Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:50 a.m.7 views

CVE-2022-42042

The d8s-networking package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hashes package. The affected version is 0.1.0...

9.8CVSS6.9AI score0.01168EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-0395

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.01033EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 11:39 p.m.6 views

CVE-2022-40431

The d8s-pdfs for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...

9.8CVSS9.3AI score0.01033EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2024/09/03 11:45 a.m.4 views

golang: net: malformed DNS message can cause infinite loop

A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service DoS conditions...

5.9CVSS7.3AI score0.01001EPSS
Exploits0References5
OSV
OSV
added 2022/10/11 10:15 p.m.14 views

PYSEC-2022-43028

The d8s-networking package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hashes package. The affected version is 0.1.0...

9.8CVSS5.9AI score0.01168EPSS
Exploits1References3
Veracode
Veracode
added 2022/09/20 6:13 a.m.26 views

Arbitrary Code Execution

d8sipaddresses is vulnerable to arbitrary code execution. The vulnerability exists because the democritus-networking package of a specific version of d8s-archives acts as a potential code execution backdoor which allows an attacker to inject and execute malicious codes in to the system...

9.8CVSS9.6AI score0.01033EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2022/09/19 3:17 p.m.64 views

CVE-2022-40426

CVE-2022-40426 concerns the PyPI package d8s-asns (the democritus-networking backdoor) in version 0.1.0. The backdoor inserted by a third party enables potential code execution and is described as a backdoor in the affected Python deployment. The connected records consistently describe a code-exe...

9.8CVSS9.4AI score0.01033EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/09/19 3:15 p.m.54 views

CVE-2022-40425

The CVE-2022-40425 entry refers to the PyPI package d8s-html (Python) where version 0.1.0 bundles a backdoor via the third‑party democritus-networking package. The vulnerability is described as potential remote code execution with a high impact across confidentiality, integrity, and availability ...

9.8CVSS9.4AI score0.01033EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/09/19 3:8 p.m.28 views

CVE-2022-40429

The d8s-ip-addresses for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...

9.7AI score0.01033EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/09/19 2:43 p.m.20 views

CVE-2022-40424

The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-networking package. The affected version of d8s-urls is 0.1.0...

9.9AI score0.01033EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/09/19 12:0 a.m.3 views

PT-2022-37375 · Unknown +1 · Democritus-Networking +1

Name of the Vulnerable Software and Affected Versions: d8s-asns version 0.1.0 Description: The d8s-asns package for Python contains a potential code-execution backdoor. This backdoor is attributed to the democritus-networking package, which was inserted by a third party. Recommendations: For...

9.8CVSS7.2AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/09/19 12:0 a.m.7 views

PT-2022-25377 · Unknown +1 · Democritus-Networking +1

Name of the Vulnerable Software and Affected Versions: d8s-mpeg version 0.1.0 Description: The d8s-mpeg for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. Recommendations: For version 0.1.0...

9.8CVSS9.6AI score0.01033EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2022/09/14 12:0 a.m.6 views

The vulnerability of the Samba networking communication package, related to an unvalidated error state, allows a intruder to trigger a service failure.

The vulnerability of the Samba networking communication package is related to an unvalidated error condition. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

6.8CVSS6.5AI score0.0218EPSS
Exploits0References11Affected Software5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2020-0314)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.01933EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2020/11/05 12:0 a.m.17 views

Huawei EulerOS: Security Advisory for glib-networking (EulerOS-SA-2020-2466)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.01933EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2019/11/19 12:0 a.m.16 views

The vulnerability of the Samba networking communication package lies in its susceptibility to resource exhaustion by the system, allowing attackers to trigger a service failure.

The vulnerability of the Samba networking communication package is related to the exhaustion of system resources. Exploiting this vulnerability can allow a hacker to cause service failures by initiating multiple connections...

6.2CVSS5.5AI score
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2017/04/08 12:0 a.m.5 views

PT-2017-10803 · Go +3 · Net/Http Package +3

Name of the Vulnerable Software and Affected Versions: net/http package affected versions not specified Description: The issue arises when the net/http package's Request.ParseMultipartForm method handles large multipart requests, potentially leading to a denial-of-service situation. An attacker c...

7.5CVSS5.1AI score0.02225EPSS
Exploits0References26
OpenVAS
OpenVAS
added 2016/03/01 12:0 a.m.8 views

Ubuntu: Security Advisory (USN-2913-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References3
Rows per page
Query Builder