Lucene search
K

638 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.9 views

EulerOS 2.0 SP15 : python3 (EulerOS-SA-2026-2466)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |= operator, and unpickli...

7.5CVSS6.7AI score0.00621EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Python 3.11

The ‘zipfile’ module does not check the validity of the offset value specified in the ZIP64 End of Central Directory EOCD Locator record. Instead, the ZIP64 EOCD record is assumed to be the previous record in the ZIP archive. This behavior could be exploited to create ZIP archives that are...

4.3CVSS6.4AI score0.00353EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in Python 3.11

DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata has the same security model as open. The documentation has been updated to clarify this point. There is no vulnerability in the function if the intended security model is followed. pkgutil.getdata d...

5.7AI score0.00238EPSS
Exploits0References2
Redos
Redos
added 2026/06/23 12:0 a.m.8 views

ROS-20260623-73-0013

Vulnerability in Python 3.10 related to the failure to take measures for data cleaning at the management level. Exploitation of this vulnerability allows a remote attacker to execute arbitrary commands...

7.1CVSS6.2AI score0.0029EPSS
Exploits0
Chainguard
Chainguard
added 2026/06/16 2:17 p.m.11 views

CVE-2026-3276 vulnerabilities

Vulnerabilities for packages: python...

6.3CVSS5.1AI score0.00492EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.7 views

RHEL 8 : python3.11 (RHSA-2026:26187)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26187 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

9.1CVSS6.5AI score0.00579EPSS
Exploits0References6
NVD
NVD
added 2026/06/12 4:16 p.m.15 views

CVE-2026-45830

A lack of authorization validation in version 0.4.17 or later of the ChromaDB Python project allows any authenticated users to arbitrarily read, write, update, or delete data in any tenant's collection regardless of which tenant they belong to...

8.8CVSS0.00345EPSS
Exploits0References4
OSV
OSV
added 2026/06/10 10:16 p.m.8 views

DEBIAN-CVE-2026-10142

kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser that allows a malicious broker or machine-in-the-middle attacker to exhaust memory or hang connections by sending a crafted 4-byte frame length value without bounds validation. Attackers can send a...

8.7CVSS5.3AI score0.00348EPSS
Exploits0References1
OSV
OSV
added 2026/06/10 10:16 p.m.8 views

UBUNTU-CVE-2026-10142

kafka-python prior to 2.3.2 contains a denial-of-service vulnerability in the protocol parser that allows a malicious broker or machine-in-the-middle attacker to exhaust memory or hang connections by sending a crafted 4-byte frame length value without bounds validation. Attackers can send a...

8.7CVSS5.4AI score0.00348EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2026/06/10 1:17 a.m.61 views

python-vuln-scanner

Python Vulnerability Scanner !Pythonhttps://img.shields.io...

5.9AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/08 1:47 p.m.14 views

Security Bulletin: Security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak

Summary A security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak. Python is used by IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes...

8.8CVSS6AI score0.00695EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.13 views

RHEL 6 : python (RHSA-2026:22144)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:22144 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

7.1CVSS6.2AI score0.0029EPSS
Exploits0References4
PyPA
PyPA
added 2026/06/05 11:16 p.m.8 views

PYSEC-0000-CVE-2026-45409

Internationalized Domain Names in Applications IDNA for Python provides support for Internationalized Domain Names in Applications IDNA and Unicode IDNA Compatibility Processing. In versions prior to 3.15, payloads such as "\u0660" N or "\u30fb" N + "\u6f22" utilize the validcontexto function pri...

6.9CVSS5.2AI score0.00408EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/05 8:14 a.m.8 views

Security Bulletin: IBM watsonx.ai on Cloud Pak for Data is vulnerable to python-Python-3.12.0b4 (Publicly disclosed vulnerability found by Mend) due to python pip package ( CVE-2023-5752, PRISMA-2022-0168)

Summary IBM watsonx.ai on Cloud Pak for Data internally uses CVE-2023-5752 Vulnerability Details CVEID:CVE-2023-5752 DESCRIPTION: When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary...

5.5CVSS6.5AI score0.00476EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/25 6:49 p.m.17 views

Security Bulletin: Security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak

Summary A security vulnerability in Python affects IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak. Python is used by IBM Robotic Process Automation and IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes...

8.7CVSS6.9AI score0.00487EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/21 2:27 p.m.12 views

Security Bulletin: Multiple vulnerabilities found in CICS Transaction Gateway for Multiplatforms.

Summary CICS Transaction Gateway for Multiplatforms has been updated in order to address multiple vulnerabilities CVE-2025-15281, CVE-2026-0915, CVE-2025-15366, CVE-2025-15367, CVE-2026-0865, CVE-2026-1299, CVE-2025-14831, CVE-2025-9820, CVE-2025-69419, WS-2026-0003, GHSA-72hv-8253-57qq...

7.5CVSS6.8AI score0.00638EPSS
Exploits2Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Python 2.7, Pypy

In Python versions 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an HTTP server can perform Regular Expression Denial of Service ReDoS attacks against clients due to the use of urllib.request.AbstractBasicAuthHandler, which allows catastrophi...

7.1CVSS6.8AI score0.06617EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Python 3.11, Python 3.7

A issue was discovered in the CPython tempfile.TemporaryDirectory class, affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, 3.8.18, and earlier versions. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means that users who can...

7.8CVSS6.7AI score0.00313EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Python 3.7, Python 2.7

A issue was discovered in Python before version 3.11.1. An unnecessary quadratic algorithm exists in one path when processing certain inputs to the IDNA RFC 3490 decoder. This could lead to a CPU denial of service if a maliciously crafted, unreasonably long hostname was provided to the decoder...

7.5CVSS6.8AI score0.02453EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Python 3.7

The lib/zipfile.py module in Python, as of version 3.7.2, allows remote attackers to cause a denial of service resource consumption through a ZIP bomb attack...

7.5CVSS6.8AI score0.05535EPSS
Exploits0References2
Rows per page
Query Builder