CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

283 matches found

OSV•added 2023/10/04 2:11 p.m.•5 views

SUSE-SU-2023:3972-1 Security update for python-reportlab

This update for python-reportlab fixes the following issues: - CVE-2019-19450: Fixed an issue which allowed remote code execution via startunichar in paraparser.py evaluating untrusted user input. bsc1215560...

9.8CVSS9.7AI score0.04452EPSS

Exploits0References3

OpenVAS•added 2023/10/02 12:0 a.m.•26 views

Debian: Security Advisory (DLA-3590-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.04452EPSS

Exploits1References4

Tenable Nessus•added 2023/09/30 12:0 a.m.•20 views

Debian dla-3590 : python-renderpm - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3590 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3590-1 [email protected]...

9.8CVSS8.5AI score0.10231EPSS

Exploits2References8

Debian•added 2023/09/29 7:57 p.m.•24 views

[SECURITY] [DLA 3590-1] python-reportlab security update

Debian LTS Advisory DLA-3590-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin September 29, 2023 https://wiki.debian.org/LTS Package : python-reportlab Version : 3.5.13-1+deb10u2 CVE ID : CVE-2019-19450 CVE-2020-28463 Security issues were discovered in...

9.8CVSS7.6AI score0.10231EPSS

Exploits2

RedhatCVE•added 2023/09/22 4:54 a.m.•34 views

CVE-2019-19450

A code injection vulnerability was found in python-reportlab that may allow an attacker to execute code while parsing a unichar element attribute. An application that uses python-reportlab to parse untrusted input files may be vulnerable and could allow remote code execution. Mitigation Mitigatio...

9.8CVSS9.7AI score0.10231EPSS

Exploits1References3

SUSE CVE•added 2023/09/22 2:34 a.m.•1 views

SUSE CVE-2019-19450

paraparser in ReportLab before 3.5.31 allows remote code execution because startunichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with 'unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626...

7.7CVSS8.2AI score0.04452EPSS

Exploits0References5

vulnersOsv•added 2023/09/20 3:30 p.m.•1 views

bookscrape (>=0.0.1.dev1 <=0.0.2b7), codeforlife-portal (>=1.1.1 <=2.28.1) +53 more potentially affected by CVE-2019-19450 via reportlab (>=3.1.44 <=3.5.26)

reportlab PYPI version =3.1.44, =0.0.1.dev1, =1.1.1, =0.7.0, =0.1.0, =0.0.2, =1.1.0, =2.7.0, =2.3.0.18073018, =2.3.0.18070609, =2.3.0.18070422, =0.1.0, =0.733.0, =0.736.0 and more Source cves: CVE-2019-19450 Source advisory: OSV:GHSA-PJ98-2XF6-CFF5...

9.8CVSS7.2AI score0.04452EPSS

Exploits0

Github Security Blog•added 2023/09/20 3:30 p.m.•29 views

ReportLab vulnerable to remote code execution via paraparser

9.8CVSS7.9AI score0.04452EPSS

Exploits0References8Affected Software1

OSV•added 2023/09/20 3:30 p.m.•23 views

GHSA-PJ98-2XF6-CFF5 ReportLab vulnerable to remote code execution via paraparser

9.8CVSS9.9AI score0.04452EPSS

Exploits0References8

OSV•added 2023/09/20 2:15 p.m.•3 views

CVE-2019-19450

9.8CVSS9.7AI score

Exploits0References7

OSV•added 2023/09/20 2:15 p.m.•1 views

DEBIAN-CVE-2019-19450

9.8CVSS9.4AI score0.04452EPSS

Exploits0References1

NVD•added 2023/09/20 2:15 p.m.•22 views

CVE-2019-19450

9.8CVSS9.8AI score0.04452EPSS

Exploits0References7

UbuntuCve•added 2023/09/20 2:15 p.m.•28 views

CVE-2019-19450

9.8CVSS7.8AI score0.04452EPSS

Exploits0References3

Prion•added 2023/09/20 2:15 p.m.•20 views

Remote code execution

7.5CVSS9.6AI score0.10231EPSS

Exploits1References3Affected Software2

OSV•added 2023/09/20 2:15 p.m.•0 views

UBUNTU-CVE-2019-19450

9.8CVSS6.5AI score0.04452EPSS

Exploits0References4

Positive Technologies•added 2023/09/20 12:0 a.m.•3 views

PT-2023-6316 · Reportlab +6 · Reportlab +6

Name of the Vulnerable Software and Affected Versions: ReportLab versions prior to 3.5.31 Description: The issue is related to the start unichar function in paraparser.py, which incorrectly processes XML documents. This allows a remote attacker to execute arbitrary code by crafting a malicious XM...

10CVSS8.5AI score0.10231EPSS

Exploits8References56

CNNVD•added 2023/09/20 12:0 a.m.•3 views

ReportLab Security Breach

ReportLab is an open source engine for creating data-driven PDF documents and custom vector graphics from ReportLab Denmark. A security vulnerability exists in ReportLab versions prior to 3.5.31, which stems from a remote code execution allowed by paraparser, where startunichar in paraparser.py...

9.8CVSS7.9AI score0.04452EPSS

Exploits0References5

CVE•added 2023/09/20 12:0 a.m.•180 views

CVE-2019-19450

CVE-2019-19450 affects the Python library python-reportlab (paraparser.py). A crafted XML document can cause remote code execution because start_unichar evaluates untrusted input in a element. Impact is high (as per CVSS in the entry). Remediation is to upgrade to a version where the issue is fi...

9.8CVSS9.7AI score0.04452EPSS

Exploits0References7Affected Software1