Lucene search
K

1226 matches found

CVE
CVE
added yesterday10 views

CVE-2026-57264

GeoWebPlayer’s Websocket Server (used by GV-VMS/GV-Cloud) exposes a command interface where many commands accept an index that is not consistently validated. The Talos and CVE records describe multiple CVEs (e.g., CVE-2026-57264) across several commands (connectInfo, setStream, setPIP, audio, sna...

8.3CVSS5.8AI score0.00215EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.7 views

SUSE SLED15 / SLES15 Security Update : python-pip (SUSE-SU-2026:2634-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2634-1 advisory. This update for python-pip fixes the following issues - CVE-2026-3219: pip doesn't reject concatenated ZIP...

8CVSS5.9AI score0.00275EPSS
Exploits0References10
OSV
OSV
added 2026/06/25 1:55 p.m.2 views

SUSE-SU-2026:2634-1 Security update for python-pip

This update for python-pip fixes the following issues - CVE-2026-3219: pip doesn't reject concatenated ZIP bsc1262429. - CVE-2026-6357: pip self-update functionality can import newly installed modules after wheel installation bsc1263442. - CVE-2026-8643: path traversal via malicious entry point...

8CVSS6.4AI score0.00275EPSS
Exploits0References7
NVD
NVD
added 2026/06/22 10:16 p.m.8 views

CVE-2025-71344

picklescan before 0.0.30 affected versions 0.0.26 and earlier fails to detect the ensurepip.runpip built-in function when scanning pickle files, allowing attackers to execute arbitrary code. Malicious pickle files embedding ensurepip.runpip calls in reduce methods bypass picklescan detection and...

8.1CVSS0.00367EPSS
Exploits0References2
CVE
CVE
added 2026/06/22 9:4 p.m.8 views

CVE-2025-71344

CVE-2025-71344 affects picklescan prior to 0.0.30 (vulnerable: 0.0.26 and earlier). Malicious pickle files that embed ensurepip._run_pip calls in reduce can bypass detection and enable remote code execution when pickle.load() is used. No exploitation details are provided beyond this description.

8.1CVSS6.8AI score0.00367EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.4 views

Amazon Linux 2023 : python3.14-pip, python3.14-pip-wheel (ALAS2023-2026-1838)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1838 advisory. A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel. This wheel contains specially...

8CVSS6.2AI score0.00275EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.13 views

Amazon Linux 2023 : python3.11-pip, python3.11-pip-wheel (ALAS2023-2026-1839)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1839 advisory. A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel. This wheel contains specially...

8CVSS6.2AI score0.00275EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.7 views

Amazon Linux 2023 : python3.12-pip, python3.12-pip-wheel (ALAS2023-2026-1840)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1840 advisory. A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel. This wheel contains specially...

8CVSS6.2AI score0.00275EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.7 views

Amazon Linux 2 : python-pip, --advisory ALAS2-2026-3358 (ALAS-2026-3358)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3358 advisory. A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel. This wheel contains specially...

8CVSS6.2AI score0.00275EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

Amazon Linux 2023 : python3.13-pip, python3.13-pip-wheel (ALAS2023-2026-1841)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1841 advisory. A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel. This wheel contains specially...

8CVSS6.2AI score0.00275EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

Amazon Linux 2023 : python3-pip, python3-pip-wheel (ALAS2023-2026-1837)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1837 advisory. A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel. This wheel contains specially...

8CVSS6.2AI score0.00275EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in python-pip

When extracting a tar archive, pip may not check symbolic links pointing into the extraction directory if the tarfile module does not implement PEP 706. Note that upgrading pip to a “fixed” version does not fix all vulnerabilities that are mitigated by using a Python version that implements PEP...

5.9CVSS6.8AI score0.00438EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in python-pip

A flaw was discovered in python-pip regarding its handling of Unicode separators in git references. A remote attacker could potentially exploit this issue to install a different revision in a repository. The greatest threat posed by this vulnerability is to data integrity. This issue has been fix...

5.7CVSS6.7AI score0.01687EPSS
Exploits2References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in python-pip

When installing a package from a Mercurial VCS URL e.g., “pip install hg+…” using pip before version 23.3, the specified Mercurial revision could be used to inject arbitrary configuration options into the “hg clone” call e.g., “--config”. Controlling the Mercurial configuration allows modifying t...

5.5CVSS6.8AI score0.00476EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in python-pip

The pip package before version 19.2 for Python allows Directory Traversal when a URL is provided in an install command. This is possible because the Content-Disposition header can contain "../ in the filename, as demonstrated by overwriting the /root/.ssh/authorizedkeys file. This behavior occurs...

7.5CVSS7.3AI score0.03028EPSS
Exploits1References2
Photon
Photon
added 2026/06/19 12:0 a.m.6 views

Critical Photon OS Security Update - PHSA-2026-4.0-1038

Updates of 'coredns', 'redis', 'erlang', 'rsync', 'python3-pip' packages of Photon OS have been released...

8.1CVSS6.7AI score0.01141EPSS
Exploits1
OSV
OSV
added 2026/06/16 9:44 a.m.3 views

ROOT-APP-PYPI-CVE-2026-3219 CVE-2026-3219 in rootio-pip - Patched by Root

Root has patched CVE-2026-3219 in the rootio-pip package for Root:PyPI. Multiple fixed versions available...

5CVSS5.2AI score0.00144EPSS
Exploits0
OSV
OSV
added 2026/06/16 9:44 a.m.9 views

ROOT-APP-PYPI-CVE-2026-6357 CVE-2026-6357 in rootio-pip - Patched by Root

Root has patched CVE-2026-6357 in the rootio-pip package for Root:PyPI. Multiple fixed versions available...

5.8CVSS5.8AI score0.00138EPSS
Exploits0
OSV
OSV
added 2026/06/16 9:44 a.m.5 views

ROOT-APP-PYPI-CVE-2023-5752 CVE-2023-5752 in rootio-pip - Patched by Root

Root has patched CVE-2023-5752 in the rootio-pip package for Root:PyPI. Multiple fixed versions available...

5.5CVSS5.4AI score0.00476EPSS
Exploits0
OSV
OSV
added 2026/06/16 9:44 a.m.4 views

ROOT-APP-PYPI-CVE-2025-8869 CVE-2025-8869 in rootio-pip - Patched by Root

Root has patched CVE-2025-8869 in the rootio-pip package for Root:PyPI. Multiple fixed versions available...

5.9CVSS7.5AI score0.00438EPSS
Exploits0
Rows per page
Query Builder