24 matches found
OESA-2026-2391 python-urllib3 security update
HTTP library with thread-safe connection pooling, file post support, sanity friendly, and more. Security Fixes: urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connectionfromurl.urlopen...,...
[SECURITY] Fedora 42 Update: GitPython-3.1.50-1.fc42
GitPython is a python library used to interact with git repositories, high-level like git-porcelain, or low-level like git-plumbing. It provides abstractions of git objects for easy access of repository data, a nd additionally allows you to access the git repository more directly using eith er a...
JLSEC-2026-262 Issue summary: When using the low-level OCB API directly with AES-NI or<br>other hardware...
Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...
CVE-2025-37145
Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...
CVE-2025-37144
Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...
EUVD-2025-34265
Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...
CVE-2025-37145
Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...
CVE-2025-37145
Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...
CVE-2025-37144
Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...
CVE-2025-37145 Authenticated Arbitrary File Download Vulnerabilities in a Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...
CVE-2025-37145 Authenticated Arbitrary File Download Vulnerabilities in a Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...
CVE-2025-37145
CVE-2025-37145 describes an authenticated arbitrary file download vulnerability in the low-level interface library of HPE ArubaOS AOS-10 GW and AOS-8 Controller/Mobility Conductor. The issue allows an authenticated actor to download arbitrary files via crafted requests. Affected products are Arub...
CVE-2025-37144 Authenticated Arbitrary File Download Vulnerabilities in a Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...
CVE-2025-37144 Authenticated Arbitrary File Download Vulnerabilities in a Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface
Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits...
CVE-2025-37144
CVE-2025-37144 describes an authentication-requiring arbitrary file download vulnerability in a low-level interface library of ArubaOS AOS-10 GW and AOS-8 Controller/Mobility Conductor. Exploitation could let an authenticated attacker download arbitrary files through crafted requests. The connect...
PT-2025-41988
Name of the Vulnerable Software and Affected Versions AOS-10 GW affected versions not specified AOS-8 Controller/Mobility Conductor affected versions not specified Description An issue exists in a low-level interface library that could allow an authenticated malicious actor to download arbitrary...
PT-2025-41989
Name of the Vulnerable Software and Affected Versions AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems affected versions not specified Description An issue exists that could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploit...
sequoia-openpgp 安全漏洞
sequoia-openpgp is a Rust library from the individual developer of sequoia-openpgp. A security vulnerability exists in sequoia-openpgp versions prior to 1.21.0, which stems from providing a low-level interface to the OpenPGP implementation that could lead to an infinite loop...
Fedora: Security Advisory for R-rJava (FEDORA-2024-129d8ca6fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: R-rJava-1.0.6-9.fc40
Low-level interface to Java VM very much like .C/.Call and friends. Allows creation of objects, calling methods and accessing fields...