jexboss

This is a Python script for a tool called JexBoss, which is designed to exploit vulnerabilities in JBoss Application Server and other Java platforms. The script is written in Python 2.7 and uses the urllib3 library for HTTP requests. The script has several modules, including exploits.py,...

Moderate: python3.12-setuptools security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

FuncVul: an Effective Function Level Vulnerability Detection Model Using LLM and Code Chunk

Software supply chain vulnerabilities arise when attackers exploit weaknesses by injecting vulnerable code into widely used packages or libraries within software repositories. While most existing approaches focus on identifying vulnerable packages or libraries, they often overlook the specific...

"Vcd2df" -- Leveraging Data Science Insights for Hardware Security Research

In this work, we hope to expand the universe of security practitioners of open-source hardware by creating a bridge from hardware design languages HDLs to data science languages like Python and R through novel libraries that convert VCD value change dump files into data frames, the expected input...

[SECURITY] Fedora 41 Update: vyper-0.4.1-4.fc41

Pythonic Smart Contract Language for the EVM...

[SECURITY] Fedora 40 Update: python3.13-3.13.2-1.fc40

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.13 package provides the "python3.13" executable:...

[SECURITY] Fedora 41 Update: python3.14-3.14.0~a4-2.fc41

Python 3.14 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.14 package provides the "python3.14" executable:...

CVE-2025-22153

RestrictedPython is a tool that helps to define a subset of the Python language which allows to provide a program input into a trusted environment. Via a type confusion bug in versions of the CPython interpreter starting in 3.11 and prior to 3.13.2 when using try/except, RestrictedPython starting...

[SECURITY] Fedora 40 Update: python3.13-3.13.1-2.fc40

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.13 package provides the "python3.13" executable:...

[SECURITY] Fedora 40 Update: python3.11-3.11.11-1.fc40

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

cpython: python: Memory race condition in ssl.SSLContext certificate store methods

A vulnerability was found in Python. A defect was discovered in the Python “ssl” module where there is a memory race condition with the ssl.SSLContext methods “certstorestats” and “getcacerts”. The race condition can be triggered if the methods are called at the same time that certificates are...

Moderate: python3.12 security update

Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...

Python Execute Command

Execute an arbitrary OS command. Compatible with Python 2.7 and 3.4+. Module Options msf use payload/python/exec msf payloadexec show actions ...actions... msf payloadexec set ACTION msf payloadexec show options ...show and set options... msf payloadexec run module MetasploitModule CachedSize =...

pypy, pypy3: Multiple Vulnerabilities

Background A fast, compliant alternative implementation of the Python language. Description Multiple vulnerabilities have been discovered in pypy. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is n...

[SECURITY] Fedora 41 Update: python3.11-3.11.9-6.fc41

Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...

Number withdrawn

PyTorch is a Python package in the PyTorch open source. This CVE number has been withdrawn...

iocs

It is an offensive tool for threat intelligence. The repository...

Leaving Authentication Credentials in Public Code

Interesting article about a surprisingly common vulnerability: programmers leaving authentication credentials and other secrets in publicly accessible software code: Researchers from security firm GitGuardian this week reported finding almost 4,000 unique secrets stashed inside a total of 450,000...

ALSA-2023:6659 Moderate: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following...

Important: Red Hat Security Advisory: python3.9 security update

An update for python3.9 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...