Lucene search
K

79 matches found

Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.3 views

Siemens SIMATIC S7-1500 Improper Neutralization of CRLF Sequences (CVE-2019-9740)

An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n specifically in the query string after a ? charact...

6.1CVSS6.8AI score0.05328EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.20 views

Linux Distros Unpatched Vulnerability : CVE-2019-9740

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a ur...

6.1CVSS7.1AI score0.05328EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/07/12 12:0 a.m.52 views

Ubuntu: Security Advisory (USN-6891-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.23293EPSS
Exploits27References2
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.36 views

RHEL 6 / 7 : rh-python36-python (RHSA-2019:3725)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3725 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high leve...

9.1CVSS6.8AI score0.20743EPSS
Exploits7References24
Tenable Nessus
Tenable Nessus
added 2023/10/08 12:0 a.m.33 views

Debian dla-3610 : python-urllib3 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3610 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3610-1 [email protected]...

9.8CVSS7.2AI score0.0642EPSS
Exploits3References16
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.33 views

Oracle Linux 8 : python3 (ELSA-2019-3520)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3520 advisory. - Fix for CVE-2019-10160 Resolves: rhbz1689318 - Security fix for CVE-2019-9948 Resolves: rhbz1714643 - Fixes CVE-2019-9740 and CVE-2019-9947 Resolves:...

9.8CVSS7.2AI score0.20743EPSS
Exploits4References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.26 views

Mageia: Security Advisory (MGASA-2019-0318)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.11844EPSS
Exploits4References7
OpenVAS
OpenVAS
added 2021/09/12 12:0 a.m.26 views

Python 2.x < 2.7.17, 3.x < 3.5.8, 3.6.x < 3.6.9, 3.7.x < 3.7.4 HTTP Header Injection Vulnerability (bpo-30458) - Linux

Python is prone to a HTTP header injection vulnerability follow-up of CVE-2016-5699. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.1CVSS8.1AI score0.09887EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2021/09/12 12:0 a.m.35 views

Python 2.x < 2.7.17, 3.x < 3.5.8, 3.6.x < 3.6.9, 3.7.x < 3.7.4 HTTP Header Injection Vulnerability (bpo-30458) - Mac OS X

Python is prone to a HTTP header injection vulnerability follow-up of CVE-2016-5699. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.1CVSS8.1AI score0.09887EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2019:2370-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.05328EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.22 views

SUSE: Security Advisory (SUSE-SU-2019:2332-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.05328EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2020/08/31 12:0 a.m.31 views

Amazon Linux AMI : python34, python35 (ALAS-2020-1429)

The version of python34 installed on the remote host is prior to 3.4.10-1.51. The version of python35 installed on the remote host is prior to 3.5.9-1.27. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1429 advisory. In Lib/tarfile.py in Python through 3.8.3...

7.5CVSS7.2AI score0.06304EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2020/08/31 12:0 a.m.47 views

Amazon Linux AMI : python36 (ALAS-2020-1428)

The version of python36 installed on the remote host is prior to 3.6.11-1.18. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1428 advisory. In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when...

7.5CVSS7.2AI score0.06304EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2020/08/24 12:0 a.m.34 views

Debian DLA-2337-1 : python2.7 security update

Multiple vulnerabilities were discovered in Python2.7, an interactive high-level object-oriented language. CVE-2018-20852 By using a malicious server an attacker might steal cookies that are meant for other domains. CVE-2019-5010 NULL pointer dereference using a specially crafted X509 certificate...

9.8CVSS7.2AI score0.20743EPSS
Exploits5References12
Debian
Debian
added 2020/08/22 2:48 p.m.130 views

[SECURITY] [DLA 2337-1] python2.7 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2337-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz August 22, 2020 https://wiki.debian.org/LTS -...

9.8CVSS8.7AI score0.20743EPSS
Exploits5
Veracode
Veracode
added 2020/08/06 9:34 p.m.1695 views

CRLF Injection

urllib2 in python2 is vulnerable to CRLF injection. The vulnerability exists if an attacker controls a URL parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n specifically in the host component of a URL followed by an HTTP header. This vulnerability is similar to...

6.1CVSS2.6AI score0.05406EPSS
Exploits2References18Affected Software14
Tenable Nessus
Tenable Nessus
added 2020/07/30 12:0 a.m.60 views

Amazon Linux AMI : python27, python34, python35, python36 (ALAS-2020-1407)

The version of python27 installed on the remote host is prior to 2.7.18-1.138. The version of python34 installed on the remote host is prior to 3.4.10-1.50. The version of python35 installed on the remote host is prior to 3.5.7-1.26. The version of python36 installed on the remote host is prior t...

7.1CVSS7.4AI score0.06617EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2020/07/17 12:0 a.m.49 views

Debian: Security Advisory (DLA-2280-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.20743EPSS
Exploits8References4
Debian
Debian
added 2020/07/15 10:0 a.m.92 views

[SECURITY] [DLA 2280-1] python3.5 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2280-1 [email protected] https://www.debian.org/lts/security/ July 15, 2020 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package :...

9.8CVSS9.3AI score0.20743EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2020/06/17 12:0 a.m.33 views

EulerOS 2.0 SP2 : python-urllib3 (EulerOS-SA-2020-1643)

According to the versions of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the...

6.1CVSS7.3AI score0.05328EPSS
Exploits2References3
Rows per page
Query Builder