MiracleLinux 7 : python-flask-0.10.1-7.el7 (AXSA:2023-5938:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-5938:01 advisory. flask: Possible disclosure of permanent session cookie due to missing Vary: Cookie header CVE-2023-30861 Tenable has extracted the preceding description bloc...

MiracleLinux 7 : python-flask-0.10.1-5.el7 (AXSA:2020-4499:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4499:01 advisory. python-flask: Denial of Service via crafted JSON file CVE-2018-1000656 Tenable has extracted the preceding description block directly from the MiracleLinux...

Mageia: Security Advisory (MGASA-2025-0286)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2024-2388

Malicious code in bioql PyPI...

[SECURITY] Fedora 42 Update: python-flask-3.1.2-2.fc42

Flask is called a =E2=80=9Cmicro-framework=E2=80=9D because the idea to keep the core simple but extensible. There is no database abstraction layer, no form validation or anything else where different libraries already exist that can handle that. However Flask knows the concept of extensions that...

Fedora: Security Advisory (FEDORA-2025-55e69c9cea)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for CVE-2018-2636

This is a low-interaction honeypot designed to detect the CVE-2018-2636 directory traversal vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications MICROS. The honeypot simulates a MICROS server and allows attackers to use the vulnerability to "steal files" a...

Ubuntu: Security Advisory (USN-7612-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-4197-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 4197-1] python-flask-cors security update

Debian LTS Advisory DLA-4197-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert May 31, 2025 https://wiki.debian.org/LTS Package : python-flask-cors Version : 3.0.9-2+deb11u1 CVE ID : CVE-2024-1681 CVE-2024-6839 CVE-2024-6844 CVE-2024-6866 Debian Bug : 1069764 11009...

Debian dla-4197 : python3-flask-cors - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4197 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4197-1 [email protected]...

DLA-4197-1 python-flask-cors - security update

Bulletin has no description...

[SECURITY] Fedora 42 Update: mingw-python-flask-3.1.1-1.fc42

MinGW Windows Python flask...

Fedora: Security Advisory (FEDORA-2025-853e37285c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-e5558a889a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-8055

Vanna v0.6.3 is vulnerable to SQL injection via Snowflake database in its file staging operations using the PUT and COPY commands. This vulnerability allows unauthenticated remote users to read arbitrary local files on the victim server, such as /etc/passwd, by exploiting the exposed SQL queries...

CVE-2024-8055 Local File Read (LFI) by Prompt Injection via SnowFlake SQL in vanna-ai/vanna

Vanna v0.6.3 is vulnerable to SQL injection via Snowflake database in its file staging operations using the PUT and COPY commands. This vulnerability allows unauthenticated remote users to read arbitrary local files on the victim server, such as /etc/passwd, by exploiting the exposed SQL queries...

CVE-2024-5753

vanna-ai/vanna version v0.3.4 is vulnerable to SQL injection in some file-critical functions such as pgreadfile. This vulnerability allows unauthenticated remote users to read arbitrary local files on the victim server, including sensitive files like /etc/passwd, by exploiting the exposed SQL...

Fedora 41 : python-flask-cors (2024-e5558a889a)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-e5558a889a advisory. Automatic update for python-flask-cors-4.0.1-1.fc41. Changelog Mon Jun 3 2024 Frantiek Zatloukal - 4.0.1-1 - flask-cors-4.0.1 RHBZ2279177 and RHBZ2276153...

CentOS 7 : python-flask (RHSA-2020:0870)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:0870 advisory. - The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory...