Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2026/03/31 12:0 a.m.3 views

Parse Server 竞争条件问题漏洞

Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that runs Node.js. There were vulnerabilities due to concurrency issues in versions of Parse Server prior to 8.6.65 and 9.7.0-alpha.9. These vulnerabilities stemmed from the sensitive...

8.2CVSS5.8AI score0.00023EPSS
Exploits0References5
Oracle linux
Oracle linuxadded 2024/01/18 12:0 a.m.366 views

python-cryptography security update

36.0.1-4.0.1 - Fix CVE-2023-49083: NULL-dereference when loading PKCS7 certificates Orabug: 36119159 36.0.1-4 - Fix FTBFS caused by rsapkcs1implicitrejection OpenSSL feature, resolves rhbz2203840 36.0.1-3 - Fix CVE-2023-23931: Don't allow updateinto to mutate immutable objects, resolves rhbz21723...

7.5CVSS8AI score0.01255EPSS
Exploits2
Tenable Nessus
Tenable Nessusadded 2023/11/16 12:0 a.m.29 views

Oracle Linux 9 : python-cryptography (ELSA-2023-6615)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-6615 advisory. - Fix CVE-2023-23931: Don't allow updateinto to mutate immutable objects, resolves rhbz2172399 Tenable has extracted the preceding description block directly fr...

6.5CVSS6.7AI score0.00688EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2023/02/20 2:29 p.m.37 views

CVE-2023-23931

A vulnerability was found in python-cryptography. In affected versions, Cipher.updateinto would accept Python objects which implement the buffer protocol but provide only immutable buffers. This issue allows immutable objects such as bytes to be mutated, thus violating the fundamental rules of...

6.5CVSS6.7AI score0.00688EPSS
Exploits1References4
NVD
NVDadded 2023/02/07 9:15 p.m.18 views

CVE-2023-23931

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects such as bytes to b...

6.5CVSS6.4AI score0.00688EPSS
Exploits1References4
Veracode
Veracodeadded 2017/02/08 5:58 a.m.12 views

Malicious Code Vulnerability Due To Allowing Access To Mutable Objects

gateway is vulnerable to a malicious code vulnerability. The vulnerability exists because it is allowing access to mutable objects by not using final keyword appropriately in the code...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2012/09/06 12:0 a.m.23 views

Mandrake Linux Security Advisory : Zope (MDKSA-2000:043)

The exploit that was not fixed with the previous Zope hotfix involves the getRoles method of user objects contained in the default UserFolder implementation returning a mutable Python type. Because the mutable object is still associated with the persistent User object, users with the ability to...

5.5AI score
Exploits0
OpenVAS
OpenVASadded 2008/01/17 12:0 a.m.15 views

Debian Security Advisory DSA 043-1 (zope)

The remote host is missing an update to zope announced via advisory DSA 043-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.1CVSS7.1AI score0.00131EPSS
Exploits0References1
Rows per page
Query Builder