Regipy - An OS Independent Python Library For Parsing Offline Registry Hives

Regipy is a python library for parsing offline registry hives. regipy has a lot of capabilities: Use as a library: Recurse over the registry hive, from root or a given path and get all subkeys and values Read specific subkeys and values Apply transaction logs on a registry hive Command Line Tools...

Moderate: Red Hat Security Advisory: openstack-tripleo-common security and bug fix update

An update for openstack-tripleo-common is now available for Red Hat OpenStack Platform 14.0 Rocky. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

GHSA-MH33-7RRQ-662W Improper Certificate Validation in urllib3

The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use o...

CVE-2019-11324

The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use o...

UBUNTU-CVE-2019-11324

The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use o...

PYSEC-2019-132

In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter...

Beagle - An Incident Response And Digital Forensics Tool Which Transforms Security Logs And Data Into Graphs

Beagle is an incident response and digital forensics tool which transforms data sources and logs into graphs. Supported data sources include FireEye HX Triages, Windows EVTX files, SysMon logs and Raw Windows memory images. The resulting Graphs can be sent to graph databases such as Neo4J or...

PT-2019-5894 · Python +8 · Urllib2 +10

Name of the Vulnerable Software and Affected Versions: Python versions 2.x through 2.7.16 Python versions 3.x through 3.7.3 Description: The issue is related to the urllib2 module in Python, which does not properly neutralize CRLF sequences. This allows for CRLF injection if an attacker controls ...

GHSA-38RV-5JQC-M2CV Recurly vulnerable to SSRF

The Recurly Client Python Library before 2.0.5, 2.1.16, 2.2.22, 2.3.1, 2.4.5, 2.5.1, 2.6.2 is vulnerable to a Server-Side Request Forgery vulnerability in the Resource.get method that could result in compromise of API keys or other critical resources...

Recurly vulnerable to SSRF

The Recurly Client Python Library before 2.0.5, 2.1.16, 2.2.22, 2.3.1, 2.4.5, 2.5.1, 2.6.2 is vulnerable to a Server-Side Request Forgery vulnerability in the Resource.get method that could result in compromise of API keys or other critical resources...

adamalib (=0.1.0), aeat-web-services (>=1.0.0 <=2.0.2) +223 more potentially affected by CVE-2018-19787 via lxml (>=3.2.3 <=4.2.4)

lxml PYPI version =3.2.3, =1.0.0, =1.0.3, =1.0.0a1.post0, =1.10.0, =0.7.2, =1.14.1, =1.3.0, =0.1.0, =1.1.0.dev1, =0.1.0, =1.2018.7.26, =0.1.1, =0.2.0, =0.4.0 and more Source cves: CVE-2018-19787 Source advisory: OSV:PYSEC-2018-12...

CVE-2018-17175

In the marshmallow library before 2.15.1 and 3.x before 3.0.0b9 for Python, the schema "only" option treats an empty list as implying no "only" option, which allows a request that was intended to expose no fields to instead expose all fields if the schema is being filtered dynamically using the...

CentOS 7 : libvirt (CESA-2018:1997) (Spectre)

An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

libvirt security update

CentOS Errata and Security Advisory CESA-2018:1997 An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Scientific Linux Security Update : libvirt on SL7.x x86_64 (20180626) (Spectre)

Security Fixes : - An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged...

Important: Red Hat Security Advisory: libvirt security and bug fix update

An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

ZigBee Security Research Toolkit: KillerBee

KillerBee framework is a tool for attacking ZigBee and IEEE 802.15.4 networks. KillerBee is designed to simplify the process of sniffing packets from the air interface or a supported packet capture file libpcap or Daintree SNA, and for injecting arbitrary packets. Helper functions including IEEE...

SUSE-SU-2018:1194-1 Security update for python-pysaml2

This update for python-pysaml2 fixes the following issues: - CVE-2017-1000433: When python optimizations are enabled, any user is able to login without knowing their password. bsc1074662...

anymail-history (=0.1.8), bmds-ui (>=24.1.0 <=25.1.0) +30 more potentially affected by CVE-2018-1000089 via django-anymail (>=0.9.0 <=15.0.0)

django-anymail PYPI version =0.9.0, =24.1.0, =0.4.10, =0.1.3, =1.0.5, =0.1.0, =0.5.34, =0.1.0a1, =0.0.1, =1.2.0, =2.1.0, =1.0.0, =2026.3.27, =2026.3.28 and more Source cves: CVE-2018-1000089 Source advisory: OSV:PYSEC-2018-46...

createmeta() API call does not respect permissions

The API call for createmeta which should return metadata required for creation of issues, does not respect permissions in some cases. I was working on an automation for my team when i discovered this. Following are the details: - The bot account i am using did not have permission to view a certai...