Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

95 matches found

OPENSUSE Linux
OPENSUSE Linuxadded 2026/03/27 12:0 a.m.7 views

Security update for python-nltk (important)

openSUSE Security Update: Security update for python-nltk Announcement ID: openSUSE-SU-2026:0098-1 Rating: important References: 1260066 1260067 1260068 Cross-References: CVE-2026-33230 CVE-2026-33231 CVE-2026-33236 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes three...

8.1CVSS5.8AI score0.00022EPSS
Exploits3References3
RedhatCVE
RedhatCVEadded 2026/03/23 6:52 a.m.5 views

CVE-2026-33236

A flaw was found in NLTK Natural Language Toolkit, a suite of open-source Python modules for Natural Language Processing. The NLTK downloader does not validate subdir and id attributes when processing remote XML index files. A remote attacker can exploit this path traversal vulnerability by...

8.1CVSS6AI score0.00022EPSS
Exploits1References5
OSV
OSVadded 2026/03/19 12:42 p.m.1 views

GHSA-469J-VMHF-R6V7 NLTK has a Downloader Path Traversal Vulnerability (AFO) - Arbitrary File Overwrite

Vulnerability Description The NLTK downloader does not validate the subdir and id attributes when processing remote XML index files. Attackers can control a remote XML index server to provide malicious values containing path traversal sequences such as ../, which can lead to: 1. Arbitrary Directo...

8.1CVSS6AI score0.00022EPSS
Exploits1References4
Github Security Blog
Github Security Blogadded 2026/03/19 12:42 p.m.8 views

NLTK has a Downloader Path Traversal Vulnerability (AFO) - Arbitrary File Overwrite

Vulnerability Description The NLTK downloader does not validate the subdir and id attributes when processing remote XML index files. Attackers can control a remote XML index server to provide malicious values containing path traversal sequences such as ../, which can lead to: 1. Arbitrary Directo...

8.1CVSS6AI score0.00022EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologiesadded 2026/03/19 12:0 a.m.1 views

PT-2026-26300

Name of the Vulnerable Software and Affected Versions NLTK versions 3.9.3 and prior Description NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. The NLTK downloader does not validat...

8.1CVSS6AI score0.00022EPSS
Exploits1References25
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2001-0244

Malware in sbrugna...

7.5CVSS6.4AI score0.11056EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-1999-1378

Malware in sbrugna...

7.5CVSS6.4AI score0.01968EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-12773

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.08179EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-0096

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00845EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2025/05/22 11:25 p.m.3 views

CVE-2022-39280

dparse is a parser for Python dependency files. dparse in versions before 0.5.2 contain a regular expression that is vulnerable to a Regular Expression Denial of Service. All the users parsing index server URLs with dparse are impacted by this vulnerability. A patch has been applied in version...

7.5CVSS7.5AI score0.00845EPSS
Exploits0References1
Veracode
Veracodeadded 2022/10/07 12:34 p.m.18 views

Regular Expression Denial Of Service (ReDoS)

dparse is vulnerable to regular expression denial of service. The vulnerability exists due to improper regex parsing in index server URLs which allows a malicious attacker to cause a denial of service...

7.5CVSS7AI score0.00845EPSS
Exploits0References7Affected Software1
OSV
OSVadded 2022/10/06 6:16 p.m.0 views

PYSEC-2022-301

dparse is a parser for Python dependency files. dparse in versions before 0.5.2 contain a regular expression that is vulnerable to a Regular Expression Denial of Service. All the users parsing index server URLs with dparse are impacted by this vulnerability. A patch has been applied in version...

7.5CVSS6.9AI score0.00845EPSS
Exploits0References4
PyPA
PyPAadded 2022/10/06 6:16 p.m.7 views

PYSEC-2022-301

dparse is a parser for Python dependency files. dparse in versions before 0.5.2 contain a regular expression that is vulnerable to a Regular Expression Denial of Service. All the users parsing index server URLs with dparse are impacted by this vulnerability. A patch has been applied in version...

7.5CVSS7AI score0.00845EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2022/10/06 12:0 a.m.9 views

CVE-2022-39280 Regular expression denial of service in dparse

dparse is a parser for Python dependency files. dparse in versions before 0.5.2 contain a regular expression that is vulnerable to a Regular Expression Denial of Service. All the users parsing index server URLs with dparse are impacted by this vulnerability. A patch has been applied in version...

5.9CVSS7.5AI score0.00845EPSS
Exploits0References6
Cvelist
Cvelistadded 2022/10/06 12:0 a.m.14 views

CVE-2022-39280 Regular expression denial of service in dparse

dparse is a parser for Python dependency files. dparse in versions before 0.5.2 contain a regular expression that is vulnerable to a Regular Expression Denial of Service. All the users parsing index server URLs with dparse are impacted by this vulnerability. A patch has been applied in version...

5.9CVSS7.6AI score0.00845EPSS
Exploits0References4
OSV
OSVadded 2022/09/27 3:28 p.m.0 views

GHSA-8FG9-P83M-X5PQ ReDoS issue in dparse

Impact dparse versions prior to 0.5.1 contain a regular expression that is vulnerable to ReDoS Regular Expression Denial of Service. All users parsing index server URLs with dparse are impacted by this vulnerability. Patches The Patch is applied in the 0.5.2 version, all users are recommended to...

8.2CVSS7AI score0.00845EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2022/09/27 12:0 a.m.3 views

PT-2022-24866 · Pypi · Dparse

Name of the Vulnerable Software and Affected Versions: dparse versions prior to 0.5.2 Description: dparse is a parser for Python dependency files. The issue concerns a regular expression that is vulnerable to a Regular Expression Denial of Service ReDoS. All users parsing index server URLs with...

8.2CVSS7.3AI score0.00845EPSS
Exploits0References12
NVD
NVDadded 2022/01/10 9:15 p.m.12 views

CVE-2022-21668

pipenv is a Python development workflow tool. Starting with version 2018.10.9 and prior to version 2022.1.8, a flaw in pipenv's parsing of requirements files allows an attacker to insert a specially crafted string inside a comment anywhere within a requirements.txt file, which will cause victims...

9.3CVSS0.01476EPSS
Exploits1References6
ATTACKERKB
ATTACKERKBadded 2022/01/10 9:15 p.m.7 views

CVE-2022-21668

pipenv is a Python development workflow tool. Starting with version 2018.10.9 and prior to version 2022.1.8, a flaw in pipenv's parsing of requirements files allows an attacker to insert a specially crafted string inside a comment anywhere within a requirements.txt file, which will cause victims...

9.3CVSS7.9AI score0.01476EPSS
Exploits1References10Affected Software1
OSV
OSVadded 2022/01/10 9:15 p.m.1 views

UBUNTU-CVE-2022-21668

pipenv is a Python development workflow tool. Starting with version 2018.10.9 and prior to version 2022.1.8, a flaw in pipenv's parsing of requirements files allows an attacker to insert a specially crafted string inside a comment anywhere within a requirements.txt file, which will cause victims...

8.6CVSS6.5AI score0.01476EPSS
Exploits1References5
Rows per page
Query Builder