Amazon Linux 2 : python3 (ALAS-2023-2222)

The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2222 advisory. An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primaril...

DorXNG - Next Generation DorX. Built By Dorks, For Dorks

DorXNG is a modern solution for harvesting OSINT data using advanced search engine operators through multiple upstream search providers. On the backend it leverages a purpose built containerized image of SearXNG, a self-hosted, hackable, privacy focused, meta-search engine. Our SearXNG...

Oracle Linux 7 : python3 (ELSA-2020-1132)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1132 advisory. - Security fix for CVE-2019-16056 Resolves: rhbz1750774 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Oracle Linux 8 : python3 (ELSA-2019-3520)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3520 advisory. - Fix for CVE-2019-10160 Resolves: rhbz1689318 - Security fix for CVE-2019-9948 Resolves: rhbz1714643 - Fixes CVE-2019-9740 and CVE-2019-9947 Resolves:...

CLSA-2023-1693986539 python3: Fix of 2 CVEs

CVE-2022-48565: Reject XML entity declarations in plist files - CVE-2022-48566: Remove possible time-affected optimization...

Moderate: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.4 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Information Disclosure

python3 is vulnerable to Information Disclosure. The vulnerability can be exploited by an attacker to bypass the TLS handshake and send unencrypted data to the server. This data could be used to modify or delete resources that are authenticated only by a TLS certificate, which makes it possible f...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-2663)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-2705)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for Path Traversal in Stagil Stagil_Navigation

CVE-2023-26255 CVE-2023-26256 POC FOFA: body="JI...

Exploit for Path Traversal in Stagil Stagil_Navigation

POC script for the vulnerability exposure in the Jira plugin S...

Exploit for Improper Authentication in Ivanti Endpoint_Manager_Mobile

CVE-2023-35078 Ivanti Endpoi...

Important Photon OS Security Update - PHSA-2023-5.0-0084

Updates of 'python3-gevent' packages of Photon OS have been released...

Exploit for Server-Side Request Forgery in Rbaskets Request_Baskets

Maltrail v0.53 RCE PoC for Maltrail v0.53 RCE I could not get...

Exploit for Path Traversal in Stagil Stagil_Navigation

CVE-2023-26256POC fofa:body="JIRA"&&body="2.0.50"...

Exploit for Path Traversal in Stagil Stagil_Navigation

CVE-2023-26256POC fofa:body="JIRA"&&body="2.0.50"...

Chimera - Automated DLL Sideloading Tool With EDR Evasion Capabilities

While DLL sideloading can be used for legitimate purposes, such as loading necessary libraries for a program to function, it can also be used for malicious purposes. Attackers can use DLL sideloading to execute arbitrary code on a target system, often by exploiting vulnerabilities in legitimate...

Amazon Linux 2023 : python3-mako (ALAS2023-2023-288)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-288 advisory. Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin. CVE-2022-40023 Tenable has extract...

openSUSE 15 Security Update : virtualbox (openSUSE-SU-2023:0213-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2023:0213-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

SUSE SLES15 Security Update : python-pip (SUSE-SU-2023:3183-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2023:3183-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...