Lucene search
+L

49 matches found

RedHat Linux
RedHat Linux
added 2024/12/13 9:19 a.m.33 views

Important: Red Hat Security Advisory: python3.12 security update

An update for python3.12 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

8.7CVSS7AI score0.0188EPSS
Exploits0References3
AlmaLinux
AlmaLinux
added 2024/12/12 12:0 a.m.33 views

Important: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8.7CVSS6.5AI score0.0188EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2024/12/12 12:0 a.m.32 views

Important: python3.12 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8.7CVSS6.5AI score0.0188EPSS
Exploits0References6
OSV
OSV
added 2024/12/04 12:0 a.m.28 views

ALSA-2024:10779 Moderate: python3:3.6.8 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

7.8CVSS6.7AI score0.0067EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/09/23 12:0 a.m.7 views

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to the occurrence of operations outside the buffer in memory, allows attackers to access confidential data.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...

7.8CVSS7AI score0.00939EPSS
Exploits0References18Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/04/19 12:0 a.m.7 views

The vulnerability of the svc_udoctor utility in the operating system for managing and maintaining the Dell Unity Operating Environment’s data storage allows a malicious actor to execute arbitrary commands.

The vulnerability of the svcudoctor utility in the operating environment for managing and maintaining the Dell Unity Operating Environment exists due to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability can allow an...

7.8CVSS7.5AI score0.00897EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/04/15 12:0 a.m.2 views

Gunicorn 环境问题漏洞

Gunicorn is a Python web server gateway interface HTTP server from the Gunicorn open source. Gunicorn suffers from an environment issue vulnerability that stems from an inability to properly validate the Transfer-Encoding header, resulting in an HTTP Request Smuggling HRS attack...

7.5CVSS7.6AI score0.02996EPSS
Exploits0References7
OSV
OSV
added 2024/03/06 11:1 a.m.37 views

BIT-PILLOW-2023-50447

Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 which was about the expression parameter...

8.1CVSS8.9AI score0.01703EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2024/03/01 8:9 p.m.25 views

Budibase affected by VM2 Constructor Escape Vulnerability

Impact Previously, budibase used a library called vm2 for code execution inside the Budibase builder and apps, such as the UI below for configuring bindings in the design section. Due to a vulnerability in vm2, any environment that executed the code server side automations and column formulas was...

8AI score
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2023/11/14 12:0 a.m.5 views

yt-dlp Environmental Issues Vulnerabilities

yt-dlp is based on the youtube-dl branch of the now inactive youtube-dlc. An environment issue vulnerability exists in versions prior to yt-dlp 2023.11.14, which stems from the ability to set an arbitrary proxy for requests to arbitrary URLs, allowing an attacker to man-in-the-middle requests sen...

5CVSS6.7AI score0.00318EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/10/04 12:0 a.m.4 views

Google Golang 环境问题漏洞

Google Golang is a static, strongly typed, compiled language from Google.The syntax of Go is close to C, but with differences in variable declarations.Go supports garbage collection.Go's parallel model is based on Tony Hall's Communicating Sequential Processes CSP, and other languages with a...

7.5CVSS7AI score0.01094EPSS
Exploits1References30
CNNVD
CNNVD
added 2022/07/18 12:0 a.m.32 views

Laminas Project diactoros 环境问题漏洞

Laminas Project diactoros is a PSR HTTP message implementation of Laminas Project. An environment issue vulnerability exists in Laminas Project diactoros, which can be exploited by an attacker to add a new header to laminas-dictoros via Security/x Forwarded Header...

7.2CVSS6.6AI score0.00615EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/02/28 12:0 a.m.4 views

Netty 环境问题漏洞

Netty is a non-blocking I/O client-server framework from the Netty community that is primarily used to develop Java web applications such as protocol servers and clients. Netty suffers from an environment issue vulnerability that stems from not removing vulnerable maven packages from image conten...

5.9CVSS6.5AI score0.04935EPSS
Exploits0References13
CNNVD
CNNVD
added 2022/01/18 12:0 a.m.7 views

Umbraco 环境问题漏洞

Umbraco is an open source Content Management System CMS written in C by Umbraco, Denmark. The Umbraco CMS is vulnerable to an environmental issue that could allow an attacker to change the URL that a user receives when resetting their password to point to the attacker's server, and when the user...

8.6CVSS7.5AI score0.01138EPSS
Exploits2References2
CNNVD
CNNVD
added 2021/09/29 12:0 a.m.6 views

Zeek 环境问题漏洞

Zeek is a powerful network analysis framework. An environment issue vulnerability exists in zeek version 4.1.0 that will invalidate any security analysis based on ZEEK HTTP...

8.2CVSS7.3AI score0.0085EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/03/09 12:0 a.m.5 views

Netty 环境问题漏洞

Netty is a non-blocking I/O client-server framework from the Netty community that is primarily used to develop Java web applications such as protocol servers and clients. Netty suffers from an environmental issue vulnerability that stems from requests being converted to HTTP 1.1 objects when pass...

5.9CVSS6.5AI score0.18891EPSS
Exploits0References128
CNNVD
CNNVD
added 2021/01/18 12:0 a.m.6 views

Tornado Environment Issue Vulnerability

Tornado is a Python web framework and asynchronous networking library from the Tornado community. The library scales to thousands of open connections through the use of non-blocking network I/O, making it ideal for long-time polling, WebSockets, and other applications that require long-term...

5.8AI score
Exploits0References4
CNVD
CNVD
added 2020/02/12 12:0 a.m.3 views

Sylius Environment Issues Vulnerabilities

Sylius is a set of Symfony framework based on open source e-commerce platform . An environmental issue vulnerability exists in Sylius. The vulnerability stems from an unreasonable environmental factor in a networked system or product. No detailed vulnerability details are provided at this time...

5.3CVSS6.9AI score0.00737EPSS
Exploits0References1
CNVD
CNVD
added 2019/11/19 12:0 a.m.2 views

Multiple Qualcomm Products Resource Management Error Vulnerability (CNVD-2020-16066)

Qualcomm MDM9205 and others are products of Qualcomm Incorporated USA.MDM9205 is a central processing unit CPU product. The QCS404 is a central processing unit CPU product.The SDX55 is a modem. A resource management error vulnerability exists in QTEE in multiple Qualcomm products. The vulnerabili...

5.5CVSS6.8AI score0.0017EPSS
Exploits0References1
NVD
NVD
added 2019/05/22 8:29 p.m.21 views

CVE-2018-7821

An Environment CWE-2 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause cycle time impact when flooding the M221 ethernet interface while the Ethernet/IP adapter is activated...

7.5CVSS7.5AI score0.01096EPSS
Exploits0References1
Rows per page
Query Builder