CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в python-reportlab

The paraparser module in ReportLab before version 3.5.31 allows for remote code execution. This occurs because the startunichar function in paraparser.py evaluates untrusted user input as a Unicode character in a crafted XML document. The input includes the string “'code='” followed by arbitrary...

9.8CVSS7.7AI score0.09484EPSS

Exploits0References2

Tenable Nessus•added 2025/08/27 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2019-19450

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - paraparser in ReportLab before 3.5.31 allows remote code execution because startunichar in paraparser.py evaluates untrusted user input in a unichar element in ...

9.8CVSS9.1AI score0.09484EPSS

Exploits0References2

Tenable Nessus•added 2024/08/06 12:0 a.m.•21 views

EulerOS 2.0 SP5 : python-reportlab (EulerOS-SA-2024-2075)

According to the versions of the python-reportlab package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : paraparser in ReportLab before 3.5.31 allows remote code execution because startunichar in paraparser.py evaluates untrusted user input i...

9.8CVSS9.1AI score0.09484EPSS

Exploits0References2

Tenable Nessus•added 2024/04/29 12:0 a.m.•21 views

Fedora 40 : python-reportlab (2024-dc844d0669)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-dc844d0669 advisory. - Release 4.2.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

9.8CVSS8.3AI score0.09484EPSS

Exploits0References2

Tenable Nessus•added 2023/10/19 12:0 a.m.•29 views

Oracle Linux 8 : python-reportlab (ELSA-2023-5790)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-5790 advisory. 3.4.0-8.1 - python-reportlab: code injection in paraparser.py allows code execution CVE-2019-19450 Tenable has extracted the preceding description block directl...

9.8CVSS8.8AI score0.09484EPSS

Exploits0References2

RedHat Linux•added 2023/10/17 2:1 p.m.•3 views

python-reportlab: code injection in paraparser.py allows code execution

A code injection vulnerability was found in python-reportlab that may allow an attacker to execute code while parsing a unichar element attribute. An application that uses python-reportlab to parse untrusted input files may be vulnerable and could allow remote code execution...

9.8CVSS6.2AI score0.09484EPSS

Exploits0References4

RedHat Linux•added 2023/10/17 1:58 p.m.•3 views

python-reportlab: code injection in paraparser.py allows code execution

9.8CVSS6.2AI score0.09484EPSS

Exploits0References4

RedHat Linux•added 2023/10/10 4:22 p.m.•3 views

python-reportlab: code injection in paraparser.py allows code execution

9.8CVSS6.2AI score0.09484EPSS

Exploits0References4

Tenable Nessus•added 2023/10/10 12:0 a.m.•39 views

Oracle Linux 7 : python-reportlab (ELSA-2023-5616)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5616 advisory. 2.5-11 - Do not evaluate unichar element - Resolves: RHEL-7011 Tenable has extracted the preceding description block directly from the Oracle Linux security...

9.8CVSS8.2AI score0.09484EPSS

Exploits0References2

Tenable Nessus•added 2023/10/05 12:0 a.m.•28 views

Amazon Linux 2 : python-reportlab (ALAS-2023-2285)

The version of python-reportlab installed on the remote host is prior to 2.5-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2285 advisory. paraparser in ReportLab before 3.5.31 allows remote code execution because startunichar in paraparser.py evaluates untruste...

9.8CVSS9.2AI score0.09484EPSS

Exploits0References4

SUSE CVE•added 2023/09/22 2:34 a.m.•1 views

SUSE CVE-2019-19450

paraparser in ReportLab before 3.5.31 allows remote code execution because startunichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with 'unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626...

7.7CVSS8.2AI score0.09484EPSS

Exploits0References5

OSV•added 2023/09/20 3:30 p.m.•23 views

GHSA-PJ98-2XF6-CFF5 ReportLab vulnerable to remote code execution via paraparser

9.8CVSS9.9AI score0.09484EPSS

Exploits0References8

Github Security Blog•added 2023/09/20 3:30 p.m.•27 views

ReportLab vulnerable to remote code execution via paraparser

9.8CVSS7.9AI score0.09484EPSS

Exploits0References8Affected Software1

NVD•added 2023/09/20 2:15 p.m.•21 views

CVE-2019-19450

9.8CVSS9.8AI score0.09484EPSS

Exploits0References7

OSV•added 2023/09/20 2:15 p.m.•2 views

CVE-2019-19450

9.8CVSS9.7AI score

Exploits0References7

OSV•added 2023/09/20 2:15 p.m.•1 views

DEBIAN-CVE-2019-19450

9.8CVSS9.4AI score0.09484EPSS

Exploits0References1

Prion•added 2023/09/20 2:15 p.m.•17 views

Remote code execution

7.5CVSS9.6AI score0.16839EPSS

Exploits1References3Affected Software2

UbuntuCve•added 2023/09/20 2:15 p.m.•28 views

CVE-2019-19450

9.8CVSS7.8AI score0.09484EPSS

Exploits0References3

OSV•added 2023/09/20 2:15 p.m.•0 views

UBUNTU-CVE-2019-19450

9.8CVSS6.5AI score0.09484EPSS

Exploits0References4

CNNVD•added 2023/09/20 12:0 a.m.•1 views

ReportLab Security Breach

ReportLab is an open source engine for creating data-driven PDF documents and custom vector graphics from ReportLab Denmark. A security vulnerability exists in ReportLab versions prior to 3.5.31, which stems from a remote code execution allowed by paraparser, where startunichar in paraparser.py...

9.8CVSS7.9AI score0.09484EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by