Lucene search
+L

82 matches found

Circl
Circl
added 2024/10/10 2:13 a.m.1 views

CVE-2020-8492

creationtimestamp| type| source ---|---|--- 2024-10-10 02:13:54+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/668 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/...

7.1CVSS7.1AI score0.06681EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/07/12 12:0 a.m.54 views

Ubuntu: Security Advisory (USN-6891-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.21443EPSS
Exploits27References2
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.25 views

Rocky Linux 8 : python38:3.8 (RLSA-2020:4641)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4641 advisory. - PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and loadall functions because of a class deserialization issue, e.g., Popen is a...

10CVSS8.4AI score0.12826EPSS
Exploits3References13
Tenable Nessus
Tenable Nessus
added 2023/09/27 12:0 a.m.21 views

Amazon Linux 2 : python38 (ALASPYTHON3.8-2023-006)

The version of python38 installed on the remote host is prior to 3.8.3-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2PYTHON3.8-2023-006 advisory. Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP...

7.1CVSS7.3AI score0.06681EPSS
Exploits1References4
Amazon
Amazon
added 2023/09/25 12:0 a.m.6 views

Medium: python38

Issue Overview: Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic...

7.1CVSS7AI score0.06681EPSS
Exploits1
OSV
OSV
added 2023/08/31 12:14 p.m.2 views

BELL-CVE-2020-8492 CVE-2020-8492 does not affect BellSoft software

Bulletin has no description...

6.5CVSS7.2AI score0.06681EPSS
Exploits1References1
Debian
Debian
added 2023/05/24 5:31 p.m.74 views

[SECURITY] [DLA 3432-1] python2.7 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3432-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler May 24, 2023 https://wiki.debian.org/LTS -...

9.8CVSS9.4AI score0.1885EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2022/11/30 12:0 a.m.51 views

SUSE SLED15: libpython3_6m1_0 / libpython3_6m1_0-32bit / python3 / python3-base / etc (SUSE-SU-2022:4281-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4281-1 advisory. - CVE-2022-37454: Fixed a buffer overflow in hashlib.sha3 implementations. bsc1204577 -...

9.8CVSS7.1AI score0.06681EPSS
Exploits2References12
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/06 2:35 a.m.37 views

Security Bulletin: Vulnerabilities in the Linux Kernel, Samba, Sudo, Python, and tcmu-runner affect IBM Spectrum Protect Plus

Summary Vulnerabilities in the Linux Kernel, Samba, Sudo, Python, and tcmu-runner such as denial of service, elevation of privileges, buffer overflow, directory traversal, information disclosure, and bypassing of security restrictions , may affect IBM Spectrum Protect Plus. UPDATE 28 January 2022...

8.1CVSS0.5AI score0.99295EPSS
Exploits83Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.29 views

AlmaLinux 8 : python3 (ALSA-2020:4433)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4433 advisory. - The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the servertitle field. This occurs in...

7.5CVSS7.1AI score0.12826EPSS
Exploits2References5
Tenable Nessus
Tenable Nessus
added 2021/12/18 12:0 a.m.49 views

Ubuntu 18.04 LTS : Python vulnerabilities (USN-5200-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5200-1 advisory. It was discovered that the urllib.request.AbstractBasicAuthHandler class in Python contains regex allowing for catastrophic backtracking. Specially craft...

7.5CVSS7.1AI score0.11994EPSS
Exploits3References4
Ubuntu
Ubuntu
added 2021/12/17 2:59 p.m.112 views

USN-5200-1: Python vulnerabilities

It was discovered that the urllib.request.AbstractBasicAuthHandler class in Python contains regex allowing for catastrophic backtracking. Specially crafted traffic from a malicious HTTP server could cause a regular expression denial of service ReDoS condition for a client. CVE-2020-8492 It was...

7.5CVSS7AI score0.11994EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.250 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : python3 Multiple Vulnerabilities (NS-SA-2021-0147)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python3 packages installed that are affected by multiple vulnerabilities: - The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the servertitle field. This occur...

7.5CVSS7.1AI score0.12826EPSS
Exploits2References9
OSV
OSV
added 2021/10/22 5:58 p.m.15 views

CLSA-2021-1634925483 Fixed CVEs in python: CVE-2018-20852, CVE-2020-8492, CVE-2020-26116, CVE-2020-27619

Add Oracle Linux distribution in platform.py - CVE-2018-20852: Prefix dot in domain for proper subdomain validation - CVE-2020-8492: Python allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client - CVE-2020-26116: http.client allows CRLF injection if...

9.8CVSS6.9AI score0.08413EPSS
Exploits3References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/14 9:21 p.m.58 views

Security Bulletin: IBM Cognos Analytics with Watson 11.2.1 has addressed multiple vulnerabilities

Summary Security vulnerabilities have been addressed in IBM Cognos Analytics with Watson 11.2.1 Vulnerability Details CVEID: CVE-2017-12620 DESCRIPTION: Apache OpenNLP could allow a remote attacker to obtain sensitive information, caused by an XXE attack when loading models or dictionaries that...

9.8CVSS10.6AI score0.48019EPSS
Exploits11Affected Software1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2020:0510-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.06681EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2020:0467-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.06681EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2020:14306-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS8.2AI score0.06681EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.27 views

SUSE: Security Advisory (SUSE-SU-2020:0557-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.06681EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2020:3865-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.08413EPSS
Exploits2References9
Rows per page
Query Builder