43 matches found
EUVD-2006-0006
Malware in sbrugna...
EUVD-2011-0023
Malware in sbrugna...
EUVD-2007-0242
Malware in sbrugna...
EUVD-2014-0046
Malware in sbrugna...
EUVD-2001-0128
Malware in sbrugna...
EUVD-2005-3322
Malware in sbrugna...
EUVD-2014-0049
Malware in sbrugna...
EUVD-2022-1669
Malicious code in bioql PyPI...
EUVD-2022-4282
Malicious code in bioql PyPI...
EUVD-2022-1838
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-32811
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Zope is an open-source web application server. Zope versions prior to versions 4.6.3 and 5.3 have a remote code execution security issue. In order to be affecte...
CVE-2021-33507
Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService before 2.6.2, as used in Plone through 5.2.4 and other products, allow Reflected XSS...
CVE-2021-32811
Zope is an open-source web application server. Zope versions prior to versions 4.6.3 and 5.3 have a remote code execution security issue. In order to be affected, one must use Python 3 for one's Zope deployment, run Zope 4 below version 4.6.3 or Zope 5 below version 5.3, and have the optional...
Improper Privilege Management
Zope and AccessControl is vulnerable to Improper Privilege Management. The vulnerability is due to anonymous users being able to delete user data in AccessControl.userfolder.UserFolder, potentially preventing privileged access. Users unable to upgrade can mitigate by adding dataroles = to...
dsframework (>=0.1.9 <=0.1.12) potentially affected by CVE-2023-44389 via zope (=5.2.0)
zope PYPI version =5.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on zope and may be impacted: - dsframework =0.1.9, =0.1.12 Source cves: CVE-2023-44389 Source advisory: OSV:PYSEC-2023-193...
PT-2023-28355 · Zope · Zope
Name of the Vulnerable Software and Affected Versions: Zope versions prior to 4.8.10 and 5.8.5 Description: Zope is an open-source web application server with a stored cross site scripting vulnerability for SVG images. The vulnerability can be exploited when an attacker uploads an image and trick...
dsframework (>=0.1.9 <=0.1.12) potentially affected by CVE-2023-41050 via zope (=5.2.0)
zope PYPI version =5.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on zope and may be impacted: - dsframework =0.1.9, =0.1.12 Source cves: CVE-2023-41050 Source advisory: OSV:GHSA-8XV7-89VJ-Q48C...
SUSE CVE-2010-1104
Cross-site scripting XSS vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x before 2.10.11, 2.11.x before 2.11.6, and 2.12.x before 2.12.3 allows remote attackers to inject arbitrary web script or HTML via vectors related to error messages...
GHSA-HM8G-JXJJ-GFM3 Zope allows remote attackers to read arbitrary files
The docutils module in Zope Zope2 2.7.0 through 2.7.9 and 2.8.0 through 2.8.8 does not properly handle web pages with reStructuredText reST markup, which allows remote attackers to read arbitrary files via a csvtable directive, a different vulnerability than CVE-2006-3458...
Zope 安全漏洞
Zope is a set of object-oriented, open source web application servers written in the Python language by the Zope ZOPE community. A security vulnerability exists in Zope that stems from the presence of a remote code execution issue...