Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

F5 Networks
F5 Networksadded 2026/01/14 4:3 p.m.12 views

K000159546: Python vulnerability CVE-2024-5642

Security Advisory Description CPython 3.9 and earlier doesn't disallow configuring an empty list "" for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of...

6.5CVSS7.2AI score0.00187EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2026/01/09 12:0 a.m.4 views

Siemens Ruggedcom ROX Improper Input Validation (CVE-2024-5642)

CPython 3.9 and earlier doesn't disallow configuring an empty list for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity due to NPN being not...

9.1CVSS7.2AI score0.06873EPSS
Exploits1References3
RedHat Linux
RedHat Linuxadded 2025/12/18 1:35 a.m.4 views

python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used

A vulnerability was found in Python/CPython that does not disallow configuring an empty list "" for SSLContext.setnpnprotocols, which is an invalid value for the underlying OpenSSL API. This issue results in a buffer over-read when NPN is used. See CVE -2024-5535 for OpenSSL for more information...

6.5CVSS7.5AI score0.00187EPSS
Exploits1References5
OSV
OSVadded 2025/11/07 12:31 p.m.2 views

OESA-2025-2637 python3 security update

Security Fixes: CPython 3.9 and earlier doesn't disallow configuring an empty list "" for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity d...

6.5CVSS6.9AI score0.00187EPSS
Exploits1References2
OSV
OSVadded 2025/11/07 12:31 p.m.2 views

OESA-2025-2638 python3 security update

Security Fixes: CPython 3.9 and earlier doesn't disallow configuring an empty list "" for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity d...

6.5CVSS6.9AI score0.00187EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-46822

Malicious code in bioql PyPI...

9.1CVSS7AI score0.06873EPSS
Exploits1References7
Microsoft CVE
Microsoft CVEadded 2025/09/04 12:29 a.m.2 views

Buffer overread when using an empty list with SSLContext.set_npn_protocols()

...

6.5CVSS7AI score0.00187EPSS
Exploits1
Amazon
Amazonadded 2025/02/04 12:0 a.m.34 views

Medium: python3

Issue Overview: CPython 3.9 and earlier doesn't disallow configuring an empty list for SSLContext.setnpnprotocols which is an invalid value for the underlying OpenSSL API. This results in a buffer over-read when NPN is used see CVE-2024-5535 for OpenSSL. This vulnerability is of low severity due ...

9.1CVSS7.8AI score0.06873EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2025/02/04 12:0 a.m.17 views

Amazon Linux 2 : python (ALAS-2025-2744)

The version of python installed on the remote host is prior to 2.7.18-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2744 advisory. CPython 3.9 and earlier doesn't disallow configuring an empty list for SSLContext.setnpnprotocols which is an invalid value for the...

9.1CVSS7.3AI score0.06873EPSS
Exploits1References4
Rows per page
Query Builder