SUSE SLES15 Security Update : python-pip (SUSE-SU-2023:3184-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2023:3184-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager

Refresh This container emulates the vulnerable functionality o...

Exploit for Incorrect Authorization in Cacti

CVE-2022-46169 PoC: Authentication Bypass and Remote Code Exec...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-2530)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-2517)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Uvdesk 1.1.3 Shell Upload

Exploit Title: Uvdesk v1.1.3 - File Upload Remote Code Execution RCE Authenticated Date: 28/07/2023 Exploit Author: Daniel Barros @cupc4k3d - Hakai Offensive Security Vendor Homepage: https://www.uvdesk.com Software Link: https://github.com/uvdesk/community-skeleton Version: 1.1.3 Example: python...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-2490)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.9.1 : python3 (EulerOS-SA-2023-2517)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a UR...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-2465)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Uvdesk v1.1.3 - File Upload Remote Code Execution (Authenticated) Exploit

Exploit Title: Uvdesk v1.1.3 - File Upload Remote Code Execution RCE Authenticated Exploit Author: Daniel Barros @cupc4k3d - Hakai Offensive Security Vendor Homepage: https://www.uvdesk.com Software Link: https://github.com/uvdesk/community-skeleton Version: 1.1.3 Example: python3 CVE-2023-39147....

EulerOS Virtualization 2.9.0 : python3 (EulerOS-SA-2023-2530)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a UR...

CentOS: Security Advisory for python3 (CESA-2023:3556)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.10.0 : python3 (EulerOS-SA-2023-2490)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a UR...

EulerOS Virtualization 2.10.1 : python3 (EulerOS-SA-2023-2465)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a UR...

CentOS 7 : python3 (RHSA-2023:3556)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3556 advisory. - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank...

Exploit for Server-Side Request Forgery in Rbaskets Request_Baskets

CVE-2023-27163 Poc of SSRF for Request-Baskets CVE-2023-27163...

Exploit for Off-by-one Error in F5 Nginx

CVE-2021-23017...

Amazon Linux 2023 : python3-configobj (ALAS2023-2023-254)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-254 advisory. All versions of the package configobj are vulnerable to Regular Expression Denial of Service ReDoS via the validate function, using .+?.. Note: This is only exploitable in the case of a developer,...

Amazon Linux 2023 : python3-setuptools, python3-setuptools-wheel (ALAS2023-2023-245)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-245 advisory. Python Packaging Authority PyPA setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression...

Amazon Linux 2023 : python3-wheel, python3-wheel-wheel (ALAS2023-2023-261)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-261 advisory. An issue discovered in Python Packaging Authority PyPA Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. CVE-2022-40898 Tenable ha...