Lucene search
K

678 matches found

OSV
OSV
added 2026/03/25 10:16 a.m.8 views

SUSE-SU-2026:1028-1 Security update for salt

This update for salt fixes the following issues: - Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

7.5CVSS6.8AI score0.01525EPSS
Exploits0References12
OSV
OSV
added 2026/03/25 10:15 a.m.2 views

SUSE-SU-2026:1027-1 Security update for salt

This update for salt fixes the following issues: - Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

7.5CVSS7AI score0.01525EPSS
Exploits0References12
OSV
OSV
added 2026/03/25 10:10 a.m.2 views

SUSE-SU-2026:1012-1 Security update 5.0.7 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

7.8CVSS5.9AI score0.01525EPSS
Exploits0References16
BDU FSTEC
BDU FSTEC
added 2026/03/25 12:0 a.m.1 views

The vulnerability of the command-line tool for working with Wheel files is related to incorrect path name restrictions, which allows attackers to escalate their privileges or execute arbitrary code.

The vulnerability of the command-line tool for working with Wheel files is related to an incorrect limitation on the path name to the directory. Exploiting this vulnerability can allow an attacker to increase their privileges or execute arbitrary code...

7.1CVSS7AI score0.00311EPSS
Exploits2References3Affected Software2
OSV
OSV
added 2026/03/24 6:24 a.m.3 views

OPENSUSE-SU-2026:20412-1 Security update for salt

This update for salt fixes the following issues: Changes in salt: - Security issues fixed: CVE-2025-67724: fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: fixed HTTP header parameter parsing algorithm...

7.5CVSS5.9AI score0.01525EPSS
Exploits0References10
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/23 7:39 p.m.7 views

Security Bulletin: Vulnerabilities in wheel affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in wheel has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2026-24049 DESCRIPTION: wheel is a...

7.1CVSS7.4AI score0.00311EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/20 12:0 a.m.5 views

Fedora 44 : python3.6 (2026-cb86172c17)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-cb86172c17 advisory. Rebuilt for improvements of %pythonwheelinjectsbom in python-rpm-macros-3.14-11. ---- Security fix for CVE-2025-12084 Tenable has extracted the preceding...

6.3CVSS5.9AI score0.00708EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/19 6:10 p.m.10 views

skia-python vendors vulnerable libfreetype because of pinned cibuildwheel version

Impact The Linux wheels for skia-python vendor a vulnerable version of libfreetype that is affected by CVE-2025-27363 1. The root cause is a chain of unfortunate events: 1. skia-python builds wheels using pinned pypa/[email protected] 2 2. cibuildwheel 2.21.3 in turn pins manylinux container...

8.1CVSS6.7AI score0.26049EPSS
Exploits1References3Affected Software1
Redos
Redos
added 2026/03/10 12:0 a.m.8 views

ROS-20260310-73-0035

Vulnerability in python-wheel related to incorrect path name restriction to a restricted directory. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...

7.1CVSS5.8AI score0.00311EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2026/03/06 4:36 p.m.5 views

wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking

A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the...

7.1CVSS6.3AI score0.00311EPSS
Exploits2References7
RedHat Linux
RedHat Linux
added 2026/03/06 11:0 a.m.3 views

wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking

A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the...

7.1CVSS6.3AI score0.00311EPSS
Exploits2References7
RedHat Linux
RedHat Linux
added 2026/03/06 11:0 a.m.9 views

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.6 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

8.5CVSS7.2AI score0.09436EPSS
Exploits4References18
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.7 views

TencentOS Server 4: python-wheel (TSSA-2026:0103)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0103 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7.1CVSS6.2AI score0.00311EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.8 views

TencentOS Server 4: python-pip (TSSA-2026:0096)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0096 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

2CVSS6AI score0.0039EPSS
Exploits1References2
OSV
OSV
added 2026/02/28 12:44 p.m.12 views

OESA-2026-1448 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 6 Summary: A...

8.9CVSS5.9AI score0.02667EPSS
Exploits1References3
OSV
OSV
added 2026/02/28 12:44 p.m.8 views

OESA-2026-1447 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 6 Summary: A...

8.9CVSS7.2AI score0.02667EPSS
Exploits1References3
OSV
OSV
added 2026/02/28 12:44 p.m.19 views

OESA-2026-1446 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 6 Summary: A...

2CVSS5.9AI score0.0039EPSS
Exploits1References2
OSV
OSV
added 2026/02/28 12:44 p.m.6 views

OESA-2026-1444 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 6 Summary: A...

8.9CVSS5.9AI score0.02667EPSS
Exploits1References3
OSV
OSV
added 2026/02/28 12:44 p.m.14 views

OESA-2026-1443 python-pip security update

pip is the package installer for Python. You can use pip to install packages from the Python Package Index and other indexes. %global bashcompdir %b=$pkg-config --variable=completionsdir bash-completion 2/dev/null; echo $b:-/bashcompletion.d Name: python-pip Version: 23.3.1 Release: 6 Summary: A...

8.9CVSS7.2AI score0.02667EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/27 11:37 a.m.12 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses transformers-4.53.0-py3-none-any.whl which is vulnerable to multiple CVEs.

Summary IBM Maximo Application Suite - Monitor Component uses transformers-4.53.0-py3-none-any.whl which is vulnerable to CVE-2025-14920, CVE-2025-14921, CVE-2025-14926, CVE-2025-14927, CVE-2025-14924, CVE-2025-14928, CVE-2025-14929, CVE-2025-14930. This bulletin contains information addressing t...

7.8CVSS6.3AI score0.00315EPSS
Exploits0Affected Software1
Rows per page
Query Builder