[SECURITY] [DLA 3980-1] python3.9 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3980-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk December 02, 2024 https://wiki.debian.org/LTS -...

[SECURITY] Fedora 41 Update: mingw-python3-3.11.10-2.fc41

MinGW Windows python3...

Fedora 41 : mingw-python3 (2024-e6b1e638d1)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-e6b1e638d1 advisory. Backport fix for CVE-2024-9287 ---- Update to python-3.11.0. Tenable has extracted the preceding description block directly from the Fedora security advisory...

Fedora: Security Advisory (FEDORA-2024-5abfdba2b7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: mingw-python3-3.11.10-2.fc40

MinGW Windows python3...

Fedora: Security Advisory (FEDORA-2024-d7e2d109e2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 40 : mingw-python3 (2024-d7e2d109e2)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-d7e2d109e2 advisory. Backport fix for CVE-2024-9287 ---- Update to python-3.11.0. Tenable has extracted the preceding description block directly from the Fedora security advisory...

Advisory ROSA-SA-2024-2530

Software: python3-werkzeug 1.0.1 OS: rosa-server79 packageevrstring: python3-werkzeug-1.0.1-2.res7 CVE-ID: CVE-2023-25577 BDU-ID: 2023-02343 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the WSGI Werkzeug web application library is related to the application not properly controlling the...

openSUSE Security Advisory (SUSE-SU-2024:3997-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for OS Command Injection in Paloaltonetworks Pan-Os

CVE-2024-9474 PoC for Palo Alto PAN-OS vuln...

CVE-2024-11168 affecting package python3 for versions less than 3.9.19-7

CVE-2024-11168 affecting package python3 for versions less than 3.9.19-7. A patched version of the package is available...

Exploit for Missing Authentication for Critical Function in Really-Simple-Plugins Really_Simple_Security

wordpress-really-simple-security-authn-bypass-exploit This is...

SUSE SLES15 / openSUSE 15 Security Update : python3-wxPython (SUSE-SU-2024:3997-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:3997-1 advisory. - CVE-2024-50602: Fixed a denial of service in the vendored libexpat's XMLResumeParser function bsc1232590. Tenable has extracted the...

Security update for python3-wxPython

This update for python3-wxPython fixes the following issues: CVE-2024-50602: Fixed a denial of service in the vendored libexpat's XMLResumeParser function bsc1232590. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

SUSE-SU-2024:3997-1 Security update for python3-wxPython

This update for python3-wxPython fixes the following issues: - CVE-2024-50602: Fixed a denial of service in the vendored libexpat's XMLResumeParser function bsc1232590...

SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (Authenticated) Exploit

Exploit Title: SOPlanning 1.52.01 Simple Online Planning Tool - Remote Code Execution RCE Authenticated Date: 6th October, 2024 Exploit Author: Ardayfio Samuel Nii Aryee Version: 1.52.01 Tested on: Ubuntu import argparse import requests import random import string import urllib.parse def...

Important: python3

Issue Overview: There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. CVE-2024-6232 Affected Packages: python3 Note: This advisory is...

Important: python3

Issue Overview: There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives. CVE-2024-6232 Affected Packages: python3 Note: This advisory is...

Exploit for Out-of-bounds Write in Fortinet Fortiproxy

Usage: python3 cve-2022-42475.py rhost rport lhost lport Exempl...

bcc security update

0.30.0-6 - Rebuild with LLVM 18 RHEL-28684 0.30.0-5 - Drop python3-pyelftools dependency on s390x until it is available 0.30.0-4 - Exclude btrfs and f2fs libbpf tools RHEL-36579 0.30.0-3 - Really prevent the loading of compromised headers RHEL-28769, CVE-2024-2314 - Add python3-pyelftools...