Lucene search
K

23165 matches found

RedHat Linux
RedHat Linux
added 2025/02/04 12:23 p.m.5 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/02/04 8:57 a.m.1 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/02/04 8:39 a.m.6 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
Patchstack
Patchstack
added 2025/02/03 8:31 p.m.3 views

WordPress Print PDF Generator and Publisher plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Khang Duong in WordPress Plugin Print PDF Generator and Publisher versions = 1.2.0...

4.3CVSS7AI score0.00136EPSS
Exploits0Affected Software1
SUSE Linux
SUSE Linux
added 2025/02/03 9:20 a.m.3 views

Security update for python-Jinja2

This update for python-Jinja2 fixes the following issues: CVE-2024-56201: Fixed sandbox breakout through malicious content and filename of a template bsc1234808 CVE-2024-56326: Fixed sandbox breakout through indirect reference to format method bsc1234809 Patch Instructions: To install this SUSE...

8.1CVSS7.3AI score0.005EPSS
Exploits0References8
SUSE Linux
SUSE Linux
added 2025/02/03 9:1 a.m.2 views

Security update for tiff

This update for tiff fixes the following issues: CVE-2024-7006: Fix pointer deref in tifdirinfo.c bsc1228924 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for you...

6.7CVSS7.3AI score0.01516EPSS
Exploits0References4
OSV
OSV
added 2025/02/03 8:55 a.m.15 views

SUSE-SU-2025:20047-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52489: mm/sparsemem: fix race in accessing memorysection-usage bsc1221326. - CVE-2023-52581: netfilter: nftables: fix memleak when more than 255...

8.8CVSS6.3AI score0.00793EPSS
Exploits11References854
RedHat Linux
RedHat Linux
added 2025/02/03 1:14 a.m.5 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
OSV
OSV
added 2025/01/31 8:54 p.m.8 views

MGASA-2025-0031 Updated clamav packages fix security vulnerability

ClamAV OLE2 File Format Decryption Denial of Service Vulnerability. CVE-2025-20128...

7.5CVSS5.5AI score0.01509EPSS
Exploits0References3
Mageia
Mageia
added 2025/01/31 8:54 p.m.13 views

Updated clamav packages fix security vulnerability

ClamAV OLE2 File Format Decryption Denial of Service Vulnerability. CVE-2025-20128...

7.5CVSS5.5AI score0.01509EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/31 12:7 a.m.16 views

CVE-2024-23937 Silicon Labs Gecko OS Debug Interface Format String

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Silicon Labs Gecko OS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the debug interface. The issue results from the lack of proper...

4.3CVSS0.00379EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/31 12:0 a.m.4 views

Silicon Labs Gecko OS 安全漏洞

Silicon Labs Gecko OS is a highly optimized and feature-rich operating system for the Internet of Things from Silicon Labs, USA. A security vulnerability exists in Silicon Labs Gecko OS that stems from a missing debug interface format string validation...

4.3CVSS6.5AI score0.00379EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2025/01/30 6:6 p.m.2 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/30 4:55 p.m.4 views

Malicious code in move-binary-format-wasm (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d6e47d2604861aead1b88adc5debb15c733e9012421604524480bc754379a50a Any computer that has this package installed or running should be considered...

6.8AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/01/28 7:20 p.m.6 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/01/28 4:59 a.m.5 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/01/28 12:0 a.m.1 views

PT-2025-5648 · Pimcore · Pimcore

Name of the Vulnerable Software and Affected Versions: PIMCORE affected versions not specified Description: A Stored Cross-Site Scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the PDF upload functionality. This can result in the execution of malicious script...

8.1CVSS5.9AI score
Exploits0References3
CNNVD
CNNVD
added 2025/01/28 12:0 a.m.3 views

Google Golang 安全漏洞

Google Golang is a static strongly typed, compiled language from Google.Go's syntax is close to that of C, but differs with respect to variable declarations.Go supports garbage collection.Go's parallel model is based on Tony Hall's Communicating Sequential Processes CSP, and other languages that...

7.5CVSS6.8AI score0.00587EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/01/27 7:32 p.m.3 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/01/27 1:33 p.m.3 views

jinja2: Jinja has a sandbox breakout through indirect reference to format method

A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to...

7.8CVSS7.5AI score0.005EPSS
Exploits0References7
Rows per page
Query Builder