EUVD-2024-2221

Malicious code in bioql PyPI...

EUVD-2024-0163

Malicious code in bioql PyPI...

rtfm

This is a Debian package for a Python application called "RTFM" Read The Fine Manual. The package is version 0.96-RC1 and is intended for the "all" architecture. The package contains a single file, "rtfm.py", which is the main executable script for the application. The package also contains a...

CVE-2025-24795

The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. On Linux systems, when temporary credential...

CVE-2021-32618

The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is an independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. All versions of Flask-Security-Too allow redirects after many successful views e....

Exploit for CVE-2025-24752

CVE-2025-24752-POC Introduction This python application c...

Snowflake Connector for Python 代码问题漏洞

Snowflake Connector for Python is an open source interface from Snowflake Computing. It is used to develop Python applications that can connect to Snowflake and perform all standard operations. A code issue vulnerability exists in Snowflake Connector for Python versions prior to 3.13.1, which ste...

CVE-2024-41951 PheonixAppAPI has visible Encoding Maps

Pheonix App is a Python application designed to streamline various tasks, from managing files to playing mini-games. The issue is that the map of encoding/decoding languages are visible in code. The Problem was patched in 0.2.4...

CVE-2024-41951

The CVE-2024-41951 issue affects Pheonix App (PheonixAppAPI) where the map of encoding/decoding languages is visible in the source, described as a moderate impact vulnerability. Root cause: encoding/decoding language mappings exposed in code. Affected versions were prior to 0.2.4, with a patch re...

Design/Logic Flaw

PyInstaller bundles a Python application and all its dependencies into a single package. A PyInstaller built application, elevated as a privileged process, may be tricked by an unprivileged attacker into deleting files the unprivileged user does not otherwise have access to. A user is affected if...

CVE-2023-49797 Local Privilege Escalation in pyinstaller on Windows

PyInstaller bundles a Python application and all its dependencies into a single package. A PyInstaller built application, elevated as a privileged process, may be tricked by an unprivileged attacker into deleting files the unprivileged user does not otherwise have access to. A user is affected if...

USN-4962-1: Babel vulnerability

It was discovered that Babel incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

vulscan

This is a Python-based web application for vulnerability scanning and management. The application is built using Django and has several features, including: 1. Vulnerability Scanning: The application can scan for vulnerabilities in websites and applications using a list of predefined POC Proof of...

LiMEaide - Tool to remotely dump RAM of a Linux client

LiMEaide is a python application designed to remotely dump RAM of a Linux client and create a volatility profile for later analysis on your local host. I hope that this will simplify Linux digital forensics in a remote environment. In order to use LiMEaide all you need to do is feed a remote Linu...

OpenStack Keystone Detection

OpenStack Keystone, a Python application that provides identity, token, catalog and policy services to other OpenStack components was found on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid62353; scriptversion"1.3"; scriptcvsdate"Date: 2019/11/22";...

Mailman Utils.py Spoofed Log Entry Injection

The version of Mailman installed on the remote host fails to sanitize user-supplied input before writing it to the application's 'error' log. An unauthenticated, remote attacker can leverage this flaw to spoof log messages. In addition, the application reportedly is affected by a denial of servic...

python -- buffer overrun in repr() for unicode strings

Benjamin C. Wiley Sittler reports: I discovered a buffer overrun in repr for unicode strings. This causes an unpatched non-debug wide UTF-32/UCS-4 build of python to abort. Ubuntu security team reports: If an application uses repr on arbitrary untrusted data, this bug could be exploited to execut...