CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

807 matches found

vulnersOsv•added 2025/11/04 1:47 p.m.•7 views

ailite (>=6.0.0 <=6.1.10), automatic-goggles (>=0.1.0 <=0.8.0) +35 more potentially affected by CVE-2025-12695 via dspy (>=0.1.5 <=3.1.0)

dspy PYPI version =0.1.5, =6.0.0, =0.1.0, =2.5.5, =0.1.0, =2.8.0, =0.2.1, =0.1.6.dev17, =0.2.0, =0.2.5 and more Source cves: CVE-2025-12695 Source advisory: SNYK:PYTHON-DSPY-13832222...

5.9CVSS5.4AI score0.00302EPSS

Exploits0

vulnersOsv•added 2025/10/28 10:41 p.m.•6 views

aenvironment (=0.1.7rc1), agentic-ai-engineering-course (>=0.4.6 <=0.4.7) +178 more potentially affected by CVE-2025-62801 via fastmcp (>=2.0.0 <=2.13.0)

fastmcp PYPI version =2.0.0, =0.4.6, =1.8.0, =3.2.0, =3.2.0, =4.2.2, =3.0.2, =0.2.7, =1.0.0rc1, =0.2.7, =1.7.3, =0.1.12, =0.9.30, =0.14.3, =0.18.5 and more Source cves: CVE-2025-62801 Source advisory: SNYK:PYTHON-FASTMCP-13745516...

7.8CVSS5.4AI score0.00188EPSS

Exploits1

Tenable Nessus•added 2025/10/28 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2025-62706

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.5, Authlib's JWE zip=DEF path performs unbounded DEFLATE...

6.5CVSS5.7AI score0.00418EPSS

Exploits1References2

Fedora•added 2025/10/25 9:19 p.m.•7 views

[SECURITY] Fedora 43 Update: python3.10-3.10.19-1.fc43

Python 3.10 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.10 package provides the "python3.10" executable:...

7.2AI score

Exploits0

Packet Storm News•added 2025/10/23 12:0 a.m.•4 views

Impacket 0.13.0

Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and, for some protocols e.g. SMB1-3 and MSRPC, the protocol implementation itself. Packets can be constructed from scratch, as well as parse...

6.8AI score

Exploits0

OSV•added 2025/10/20 5:56 p.m.•3 views

CLSA-2025-1760983006 python3: Fix of CVE-2025-8194

Bump package Release to 21.0.5 - CVE-2025-8194: tarfile: validate archives to ensure member offsets are non-negative...

7.5CVSS7.1AI score0.00586EPSS

Exploits0References1

OSV•added 2025/10/20 12:41 p.m.•2 views

USN-7828-1 python-ldap vulnerabilities

It was discovered that Python LDAP incorrectly handled special characters in the special character filtering function. A remote attacker could possibly use this issue to perform LDAP injection attacks. CVE-2025-61911 Arad Inbar discovered that Python LDAP incorrectly escaped NUL character bytes. ...

6.9CVSS6.7AI score0.00418EPSS

Exploits2References3

OPENSUSE Linux•added 2025/10/15 12:0 a.m.•7 views

python311-Authlib-1.6.5-1.1 on GA media (moderate)

python311-Authlib-1.6.5-1.1 on GA media Announcement ID: openSUSE-SU-2025:15629-1 Rating: moderate Cross-References: CVE-2025-61920 CVSS scores: CVE-2025-61920 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-61920 SUSE : 8.7...

8.7CVSS7.2AI score0.00582EPSS

Exploits1

NVD•added 2025/10/10 10:15 p.m.•3 views

CVE-2025-61911

python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...

6.9CVSS0.00294EPSS

Exploits1References3

Cvelist•added 2025/10/10 10:4 p.m.•12 views

CVE-2025-61912 python-ldap Vulnerable to Improper Encoding or Escaping of Output and Improper Null Termination

python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, ldap.dn.escapednchars escapes \x00 incorrectly by emitting a backslash followed by a literal NUL byte instead of the RFC-4514 hex form \00. Any application that uses this helper to...

6.9CVSS0.00418EPSS

Exploits1References3

Vulnrichment•added 2025/10/10 10:2 p.m.•2 views

CVE-2025-61911 python-ldap has sanitization bypass in ldap.filter.escape_filter_chars

6.9CVSS6.6AI score0.00294EPSS

Exploits1References3

Tenable Nessus•added 2025/10/10 12:0 a.m.•2 views

SUSE SLES15 / openSUSE 15 Security Update : python-xmltodict (SUSE-SU-2025:03511-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:03511-1 advisory. - CVE-2025-9375: XML injection vulnerability in xmltodict allows input data manipulation bsc1249036. Tenable has extracted th...

6.9CVSS5.5AI score0.00417EPSS

Exploits0References4

vulnersOsv•added 2025/10/07 9:35 p.m.•3 views

agentics-py (>=0.0.0 <=0.0.5), agilerl (>=2.3.5 <=2.4.1.dev1) +16 more potentially affected by CVE-2025-61620 via vllm (>=0.10.0 <=0.10.2)

vllm PYPI version =0.10.0, =0.0.0, =2.3.5, =0.1.0, =1.0.1rc1, =0.0.4, =0.1.5, =1.0.0, =0.2.4, =0.1.1, =0.1.2, =0.1.2, =0.1.0, =0.1.2 and more Source cves: CVE-2025-61620 Source advisory: SNYK:PYTHON-VLLM-13450626...

6.2AI score0.00207EPSS

Exploits1