actpdf (>=0.1.0 <=0.12.0), agenticmem (>=0.1.4.1 <=0.1.5.0) +212 more potentially affected by CVE-2025-68616 via weasyprint (>=0.28.0 <=67.0.0)

weasyprint PYPI version =0.28.0, =0.1.0, =0.1.4.1, =0.5.0, =0.1.1, =0.1.1, =0.1.0, =0.5.0, =0.3.18, =1.1.0, =0.1.0, =0.1.5 and more Source cves: CVE-2025-68616 Source advisory: SNYK:PYTHON-WEASYPRINT-15035957...

EUVD-2021-16090

Malware in sbrugna...

CVE-2021-29493

Kennnyshiwa-cogs contains cogs for Red Discordbot. An RCE exploit has been found in the Tickets module of kennnyshiwa-cogs. This exploit allows discord users to craft a message that can reveal sensitive and harmful information. Users can upgrade to version 5a84d60018468e5c0346f7ee74b2b4650a6dade7...

GHSA-5JQ8-Q6RJ-9GQ4 Red-DiscordBot vulnerable to Incorrect Authorization in commands API

Impact Due to a bug in Red's Core API, 3rd-party cogs using the @commands.canmanagechannel command permission check without additional permission controls may authorize a user to run a command even when that user doesn't have permissions to manage a channel. None of the core commands or core cogs...

Red-DiscordBot vulnerable to Incorrect Authorization in commands API

Impact Due to a bug in Red's Core API, 3rd-party cogs using the @commands.canmanagechannel command permission check without additional permission controls may authorize a user to run a command even when that user doesn't have permissions to manage a channel. None of the core commands or core cogs...

CVE-2024-39905 Red-DiscordBot vulnerable to Incorrect Authorization in commands API

Red is a fully modular Discord bot. Due to a bug in Red's Core API, 3rd-party cogs using the @commands.canmanagechannel command permission check without additional permission controls may authorize a user to run a command even when that user doesn't have permissions to manage a channel. None of t...

CVE-2024-39905 Red-DiscordBot vulnerable to Incorrect Authorization in commands API

Red is a fully modular Discord bot. Due to a bug in Red's Core API, 3rd-party cogs using the @commands.canmanagechannel command permission check without additional permission controls may authorize a user to run a command even when that user doesn't have permissions to manage a channel. None of t...

aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +411 more potentially affected by CVE-2023-31047 via django (>=4.0.0 <=4.1.8)

django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =0.1.0, =0.0.3, =4.0.9.0, =3.1.1, =3.6.4, =3.7.0 and more Source cves: CVE-2023-31047 Source advisory: OSV:PYSEC-2023-61...

CVE-2021-29493

CVE-2021-29493 concerns kennnyshiwa-cogs (for Red Discordbot), where an RCE vulnerability exists in the Tickets module. The public details describe an exploit that lets a Discord user craft a message to reveal sensitive information. A fixed release is available: upgrade to version 5a84d60018468e5...

CVE-2021-29493 Kennnyshiwa-cogs vulnerable to Remote Code Execution in Tickets Module

Kennnyshiwa-cogs contains cogs for Red Discordbot. An RCE exploit has been found in the Tickets module of kennnyshiwa-cogs. This exploit allows discord users to craft a message that can reveal sensitive and harmful information. Users can upgrade to version 5a84d60018468e5c0346f7ee74b2b4650a6dade7...

tsutils (>=4.0.5 <=5.2.0) potentially affected by CVE-2020-15278 via red-discordbot (=3.0.2)

red-discordbot PYPI version =3.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on red-discordbot and may be impacted: - tsutils =4.0.5, =5.2.0 Source cves: CVE-2020-15278 Source advisory: OSV:PYSEC-2020-267...

tsutils (>=4.0.5 <=5.2.0) potentially affected by CVE-2020-15278 via red-discordbot (=3.0.2)

red-discordbot PYPI version =3.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on red-discordbot and may be impacted: - tsutils =4.0.5, =5.2.0 Source cves: CVE-2020-15278 Source advisory: OSV:GHSA-MP9M-G7QJ-6VQR...

tsutils (>=4.0.5 <=5.2.0) potentially affected by CVE-2020-15140 via red-discordbot (=3.0.2)

red-discordbot PYPI version =3.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on red-discordbot and may be impacted: - tsutils =4.0.5, =5.2.0 Source cves: CVE-2020-15140 Source advisory: OSV:PYSEC-2020-265...

tsutils (>=4.0.5 <=5.2.0) potentially affected by CVE-2020-15147 via red-discordbot (=3.0.2)

red-discordbot PYPI version =3.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on red-discordbot and may be impacted: - tsutils =4.0.5, =5.2.0 Source cves: CVE-2020-15147 Source advisory: OSV:GHSA-7257-96VG-QF6X...

Remote Code Execution in Red Discord Bot

Impact A RCE exploit has been discovered in the Streams module: this exploit allows Discord users with specifically crafted "going live" messages to inject code into the Streams module's going live message. By abusing this exploit, it's possible to perform destructive actions and/or access...

tsutils (>=4.0.5 <=5.2.0) potentially affected by CVE-2020-15140 via red-discordbot (=3.0.2)

red-discordbot PYPI version =3.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on red-discordbot and may be impacted: - tsutils =4.0.5, =5.2.0 Source cves: CVE-2020-15140 Source advisory: OSV:GHSA-55J9-849X-26H4...