EUVD-2014-0007

Malware in sbrugna...

EUVD-2013-4149

Malware in sbrugna...

EUVD-2009-0319

Malware in sbrugna...

EUVD-2013-4712

Malware in sbrugna...

EUVD-2015-0705

Malware in sbrugna...

PT-2025-39961

Name of the Vulnerable Software and Affected Versions pyfory versions 0.12.0 through 0.12.2 pyfury versions 0.1.0 through 0.10.3 Description Deserialization of untrusted data in Python allows arbitrary code execution. An application is susceptible if it reads serialized data from untrusted source...

Security update for python312

This update for python312 fixes the following issues: CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternative...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to denial of service and improper input validation [CVE-2025-3262] [CVE-2025-3263] [CVE-2025-3264] [CVE-2025-3777]

Summary Python module transformers is used by IBM App Connect Enterprise Certified Container by the mapping assistance capability. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to denial of service and improper input validatio...

[SECURITY] Fedora 42 Update: python-pycares-4.9.0-1.fc42

pycares is a Python module which provides an interface to c-ares. c-ares is a C library that performs DNS requests and name resolutions asynchronously...

CVE-2025-48945 pycares has a Use-After-Free Vulnerability

pycares is a Python module which provides an interface to c-ares. c-ares is a C library that performs DNS requests and name resolutions asynchronously. Prior to version 4.9.0, pycares is vulnerable to a use-after-free condition that occurs when a Channel object is garbage collected while DNS...

TencentOS Server 3: python3 (TSSA-2023:0299)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0299 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

[SECURITY] Fedora 42 Update: python-pyside6-6.9.1-1.fc42

PySide6 is the official Python module from the Qt for Python project, which provides access to the complete Qt 6+ framework...

CVE-2025-49131

FastGPT is an open-source project that provides a platform for building, deploying, and operating AI-driven workflows and conversational agents. The Sandbox container fastgpt-sandbox is a specialized, isolated environment used by FastGPT to safely execute user-submitted or dynamically generated...

CVE-2025-49131

The CVE-2025-49131 affects FastGPT’s sandbox container (fastgpt-sandbox) prior to 4.9.11. The issue is insufficient isolation and overly permissive syscalls that allow bypassing Python import restrictions, enabling reads/writes of arbitrary files and potential sandbox escape. A PoC exploit exists...

CVE-2013-4867

Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking...

AZL-58360 CVE-2025-1550 affecting package keras for versions less than 3.3.3-2

The Keras Model.loadmodel function permits arbitrary code execution, even with safemode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their arguments, ...

Linux Distros Unpatched Vulnerability : CVE-2014-4616

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Array index error in the scanstring function in the json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read...

SUSE-SU-2024:4021-1 Security update for SUSE Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Security fixes on Python 3.11 interpreter: CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes bsc1229873, bsc1230059 CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Pat...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.10)

The version of AOS installed on the remote host is prior to 6.10. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.10 advisory. - squashfsopendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. ...

USN-6984-1: WebOb vulnerability

It was discovered that WebOb incorrectly handled certain URLs. An attacker could possibly use this issue to control a redirect or forward to another URL...