Amazon Linux 2 : python3-tornado (ALAS-2023-2133)

The version of python3-tornado installed on the remote host is prior to 5.0.2-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2133 advisory. Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a us...

Amazon Linux 2 : python3-requests (ALAS-2023-2111)

The version of python3-requests installed on the remote host is prior to 2.14.2-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2111 advisory. A flaw was found in the Python-requests package, where it is vulnerable to potentially leaking Proxy- Authorization heade...

Amazon Linux 2 : python3-pygments (ALAS-2023-2117)

The version of python3-pygments installed on the remote host is prior to 2.2.0-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2117 advisory. In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some...

Amazon Linux 2023 : python3-requests, python3-requests+security, python3-requests+socks (ALAS2023-2023-236)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-236 advisory. A flaw was found in the Python-requests package, where it is vulnerable to potentially leaking Proxy- Authorization headers to destination servers, specifically during redirects to an HTTPS origin. This...

SUSE-SU-2023:2883-1 Security update for python3-requests

This update for python3-requests fixes the following issues: - CVE-2023-32681: Fixed unintended leak of Proxy-Authorization header bsc1211674...

Medium: python3-pygments

Issue Overview: In pygments 1.1+, fixed in 2.7.4, the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input, an attacker can cause a...

RHEL 8 : bind9.16 (RHSA-2023:4100)

"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4100 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...

Exploit for SQL Injection in Cisco Smart_Software_Manager_On-Prem

CVE-2023-20110 PoC script for CVE-2023-20110 -...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Imagemagick

It is an exploit module targeting Apache Log4j. The target produ...

Critical Photon OS Security Update - PHSA-2023-4.0-0427

Updates of 'flannel', 'kubernetes-dns', 'calico', 'redis', 'kubernetes', 'python3' packages of Photon OS have been released...

Exploit for Improper Authentication in Automattic Woocommerce_Payments

CVE-2023-28121 WooCommerce Payments - For installing requirem...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-2339)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2023-2319)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : python3 (EulerOS-SA-2023-2339)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts...

EulerOS 2.0 SP9 : python3 (EulerOS-SA-2023-2319)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts...

Exploit for Path Traversal in Icinga Icinga_Web_2

Icinga Web 2 - Authenticated Remote Code Execution 2.8.6, 2.9...

Golddigger - Search Files For Gold

Gold Digger is a simple tool used to help quickly discover sensitive information in files recursively. Originally written to assist in rapidly searching files obtained during a penetration test. Installation Gold Digger requires Python3. virtualenv -p python3 . source bin/activate python dig.py...

Important: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security...

RHEL 8 : python3 (RHSA-2023:3935)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3935 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...