49 matches found
MiracleLinux 7 : python-2.7.5-34.0.1.el7.AXS7 (AXSA:2015-803:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-803:01 advisory. IPy is a Python module for handling IPv4 and IPv6 Addresses and Networks in a fashion similar to perl's Net::IP and friends. The IP class allows a...
Ubuntu: Security Advisory (USN-7015-7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-7015-7: Python 2.7 regression
USN-7015-4 fixed vulnerabilities in Python. It was discovered that the fix for CVE-2023-27043 for python2.7 was incorrectly applied on Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the...
USN-7015-7 python2.7 regression
USN-7015-4 fixed vulnerabilities in Python. It was discovered that the fix for CVE-2023-27043 for python2.7 was incorrectly applied on Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the...
USN-7280-3: Python 2.7 regression
USN-7280-2 fixed vulnerabilities in Python. It was discovered that the fixes for CVE-2025-0938 and CVE-2024-11168 were incorrectly applied on Ubuntu 14.04 LTS as a result. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Python...
Ubuntu: Security Advisory (USN-7710-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-7710-2 python2.7 vulnerability
USN-7710-1 fixed vulnerabilities in Python. This update provides the corresponding fix for CVE-2025-8194 for Python 2.7. Original advisory details: It was discovered that Python inefficiently parsed maliciously crafted HTML input. An attacker could possibly use this issue to cause a denial of...
xsser
XSSER ========== Presentation From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 Demo Version 2.0 - 2015: https://www.youtube.com/playlist?list=PLIjb28IYMQgqqqApoGRCZO40vP-eKsgf Version 2.5 - 2016: https://www.youtube.com/playlist?list=PLRic6PgcrsWGkgacL6WFnSQKVRZIoofRj Version 2.75 - 2017: Non...
USN-7180-1 python2.7 vulnerabilities
It was discovered that Python incorrectly handled certain scripts. An attacker could possibly use this issue to execute arbitrary code or cause a crash. CVE-2022-48560 It was discovered that Python did not properly handle XML entity declarations in plist files. An attacker could possibly use this...
USN-7015-6 python2.7 regresssions
USN-7015-5 fixed vulnerabilities in python2.7. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the Python email module incorrectly parsed email addresses that contain special...
USN-7015-5 python2.7 vulnerabilities
USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding update for CVE-2024-6232 and CVE-2024-6923 for python2.7 in Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Original advisory details: It was discovered that the...
USN-6400-1 python2.7, python3.5 vulnerability
It was discovered that Python did not properly provide constant-time processing for a crypto operation. An attacker could possibly use this issue to perform a timing attack and recover sensitive information...
USN-6354-1 python2.7, python3.5 vulnerability
It was discovered that Python did not properly handle XML entity declarations in plist files. An attacker could possibly use this vulnerability to perform an XML External Entity XXE injection, resulting in a denial of service or information disclosure...
USN-5960-1 python2.7, python3.10, python3.5, python3.6, python3.8 vulnerability
Yebo Cao discovered that Python incorrectly handled certain URLs. An attacker could possibly use this issue to bypass blocklisting methods by supplying a URL that starts with blank characters...
SUSE CVE-2018-1000802
Python Software Foundation Python CPython version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in shutil module makearchive function that can result in Denial of service, Information gain via injection of arbitrary files on...
CLSA-2022-1658347744 Fixed CVE-2015-20107 in python2-7.module_el8.5.0+2070+77770ab7.tuxcare.els2
CVE-2015-20107: mailcap: findmatch function does not sanitise the second argument allowing to inject shell commands...
USN-4754-5 python2.7 vulnerability
USN-4754-1 fixed vulnerabilities in Python. Because of a regression, a subsequent update removed the fix for CVE-2021-3177. This update reinstates the security fix for CVE-2021-3177 in Ubuntu 14.04 ESM. Original advisory details: It was discovered that Python incorrectly handled certain inputs. A...
Exploit for CVE-2020-1938
This is a proof-of-concept PoC exploit for CVE-2020-1938, a vulnerability in Apache Tomcat's AJP protocol. The exploit is written in Python and utilizes the ajpy library to interact with the AJP protocol. The exploit targets the Local File Inclusion LFI vulnerability in Tomcat, allowing an attack...
USN-4754-1 python2.7, python3.4, python3.5, python3.6, python3.8 vulnerabilities
It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. CVE-2020-27619, CVE-2021-3177...
USN-4581-1 python2.7, python3.4, python3.5, python3.6 vulnerability
It was discovered that Python incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection...