771 matches found
USN-7828-1 python-ldap vulnerabilities
It was discovered that Python LDAP incorrectly handled special characters in the special character filtering function. A remote attacker could possibly use this issue to perform LDAP injection attacks. CVE-2025-61911 Arad Inbar discovered that Python LDAP incorrectly escaped NUL character bytes. ...
python311-Authlib-1.6.5-1.1 on GA media (moderate)
python311-Authlib-1.6.5-1.1 on GA media Announcement ID: openSUSE-SU-2025:15629-1 Rating: moderate Cross-References: CVE-2025-61920 CVSS scores: CVE-2025-61920 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-61920 SUSE : 8.7...
CVE-2025-61911
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...
CVE-2025-61912 python-ldap Vulnerable to Improper Encoding or Escaping of Output and Improper Null Termination
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, ldap.dn.escapednchars escapes \x00 incorrectly by emitting a backslash followed by a literal NUL byte instead of the RFC-4514 hex form \00. Any application that uses this helper to...
CVE-2025-61911 python-ldap has sanitization bypass in ldap.filter.escape_filter_chars
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...
SUSE SLES15 / openSUSE 15 Security Update : python-xmltodict (SUSE-SU-2025:03511-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:03511-1 advisory. - CVE-2025-9375: XML injection vulnerability in xmltodict allows input data manipulation bsc1249036. Tenable has extracted th...
agentics-py (>=0.0.0 <=0.0.5), agilerl (>=2.3.5 <=2.4.1.dev1) +16 more potentially affected by CVE-2025-61620 via vllm (>=0.10.0 <=0.10.2)
vllm PYPI version =0.10.0, =0.0.0, =2.3.5, =0.1.0, =1.0.1rc1, =0.0.4, =0.1.5, =1.0.0, =0.2.4, =0.1.1, =0.1.2, =0.1.2, =0.1.0, =0.1.2 and more Source cves: CVE-2025-61620 Source advisory: SNYK:PYTHON-VLLM-13450626...
EUVD-2019-19040
Malware in sbrugna...
EUVD-2021-0098
Malware in sbrugna...
EUVD-2025-22762
Malicious code in bioql PyPI...
EUVD-2025-29475
Malicious code in bioql PyPI...
EUVD-2023-1913
Malicious code in bioql PyPI...
EUVD-2025-29500
Malicious code in bioql PyPI...
EUVD-2022-0207
Malicious code in bioql PyPI...
EUVD-2024-15835
Malicious code in bioql PyPI...
EUVD-2025-23165
Malicious code in bioql PyPI...
EUVD-2024-2133
Malicious code in bioql PyPI...
EUVD-2025-10057
Malicious code in bioql PyPI...
The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed by multiple third parties as not being reproduceable and they argue this is not a valid vulnerability.
...
01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +23579 more potentially affected by CVE-2025-55557 via torch (>=2.0.0 <=2.7.1)
torch PYPI version =2.0.0, =1.0.0, =0.1.0, =2.13.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.10.5, =0.10.13 and more Source cves: CVE-2025-55557 Source advisory: SNYK:PYTHON-TORCH-13052977...