CVE-2025-61912 python-ldap Vulnerable to Improper Encoding or Escaping of Output and Improper Null Termination

python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, ldap.dn.escapednchars escapes \x00 incorrectly by emitting a backslash followed by a literal NUL byte instead of the RFC-4514 hex form \00. Any application that uses this helper to...

CVE-2025-61911 python-ldap has sanitization bypass in ldap.filter.escape_filter_chars

python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...

SUSE SLES15 / openSUSE 15 Security Update : python-xmltodict (SUSE-SU-2025:03511-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:03511-1 advisory. - CVE-2025-9375: XML injection vulnerability in xmltodict allows input data manipulation bsc1249036. Tenable has extracted th...

agentics-py (>=0.0.0 <=0.0.5), agilerl (>=2.3.5 <=2.4.1.dev1) +16 more potentially affected by CVE-2025-61620 via vllm (>=0.10.0 <=0.10.2)

vllm PYPI version =0.10.0, =0.0.0, =2.3.5, =0.1.0, =1.0.1rc1, =0.0.4, =0.1.5, =1.0.0, =0.2.4, =0.1.1, =0.1.2, =0.1.2, =0.1.0, =0.1.2 and more Source cves: CVE-2025-61620 Source advisory: SNYK:PYTHON-VLLM-13450626...

EUVD-2019-19040

Malware in sbrugna...

EUVD-2021-0098

Malware in sbrugna...

EUVD-2025-10057

Malicious code in bioql PyPI...

EUVD-2025-29500

Malicious code in bioql PyPI...

EUVD-2025-29475

Malicious code in bioql PyPI...

EUVD-2023-1913

Malicious code in bioql PyPI...

EUVD-2022-0207

Malicious code in bioql PyPI...

EUVD-2025-22762

Malicious code in bioql PyPI...

EUVD-2025-23165

Malicious code in bioql PyPI...

EUVD-2024-15835

Malicious code in bioql PyPI...

EUVD-2024-2133

Malicious code in bioql PyPI...

The py library through 1.11.0 for Python allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data, because the InfoSvnCommand argument is mishandled. Note: This has been disputed by multiple third parties as not being reproduceable and they argue this is not a valid vulnerability.

...

01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +24265 more potentially affected by CVE-2025-55557 via torch (>=2.0.0 <=2.7.1)

torch PYPI version =2.0.0, =1.0.0, =0.1.0, =2.13.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.10.5, =0.10.13 and more Source cves: CVE-2025-55557 Source advisory: SNYK:PYTHON-TORCH-13052977...

Security update for python-h2

This update for python-h2 fixes the following issues: CVE-2025-57804: Fixed HTTP Request Smuggling due to illegal characters in headers bsc1248737 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...

CLSA-2025-1757945157 python3.11: Fix of CVE-2025-8194

CVE-2025-8194: fix defect in 'TarFile' extraction and entry enumeration APIs to prevent infinite loop and deadlock when processing tar archives with negative offsets...

msdat

This is an offensive tool for Microsoft SQL Server MSSQL database exploitation. The tool is called "MSDAT" and is designed to perform various attacks on MSSQL databases, including reading and writing files, executing system commands, and more. The tool uses a variety of techniques, including OLE...