1259 matches found
CVE-2018-19351
Jupyter Notebook before 5.7.1 allows XSS via an untrusted notebook because nbconvert responses are considered to have the same origin as the notebook server. In other words, nbconvert endpoints can execute JavaScript with access to the server API. In notebook/nbconvert/handlers.py,...
PT-2018-14936 · Project Jupyter +2 · Jupyter Notebook +2
Name of the Vulnerable Software and Affected Versions: Jupyter Notebook versions prior to 5.7.1 Description: The issue allows for cross-site scripting XSS attacks via an untrusted notebook. This is because nbconvert responses are considered to have the same origin as the notebook server, enabling...
CVE-2018-9069
The CVE-2018-9069 entry concerns a race condition in the BIOS flash device locking mechanism on Lenovo IdeaPad consumer notebooks. The issue can allow an attacker with administrator access to alter BIOS contents due to insufficient protection of the locking mechanism. Affects Lenovo consumer note...
CVE-2018-9069
In some Lenovo IdeaPad consumer notebook models, a race condition in the BIOS flash device locking mechanism is not adequately protected against, potentially allowing an attacker with administrator access to alter the contents of BIOS...
Notebook Pro 2.0 - Denial Of Service Exploit
Exploit for windows platform in category dos / poc Exploit Title : Notebook Pro 2.0 - Denial Of Service PoC Exploit Author : Ali Alipour WebSite : http://Alipour.it Vendor Homepage : http://www.stokedonit.com/apps/notebook-pro/ Software Link Download :...
Notebook Pro 2.0 - Denial Of Service (PoC)
Exploit Title : Notebook Pro 2.0 - Denial Of Service PoC Exploit Author : Ali Alipour WebSite : http://Alipour.it Date: 2018-09-14 Vendor Homepage : http://www.stokedonit.com/apps/notebook-pro/ Software Link Download : https://www.microsoft.com/store/apps/9WZDNCRDMC76 Tested on : Windows 10 -...
Notebook Pro 2.0 - Denial Of Service (PoC)
Notebook Pro 2.0 - Denial Of Service PoC Exploit Title : Notebook Pro 2.0 - Denial Of Service PoC Exploit Author : Ali Alipour WebSite : http://Alipour.it Date: 2018-09-14 Vendor Homepage : http://www.stokedonit.com/apps/notebook-pro/ Software Link Download :...
Notebook Pro 2.0 Denial Of Service
Exploit Title : Notebook Pro 2.0 - Denial Of Service PoC Exploit Author : Ali Alipour WebSite : http://Alipour.it Date: 2018-09-14 Vendor Homepage : http://www.stokedonit.com/apps/notebook-pro/ Software Link Download : https://www.microsoft.com/store/apps/9WZDNCRDMC76 Tested on : Windows 10 -...
GHSA-6CWV-X26C-W2Q4 Jupyter Notebook file bypasses sanitization, executes JavaScript
In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous...
hugo-jupyter (>=0.2.1 <=0.3.0), ipynb-path (>=0.1.2 <=0.1.3) +2 more potentially affected by CVE-2018-8768 via notebook (>=4.2.3 <=5.0.0)
notebook PYPI version =4.2.3, =0.2.1, =0.1.2, =0.5.0, =0.1.0, =0.2.0.dev1 Source cves: CVE-2018-8768 Source advisory: OSV:GHSA-6CWV-X26C-W2Q4...
Jupyter Notebook file bypasses sanitization, executes JavaScript
In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous...
[SECURITY] Fedora 28 Update: python-notebook-5.4.0-2.fc28
The Jupyter Notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. The Notebook has support for multiple programming languages, sharing, and interactive widgets...
Fedora 27 : python-notebook (2018-b621d86462)
Security fix for CVE-2018-8768 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
Fedora Update for python-notebook FEDORA-2018-ddb95c8324
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for python-notebook FEDORA-2018-b621d86462
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 26 : python-notebook (2018-ddb95c8324)
Security fix for CVE-2018-8768 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
[SECURITY] Fedora 27 Update: python-notebook-5.2.1-2.fc27
The Jupyter Notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. The Notebook has support for multiple programming languages, sharing, and interactive widgets...
[SECURITY] Fedora 26 Update: python-notebook-5.0.0-2.fc26
The Jupyter Notebook is a web application that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. The Notebook has support for multiple programming languages, sharing, and interactive widgets...
Updated jupyter-notebook packages fix security vulnerability
CVE-2018-8768: In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous...
MGASA-2018-0182 Updated jupyter-notebook packages fix security vulnerability
CVE-2018-8768: In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous...