Amazon Linux 2023 : python3-cryptography (ALAS2023-2023-446)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-446 advisory. cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling loadpempkcs7certificates or loadderpkcs7certificates could lead to a NULL-pointer...

Amazon Linux 2023 : python3-pip, python3-pip-wheel (ALAS2023-2023-442)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-442 advisory. When installing a package from a Mercurial VCS URL ie pip installhg+... with pip prior to v23.3, the specified Mercurial revision couldbe used to inject arbitrary configuration options to the hg cloneca...

Amazon Linux 2023 : python3-urllib3 (ALAS2023-2023-454)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-454 advisory. urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python3-cryptography (SUSE-SU-2023:4843-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:4843-1 advisory. - cryptography is a package designed to expose cryptographic primitives and recipes to Python developers...

SUSE-SU-2023:4843-1 Security update for python3-cryptography

This update for python3-cryptography fixes the following issues: - CVE-2023-49083: Fixed a NULL pointer dereference when loading certificates from a PKCS7 bundle bsc1217592...

Amazon Linux 2023 : python3-pillow, python3-pillow-devel, python3-pillow-tk (ALAS2023-2023-453)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-453 advisory. An issue was discovered in Pillow before 10.0.0. It is a Denial of Service that uncontrollably allocates memory to process a given task, potentially causing a service to crash by having it run out of...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-3284)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-3256)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for Improper Access Control in Joomla Joomla\!

CVE-2023-23752 Joomla! v4.2.8 - Unauthenticated Information Di...

Fedora: Security Advisory (FEDORA-2023-9954dae554)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: python2.7-2.7.18-36.fc38

Python 2 is an old version of the language that is incompatible with the 3.x line of releases. The language is mostly the same, but many details, especial ly how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been...

[SECURITY] Fedora 39 Update: python2.7-2.7.18-36.fc39

Python 2 is an old version of the language that is incompatible with the 3.x line of releases. The language is mostly the same, but many details, especial ly how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been...

Exploit for Code Injection in Realtimelogic Fuguhub

Description This script is a Proof of Concept PoC exploit I...

Porch-Pirate - The Most Comprehensive Postman Recon / OSINT Client And Framework That Facilitates The Automated Discovery And Exploitation Of API Endpoints And Secrets Committed To Workspaces, Collections, Requests, Users And Teams

Porch Pirate started as a tool to quickly uncover Postman secrets, and has slowly begun to evolve into a multi-purpose reconaissance / OSINT framework for Postman. While existing tools are great proof of concepts, they only attempt to identify very specific keywords as "secrets", and in very...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Imagemagick

Fixed version of CVE-2022-44268 Some PoCs don't work for spec...

Exploit for Files or Directories Accessible to External Parties in Artifex Ghostscript

CVE-2023-36664 : Ghostscript remote code execution Proof of c...

SUSE-SU-2023:4607-1 Security update for python3-Twisted

This update for python3-Twisted fixes the following issues: - CVE-2023-46137: Fixed issue inside serializing pipelined HTTP requests. bsc1216588...

SUSE SLES15 / openSUSE 15 Security Update : python3-Twisted (SUSE-SU-2023:4607-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:4607-1 advisory. - Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc1, when sending multiple HTTP...

Debian dla-3672 : postgresql-11-python-multicorn - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3672 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3672-1 [email protected] https://www.debian.org/lts/security/...

Important Photon OS Security Update - PHSA-2023-5.0-0155

Updates of 'python3-urllib3' packages of Photon OS have been released...