65 matches found
zoneminder-rce-poc
just wait and see Proof of concept for an OS command injectio...
NewStart CGSL MAIN 6.06 : python3.11-setuptools Vulnerability (NS-SA-2025-0242)
The remote NewStart CGSL host, running version MAIN 6.06, has python3.11-setuptools packages installed that are affected by a vulnerability: - A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the DownloadFile and DownloadFileWithHeaders functions. An attacker can cause the server to make arbitrary HTTP requests to internal network resources by supplying crafted URLs during the migration...
MiracleLinux 9 : python3.11-setuptools-65.5.1-2.el9_4.1 (AXSA:2024-8653:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8653:01 advisory. pypa/setuptools: Remote code execution via download functions in the packageindex module in pypa/setuptools CVE-2024-6345 Tenable has extracted the preceding...
TencentOS Server 2: python-setuptools (TSSA-2024:0503)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0503 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
EUVD-2024-2330
Malicious code in bioql PyPI...
CVE-2025-9409
CVE-2025-9409 affects lostvip-com ruoyi-go up to version 2.1. The vulnerability is in modules/system/controller/CommonController.go, DownloadTmp/DownloadUpload, where manipulating the fileName parameter enables a path traversal attack. It is exploitable remotely, with publicly released exploits. ...
Security update for python-setuptools
This update for python-setuptools fixes the following issues: CVE-2024-6345: Fixed code execution via download functions in the packageindex module in pypa/setuptools bsc1228105 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...
Huawei EulerOS: Security Advisory for python-setuptools (EulerOS-SA-2024-2894)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-setuptools (EulerOS-SA-2024-2820)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for python-setuptools (EulerOS-SA-2024-2791)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: python3.11-setuptools
Issue Overview: A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptibl...
pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools
A flaw was found in the packageindex module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to co...
pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools
A flaw was found in the packageindex module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to co...
pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools
A flaw was found in the packageindex module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to co...
pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools
A flaw was found in the packageindex module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to co...
pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools
A flaw was found in the packageindex module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to co...
RHEL 8 : resource-agents (RHSA-2024:8172)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:8172 advisory. The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several service...
pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools
A flaw was found in the packageindex module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to co...
Important: python2-setuptools
Issue Overview: A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptibl...