PYSEC-2023-249

Gradio is an open-source Python package that allows you to quickly build a demo or web application for your machine learning model, API, or any arbitary Python function. Versions of gradio prior to 4.11.0 contained a vulnerability in the /file route which made them susceptible to file traversal...

CVE-2023-51649

CVE-2023-51649 affects Nautobot, a Django-based network automation platform. The issue: when submitting a Job via a Job Button, only the model-level extras.run_job permission is enforced; object-level permissions (permission to run a specific Job) are not checked by the relevant URL/view. Result:...

Exploit for Incorrect Implementation of Authentication Algorithm in Microsoft

CVE 2023 29357 Informations - Cible SharePoint Windows Se...

CentOS 7 : python (RHSA-2023:6885)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6885 advisory. - An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers such as HT...

Security Bulletin: AIX is affected by multiple vulnerabilities due to Python (CVE-2023-43804, CVE-2023-37920)

Summary Vulnerabilities in Python could allow a remote authenticated attacker to obtain sensitive information CVE-2023-43804. AIX's Python packaging also includes Certifi, which is vulnerable to CVE-2023-37920. Python is used by AIX as part of Ansible node management automation. Vulnerability...

AIX is affected by multiple vulnerabilities due to Python

IBM SECURITY ADVISORY First Issued: Thu Dec 21 08:42:03 CST 2023 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/pythonadvisory7.asc Security Bulletin: AIX is affected by multiple vulnerabilities due to Python CVE-2023-43804,...

Fedora: Security Advisory for rdiff-backup (FEDORA-2023-0fb94a1209)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PySQLRecon - Offensive MSSQL Toolkit Written In Python, Based Off SQLRecon

PySQLRecon is a Python port of the awesome SQLRecon project by @sanjivkawa. See the commands section for a list of capabilities. Install PySQLRecon can be installed with pip3 install pysqlrecon or by cloning this repository and running pip3 install . Commands All of the main modules from SQLRecon...

[SECURITY] Fedora 39 Update: rdiff-backup-2.2.6-3.fc39

rdiff-backup is a script, written in Python, that backs up one directory to another and is intended to be run periodically nightly from cron for instance. The target directory ends up a copy of the source directory, but extra reverse diffs are stored in the target directory, so you can still...

Fedora: Security Advisory (FEDORA-2023-3909a0ab0e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for Improper Access Control in Joomla Joomla\!

CVE-2023-23752 Description This repository contains Pytho...

AlmaLinux 9 : fence-agents (ALSA-2023:7753)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7753 advisory. - Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts...

[SECURITY] Fedora 38 Update: PyDrive2-1.18.0-1.fc38

Google Drive API Python wrapper library. Maintained fork of PyDrive...

Fedora: Security Advisory for PyDrive2 (FEDORA-2023-21d2191c73)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerability in Cryptography package for Python affects IBM Process Mining CVE-2023-49083

Summary There is a vulnerability in Cryptography package for Python that could allow an attacker to execute denial of service on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...

[SECURITY] Fedora 39 Update: PyDrive2-1.18.0-1.fc39

Google Drive API Python wrapper library. Maintained fork of PyDrive...

Security Bulletin: Vulnerabilities in snappy-java, Python, postgresql, Golang might affect IBM Spectrum Copy Data Management

Summary IBM Spectrum Copy Data Management can be affected by vulnerabilities in snappy-java, Python, PostgreSQL, and Golang Go. Vulnerabilities include causing a denial of service condition, causing a CPU denial of service condition, gaining access to the server's resources without being...

Amazon Linux 2023 : python3-cryptography (ALAS2023-2023-459)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-459 advisory. cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In affected versions Cipher.updateinto would accept Python objects which implement the buffer...

[SECURITY] Fedora 39 Update: python-jupyter-server-2.7.2-2.fc39

The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila...

Fedora 39 : python-jupyter-server (2023-5beead493f)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-5beead493f advisory. Security fix for CVE-2023-49080 rhbz2252897 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...