24 p.m.672 views

CVE-2019-16056

CVE-2019-16056 : Debian LTS advisories fix a vulnerability in the Python email module where addresses containing multiple @ characters can bypass checks on From/To headers, potentially causing an application to accept an invalid address. The issue affects Python 2.7 as documented in DLA-2337-1 an...

7.5CVSS6.7AI score0.05366EPSS
Exploits0References34Affected Software1
Cvelist
Cvelist
added 2019/09/06 5:24 p.m.26 views

CVE-2019-16056

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

6.8AI score0.05366EPSS
Exploits0References34
OSV
OSV
added 2019/09/06 5:24 p.m.38 views

PSF-2019-5 email.utils.parseaddr mistakenly parse an email

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

7.5CVSS6.8AI score0.05366EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2019/09/06 5:24 p.m.36 views

CVE-2019-16056

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

7.5CVSS6.9AI score0.05366EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2019/09/06 5:24 p.m.29 views

CVE-2019-16056

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To header...

7.5CVSS7.1AI score0.05366EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2018/07/19 12:0 a.m.6 views

PT-2019-4775 · Python +8 · Python +8

Name of the Vulnerable Software and Affected Versions: Python versions 2.7.16 and earlier Python versions 3.x through 3.5.7 Python versions 3.6.x through 3.6.9 Python versions 3.7.x through 3.7.4 Description: The issue is related to the email module in Python, which incorrectly parses email...

10CVSS6.4AI score0.73327EPSS
Exploits76References623
myhack58
myhack58
added 2017/09/25 12:0 a.m.54 views

SugarCRM new vulnerability is reproducible,a hacker attacker or can remote steal customer information data-vulnerability warning-the black bar safety net

SugarCRM audit a variety of network security achievements SugarCRM is more than a hotspot a customer relationship governance check-in Solution, and SugarCRM now important to have two major versions, that is necessary to pay the trade Edition and open source Community Edition, the eras of all ther...

8AI score
Exploits0
Cvelist
Cvelist
added 2017/09/17 9:0 p.m.21 views

CVE-2017-14508

An issue was discovered in SugarCRM before 7.7.2.3, 7.8.x before 7.8.2.2, and 7.9.x before 7.9.2.0 and Sugar Community Edition 6.5.26. Several areas have been identified in the Documents and Emails module that could allow an authenticated user to perform SQL injection, as demonstrated by a...

9AI score0.0257EPSS
Exploits1References3
Rows per page
Query Builder