36 matches found
EUVD-2014-5518
Malware in sbrugna...
EUVD-2014-0030
Malware in sbrugna...
EUVD-2015-2189
Malware in sbrugna...
EUVD-2024-46499
Malicious code in bioql PyPI...
Moderate: python-requests security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...
Amazon Linux 2 : python-pip (ALAS-2024-2715)
It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2715 advisory. Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the sa...
Medium: python3.11-pip
Issue Overview: Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to th...
CVE-2024-5261 TLS certificate are not properly verified when utilizing LibreOfficeKit
Improper Certificate Validation vulnerability in LibreOffice "LibreOfficeKit" mode disables TLS certification verification LibreOfficeKit can be used for accessing LibreOffice functionality through C/C++. Typically this is used by third party components to reuse LibreOffice as a library to conver...
OpenStack keystonemiddleware and python-keystoneclient vulnerable to man-in-the-middle attacks
The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...
GHSA-P9WQ-MJH8-Q72M OpenStack keystonemiddleware and python-keystoneclient vulnerable to man-in-the-middle attacks
The s3token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct...
SUSE: Security Advisory (SUSE-SU-2020:0568-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0699-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2020:0699-1 Security update for ovmf
This update for ovmf fixes the following issues: Security issues fixed: - CVE-2019-14563: Fixed a memory corruption caused by insufficient numeric truncation bsc1163959. - CVE-2019-14553: Fixed the TLS certification verification in HTTPS-over-IPv6 boot sequences bsc1153072. - CVE-2019-14559: Fixe...
openSUSE: Security Advisory for ovmf (openSUSE-SU-2020:0314-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : ovmf (openSUSE-2020-314)
This update for ovmf fixes the following issues : Security issues fixed : - CVE-2019-14563: Fixed a memory corruption caused by insufficient numeric truncation bsc1163959. - CVE-2019-14553: Fixed the TLS certification verification in HTTPS-over-IPv6 boot sequences bsc1153072. - CVE-2019-14559:...
SUSE SLES15 Security Update : ovmf (SUSE-SU-2020:0568-1)
This update for ovmf fixes the following issues : Security issues fixed : CVE-2019-14563: Fixed a memory corruption caused by insufficient numeric truncation bsc1163959. CVE-2019-14553: Fixed the TLS certification verification in HTTPS-over-IPv6 boot sequences bsc1153072. CVE-2019-14559: Fixed a...
[USN-2705-1] Keystone vulnerabilities
========================================================================== Ubuntu Security Notice USN-2705-1 August 06, 2015 python-keystoneclient, python-keystonemiddleware vulnerabilities ========================================================================== A security issue affects these...
USN-2705-1: Keystone vulnerabilities
Qin Zhao discovered Keystone disabled certification verification when the "insecure" option is set in a paste configuration paste.ini file regardless of the value, which allows remote attackers to conduct machine-in-the-middle attacks via a crafted certificate. CVE-2014-7144 Brant Knudson...
Ubuntu 14.04 LTS : Keystone vulnerabilities (USN-2705-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2705-1 advisory. Qin Zhao discovered Keystone disabled certification verification when the insecure option is set in a paste configuration paste.ini file regardless of th...
Ubuntu: Security Advisory (USN-2705-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...