Lucene search
K

13 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/04/29 4:48 p.m.41 views

Security Bulletin: IBM QRadar Assistant App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar Assistant App for IBM QRadar SIEM has addressed the applicable CVEs in an update. Vulnerability Details CVEID:CVE-2023-46136 DESCRIPTION: Pallets...

8.6CVSS8.6AI score0.55526EPSS
Exploits11Affected Software1
vulnersOsv
vulnersOsv
added 2022/05/14 3:46 a.m.3 views

cloudmesh-client (>=4.2.6 <=4.4.0), coil (>=1.2.1 <=1.3.7) +6 more potentially affected by CVE-2016-10516 via werkzeug (>=0.10.1 <=0.11.10)

werkzeug PYPI version =0.10.1, =4.2.6, =1.2.1, =1.0.22, =0.7.12, =1.0.0, =1.1.1, =2.0.1 - typedjsonrpc =0.4.0 Source cves: CVE-2016-10516 Source advisory: OSV:GHSA-H2FP-XGX6-XH6F...

6.1CVSS6.6AI score0.01985EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/11/12 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for python-werkzeug (EulerOS-SA-2021-2671)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.5AI score0.01985EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.37 views

Fedora 27 : python-werkzeug (2017-654136ee16)

Update to 0.12.2 which also fixes CVE-2016-10516 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

6.1CVSS6.7AI score0.01985EPSS
Exploits0References2
Mageia
Mageia
added 2018/01/03 2:22 p.m.32 views

Updated python-werkzeug packages fix security vulnerability

Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message CVE-2016-10516...

3.9AI score
Exploits0References2
OpenVAS
OpenVAS
added 2017/12/04 12:0 a.m.37 views

Fedora Update for python-werkzeug FEDORA-2017-23c3f02995

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.6AI score0.01985EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/12/01 12:0 a.m.33 views

Fedora 26 : python-werkzeug (2017-23c3f02995)

Update to 0.12.2 which also fixes CVE-2016-10516 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

6.1CVSS6.7AI score0.01985EPSS
Exploits0References2
Debian
Debian
added 2017/11/24 10:45 p.m.27 views

[SECURITY] [DLA 1191-1] python-werkzeug security update

Package : python-werkzeug Version : 0.8.3+dfsg-1+deb7u1 CVE ID : CVE-2016-10516 A security issue that allows XSS on the Werkzeug debugger allows remote attackers to inject arbitrary stuff via a field that contains an exception message. For Debian 7 "Wheezy", these problems have been fixed in...

6.1CVSS6.8AI score0.01985EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2017/11/10 8:49 p.m.29 views

CVE-2016-10516

Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 as used in Pallets Flask and other products allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message...

7.1CVSS4AI score0.01985EPSS
Exploits0References1
NVD
NVD
added 2017/10/23 4:29 p.m.19 views

CVE-2016-10516

Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 as used in Pallets Flask and other products allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message...

6.1CVSS6.1AI score0.01985EPSS
Exploits0References3
OSV
OSV
added 2017/10/23 4:29 p.m.30 views

CVE-2016-10516

Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 as used in Pallets Flask and other products allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message...

6.1CVSS6AI score
Exploits0References3
CVE
CVE
added 2017/10/23 4:0 p.m.144 views

CVE-2016-10516

Affected software: Pallets Werkzeug (Python library) used by Flask. Vulnerable path: render_full in debug/tbtools.py. Root cause: improper validation of user-supplied input via an exception message, enabling cross-site scripting (XSS). Impact: remote attacker could inject arbitrary script into a ...

6.1CVSS5.9AI score0.01985EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/10/23 4:0 p.m.28 views

CVE-2016-10516

Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 as used in Pallets Flask and other products allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message...

6AI score0.01985EPSS
Exploits0References3
Rows per page
Query Builder