Lucene search
K

15 matches found

vulnersOsv
vulnersOsv
added 2022/05/17 3:46 a.m.3 views

django-pesapal (>=0.2.0 <=0.3.4) potentially affected by CVE-2013-4346 via oauth2 (=1.5.211)

oauth2 PYPI version =1.5.211 is affected by a known vulnerability. The following packages have a transitive dependency on oauth2 and may be impacted: - django-pesapal =0.2.0, =0.3.4 Source cves: CVE-2013-4346 Source advisory: OSV:GHSA-4433-4CXQ-VV73...

4.3CVSS5.8AI score0.02409EPSS
Exploits0
Veracode
Veracode
added 2019/05/02 5:42 a.m.32 views

Man-In-The-Middle (MitM)

Red Hat Satellite is a systems management tool for Linux-based infrastructures. It allows for provisioning, remote management and monitoring of multiple Linux deployments with a single, centralized tool. It performs provisioning and configuration management of predefined standard operating...

6CVSS5.4AI score0.0243EPSS
Exploits1References15Affected Software181
Tenable Nessus
Tenable Nessus
added 2015/09/01 12:0 a.m.35 views

RHEL 6 : Red Hat Satellite 6.1.1 on RHEL 6 (Important) (RHSA-2015:1592)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1592 advisory. Red Hat Product Security has rated this update as having an important security impact. Common Vulnerability Scoring System CVSS base scores,...

6.5CVSS6.2AI score0.0243EPSS
Exploits1References552
RedHat Linux
RedHat Linux
added 2015/08/12 5:4 a.m.46 views

Important: Red Hat Security Advisory: Red Hat Satellite 6.1.1 on RHEL 6

Red Hat Satellite 6.1 now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having an important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for each vulnerability from the CVE...

6.5CVSS6.5AI score0.0243EPSS
Exploits1References543
Tenable Nessus
Tenable Nessus
added 2014/11/03 12:0 a.m.22 views

Fedora 21 : python-oauth2-1.5.211-8.fc21 (2014-12483)

Actually apply patch to fix CVE-2013-4347 thanks to Jason Green, Matt Wilson. Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski. Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski. Note that Tenable Network Security has extracted the preceding description block direct...

5.8CVSS5.3AI score0.0243EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/10/29 12:0 a.m.24 views

Fedora 19 : python-oauth2-1.5.211-8.fc19 (2014-12536)

Actually apply patch to fix CVE-2013-4347 thanks to Jason Green, Matt Wilson. Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski. Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski. Note that Tenable Network Security has extracted the preceding description block direct...

5.8CVSS5.3AI score0.0243EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/10/29 12:0 a.m.19 views

Fedora 20 : python-oauth2-1.5.211-8.fc20 (2014-12475)

Actually apply patch to fix CVE-2013-4347 thanks to Jason Green, Matt Wilson. Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski. Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski. Note that Tenable Network Security has extracted the preceding description block direct...

5.8CVSS5.3AI score0.0243EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2014/10/29 12:0 a.m.13 views

Fedora Update for python-oauth2 FEDORA-2014-12475

Check the version of python-oauth2 SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868433";...

6.3AI score
Exploits0References2
Amazon
Amazon
added 2014/10/14 12:0 a.m.30 views

Medium: python-oauth2

Issue Overview: The Server.verifyrequest function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL. The 1 makenonce, 2 generatenonce, and 3 generateverifier functions in SimpleGeo python-oauth2 uses weak random numbers t...

5.8CVSS6.7AI score0.0243EPSS
Exploits0
OpenVAS
OpenVAS
added 2014/10/01 12:0 a.m.17 views

Fedora Update for python-oauth2 FEDORA-2014-10786

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/09/29 12:0 a.m.31 views

Fedora 21 : python-oauth2-1.5.211-7.fc21 (2014-10809)

Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

5.8CVSS5.3AI score0.0243EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/09/29 12:0 a.m.20 views

Fedora 19 : python-oauth2-1.5.211-7.fc19 (2014-10784)

Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

5.8CVSS5.3AI score0.0243EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/09/29 12:0 a.m.19 views

Fedora 20 : python-oauth2-1.5.211-7.fc20 (2014-10786)

Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

5.8CVSS5.3AI score0.0243EPSS
Exploits0References5
NVD
NVD
added 2014/05/20 2:55 p.m.17 views

CVE-2013-4346

The Server.verifyrequest function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL...

4.3CVSS6.4AI score0.02409EPSS
Exploits0References3
CVE
CVE
added 2014/05/20 2:0 p.m.75 views

CVE-2013-4346

CVE-2013-4346 affects python-oauth2 used by SimpleGeo; it stems from Server.verify_request not checking the nonce, enabling replay through a signed URL. Public references (GHSA entry) confirm the nonce verification flaw and potential replay risk. Connected advisories (RHSA entries for Red Hat Sat...

4.3CVSS6.3AI score0.02409EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder