31 matches found
Astra Linux - уязвимость в python2.7, python3.7, pypy
A XXE issue was discovered in Python through version 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to prevent XML vulnerabilities...
cpython: Out-of-memory when loading Plist
A flaw was found in the plistlib module in the Python standard library. The amount of data to read from a Plist file is specified in the file itself. This issue allows a specially crafted Plist file to cause an application to allocate a large amount of memory, potentially resulting in allocations...
CLSA-2026-1776861173 python3: Fix of CVE-2022-48565
CVE-2022-48565: plistlib: reject XML entity declarations in plist files to prevent XXE attacks...
[SECURITY] [DSA 6125-1] usbmuxd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6125-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez February 09, 2026 https://www.debian.org/security/faq -...
USN-8018-1 python3.14, python3.13, python3.12, python3.11, python3.10, python3.9, python3.8, python3.7, python3.6, python3.5, python3.4 vulnerabilities
Denis Ledoux discovered that Python incorrectly parsed email message headers. An attacker could possibly use this issue to inject arbitrary headers into email messages. This issue only affected python3.6, python3.7, python3.8, python3.9, python3.10, python3.11, python3.12, python3.13, and...
Debian dla-4417 : usbmuxd - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4417 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-4417-1 [email protected] https://www.debian.org/lts/security/...
Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : usbmuxd vulnerability (USN-7929-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has a package installed that is affected by a vulnerability as referenced in the USN-7929-1 advisory. It was discovered that usbmuxd incorrectly handled certain paths received with the SavePairRecord command. A local attacker could...
Ubuntu: Security Advisory (USN-7929-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-7929-1: usbmuxd vulnerability
It was discovered that usbmuxd incorrectly handled certain paths received with the SavePairRecord command. A local attacker could possibly use this issue to delete and write files named .plist in arbitrary locations...
AZL-71267 CVE-2025-13837 affecting package python3 for versions less than 3.12.9-7
When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues...
EUVD-2019-8672
Malware in sbrugna...
Exploit for Missing Release of Memory after Effective Lifetime in Linux Linux_Kernel
CVE-2022-48565 PoC Introduction This is a Proof of Concep...
Exploit for Improper Restriction of XML External Entity Reference in Python
CVE-2022-48565 PoC Introduction This is a Proof of Concep...
CLSA-2023-1696880318 python2: Fix of CVE-2022-48565
CVE-2022-48565: Reject XML entity declarations in plist files...
CLSA-2023-1696879417 python2: Fix of CVE-2022-48565
CVE-2022-48565: Reject XML entity declarations in plist files...
python: Fix of CVE-2022-48565
CVE-2022-48565: Reject XML entity declarations in plist files...
CLSA-2023-1696878020 python: Fix of CVE-2022-48565
CVE-2022-48565: Reject XML entity declarations in plist files...
CLSA-2023-1696877835 python: Fix of CVE-2022-48565
CVE-2022-48565: Reject XML entity declarations in plist files...
CLSA-2023-1694538837 Fix CVE(s): CVE-2022-48565
SECURITY UPDATE: DoS in case of malicious entity directives - debian/patches/CVE-2022-48565.patch: Reject XML entity declarations in plist files - CVE-2022-48565...
CLSA-2023-1694538765 Fix CVE(s): CVE-2022-48565
SECURITY UPDATE: XML vulnerabilities in plist files - debian/patches/CVE-2022-48565.patch: Reject XML entity declarations in plist files - CVE-2022-48565...