MAL-2024-10649 Malicious code in keras-preprocess (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c153be1503b6ad6b4b2a00de177c76a28d50f4612220edb1dcebf6ac85812ba2 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

Malicious code in kera-preprocess (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6eb322e12f02f6acf94ad19bc2b1c261a2753e3bc4dd74a82a63e31d73e5d9bd A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

Malicious code in keras-preprocess (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c153be1503b6ad6b4b2a00de177c76a28d50f4612220edb1dcebf6ac85812ba2 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

MAL-2024-10647 Malicious code in kera-preprocess (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6eb322e12f02f6acf94ad19bc2b1c261a2753e3bc4dd74a82a63e31d73e5d9bd A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

ffcss Security Vulnerabilities

ffcss is a CLI interface for applying and configuring Firefox CSS themes. A security vulnerability exists in versions prior to ffcss 0.2.0, which stems from a vulnerability that allows an attacker to introduce all characters of a regular expression by bypassing the limitations of the...

PT-2023-31913 · Ffcss · Ffcss

Name of the Vulnerable Software and Affected Versions: ffcss versions prior to 0.2.0 Description: The issue concerns a Late-Unicode normalization vulnerability in the lookupPreprocess function, which is used to search for themes loosely by ignoring certain characters. Due to the use of late Unico...

PT-2023-23550 · Libming · Libming

Name of the Vulnerable Software and Affected Versions: libming version 0.4.8 Description: The issue is a stack buffer overflow that occurs via the function makeswf preprocess at /util/makeswf utils.c. Recommendations: For libming version 0.4.8, at the moment, there is no information about a newer...

libming 缓冲区错误漏洞

libming is a Flash SWF output library written in C. It can be used as a library for Flash SWF output, but it can also be used for Flash SWF output. A security vulnerability exists in libming version v0.4.8, which originates from the function makeswfpreprocess in /util/makeswfutils.c containing a...

CVE-2023-26265

The Borg theme before 1.1.19 for Backdrop CMS does not sufficiently sanitize path arguments that are passed in via a URL. The function borgpreprocesspage in the file template.php does not properly sanitize incoming path arguments before using them...

SUSE CVE-2021-44686

calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS Regular Expression Denial of Service in htmlpreprocessrules in ebooks/conversion/preprocess.py...

XML External Entity (XXE) Injection

fr.opensagres.xdocreport:fr.opensagres.xdocreport.document is vulnerable to XML external entity XXE injection attacks. A remote attacker is able to inject malicious XML input via a weakly configured XML parser in the preprocess function...

CVE-2022-24440

The package cocoapods-downloader before 1.6.0, from 1.6.2 and before 1.6.3 are vulnerable to Command Injection via git argument injection. When calling the Pod::Downloader.preprocessoptions function and using git, both the git and branch parameters are passed to the git ls-remote subcommand in a...

Command Injection

Overview cocoapods-downloader is an A small library for downloading files from remotes in a folder. Affected versions of this package are vulnerable to Command Injection via git argument injection. When calling the Pod::Downloader.preprocessoptions function and using git, both the git and branch...

MGASA-2021-0593 Updated calibre packages fix security vulnerability

ReDoS vulnerability in htmlpreprocessrules in ebooks/conversion/preprocess.py...

DEBIAN-CVE-2021-44686

calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS Regular Expression Denial of Service in htmlpreprocessrules in ebooks/conversion/preprocess.py...

Calibre 资源管理错误漏洞

Calibre is an open source free all-in-one eBook reading management and format conversion tool. A security vulnerability exists in calibre before 5.32.0, which stems from the inclusion of regular expressions vulnerable to ReDoS Regular Expression Denial of Service attacks in htmlpreprocessrules in...

CVE-2021-44686

calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS Regular Expression Denial of Service in htmlpreprocessrules in ebooks/conversion/preprocess.py...

PT-2021-24154 · Calibre · Calibre

Name of the Vulnerable Software and Affected Versions: calibre versions prior to 5.32.0 Description: The issue is related to a regular expression in html preprocess rules within the ebooks/conversion/preprocess.py file that is vulnerable to ReDoS Regular Expression Denial of Service. This could...

CVE-2021-26929

An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 where the HordeTextFilter library before 2.3.7 is used. The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke us...

[SECURITY] Fedora 19 Update: procmail-3.22-36.fc19

Procmail can be used to create mail-servers, mailing lists, sort your incoming mail into separate folders/files real convenient when subscribing to one or more mailing lists or for prioritising your mail, preprocess your mail, start any programs upon mail arrival e.g. to generate different chimes...